Best way to restore correct permissions in /var/www on NextCloudPi image

Hello,

I have a NextCloudPi image running on a Rapsberry Pi3. I am trying to host my own test webpage. I made a folder in /var/www/testsite and a Virtualhost - testsite.conf in /etc/apache2… I was issuing these commands from an ssh shell as ROOT. I figured out the files and folders need permissions same as the group: www-data because the html file was not working in the browser.

I ended up doing a chown -R and giving the entire /var/www folder and sub-folders 750 permission. Now I can’t log in to NextCloudPi web interface, I get the error message: “Cannot write into “config” directory! This can usually be fixed by giving the webserver write access to the config directory”

Now I wish I could revert all the file/folder permissions in /var/www to what they were. What would be the best way of doing this aside from re-installing NextCloudPi? Could I cop the /var/www folder from another installation or something? Maybe only a few files and folders will need to have their permissions fixed? If so does anyone know which ones?

Any help gratefully appreciated,

Flex

I followed the response in this support question: Nextcloud 12 - strong directory permissions
and now it is working again.

Here is what I did to get my NextCloudPi working again…

Step 1 >> sudo chown www-data:www-data -R /var/www
Step 2 >> cd /usr/bin
Step 3 >> nano setup_secure_permissions_nextcloud.sh
Step 4 Copied this script: setup_secure_permissions_nextcloud.sh into the terminal window and saved the file
Step 5 >> chmod +x /usr/bin/setup_secure_permissions_nextcloud.sh
Step 6 >> ./setup_secure_permissions_nextcloud.sh

This fixed the permissions back to strong permissions for the whole /var/www folder.

Flex

1 Like

After that delete the script, because

gives all user the right to execute. It can be a security leak. Without it, not anymore :slight_smile:

This ruined my entire system’s permissions. I guess it my fault for trusting a script without reading it. Let this be a warning to anyone who landed here from google. Do not run this if you have critical systems on a server. ¯_(ツ)_/¯