Forum

Results 1 to 9 of 9
  1. #1
    Join Date
    January 2014
    Posts
    6

    TS3 Failure - FreeBSD Server Query

    Hi Everyone,

    I wrote a quick tutorial for FreeNAS and TS3.. I wasn't to inclined to cover server query. Previously my setup involved Windows client/FreeBSD TS3 Setup.. Now I primarily have Ubuntu / FreeBSD TS3 Setup.. I swear I had server query admin status when using Windows.. Not sure how I had set it up or if I hacked to get the status reset etc..

    I was going to add a section and cover some basics of serverquery under FreeBSD.. I may be mistaken but the serverquery admin password is auto generated on the servers first run and then placed into the log file.. I can easily obtain the one time use token (the long string) and login via a TS3 client with no issues for Server Admin status...

    Where is the info for the server query admin user? Just to be clear I see nothing like this regarding serverquery (see code).. Finding a solution to this without having to google around for an hour or two would be excellent.. Maybe I am just confused and missing it?!?!

    Code:
    ------------------------------------------------------------------
                          I M P O R T A N T
    ------------------------------------------------------------------
                  Server Query Admin Acccount created
             loginname= "serveradmin", password= "BAIPwM8X"
    ------------------------------------------------------------------
    Last edited by Yatti420; February 19th, 2016 at 10:33 PM.

  2. #2
    Join Date
    February 2012
    Location
    Germany
    Posts
    575
    The serverquery admin name and password is only printed to stdout by the server on database creation. It is not written to the log like the server admin token.
    If you want this directly saved in a file, redirect the server output to some file at the first start.

  3. #3
    Join Date
    January 2014
    Posts
    6
    Quote Originally Posted by Schlumpi View Post
    The serverquery admin name and password is only printed to stdout by the server on database creation. It is not written to the log like the server admin token.
    If you want this directly saved in a file, redirect the server output to some file at the first start.
    Typically I would start TS3 as a service.. I don't know what it does with output at that point.. Wouldn't know how to redirect it either because it only creates the first 2 log files.. The best thing for the installation script would be to redirect the admin query token to the log file aswell.. Goes against how I would typically setup a port etc..

  4. #4
    Join Date
    February 2012
    Location
    Germany
    Posts
    575
    An example may help. I made a custom startscript for Centos for my own server that detects the first start and redirects the server output to a file in this case. It detects the first start by checking the presence of the database file. If the database does not exist, it redirects the output to a file, otherwise to /dev/null.

    The relevant portion is like this: (this is an excerpt, not a complete start script)

    Code:
    [...]
    exec=/usr/bin/ts3server
    prog=$(basename $exec)
    config=/etc/teamspeak3/ts3server.ini
    snapconf=/etc/teamspeak3/snapshot
    dbdir=/var/lib/teamspeak3
    pidfile=/var/run/teamspeak3/ts3server.pid
    ts3user=teamspeak3
    
    [...]
    
      echo -n $"Starting Teamspeak 3 server $prog: "
    
      errout=$dbdir/query-admin-password.txt
      if grep -q "^dbplugin=ts3db_sqlite3" $config; then
        if [ -s $dbdir/ts3server.sqlitedb ]; then
          errout="/dev/null"
        else
          echo
          echo 1>&2 "This is the first start of a new Teamspeak 3 server."
          echo 1>&2 "Check $errout for the query admin password"
          echo 1>&2 "and the server admin token if the database was created successfully."
          echo -n $"Starting"
        fi
      fi
    
      if [ "$errout" != "/dev/null" ]; then
        echo "Teamspeak server started on `date`" >> $errout
        chown $ts3user:root $errout
        chmod 0640 $errout
      fi
    
      cd $dbdir
      runuser -s /bin/bash $ts3user -c "
        umask 0027
        $exec inifile=$config 1>/dev/null 2>>$errout &
        umask 0022
        echo -n \$! > $pidfile
      "
    The idea is to grab the password from query-admin-password.txt and let the server operator remove the file afterwards. To restrict access, the file mode is set to 640 (not world readable).
    Just writing the admin password to some general log file is not the best idea. The token is ok, because it becomes invalid as soon as it is used, but some daemon master password does not belong to a widely known and probably world-readable logfile.

  5. #5
    Join Date
    January 2014
    Posts
    6
    Quote Originally Posted by Schlumpi View Post
    An example may help. I made a custom startscript for Centos for my own server that detects the first start and redirects the server output to a file in this case. It detects the first start by checking the presence of the database file. If the database does not exist, it redirects the output to a file, otherwise to /dev/null.

    The relevant portion is like this: (this is an excerpt, not a complete start script)

    Code:
    [...]
    exec=/usr/bin/ts3server
    prog=$(basename $exec)
    config=/etc/teamspeak3/ts3server.ini
    snapconf=/etc/teamspeak3/snapshot
    dbdir=/var/lib/teamspeak3
    pidfile=/var/run/teamspeak3/ts3server.pid
    ts3user=teamspeak3
    
    [...]
    
      echo -n $"Starting Teamspeak 3 server $prog: "
    
      errout=$dbdir/query-admin-password.txt
      if grep -q "^dbplugin=ts3db_sqlite3" $config; then
        if [ -s $dbdir/ts3server.sqlitedb ]; then
          errout="/dev/null"
        else
          echo
          echo 1>&2 "This is the first start of a new Teamspeak 3 server."
          echo 1>&2 "Check $errout for the query admin password"
          echo 1>&2 "and the server admin token if the database was created successfully."
          echo -n $"Starting"
        fi
      fi
    
      if [ "$errout" != "/dev/null" ]; then
        echo "Teamspeak server started on `date`" >> $errout
        chown $ts3user:root $errout
        chmod 0640 $errout
      fi
    
      cd $dbdir
      runuser -s /bin/bash $ts3user -c "
        umask 0027
        $exec inifile=$config 1>/dev/null 2>>$errout &
        umask 0022
        echo -n \$! > $pidfile
      "
    The idea is to grab the password from query-admin-password.txt and let the server operator remove the file afterwards. To restrict access, the file mode is set to 640 (not world readable).
    Just writing the admin password to some general log file is not the best idea. The token is ok, because it becomes invalid as soon as it is used, but some daemon master password does not belong to a widely known and probably world-readable logfile.
    That's great for Linux based but what about BSD.. Right now the token one use key is to the log as you say.. The server query admin is either not outputted or sent nowhere.. So does this mean a server could be vulnerable or is it not necessary at all to use server query? For my use it's not a big deal but for others who aren't experts in BSD/Linux how could we do this.. I'm going to look to see what start script looks like on here.. Must be something I've overlooked as usual..

    Edit: Well created an ini and tried to force a new serveradmin password.. Putty responds with an ok but when I type help I get nothing.. I'm at a loss here..
    Last edited by Yatti420; February 20th, 2016 at 02:49 AM.

  6. #6
    Join Date
    January 2014
    Posts
    6
    I know I haven't been super clear.. Well i'm going to put it nicely.. I'm not going to worry about serverquery.. Not only is it fatally flawed under BSD and should probably be removed all around.. The support regarding this topic is atrocious.. Worst off it seems intentional.. I put in my time trying to figure it out.. Shouldn't have to go to the lengths I have to get "that little red S shield" visible via TS3.. It explains alot of 1 star articles relating to this topic. If anything bad happens I'll try mumble! Rant over..

  7. #7
    Join Date
    December 2004
    Location
    RF
    Posts
    3,006
    There's no difference regarding to logs and server query on any platform that TS is supporting.
    What you just wrote is a total bullshit and nothing else.
    Stop pretending that BSD is something of a special kind.

  8. #8
    Join Date
    January 2014
    Posts
    6
    Quote Originally Posted by ANR Daemon View Post
    There's no difference regarding to logs and server query on any platform that TS is supporting.
    What you just wrote is a total bullshit and nothing else.
    Stop pretending that BSD is something of a special kind.
    Then explain to me why server admin related info is outputted nowhere.. As per instructions it clearly is.. Worse off it looks like with all the recent changes older TS3 servers can't be used anymore and have been retired officially.. Sad.. Crazy.. Now I know why TS is suffering overall.. Understandable with multiple security exploits back to back i guess.. Anyways have fun I guess it's off to try Mumble.. No other choice currently.. I mean seriously.. I have to point everybody to Mumble because I can't even reinstall the software now ..

  9. #9
    Join Date
    December 2004
    Location
    RF
    Posts
    3,006
    Read the topic again. You've been repeatedly told the reason.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Failure to connect to server help
    By Ulezz in forum Windows
    Replies: 1
    Last Post: August 30th, 2014, 01:48 PM
  2. failure to connect to server
    By dreamslayers in forum Client Support
    Replies: 1
    Last Post: June 24th, 2011, 01:33 AM
  3. Failure to connect to server
    By Clown_n_ya in forum Windows
    Replies: 3
    Last Post: May 4th, 2011, 10:20 AM
  4. Failure to connect to server
    By Clown_n_ya in forum Bug Reports [EN/DE]
    Replies: 3
    Last Post: May 4th, 2011, 10:20 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •