From da7b7d0f9d9d8ab200774277166f808bb414831a Mon Sep 17 00:00:00 2001 From: Carla Schroder Date: Fri, 2 Jan 2015 10:14:22 -0800 Subject: [PATCH] Corrections to strong directory permissions --- admin_manual/installation/installation_wizard.rst | 7 +++++++ admin_manual/installation/linux_installation.rst | 9 ++++++++- admin_manual/installation/source_installation.rst | 6 ++++-- 3 files changed, 19 insertions(+), 3 deletions(-) diff --git a/admin_manual/installation/installation_wizard.rst b/admin_manual/installation/installation_wizard.rst index 710650535..2fe8f070e 100644 --- a/admin_manual/installation/installation_wizard.rst +++ b/admin_manual/installation/installation_wizard.rst @@ -79,6 +79,13 @@ Finish Installation * ownCloud will set up your cloud according to the given settings * When it's finished, it will log you in as administrative user and present the "Welcome to ownCloud" screen. + +Setting Strong Directory Permissions +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +For improved server security, you should set strong permissions on your +ownCloud directories according to the **Setting Strong Directory Permissions** +section of :doc:`source_installation`. Trusted Domains ~~~~~~~~~~~~~~~ diff --git a/admin_manual/installation/linux_installation.rst b/admin_manual/installation/linux_installation.rst index f4bb4304c..da7176b05 100644 --- a/admin_manual/installation/linux_installation.rst +++ b/admin_manual/installation/linux_installation.rst @@ -5,7 +5,14 @@ Preferred Linux Installation Method Supported Distribution Packages ------------------------------- -Ready-to-use packages are available at the ownCloud repository on the `openSUSE Build Service`_ for a variety of Linux distributions. Follow the instructions for your distro to add the oBS repository, download and install the repo signing key, and install ownCloud. Then run the Installation Wizard to complete your installation. (see :doc:`installation_wizard`). +Installing ownCloud on Linux from the `openSUSE Build Service`_ packages is the +preferred method. These are maintained by ownCloud engineers, and you can use +your package manager to keep your ownCloud server up-to-date. Ready-to-use +packages are available at the ownCloud repository on the for a variety of Linux +distributions. Follow the instructions for your distro to add the oBS +repository, download and install the repository signing key, and install +ownCloud. Then run the Installation Wizard to complete your installation. (see +:doc:`installation_wizard`). If your distribution is not listed, your Linux distribution may maintain its own ownCloud packages, or you may prefer to install from source code (see :doc:`source_installation`). diff --git a/admin_manual/installation/source_installation.rst b/admin_manual/installation/source_installation.rst index 821cede8b..a8f0d6489 100644 --- a/admin_manual/installation/source_installation.rst +++ b/admin_manual/installation/source_installation.rst @@ -190,6 +190,8 @@ as possible. These commands should be executed immediately after the initial ins chown -R root:root /path/to/owncloud/ chmod -R 755 /path/to/owncloud/ + chown : /path/to/owncloud/config/ + chmod 0750 /path/to/owncloud/config/ chown : /path/to/owncloud/config/config.php chmod 750 /path/to/owncloud/config/config.php chown -R : /path/to/owncloud/data/ @@ -200,7 +202,7 @@ as possible. These commands should be executed immediately after the initial ins chmod 750 /path/to/owncloud/apps/ These strict permissions will prevent the Updater app from working (see :doc:`../maintenance/update`). If you use the Updater app, it needs your whole -ownCloud directory to be owned by the http-user, like these examples: +ownCloud directory to be owned by the HTTP user, like these examples: * This example is for Ubuntu 14.04 LTS server:: @@ -218,7 +220,7 @@ ownCloud directory to be owned by the http-user, like these examples: chown -R wwwrun:www /path/to/owncloud/ -After the Update app has run, you should re-apply the strict permissions. +After the Updater app has run, you should re-apply the strict permissions. SELinux -------