What's new

Multiple users for Asuswrt?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

kcobain1992

Occasional Visitor
Hi, I'm a newcomer here so please be gentle.
Since last week I have a new RT-AC56U router, which I think is a great piece of hardware and the Merlin 376.49_2 firmware shines too.
One of the features that me and my family use a lot is the file sharing feature: FTP, Samba and AiCloud. This works fine except that it's annoying to log into the router as admin when only in need to access a music file or a picture. That, and I'd also like to make a guest user for people other than my family, and it wouldn't be a great idea to give them my admin password.
So I decided I would need to configure my router for a multi-user environment. As I understand, I will need the following Linux programs:
* adduser, which I have found and installed from the Optware repository
* chown, which is in the coreutils Optware repository
* sudo, which is in the Optware repository
* passwd, which I could not find anywhere.
Also, my Busybox version (v1.20.2, 2014-12-23) does not seem to include support for passwd and shadow.
How am I supposed to change passwords for my new user accounts? What utility does the webpage GUI use?

Thanks in advance.
 
Last edited:
I was able to do this:
create a user without login password:
adduser -D adduser
add the password later on:
chpasswd
testuser:$PASSWORD
ctrl-D

Then I could log in as testuser:
su testuser
But it did not ask me for password, and it was not persistent.

So then I tried method 2:
create config files in /jffs/configs/group.add, shadow.add, gshadow.add and passwd.add. I hashed the password using the command:
mkpasswd -m md5 $PASSWORD
Now the configuration is persistent (the contents of files in /jffs has been added to those in /etc), but it doesn't work:
admin@RT-AC56U-0808:/tmp/home/root# su testuser
user testuser does not exist


What can I do?
 
I was able to do this:
create a user without login password:
adduser -D adduser
add the password later on:
chpasswd
testuser:$PASSWORD
ctrl-D

Then I could log in as testuser:
su testuser
But it did not ask me for password, and it was not persistent.
[...]

What can I do?
One question could be: "Why?".

That said, when you use the "substitute user" command (su), and you are "root", I don't think that you should expect a question for a password ?

Using your method 1, what do you see under the folder /home ?
 
Hi, I'm a newcomer here so please be gentle.
Since last week I have a new RT-AC56U router, which I think is a great piece of hardware and the Merlin 376.49_2 firmware shines too.
One of the features that me and my family use a lot is the file sharing feature: FTP, Samba and AiCloud. This works fine except that it's annoying to log into the router as admin when only in need to access a music file or a picture. That, and I'd also like to make a guest user for people other than my family, and it wouldn't be a great idea to give them my admin password.
So I decided I would need to configure my router for a multi-user environment. As I understand, I will need the following Linux programs:
* adduser, which I have found and installed from the Optware repository
* chown, which is in the coreutils Optware repository
* sudo, which is in the Optware repository
* passwd, which I could not find anywhere.
Also, my Busybox version (v1.20.2, 2014-12-23) does not seem to include support for passwd and shadow.
How am I supposed to change passwords for my new user accounts? What utility does the webpage GUI use?

Thanks in advance.

Ok I think (maybe not) I now understand what you are trying to do, but I don't think that you have to do it...

Could the answer be the use of the shares (if the info is on a disk attached to the router) ?
USB applications/Network Place(Samba) Share / Cloud Disk
 
Thanks for the answer. Yes, you are right, it wasn't asking for password because I was root. Typing login asks me for full credentials, or executing su as non-root.

However, I have found out very ugly things.
Can anybody please tell me how is / etc / passwd file generated? I understand that there's a / jffs / configs / passwd.add file I can append to it, but the first part beats me. I played a little with the nvram, and I found some variables, http_username and http_passwd, that seem to store the admin credentials in plaintext. That seems incredibly stupid to me.
I think that the first line in / etc / shadow comes from these nvram variables: whatever I name them, after reboot the root account is called $(nvram get http_username) and the password is $(nvram get http_passwd).
Best of all, that's the only account that accepts web logins and ssh connections, as well as AiCloud (but that's so darn buggy anyway I don't think I would use it again anyway). And the admin account is not the only one whose password is stored in cleartext.
Also check out $(nvram get acc_list), which I think is the FTP access list. Incredibly stupid.
To me, the whole beauty of Linux was that as root, you can change a user's password, but you can never find out what it was. Am I asking too much?
 
Last edited:
Ok I think (maybe not) I now understand what you are trying to do, but I don't think that you have to do it...

Could the answer be the use of the shares (if the info is on a disk attached to the router) ?
USB applications/Network Place(Samba) Share / Cloud Disk

All I want is not to use the admin account and password for simple tasks like listening to music over AiCloud.
 
But, using your method 1, what did you see under the folder /home ?
 
But, using your method 1, what did you see under the folder /home ?

After adduser -D $(USERNAME), a folder in /tmp/home, named $USERNAME, is created. However, the user created this way doesn't survive a reboot.
On the other hand, using the manual user creation mode, the message is as following:
login: can't chdir to home directory ''
and then I get a prompt starting in /.
 
After adduser -D $(USERNAME), a folder in /tmp/home, named $USERNAME, is created. However, the user created this way doesn't survive a reboot.
[...]
This is "normal". One thing you can try is enable the JFFS partion (and format it). This partition is almost "permanent".

After creating your new user, you could copy /tmp/home/* to /jffs/home/ and use the user's script (look at the section "Usage" in the wiki: https://github.com/RMerl/asuswrt-merlin/wiki) init-start to rewrite /tmp/home/* using the jffs copy at boot time. Just an idea...
 
Yes, I got past that moment. I'm not concerned about having a home folder for all users.
I think I messed up the configuration, I have no idea how, but now both AiCloud and FTP can log in, but neither have permissions to read/write/see files.
AiCloud can only log in as root (in fact, as I said, it uses http_username and http_passwd from nvram as credentials), while FTP seems to use the list of users from acc_list as credentials.
On top of that, I can't run sudo, for some reason:
admin@RT-AC56U-0808:/tmp/home/root$ which sudo
/opt/bin/sudo
admin@RT-AC56U-0808:/tmp/home/root$ /opt/bin/sudo
sh: /opt/bin/sudo: not found
 
Yes, I got past that moment. I'm not concerned about having a home folder for all users.
I think I messed up the configuration, I have no idea how, but now both AiCloud and FTP can log in, but neither have permissions to read/write/see files.
AiCloud can only log in as root (in fact, as I said, it uses http_username and http_passwd from nvram as credentials), while FTP seems to use the list of users from acc_list as credentials.
On top of that, I can't run sudo, for some reason:
admin@RT-AC56U-0808:/tmp/home/root$ which sudo
/opt/bin/sudo
admin@RT-AC56U-0808:/tmp/home/root$ /opt/bin/sudo
sh: /opt/bin/sudo: not found
I don't think Asuswrt is "thinked" on that approach. That's why "up there" you could be alone... The system log file (and other logs) could be a good friend for you. Please tell us what you learn.

Sudo is usually not required (and as long as I know is absent) because "THE" user is root and doesn't require it.

By the way
 
Last edited:
I have successfully chrooted to Debian, but I still have to link those user accounts to what the firmware (including vsftpd and the web interface) needs and sees, which ultimately boils down to linking the users to the NVRAM variables somehow. Because at the moment, my problem with user credentials stored in cleartext in NVRAM still isn't solved.
I wonder how hard will it be to configure AsusWrt to use the Debian vsftpd while still working with what's displayed on the webpage.
If I manage to get FTP/Samba working with proper privileges, I can give up on AiCloud and search for a better and more secure network media player.
 
Also, I think I have tracked down the reason I can't use sudo. I couldn't find an Optware package that included it, so I foolishly added an Optware repository called "syno-x07" in my ipkg.conf file, just because it had a package for sudo.
Long story short, I did install sudo on my router, but it kept telling me "no file found" because the loader couldn't execute it.
The answer may lie somewhere between the lines of these commands:

admin@RT-AC56U-0808:~# file /opt / bin/ sudo
/opt / bin / sudo: ELF 32-bit LSB executable, ARM, version 1, dynamically linked (uses shared libs), for GNU/Linux 2.4.3, stripped
Segmentation fault

admin@RT-AC56U-0808:~# uname -a
Linux RT-AC56U-0808 2.6.36.4brcmarm #1 SMP PREEMPT Tue Dec 23 00:41:13 EST 2014 armv7l GNU/Linux



Removing that repository and reinstalling sudo made all the difference in the world.
 
Last edited:

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top