Closed soko1 closed 2 years ago
I say it again: let me clarify that wpasupplicant and the other files that were given 777 are required to be writable by user volumio. Please propose impros which satisfy such a requirement.
I foresaw it! the user volumio is in the adm group, and the rights are set to it
660 means that the user (root) and the group (adm) are allowed to write and read, for other (0) you can neither edit nor read the file
for example:
root@audiophile:/etc# chmod 660 /etc/wpa_supplicant/wpa_supplicant.conf
root@audiophile:/etc# su volumio
volumio@audiophile:/etc$ groups
volumio adm lp dialout cdrom floppy audio dip video plugdev netdev i2c input systemd-journal spi gpio
volumio@audiophile:/etc$ echo test >>/etc/wpa_supplicant/wpa_supplicant.conf
volumio@audiophile:/etc$ cat /etc/wpa_supplicant/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
network={
scan_ssid=1
ssid="dlink314"
psk="blablabla"
priority=1
}
test
:)
660
won't work, as our node process won't be able to write to it. The node process is run as volumio:volumio
.
So 640
should work, but all this quite pointless if you ask me, as anyway everything is run using default username password that any "attacker" would obtain with a simple web search..
fix perm for /etc/wpa_supplicant/wpa_supplicant.conf, /etc/mpd.conf