gaenserich / hostsblock

an ad- and malware-blocking script for Linux
https://github.com/gaenserich/hostsblock
225 stars 28 forks source link

problems installing on Xubuntu 16.04.4 #85

Closed palipeaublasee closed 6 years ago

palipeaublasee commented 6 years ago

Hi, I tried installing: $ sudo ./install.sh and got the following result:

getent utility missing. Please install before running this script. Exiting...

getent is installed and functioned correctly: getent passwd returned list of users as expected, including dnsmasq, but no hostsblock user. There is a hostsblock group found when looking via "Users and Groups" (gui). sudo adduser dnsmasq hostsblock reports that dnsmasq is already a member of hostsblock group.

possibly useful info:

$ systemctl status hostsblock.service
● hostsblock.service - Block bad domains system-wide
   Loaded: loaded (/lib/systemd/system/hostsblock.service; static; vendor preset: enabled)
   Active: failed (Result: exit-code) since Sat 2018-04-14 20:07:41 EDT; 40s ago
  Process: 7137 ExecStart=/usr/bin/hostsblock (code=exited, status=217/USER)
 Main PID: 7137 (code=exited, status=217/USER)

Apr 14 20:07:41 my-computer systemd[1]: Starting Block bad domains system-wide...
Apr 14 20:07:41 my-computer systemd[1]: hostsblock.service: Main process exited, code=exited, status=217/USER
Apr 14 20:07:41 my-computer systemd[1]: Failed to start Block bad domains system-wide.
Apr 14 20:07:41 my-computer systemd[1]: hostsblock.service: Unit entered failed state.
Apr 14 20:07:41 my-computer systemd[1]: hostsblock.service: Failed with result 'exit-code'.
$ sudo lsof -i :53
COMMAND  PID    USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
dnsmasq 1058 dnsmasq    4u  IPv4  18950      0t0  UDP localhost:domain 
dnsmasq 1058 dnsmasq    5u  IPv4  18951      0t0  TCP localhost:domain (LISTEN)
dnsmasq 1171  nobody    4u  IPv4  20588      0t0  UDP my-computer:domain 
dnsmasq 1171  nobody    5u  IPv4  20589      0t0  TCP my-computer:domain (LISTEN)
$ sudo netstat -nap | grep :53
tcp     0    0 127.0.1.1:53        0.0.0.0:*      LISTEN      1171/dnsmasq    
tcp     0    0 127.0.0.1:53        0.0.0.0:*      LISTEN      1058dnsmasq    
udp     0    0 0.0.0.0:5353        0.0.0.0:*                  921/avahi-daemon: r
udp     0    0 127.0.1.1:53        0.0.0.0:*                  1171/dnsmasq    
udp     0    0 127.0.0.1:53        0.0.0.0:*                  1058/dnsmasq    
udp6    0    0 :::5353                 :::*                   921/avahi-daemon: r

Thanks.

palipeaublasee commented 6 years ago

At this point there was a hostsblock group, but no hostsblock user, so I created it. By looking in the install.sh script the line is: $ useradd -d "$HOMEDIR" -c "hostsblock" -m -U hostsblock. Trying: $ sudo useradd -d /var/lib/hostsblock -c "hostsblock" -m -U hostsblock did not work, partly maybe because the hostsblock group and its home directory were already present. Tried: $ sudo useradd -c "hostsblock" -g hostsblock but no success. What worked was: $ sudo useradd -c "hostsblock" -MN hostsblock.

Out of curiosity I went into "Users and Groups" and found the hostsblock user in the hostsblock group, but the account was marked as "disabled". I enabled it and entered /bin/bash in the "Shell" field ("Change Advanced User Settings"/gui).

palipeaublasee commented 6 years ago

Now: $ systemctl status hostsblock.service ● hostsblock.service - Block bad domains system-wide Loaded: loaded (/lib/systemd/system/hostsblock.service; static; vendor preset: enabled) Active: failed (Result: exit-code) since Sun 2018-04-15 13:19:53 EDT; 19min ago Process: 15706 ExecStart=/usr/bin/hostsblock (code=exited, status=6) Main PID: 15706 (code=exited, status=6) Apr 15 13:19:53 my-computer systemd[1]: Starting Block bad domains system-wide... Apr 15 13:19:53 my-computer hostsblock[15706]: mkdir: cannot create directory ‘/home/hostsblock’: Permission denied Apr 15 13:19:53 my-computer systemd[1]: hostsblock.service: Main process exited, code=exited, status=6/NOTCONFIGURED Apr 15 13:19:53 my-computer systemd[1]: Failed to start Block bad domains system-wide. Apr 15 13:19:53 my-computer systemd[1]: hostsblock.service: Unit entered failed state. Apr 15 13:19:53 my-computer systemd[1]: hostsblock.service: Failed with result 'exit-code'.

and:

$ hostsblock WRONG PERMISSIONS. RUN AS USER hostsblock, EITHER DIRECTLY OR VIA SUDO, E.G. sudo -u hostsblock /usr/bin/hostsblock You may have to add the following line to the end of sudoers after typing 'sudo visudo': my-username ALL = (hostblock) NOPASSWD: /usr/bin/hostsblock Exiting...

$ sudo hostsblock [sudo] password for my-username: WRONG PERMISSIONS. RUN AS USER hostsblock, EITHER DIRECTLY OR VIA SUDO, E.G. sudo -u hostsblock /usr/bin/hostsblock You may have to add the following line to the end of sudoers after typing 'sudo visudo': root ALL = (hostblock) NOPASSWD: /usr/bin/hostsblock Exiting...

Here are the relevant lines in sudoers: hostsblock ALL = (root) NOPASSWD: /usr/bin/systemctl reload dnsmasq.service my-username ALL = (hostsblock) NOPASSWD: /usr/bin/hostsblock,/usr/bin/hostsblock-urlcheck my-guest ALL = (hostsblock) NOPASSWD: /usr/bin/hostsblock,/usr/bin/hostsblock-urlcheck

About the hostsblock user and group:

$ cat /etc/passwd | grep hostsblock hostsblock:x:1002:1011:hostsblock:/home/hostsblock:/bin/bash

palipeaublasee commented 6 years ago

1) Using [https://github.com/gaenserich/hostsblock/issues/70] as a guide I noticed that /var/lib/hostsblock was OWNED BY ROOT on my system. According to the link above the owner should be "hostsblock" instead of root. So I did:

`$ sudo chown -R hostsblock:hostsblock /var/lib/hostsblock`

VERIFY: `$ ls -ld /var/lib/hostsblock/`
BEFORE: `drwxr-xr-x 2 root root 4096 Mar 26 15:32 /var/lib/hostsblock/`
NOW:    `drwxr-xr-x 2 hostsblock hostsblock 4096 Mar 26 15:32 /var/lib/hostsblock/`

2) Looking at the same page as (1.) I saw that the following files/dirs are supposed to be in /var/lib/hostsblock/: ($ ls -l /var/lib/hostsblock/) total 26924 drwxr-xr-x 2 hostsblock hostsblock 4096 juil. 28 00:00 cache/
-rw-r----- 1 hostsblock hostsblock 154 juil. 27 23:57 black.list -rw-r--r-- 1 hostsblock hostsblock 22374066 juil. 28 00:00 hosts.block -rw-r--r-- 1 hostsblock hostsblock 1360 juil. 27 23:41 hosts.head -rw-r----- 1 hostsblock hostsblock 9646 juil. 27 23:59 hostsblock.conf -rw-r--r-- 1 hostsblock hostsblock 5163435 juil. 28 00:00 hostsblock.db.gz -rw-r----- 1 hostsblock hostsblock 3381 juil. 27 23:56 white.list On my system: total 24 -rw-r--r-- 1 hostsblock hostsblock 18 Mar 26 15:30 black.list -rw-r--r-- 1 hostsblock hostsblock 94 Mar 26 15:32 hosts.head -rw-r--r-- 1 hostsblock hostsblock 10271 Mar 29 15:42 hostsblock.conf -rw-r--r-- 1 hostsblock hostsblock 235 Mar 26 15:31 white.list

I have to figure out how to put the missing files in it, or find out if these missing files are supposed to be created by hostsblock. -> will look some more at "install.sh"

CloudyProton commented 6 years ago

I ran into many of the same problems. Still cannot start hostsblock service.

● hostsblock.service - Block bad domains system-wide Loaded: loaded (/lib/systemd/system/hostsblock.service; static; vendor preset: enabled) Active: failed (Result: exit-code) since Fri 2018-06-08 14:47:00 EDT; 4s ago Process: 32454 ExecStart=/usr/bin/hostsblock (code=exited, status=203/EXEC) Main PID: 32454 (code=exited, status=203/EXEC)

install.sh could use some love.

gaenserich commented 6 years ago

Give the newest git version a try and let me know if this fixes it. It includes more sanity checks that should hopefully preempt issues like this. (f0738805676d3ded67e730e9b0b22d45387fb6dd)

palipeaublasee commented 6 years ago

OK, thank you.

Before I do, should I try to undo everything I did? I know it's impossible for you to know exactly what I have done, but with what info I provided (too much perhaps) can you estimate the chances of messing up the (re-)installation of hostsblock if I don't undo anything beforehand?

There is:

  1. the missing 2 files & 1 dir in var/lib/hostsblock
  2. the hostsblock user/group that I could remove

but there's possibly other things I don't know about.

I don't think I have to change anything to dnsmasq but would like a confirmation if possible.

Thanks.

gaenserich commented 6 years ago

Try it once without changing anything.

palipeaublasee commented 6 years ago

Hi, sorry for the long delay. I'll be quicker in the future.

This is what I got this time:

$ sudo ./install.sh
Destination directory for hostsblock is /usr/bin. Enter a new path or press Enter to keep as is.
/usr/bin 
[Enter]
Are you sure you want to use /usr/bin as your destination directory? [Y/n] Y
./install.sh: line 85: syntax error near unexpected token `done'
./install.sh: line 85: `    done'

... Nothing. Back to prompt.

gaenserich commented 6 years ago

No worries. Life often gets in the way of important things like scripting hobbies such as this one. :-P

I think I know what the issue is, and fixed it with 9aac8097d417d42dc9c7aa4175105d4e505d8879. Download the latest version here: https://github.com/gaenserich/hostsblock/archive/master.zip or via git.

If it still throws an error, do the following:

In the install.sh script, change the first couple lines from this:

!/bin/bash

Install script for hostsblock.


to this:

!/bin/bash

set -x

Install script for hostsblock.


Then run as you did before. Send me what the terminal coughs out.

palipeaublasee commented 6 years ago

It looks like the install.sh script worked fine this time (no modifications):

$ sudo ./install.sh
[sudo] password for my-username: 

Destination directory for hostsblock is /usr/bin. Enter a new path or press 
Enter to keep as is.
[/usr/bin] 

Are you sure you want to use /usr/bin as your destination directory?
[Y/n] Y

Using preexisting user 'hostsblock'

User 'hostsblock' has home directory /home/hostsblock. Enter a new path or 
press Enter to keep as is.
[/home/hostsblock] 

Are you sure you want to use /home/hostsblock as hostsblock's home directory?
[Y/n] Y

Using preexisting group 'hostsblock'

In order to manage hostsblock correctly, you must run the script as the user 
'hostsblock', even when using the 'hostsblock-urlcheck' script (aka 'hostsblock 
-c'). To do so, type 'sudo -u hostsblock hostsblock' or 'sudo -u hostsblock 
hostsblock-urlcheck', etc. Before you can do this, however, the following line 
must be added to sudoers:
jake    ALL =   (hostsblock)    NOPASSWD: /usr/bin/hostsblock,/usr/bin/hostsblock-urlcheck

where 'jake' is the user from which you want to manage hostsblock. Do you want 
to add this line to the bottom of sudoers right now? (if so, make sure to copy 
the text now).
[y/N] N

Setting up permissions for hostsblock home directory /home/hostsblock...

Should I enable and/or start the hostsblock service? (Requires systemd)

1) Only Enable
2) Only Start
3) Start and Enable
4) Do Nothing (Default)
[1-4] 4

hostsblock is now installed. Check out the configuration file under 
/home/hostsblock/hostsblock.conf. By default, hostsblock does not directly 
write to /etc/hosts or manipulate your dnsmasq daemon. To make it do so, see 
the instructions included in /home/hostsblock/hostsblock.conf

But ... see my next message.

palipeaublasee commented 6 years ago

Keep in mind I'm a novice with respect to shell (bash) scripting.

$ ls -l /var/lib/hostsblock/
total 24
-rw-r--r-- 1 hostsblock hostsblock    18 Mar 26 15:30 black.list
-rw-r--r-- 1 hostsblock hostsblock    94 Mar 26 15:32 hosts.head
-rw-r--r-- 1 hostsblock hostsblock 10271 Mar 29 15:42 hostsblock.conf
-rw-r--r-- 1 hostsblock hostsblock   235 Mar 26 15:31 white.list

$ systemctl status hostsblock.service
● hostsblock.service - Block bad domains system-wide
   Loaded: loaded (/lib/systemd/system/hostsblock.service; static; vendor preset: enabled)
   Active: inactive (dead)

$ hostsblock
WRONG PERMISSIONS. RUN AS USER hostsblock, EITHER DIRECTLY OR VIA SUDO, E.G. sudo -u hostsblock /usr/bin/hostsblock 
You may have to add the following line to the end of sudoers after typing 'sudo visudo':
 my-username    ALL =   (hostblock) NOPASSWD:   /usr/bin/hostsblock
Exiting...

$ sudo -u hostsblock /usr/bin/hostsblock
mkdir: cannot create directory ‘/home/my-username/cache’: Permission denied
Checking blocklists for updates...
/usr/bin/hostsblock: line 346: /home/my-username/cache/support.it-mate.co.uk.downloads.HOSTS.txt.url: No such file or directory
FAILED to refresh/download blocklist http://support.it-mate.co.uk/downloads/HOSTS.txt
No new changes. DONE.

I don't know if it matters but the hostsblock-master directory with the install.sh file are not in my /home/ but in a separate data partition. That is where I chose to put them. If that's the source of the problem I could simply move it to my /home/ and run install.sh again. I will not do this unless you tell me to though.

Thanks.

gaenserich commented 6 years ago

The location of the installation directory shouldn't matter. Could you run the following give the information it spits out:


getent passwd hostsblock

It should spit out something like this:

hostsblock:x:1001:1001:hostsblock:/var/lib/hostsblock:/bin/bash

Where "/var/lib/hostsblock" is its home directory. If what it spits out for your home directory is what you gave, I think the issue is with sudo re-setting the $HOME variable to the invoking user's $HOME. A quick fix would then be to change all the instances of "$HOME" in hostsblock.conf to hostsblock's actual home directory, e.g. insert this as the first line of hostsblock.conf:


HOME="/var/lib/hostsblock"

palipeaublasee commented 6 years ago
$ getent passwd hostsblock
hostsblock:x:1002:1011:hostsblock,,,,:/home/hostsblock:/bin/bash

It's that way because I did 'Enter' to keep preexisting user "hostsblock" in this last run of the installation script (see my first post of Apr 15).

$ sudo useradd -c "hostsblock" -MN hostsblock

is what I had done on the terminal when I was trying to install "hostsblock" initially.

Also right now, from $ getent group: ... hostsblock:x:1011:my-username,my-guest,dnsmasq,hostsblock ...

Now just to be sure I understand, you suggest that it is simpler to keep hostsblock's home dir as is (/home/hostsblock) and edit [hostsblock.conf] to reflect this, rather than changing the 'hostsblock' user's home dir to /var/lib/hostsblock. Am I correct?

Looking at my notes I think I chose this location only because that seemed like the most standard. It could perhaps simplify backups also.

palipeaublasee commented 6 years ago

I'm not sure if I should leave the 'hostsblock' home dir as is if that's not the way it's supposed to be. Perhaps it's not important. I don't know.

It looks like during my first attempt at installing, the script stopped/broke at the point of creating the 'hostsblock' user. I think I made things worse when trying to go manually and adding the 'hostsblock' user. That's when either I entered its home directory, or it was already selected by default.

Anyway this was my fault and I don't think this info will be useful to others. So you may deleted this post if you want later, when this thread is finished. Also I don't want to use too much of your time needlessly, so I don't mind doing as you suggest, but I don't really know what the implications are. If it only affects hostsblock then it's fine.

Thank you for your patience.

gaenserich commented 6 years ago

Il n'y a pas de souci!

It should not matter where the home dir for hostsblock sits, just its permissions and that it knows that this directory is its home.

I'm fairly certain that the issue lies with sudo. I'm adding a check to make sure that the HOME variable matches the hostsblock user's asserted home directory: 2088a122938a351a519c38985d4e952873f1ce3c

palipeaublasee commented 6 years ago

It looks like a success on my end.

I ran install.sh again, telling it to keep my current hostsblock home dir. I'm sorry I forgot the other options. I overwrote some (about) 5 files. It ended up with the same successful installation message as the last time. Unfortunately, in my exalted state of anticipation I tried journalctl -xe and the buffer filled up and I lost my record of the install process. I know there's a way to get it but I don't have time anymore.

Here is what I did after, just to check things, explore:

$ sudo -u hostsblock /usr/bin/hostsblock
Checking blocklists for updates...
No new changes. DONE.

$ systemctl stop hostsblock.service
Warning: Stopping hostsblock.service, but it can still be activated by:
  hostsblock.timer

$ ls -l /home/hostsblock/
total 16112
-rw-r--r-- 1 hostsblock hostsblock       18 Jul 19 20:20 black.list
drwxr-xr-x 2 hostsblock hostsblock     4096 Jul 19 00:00 cache
-rw-r--r-- 1 hostsblock hostsblock 13199917 Jul 19 00:00 hosts.block
-rw-r--r-- 1 hostsblock hostsblock       94 Jul 19 20:20 hosts.head
-rw-r--r-- 1 hostsblock hostsblock    12252 Jul 19 20:20 hostsblock.conf
-rw-r--r-- 1 hostsblock hostsblock  3264539 Jul 19 00:00 hostsblock.db.gz
-rw-r--r-- 1 hostsblock hostsblock      235 Jul 19 20:20 white.list

$ systemctl status hostsblock.service 
● hostsblock.service - Block bad domains system-wide
   Loaded: loaded (/lib/systemd/system/hostsblock.service; static; vendor preset: enabled)
   Active: inactive (dead) since Thu 2018-07-19 20:31:08 EDT; 1h 20min ago
  Process: 8438 ExecStart=/usr/bin/hostsblock (code=exited, status=0/SUCCESS)
 Main PID: 8438 (code=exited, status=0/SUCCESS)

Jul 19 20:31:04 my-computer systemd[1]: Starting Block bad domains system-wide...
Jul 19 20:31:04 my-computer hostsblock[8438]: Checking blocklists for updates...
Jul 19 20:31:08 my-computer systemd[1]: Started Block bad domains system-wide.
Jul 19 21:08:37 my-computer systemd[1]: Stopped Block bad domains system-wide.

$ systemctl start hostsblock.service

$ getent passwd hostsblock 
hostsblock:x:1002:1011:hostsblock,,,,:/home/hostsblock:/bin/bash

$ sudo ls -l /home/hostsblock/
total 16112
-rw-r--r-- 1 hostsblock hostsblock       18 Jul 19 20:20 black.list
drwxr-xr-x 2 hostsblock hostsblock     4096 Jul 19 00:00 cache
-rw-r--r-- 1 hostsblock hostsblock 13199917 Jul 19 00:00 hosts.block
-rw-r--r-- 1 hostsblock hostsblock       94 Jul 19 20:20 hosts.head
-rw-r--r-- 1 hostsblock hostsblock    12252 Jul 19 20:20 hostsblock.conf
-rw-r--r-- 1 hostsblock hostsblock  3264539 Jul 19 00:00 hostsblock.db.gz
-rw-r--r-- 1 hostsblock hostsblock      235 Jul 19 20:20 white.list

$ sudo dnsmasq --test
dnsmasq: syntax check OK.

$ systemctl status dnsmasq.service
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
   Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
  Drop-In: /run/systemd/generator/dnsmasq.service.d
           └─50-dnsmasq-$named.conf, 50-insserv.conf-$named.conf
   Active: active (running) since Thu 2018-07-19 12:28:14 EDT; 9h ago
 Main PID: 1091 (dnsmasq)
   CGroup: /system.slice/dnsmasq.service
           └─1091 /usr/sbin/dnsmasq -x /var/run/dnsmasq/dnsmasq.pid -u dnsmasq -r /var/run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dis

Jul 19 12:28:14 my-computer dnsmasq[1091]: reading /var/run/dnsmasq/resolv.conf
Jul 19 12:28:14 my-computer dnsmasq[1091]: using nameserver 127.0.1.1#53
Jul 19 12:28:16 my-computer dnsmasq[1091]: reading /var/run/dnsmasq/resolv.conf
Jul 19 12:28:16 my-computer dnsmasq[1091]: using nameserver 192.168.0.1#53
Jul 19 12:28:16 my-computer dnsmasq[1091]: using nameserver 127.0.1.1#53
Jul 19 15:04:31 my-computer dnsmasq[1091]: reading /var/run/dnsmasq/resolv.conf
Jul 19 15:04:31 my-computer dnsmasq[1091]: using nameserver 127.0.1.1#53
Jul 19 17:45:00 my-computer dnsmasq[1091]: reading /var/run/dnsmasq/resolv.conf
Jul 19 17:45:00 my-computer dnsmasq[1091]: using nameserver 192.168.0.1#53
Jul 19 17:45:00 my-computer dnsmasq[1091]: using nameserver 127.0.1.1#53

$ sudo -u dnsmasq tail /home/hostsblock/hosts.block
127.0.0.1 www.htttwitter.com
127.0.0.1 www.htwgroup.biz
127.0.0.1 www.htwood.ae
127.0.0.1 www.htxbxkvol.cn
127.0.0.1 www.htxofldwu.bid
127.0.0.1 www.htxxjmlarderers.download
127.0.0.1 www.huabaoagency.com
127.0.0.1 www.huaguruncho.com
127.0.0.1 www.huahaimarine.com
127.0.0.1 www.huahin-lawyers.com

Let me know if you need other info on what I did or my hostsblock setup, run tests, etc.

Merci beaucoup.