How to run Syncthing on NAS542 as non-root, or elseway provide synced data rw possibility for users?
Freshman Member
I have admin and non-admin users on my NAS542, connected to NAS shares though Windows share drives accordingly to their NAS users (not as root). Although, when Syncthing (started as root from /opt/bin through /opt/etc/init.d/S92syncthing) copies new data from devices to NAS, all such files are set to root:root, so nor admin, nor non-admin users cannot edit, move, delete data from Windows clients. How can I solve this situation?
Accepted Solution
-
The is no sudo, but you have su. From the startscript of my Pulse package:
Startup()
{
mkdir -p ${PKG_HOME}
chown ${PKG_USER} ${PKG_HOME} su -m ${PKG_USER} -s /bin/sh -c "HOME=$PKG_HOME ${PKG_ROOT}/bin/${PKG_DAEMON} -home=$PKG_HOME -gui-address=\"$( GetLink )\" >${PKG_HOME}/lastlog 2>&1 & " }1
Guru Member
All Replies
-
There no sudo, no sudoers file, no runuser command, no PAM at NAS542. No option like "—run-as-user" in syncthing. No possibility to run syncthing as a per-user service. Set chown of "syncthing" file as new user "syncthing" and group "everyone" is futile - all newly synced file, of cource, are root:root, because "syncthing" file called by root process.
0 -
Of course, checkbox "Ignore permissions" in syncthing shared folders are checked.
0 -
At least how to make synced files/dirs to have mod 666, not 644! 😣
Of course, I can manually set permission of directories (to possibility of move/delete files inside) or files (for possibility to edit them), but do it every time, after each sync, for each new directory or file I need to edit on Windows, where I logged as admin… 😓
0 -
The is no sudo, but you have su. From the startscript of my Pulse package:
Startup()
{
mkdir -p ${PKG_HOME}
chown ${PKG_USER} ${PKG_HOME} su -m ${PKG_USER} -s /bin/sh -c "HOME=$PKG_HOME ${PKG_ROOT}/bin/${PKG_DAEMON} -home=$PKG_HOME -gui-address=\"$( GetLink )\" >${PKG_HOME}/lastlog 2>&1 & " }1 -
Thank you, Master. Do you planning to upgrade OwnCloud, WordPress, PhpMyAdmin packages and PHP newest update, needed for those packages? Everything that is extremely old on NAS 542.
0 -
Sorry, no. Some time ago I tried to create a new samba package, but I got stuck in a dependency chain. The new samba needed newer libraries, which in their term needed newer libraries, …
To provide a newer PhpMyAdmin, I would need to provide a new MySQL and a new Php. The webinterface (apache) calls Php through a shared binary, modphp.so, or something like that. So to be able to use that new Php, I should have to compile a new modphp.so, and probably a new apache. Apache uses libpam to pass the user login to samba, so odds are that libpam and samba has to be upgraded as well.
In short, if you want to exchange key components in a Linux distro, you'll have to exchange the whole distro. In your case you might be able to chroot Debian on that box, this way putting a mature distro next to the firmware. Yet it is some time ago I tried to chroot Debian. Don't know if it's still that simple now they have ditched sysv and embraced systemd.
Another option is Entware.
0
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 167 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 366 USG FLEX H Series
- 293 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.7K Consumer Product
- 265 Service & License
- 408 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight
