Many people have
lost root access to their Seagate Centrals after a particular firmware upgrade.
Here I attempt to provide a procedure to recover root access that is as painless as
possible. Note that there are a few alternative procedures posted elsewhere
on the internet however my procedure has the advantage over the others that it
does NOT require access to an external linux system because it makes use of the
linux software running on the Seagate Central itself. It also does NOT require you to crack open the Central and take out the hard drive.
I'm assuming that you have a little bit of pre-requisite knowledge before we begin. Namely …
I'm assuming that you have a little bit of pre-requisite knowledge before we begin. Namely …
- You know how to establish an ssh session into your Seagate Central (If you don't then why do you want root access?)
- You know how to transfer files between your external computer and your Seagate Central. (If you don't then what are you using a Seagate Central for??)
- You understand a few basic computer file concepts like "files", "directories", "copying", "zipping" and "editing". (If you don't then, Hello there Grandma Jones! I'm thrilled that you're reading my blog!!)
Part 1 : Try to revert to the "old" firmware.
Part 2 - Create then load a modified firmware image
In this part we are going to take a Seagate Central firmware image, modify it to remove the "su" disabling functionality, and then load it back onto the Central. Our friends at Seagate might be somewhat alarmed by this step but I hope they come to the conclusion that anyone who is technically literate enough to perform this procedure is probably trustworthy enough to deserve "su" access to their beloved Central. In addition I think the spirit of the GNU General Public Licences which Seagate uses extensively for software in the Central product means that the software should be able to be improved and modified which is what we're doing here.
Note this procedure
involves running a number of linux/unix commands. I have developed this method
on the assumption that we are going to perform this procedure using the linux
system running on the Central itself. You can use an external linux box to perform
these steps however I think that for many people who have a Seagate Central,
the Central may be the only linux system they have easy access to!! That is why
this technique makes use of the Central itself and not an external system.
Step 1 : ssh into
the Seagate Central. In this procedure I use the "admin" account but
you can use any existing username you've set up on the system.
Create a new
directory to perform our procedure in and navigate to that directory. In this
example we create a new directory called "firmware".
admin@Seagate-5A4B6C:~$
mkdir firmware
admin@Seagate-5A4B6C:~$
cd firmware
admin@Seagate-5A4B6C:~/firmware$
Step 2 : Obtain a
copy of your desired version of Seagate Central Firmware and upload it to the
new folder on the Central.
I got my firmware by
navigating to the Seagate Download finder tool at https://apps1.seagate.com/downloads/request.html
and entering the required details. You need to enter your Seagate
Central's serial number and what country you live in and then you'll be given a download link.
In
the example shown here I downloaded a file called Seagate-HS-update-201509160008F.zip
. You have to decompress/unzip this file to get an "img" file. You
can do this on the PC you downloaded the file to and then transfer the
"img" file to the new "firmware" folder on the Seagate
Central or you can upload the zip file to the new "firmware" folder
on the Seagate Central and decompress it on the Central.
admin@Seagate-5A4B6C:~/firmware$
unzip Seagate-HS-update-201509160008F.zip
Archive: Seagate-HS-update-201509160008F.zip
inflating: ReadMe.pdf
inflating:
Seagate-HS-update-201509160008F.img
Confirm that the
image is in the "firmware" folder.
admin@Seagate-5A4B6C:~/firmware3$
ls -l *.img
-rw-r--r--
1 admin admin 130199138 Nov 17 21:52 Seagate-HS-update-201509160008F.img
Step 3 : Obtain a
copy of the squashfs-tools for Seagate Central.
I have compiled
binary versions of these tools (version 4.3) for the Seagate Central and made
them available at the following links
If you
don't trust my binaries (I swear I stopped spying for North Korea months ago)
and want to make them yourself then you can obtain the source code from the
squashfs-tools homepage at http://squashfs.sourceforge.net/ . You can also find instructions
for compiling binaries for the Seagate Central using an external linux system
at https://sites.google.com/site/modcentralnas/ .
You can use your external PC to obtain these binaries and then upload them to your Central or if your Seagate
Central has internet access then you can download the files directly to the Central by
running the "curl" commands as follows.
admin@Seagate-5A4B6C:~/firmware$
curl -L -O https://sites.google.com/site/seagatecentralenhancementclub/squashfs-tools/mksquashfs
% Total
% Received % Xferd Average
Speed Time Time
Time Current
Dload Upload
Total Spent Left
Speed
100 343k
100 343k 0
0 60087 0
0:00:05 0:00:05 --:--:-- 288k
admin@Seagate-5A4B6C:~/firmware$
curl -L -O https://sites.google.com/site/seagatecentralenhancementclub/squashfs-tools/unsquashfs
% Total
% Received % Xferd Average
Speed Time Time
Time Current
Dload Upload
Total Spent Left
Speed
100 257k
100 257k 0
0 48704 0
0:00:05 0:00:05 --:--:-- 299k
Now change the
attributes of the files so that they are executable
admin@Seagate-5A4B6C:~/firmware$
chmod a+x mksquashfs
admin@Seagate-5A4B6C:~/firmware$
chmod a+x unsquashfs
Note : If you are
performing this procedure on an external Linux system instead of on the Central
then you'll have to get the version of the
squashfs-tools for your particular linux distribution. You can't run the
binaries seen above, they only work on the Seagate
Central.
Step 4 : The Seagate
firmware image is in gzipped tar format. Decompress the image with the
following "tar" command. This takes about 30 seconds to complete.
admin@Seagate-5A4B6C:~/firmware$
tar -zxpvf Seagate-HS-update-201509160008F.img
rfs.squashfs
uImage
config.ser
Step 5 : Extract the
new firmware's filesystem.
Here we use the
unsquashfs tool you downloaded in Step 3 to extract the file system contained in the
Seagate firmware image. Note that this can
take about 500M of disk space! This takes about 2 minutes to complete.
admin@Seagate-5A4B6C:~/firmware$
./unsquashfs rfs.squashfs
You may see some
error messages similar to the following. Just ignore them.
create_inode: could
not create character device squashfs-root/dev/apm_bios, because you're not
superuser!
You should now have
a new directory called "squashfs-root" in your firmware folder. This
contains the new filesystem that we are going to
modify.
Step 6 : On many
linux systems, including the Seagate Central, access to the "su"
command is governed by the "/etc/pam.d/su" configuration file.
In the new Seagate
Central firmware there is a section in this file which disables "su"
access for regular users as follows…
# Uncomment this if
you want members of a specific group to not
# be allowed to use
su at all.
auth required pam_wheel.so deny group=users
We need to re-enable
root access for normal users by editing this file in the new firmware. Here we use the
"nano" editor as follows.
admin@Seagate-5A4B6C:~/firmware$
nano squashfs-root/etc/pam.d/su
Once the editor is
open scroll down about 20 lines to the text as seen above and add a
"#" to the start of the "auth
required" line to comment it out and disable it. After making the change the section looks like this
# Uncomment this if
you want members of a specific group to not
# be allowed to use
su at all.
#auth required pam_wheel.so deny group=users
Save
your changes by typing Control-X to exit, then answering "Y" when
you're asked to "Save modified buffer" and pressing enter to confirm
the "File Name to Write".
Step 7 : If you have
a blank root password the new firmware will reset it to a secret value each
time the system boots with the startup
script "/etc/init.d/finish"
Here we will change this behaviour so that instead of using a secret value, we use a known value. In this example we set the root password to "test123". Obviously change "test123" to something unique for your system. We edit the "finish" startup script as follows
admin@Seagate-5A4B6C:~/firmware$
nano squashfs-root/etc/init.d/finish
Once the editor is
open scroll to the very bottom of the file and add the following lines to the
end of the file.
# Is the root
password set as blank?
if grep -q
"^root:x:" /etc/passwd
then
# Change the root
password to test123.
echo "root:test123" | chpasswd
# Make sure the
changes are in the Central's backup config folder.
rsync -Rva /etc/passwd /usr/config/backupconfig
fi
Save
your changes by typing Control-X to exit, then answering "Y" when
you're asked to "Save modified buffer" and pressing enter to confirm
the "File Name to Write".
N.B. You might think it's a bit insecure setting the root password to a value just specified in a script file. Well it is! That's why in Step 10 we change the root password again to something else.
N.B. You might think it's a bit insecure setting the root password to a value just specified in a script file. Well it is! That's why in Step 10 we change the root password again to something else.
Step 7.5 : Make sure that the
"sudo" and "su" commands have the correct unix file
attributes.
In some versions of
Seagate Central firmware the "sudo" and "su" commands do
not have the required "read" and "set userID" file attributes
set.
This isn't the case
in all versions of firmware but just to make certain run the following
commands.
admin@Seagate-5A4B6C:~/firmware$
chmod 4555 squashfs-root/usr/bin/sudo
admin@Seagate-5A4B6C:~/firmware$
chmod 4555 squashfs-root/usr/bin/su
To check that the
changes have taken affect run the following "ls" commands and check
that the "r" (readable) and "s" (set userID) bits as seen below are present for
each file.
admin@Seagate-5A4B6C:~/firmware$ ls -l squashfs-root/usr/bin/su
-r-sr-xr-x 1 admin admin 23692 Sep 17 09:06 squashfs-root/usr/bin/su
admin@Seagate-5A4B6C:~/firmware$ ls -l squashfs-root/usr/bin/sudo
-r-sr-xr-x 1 admin admin 87316 Sep 17 09:06 squashfs-root/usr/bin/sudo
Step 8 : Run the
following commands to create a new firmware image called
Seagate-allow-root.img. Note that the first command (mksquashfs) takes about
5 minutes and the second (tar) takes about 3 minutes to complete. Also note that we
are using the least powerful compression-level (1) in the mksquashfs command
because this lets the command run most quickly. You can use any number up to the
most powerful compression level "9" however the command could then
potentially take hours to run for the sake of saving maybe only a few
megabytes.
admin@Seagate-5A4B6C:~/firmware$
./mksquashfs squashfs-root rfs.squashfs -all-root -noappend -Xcompression-level
1
admin@Seagate-5A4B6C:~/firmware$
tar -cvzf Seagate-allow-root.img rfs.squashfs uImage config.ser
Step 9 : Upgrade the
Seagate Central with the new firmware.
First, and this bit
is optional, I'd suggest copying your newly created firmware,
"Seagate-allow-root.img", to your local PC harddrive. It will be about
140MB so if you don't want to use up the space then don't worry about it.
Next start the
upgrade procedure by logging in as admin to the Seagate Central management web page in your web browser, and navigating to the
"Settings" Tab, then the "Advanced "menu, then the
"Firmware Update" page.
From here click on
the "Browse" or "Choose file" button and in the file dialogue box that appears navigate to the new
software you've created "Seagate-allow-root.img". Now click on the
"Install" button and let the upgrade process commence. The management
web page should show a progress bar as the upgrade proceeds.
If
you like you can get a scrolling live log of the progress of the upgrade by running
the command "tail -f /var/log/syslog" in an
ssh session on the Central while the upgrade is occurring. Hit Control-C to stop viewing the log. Most of the output of the log is
useless but if you see something that is obviously indicative of an error or a
problem then perhaps you can cut and paste it and add it as a comment to this
blog post so we can take a look.
It took
the firmware upgrade on my test Central system about 30 minutes to complete. Also it seemed
to be stuck at the "86%" mark for ages according to the progress
meter on the management webpage.
Once the system has
booted up your new firmware should be running and you should have root access again.
Part 3 : Make sure root access is enabled from now on
Step 10 : If your root password has been changed to "test123" as per "Step 7" then you should change your root password to something else because any user can look at that /etc/init.d/finish script and see that the root password could be changed to that. Do this by logging in as root
and running the following commands.
Seagate-5A4B6C:~$
su root
Password: test123
Seagate-5A4B6C:/Data/admin# passwd
Seagate-5A4B6C:/Data/admin# passwd
Enter
new UNIX password: I-love-my-Central
Retype
new UNIX password: I-love-my-Central
passwd:
password updated successfully
Seagate-5A4B6C:/Data/admin#
cp /etc/passwd /usr/config/backupconfig/etc/
Seagate-5A4B6C:/Data/admin#
cp /etc/shadow /usr/config/backupconfig/etc/
Step 11 : Make sure
"su" is enabled from now on. Even after another firmware upgrade.
The Seagate Central
stores a backup of all it's important configuration files in the
"/usr/config/backupconfig" folder. Every time the
central boots up it copies the contents of this folder to the root filesystem.
If you want to see the details then have a look at the
"/etc/init.d/firmware-init-1bay" startup script on the Seagate
Central.
Incidentally this is
why some people complain that when they set a root password on the Central it
reverts to blank or the old password
after a reboot. You have to make sure that your password changes are reflected
in the "/usr/config/backupconfig" folder as well as
the normal locations otherwise they'll be overwritten on a reboot.
The way the new
Seagate Central firmware disables "su" access is by changing the
"/etc/pam.d/su" file. (See Step 6 for details)
At this point,
because we have root access now, we know that the system is using a version of
the "/etc/pam.d/su" file that works properly.
What we want to do
is copy this working version of "/etc/pam.d/su" to the
"/usr/config/backupconfig" folder so that each time the
Seagate Central boots up this "good" version of the file is restored
even if a firmware upgrade tries to modify it.
As root run the
following commands
Seagate-5A4B6C:~#
mkdir -p /usr/config/backupconfig/etc/pam.d
Seagate-5A4B6C:~#
cp /etc/pam.d/su /usr/config/backupconfig/etc/pam.d/
Note that from now
on if you decide to modify the "/etc/pam.d/su" file for any reason,
say to restrict "su" access to certain users, you'll have to remember
to copy the changes to the "/usr/config/backupconfig/etc/pam.d/su" file
as well otherwise your changes will be lost on reboot.
Conclusion
If you have
performed the procedures above but still can't get root access then please let
me know at what point things seemed to fail and any relevant details. I'm keen
to make this procedure work for everyone. In addition if you notice any errors, things that need correcting, or suggestions to improve this procedure then I'm keen to hear about that too.
Just to briefly mention, if things have failed there is yet another alternative. You can crack open the Central (goodbye warranty), take out the
hard drive and mount it on an external system, manually modify the files we
manipulated above (init.d/finish pam.d/su) as per the steps above, then put the drive back into the
Central. You can certainly do this with a linux system and possibly even a windows system (maybe). If there's anyone who needs a procedure to do that then let me know
and I'll try to write one up.
Finally there is one rather clever alternative procedure for creating the modified firmware as we did in Part 2. It makes use of an automated script running on an external linux system. You can find that here
Good luck!
Edit 3-Aug-2017 : Modified Part 3 Step 10 to add copying the "/etc/shadow" file to /usr/config/backupconfig/etc after you change your root password as well. SFAIC
Thanks for this article. I use to be able to use xshell4 and log onto the drive and run a script that would copy all folders to a passport drive. This was done to backup the NAS (just in case). When I called Seagate to explain this to them they said that the NAS drive was the backup and I didn't really need to do that. When I asked them if they would guarantee the drive never fail they didn't...(surprise). At the end of the conversation they basically told me "you can't do that".
ReplyDeleteI am excited to see your instructions. It looks daunting but I'll try it ASAP and let you know the outcome.
Ok. Need some help. Everything works great until I go to compile the img file. see link--http://s23.postimg.org/rq6kwr5rf/error.jpg
ReplyDeleteI skipped this and continued on but after it applies patch it won't let me login as root
any help is greatly appreciative.
Hi James. Thanks so much for providing all these good troubleshooting details.
DeleteI *think* I know what's gone wrong. The firmware file has the wrong unix permissions set on the "sudo" and "su" executables. I've added "Step 7.5" in the procedure above that I believe will fix this problem. Obviously after executing Step 7.5 proceed to Step 8 and 9 and perform the upgrade again with the new new firmware and see how we go.
To summarize the new step you basically correct these incorrect permissions on su and sudo by running the following commands in the "firmware" subdirectory just before step 8 where you create the new firmware image.
chmod 4555 squashfs-root/usr/bin/sudo
chmod 4555 squashfs-root/usr/bin/su
If that doesn't fix the problem then please let me know exactly what version of firmware you're modifying, and can you run the following commands from the firmware directory and send me the output
ls -l /usr/bin/sudo
ls -l /usr/bin/su
ls -l squashfs-root/usr/bin/su
ls -l squashfs-root/usr/bin/sudo
If Step 7.5 doesn't work then we can take another tack which involves modifying one of the startup scripts in the new firmware to *force* the "su" and "sudo" commands to have the correct permissions. This is a little bit less elegant than the original procedure but it should work.
Thanks James. I appreciate your patience.
Thank you so very much. Your 7.5 worked however when I use xshell and try to login as root it is trying to prompt me for a password. I try to not enter any but it keeps asking me for one. So I logged in as a super user and then continue on with your steps and this is what I get.
Deletehttp://s12.postimg.org/grwkvznul/notworking1.jpg
thanks again. For the record I am using. Seagate-HS-update-201509160008F
Thanks for persisting with this James. I really appreciate it.
DeleteI've identified a few things that could have gone wrong.
Can you do me a favor and run the following command on your Central..
cat /etc/passwd | grep root | cut -c 0-10
And tell me if the output of the command has an ":x:" in it as seen below?
root:x:
If it doesn't look like this then things haven't progressed in your system the way I envisaged. Skip down to "BACKUP PLAN" below. Otherwise readon...
More thorough testing on my part seem to indicate that the command I used in Step 7 to clear the root password (passwd -d root) doesn't seem to work in every circumstance.
I think a better way to go is to set the root password to a known value instead of trying to make it blank again.
For that reason I've modified step 7 to replace the command "passwd -d root" with " echo "root:test123" | chpasswd " which changes the root password to "test123". Can you go ahead and re-edit the bottom of the "squashfs-root/etc/init.d/finish" file as per the new Step 7 and make those changes?
Also in Step 10, when you're executing "sudo su" are you putting in the root password or the password of the user you are loged in as?
I'm going to change this step to use "su root" instead of "sudo su" because this way anyuser, not just those designated as administrators, can log in as root.
BACKUP PLAN :
If none of this works then something just isn't going as planned and I'd suggest the way forward is to change Step 7 again and make it so that *every time* the system boots up the root password is changed to a known value regardless of whether the root password is blank or not.
We can do this by editing the bottom of the "squashfs-root/etc/init.d/finish" file and instead of adding all the commands listed in Step 7 above, just add one command to the bottom of the file....
echo "root:test123" | chpasswd
This will cause the system to change the root password to "test123" everytime the Central boots up no matter what the current status of the root password is.
Then, after the system has benn upgraded with the modified firmware and rebooted and the password has been changed to "test123" we re-edit the "/etc/init.d/finish" file and remove that line we added at the bottom, change the root password with the "passwd" command, and then copy the "/etc/passwd" and "/etc/init.d/finish" files to the backup folder.
admin@Seagate-xxxxx:~$ su root
Password: test123
root@Seagate-xxxxx:/Data/admin# passwd
Enter new UNIX password: I-love-Central
Retype new UNIX password: I-love-Central
passwd: password updated successfully
root@Seagate-xxxxx:/Data/admin# nano /etc/init.d/finish
root@Seagate-xxxxx:/Data/admin# cp /etc/init.d/finish /usr/config/backupconfig/etc/init.d/finish
root@Seagate-xxxxx:/Data/admin# cp /etc/passwd /usr/config/backupconfig/etc/passwd
Please let me know if either of these suggested modifications to the procedure work.
If they don't then don't despair. We'll battle on and find more things we can try. I'm determined to make this work for you and everyone else.
One other thing. Everything compiles without any issues
ReplyDeleteHere is also the last part of the :~/firmware$ nano squashfs-root/etc/init.d/finish
Deletehttp://s1.postimg.org/9f547yvzz/nanofile.jpg
Ok. I followed your steps and here is the results.
ReplyDeleteSee screen shot for the first part. root:x:. It is there so I continued on with your steps and everything worked with changing the password. Great job and I cannot thank you enough.
Have a great Christmas.
forgot to give you screen shot
Deletehttp://s17.postimg.org/ttjb593r3/step3.jpg
Oh that's awesome!! I'm so pleased!
DeleteThanks again James. Please let me know if you can think of any other enhancements you'd like on the Central and perhaps we can look into them.
Thanks again and have a great Christmas and New Year!
how can i Install aira2 on Seagate Central?
ReplyDeleteHi there. This looks like a good project to pursue. I'm just busy with something at work for the next week and a half. Let me try to get an answer back to you by just after Christmas. Thanks.
DeleteSorry this has taken so long. You wouldn't believe what work's been like. I'll try to make a binary for you soon.
DeleteFirst, thank you for the information on the SU and firmware hacks.
ReplyDeleteI was able to fall back to my old Kernel, Seagate-HS-update-201506110006F
Unfortunately, the only img file still on the drive is Seagate-HS-update-201509160008F
That appears to also be the only version available for download... :(
You wouldn't happen to have a copy of Seagate-HS-update-201506110006F you would be willing to share? I have been unable to locate it anywhere and Seagate support refuses to give it to me.
Any thought on functions/features/performance of the different versions?
Also, I am far from a linux/gep/sed/echo guru, but it appears that the linux script you linked to and the updated 2015-09-16 forked version edit different files than you are in your manual process or am I just misreading them? (https://github.com/detain/seagate_central_sudo_firmware/blob/31109437af7223c29cdc718f81bfea8741543e4f/seagate_patch_root.sh)
They appear to be editing:
etc/ssh/sshd_config
/usr/sbin/ba-upgrade-finish
/etc/sudoers
Just wondering what the different approach might be and why?
I am also fighting the issue with USB attached NTFS drives not being able to delete files. This is actually why I want sudo/root so I can hopefully resolve that without having to reformat it as ext3 or something and reload.
""You need permission to perform this action
You require permission from Unix User\nobody to make changes to this folder""
Have you run into that issue?
Thanks again.
Another thought is what if the drive dies? How do we build a replacement? Assume we can open he case and swap drives, but should we do some sort of DD of the boot partition or is having the img file good enough?
ReplyDeleteGreat article. Do you know how to put firmware on seagate central with blank hard drive?
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteHey,
ReplyDeleteIn the process of recovering some data from a seagate central I used testdisk to build a partition table, so I could mount the LVM partition in linux. Now I need the central to go back to working as a NAS if possible, but it won't boot and the light stays amber. I tried deleting the partition table I had created, but it didn't help.
I guess I have the same question as Dean Benz and lpt2007, in that I'm interested in dd'ing the firmware back onto the drive without going through the seagate central web interface (since it's not working and never connecting to my network). Do you have any thoughts about how I might do this? Alternately, could you host an image of the boot partition somewhere so that the three of us could copy it to our drives?
Hey,
ReplyDeleteIn the process of recovering some data from a seagate central I used testdisk to build a partition table, so I could mount the LVM partition in linux. Now I need the central to go back to working as a NAS if possible, but it won't boot and the light stays amber. I tried deleting the partition table I had created, but it didn't help.
I guess I have the same question as Dean Benz and lpt2007, in that I'm interested in dd'ing the firmware back onto the drive without going through the seagate central web interface (since it's not working and never connecting to my network). Do you have any thoughts about how I might do this? Alternately, could you host an image of the boot partition somewhere so that the three of us could copy it to our drives?
Are you still stuck?
DeleteI've been trying to either find nfs/rpc utils that can be installed onto the Seagate Central.. or a Debian distro to install over the MontaVista environs.. (personnally - a version of Debian Jessie is where I'd like to focus)..
ReplyDeleteIf those options are not possible - do you have instructions for setting up a 'proper' toolchain/build/cheroot/whatever environment so that nfs-utils and what not can be built from scratch?
Or even instructions on getting the on disk version of opkg configured to talk to the 'outside world' ??
Help?!
I don't know about installing Debian on the Central (sounds like a marvelous idea) but I'm working on getting a proper toolchain built that works. I should be finished in the next few days. I plan on uploading instructions on cross compiling it yourself on a "normal" X86 Debian/Ubuntu system and also the resultant binaries that you should be able to just dump there.
DeleteLet me know if you're still looking into this or if you found a way to get Debian or some other distro running on the Central.
Where you able to acomplish this? I am also interested in replacing MontaVista with Debian.
DeleteThank you! Very clear with copy-paste commands. Works like a charm!
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteThis comment has been removed by the author.
ReplyDeletehttp://seagatecentralenhancementclub.blogspot.com.au/2015/11/root-su-recovery-for-seagate-central.html#comment-form
ReplyDeleteThank you so much for this post. I had searched high and low to find info on gaining root access to my Seagate Central STCG4000300 (with 4TB ST4000DM000 disk) using firmware version 2015.0916.0008-F. I have now successfully gained root access which is persistent across reboots. Very happy days thanks to you!
The only change I made to your instructions was part #2, step #7:
# Is the root password set as blank?
if grep -q "^root:x:" /etc/passwd
then
# Change the root password to test123.
echo "root:test123" | chpasswd
# Make sure the changes are in the Central's backup config folder.
rsync -Rva /etc/passwd /usr/config/backupconfig
fi
I left that script out and replaced the root password with my own encrypted root password from /etc/shadow from another server. Perhaps a little more manual but effective.
I would also remove the SSH authorized_keys file for root or at least change it to be yours. The one that is in there is from the factory in China and thus likely compromised and basically is a way into the device as root.
ReplyDeleteSee the home/root/.ssh/authorized_keys file
Hi,
ReplyDeletecan't perform step 5. Terminal write follow:
Seagate-cloud:~/firmware$ ./unsquashfs rfs.squashfs
-sh: ./unsquashfs: Permission denied
could you advice me, whats wrong?
Did you remember to change the attributes of the "mksquashfs" and "unsquashfs" files to executable with the following commands?
Deletechmod a+x mksquashfs
chmod a+x unsquashfs
Can you do an "ls -l" in the directory where those files are located and see the "x" attributes set like below?
root@NAS:~/firmware$ ls -l *squash*
-rwxr-xr-x 1 admin admin 351706 Aug 3 18:04 mksquashfs
-rwxr-xr-x 1 admin admin 264102 Aug 3 18:04 unsquashfs
Can someone just upload the modified version of this firmware somewhere?
ReplyDeleteI don't know how Seagate would react to that. If someone were inclined to supply a place to host such a file and if someone were willing to reply to this comment about how to upload it there with a reasonable degree of anonymity then someone might be inclined to upload it there.
DeleteI an such a noob... can you explain how to use the alternative procedure for creating the modified firmware as we did in Part 2, using an automated script running on an external linux system?
ReplyDeleteAlso accessing the disk using FTP i think there is the latest ".img" firmware saved on a folder. should we use that copyng to firmware folder?
Thank you for all the help.
Regards
https://github.com/detain/seagate_central_sudo_firmware
I just found this article in 2018. I have had my Central since 2014 and I have moved computers a few times. each time, I loose access to some group of files because of permissions. This just gave me all my access back! Thanks for this, 3 years later :)
ReplyDeleteI found even simpler way. /cirrus/ is webroot folder and regular user have permission to create php script. Since php is run under root account, you can edit /etc/shadow, /etc/pam.d/su from php script and change su and sudo permission as well. Just write script and call it via http.
ReplyDeleteMine is giving me a Operation not Permitted when trying to change permissions.. dump of terminal below:
ReplyDeleteadmin@BULL-NAS:/Data/Public/firmware$ unzip Seagate-HS-update-201509160008F.zip
Archive: Seagate-HS-update-201509160008F.zip
inflating: ReadMe.pdf
inflating: Seagate-HS-update-201509160008F.img
admin@BULL-NAS:/Data/Public/firmware$ ls -l *.img
-rw-rw-rw- 1 admin nogroup 130199138 Apr 23 15:11 Seagate-HS-update-201509160008F.img
admin@BULL-NAS:/Data/Public/firmware$ curl -L -O https://sites.google.com/site/seagatecentralenhance
mentclub/squashfs-tools/mksquashfs
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 343k 100 343k 0 0 38529 0 0:00:09 0:00:09 --:--:-- 287k
admin@BULL-NAS:/Data/Public/firmware$ curl -L -O https://sites.google.com/site/seagatecentralenhance
mentclub/squashfs-tools/mksquashfs
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 343k 100 343k 0 0 41985 0 0:00:08 0:00:08 --:--:-- 268k
admin@BULL-NAS:/Data/Public/firmware$ curl -L -O https://sites.google.com/site/seagatecentralenhance
mentclub/squashfs-tools/unsquashfs
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 257k 100 257k 0 0 33015 0 0:00:07 0:00:07 --:--:-- 291k
admin@BULL-NAS:/Data/Public/firmware$ chmod a+x mksquashfs
chmod: changing permissions of mksquashfs: Operation not permitted
admin@BULL-NAS:/Data/Public/firmware$ cd ../../..
admin@BULL-NAS:/$ mkdir firmware
mkdir: cannot create directory firmware: Permission denied
See my comment above. You can simply use php script to copy file to share, edit it on your PC (notepad++ on windows is recommended) and put i back. Simply using PHP copy function is enough.
DeleteThis comment has been removed by the author.
ReplyDeleteThe link to the compiled squashfs isn't working. Is there another?
ReplyDelete