Unable to edit white/blacklist entries

Please follow the below template, it will help us to help you!

Please ensure that you are running the latest version of the beta code.
Run pihole -up to update to the latest, then verify that the problem still exists before reporting it.

Problem with Beta 5.0:
I'm unable to add or remove entries from the white/blacklist through the admin panel. I have success editing these entries using the pihole command. When removing an entry, it looks as if it's being removed, but upon refresh, it shows again.

Whenever I use the panel to edit entries, I notice this error in the pihole-FTL.log:

[2020-01-28 19:40:46.409 3249] Warning: Invalid regex blacklist filter "^adtrack(er|ing)?[0-9]*[-.": Unmatched [, [^, [:, [., or [= (error code 7)

I tried to use the panel to remove that entry but no luck.

Debug Token:
92ts03ewf8

That regex needs a ] on the end to close the bracket.

Yeah but for some reason it was imported from regex.list and I’m unsure on the best way to fix it since removing it through the panel doesn’t do anything.

-- Edit --

I somehow got it removed but upon adding the fixed entry, I got this error:

Issue still persists with an install on a different system...

Token: 4o60oi3k8c

What are the permissions on your database and the pihole folder? Please copy/paste the output of

ls -lh /etc | grep pihole
ls -lh /etc/pihole

ls -lh /etc | grep pihole

drwxrwxr-x 3 pihole pihole 4.0K Mar 4 15:14 pihole

ls -lh /etc/pihole

total 184M
-rw-r--r-- 1 pihole pihole  314 Mar  4 01:01 adlists.list
-rw-r--r-- 1 pihole pihole  313 Feb  2 00:21 adlists.list.old
-rw-r--r-- 1 pihole pihole 2.3K Mar  1 03:09 black.list
-rw-r--r-- 1 pihole pihole    0 Mar  4 01:26 dhcp.leases
-rw-r--r-- 1 pihole pihole  596 Mar  4 01:26 dns-servers.conf
-rw-r--r-- 1 pihole pihole   13 Mar  4 00:57 ftlbranch
-rw-r--r-- 1 pihole pihole   18 Mar  4 12:23 GitHubVersions
-rw-rw-r-- 1 pihole pihole  84M Mar  4 01:27 gravity.db
-rw-r--r-- 1 pihole pihole  22M Mar  1 03:09 gravity.list
-rw-r--r-- 1 pihole pihole 1.1K Mar  4 01:26 install.log
-rw-r--r-- 1 root   root   9.8K Mar  4 01:26 list.0.hosts-file.net.domains
-rw-r--r-- 1 root   root    29K Mar  4 01:26 list.10.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   495K Mar  4 01:26 list.11.hostsfile.org.domains
-rw-r--r-- 1 root   root   279K Mar  4 01:26 list.12.someonewhocares.org.domains
-rw-r--r-- 1 root   root   129K Mar  4 01:26 list.13.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   143K Mar  4 01:26 list.14.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   204K Mar  4 01:26 list.15.winhelp2002.mvps.org.domains
-rw-r--r-- 1 root   root   2.1M Mar  4 01:26 list.16.hostsfile.mine.nu.domains
-rw-r--r-- 1 root   root   4.6M Mar  4 01:26 list.17.adblock.mahakala.is.domains
-rw-r--r-- 1 root   root   252K Mar  4 01:26 list.18.adaway.org.domains
-rw-r--r-- 1 root   root   440K Mar  4 01:26 list.19.v.firebog.net.domains
-rw-r--r-- 1 root   root    13K Mar  4 01:26 list.1.reddestdream.github.io.domains
-rw-r--r-- 1 root   root    43K Mar  4 01:26 list.20.s3.amazonaws.com.domains
-rw-r--r-- 1 root   root   1.3M Mar  4 01:26 list.21.hosts-file.net.domains
-rw-r--r-- 1 root   root    32K Mar  4 01:26 list.22.v.firebog.net.domains
-rw-r--r-- 1 root   root    53K Mar  4 01:26 list.23.pgl.yoyo.org.domains
-rw-r--r-- 1 root   root    230 Mar  4 01:26 list.24.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root    52K Mar  4 01:26 list.25.v.firebog.net.domains
-rw-r--r-- 1 root   root    58K Mar  4 01:26 list.26.v.firebog.net.domains
-rw-r--r-- 1 root   root    31K Mar  4 01:26 list.27.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   9.5K Mar  4 01:26 list.28.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   1.2M Mar  4 01:26 list.29.v.firebog.net.domains
-rw-r--r-- 1 root   root   135K Mar  4 01:26 list.2.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root    50K Mar  4 01:26 list.30.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root    12K Mar  4 01:26 list.31.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   5.8K Mar  4 01:26 list.32.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   240K Mar  4 01:26 list.33.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   1.7K Mar  4 01:26 list.34.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   4.7K Mar  4 01:26 list.35.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root    44K Mar  4 01:26 list.36.s3.amazonaws.com.domains
-rw-r--r-- 1 root   root   581K Mar  4 01:26 list.37.mirror1.malwaredomains.com.domains
-rw-r--r-- 1 root   root    31K Mar  4 01:26 list.38.hosts-file.net.domains
-rw-r--r-- 1 root   root   6.0M Mar  4 01:26 list.39.hosts-file.net.domains
-rw-r--r-- 1 root   root   1.5K Mar  4 01:26 list.3.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   4.0M Mar  4 01:26 list.40.hosts-file.net.domains
-rw-r--r-- 1 root   root    50K Mar  4 01:26 list.41.mirror.cedia.org.ec.domains
-rw-r--r-- 1 root   root    22K Mar  4 01:26 list.42.www.malwaredomainlist.com.domains
-rw-r--r-- 1 root   root    43K Mar  4 01:26 list.43.bitbucket.org.domains
-rw-r--r-- 1 root   root   590K Mar  4 01:26 list.44.v.firebog.net.domains
-rw-r--r-- 1 root   root   590K Mar  4 01:26 list.45.v.firebog.net.domains
-rw-r--r-- 1 root   root      0 Mar  4 01:26 list.46.ransomwaretracker.abuse.ch.domains
-rw-r--r-- 1 root   root   331K Mar  4 01:26 list.47.v.firebog.net.domains
-rw-r--r-- 1 root   root    48K Mar  4 01:26 list.48.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root      0 Mar  4 01:26 list.49.zeustracker.abuse.ch.domains
-rw-r--r-- 1 root   root    13K Mar  4 01:26 list.4.v.firebog.net.domains
-rw-r--r-- 1 root   root   1.2M Mar  4 01:26 list.50.v.firebog.net.domains
-rw-r--r-- 1 root   root   138K Mar  4 01:26 list.5.v.firebog.net.domains
-rw-r--r-- 1 root   root   403K Mar  4 01:26 list.6.sysctl.org.domains
-rw-r--r-- 1 root   root   6.9K Mar  4 01:26 list.7.raw.githubusercontent.com.domains
-rw-r--r-- 1 root   root   2.0M Mar  4 01:26 list.8.www.dshield.org.domains
-rw-r--r-- 1 root   root   1.3M Mar  4 01:26 list.9.www.joewein.net.domains
-rw-r--r-- 1 pihole pihole   38 Mar  4 15:10 localbranches
-rw-r--r-- 1 pihole pihole  166 Mar  4 01:26 local.list
-rw-r--r-- 1 pihole pihole   52 Mar  4 15:10 localversions
-rw-r--r-- 1 root   root    234 Mar  4 01:26 logrotate
-rw-r--r-- 1 pihole pihole 2.3M Mar  4 00:57 macvendor.db
drwxr-xr-x 2 pihole pihole 4.0K Mar  4 00:58 migration_backup
-rw-rw-r-- 1 pihole pihole   15 Mar  4 01:26 pihole-FTL.conf
-rw-r--r-- 1 pihole pihole  48M Mar  4 15:15 pihole-FTL.db
-rw-r--r-- 1 pihole pihole  503 Mar  4 01:26 setupVars.conf
-rw-r--r-- 1 pihole pihole  503 Mar  4 01:26 setupVars.conf.update.bak

That seems okay, is the web interface user member of the group pihole?

I believe so:

To make things weirder, I can make changes to the white/blacklist using the pihole command in terminal and it works fine, but when I use the web interface, I get an error.

The permissions of the web interface are intentionally much more locked down to avoid opening security holes when other web services are hosted next to Pi-hole on the same web server so this is expected in some degree.

Had same issue here, fixed it by:

usermod -a -G pihole www-data
service pihole-FTL restart
service lighttpd restart

1 Like

Present in both but still no luck

Did this and still no luck.

Did ‘usermod -a -G www-data pihole’ before that and didn’t work, perhaps you need both and restart the services?

Yup, did usermod then restarted pihole-FTL & nginx (using nginx)

nginx as web server is not officially supported so we have never tried it. Are there any pointers in the nginx log file? Otherwise, try a full restart of the system just in case nginx has PHP in some dedicated workers that do not pick up the changed permissions when restarting the mother process (even if this is unlikely).

This is the only error I get when attempting to modify the lists through the web interface. Performed a full system reboot and still no luck.

2020/03/07 13:53:21 [error] 3064#3064: *1 FastCGI sent in stderr: "PHP message: PHP Warning: SQLite3Stmt::execute(): Unable to execute statement: attempt to write a readonly database in /var/www/html/admin/scripts/pi-hole/php/groups.php on line 450" while reading response header from upstream, client: 10.10.0.2, server: <snip>.com, request: "POST /admin/scripts/pi-hole/php/groups.php HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm.sock:", host: "<snip>.com", referrer: "https://<snip>.com/admin/groups-domains.php?type=white"

Since nginx isn't supported by 5.0, I'm going to revert back to stable.

Yup, installed, still not working.

You should compare your config files in this case. Also, @anon55913113 may be able to advise who has to be member of group pihole. Maybe @firestorrrm's system is configured differently and PHP is using a different user? This would explain this.

The sqlite3 error showed that sqlite3 was already available for @firestorrrm even before installing the other package.

See also:

Finally got it to work!

I went through each directory for pihole and looked at the ownership/group of each file. Here's what I found:

The ownership for /var/www/html/admin/scripts was www-data:

drwxr-xr-x 4 www-data www-data   4096 Mar  7 14:09 scripts

Within the scripts directory, the ownership for /var/www/html/admin/scripts/pi-hole was also www-data:

drwxr-xr-x 4 www-data www-data 4096 Mar  7 14:09 pi-hole

As well as the directories inside js and php

drwxr-xr-x 2 www-data www-data 4096 Mar  8 15:58 js
drwxr-xr-x 2 www-data www-data 4096 Mar  8 15:58 php

However, the files within, had root as the owner/group. Here's a snip from the php folder:

-rw-r--r-- 1 root root  2549 Mar  8 15:58 add.php
-rw-r--r-- 1 root root   431 Mar  8 15:58 api_token.php
-rw-r--r-- 1 root root  5033 Mar  8 15:58 auth.php
-rw-r--r-- 1 root root  3881 Mar  8 15:58 customdns.php
-rw-r--r-- 1 root root  7621 Mar  8 15:58 database.php
-rw-r--r-- 1 root root   728 Mar  7 22:55 debug.php
-rw-r--r-- 1 root root  3855 Mar  8 15:58 footer.php
-rw-r--r-- 1 root root  1382 Mar  8 15:58 FTL.php
-rw-r--r-- 1 root root  1516 Mar  8 15:58 func.php
-rw-r--r-- 1 root root  1788 Mar  8 15:58 gravity.php
-rw-r--r-- 1 root root  1225 Mar  7 22:55 gravity.sh.php
-rw-r--r-- 1 root root 27659 Mar  8 15:58 groups.php
-rw-r--r-- 1 root root 32099 Mar  8 15:58 header.php
-rw-r--r-- 1 root root  3560 Mar  8 15:58 loginpage.php
-rw-r--r-- 1 root root  3208 Mar  7 22:55 password.php
-rw-r--r-- 1 root root  1740 Mar  7 22:55 queryads.php
-rw-r--r-- 1 root root 20507 Mar  8 15:58 savesettings.php
-rw-r--r-- 1 root root  1285 Mar  7 22:55 tailLog.php
-rw-r--r-- 1 root root 14484 Mar  8 15:58 teleporter.php
-rw-r--r-- 1 root root  2535 Mar  7 22:55 update_checker.php

Once I changed the ownership of these files to www-data, I was able to restore the functionality of editing the white/blacklists in the admin panel.

1 Like

Well, glad you found it, however, it is entirely unclear why this would affect writing on the database which is not only a different file but even in an entirely different directory...

Worked for me with some slight alterations (ubuntu install), I included the above chown option for the web pages.

chown www-data:www-data -R /var/www/html/admin/
usermod -aG pihole www-data
service pihole-FTL restart
systemctl restart apache2