Community

While OpenWrt is a single user system, you can create additional users so you don't have to disclose the root user password. You can add the user by editing /etc/passwd and /etc/shadow or you can install the useradd package: opkg install shadow-useradd Now add a new user named "admin", but we don't want them to have shell access: useradd admin -d /var -M -s /bin/false -p mytemporarypassword The password is added in cleartext so you need to change it using the command: passwd admin Follow the prompts to set your password then you can confirm the new user has been added as required: cat /etc/passwd cat /etc/shadow Since OnionOS uses ubus via rpc we need to add the user to the rpc user list. The configuration file is /etc/config/rcpd, but you can use uci commands to add the user: uci add rpcd login uci set rpcd.@login[-1].username='admin' uci set rpcd.@login[-1].password='$p$admin' uci add_list rpcd.@login[-1].read='*' uci add_list rpcd.@login[-1].write='*' uci commit rpcd The username must match the username we just created and the structure of the password field causes the rpc daemon to use the system password we just created. The "read" and "write" fields is set to an asterisk indicating that the user will have unrestricted access, the same as the root user. You can confirm the new user had been added using a uci command: uci show rpcd rpcd.@login[0]=login rpcd.@login[0].username='root' rpcd.@login[0].password='$p$root' rpcd.@login[0].read='*' rpcd.@login[0].write='*' rpcd.@login[1]=login rpcd.@login[1].username='admin' rpcd.@login[1].password='$p$admin' rpcd.@login[1].read='*' rpcd.@login[1].write='*' Now restart the rpc daemon: service rpcd restart You can now login to OnionOS with the same functionality as the root user has, but the user has no console access.

Categories

Omega Talk

Projects

Technical FAQs

Tau Camera Corner

Beta Lab