Securing OwnCloud and granting my user permission to the files
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Securing OwnCloud and granting my user permission to the files
Ok, I got owncloud working great. It's secured with ssl, but I want one step better.
I want to encrypt the entire partition if possible. What do I do to get that going? Will owncloud work if the partition is encrypted? Can I do it without deleting everything. I was able to encrypt my home directory after an install and I'd like to do the same thing here if possible.
Also, the www-data user owns all the files. I want my regular user who has sudo power to be able to go into those encrypted folders and view and modify all the files without any extra hassle.
Is all this possible or am I in a dream world? Lastly, I need to be able to run scripts that backup those owncloud folders to another server. Is this all possible if it's encrypted? I just don't have much experience working with encrypted partitons/folders/files.
AFAIK Owncloud resides in /var/www/owncloud or something. It uses a database as backend and can incorporate local and remote file systems into its own virtual file system. What you could encrypt without loss depends on your disk layout (partitions) and how much space you have left. For example if you have enough space left on disk for another partition you could create a new one, set up LUKS and a file system, temporarily mount it somewhere, copy /var/www/owncloud into it, delete the "old" /var/www/owncloud and then crypt-mount the new file system as /var/www/owncloud. OTOH if you only have "/" and "/home" and no space left and you want to encrypt the whole "/" then it's probably faster to make a backup, install your OS anew and restore from your backup taking care not to overwrite anything that has to do with kernels, images, or encryption configuration / initialization.
Nothing in the os is really sensitive, it's the stuff on my other partitions that need to be secured.
I have a few 3tb drives and they have plenty of space free. I recall when I installed ubuntu on a different system, I did not encrypt my home directory. Later, I changed my mind and decided to encrypt it. I was able to "apply" encryption and get everything encrypted without a reinstall or moving any files.
Also, it's not encrypting the whole partition, just everything in the home directory. Is this possible to do for my owncloud server? Just encrpyt that folder and everything that goes in it?
Also, it's not encrypting the whole partition, just everything in the home directory. Is this possible to do for my owncloud server? Just encrpyt that folder and everything that goes in it?
Yes and I kind of outlined it in my previous post. The basic requirement is a partition though. Doesn't mean you can't encrypt a directory but then you have to choose something other than LUKS like say FUSE EncFS.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.