I apologize if this is a simple question just wanted to ask this before I start changing parts of my NextCloud install as it has been running great. Today I logged into my installation and went to update to 12.03 from the UI updater but received the follow error.
It was only a thought, I am not as good as others at knowing all the in’s and out’s of linux and apache. Like I said I apologize if it’s a bad question I am just looking for some direction as I don’t want to break something that is already running, just wanted to install the update. To my understanding there is no real reason that www-data should ever have full access to these files as I understand that to be a security issue. My understanding is that www-data only should have read access to these files but again not having as much knowledge as others I was just looking for help or direction.
The old thinking was the file permissions need to be hardened and whatnot, however more recently this has been considered redundant and the strong permissions script retired, so as a web application, please grant www-data ownership over the install and you’ll not see these errors again
Thank you to both for hopping in and helping. I have one more question, I went ahead and using the path that was posted in the error above at /var/www/nextcloud/updater. From there I gave www-data ownership of updater folder with chown -R www-data /var/www/nextcloud/updater and then checked to make sure it was the owner and it is. I tried to update and received the same error. Then I thought oh! i forgot the change permissions so I gave it 700 R,W,X for just the owner since the owner is www-data no reason to open it farther. I used chmod 700 -R path referenced above then verified that took place and tried again. Same error, I am sure I am doing something wrong just not sure what. I appreciate the help and direction from all.
Thanks for the reply, some of the folders in /var/www/nextcloud were actually owned by root. Changing /var/www/nextcloud to www-data as owner fixed the issue.
I migrated files from a Synology installation using rsync (updated the database correctly afterwards). I am using Docker and owner is abc not www-data (linuxserver.io implementation). I noticed my files/folders had all different permissions so without realising the strong permissions topic was no longer recommended I changed all folders/files except .htaccess (x2) to 0750 (folders) and files to 0640 (htaccess permissions I set to root:abc and 0644). When new folders get created the folder and file clearly has a different permission.
I searched the admin manual and could not find what should be the standard default permissions and what script etc sets them. If I want to go back on all files/folders what should I do and does this apply also to .htaccess. Any help would be appreciated. Thanks.