System files/folders ownership not router admin

[peepsnet]

Router: RT-AC3100
Ver: 384.12

I did something to my router RT-AC3100 and now:

When I SSH in to the router all my files/folders are owned by a user that is not the root/admin:

cd /
ls -lah

drwxr-xr-x   17 user1 root         320 Jun 21 18:34 .
drwxr-xr-x   17 user1 root         320 Jun 21 18:34 ..
drwxr-xr-x    2 user1 root         787 Jun 21 18:33 bin
drwxr-xr-x    2 user1 root           3 Jun 21 18:34 cifs1
drwxr-xr-x    2 user1 root           3 Jun 21 18:34 cifs2
drwxr-xr-x    6 user1 root        1.6K Jul 18 18:18 dev
lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 etc -> tmp/etc
lrwxrwxrwx    1 user1 root           8 Jun 21 18:34 home -> tmp/home
drwxr-xr-x   11 user1 root           0 Jul 18 18:26 jffs
drwxr-xr-x    3 user1 root         293 Jun 21 18:34 lib
lrwxrwxrwx    1 user1 root           9 Jun 21 18:34 media -> tmp/media
drwxr-xr-x    2 user1 root           3 Jun 21 18:34 mmc
lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 mnt -> tmp/mnt
lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 opt -> tmp/opt
dr-xr-xr-x  170 user1 root           0 Dec 31  1969 proc
drwxr-xr-x    5 user1 root         143 Jun 21 18:33 rom
lrwxrwxrwx    1 user1 root          13 Jun 21 18:34 root -> tmp/home/root
drwxr-xr-x    2 user1 root        2.6K Jun 21 18:33 sbin
drwxr-xr-x   11 user1 root           0 Dec 31  1969 sys
drwxr-xr-x    2 user1 root           3 Jun 21 18:34 sysroot
drwxrwxrwx   17 user1 root        1.3K Jul 18 18:26 tmp
drwxr-xr-x   11 user1 root         180 Jun 21 18:34 usr
lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 var -> tmp/var
drwxrwxr-x   14 user1 root        8.1K Jun 21 18:34 www

I am not able to get this back to the admin with chown

From what I can tell this has also prevented many of my samba/FTP from being writable.

In addition to the above issues I am not able to set/change any permissions on the FTP webGUI.

Ever after a complete reset the system still has all the files/folders owned by user1 even though after the reset the user no longer exists.

I was also not able to revert back to the Stock latest ASUS firmware.

Ideas???

 

[ColinTaylor]

You can't chown files in the root directory because that is ROM.

What is the output of these commands:

# ls -ln /

# cd /etc
# cat passwd

 

[Swistheater]

Router: RT-AC3100
Ver: 384.12

I did something to my router RT-AC3100 and now:

When I SSH in to the router all my files/folders are owned by a user that is not the root/admin:

cd /
ls -lah

drwxr-xr-x   17 user1 root         320 Jun 21 18:34 .
drwxr-xr-x   17 user1 root         320 Jun 21 18:34 ..
drwxr-xr-x    2 user1 root         787 Jun 21 18:33 bin
drwxr-xr-x    2 user1 root           3 Jun 21 18:34 cifs1
drwxr-xr-x    2 user1 root           3 Jun 21 18:34 cifs2
drwxr-xr-x    6 user1 root        1.6K Jul 18 18:18 dev
lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 etc -> tmp/etc
lrwxrwxrwx    1 user1 root           8 Jun 21 18:34 home -> tmp/home
drwxr-xr-x   11 user1 root           0 Jul 18 18:26 jffs
drwxr-xr-x    3 user1 root         293 Jun 21 18:34 lib
lrwxrwxrwx    1 user1 root           9 Jun 21 18:34 media -> tmp/media
drwxr-xr-x    2 user1 root           3 Jun 21 18:34 mmc
lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 mnt -> tmp/mnt
lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 opt -> tmp/opt
dr-xr-xr-x  170 user1 root           0 Dec 31  1969 proc
drwxr-xr-x    5 user1 root         143 Jun 21 18:33 rom
lrwxrwxrwx    1 user1 root          13 Jun 21 18:34 root -> tmp/home/root
drwxr-xr-x    2 user1 root        2.6K Jun 21 18:33 sbin
drwxr-xr-x   11 user1 root           0 Dec 31  1969 sys
drwxr-xr-x    2 user1 root           3 Jun 21 18:34 sysroot
drwxrwxrwx   17 user1 root        1.3K Jul 18 18:26 tmp
drwxr-xr-x   11 user1 root         180 Jun 21 18:34 usr
lrwxrwxrwx    1 user1 root           7 Jun 21 18:34 var -> tmp/var
drwxrwxr-x   14 user1 root        8.1K Jun 21 18:34 www

I am not able to get this back to the admin with chown

From what I can tell this has also prevented many of my samba/FTP from being writable.

In addition to the above issues I am not able to set/change any permissions on the FTP webGUI.

Ever after a complete reset the system still has all the files/folders owned by user1 even though after the reset the user no longer exists.

I was also not able to revert back to the Stock latest ASUS firmware.

Ideas???

well first off try unmount any flash drives or hard drives before you try flashing make sure jffs is turned off also.

 

[thelonelycoder]

I did something to my router RT-AC3100 and now:

When I SSH in to the router all my files/folders are owned by a user that is not the root/admin:

When changing the "Router Login Name" through the router UI it changes the owner of all relevant files/folders immediately to <new user> <group> which in your case is <user1> and <root>. The group name is always root. SSH login credentials are always the same as the router login unless another SSH server is configured through Entware or other third party software.

 

[peepsnet]

You can't chown files in the root directory because that is ROM.

What is the output of these commands:

# ls -ln /

# cd /etc
# cat passwd

Here you go

drwxr-xr-x    2 0        0              787 Jun 21 18:33 bin
drwxr-xr-x    2 0        0                3 Jun 21 18:34 cifs1
drwxr-xr-x    2 0        0                3 Jun 21 18:34 cifs2
drwxr-xr-x    6 0        0             1760 Jul 19 20:44 dev
lrwxrwxrwx    1 0        0                7 Jun 21 18:34 etc -> tmp/etc
lrwxrwxrwx    1 0        0                8 Jun 21 18:34 home -> tmp/home
drwxr-xr-x   11 0        0                0 Jul 20 07:51 jffs
drwxr-xr-x    3 0        0              293 Jun 21 18:34 lib
lrwxrwxrwx    1 0        0                9 Jun 21 18:34 media -> tmp/media
drwxr-xr-x    2 0        0                3 Jun 21 18:34 mmc
lrwxrwxrwx    1 0        0                7 Jun 21 18:34 mnt -> tmp/mnt
lrwxrwxrwx    1 0        0                7 Jun 21 18:34 opt -> tmp/opt
dr-xr-xr-x  153 0        0                0 Dec 31  1969 proc
drwxr-xr-x    5 0        0              143 Jun 21 18:33 rom
lrwxrwxrwx    1 0        0               13 Jun 21 18:34 root -> tmp/home/root
drwxr-xr-x    2 0        0             2707 Jun 21 18:33 sbin
drwxr-xr-x   11 0        0                0 Dec 31  1969 sys
drwxr-xr-x    2 0        0                3 Jun 21 18:34 sysroot
drwxrwxrwx   17 0        0             1340 Jul 20 07:52 tmp
drwxr-xr-x   11 0        0              180 Jun 21 18:34 usr
lrwxrwxrwx    1 0        0                7 Jun 21 18:34 var -> tmp/var
drwxrwxr-x   14 0        0             8282 Jun 21 18:34 www

The names have been changed to protect the innocent...

cd /etc
cat passwd

routerAdmin:x:0:0:routerAdmin:/root:/bin/sh
nas:x:100:100:nas:/dev/null:/dev/null
nobody:x:65534:65534:nobody:/dev/null:/dev/null
tor:x:65533:65533:tor:/dev/null:/dev/null
user1:x:501:501::/dev/null:/dev/null
user2:x:502:502::/dev/null:/dev/null
user3:x:503:503::/dev/null:/dev/null
user4:x:504:504::/dev/null:/dev/null
user5:x:505:505::/dev/null:/dev/null
user1:x:200:200::/dev/null:/dev/null
user2:x:201:200::/dev/null:/dev/null

 

[peepsnet]

When changing the "Router Login Name" through the router UI it changes the owner of all relevant files/folders immediately to <new user> <group> which in your case is <user1> and <root>. The group name is always root. SSH login credentials are always the same as the router login unless another SSH server is configured through Entware or other third party software.

I do have entware installed.

I am logging into SSH with "routerAdmin". I cannot SSH in with any other username.

 

[ColinTaylor]

Here you go

That all looks as expected. The files are owned by uid 0 (the "root" account)

The names have been changed to protect the innocent...

I wish you wouldn't. We're already dealing with a bizarre situation without you adding another level uncertainty by doctoring the output. Do any of the actual account names contain any characters other than a-z, A-Z and 0-9?

cd /etc
cat passwd

routerAdmin:x:0:0:routerAdmin:/root:/bin/sh
nas:x:100:100:nas:/dev/null:/dev/null
nobody:x:65534:65534:nobody:/dev/null:/dev/null
tor:x:65533:65533:tor:/dev/null:/dev/null
user1:x:501:501::/dev/null:/dev/null
user2:x:502:502::/dev/null:/dev/null
user3:x:503:503::/dev/null:/dev/null
user4:x:504:504::/dev/null:/dev/null
user5:x:505:505::/dev/null:/dev/null
user1:x:200:200::/dev/null:/dev/null
user2:x:201:200::/dev/null:/dev/null

You said initially that "Even after a complete reset the system still has all the files/folders owned by user1 even though after the reset the user no longer exists." And yet we can clearly see that user1 does exist.

We now know that the files in the root directory are owned by uid 0, so given your passwd file I can't see how it's possible for them to be displayed as anything other than "routerAdmin".

I do have entware installed.

Disable the running of custom scripts and config in the router's GUI and reboot. Check the account names again to see if that was causing the problem.

You said you did a factory reset of your router. Can you confirm that afterwards you manually setup the router and did not reload a saved settings file?

 

[peepsnet]

Do any of the actual account names contain any characters other than a-z, A-Z and 0-9?

NO

You said initially that "Even after a complete reset the system still has all the files/folders owned by user1 even though after the reset the user no longer exists." And yet we can clearly see that user1 does exist.

You said you did a factory reset of your router. Can you confirm that afterwards you manually setup the router and did not reload a saved settings file?

I used the WebUI to select a complete system restore

Then enables SSH and logged in and still all the files showed "user1"

We now know that the files in the root directory are owned by uid 0, so given your passwd file I can't see how it's possible for them to be displayed as anything other than "routerAdmin".

And yet here we are... LOL

Disable the running of custom scripts and config in the router's GUI and reboot. Check the account names again to see if that was causing the problem.

I had already removed all drives and checked this during the complete restore.
I removed all drives restored the Router.
Confirmed the restore worked because the SSIDs were default and I used the WebUI setup walkthrough
Got to the main "Network Map" screen and then enabled SSH and logged in to see if anything changed.
It was still user1 but no user1 was in the SAMBA/FTP area.

I then stated to setup all the DHCP stuff Firewall stuff...
That got tiring and i figgured since the user didnt change... I then loaded the Settings Backup file just so I had all my things back to a usable state and went to bed!!

Got up this morning and wrote this post!! LOL

 

[ColinTaylor]

Is user1 actually called user1 or is this another name you have changed?

 

[peepsnet]

Is user1 actually called user1 or is this another name you have changed?

user1 is peepsnet

 

[thelonelycoder]

user1 is peepsnet

And now I am totally lost.

 

[peepsnet]

And now I am totally lost.

The main question is why are my files/folders not showing the correct username but seem to be owned by the correct UID?

What would cause that?? Where can I look?

And as a side in the original post I also mentioned:
In addition to the above issues I am not able to set/change any permissions on the FTP webGUI.

 

[ColinTaylor]

Sorry, I'm giving up on this. The solution is not obvious and when the information you are giving is misleading and the output has been altered it's not worth the effort pursuing it.

 

[thelonelycoder]

And as a side in the original post I also mentioned:
In addition to the above issues I am not able to set/change any permissions on the FTP webGUI.

Time for a @L&LD minimal and manual configuration treatment:
https://www.snbforums.com/threads/n...l-and-manual-configuration.27115/#post-205573

 

[peepsnet]

This time I did a system restore with the box checked just as I did before and when asked for the routers new admin name I changed it to a new name different from the previous admin and other users and I am now running normal again.

I do not know what the issue was...

Now I have hours of DHCP and FIREWALL settings to restore.