I get this error in syslog:
daemon.err upsmon[4905]: Could not open /dev/crypto: Permission denied
upsmon runs as 'nutmon' user.
What are the proper permissions for /dev/crypto and how do I set them?
Thanks!
I get this error in syslog:
daemon.err upsmon[4905]: Could not open /dev/crypto: Permission denied
upsmon runs as 'nutmon' user.
What are the proper permissions for /dev/crypto and how do I set them?
Thanks!
Check the output:
ubus call system board; ls -l /dev/crypto; grep -e nutmon /etc/passwd /etc/group
{
"kernel": "5.10.28",
"hostname": "GRAPHRT",
"system": "ARMv7 Processor rev 2 (v7l)",
"model": "Linksys WRT1900AC v1",
"board_name": "linksys,wrt1900ac-v1",
"release": {
"distribution": "OpenWrt",
"version": "SNAPSHOT",
"revision": "r16521-a3c7633ddc",
"target": "mvebu/cortexa9",
"description": "OpenWrt SNAPSHOT r16521-a3c7633ddc"
}
}
crw------- 1 root root 10, 62 May 11 21:52 /dev/crypto
/etc/passwd:nutmon:x:114:114:nutmon:/var/run/nutmon:/bin/false
/etc/group:nutmon:x:114:nutmon
As I said: /dev/crypto is owned by root (this is the default) and nutmon is a normal user without special permissions (also by default).
Insert it in the init script:
chmod o+r /dev/crypto
Are you referring to /etc/init.d/nut-monitor ?
Is it safe/secure to make /dev/crypto readable by other users ?
Yep.
An alternative way to limit access:
chgrp nutmon /dev/crypto
chmod g+r /dev/crypto
That's not what I asked.
I run OpenSSL with devcrypto. OpenSSL is used for uhttpd, wireless (AES), and others. Is it possible for a different program (nut monitor included) to read private/secure information from OpenSSL if it has access to /dev/crypto ?
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.