Read/write permissions for wwwroot when running CommandBox as Service on Ubuntu 20.04 with a non-root user

Hi to all,

I’ve managed to run CommandBox as a systemd service with a created non-root user/user group named ‘cfbox’ on Ubuntu 20.04. LTS. The user/usergroup was created just for the purpose of running the CommandBox in a headless way and the cfengine with lesser priviliges. While doing that, I`ve noticed that CommandBox needs write permissions on the server.json file in that wwwroot. I think it reads it, parses it and overwrites the file (at least on first startup). Are there more possible files that CommandBox needs write permissions when deploying/setting a webroot instance webroot? Should I just give write permission for the complete wwwroot folder? What is the usual/best practice?

Thanks for any help and advice!

It depends on your app. Some applications may also write temp files, etc. If you start CommandBox with the --noSaveSettings flag I think it will avoid writing to the server.json file.

1 Like