ownCloud needs to be able to write to .user.ini to change the upload size if using PHP-FPM ownCloud 9 appends to it's .htaccess upon installation (during lib/private/setup.php) if it sees the apcahe 'env' and 'rewrite' modules are available. This is needed to get "Pretty URLs" working properly. The fix should be... @(%%OWNCLOUD_USERNAME%%,%%OWNCLOUD_GROUPNAME%%,664) %%WWWDIR%%/.htaccess @(%%OWNCLOUD_USERNAME%%,%%OWNCLOUD_GROUPNAME%%,664) %%WWWDIR%%/.user.ini #### This was fixed before here... https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=208311 But, when the port was updated to version 9.0.4 the permission settings were dropped. https://github.com/freebsd/freebsd-ports/commit/68bf13e9a759b0321398cd3c07b54ea2c50fbd53
Please do not allow the webserver user to modifiy the .htaccess file. If you need to change something in there, use the command line. The file should be read-only and owned by root.
But owncloud needs to be able to modify the .htaccess enable clean URLs. It dynamically adds something like this based on the base URL This could be done during installation/upgrade or with occ from the commandline. https://doc.owncloud.org/server/9.1/admin_manual/configuration_server/index_php_less_urls.html#configuration-steps I'm not sure if it's ok to run occ with root, but it probably would be fine. But if an owncloud admins didn't have root access they could never use Pretty URLs? "#### DO NOT CHANGE ANYTHING ABOVE THIS LINE #### ErrorDocument 403 //core/templates/403.php ErrorDocument 404 //core/templates/404.php <IfModule mod_rewrite.c> Options -MultiViews RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1] RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1] RewriteCond %{REQUEST_FILENAME} !\.(css|js|svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ RewriteCond %{REQUEST_FILENAME} !core/img/favicon.ico$ RewriteCond %{REQUEST_FILENAME} !/remote.php RewriteCond %{REQUEST_FILENAME} !/public.php RewriteCond %{REQUEST_FILENAME} !/cron.php RewriteCond %{REQUEST_FILENAME} !/core/ajax/update.php RewriteCond %{REQUEST_FILENAME} !/status.php RewriteCond %{REQUEST_FILENAME} !/ocs/v1.php RewriteCond %{REQUEST_FILENAME} !/ocs/v2.php RewriteCond %{REQUEST_FILENAME} !/updater/ RewriteCond %{REQUEST_FILENAME} !/ocs-provider/ RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.* RewriteRule . index.php [PT,E=PATH_INFO:$1] RewriteBase / <IfModule mod_env.c> SetEnv front_controller_active true <IfModule mod_dir.c> DirectorySlash off </IfModule> </IfModule> </IfModule>"
Not the above lines are added dynamically by PHP, and can change per version so I think it would be somewhat difficult for a owncloud admin to hand edit these in.
Maintainer reset.
Maintainer feedback, please resp. is this still relevant?
I agree with Kevin. Those file should be owned by root, not www user. If you need to change/update them, it would be safer to do it manually with "chown" before and after your modification.