Category Archives: afp

Combined network- / webshare: file ownership and permissions

I'm using a combination of pyd.io and netatalk to have my remote storage available at home and from anywhere. So far (reading) everything works fine, but now — while trying to upload something for the first time — I have a problem that causes me a headache.

The directory /mnt/data is shared via afpd (netatalk) to as normal user pi (yes, I started with a Raspberry). Thus, file ownership is pi:pi, permissions 755. Works great: I can read and write locally and from a mac via netatalk.

The same directory is shared via pyd.io via apache2. Reading works perfectly, however, writing does not, as apache runs under user www-data:www-data. If I chmod to 777for test purposes, new files are created under www-data:www-data ownership (of course). But, they are then not writable for user pi via netatalk.

I really don't know how to solve this issue, since combining the two (running apache under pi or similar) seems to be very insecure.