I've currently done some trial an error and got:
write access to /var/repo and all below
write access to /var/tmp/phd and all below
access to phabricator files and libphpfiles
This get the daemons running but I don't think I've got everything. For example I can't see the combined logs in the daemons application any longer.
I have looked through the documentation, but there doesn't seem to be any information further to "create a user" in the diffusion hosting guide.
Am I missing something in the documentation?