před 4 roky · 4ebedace1e
--- a/docs/howto/postgresql-s3.md
+++ b/docs/howto/postgresql-s3.md
@@ -204,34 +204,12 @@ $ sftpgo initprovider -c /etc/sftpgo
 
				 
			
 
				 ## Install SFTPGo systemd service
			
 
				 
			
 
				-Create the systemd service file `/etc/systemd/system/sftpgo.service` with the following content:
			
 
				+Copy the systemd service file.
			
 
				 
			
 
				 ```shell
			
 
				-[Unit]
			
 
				-Description=SFTPGo Server
			
 
				-After=network.target postgresql.service
			
 
				-
			
 
				-[Service]
			
 
				-User=sftpgo
			
 
				-Group=sftpgo
			
 
				-Type=simple
			
 
				-WorkingDirectory=/etc/sftpgo
			
 
				-Environment=SFTPGO_CONFIG_DIR=/etc/sftpgo/
			
 
				-Environment=SFTPGO_LOG_FILE_PATH=
			
 
				-EnvironmentFile=-/etc/sftpgo/sftpgo.env
			
 
				-ExecStart=/usr/bin/sftpgo serve
			
 
				-ExecReload=/bin/kill -s HUP $MAINPID
			
 
				-KillMode=mixed
			
 
				-PrivateTmp=true
			
 
				-Restart=always
			
 
				-RestartSec=10s
			
 
				-
			
 
				-[Install]
			
 
				-WantedBy=multi-user.target
			
 
				+sudo install -Dm644 init/sftpgo.service /etc/systemd/system
			
 
				 ```
			
 
				 
			
 
				-This way SFTPGo will run using the dedicated `sftpgo` user and the service will start after PostgreSQL.
			
 
				-
			
 
				 Next, start the SFTPGo service and add it to the system boot.
			
 
				 
			
 
				 ```shell
			
--- a/docs/service.md
+++ b/docs/service.md
@@ -1,12 +1,25 @@
 
				 # Running SFTPGo as a service
			
 
				 
			
 
				+Download a binary SFTPGo [release](https://github.com/drakkan/sftpgo/releases) or a build artifact for the [latest commit](https://github.com/drakkan/sftpgo/actions) or build SFTPGo yourself.
			
 
				+
			
 
				+Run the following instructions from the directory that contains the sftpgo binary and the accompanying files.
			
 
				+
			
 
				 ## Linux
			
 
				 
			
 
				 For Linux, a `systemd` sample [service](../init/sftpgo.service "systemd service") can be found inside the source tree.
			
 
				 
			
 
				-Here are some basic instructions to run SFTPGo as service, please run the following commands from the directory where you downloaded SFTPGo:
			
 
				+Here are some basic instructions to run SFTPGo as service using a dedicated `sftpgo` system account, please run the following commands from the directory where you downloaded SFTPGo:
			
 
				 
			
 
				 ```bash
			
 
				+# create the sftpgo user and group
			
 
				+sudo groupadd --system sftpgo
			
 
				+sudo useradd --system \
			
 
				+  --gid sftpgo \
			
 
				+  --no-create-home \
			
 
				+  --home-dir /var/lib/sftpgo \
			
 
				+  --shell /usr/sbin/nologin \
			
 
				+  --comment "SFTPGo user" \
			
 
				+  sftpgo
			
 
				 # create the required directories
			
 
				 sudo mkdir -p /etc/sftpgo \
			
 
				   /var/lib/sftpgo \
			
@@ -23,11 +36,17 @@ sudo sh -c 'echo "SFTPGO_HTTPD__BACKUPS_PATH=/var/lib/sftpgo/backups" >> /etc/sf
 
				 sudo sh -c 'echo "SFTPGO_DATA_PROVIDER__CREDENTIALS_PATH=/var/lib/sftpgo/credentials" >> /etc/sftpgo/sftpgo.env'
			
 
				 # if you use a file based data provider such as sqlite or bolt consider to set the database path too, for example:
			
 
				 #sudo sh -c 'echo "SFTPGO_DATA_PROVIDER__NAME=/var/lib/sftpgo/sftpgo.db" >> /etc/sftpgo/sftpgo.env'
			
 
				+# also set the provider's PATH as env var to get initprovider to work with SQLite provider:
			
 
				+#export SFTPGO_DATA_PROVIDER__NAME=/var/lib/sftpgo/sftpgo.db
			
 
				 # install static files and templates for the web UI
			
 
				 sudo cp -r static templates /usr/share/sftpgo/
			
 
				+# set files and directory permissions
			
 
				+sudo chown -R sftpgo:sftpgo /etc/sftpgo /var/lib/sftpgo
			
 
				+sudo chmod 750 /etc/sftpgo /var/lib/sftpgo
			
 
				+sudo chmod 640 /etc/sftpgo/sftpgo.json /etc/sftpgo/sftpgo.env
			
 
				 # initialize the configured data provider
			
 
				 # if you want to use MySQL or PostgreSQL you need to create the configured database before running the initprovider command
			
 
				-sudo /usr/bin/sftpgo initprovider -c /etc/sftpgo/
			
 
				+sudo -E su - sftpgo -m -s /bin/bash -c 'sftpgo initprovider -c /etc/sftpgo'
			
 
				 # install the systemd service
			
 
				 sudo install -Dm644 init/sftpgo.service /etc/systemd/system
			
 
				 # start the service
			
--- a/init/sftpgo.service
+++ b/init/sftpgo.service
@@ -3,8 +3,8 @@ Description=SFTPGo Server
 
				 After=network.target
			
 
				 
			
 
				 [Service]
			
 
				-User=root
			
 
				-Group=root
			
 
				+User=sftpgo
			
 
				+Group=sftpgo
			
 
				 Type=simple
			
 
				 WorkingDirectory=/etc/sftpgo
			
 
				 Environment=SFTPGO_CONFIG_DIR=/etc/sftpgo/
			
--- a/sftpd/sftpd_test.go
+++ b/sftpd/sftpd_test.go
@@ -906,6 +906,11 @@ func TestEscapeHomeDir(t *testing.T) {
 
				 		assert.NoError(t, err)
			
 
				 		_, err := client.ReadDir(testDir)
			
 
				 		assert.Error(t, err, "reading a symbolic link outside home dir should not succeeded")
			
 
				+		err = client.Chmod(path.Join(testDir, "sub", "dir"), os.ModePerm)
			
 
				+		if assert.Error(t, err) {
			
 
				+			assert.Contains(t, err.Error(), "SSH_FX_FAILURE")
			
 
				+		}
			
 
				+		assert.Error(t, err, "setstat on a file outside home dir must fail")
			
 
				 		testFilePath := filepath.Join(homeBasePath, testFileName)
			
 
				 		testFileSize := int64(65535)
			
 
				 		err = createTestFile(testFilePath, testFileSize)