2

I'm trying to edit my /etc/ssh/sshd_config file as per these instructions to properly set up git on my Synology NAS: http://www.wonko.de/2010/04/set-up-git-on-synology-nas.html (step 6)

However, when I tried to save the modified sshd_config file while logged in as root, I got the following error:

"/etc/ssh/sshd_config" File is read only

When I typed in "ls -l /etc/ssh/sshd_config" I got:

--rw-r--r-- 1 root root 3745 May 27 06:32 /etc/ssh/sshd_config

Does anyone know how I can change these permissions so they're read/write for root?

Jay
  • 191
  • 1
  • 2
  • 9
  • 2
    It's possible that you might not be root (only admin perhaps, try `id`). Sometimes, this also happens when the partition is mounted read-only. – Bruno May 28 '12 at 14:37
  • It's definitely root... "uid=0(root) git=0(root) groups=0(root)" –  May 28 '12 at 14:44
  • And the partition can't be read-only because I was able to save several files onto it. –  May 28 '12 at 14:45
  • I know little of wonky NAS devices as I have no need for those in my environment, but it doesn't use SELinux does it? If you're not in the right context for editing the config, it won't let you do that. – Magellan May 28 '12 at 22:37
  • @Adrian No, I don't think so... it's using BusyBox – Jay May 29 '12 at 03:01

3 Answers3

3

lsattr will give you something like this

$:/etc/ssh# lsattr sshd_config
s---ia------------- sshd_config

from "man chattr"

A file with the ‘a’ attribute set can only be open in append mode for writing. Only the superuser or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.

A file with the ‘i’ attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this file and no data can be written to the file. Only the superuser or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.

chattr -ia sshd_config

does the job

user134285
  • 31
  • 2
1

I believe what Bruno was suggesting was that you might not be root. Compare the results of the "who" command with the output of "id".

If you are root, you should be able to happily chmod the write flag (u+w) (with a blessing too):

 /etc/ssh/sshd_config
     Contains configuration data for sshd.  This file should be
     writable by root only, but it is recommended (though not neces-
     sary) that it be world-readable.
  • When I type in "who" command, I get: root pts/0 (timestamp) (hostip) –  May 28 '12 at 14:59
1

Ok, I found a workaround, but I have no idea why I had to do it in the first place (if someone can clarify this, that would be enlightening!)

I reset the permissions using:

chown -R root.users /etc/ssh/sshd_config

And I was able to write again while logged in as root.

Jay
  • 191
  • 1
  • 2
  • 9
  • 3
    adding the -R flag is redundant here, it means "recursively change", and is usually applied to a directory, or when wildcard matching. Your file is actually more open than on most installations i've seen which is "600" with ownership as root:root. The only thing I can speculate is that there was an acl applied by your NAS management software that prevented you from writing back to the file. –  May 28 '12 at 19:36