Hi,
I’m new to this forum, so let me introduce myself. I’m a 50-year old Austrian living in South France, and I’m the manager/admin of Microlinux, a small IT company with a focus on Linux and Open Source software.
I’m currently experimenting with Xibo on one of my servers. I’ve read the documentation and several tutorials, I took extensive notes, and now I have a few questions. First things first.
I didn’t opt for the Docker installation, since I prefer the “classic” web server setup. All my public machines are currently running CentOS 7.
So far all the checkboxes in the installation script are checked. Apache and PHP are fine, all PHP modules are installed, and Xibo is running nicely.
The various tutorials give rather wide permissions to the installation, and everything is supposed to belong to the user and the group running the web server, which in my case is apache:apache.
This is bad policy however, so I’d like to restrict this to the bare minimum. Here’s my question to the devs:
Which files/directories does the application need to write to?
Usually all my various web applications (OwnCloud, WordPress, Dolibarr, etc.) are owned by a non-root user, and only when the application needs to write somewhere, the file/directory is owned by user:apache, with file permissions usually set to 0660 and directories to 0770.
Any suggestions?
Cheers!