Skip to content

VPN Super Admin device Compromised - Can't reset or delete #220

New issue
New issue
Closed
Closed
VPN Super Admin device Compromised - Can't reset or delete#220
Assignees
dapplion
Labels
P0Address issue nowbug
@Pol-Lanski

Description

@Pol-Lanski
Pol-Lanski
opened on Dec 9, 2020

In case your device with the .ovpn profile dappnode_admin gets compromised, it is not possible to delete it or to reset it.

Here are the error logs for:

  1. Trying to reset the .ovpn profile via the UI's "reset" button on the Devices panel: Call to deviceReset
Error: Cannot remove the master admin user
    at Object.<anonymous> (/usr/src/app/src/openvpn/removeClient.ts:13:11)
    at Generator.next (<anonymous>)
    at /usr/src/app/src/openvpn/removeClient.js:8:71
    at new Promise (<anonymous>)
    at __awaiter (/usr/src/app/src/openvpn/removeClient.js:4:12)
    at Object.removeClient (/usr/src/app/src/openvpn/removeClient.js:25:12)
    at /usr/src/app/src/calls/resetDevice.ts:12:9
    at Generator.next (<anonymous>)
    at /usr/src/app/src/calls/resetDevice.js:8:71
    at new Promise (<anonymous>)
Error: Cannot remove the master admin user
    at Object.<anonymous> (/usr/src/app/webpack:/admin-ui/src/common/transport/jsonRpc/index.ts:91:19)
    at Generator.next (<anonymous>)
    at /usr/src/app/index.js:132439:71
    at new Promise (<anonymous>)
    at __awaiter (/usr/src/app/index.js:132435:12)
    at Object.parseRpcResponse (/usr/src/app/index.js:132524:12)
    at Object.<anonymous> (/usr/src/app/webpack:/src/api/vpnRpcCall.ts:32:10)
    at Generator.next (<anonymous>)
    at fulfilled (/usr/src/app/index.js:32657:58)
    at process._tickCallback (internal/process/next_tick.js:68:7)

{
  "id": "dappnode_admin"
}

And 2. call to deviceAdminToggle - trying to untoggle the "admin" privilege

Error: Cannot remove the master admin user
    at /usr/src/app/src/calls/toggleAdmin.ts:19:13
    at Generator.next (<anonymous>)
    at fulfilled (/usr/src/app/src/calls/toggleAdmin.js:5:58)
    at process._tickCallback (internal/process/next_tick.js:68:7)
Error: Cannot remove the master admin user
    at Object.<anonymous> (/usr/src/app/webpack:/admin-ui/src/common/transport/jsonRpc/index.ts:91:19)
    at Generator.next (<anonymous>)
    at /usr/src/app/index.js:132439:71
    at new Promise (<anonymous>)
    at __awaiter (/usr/src/app/index.js:132435:12)
    at Object.parseRpcResponse (/usr/src/app/index.js:132524:12)
    at Object.<anonymous> (/usr/src/app/webpack:/src/api/vpnRpcCall.ts:32:10)
    at Generator.next (<anonymous>)
    at fulfilled (/usr/src/app/index.js:32657:58)
    at process._tickCallback (internal/process/next_tick.js:68:7)

{
  "id": "dappnode_admin"
}

Core DAppNode Packages versions

  • ipfs.dnp.dappnode.eth: 0.2.13
  • dappmanager.dnp.dappnode.eth: 0.2.37, commit: 2b96e582
  • core.dnp.dappnode.eth: 0.2.41
  • wifi.dnp.dappnode.eth: 0.2.5
  • vpn.dnp.dappnode.eth: 0.2.7, commit: 12ae223f
  • bind.dnp.dappnode.eth: 0.2.6

System info

  • docker version: Docker version 18.09.8-ce, build 0dd43dd87fd530113bf44c9bba9ad8b20ce4637f
  • docker compose version: docker-compose version 1.25.5, build unknown
  • platform: linux, x64, 4.19.0-6-amd64
  • Disk usage: 420584672461

Metadata

Metadata

Assignees

Labels

P0Address issue nowbug

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions