FTL is unaccessible from UI user:group

jester · October 13, 2020, 11:04am

Guys,

I've been happily using Pi-Hole v4 for a while on a CentOS VM. All was working as a charm, however it took a while to set it up originally.

Few days ago I've updated it to v5. Everything works, however due to change of the way UI connects to FTL I can't manage it from UI anymore. FTL service runs under root obviously, UI runs under apache user and it can't connect to FTL because of permission issue.

There are advices like adding apache to sudoers but I don't like it because of security considerations.

Is there a way to make it properly without sacrificing security?

yubiuser · October 14, 2020, 5:06am

Search the forum, a lot of users running pihole v5.0 with apache. Use the label for filtering.

jester · October 14, 2020, 8:10am

Thank you for response. The question is rather specific and I'm using nginx, sorry for omitting it in original post.

I know how to make it work - just allow webserver user to run as root, but it's not secure, so wonder if there are workarounds

yubiuser · October 14, 2020, 10:51am

See point 8

https://docs.pi-hole.net/guides/nginx-configuration/

Does it solve your problem?

jester · October 14, 2020, 1:10pm

It doesn't. The problem is not in UI but in a way UI connects to FTL

yubiuser · October 14, 2020, 6:01pm

I'm not using nginx - my knowledge stops here. Sorry. Maybe some else can help.

Bucking_Horn · October 14, 2020, 9:57pm

If you are running nginx, why is your UI running as apache user?

system · October 21, 2020, 9:57pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.