Unable to edit white/blacklist entries

Please follow the below template, it will help us to help you!

Please ensure that you are running the latest version of the beta code.
Run pihole -up to update to the latest, then verify that the problem still exists before reporting it.

Problem with Beta 5.0:
I’m unable to add or remove entries from the white/blacklist through the admin panel. I have success editing these entries using the pihole command. When removing an entry, it looks as if it’s being removed, but upon refresh, it shows again.

Whenever I use the panel to edit entries, I notice this error in the pihole-FTL.log:

[2020-01-28 19:40:46.409 3249] Warning: Invalid regex blacklist filter "^adtrack(er|ing)?[0-9]*[-.": Unmatched [, [^, [:, [., or [= (error code 7)

I tried to use the panel to remove that entry but no luck.

Debug Token:
92ts03ewf8

That regex needs a ] on the end to close the bracket.

Yeah but for some reason it was imported from regex.list and I’m unsure on the best way to fix it since removing it through the panel doesn’t do anything.

– Edit –

I somehow got it removed but upon adding the fixed entry, I got this error:

Issue still persists with an install on a different system…

Token: 4o60oi3k8c

What are the permissions on your database and the pihole folder? Please copy/paste the output of

ls -lh /etc | grep pihole
ls -lh /etc/pihole

ls -lh /etc | grep pihole

drwxrwxr-x 3 pihole pihole 4.0K Mar 4 15:14 pihole

ls -lh /etc/pihole

total 184M
-rw-r--r-- 1 pihole pihole  314 Mar  4 01:01 adlists.list
-rw-r--r-- 1 pihole pihole  313 Feb  2 00:21 adlists.list.old
-rw-r--r-- 1 pihole pihole 2.3K Mar  1 03:09 black.list
-rw-r--r-- 1 pihole pihole    0 Mar  4 01:26 dhcp.leases
-rw-r--r-- 1 pihole pihole  596 Mar  4 01:26 dns-servers.conf
-rw-r--r-- 1 pihole pihole   13 Mar  4 00:57 ftlbranch
-rw-r--r-- 1 pihole pihole   18 Mar  4 12:23 GitHubVersions
-rw-rw-r-- 1 pihole pihole  84M Mar  4 01:27 gravity.db
-rw-r--r-- 1 pihole pihole  22M Mar  1 03:09 gravity.list
-rw-r--r-- 1 pihole pihole 1.1K Mar  4 01:26 install.log
-rw-r--r-- 1 root   root   9.8K Mar  4 01:26 list.0.hosts-file.net.domains
-rw-r--r-- 1 root   root    29K Mar  4 01:26 list.10.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   495K Mar  4 01:26 list.11.hostsfile.org.domains
-rw-r--r-- 1 root   root   279K Mar  4 01:26 list.12.someonewhocares.org.domains
-rw-r--r-- 1 root   root   129K Mar  4 01:26 list.13.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   143K Mar  4 01:26 list.14.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   204K Mar  4 01:26 list.15.winhelp2002.mvps.org.domains
-rw-r--r-- 1 root   root   2.1M Mar  4 01:26 list.16.hostsfile.mine.nu.domains
-rw-r--r-- 1 root   root   4.6M Mar  4 01:26 list.17.adblock.mahakala.is.domains
-rw-r--r-- 1 root   root   252K Mar  4 01:26 list.18.adaway.org.domains
-rw-r--r-- 1 root   root   440K Mar  4 01:26 list.19.v.firebog.net.domains
-rw-r--r-- 1 root   root    13K Mar  4 01:26 list.1.reddestdream.github.io.domains
-rw-r--r-- 1 root   root    43K Mar  4 01:26 list.20.s3.amazonaws.com.domains
-rw-r--r-- 1 root   root   1.3M Mar  4 01:26 list.21.hosts-file.net.domains
-rw-r--r-- 1 root   root    32K Mar  4 01:26 list.22.v.firebog.net.domains
-rw-r--r-- 1 root   root    53K Mar  4 01:26 list.23.pgl.yoyo.org.domains
-rw-r--r-- 1 root   root    230 Mar  4 01:26 list.24.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root    52K Mar  4 01:26 list.25.v.firebog.net.domains
-rw-r--r-- 1 root   root    58K Mar  4 01:26 list.26.v.firebog.net.domains
-rw-r--r-- 1 root   root    31K Mar  4 01:26 list.27.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   9.5K Mar  4 01:26 list.28.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   1.2M Mar  4 01:26 list.29.v.firebog.net.domains
-rw-r--r-- 1 root   root   135K Mar  4 01:26 list.2.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root    50K Mar  4 01:26 list.30.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root    12K Mar  4 01:26 list.31.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   5.8K Mar  4 01:26 list.32.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   240K Mar  4 01:26 list.33.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   1.7K Mar  4 01:26 list.34.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   4.7K Mar  4 01:26 list.35.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root    44K Mar  4 01:26 list.36.s3.amazonaws.com.domains
-rw-r--r-- 1 root   root   581K Mar  4 01:26 list.37.mirror1.malwaredomains.com.domains
-rw-r--r-- 1 root   root    31K Mar  4 01:26 list.38.hosts-file.net.domains
-rw-r--r-- 1 root   root   6.0M Mar  4 01:26 list.39.hosts-file.net.domains
-rw-r--r-- 1 root   root   1.5K Mar  4 01:26 list.3.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   4.0M Mar  4 01:26 list.40.hosts-file.net.domains
-rw-r--r-- 1 root   root    50K Mar  4 01:26 list.41.mirror.cedia.org.ec.domains
-rw-r--r-- 1 root   root    22K Mar  4 01:26 list.42.www.malwaredomainlist.com.domains
-rw-r--r-- 1 root   root    43K Mar  4 01:26 list.43.bitbucket.org.domains
-rw-r--r-- 1 root   root   590K Mar  4 01:26 list.44.v.firebog.net.domains
-rw-r--r-- 1 root   root   590K Mar  4 01:26 list.45.v.firebog.net.domains
-rw-r--r-- 1 root   root      0 Mar  4 01:26 list.46.ransomwaretracker.abuse.ch.domains
-rw-r--r-- 1 root   root   331K Mar  4 01:26 list.47.v.firebog.net.domains
-rw-r--r-- 1 root   root    48K Mar  4 01:26 list.48.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root      0 Mar  4 01:26 list.49.zeustracker.abuse.ch.domains
-rw-r--r-- 1 root   root    13K Mar  4 01:26 list.4.v.firebog.net.domains
-rw-r--r-- 1 root   root   1.2M Mar  4 01:26 list.50.v.firebog.net.domains
-rw-r--r-- 1 root   root   138K Mar  4 01:26 list.5.v.firebog.net.domains
-rw-r--r-- 1 root   root   403K Mar  4 01:26 list.6.sysctl.org.domains
-rw-r--r-- 1 root   root   6.9K Mar  4 01:26 list.7.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   2.0M Mar  4 01:26 list.8.www.dshield.org.domains
-rw-r--r-- 1 root   root   1.3M Mar  4 01:26 list.9.www.joewein.net.domains
-rw-r--r-- 1 pihole pihole   38 Mar  4 15:10 localbranches
-rw-r--r-- 1 pihole pihole  166 Mar  4 01:26 local.list
-rw-r--r-- 1 pihole pihole   52 Mar  4 15:10 localversions
-rw-r--r-- 1 root   root    234 Mar  4 01:26 logrotate
-rw-r--r-- 1 pihole pihole 2.3M Mar  4 00:57 macvendor.db
drwxr-xr-x 2 pihole pihole 4.0K Mar  4 00:58 migration_backup
-rw-rw-r-- 1 pihole pihole   15 Mar  4 01:26 pihole-FTL.conf
-rw-r--r-- 1 pihole pihole  48M Mar  4 15:15 pihole-FTL.db
-rw-r--r-- 1 pihole pihole  503 Mar  4 01:26 setupVars.conf
-rw-r--r-- 1 pihole pihole  503 Mar  4 01:26 setupVars.conf.update.bak

That seems okay, is the web interface user member of the group pihole?

I believe so:

To make things weirder, I can make changes to the white/blacklist using the pihole command in terminal and it works fine, but when I use the web interface, I get an error.

Look in the group www-data if the user pihole is present or vise versa.

1 Like

The permissions of the web interface are intentionally much more locked down to avoid opening security holes when other web services are hosted next to Pi-hole on the same web server so this is expected in some degree.

Had same issue here, fixed it by:

usermod -a -G pihole www-data
service pihole-FTL restart
service lighttpd restart

1 Like

Present in both but still no luck

Did this and still no luck.

Did ‘usermod -a -G www-data pihole’ before that and didn’t work, perhaps you need both and restart the services?

Yup, did usermod then restarted pihole-FTL & nginx (using nginx)

The rights are pihole:pihole so you have to add www-data to the pihole group. So what Harm_Veenstra wrote should work. This is different to ehat you did.

usermod -a -G www-data pihole

From a earlier pm exchange about this.

We ensure this by adding www-data to the pihole group and giving g+w permissions to the database

Remark: the g+w is already present on gravity.db.

nginx as web server is not officially supported so we have never tried it. Are there any pointers in the nginx log file? Otherwise, try a full restart of the system just in case nginx has PHP in some dedicated workers that do not pick up the changed permissions when restarting the mother process (even if this is unlikely).

This is the only error I get when attempting to modify the lists through the web interface. Performed a full system reboot and still no luck.

2020/03/07 13:53:21 [error] 3064#3064: *1 FastCGI sent in stderr: "PHP message: PHP Warning: SQLite3Stmt::execute(): Unable to execute statement: attempt to write a readonly database in /var/www/html/admin/scripts/pi-hole/php/groups.php on line 450" while reading response header from upstream, client: 10.10.0.2, server: <snip>.com, request: "POST /admin/scripts/pi-hole/php/groups.php HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm.sock:", host: "<snip>.com", referrer: "https://<snip>.com/admin/groups-domains.php?type=white"

Since nginx isn’t supported by 5.0, I’m going to revert back to stable.

I am running Nginx on my test Pi-hole. I remrber that I had to install a PHP package without the version number and with the versionnumber.

%edit%

It was php-sqlite3 and you have also to install the one with the version number in the name.

Someting like php7.2-sqlite3

Yup, installed, still not working.

You should compare your config files in this case. Also, @msatter may be able to advise who has to be member of group pihole. Maybe @firestorrrm’s system is configured differently and PHP is using a different user? This would explain this.

The sqlite3 error showed that sqlite3 was already available for @firestorrrm even before installing the other package.

See also: