sudo sftp

[dfries]

Proposed Changes

No longer require root for SFTP while allowing the user to write to the configuration files that only are writable by root, by running sftp-server under sudo. Okay, so I didn't want to have to specify the user name (and especially not specify root), and sshfs to let me modify the configuration files on my desktop.

"SFTP only works if the user is root" sftp runs just fine when it isn't root, it just can't write to the Home Assistant files because they are owned by root. If that's what the warning is about, and why .profile is doing sudo -i, then likewise run sftp-server under sudo. This helps to resolve the moral dilemma of one part of the documentation saying don't set username to root because many hack attempts will target it, and another part saying to run sftp you must be root.

Ideally Docker would allow the root user in the container to be mapped to a nobody outside of the container and the first adduser id 1000 be mapped to root outside of the container. That way inside the container most users can remain the non-root user and see all the configuration files as owned by then. I'm newer to docker, so I don't know if that's possible by an add-on in a Home Assistant OS.

Related Issues

Summary by CodeRabbit

• Documentation

  • Updated SFTP instructions to recommend enabling it only when needed.
  • Provided alternative methods for using rsync by specifying --rsync-path="/usr/bin/sudo /usr/bin/rsync" or setting the username to root.

• Bug Fixes

  • Improved SFTP setup to allow access only for the root user or under sudo for non-root users.