Thank you! Looking forward to your reply.
Here is mine on Raspbian for comparison:
$ for file in $(dpkg -L lighttpd | tail -n +2); do sudo stat -c '%A %U %G %n' $file; done
drwxr-xr-x root root /etc
drwxr-xr-x root root /etc/lighttpd
drwxr-xr-x root root /etc/lighttpd/conf-available
-rw-r--r-- root root /etc/lighttpd/conf-available/05-auth.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-accesslog.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-cgi.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-dir-listing.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-evasive.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-evhost.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-expire.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-fastcgi.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-flv-streaming.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-no-www.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-proxy.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-rrdtool.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-simple-vhost.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-ssi.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-ssl.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-status.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-userdir.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/10-usertrack.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/11-extforward.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/15-fastcgi-php.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/90-debian-doc.conf
-rw-r--r-- root root /etc/lighttpd/conf-available/README
drwxr-xr-x root root /etc/lighttpd/conf-enabled
-rw-r--r-- root root /etc/lighttpd/lighttpd.conf
drwxr-xr-x root root /etc/cron.daily
-rwxr-xr-x root root /etc/cron.daily/lighttpd
drwxr-xr-x root root /etc/init.d
-rwxr-xr-x root root /etc/init.d/lighttpd
drwxr-xr-x root root /etc/logrotate.d
-rw-r--r-- root root /etc/logrotate.d/lighttpd
drwxr-xr-x root root /usr
drwxr-xr-x root root /usr/lib
drwxr-xr-x root root /usr/lib/cgi-bin
drwxr-xr-x root root /usr/lib/lighttpd
-rw-r--r-- root root /usr/lib/lighttpd/mod_access.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_accesslog.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_alias.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_auth.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_cgi.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_compress.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_dirlisting.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_evasive.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_evhost.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_expire.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_extforward.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_fastcgi.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_flv_streaming.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_indexfile.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_proxy.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_redirect.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_rewrite.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_rrdtool.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_scgi.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_secdownload.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_setenv.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_simple_vhost.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_ssi.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_staticfile.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_status.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_userdir.so
-rw-r--r-- root root /usr/lib/lighttpd/mod_usertrack.so
drwxr-xr-x root root /usr/lib/tmpfiles.d
-rw-r--r-- root root /usr/lib/tmpfiles.d/lighttpd.tmpfile.conf
drwxr-xr-x root root /usr/sbin
-rwxr-xr-x root root /usr/sbin/lighty-enable-mod
-rwxr-xr-x root root /usr/sbin/lighttpd
-rwxr-xr-x root root /usr/sbin/lighttpd-angel
drwxr-xr-x root root /usr/share
drwxr-xr-x root root /usr/share/man
drwxr-xr-x root root /usr/share/man/man8
-rw-r--r-- root root /usr/share/man/man8/lighttpd.8.gz
drwxr-xr-x root root /usr/share/man/man1
-rw-r--r-- root root /usr/share/man/man1/lighty-enable-mod.1.gz
drwxr-xr-x root root /usr/share/lighttpd
-rwxr-xr-x root root /usr/share/lighttpd/create-mime.assign.pl
-rwxr-xr-x root root /usr/share/lighttpd/include-conf-enabled.pl
-rwxr-xr-x root root /usr/share/lighttpd/use-ipv6.pl
-rw-r--r-- root root /usr/share/lighttpd/index.html
drwxr-xr-x root root /usr/share/doc
drwxr-xr-x root root /usr/share/doc/lighttpd
-rw-r--r-- root root /usr/share/doc/lighttpd/README
-rw-r--r-- root root /usr/share/doc/lighttpd/copyright
-rw-r--r-- root root /usr/share/doc/lighttpd/NEWS.gz
-rw-r--r-- root root /usr/share/doc/lighttpd/changelog.Debian.gz
-rw-r--r-- root root /usr/share/doc/lighttpd/NEWS.Debian.gz
drwxr-xr-x root root /usr/share/lintian
drwxr-xr-x root root /usr/share/lintian/overrides
-rw-r--r-- root root /usr/share/lintian/overrides/lighttpd
drwxr-xr-x root root /var
drwxr-xr-x root root /var/cache
drwxr-xr-x root root /var/cache/lighttpd
drwxr-xr-x www-data www-data /var/cache/lighttpd/compress
drwxr-xr-x www-data www-data /var/cache/lighttpd/uploads
drwxr-xr-x root root /var/log
drwxr-x--- www-data www-data /var/log/lighttpd
drwxr-xr-x root root /var/www
drwxrwxr-x www-data www-data /var/www/html
drwxr-xr-x root root /lib
drwxr-xr-x root root /lib/systemd
drwxr-xr-x root root /lib/systemd/system
-rw-r--r-- root root /lib/systemd/system/lighttpd.service
lrwxrwxrwx root root /usr/sbin/lighttpd-disable-mod
lrwxrwxrwx root root /usr/sbin/lighttpd-enable-mod
lrwxrwxrwx root root /usr/sbin/lighty-disable-mod
lrwxrwxrwx root root /usr/share/man/man1/lighttpd-enable-mod.1.gz
lrwxrwxrwx root root /usr/share/man/man1/lighttpd-disable-mod.1.gz
lrwxrwxrwx root root /usr/share/man/man1/lighty-disable-mod.1.gzI don't use lighttpd at all. I have nginx for a few sites and I am using it witl php-fpm to access pihole admin panel.
Wel I dont have nginx, but below is for dnsmasq:
$ for file in $(dpkg -L dnsmasq | tail -n +2 | sort); do sudo stat -c '%a %U %G %n' $file; done
755 root root /etc
755 root root /etc/default
644 root root /etc/default/dnsmasq
644 root root /etc/dnsmasq.conf
755 root root /etc/dnsmasq.d
644 root root /etc/dnsmasq.d/README
755 root root /etc/init.d
755 root root /etc/init.d/dnsmasq
755 root root /etc/insserv.conf.d
644 root root /etc/insserv.conf.d/dnsmasq
755 root root /etc/resolvconf
755 root root /etc/resolvconf/update.d
755 root root /etc/resolvconf/update.d/dnsmasq
755 root root /lib
755 root root /lib/systemd
755 root root /lib/systemd/system
644 root root /lib/systemd/system/dnsmasq.service
755 root root /usr
755 root root /usr/lib
755 root root /usr/lib/resolvconf
755 root root /usr/lib/resolvconf/dpkg-event.d
755 root root /usr/lib/resolvconf/dpkg-event.d/dnsmasq
755 root root /usr/share
755 root root /usr/share/doc
777 root root /usr/share/doc/dnsmasq
EDIT: sorted now and octal
There appear to be some issues with the testing environments and the install script. (It goes back to the NetworkManager status.) It may take a bit of time to fix the installer and then get us to a place that we can check for solutions to this issue.
Just wanted to update and not leave the issue hanging without a status.
@DanSchaper ,
I posted below to comfort, Discourse derailed (cloudflare error) and my post was gone ?
Luckely my editor kept a copy 
I dont have a solution for you because Pi-Hole was designed to run on top of dnsmasq and lighttpd.
But you dont need the web GUI if your only interested in getting the ads to be blocked.
Most of the magic is done by dnsmasq resolving known blacklisted ad domain names to that of the Pi-Hole IP address eg:
C:\>nslookup doubleclick.com noads.dehakkelaar.nl
Server: noads.dehakkelaar.nl
Address: 10.0.0.8
Name: doubleclick.com
Address: 10.0.0.8
Instead of resolving to the actual IP address(es) for the ad:
C:\>nslookup doubleclick.com 8.8.8.8
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Non-authoritative answer:
Name: doubleclick.com
Addresses: 172.217.17.110, 172.217.17.110, 172.217.17.110
So if you can get this bit to work, you are done for 90%.
The other part involves Pi-Hole to return a blank page instead of the ad via its own lighttpd daemon:
$ tree /var/www/html/pihole/
/var/www/html/pihole/
+-- blockingpage.css
+-- index.js
+-- index.php
For that to work, lighttpd got these configuration options:
server.document-root = "/var/www/html"
server.error-handler-404 = "pihole/index.php"
So if you want nginx to do the same, you got to find the 404 error handler for nginx and configure yourself.
But Pi-Hole also depends an a few cron jobs to keep the blacklists updated and do some maintenance:
$ grep -v '^#' /etc/cron.d/pihole
59 1 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity
00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
Another alternative is to have both web daemons running and have them listen to different IP addresses so they wont conflict (below is for Raspbian/Debian/Ubuntu):
I know I dont have a ready solution but at least you have a bit of an idea whats going on under the hood.
Sorry, we had a glitch with Discourse this morning on a software update and some posts made right before that process started were lost. So nothing was edited out or removed. I appreciate the assistance with this, so please continue with what you are finding.
Noted in the installer script though is that dnsmasqs user is set to nobody for CentOS installs.
Hmmm reading up a bit, I dont see any issue running it as user dnsmasq if it would solve the problem.
Might need to create a user with /usr/sbin/nologin.
$ groups dnsmasq
dnsmasq : nogroup
In "/etc/dnsmasq.conf" you seem to be able to run as any user:
# If you want dnsmasq to change uid and gid to something other
# than the default, edit the following lines.
#user=
#group=
EDIT: From passwd:
dnsmasq:x:109:65534:dnsmasq,,,:/var/lib/misc:/bin/false
So to add user:
sudo useradd -c dnsmasq -d /var/lib/misc -s /bin/false dnsmasq
But the one who put "nobody" there, probably put it there for a reason ?
Just did a reverse proxy from nginx to lighttpd. Everything is working as expected but Query log is still showing "An error occured while loading the data. Presumably your log is too large to be processed." while the log size is a few kb.
I dont see how a proxy would help ?
What if you do below one for diagnosing:
sudo chmod 777 /var/log/pihole.log
To change back again:
sudo chmod 644 /var/log/pihole.log
I've asked our real CentOS/Fedora guy to help and take a look. He's at the Con in Boston right now, but will peek in and see what he see's. He wrote the sections of the installer and the code that handle that OS so that should help move us along.
1 Like
That most likely will help allot.
Been a while for me with CentOS.
EDIT: Ohw does CentOS still enables selinux by default ?
Might need to disable that one too ?
sudo getenforce
Did what you suggested and it still gives that error.
Also selinux is disabled.
Oh you might be missing some PHP parts that might cause issues maybe.
To create a "phpinfo.php" file:
{
echo '<?php'
echo 'phpinfo();'
echo '?>'
} | tee phpinfo.php
Access the file via browser and post results here (have a look 1st if contains sensitive info and delete the file afterwards !!!).
EDIT: Or maybe output from lynx is cleaner (you decide and might need to install lynx via yum):<>/s
lynx -dump http://localhost/phpinfo.php
Stupid of me, you could oc run it from shell:
sudo php -i
The output is too big. What requirements does pihole have? It does install some extensions itself.
Update: Upgraded to v3 and everything works fine except "query log". It doesn't show me the error message anymore but it shows a blank page (no records).
Click on "show all". Does it show you something now?
Nope, it doesn't show anything. Tail log file works.
Okay, so this is weird. It means your dashboard shows full statistics but the query log page simply doesn't work? I suppose it might be a cache issue, then.
Try the following:
It looks like it has started working! I didn't do anything. Strange.