1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

FTP User Permissions not changing

Discussion in 'Asuswrt-Merlin' started by peepsnet, Jul 16, 2019.

  1. peepsnet

    peepsnet Occasional Visitor

    Joined:
    Jul 16, 2019
    Messages:
    18
    Ver 384.12
    Router: RT-AC3100

    I had thing working perfect then thought Id try out Entware. I got it all installed and working so I could use rsync.

    After this, at some point, it seemed all the FTP permissions changed and I was no longer able to write to my USB storage drive via USB

    SETUP:
    RT-AC3100
    4TB USB 3.0 Drive
    1GB USB 2.0 Thumb Drive

    I first installed the 4TB drive months ago and set it all up for media sharing.
    I had an old Network NAS (just 1TB) start to show problems and I wanted to move all the data to the 4TB shared USB drive on the router. I decided to use SSH/rsync to move the files. This required Entware and rsync to be installed. So I did just last week.

    I was able to install and use rsync and move the files from my OLD NAS to the New Router 4TB drive.

    Today I tried to download a few files through my torrent server to the 4TB router share drive and it failed for a permission error.

    ******* Let me say that I am not saying the Entware install is the issue... Just the only major change. ******

    I logged in to the router via SSH and did:
    cd /
    ls -lah

    The user for all files/folders is not the router admin account(lets call it "routerAdmin"), but was the first user I added in the Samba/FTP user list( lets call it "routerDad").

    I then looked at the FTP permissions for each user(USB Applications->Server Center->FTP Share)... The admin user(routerAdmin) was R/W for all.
    Every other user was set to "NO" for every folder on the 4TB drive and R/W on the 1GB thumb drive.

    Let me also add the the 1GB entware drive is at sda and the 4tb drive is at sdb

    I tried to change the permissions to R/W for routerDad and they would not save/stick. I got no errors. The page just reloaded and the settings were not changed.

    I thought I'd just reload the ASUS stock firmware then load the Merlin firmware hoping it would fix and ownership issues and I would just have to reload config file or manually reset all settings.(a lot of work but whatever)

    The Stock firmware was uploaded and said it was being written... Then is restarted but Merlin 384.12 was still there.

    I then tried to see if the whole system was RO by going to the LAN settings and changing the DHCP range. That worked. It kept the new setting.

    It seems I have some issues and I would like to know where to go from here...

    First Question:
    Who should all the files belong to when I do "ls -lah"

    Second Q:
    What can I do from here?

    Thanks
    Don
     
    Last edited: Jul 16, 2019
  2. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    9,119
    Location:
    UK
  3. peepsnet

    peepsnet Occasional Visitor

    Joined:
    Jul 16, 2019
    Messages:
    18
  4. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    9,119
    Location:
    UK
    Try this instead:
    Code:
    chmod -R 777 /tmp/mnt/easystore
     
    L&LD likes this.
  5. peepsnet

    peepsnet Occasional Visitor

    Joined:
    Jul 16, 2019
    Messages:
    18
    That was not working either.
     
  6. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    9,119
    Location:
    UK
    The /tmp/mnt/easystore directory and all the files/directories immediately below it should be owned by admin:root (or your equivalent of admin).
    Code:
    # ls -lah /tmp/mnt/VERBATIM/
    drwxrwxrwx    5 admin    root        4.0K Jul 12 13:44 .
    drwxrwxrwx    3 admin    root          60 Jan  1  2011 ..
    -rw-rw-rw-    1 admin    root          29 Jul 12 13:44 .__Colin_var.txt
    -rw-rw-rw-    1 admin    root           0 Jan  1  2011 .__Colin_var.txt.29
    -rw-rw-rw-    1 admin    root          29 Jul 12 13:44 .___var.txt
    -rw-rw-rw-    1 admin    root           0 Jan  1  2011 .___var.txt.29
    -rw-rw-rw-    1 admin    root          29 Jul 12 13:44 .__admin_var.txt
    -rw-rw-rw-    1 admin    root           0 Jan  1  2011 .__admin_var.txt.29
    -rw-rw-rw-    1 admin    root          40 Jan  1  2011 .__folder_list.txt
    -rw-rw-rw-    1 admin    root           0 Jan  1  2011 .__folder_list.txt.40
    drwxrwxrwx   22 admin    root       12.0K Jul 18 19:34 ASUS
    drwxrwxrwx   13 admin    root        4.0K Jul 18 20:10 entware
    drwx------    2 admin    root        4.0K Mar  1 14:21 lost+found
     
  7. peepsnet

    peepsnet Occasional Visitor

    Joined:
    Jul 16, 2019
    Messages:
    18
    all the files (every file from / on) are NOT owned by the admin...

    they are owned by the first FTP/samba user I added to the router.

    where to from here??
     
  8. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    9,119
    Location:
    UK
    Your passwd file should look something like this (note the duplicated admin account):
    Code:
    # cd /etc
    # cat passwd
    admin:x:0:0:admin:/root:/bin/sh
    nas:x:100:100:nas:/dev/null:/dev/null
    nobody:x:65534:65534:nobody:/dev/null:/dev/null
    admin:x:500:500:::
    Colin:x:501:501:::
    Also:
    Code:
    # cat group
    root:x:0:
    nas:x:100:
    nobody:x:65534:
    admin:x:500:
    Colin:x:501:
    Bear in mind the the router's ftp server is completely non-standard and most of the permissions are defined in the (dot) files in the USB device's root directory.
     
  9. peepsnet

    peepsnet Occasional Visitor

    Joined:
    Jul 16, 2019
    Messages:
    18
    So this is what is in there

    passwd
    Code:
    admin:x:0:0:admin:/root:/bin/sh
    nas:x:100:100:nas:/dev/null:/dev/null
    nobody:x:65534:65534:nobody:/dev/null:/dev/null
    admin:x:500:500:::
    tor:x:65533:65533:tor:/dev/null:/dev/null
    user1:x:501:501::/dev/null:/dev/null
    user2:x:502:502::/dev/null:/dev/null
    user3:x:503:503::/dev/null:/dev/null
    user1:x:200:200::/dev/null:/dev/null
    user2:x:201:201::/dev/null:/dev/null
    
    group
    Code:
    root:x:0:
    nas:x:100:
    openvpn:x:200:
    nobody:x:65534:
    tor:x:65533:
    user1:x:501:
    user2:x:502:
    user3:x:503:
    
    I am assuming the:
    Code:
    user1:x:200:200::/dev/null:/dev/null
    user2:x:201:201::/dev/null:/dev/null
    
    in passwd is broken and should be removed??

    and the missing:
    Code:
    admin:x:500:
    
    in group should be added??
     
  10. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    9,119
    Location:
    UK
    I'm running a much older code base than you so I can't say with any confidence that your setup should be identical to mine.

    I don't have the uid/gid's 200 and 201. Is it possible they are OpenVPN user accounts?

    The problem with trying to change these files is that the contents will just get recreated from the NVRAM settings. So it's those that need to be fixed if they're wrong.

    You said earlier that your root (uid=0) account wasn't called admin, so presumably you have doctored the output above? Was/are the account names for uid 0 and 500 different? Are you still seeing entries in the root directory that aren't owned by uid 0?
     
  11. peepsnet

    peepsnet Occasional Visitor

    Joined:
    Jul 16, 2019
    Messages:
    18
    the 200/201 do make sense as openvpn accounts...

    the admin(uid=0) username were not different both were the admin username. however all files are owned by user1:root
     
  12. peepsnet

    peepsnet Occasional Visitor

    Joined:
    Jul 16, 2019
    Messages:
    18
    Code:
    cd /
    ls -lah
    
    drwxr-xr-x   17 user1 root         320 Jun 21 18:34 .
    drwxr-xr-x   17 user1 root         320 Jun 21 18:34 ..
    drwxr-xr-x    2 user1 root         787 Jun 21 18:33 bin
    drwxr-xr-x    2 user1 root           3 Jun 21 18:34 cifs1
    drwxr-xr-x    2 user1 root           3 Jun 21 18:34 cifs2
    drwxr-xr-x    6 user1 root        1.6K Jul 18 18:18 dev
    lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 etc -> tmp/etc
    lrwxrwxrwx    1 user1 root           8 Jun 21 18:34 home -> tmp/home
    drwxr-xr-x   11 user1 root           0 Jul 18 18:26 jffs
    drwxr-xr-x    3 user1 root         293 Jun 21 18:34 lib
    lrwxrwxrwx    1 user1 root           9 Jun 21 18:34 media -> tmp/media
    drwxr-xr-x    2 user1 root           3 Jun 21 18:34 mmc
    lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 mnt -> tmp/mnt
    lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 opt -> tmp/opt
    dr-xr-xr-x  170 user1 root           0 Dec 31  1969 proc
    drwxr-xr-x    5 user1 root         143 Jun 21 18:33 rom
    lrwxrwxrwx    1 user1 root          13 Jun 21 18:34 root -> tmp/home/root
    drwxr-xr-x    2 user1 root        2.6K Jun 21 18:33 sbin
    drwxr-xr-x   11 user1 root           0 Dec 31  1969 sys
    drwxr-xr-x    2 user1 root           3 Jun 21 18:34 sysroot
    drwxrwxrwx   17 user1 root        1.3K Jul 18 18:26 tmp
    drwxr-xr-x   11 user1 root         180 Jun 21 18:34 usr
    lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 var -> tmp/var
    drwxrwxr-x   14 user1 root        8.1K Jun 21 18:34 www
    
     
  13. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    9,119
    Location:
    UK
    How are you viewing these files, through an SSH terminal session like PuTTY?
     
  14. peepsnet

    peepsnet Occasional Visitor

    Joined:
    Jul 16, 2019
    Messages:
    18
    Yes putty

    and the admin account is how I am logging in through SSH and the webgui
     
  15. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    9,119
    Location:
    UK
    My guess is that the router got confused (bug?) when you changed the root account's name from admin to something else. I suggest that you:

    1) Go to the root directory of each USB device and delete all the files beginning with ".__". Then unmount the USB devices.
    2) Physically remove the USB devices.
    3) Remove the Samba/FTP account variables:
    Code:
    nvram unset acc_list
    nvram unset acc_num
    nvram commit
    4) Rename the root account back to "admin" through the GUI and reboot the router.
    5) Log back into the router and see if the system files are now owned by "admin".
     
  16. peepsnet

    peepsnet Occasional Visitor

    Joined:
    Jul 16, 2019
    Messages:
    18
    I will try this but the admin account was changed months ago... It worked fine until... I noticed 2 days ago when I tried to transfer files through the FTP server to the USB3.0 Drive. This what the first thing I tried to do after installing entware in the USB2.0 thumbdrive

    If this doesnt work I guess my option will be to try 30/30/30 reset and see where that gets me
     
  17. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    9,119
    Location:
    UK
    FYI

    If your firmware acts the same as mine you'll find that the owner of any files uploaded to the router by ftp will be wrong (typically uid=1).

    A 30/30/30 reset doesn't apply to asuswrt, that's a DD-WRT thing. A normal reset will suffice.
     
  18. peepsnet

    peepsnet Occasional Visitor

    Joined:
    Jul 16, 2019
    Messages:
    18
    I think this will be the easiest...
    And clear all the asuswrt files out of the Drives