[LEDE-DEV] dnsmasq: failed to load names from /etc/hosts: Permission denied
Arjen de Korte
arjen+lede at de-korte.org
Fri Sep 30 13:11:23 PDT 2016
Citeren Arjen de Korte <arjen+lede at de-korte.org>:
> Same for /etc/ethers: Permission denied. This used to work fine
> (last version checked 1648), but now with 1725 I see the above
> problem.
>
> Possibly related, LuCI won't load anymore:
>
> Forbidden
> You don't have permission to access /cgi-bin/luci on this server.
>
> Any clues where to look?
Already figured it out, 'git bisect' is my friend:
commit a16a8814ead80984ce4ef7bed756434119b3aafa
Author: Matthias Schiffer <mschiffer at universe-factory.net>
Date: Mon Sep 26 15:25:37 2016 +0200
image: don't modify file permissions before rootfs generation
Modifying the file permissions can be harmful, as it would make files
world-readable even if they weren't in the ipk packages. The
Image/mkfs/prepare step is removed completely, as it is redundant
now (/tmp
and /overlay are already provided by base-files with the correct
permissions).
It has been verified that this change does not affect any permissions of
files in the default package set except /etc/ppp/chap-secrets, which was
world-readable before. All packages not in the default set are more likely
to be installed via opkg than being part of a base image and thus were
usually not affected by the permission modification anyways.
Signed-off-by: Matthias Schiffer <mschiffer at universe-factory.net>
This additionally breaks reading '/etc/hosts' and '/etc/ethers', which
are both used by dnsmasq (a default package).
Additionally it also breaks LuCI when bundled in the sysupgrade image.
How to work around this? I consider this a huge drawback of this
commit, as it seems to prevent LuCI from bundling in a sysupgrade
image, which makes it much harder for not-so-tech-savvy users to use it.
Regards, Arjen
More information about the Lede-dev
mailing list