Problem with WD MB Live's web interface

WD Legacy Products My Book Live
1

Hi,

I noticed that the MyBookLive has some weird system users whose home directories are set as /shared. Although by default the ssh access is allowed only to root and this can only be changed by root, I still saw this as a little security risk. Instead of deleting these users I locked them with “usermod —lock” and in case something should not work after that I can easily unlock them again.

These users I locked were : daapd, guest, ftp, admin-dfalias-wd, admin.

Although before doing that I took a quick look at the MBLive’s web gui, but as I did not find anything that should have connected these users with the web-gui (the files were owned by root and ran under the privileges of www-data) I locked them. Also nowhere in the web gui’s files there was mentioned these usersnames.

But after doing so some time later I discovered that the web gui is not working, so I unlocked them with “usermod —unlock”. But somehow this did not solve the nonworking web gui. And although the web gui is not necessary if you have ssh access cause it’s quite slow and limited, I still would like this to work in case I decide to sell my disk some day in the future.

I did have a closer look at the web gui’s files after it stopped working and the problem seems to be only with displaying shares and users. The php errors occur when the script tries to execute some system commands with php exec() using sudo.

I know one option to get it working again is to restore the disk to factory defaults, but in that case I’d have to back up all my data and what’s more important I’d lose all the packages and modifications I have installed and made. So is there anybody who maybe has had the same problem and knows how to solve it or maybe knows the web gui a little better and can maybe guess what might be the problem?

This is how the errors look like http://www.upload.ee/image/1191202/sc_wd.jpg

Or maybe someone could be so kind and post here or send me the lines of these users from /etc/shadow. Could try this as well :slight_smile:
My email is anteras _at_ hot _dot_ ee if anyone is willing to send me the passwords of these users.

br,
anterashot

2

hmm, probably  better way to restrict access for those mysterious users

was to change shell in /etc/passwd for them to /bin/false

3

Indeed it would have been better, but I thought of that after I had already done it the other way :smiley:

Right now I think the only way to get it working again is either to restore it to factory defaults or get someone else to send me the /etc/shadow file (at least the lines concerning the users mentioned).

I seriously hope some kind user can send me that, because restoring the disk to factory defaults means I have to copy everything away from there and back afterwards.

4

Restoring to factory defaults is a pain. I’m not convinced this will help, but on the offchance that it will,

MyBookLive:~# cat /etc/passwd | grep -E ‘daapd|guest|ftp|admin-dfalias-wd|admin’| grep -v gnats
admin:x:999:1000:Administrator:/shares:/bin/sh
admin-dfalias-wd:x:999:1000:Administrator:/shares:/bin/sh
ftp:x:108:1001:ftp daemon,:/srv/ftp:/bin/false
guest:x:500:1000::/shares:/bin/sh
daapd:x:501:1000::/shares:/bin/sh

I haven’t got around to looking at the installed users, but admin-dfalias-wd looks rather suspicious to me.

5

Thanks jonj678

Thank you for your help. But as the passwords are stored in the /etc/shadow file, could you please send me the lines from that as well for these users?

After I get the web gui working again I’ll look further into it why are these users necessary and what could be the safest way to disable them.