Cannot login to webserver using any account
I had set up the back end and everything seemed to be working fine. Set to set up a Kodi front end (LibreELEC 7.02) on a raspberry pi 3, installed the TVHeadEnd add-on and configured it to use an account I had already set up on the backend. When I activated it, it kept reporting that the server disconnected every five seconds or so. I turned on logging there (it was already on on the backend), but the front end reported noting and the backend reported nothing about failed connection attempts. I tried resetting the password on both ends in case I had made a mistake, changed the netmask to 0.0.0.0/0, turned on all more access options, bounced the server several times--all to no avial. Finally, I logging on to the web interface on the same machine I was configuring the back end with using the Kodi credentials, and could not.
This had the consequence of logging me out of the web interfase already running on the same machine, so I logged back in using the default account and blanked the password for the Kodi user, and still couldn't get in. This logged me out of the other page again, but this time I couldn't log back in using the default user. I tried another administrative account I had set up before (although I don't recall if I tested it), and that didn't work either. I still had ssh access to the server, so I edited /home/hts/.hts/tvheadend/superuser blanked the password for that, but that didn't help. I renamed the file--nothing. Renamed the accesscontrol directory, untarred a file I found in the backup directory and used the password in it, and replaced the superuser file with it, all to no avial. To be clear, I bounded the server after every change and verfied all the files an dirctories I fiddled were set to the original owner and permissions. I also want to clarify that I did nothing to the configuration, other than make the stated changes to the Kodi user prior to loosing access. It generates a lot of syslog entries every time I bounce it, but nothing that alarming or even particularly relevant (almost all related to the epg--so that's working!).
I'm stumped at this point. I don't know what's generating the web page, since there is no web server installed, although I expect it is a perl or python script. I'd appricate any help on this. I've dabbled in perl and python, so if someone has some insight as to where the authentication is peformed that would help.
Are you ABSOLUTELY sure that TVHeadend is being started by user 'hts' - I'd say 100% of issues I've seen with being able to login (and Kodi being refused access) is down to the wrong user being used to start TVHeadend.
By default (i.e. when you use the packaged version of TVH) a user called 'hts' is created who is a member of the group 'video' (sometimes the group is 'hts' too but that wouldn't cause login issues).
If you start TVHeadend using systemd (systemctl start tvheadend) or sysinit (/etc/init.d/tvheadend start or service tvheadend start) then the default user is used (I think it's stored in /etc/tvheadend). If however you start TVHeadend from the command line, it will run under your current user unless you do "sudo su hts" and then run the TVHeadend binary.
The importance of this is that the .hts configuration directory is written to the user directory who ran the binary, so if you configured TVHeadend as your user then tried to run it in daemon mode under the 'hts' user, the configuration will not exist (the same is true the other way round).Double check that;
- The user in /etc/tvheadend matches the user you are running the TVHeadend binary as
- You are using the appropriate method to start TVHeadend
If you've done that, you can try the following. This will start TVHeadend as the 'hts' user but in default configuration mode which will allow you to reset passwords if required;
/usr/bin/tvheadend -c /home/hts/.hts -u hts -g video -C
The important flag is the -C flag which starts TVHeadend in 'first run' mode. You can close the wizard that opens on start and just configure your user, then terminate the TVHeadend binary (ctrl+c) and then start it in daemon mode using systemctl, init.d or service (whichever is configured on your distro).
If the 'hts' user is not a member of the 'video' group, then run the following;
sudo usermod -a -G video hts
The 'hts' user needs to belong to the 'video' group to access DVB devices, the TVHeadend package should configure this so this step may not be necessary unless TVHeadend fails to start in the command above.
If/when you get back in, I would disable digest authentication (Configuration > General > Base, uncheck 'Use http digest authentication'). I find digest auth unreliable in TVHeadend and it can cause login issues.
RE: Cannot login to webserver using any account - Added by Ron Seike over 6 years ago
Thanks for the quick response, Jonathan.
Yes I am positive that that tvheadend was always running as hts: configured as such in /etc/default/tvheadend; I always started is with systemctl; and syslog entries showed it starting as such and no file permission errors. Also, I have been working on getting the everything working for over a week without any authentication issues. Because I am in the US using broadcast ATSC and a webpage EPG grabber, the setup is more complicated and even less well documented than the DVB-based configurations. That and I’ve never done this before.
Your digest authentication corruption suggestion seems quite probable given that I was fiddling with the configuration in the weberface as the Kodi server kept banging on it (it was in another room, hence awkward to turn off and on with each change). Unfortunately, after starting in first-run mode to clear the access config, I find no option to disable digest authentication in the General tab nor anywhere else. I think you may be thinking of a earlier version, as the configuration path on my 4.0.8 is also different (/home/hts/.hts/tvheadend) than what you specified and there was no wizard, just came up all daemon-like and I could get to the web page without authenticating. I do think it is probably using digest authentication because the passwords are hashed (although I am not smart enough to know by what algorithm). One thing that is different from before is that it created the default user under Access Entires and is ignoring the superuser file. If anyone knows how to turn it off on a four-ish install, I’d appreciate you input. What would be particularly awesome would be to get it to use ssl; I’m always concerned that Russian hackers will change my recording schedules.
One other thing I will mention--although it seems unrelated beyond that it falls under the category of not doing as it is told--is that I cannot get it to save the channel names. It reverts to names generated from the major and minor channel number station call sign, which are very unhelpful for me as neither of these relate to how the stations identify themselves. Thing is, it keeps some of the substitutions, but reverts others fairly randomly each time. Eventually, it will all probably be the generated names, although I can probably fix that on the front end if I can’t find a way to fix it here.
Sorry I've made the assumption that you were running the development (4.1) branch so the digest option may not exist in 4.0 (I never ran the stable/4.0 branch so I don't really know what features exist across the two versions).
The configuration path is the same on both our systems, the 'tvheadend' bit is created automatically by tvheadend, so if you include that in the path, tvheadend will create another 'tvheadend' directory under the 'tvheadend' directory Best explained like this;
This is the correct path:
This is incorrect:
If you configure the path as per the second example, tvheadend will create a subfolder called 'tvheadend' so you end up with;
This may cause issues if again the deamon and the binary version don't both reference the exact path for the configuration.
As for channel names, assuming the same applies to 4.0 as it does to 4.1, navigate to Configuration > Channel/EPG > Channels and uncheck the "Always use the name defined by the network" flag.
As an aside, if you're not yet up and running, may I suggest you switch to 4.1 so you get all the enhancements over 4.0 plus you'll find it easier to get support from some of the more technical members on the forum as a lot of us a running the 4.1 builds.
Hi all, please forgive me if this is the wrong place for this or if it has already been dealt with elsewhere. I am very new to this and just trying to figure things out (I'm a biologist, not a computer guy). I have two issues. A little background first. I want to use my QNAP NAS as the backend to run tvheadend and use kodi as the frontend and run tvheadend as an add-on in order to use my NAS as a DVR. I have HDHomerun working and setup with Tvheadend. I can watch live tv through the HDhomerun app (on my comp, phone, ipad). I can also watch live tv through kodi. I was previously able to go into tvheadend through the web on my NAS, and record, and then watch a show (I did this one time with one of the world series games) on my computer. Problems: I can't figure out how to set up something to record going from Kodi. When I have pushed record nothing worked. And now, recently, when I tried to go back into the tvheadend app on the NAS from the web using my computer, it won't let access. It says 'authentication required' http://192.168.1.130:9981 your connection to this site is not private. Username_________ Password ____. I have tried my normal passwords. xbmc/xbmc. So, I am hoping you can help me get back in to the app, and to get it setup to record from Kodi. Thanks, Brian