NAS542 Web Login Safari&Firefox not possible sometimes
All Replies
-
Oh, I formulated it wrong. The two-line output (the two 'certs') is also the output after logging in as User to be able to log in as admin. Nothing else in the /etc/ directory changes but the admin credentials start to work.
Edit: A lot of files change in the /sys/ and /proc/ directories, minor changes in /dev/:/dev/ptmx/dev/pts/0/dev/console
in /tmp/:/tmp//tmp/ipcs_info/tmp/pylog
and in /var/:/var/log/samba/log.smbd/var/cache/samba/var/cache/samba/browse.dat/var/run/var/run/utmp
(in case any of this helps - if you think you may need to see what changes in the /sys/ and /proc/ dir, I'll attach a text file)
Edit2: the rbm_running file is stuck there again - however, this time, no "environmental effects" (power outage) could have caused the rbm.sh to stop mid-execution, therefore it has to be stuck due to some unexpected event during its run.0 -
/sys and /proc are no 'real' directories, they peek directly into the internal data structures in the kernel. So changes here are to be expected.The /tmp and /var are in ram only, so any file here is put there after last boot. No way a stalled rbm.sh can lift it's /tmp/rbm_running over a reboot. So possibly rbm.sh is still running. If you have htop installed you can look which child process is responsible for that, using the tree view (F5).Without htop that's also possible (of course) by excutingLINES=500 top -bn 1 | lessand manually searching the child relations. Search for the PID of the rbm.sh script, and then for processes which have that as PPID (parent PID), and maybe even grandchildren. I don't know if that is going anywhere, though./var/log/samba/log.smbd might contain useful information. It's a samba logfile./var/cache/samba/browse.dat is AFAIK a listing of all known samba clients, or something like that. Although the webinterface uses samba login credentials, I don't think your webinterface sessions show up here, or interfere with this file. Yet you can look it it contents./tmp/pylog might also contain useful information. As the name suggests if contains logs from python. The web backend is written in python, so the file might tell whe you can't login.In case you didn't know, you can look at logfiles (and other text files) by executingless /path/to/fileand use the arrow buttons. q to quit.
0 -
When looking into processes, there is no rbm.sh running, so I guess that means it must have crashed (leaving the rbm_runing file). It also doesn't seem to be deleted upon reboot - I have a daily reboot set up at 4am, the rbm_running was created at 3:02am - unless it doesn't keep the time-zone (I am GMT+1, 3:02am GMT would be just after the reboot).
As for the logs:
pylog shows a lot of mentions of tools_cherrypy.py.pre, all records from 2:02am (with a logmsg of 'Bootsup with ...' [various methods])
e.g.:[02/Jan/2021:02:02:13] [tools_cherrypy.py.pre](request_log_callback)(109): Request: POST /log_to_wsgi_server HTTP/1.1[02/Jan/2021:02:02:13] [tools_cherrypy.py.pre](request_log_callback)(110): Arguments: {'logmsg': u'[bootsup.py.pre](<module>)(95): Bootsup with sync_servername()'}[02/Jan/2021:02:02:13] [bootsup.py.pre](<module>)(95): Bootsup with sync_servername()
The log.smbd also lists a lot of
[2021/01/02 03:02:42.525054, 0] ../source3/printing/print_standard.c:68(std_pcap_cache_reload)
Unable to open printcap file /etc/printcap for read!
spanning from 3:02am to 7:48am, then it stops.
The browse.dat then lists just three lines with workgroup, the name of my NAS and the name of my PC.
There are no entries with more recent time stamps.
Edit: the rbm_running file seems to be created on startup, or it got a newer timestamp when I rebooted the NAS now (with the correct time-zone). And still no rbm.sh in running processes.
Edit2: I guess I have solved the mystery of the appearing rbm_running file in tmp folder, it is a f*ckup from my side - about a year ago I have installed Tweaks from the alternative app repository (to disable twonky which was running all the time eating significant share fo processing power, if I remember correctly now) and I must have checked to disable the rbm.sh because it warned about excessive spin-ups of the disks (which I obviously forgot I did). Once I unchecked this option, the rbm_running file has disappeared. I'm really sorry for all the confusion I've caused with this. Anyway, I'll check tomorrow if the admin credentials work. Although the rbm.sh doesn't seem to be fixing the samba secrets file (judging from its output after launching), it just might help keeping the admin credentials working.0 -
I should have thought about Tweaks, as I wrote it. That is also the reason I knew of that rbm.sh script. Some years ago somebody in the zyxelforum.de group had an USB disk which spinned up each two hours. Finding that rbm.sh did that wasn't hard (when I remember well it's the only 2-hour cronjob). Harder was to find what it actually did (had to decompyle some python code, which gave readable function names about recycle bin), and at that time I also wondered about the secrets.tdb file which was checked for corruption.Anyway, implemented the Tweak (which simply does a 'touch /tmp/rbm_running' to keep the script from running), the usb disks didn't spin up anymore, and no-one ever complained about collateral damage in samba login. Except maybe for your problem, but so far it's not yet proven that it's caused by the Tweak.As for the logs, there doesn't ring a bell. I hoped for some error on a failed login.BTW, the spinup is only some USB disks. The python code checks if the disk is spinning, before it does recycle bin maintenance. For some reason that fails for some USB disks, I think because the USB-Sata chip doesn't forward some low-level sata commands, like the question 'are you sleeping?'.
0 -
Today I am able to log in with admin credentials again (without a prior login with the one User account or a prior reboot).
It seems that my samba credentials file might have been getting corrupted and there was nothing fixing it (since I manually disabled it - maybe the rbm.sh ran as soon as I disabled the tweak and therefore when I ran it manually a minute or two later, it didn't show any corruption because it was already fixed). I'm curious about the reason for this hypothetical corruption (if that was indeed the case), but right now I'm glad it's working again. I'm also puzzled why the User login was working and why it 'fixed' the other logins. The secrets.tdb is apparently modified on boot-up (mine has now a time stamp of the last reboot in GMT time), but for some reason this 'boot-up file' doesn't work for more than ~15 minutes without the rbm.sh script allowed.
It might be just a coincidence, but I should have definitely been more careful when restricting the auto-run scripts. I had glanced over the warning and seen mentions of recycle bin and samba, thinking that I didn't need rb maintenance and I wasn't using samba (but didn't know that it was linked to the webinterface).
Again, I'm really sorry for not mentioning (remembering) this earlier, I might have saved you a lot of time.
Thank you for your help and explanations!
(Next time I might dive into the ssl certificates which I can't force to be accepted by my PC - to save myself the two extra clicks to access an 'insecure https page', but I'm going to take a break from meddling with that for now.)0 -
Well, turns out my conclusions were premature. Now even though the rbm.sh is not blocked from running, the admin credentials still don't work sometimes without a previous User login. So I'm back to square one, I guess.. I can't seem to find any changes in any files (excluding /sys, /proc, and /i-data directories). The only changed files over the period of
{Not being able to log in as admin --> loggin in as User --> being able to login as Admin}
are still:
/var/log/samba/log.smbd/var/cache/samba/var/cache/samba/browse.dat/var/run/var/run/utmp/var/locks/locking.tdb/dev/ptmx/dev/pts/0/dev/console/etc/cups/certs/etc/cups/certs/0/tmp/tmp/ugs.log/tmp/ipcs_info/tmp/.Tweaks/Desktop/tmp/.Tweaks/Desktop/available/tmp/pylog0 -
I'm a bit out of ideas. Sorry.
0 -
Ah, ok. Thanks for your help anyway.0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 144 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 238 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.3K Consumer Product
- 247 Service & License
- 384 News and Release
- 83 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight