CRITICAL FIX: Add safety checks to prevent breaking system files
ISSUE: Previous version could break sudo and system files The recursive chown/chmod commands in configure_user_shares() and create_share() could modify system directories like /usr, /etc, /home causing critical system breakage including sudo permissions. ROOT CAUSE: - No validation of paths before recursive operations - Could modify /, /usr, /home and other system directories - Broke /usr/bin/sudo permissions (needs uid 0 and setuid bit) SOLUTION: Added comprehensive path safety checks New function: is_safe_path_for_permissions() - Blacklists ALL dangerous system paths: /, /usr, /etc, /bin, /var, etc. - Only allows /mnt/* (external disk mounts) - Only allows /home/user/subdir (not /home or /home/user itself) - Returns error for any system directory Protection applied to: 1. create_share() - disk share creation (line 326) 2. configure_user_shares() - user access configuration (line 869) Behavior: - Safe paths (/mnt/*): Permissions applied normally - Unsafe paths: Prints warning, skips permission changes - Users must manually set permissions for system directories Emergency fix instructions added to README: - How to fix broken sudo (chown root:root /usr/bin/sudo && chmod 4755) - Multiple recovery methods (root shell, su, recovery mode) - Clear warning about older versions This prevents catastrophic system breakage while still allowing proper multi-user access for external disk shares. APOLOGIES TO USERS: If you were affected by the previous version, I'm deeply sorry for breaking your system. Please follow the recovery instructions in the README. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
mxnticek
parent
32256f1f5f
commit
6152fced71
2 changed files with 90 additions and 7 deletions
30
README.md
30
README.md
|
|
@ -200,6 +200,36 @@ Perfect for initial setup or adding multiple disks at once!
|
|||
|
||||
## Troubleshooting
|
||||
|
||||
### CRITICAL: If sudo is broken after running user-access
|
||||
|
||||
**Symptoms**: `sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set`
|
||||
|
||||
**This happened if you ran an older version (before v1.3) that modified system directories.**
|
||||
|
||||
**Fix (choose one method):**
|
||||
|
||||
**Method 1 - If you're still root in a shell:**
|
||||
```bash
|
||||
chown root:root /usr/bin/sudo
|
||||
chmod 4755 /usr/bin/sudo
|
||||
```
|
||||
|
||||
**Method 2 - Switch to root user:**
|
||||
```bash
|
||||
su -
|
||||
chown root:root /usr/bin/sudo
|
||||
chmod 4755 /usr/bin/sudo
|
||||
exit
|
||||
```
|
||||
|
||||
**Method 3 - Recovery mode:**
|
||||
1. Reboot and select recovery/single-user mode in GRUB
|
||||
2. Mount filesystem: `mount -o remount,rw /`
|
||||
3. Fix sudo: `chown root:root /usr/bin/sudo && chmod 4755 /usr/bin/sudo`
|
||||
4. Reboot normally
|
||||
|
||||
**After fixing sudo, update to the latest version of FSA which has safety checks!**
|
||||
|
||||
### Check service status
|
||||
```bash
|
||||
sudo systemctl status smbd nmbd
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue