DSM-G600, DNS-3xx and NSA-220 Hack Forum
Unfortunately no one can be told what fun_plug is - you have to see it for yourself.
You are not logged in.
Announcement
IRC Channel #funplug on irc.freenode.org
#1 2009-01-11 10:33:00
- waddams
- New member
- From: Vancouver, BC
- Registered: 2009-01-11
- Posts: 3
Messed up permissions
I bought the DNS323 a couple of weeks ago and had no idea that so much was possible with this box. I have been lurking around here for a while and it is great forum. This is my first post and of course I have screwed something up.
I have installed funplug 0.5, transmission 1.42 and automatic 0.3 and everything was going great. I followed the horto blog and it was very helpful as is this forum. After downloading a few things with transmission I was having problems moving them with explorer in Windows Vista so I started playing with permissions and groups.
I am using a modified smb.conf that is loaded with sambafix.sh. I tested anything I added to smb.conf before putting it in the file. I added the recycle bin following the bettersamba wiki. Everything worked up to here.
I then made the following changes:
security = USER
create mask = 0770
directory mask = 0770
force create mode = 0770
force directory mode = 0770
I then started changing the group to home and the permissions to 774 on various directories (music, videos, pictures) within /mnt/HD_a2/. Everything was working after these changes (I think). Then I changed the permission on /mnt/HD_a2/ to 774. This is when I think I lost access to files in Windows. I thought it might have been because of the security=USER setting so I changed it back to SHARED. Still no access in Windows, so I rebooted and now I cannot access SSHD anymore.
Windows tells me network access is denied. Putty tells me Network Error: Connection Refused.
I do have access to the web interface and access to FTP, but through FTP I can not access or view anything other than Volume_1. If I try to expand Volume_1 I get permission denied. FTP shows lrwxrwxrwx on Volume_1.
I am very stumped. I have been reading as many posts as possible, but no luck so far.
Last edited by waddams (2009-01-11 10:39:55)
DNS-323 | F/W 1.05 | 1x WD 1 TB | Funplug 0.5 | Transmission 1.42 | Automatic 0.3
Offline
#2 2009-01-11 11:20:42
- mig
- Member
- From: Seattle, WA
- Registered: 2006-12-21
- Posts: 532
Re: Messed up permissions
First, in the smb.conf you should have changed the security option back to:
security = SHARE
(not security = SHARED) this could be why samba is not working.
Can you list your ffp.log file? This will tell you what ffp started.
One problem I see, is with permission 774, especially when applied on a directory.
To be able to list files in a directory, you need the executable bit to be set on that
directory. By using 774 you are restricting directory listing to the owner and group
of the directory. This is quiet restrictive since many directories (for example the
ones installed by ffp) are owned by 'root' with group 'root'. With a 774 permission,
only root will be able to list or access file in that directory. A permission of 775 would
open up the executable bit for "other" and allow and any user to list the contents of
that directory.
The installed permission for the /mnt/HD_a2/ffp directory are (755)root:root
Code:
drwxr-xr-x 11 root root 4096 Jan 7 00:36 ffp
Last edited by mig (2009-01-11 11:28:31)
DNS-323 • 2x Seagate Barracuda ES 7200.10 ST3250620NS 250GB SATAII (3.0Gb/s) 7200RPM 16MB • RAID1 • FW1.03 • ext2
Fonz's v0.3 fun_plug http://www.inreto.de/dns323/fun-plug
Offline
#3 2009-01-12 04:51:34
- waddams
- New member
- From: Vancouver, BC
- Registered: 2009-01-11
- Posts: 3
Re: Messed up permissions
Thanks for the info and the help. I had no idea that a directory needed to be executable to provide a listing. Tough lesson learned.
I couldn't list ffp.log becuase I had no access. I managed to get access by installing the modified firmware with telnet access. http://pedro.larroy.com/files/FrodoII-firmware
I then changed HD_a2 to 775 and everything was fine again.
The security setting was already set back to SHARE. I just made a typo in the post. Thanks again for catching all that.
I still need to learn more about permissions and groups. My main question is with my torrent downloads. Transmission puts files in a directory called incoming as user nobody and group 501. I would like to be able to move the files easily from incoming to any other directory using Windows Explorer in Vista. When I create a directory and a file from Vista I am rob:home. I would like to give only the people in the home group rw access of incoming. In fact I don't really want people without access to have the ability to even read.
It seems there are many ways to set things up, but I'd like follow some rules or accepted guidelines if they exist. For instance root seems to be a standard account and possibly nobody:501. I'd like to understand what directories or files should be root and what should be nobody and why it should it be that way?
Do you have any recommendations on settings things up?
DNS-323 | F/W 1.05 | 1x WD 1 TB | Funplug 0.5 | Transmission 1.42 | Automatic 0.3
Offline