Welcome to TP-LINK Tech Support Forum
+ Reply to Thread
Results 1 to 14 of 14
  1. #1
    Members R1D2 is on a distinguished road
    Join Date
    Dec 2015
    Posts
    1,297

    EAP Controller 2.5.3 for Linux

    Good news: EAP controller 2.5.3 for Linux just has been released and is available for download.

    Bad news: it still lacks privilege separation and needs to run with root permissions. Very risky if you intend to use it on a public server!

    Even more bad news: the start/stop script still checks for the root user by looking at the shell environment variable UID.
    So any local, non-privileged user with access to the server can easily stop a running EAP controller by claiming to be root:

    Code:
    $ cd /opt/tplink/EAPController/bin
    $ ./control.sh stop  
    The script need root permission. Exit.
    
    $ UID=0 ./control.sh stop
    Stopping EAP Controller ...
    Stop successfully.
    $
    This is really annoying, since I filed not only a bug report, but also a fix to TP-Link on occasion of the release of version 2.4.8 already.
    Last edited by R1D2; 11-04-2017 at 01:11.

  2. #2
    Junior Member Dharasha is on a distinguished road
    Join Date
    Nov 2017
    Posts
    1
    Did you get it to work? I've upgrade mine from version 2.4.8, but it kept throwing java exceptions and the accesspoint was shown as disconnected, so I restored the directory from a backup. I've unfortunately not kept the logfile when uninstalling version 2.5.3 so I cannot give the exact exception. BTW, what you describe is not possible on CentOS 7, UID is a read-only variable:
    Code:
    sh-4.2# UID=0
    sh: UID: readonly variable

  3. #3
    Hmmmm could not find it on the website, can you post the link maybe?

  4. #4
    Members R1D2 is on a distinguished road
    Join Date
    Dec 2015
    Posts
    1,297
    Quote Originally Posted by bane4s View Post
    Hmmmm could not find it on the website, can you post the link maybe?
    Sure: http://static.tp-link.com/resources/...nux_x64.tar.gz

  5. #5
    Does your fix involve recompiling, or is it just a change in the start/stop scripts? If it's something I can do myself I'd love to do it until TP-Link gets off their collective duff to fix it. Thanks!

  6. #6
    Thanks I have got it and installed it already.
    If you create a backup it will ask you to import it automatically, that's sweet
    It seems that everything is in there except maps. This page now doesn't even have controls to import new map... could it be a bug.. will check if I can do something about it

  7. #7
    Hmmm, I just did a fresh install of 2.5.3 and was able to put in my own map. The "Configure Maps" button in the upper right looks disabled, but still functions normally. Click it, click the blue "(+) Add" button in the upper right of the dialog, then give your map a label and upload the file. I also trashed the default map :P

  8. #8
    Yes. that works, but if you had multiple sites, the old maps are not backed, so you need to re-upload them again. Since I had other than "Default" site preselected, I had a blank screen... then I realized if I get back to Default site, then I see default map plus Configure Maps grey button as you described.
    So... this issue is resolved, functionality is there, just maps needs to be included into backup as well.

  9. #9
    Good to know. Maps probably should be part of the backup, but I can see it causing file size or format issues with the config file (especially if you have, say, 10 maps each at ~300K, that balloons the config file from ~50K to ~3MB). They should just have something in the backup UI that says to make sure you save (and recreate) your maps separately, or just have a dedicated means to export/import that data.

  10. #10
    Members R1D2 is on a distinguished road
    Join Date
    Dec 2015
    Posts
    1,297
    Quote Originally Posted by DocJones View Post
    Maps probably should be part of the backup,
    Maps in /opt/tplink/EAPController/data/map are saved over an uninstall/install cycle if you answer 'y' to the question from uninstall.sh wether you want to save the DB. The DB backup file is saved in /opt/tplink/EAPController.

    install.sh then will detect it and re-create the database including all maps. No need to save them in a config backup.

  11. #11
    That's fine for an uninstall/reinstall, but if you're migrating, or replacing a broken server, those files won't necessarily exist any more. They should have a UI-based means to export/back up the DB and maps.

  12. #12
    Members R1D2 is on a distinguished road
    Join Date
    Dec 2015
    Posts
    1,297
    Quote Originally Posted by DocJones View Post
    That's fine for an uninstall/reinstall, but if you're migrating, or replacing a broken server, those files won't necessarily exist any more. They should have a UI-based means to export/back up the DB and maps.
    Wether you use a web UI or CLI commands to produce a backup file does not really matter. What matters is to make such backup files before the server crashes or gets replaced.

  13. #13
    I'm just saying, it should be made available through the UI (in the same place where the config backup is), so it's easy for users to back up all the stuff. Making users do multiple different things (go into the UI to back up configs, then go into CLI to back up other crap) to get all the stuff backed up is a great way to make sure users will be lazy or forget, and not get all the stuff backed up. It really can't be that hard to have a button that says "gzip the DB and maps and shove it at the user" (I could do such a thing in PHP in about 10 minutes), so why not make life easier for users?

  14. #14
    Members R1D2 is on a distinguished road
    Join Date
    Dec 2015
    Posts
    1,297
    While it undoubtedly would be nice to have such a button in the web UI for the Windows style of doing something regularly such as backups, I just reminded to how this things are done in the Linux style: of course you do not backup things manually if it can be done on the CLI and therefore suits perfectly to being scripted. We got a computer, don't we?

    BUT: before adding a web UI button to the Linux version of the controller, please, TP-Link, add a "backup" option to the start/stop script like it has been done in Pharos Control, so Linux guys don't need to do two backups, one through the web UI and one for the maps.

    Maybe TP-Links Windoze R&D team can add the button in the Windows version of the Controller, while the Linux R&D team can add it in the control script, and eventually they exchange both their work to each other.


 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Copyright 1996-2018 TP-LINK Technologies Co., Ltd. All rights reserved.