Image - how to exclude files from "root owned plus 644"

Sure. One use case is the creation of a non-root user. I follow this OldWiki:

https://oldwiki.archive.openwrt.org/doc/howto/secure.access#create_a_non-privileged_user_in_openwrt

I believe it gives all the info on expected ownership and permissions, including e.g. the fact that a user (not root) should own its own home directory.

The second use case is installing OpenSSH to replace Dropbear. I follow these sources:

They are not exactly the same. I had to mix and match.

A third case would be ksmbd. I'm afraid there was not a whole lot on this, but I summarize my steps here:

Set up ksmbd for read and write access as named user

I don't have any current errors. I expect that files will be "root owned plus 644" which should be otherwise; that, if you'd like, would be the error.

P.S. A fourth use case may be Wireguard. It is a future project for me (have not looked too much into it yet). But presumably there will be key pairs, for which the "44" portion of "644" may not be appropriate?

1 Like