Add user to sudoers

Q'center app, Helpdesk app
paulchoe
New here
Posts: 2
Joined: Tue Jun 11, 2019 11:43 pm

Re: Add user to sudoers

Post by paulchoe »

Sorry! I just wanted to install nano editor on my QNAP TS251 device. I found it very difficult to found the proper way to install it. One way I stumbled on after seaching Internet was intalling Entware and intall it from there. I now was able to install Entware through QNAP's QTS interface, but still trying to figure out how to install Nano or openSSH :-(
User avatar
OneCD
Guru
Posts: 12037
Joined: Sun Aug 21, 2016 10:48 am
Location: "... there, behind that sofa!"

Re: Add user to sudoers

Post by OneCD »

paulchoe wrote: Wed Aug 26, 2020 3:48 am I just wanted to install nano editor on my QNAP TS251 device. I found it very difficult to found the proper way to install it.
No worries. If Entware is now installed, then SSH into your NAS as the 'admin' user and run:

Code: Select all

opkg install nano

ImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImage
achim62
New here
Posts: 2
Joined: Sat Aug 29, 2020 12:59 am

Re: Add user to sudoers

Post by achim62 »

I install entware but opkg is still not working. Entware is on my QTS App Store. ??
User avatar
OneCD
Guru
Posts: 12037
Joined: Sun Aug 21, 2016 10:48 am
Location: "... there, behind that sofa!"

Re: Add user to sudoers

Post by OneCD »

Hi and welcome to the forum. :)
achim62 wrote: Sat Aug 29, 2020 1:33 am I install entware but opkg is still not working. Entware is on my QTS App Store. ??
Did you logout your current SSH session, then back-in again?

ImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImage
achim62
New here
Posts: 2
Joined: Sat Aug 29, 2020 12:59 am

Re: Add user to sudoers

Post by achim62 »

Yes and i reboot the NAS. Now i install ENTWARE-STD 1.0.But still not working.
User avatar
OneCD
Guru
Posts: 12037
Joined: Sun Aug 21, 2016 10:48 am
Location: "... there, behind that sofa!"

Re: Add user to sudoers

Post by OneCD »

achim62 wrote: Sat Aug 29, 2020 2:00 am Yes and i reboot the NAS. Now i install ENTWARE-STD 1.0.But still not working.
It does take a few minutes for Entware to start if you've just booted the NAS.

Logout your current SSH session(s), wait 10 minutes, then login again and check your $PATH.

ImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImageImage
OddbOd
New here
Posts: 8
Joined: Wed Dec 11, 2013 6:22 am

Re: Add user to sudoers

Post by OddbOd »

jkingma wrote: Wed Jan 29, 2020 7:30 pm For security reason I'd disable the standard admin user and created a new one in the Administrators user group. Yet this user is not allowed everthing on the system (swapoff for instance is denied and is allowed to Admin). Also it is not allowed to sudo.
What "security reason" do you actually have for doing this? This smells like security theater. By hacking the system in this way you are putting it in an unpredictable state that later OS upgrades, not to mention QNAP support staff, might not be able to handle correctly.
jkingma wrote: Wed Jan 29, 2020 7:30 pm How do I add a new administrator user to the sudoers? (there is no visudo available )
You don't. QNAP have included sudo to allow the admin account to run commands as another user (namely the httpdusr account) not for any other purpose. That's why visudo is missing, su is not enabled in busybox and sudoers/sudoers.d gets replaced on reboot. These are clearly design decisions, not mistakes.

I know what I've said above sounds harsh, even rude, after all it's your system to do with as you like. But please bear in mind the words of Shunryu Suzuki "in the beginner's mind there are many possibilities, in the expert's mind there are few."
whmitty
New here
Posts: 2
Joined: Tue Dec 15, 2020 4:38 am

Re: Add user to sudoers

Post by whmitty »

I had no joy trying to get Entware so resorted to the "autorun" feature which must be enabled FIRST. Autorun permits execution of custom user generated scripts on boot. More detailed info about setting up and enabling "autorun" can be found here -> https://github.com/OneCDOnly/create-autorun. That site has a script to create the autorun "environment" which generates the /share/CACHEDEV1_DATA/.system/autorun/scripts directory referenced below. They show how to download and install it on that page.

The bottom line here is that I was able to add a user to the sudoers file in /usr/etc/, copied it to a shared folder I created, then put a very simple two-line bash script in the /share/CACHEDEV1_DATA/.system/autorun/scripts directory created by the script referenced in the link at the top of this post. Any executable scripts placed into this directory are executed at boot time. The 1st command of that bash script renames the generic sudoers file that is re-created by QTS at every boot to sudoers_SAVE the 2nd command copies the customized version of the sudoers file with the new user in it from the shared folder into the /usr/etc folder. I suppose theoretically one could just remove the QTS generated sudoers file rather than rename it but I'm loathe to willy-nilly delete things.

Thus far it has worked. I've also used this nifty autorun feature to replace the default vi editor with the Micro Editor which is a portable program that works much like Nano. Also used autorun feature to turn off the console management display when logging in as admin. All three fixes were very easy to accomplish with autorun using a couple of lines of bash script. They have been working flawlessly so far.

OBVIOUS CAVEAT HERE: Changes in future QNAP updates of the OS could necessitate re-working this solution or even finding some other work-around. Until that time autorun has made my day!
jkingma
Getting the hang of things
Posts: 91
Joined: Wed Oct 21, 2015 2:15 am

Re: Add user to sudoers

Post by jkingma »

matiasiglesias wrote: Fri Jun 12, 2020 9:48 pm login to your Qnap via ssh with admin user

Code: Select all

ssh admin@your-nas-ip
edit /usr/etc/sudoers file

Code: Select all

vim /usr/etc/sudoers
and add the following line

Code: Select all

your-user-name ALL=(ALL) ALL
Thanks matias, your suggestion worked.
QNAP TS-453mini
Firmware: up to date
Locked

Return to “NAS Management”