From 8a119d72e2dba1551713807295485e8fa9d63bbd Mon Sep 17 00:00:00 2001
From: DL6ER <dl6er@dl6er.de>
Date: Mon, 9 Dec 2019 12:17:55 +0000
Subject: [PATCH] Ensure database permissions are set up correctly by the
 service script.

Signed-off-by: DL6ER <dl6er@dl6er.de>
---
 advanced/Templates/pihole-FTL.service | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/advanced/Templates/pihole-FTL.service b/advanced/Templates/pihole-FTL.service
index 5dbf080e..43f9e184 100644
--- a/advanced/Templates/pihole-FTL.service
+++ b/advanced/Templates/pihole-FTL.service
@@ -48,6 +48,8 @@ start() {
     chown pihole:pihole /etc/pihole /etc/pihole/dhcp.leases 2> /dev/null
     chown pihole:pihole /var/log/pihole-FTL.log /var/log/pihole.log
     chmod 0644 /var/log/pihole-FTL.log /run/pihole-FTL.pid /run/pihole-FTL.port /var/log/pihole.log
+    # Chown database files to the user FTL runs as. We ignore errors as the files may not (yet) exist
+    chown pihole:pihole /etc/pihole/pihole-FTL.db /etc/pihole/gravity.db 2> /dev/null
     echo "nameserver 127.0.0.1" | /sbin/resolvconf -a lo.piholeFTL
     if setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN+eip "$(which pihole-FTL)"; then
       su -s /bin/sh -c "/usr/bin/pihole-FTL" "$FTLUSER"