What's new

FTP User Permissions not changing

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

peepsnet

Regular Contributor
Ver 384.12
Router: RT-AC3100

I had thing working perfect then thought Id try out Entware. I got it all installed and working so I could use rsync.

After this, at some point, it seemed all the FTP permissions changed and I was no longer able to write to my USB storage drive via USB

SETUP:
RT-AC3100
4TB USB 3.0 Drive
1GB USB 2.0 Thumb Drive

I first installed the 4TB drive months ago and set it all up for media sharing.
I had an old Network NAS (just 1TB) start to show problems and I wanted to move all the data to the 4TB shared USB drive on the router. I decided to use SSH/rsync to move the files. This required Entware and rsync to be installed. So I did just last week.

I was able to install and use rsync and move the files from my OLD NAS to the New Router 4TB drive.

Today I tried to download a few files through my torrent server to the 4TB router share drive and it failed for a permission error.

******* Let me say that I am not saying the Entware install is the issue... Just the only major change. ******

I logged in to the router via SSH and did:
cd /
ls -lah

The user for all files/folders is not the router admin account(lets call it "routerAdmin"), but was the first user I added in the Samba/FTP user list( lets call it "routerDad").

I then looked at the FTP permissions for each user(USB Applications->Server Center->FTP Share)... The admin user(routerAdmin) was R/W for all.
Every other user was set to "NO" for every folder on the 4TB drive and R/W on the 1GB thumb drive.

Let me also add the the 1GB entware drive is at sda and the 4tb drive is at sdb

I tried to change the permissions to R/W for routerDad and they would not save/stick. I got no errors. The page just reloaded and the settings were not changed.

I thought I'd just reload the ASUS stock firmware then load the Merlin firmware hoping it would fix and ownership issues and I would just have to reload config file or manually reset all settings.(a lot of work but whatever)

The Stock firmware was uploaded and said it was being written... Then is restarted but Merlin 384.12 was still there.

I then tried to see if the whole system was RO by going to the LAN settings and changing the DHCP range. That worked. It kept the new setting.

It seems I have some issues and I would like to know where to go from here...

First Question:
Who should all the files belong to when I do "ls -lah"

Second Q:
What can I do from here?

Thanks
Don
 
Last edited:
First Question:
Who should all the files belong to when I do "ls -lah"

The /tmp/mnt/easystore directory and all the files/directories immediately below it should be owned by admin:root (or your equivalent of admin).
Code:
# ls -lah /tmp/mnt/VERBATIM/
drwxrwxrwx    5 admin    root        4.0K Jul 12 13:44 .
drwxrwxrwx    3 admin    root          60 Jan  1  2011 ..
-rw-rw-rw-    1 admin    root          29 Jul 12 13:44 .__Colin_var.txt
-rw-rw-rw-    1 admin    root           0 Jan  1  2011 .__Colin_var.txt.29
-rw-rw-rw-    1 admin    root          29 Jul 12 13:44 .___var.txt
-rw-rw-rw-    1 admin    root           0 Jan  1  2011 .___var.txt.29
-rw-rw-rw-    1 admin    root          29 Jul 12 13:44 .__admin_var.txt
-rw-rw-rw-    1 admin    root           0 Jan  1  2011 .__admin_var.txt.29
-rw-rw-rw-    1 admin    root          40 Jan  1  2011 .__folder_list.txt
-rw-rw-rw-    1 admin    root           0 Jan  1  2011 .__folder_list.txt.40
drwxrwxrwx   22 admin    root       12.0K Jul 18 19:34 ASUS
drwxrwxrwx   13 admin    root        4.0K Jul 18 20:10 entware
drwx------    2 admin    root        4.0K Mar  1 14:21 lost+found
 
The /tmp/mnt/easystore directory and all the files/directories immediately below it should be owned by admin:root (or your equivalent of admin)

all the files (every file from / on) are NOT owned by the admin...

they are owned by the first FTP/samba user I added to the router.

where to from here??
 
Your passwd file should look something like this (note the duplicated admin account):
Code:
# cd /etc
# cat passwd
admin:x:0:0:admin:/root:/bin/sh
nas:x:100:100:nas:/dev/null:/dev/null
nobody:x:65534:65534:nobody:/dev/null:/dev/null
admin:x:500:500:::
Colin:x:501:501:::

Also:
Code:
# cat group
root:x:0:
nas:x:100:
nobody:x:65534:
admin:x:500:
Colin:x:501:

Bear in mind the the router's ftp server is completely non-standard and most of the permissions are defined in the (dot) files in the USB device's root directory.
 
So this is what is in there

passwd
Code:
admin:x:0:0:admin:/root:/bin/sh
nas:x:100:100:nas:/dev/null:/dev/null
nobody:x:65534:65534:nobody:/dev/null:/dev/null
admin:x:500:500:::
tor:x:65533:65533:tor:/dev/null:/dev/null
user1:x:501:501::/dev/null:/dev/null
user2:x:502:502::/dev/null:/dev/null
user3:x:503:503::/dev/null:/dev/null
user1:x:200:200::/dev/null:/dev/null
user2:x:201:201::/dev/null:/dev/null

group
Code:
root:x:0:
nas:x:100:
openvpn:x:200:
nobody:x:65534:
tor:x:65533:
user1:x:501:
user2:x:502:
user3:x:503:

I am assuming the:
Code:
user1:x:200:200::/dev/null:/dev/null
user2:x:201:201::/dev/null:/dev/null
in passwd is broken and should be removed??

and the missing:
Code:
admin:x:500:
in group should be added??
 
I'm running a much older code base than you so I can't say with any confidence that your setup should be identical to mine.

I don't have the uid/gid's 200 and 201. Is it possible they are OpenVPN user accounts?

The problem with trying to change these files is that the contents will just get recreated from the NVRAM settings. So it's those that need to be fixed if they're wrong.

You said earlier that your root (uid=0) account wasn't called admin, so presumably you have doctored the output above? Was/are the account names for uid 0 and 500 different? Are you still seeing entries in the root directory that aren't owned by uid 0?
 
I'm running a much older code base than you so I can't say with any confidence that your setup should be identical to mine.

I don't have the uid/gid's 200 and 201. Is it possible they are OpenVPN user accounts?

The problem with trying to change these files is that the contents will just get recreated from the NVRAM settings. So it's those that need to be fixed if they're wrong.

You said earlier that your root (uid=0) account wasn't called admin, so presumably you have doctored the output above? Was/are the account names for uid 0 and 500 different? Are you still seeing entries in the root directory that aren't owned by uid 0?

the 200/201 do make sense as openvpn accounts...

the admin(uid=0) username were not different both were the admin username. however all files are owned by user1:root
 
Code:
cd /
ls -lah

drwxr-xr-x   17 user1 root         320 Jun 21 18:34 .
drwxr-xr-x   17 user1 root         320 Jun 21 18:34 ..
drwxr-xr-x    2 user1 root         787 Jun 21 18:33 bin
drwxr-xr-x    2 user1 root           3 Jun 21 18:34 cifs1
drwxr-xr-x    2 user1 root           3 Jun 21 18:34 cifs2
drwxr-xr-x    6 user1 root        1.6K Jul 18 18:18 dev
lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 etc -> tmp/etc
lrwxrwxrwx    1 user1 root           8 Jun 21 18:34 home -> tmp/home
drwxr-xr-x   11 user1 root           0 Jul 18 18:26 jffs
drwxr-xr-x    3 user1 root         293 Jun 21 18:34 lib
lrwxrwxrwx    1 user1 root           9 Jun 21 18:34 media -> tmp/media
drwxr-xr-x    2 user1 root           3 Jun 21 18:34 mmc
lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 mnt -> tmp/mnt
lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 opt -> tmp/opt
dr-xr-xr-x  170 user1 root           0 Dec 31  1969 proc
drwxr-xr-x    5 user1 root         143 Jun 21 18:33 rom
lrwxrwxrwx    1 user1 root          13 Jun 21 18:34 root -> tmp/home/root
drwxr-xr-x    2 user1 root        2.6K Jun 21 18:33 sbin
drwxr-xr-x   11 user1 root           0 Dec 31  1969 sys
drwxr-xr-x    2 user1 root           3 Jun 21 18:34 sysroot
drwxrwxrwx   17 user1 root        1.3K Jul 18 18:26 tmp
drwxr-xr-x   11 user1 root         180 Jun 21 18:34 usr
lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 var -> tmp/var
drwxrwxr-x   14 user1 root        8.1K Jun 21 18:34 www
 
How are you viewing these files, through an SSH terminal session like PuTTY?
Yes putty

and the admin account is how I am logging in through SSH and the webgui
 
My guess is that the router got confused (bug?) when you changed the root account's name from admin to something else. I suggest that you:

1) Go to the root directory of each USB device and delete all the files beginning with ".__". Then unmount the USB devices.
2) Physically remove the USB devices.
3) Remove the Samba/FTP account variables:
Code:
nvram unset acc_list
nvram unset acc_num
nvram commit
4) Rename the root account back to "admin" through the GUI and reboot the router.
5) Log back into the router and see if the system files are now owned by "admin".
 
My guess is that the router got confused (bug?) when you changed the root account's name from admin to something else. I suggest that you:

1) Go to the root directory of each USB device and delete all the files beginning with ".__". Then unmount the USB devices.
2) Physically remove the USB devices.
3) Remove the Samba/FTP account variables:
Code:
nvram unset acc_list
nvram unset acc_num
nvram commit
4) Rename the root account back to "admin" through the GUI and reboot the router.
5) Log back into the router and see if the system files are now owned by "admin".

I will try this but the admin account was changed months ago... It worked fine until... I noticed 2 days ago when I tried to transfer files through the FTP server to the USB3.0 Drive. This what the first thing I tried to do after installing entware in the USB2.0 thumbdrive

If this doesnt work I guess my option will be to try 30/30/30 reset and see where that gets me
 
FYI

If your firmware acts the same as mine you'll find that the owner of any files uploaded to the router by ftp will be wrong (typically uid=1).

A 30/30/30 reset doesn't apply to asuswrt, that's a DD-WRT thing. A normal reset will suffice.
 
A 30/30/30 reset doesn't apply to asuswrt, that's a DD-WRT thing. A normal reset will suffice.

I think this will be the easiest...
And clear all the asuswrt files out of the Drives
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top