Unable to edit www-data owned file as truenas admin

jains · December 8, 2024, 8:33am

newbie just installed truenas scale TrueNAS SCALE ElectricEel 24.10 [release], and trying to setup nextcloud. The app installed but to configure the html page for nextcloud does not open up from remote machine, as per nextcloud rules. To enable the IP, I need to update the config files.

So I log into truenas shell via browser, logged in as default truenas_admin but can’t update the config file. the file permissions indicate its owned by www-data. so I think I do chmod 775, and since both are root group, it will unblock. but NO. it fails.

why is truenas not really the superuser that can do such things?
what do I do edit the config (www-data is builtin user, and I can’t login as that)

Sorry, its very basic question but I am still lost. thanks

-rw-r--r-- 1 www-data www-data    70 Dec  2 22:26 apcu.config.php
-rw-r--r-- 1 www-data www-data   377 Dec  2 22:26 apps.config.php
-rw-r--r-- 1 www-data www-data  2110 Dec  2 22:26 autoconfig.php
-rw-r----- 1 www-data www-data  1299 Dec  3 00:20 config.php
-rw-r--r-- 1 www-data www-data 81625 Dec  2 22:26 config.sample.php
-rw-r--r-- 1 www-data www-data   583 Dec  2 22:26 redis.config.php
-rw-r--r-- 1 www-data www-data   991 Dec  2 22:26 reverse-proxy.config.php
-rw-r--r-- 1 www-data www-data  2235 Dec  2 22:26 s3.config.php
-rw-r--r-- 1 www-data www-data   933 Dec  2 22:26 smtp.config.php
-rw-r--r-- 1 www-data www-data  1103 Dec  2 22:26 swift.config.php
-rw-r--r-- 1 www-data www-data    60 Dec  2 22:26 upgrade-disable-web.config.php

oxyde · December 8, 2024, 10:08am

IMHO not really a good idea.

I think the better way to achieve this is access to the container console (where you should be the owner user) and apply the desired change to the config file. But wait someone else more expert

bacon · December 8, 2024, 10:27am

That is common security practice that pretty much any linux distributions follows. Direct root login has been discouraged for decades now. The user truenas_admin does have unlimited sudo access, which effectively makes it a superuser.

what do I do edit the config (www-data is builtin user, and I can’t login as that)

There are numerious options for that. If you need a infrequent way to edit files you can use sudoedit.

For example (obviously you need to adjust the path):

sudoedit /mnt/tank/owncloud/config/config.php

jains · December 8, 2024, 5:17pm

Thanks, this worked!

for context I cut my teeth on linux 30 years back when vi/emacs wars were common. so I was expecting to just do the operations by bruteforce … since truenasd_admin had root privileges.

this is definitely safer, and dont have to do/undo temp change of ownerships.