Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: Automatic Root Enabling Plugin

  1. #1
    Join Date
    May 2010
    Location
    In the land of make believe.
    Posts
    501

    Cool Automatic Root Enabling Plugin

    Quoting myself...
    Disclaimer:

    I am a firm believer in giving unlimited access to the hardware you own to those who wish to have it. With this power, comes responsibility. In this case, you are accepting responsibility for your actions should you choose to do this. I am fairly certain you can pretty much kiss your warranty goodbye if anything goes wrong.
    I finally managed to hack apart the plugin format, and created a simple, kinda half-assed rooting plugin that just erases the root password on boot up. I have actually already found a way to simply allow the admin user to login (using whatever password you set) but have run out of time until this weekend to re-engineer it.

    rooter.zip

    Download the ZIP, unpack it, and login to your Javelin web interface.

    Got to Administrator -> File & Print -> Application Plug-ins, click Application Plug-in on the tab, and then click browse. Find rooter.ppg and select it. The system will indicate it is working for 45-60 seconds, then display "The application has been plug-in successfully."

    Click OK, then go to System -> Reboot / Shutdown, select 'Reboot' then hit OK, then hit Yes.

    When you hear the Beep on Reboot (unless you disabled it) you can now telnet to port 2380, and type in root. It will NOT prompt you for a password. You now have root access.

    To uninstall the plugin, type "rm /APP/Rooter -rf" and press enter. Then reboot the unit from its web interface, the root user will then be secured.

    EDIT: This all works SOOO much better if i actually add the file...
    Last edited by BadIntentions; 06-14-2011 at 08:00 AM. Reason: DOH, forgot to add the file!
    I AM NOT A PATRIOT MEMORY EMPLOYEE.

    But they have, on occasion, bribed me with hardware.



    I am happy to help, but don't PM me. Post a thread in the appropriate forum so others may benefit and offer assistance.
    Your lack of planning is not an emergency on my part.

  2. #2

    Default

    Quick question - any idea how to get the Javelin to allow more than one telnet session at a time?

    I decided to move some data from VOLUME1 to VOLUME2 (400GB or so) and want to monitor the process and look around a bit more in the meantime but, when I attempt to telnet in via another session, it tells me "Login incorrect". Perhaps I can't log into the same port (2380) twice?

    Just wondering.

    Kevin

  3. #3
    Join Date
    May 2010
    Location
    In the land of make believe.
    Posts
    501

    Default

    I have noticed you can only have one session open at a time via root. I have not yet found a way around this.
    I AM NOT A PATRIOT MEMORY EMPLOYEE.

    But they have, on occasion, bribed me with hardware.



    I am happy to help, but don't PM me. Post a thread in the appropriate forum so others may benefit and offer assistance.
    Your lack of planning is not an emergency on my part.

  4. #4
    Join Date
    Jul 2011
    Location
    Merrimack, NH, USA
    Posts
    28

    Thumbs up Thanks!

    This works GREAT! Thank you for the efforts.

    Note that you can change the root password after logging in without one. Simply type:

    # passwd root

    and choose something slightly more secure than <null>.

    - Dave

  5. #5
    Join Date
    Jul 2011
    Location
    Merrimack, NH, USA
    Posts
    28

    Default

    Quote Originally Posted by ViperGeek View Post
    Note that you can change the root password after logging in without one. Simply type:

    # passwd root

    and choose something slightly more secure than <null>.
    I found out this doesn't survive reboots. Once I rebooted the Javelin S4 server, root was re-reset back to a null password.

    After I install the Rooter add-on and set the root password, can I uninstall Rooter and have the newly set root password stick?

    - Dave

  6. #6
    Join Date
    May 2010
    Location
    In the land of make believe.
    Posts
    501

    Default

    The rooter IS designed to reset root every reboot. As far as i know, the Javelin will reset the root password every reboot... I think. I cant really recall. I have a better system I am working on anyway, which allows the admin user to telnet in, and issue root commands with su.

    I am also working on SSH support with dropbear.
    I AM NOT A PATRIOT MEMORY EMPLOYEE.

    But they have, on occasion, bribed me with hardware.



    I am happy to help, but don't PM me. Post a thread in the appropriate forum so others may benefit and offer assistance.
    Your lack of planning is not an emergency on my part.

  7. #7

    Default

    I have not yet tried this since rooter handles this fine when I need it - you *should* be able to log in with rooter enabled, change the password, exit telnet, disable rooter, and reboot the Javelin to see if the root password stuck. The question is (Badintentions will have to chime in here) is if disabling rooter does anything to the password when it "disables" before the reboot. My guess is it doesn't which means the new root password should remain. After a reboot, this will show you if the Javelin itself resets the root password upon boot.

    All I know is that my Mvix Ultio also runs Busybox as its OS and I've changed the root password on that device which stuck. I don't see why the Javelin should be any different but who knows?

    Try it and let us know!

  8. #8
    Join Date
    Jul 2011
    Location
    Merrimack, NH, USA
    Posts
    28

    Default

    Thanks for all the replies.

    I uninstalled Rooter and so far access via my non-null root password still works. I can't say for 100% sure whether I've rebooted the server since then, but I will keep you posted if I end up locking myself out. This little, white box has been humming along so well, saving me gigawatts of expensive electricity (it took the file-serving chores away from a 550W full tower PC), that I haven't had the need or desire to reboot it. :-)

    - Dave

  9. #9
    Join Date
    Jul 2011
    Location
    Merrimack, NH, USA
    Posts
    28

    Default

    Quote Originally Posted by ViperGeek View Post
    Thanks for all the replies.

    I uninstalled Rooter and so far access via my non-null root password still works. I can't say for 100% sure whether I've rebooted the server since then, but I will keep you posted if I end up locking myself out. This little, white box has been humming along so well, saving me gigawatts of expensive electricity (it took the file-serving chores away from a 550W full tower PC), that I haven't had the need or desire to reboot it. :-)
    I finally rebooted the server and unfortunately, lost root access. Rooter needs to remain installed in order to maintain root access via telnet. The root password can be changed manually each time, but will be reset back to null upon reboot (which is better than being disabled upon reboot).

    - Dave

  10. #10

    Default

    There's got to be some initialization scripting going on that does this and there should be a way to override that. Just need to take some time and look around for it. I know where all this stuff is on HP-UX but don't use Busybox much at all and am not sure how it's configured. It's probably similar but will take some investigation to figure it out. With the Rooter plugin, the startup files should be editable.

    Thanks for checking this out and confirming it is currently set this way.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •