You are not logged in.

#1 2019-02-04 22:04:00

THX1138
Member
Registered: 2019-01-14
Posts: 158

/var/lib/lockdown/ what have I done? [SOLVED]

I stupidly changed something on the wifes computer
without knowing what effects it would have.
She is using ubuntu 18.10
Her iphone stopped communicating withe the computer
and I have been trying all day to make it work.
I was reading in a thread where people were saying that they
issued the command

sudo chmod -R777/var/db/lockdown/

on their ipad or phone
and then someone else wrote that they also did

sudo chmod 777 /var/lib/lockdown/

on their linux box and it worked. So I tried that without
making note of what the previous settings were and without actually
knowing what the lockdown folder holds and what implications it has
for security etc. I can find precious little about the folder on the internet
but someone else said in a thread "NEVER do that to a linux box"

Can anyone point me in the right direction (with a link) so I can read for myself  regarding the folder, and what it holds and what I have probably done by lowering the permissions on it? Or tell me what they think it is for please?

Oops I just realised this should go in support other

Last edited by THX1138 (2019-02-06 14:57:10)


I did not attend his funeral, but I sent a nice letter saying I approved of it. (Mark Twain)

Offline

#2 2019-02-04 23:00:36

Bearded_Blunder
Member
From: Seat: seat0; vc7
Registered: 2015-09-29
Posts: 602

Re: /var/lib/lockdown/ what have I done? [SOLVED]

Well what I'd try first.. boot live session, check mode in live session > chmod back to that

Though looking at my virtual installs sudo ls -a /var/lib shows no "lockdown" existing can't see chmod <anything> /does/not/exist being that harmful..

Since I'm not showing a /var/db in a default Bunsen install either the same logic seems to apply.. Results might be spectacularly different on systems where they do exist, & I ain't installed Ubuntu in years, and wiped it an hour later last time I did, so I can't comment what might be there or not on that

Do you have any actual odd *symptoms* as a result of doing this?  Do your systems actually have files or dirs that match the target?

(They should add "never paste random commands from websites as root or containig sudo" to the "Don't break Debian page)


Blessed is he who expecteth nothing, for he shall not be disappointed...
If there's an obscure or silly way to break it, but you don't know what.. Just ask me

Offline

#3 2019-02-04 23:17:18

iMBeCil
WAAAT?
From: Edrychwch o'ch cwmpas
Registered: 2015-09-29
Posts: 590

Re: /var/lib/lockdown/ what have I done? [SOLVED]

THX1138 wrote:

...
Can anyone point me in the right direction (with a link) so I can read for myself  regarding the folder, and what it holds and what I have probably done by lowering the permissions on it? Or tell me what they think it is for please?

Well, googling ubuntu /var/lib/lockdown/ gives this, which says

main: make sure the non-privileged user has proper access to the conf…

So it seems to be some crap about allowing non-sudo (or non-root) users to access certain configuration files concerning a cross-platform protocol library to access iOS devices (in full agreement with your diagnosis).

As long as the computer is not shared between untrusted people, I don't feel there really is realistic security risk.

That's as far as I understand the matter. You should consider changing it back to 'chmod 744' or even 'chmod 700' , and check if mobile software works.

Note: Disclaimer: I might be wrong. For full understanding one should be familiar with both Ubuntu and given library.


Postpone all your duties; if you die, you won't have to do them ..

Offline

#4 2019-02-05 10:09:47

THX1138
Member
Registered: 2019-01-14
Posts: 158

Re: /var/lib/lockdown/ what have I done? [SOLVED]

Thanks for the replies, folks. That's obviously why I couldnt find much info, its a specific directory meant for pairing iphones with computers, probably put there by the ifuse or devicepair program. I honestly thought it was some kind of super sensitive store for all the linux security-voodoo and I might have just put up a neon sign saying "come and hack me"
Both replies were valuable in assisting me - thank you for that !
In fact I just realised how to get this misbehaving phone working now
I think I may delete that folder and start again with it.
I have just realised what is going on with that problem so
cant thank you enough !

Last edited by THX1138 (2019-02-05 10:11:45)


I did not attend his funeral, but I sent a nice letter saying I approved of it. (Mark Twain)

Offline

#5 2019-02-05 11:25:52

iMBeCil
WAAAT?
From: Edrychwch o'ch cwmpas
Registered: 2015-09-29
Posts: 590

Re: /var/lib/lockdown/ what have I done? [SOLVED]

^You're welcome THX  wink


Postpone all your duties; if you die, you won't have to do them ..

Offline

#6 2019-02-06 06:45:27

ohnonot
...again
Registered: 2015-09-29
Posts: 3,419
Website

Re: /var/lib/lockdown/ what have I done? [SOLVED]

THX1138 wrote:

In fact I just realised how to get this misbehaving phone working now
I think I may delete that folder and start again with it.
I have just realised what is going on with that problem so
cant thank you enough !

can you please share your solution?
others will benefit.

on a side note, one should always install LTS (in your case, 18.04 instead of 18.10) distros on wife's computer, because stability.

Offline

#7 2019-02-06 14:56:29

THX1138
Member
Registered: 2019-01-14
Posts: 158

Re: /var/lib/lockdown/ what have I done? [SOLVED]

The problem was that I could not get the phone to trust the computer
Or even to ask me if it could be trusted, hence, I could not access the files and folders
on the phone from the computer and could not copy photos from the phone etc.

The solution was to delete the /var/lib/lockdown/ directory. I believe that when you pair
an iphone with a linux machine, that directory is created. It has something to do with some kind of certificate the phone issues (TLS I believe) to the computer. The credentials the computer had did not match the phone as the phone had been updated to IOS 11 from 10 and then I updated from IOS 11 to 12. Once the directory was deleted I plugged in the phone and, at last, saw the dialogue on it asking if the computer could be trusted. Once i tapped "yes" the phone and computer were paired. Took me a whole day to figure that out hahahaha

Last edited by THX1138 (2019-02-06 15:04:48)


I did not attend his funeral, but I sent a nice letter saying I approved of it. (Mark Twain)

Offline

Board footer

Powered by FluxBB