Aus NAS Wiki
HowTo create an Application for the NAS4220
HowTo compile Programs
As the platform of the IB-NAS4220 is binary compatibel to IB-NAS1000/2000, packages can be compiled the same way. Links and pathes of both platforms are different therefore packages of both plattforms are not running on the other NAS.
Links to nas-2000.org:
How to update the IB-NAS4220 with a RAID1 (ext2/ext3) to harddrives with higher capacity
You don't need any extra harddrives for updating your drives without lose of your data.
These are the following steps which have to be done:
- remove your small harddrives from the IB-NAS4220
- install your new harddrives with the higher capacity in your NAS
- create a new RAID1 on the NAS
- attach your old harddrives to a PC with network connection
- boot your PC with a Linux Life-CD like Knoppix or install a driver for the ext2/ext3 filesystem on your Windows.
- copy your data over the net on your NAS
To log on to more than one smb-share simultanously using different user names does not work. You very likely will get an error message like this:
If you need to access a different share, which asks for a different user, you need to disconnect the actual connection.
To connect to the NFS-Shares from MacOS follow these steps:
- Enable NFS (Control Panel-> File Server -> enable NFS Server)
- Enable NFS-Access
- Control Panel -> Share Management -> mark the wished share [remember the selected sharename and path, you will need it later - eg. path: /mnt/md1 sharename: public] -> press "NFS Access" ->
- either "Allow for all" [insecure! only use it if your NAS is accessable only localy or you know how to secure your network!] or
- enter IP-Address or
- subnet (for example 192.168.100.0/255.255.255.0 for all networkdevices in 192.168.100.1 to .254)
-> "Add" -> "Save" -> "Save")
- in MacOS open the terminal (Applications->Utilities) [personaly i recommend iTerm - but both will to]
- make wished mountpoint on your local Mac eg. ~/Desktop/NAS-PUBLIC (your desktop)
- then mount the NFS-Share there (replace NASIP, /mnt/md1, public and the local path to your needs)
mkdir ~/Desktop/NAS-SHARE sudo mount_nfs -P NASIP:/mnt/md1/public ~/Desktop/NAS-PUBLIC # sudo-Password is your local Mac-Password!!!!
Faulty stuff for me was an "Operation not permitted"-error. The "-P"-switch helps on MacOS. Information for mounting the share at startuptime (and the missing hint for the problem) is taken from here - but right now i don't have time to verify this.
Mounting via GUI
- Start Application->Utilities->Directory Utility. "Show Advanced Settings"->"Mounts", add new mount with "+"
- "Remote NFS URL:" -> nfs://NASIP/mnt/md1/public <- replace NASIP, md1 and public for your own needs
- "Mount location:" -> /Users/USER/MOUNTPOINT <- replace for your own needs
- open "Advanced Mount Parameters" with the little grey arrow and enter "-P" (without quotation marks!)
- "Verify" -> "Apply"
- Done. The NFS-Mount will from now on be mounted at boottime.
After working with this for a while the connection doesn't establish any more. mount-command returns something like "mount_nfs: bad MNT RPC:"
Workaround: The hostname of the mac needs to be inserted into /etc/hosts of the NAS.
- open System Preferences -> Sharing and remember Computer Name
- open Terminal (look above), following should echo the same, else remember this one too
- connect to NAS and edit hosts. Use your own IP and MACNAME. If Computer Name and hostname aren't identical use both eg. MACNAME and MACNAME.local. Don't forget to make the backup of hosts! Next command will to a backup and write the necessary information to /etc/hosts
cp /etc/hosts /etc/hosts.bak echo 192.168.100.2 MACNAME >> /etc/hosts # ALTERNATIVE !!!! echo 192.168.100.2 MACNAME MACNAME.local >> /etc/hosts
It's strange but it works finally. Maybe we can get around this later on. Stay tuned ;)
I've done some NFS-speedtests. It seems to me that ever higher the transferchunks ever better the whole performance. Not only the speed but also the cpu-usage. Therefor the options rsize,wsize or rwsize can be used. (mount_nfs -P -o rsize=10240,wsize=10240) If you don't know what you're doing don't do it ;)
HowTo use compiled programms of other distributions
When I was trying to x-compile perl for my 4220 I went into some trouble (some missing things and so on), so I decided try to use a precompiled perl package: For this purpose Debian fits quite well, just goto the Debian ftp-servers, download the package(s) you need (look for the dependencies!).
Next unpack the .deb-file -> ar x package.deb the data.tgz contains the program including other files upload the extracted files from data.tgz to the NAS storage if required link the libaries to the matching dirs (e.g. /usr/lib ,...)
Have fun using the programs.
Installation of a Debian-System (chroot)
Following i did successfully. Even if i didn't like the chrootidea cause of the performance i'll give a short descrition.
- Download of a basesystem SourceForge - Linux on Psion (Sargebook - Debian 3.1) to /mnt/md1/public/debian
- untar the archive and mount proc
cd /mnt/md1/public/debian/ tar xzvf SargeBook_v5.tgz mount -t proc none ./proc
- chroot into it -
usr/sbin/chroot ./ /bin/bash
- modify /etc/resolv.conf so it's a nameserver in it eg. 192.168.1.1
echo "nameserver 192.168.1.1" > /etc/resolv.conf
- modify dist-mirrors and install some needed stuff (you may want some other location than ftp.de.debian.org ;) )
echo "deb http://security.debian.org/ sarge/updates main contrib non-free" > /etc/apt/sources.list echo "deb http://ftp.de.debian.org/debian sarge main" >> /etc/apt/sources.list apt-get update apt-get install apt-utils apt-get install nano iptraf findutils apt-get upgrade
- if wished, upgrade debian to etch:
echo "deb http://security.debian.org/ etch/updates main contrib non-free" > /etc/apt/sources.list echo "deb http://ftp.de.debian.org/debian etch main" >> /etc/apt/sources.list apt-get update apt-get dist-upgrade
- for startup i did following script (don't forget chmod 700 script afterwards):
#!/bin/sh CWD=`pwd` cd /mnt/md1/public/debian/ mount -t proc none ./proc mount -t sysfs none ./sys mount -t usbfs none ./proc/bus/usb usr/sbin/chroot ./ /bin/bash cd $CWD exit
Move /system to USB stick - Solution for the spindown problem
The NAS4220 has problems with spindown. Some of the core processes access the hard disks frequently. On a basic system without any packages, these are accesses to the /system-filesystem in 99%, which prevents spindown. One possible solution is to move /system to an USB-stick, which is described here. A small stick (>=64MB) is enough. Everything has to be done connected as "root" (same password as "admin") via telnet or ssh (telnet can be enabled via http://ip-of-the-box/cgi/telnet/telnet.cgi ).
Insert USB-Stick, the stick should automatically be detected as /dev/sda1 and mounted as /mnt/usb1. Check this with "mount".
Format USB-Stick with ext3:
- umount /dev/sda1
- mke2fs -j /dev/sda1
- mount /dev/sda1 /mnt/usb1
Now copy /system to the stick with all folders and user privileges. This can be done with tar:
- (cd /system; tar cf - .) | (cd /mnt/usb1; tar xf -)
To mount /dev/sda1 as /system instead of /dev/md0 at the next reboot, you can use the userscript extension (thanks to skara and streuspeicher). This is also the right place for the spindown commands for the hard disks (printed bold):
- cd /mnt/md1/public/applications (or cd /mnt/ide1/public/applications at non-Raid systems)
- mkdir usb-system
- chmod 777 usb-system
- cd usb-system
- vi init
HD_MNT_POINT=$(cat /usr/sausalito/codb/objects/1/Disk.rootdir 2> /dev/null) CWD=$HD_MNT_POINT/public/applications/usb-system exec $CWD/do-init >> $CWD/init.log 2>&1
- vi do-init
echo "------ START $(date) -----" USB_MNT_POINT=/mnt/usb1 USB_DEV=/dev/sda1 echo "checking $USB_MNT_POINT ..." if [ -e $USB_MNT_POINT/ImageInfo ]; then echo "remounting /system ..." cd / umount /system if [ $? != 0 ]; then echo "ABORTED: Failed to unmount old /system." exit fi mount $USB_DEV /system echo "DONE: Your NAS system is now running from USB stick:" echo "set spindown of /dev/hda and /dev/hdb to 10 minutes ..." hdparm -S120 /dev/hda /dev/hdb else echo "ABORT: Found no USB device with valid system." fi
- chown root:root *
- chmod 777 *
- This is a description for a 2 disk raid system, where the disk are normally mounted as /dev/md0 (/system) and /dev/md1 (/mnt/md1). For other systems some modifications are necessary (eg. /dev/ide1 instead of /dev/md0).
- Some disks don't support spindown. Others don't support spindown time less than 10 minutes, you have to play arround a bit with the parameters of "hdparm -Sxx ...".
- You can check the current spindown state with "hdparm -C /dev/hda" and "hdparm -C /dev/hdb".
- After a reboot without the stick attached, the system is unmodified.
- Other installed packages (ssh, webserver, ...) can prevent spindown further. In this case some further steps are necessary or remove unneeded packages.
- All changes at the configuration (users, shares) have to be done twice, with and without the stick (or you have to copy /system to USB again).
- If you want to know, which access causes the spinup, take a look here.
Guide to secure ftp
Here is how you can edit the configuration of the ftp-server, that users can only browse folders they are supposed to browse:
HowTo remotely reboot or turn off your IB-NAS4220
You might want sometimes to be able to restart or turn off your IB-NAS4220 with a script ran from another computer on the network. For example if you have an UPS, and your servers (including IB-NAS4220) connected to it, you might want your IB-NAS4220 to stop like the other servers in case of a long power failure, when UPS batteries are low and will be off soon.
The idea is to use a scriptable http client (here wget, but you can use curl, or perl, etc...) to simulate a use of the WEB administration interface of the IB-NAS4220. Here is the appropriate command :
wget -q -O /dev/null --http-user=admin --http-password=<myAdminPass> --post-data="powerAction=<ACTION_ID>" http://IB-NAS4220/cgi/power/powerHandler.cgi
Where myAdminPass is of course your admin account's password, and ACTION_ID is either 1 for a reboot, or 2 for a system turn off.
Remark: on my version of the firwmare (2.6.0.IB.1.RS.1), http-user and http-password are not mandatory because there is no security check on this URL...
How to use second hdd for sharing
Using JBOD or Span (that's no good idea at all ;)) you can't create a share at the second device. If your system is located at ide1, ide2 will be read/writeable to anybody. The solve this problem we create the share manually, all you need are the ssh- and userscript-packages. SSH is required to access and make changes to the system files. Userscript enables us to load our custom configuration at boot time. Install according the documentation. Don't forget to reboot after installation!
Please note: Beside following will work it may be not secure ! You may need to modify other active accesspossibilities (eg. ftp, nfs) too!
- make a backup of /usr/hddapp/etc/samba/smb.conf (if you don't know how you maybe would like to add a shortcut for it - once again ... don't forget to reboot!)
- you will have something like this:
[ide2] use receivefile=yes create mask=0777 comment=IDE Disk path=/mnt/ide2 directory mask=0777 writeable=yes available=1 guest ok=true use sendfile=yes
- change this part to following (after making a copy of it!):
[ide2] use receivefile=yes create mask=0775 write list=mainuser,@writegroup path=/mnt/ide2 directory mask=0775 writeable=no available=1 valid users=otheruser,mainuser,@writegroup,@readgroup use sendfile=yes
- notice following changes:
- create mask=0775
- write list=mainuser,@writegroup
- 'mainuser' is a username on your nas
- '@writegroup' is the group 'writegroup' on your nas - that's what the symbol '@' stands for
- directory mask=0775
- valid users=mainuser,otheruser,@writegroup,@readgroup
- 'otheruser' and '@readgroup' only are allowed to read here
- it would be ok to only have groups and/or user as writable and/or readable. any combination is valid - at least anybody should have any rights at all, else it would be senseless ;)
- according the examples at userscript-page place the changed smb.conf at userscript/config/smb.conf
- place following as userscript/scripts/smbd.sh :
#!/bin/sh # killall smbd killall nmbd cat > /usr/hddapp/etc/samba/smb.conf < /usr/userscript/config/smb.conf /usr/hddapp/etc/rc.d/S80samba.sh start exit 0
- restart the nas
With this little guide and a look at the official samba-documentation you should be able to create even other shares at this device. Only thing to do would be to create the directories manually (ssh).
- Make a backup of /usr/hddapp/etc/exports
- Create a copy of the above file to /usr/userscript/config/exports, this will be used to store our custom NFS settings which will be loaded by userscript at boot time.
cp /usr/hddapp/etc/exports /usr/userscript/config/exports
- Amend the /usr/userscript/config/exports file to share the ide2 drive. See the full NFS settings for complete options. In the example below, we have two NFS shares /mnt/ide1/public and /mnt/ide2/shared accessible by two IP addresses:
# /mnt/IDE1 /mnt/ide1/public 192.168.0.2(rw,root_squash) 192.168.0.3(rw,root_squash) # /mnt/IDE2 /mnt/ide2/shared 192.168.0.2(rw,root_squash) 192.168.0.3(rw,root_squash)
- Create a script to be run by userscript which will stop the existing NFS server, load our custom config file and restart the NFS server. This file should be placed at /usr/userscript/scripts/nfsd.sh with the following contents:
#!/bin/sh # killall nfsd cat > /usr/hddapp/etc/exports /usr/userscript/config/exports /usr/hddapp/etc/rc.d/S85nfs.sh start exit 0
Adding a serial port
See Unbricking guide
How to upgrade samba 3.025a - 3.2.13 NAS4220-b
- READ THIS FIRST!
I've tested this on my NAS4220-b for about two months prior to posting here so I know it works ok. However, I am no expert, either in Linux or Samba If you screw your Samba up I will not be responsible! If your Samba connection is running ok then leave it alone! Be warned! You may lose your ability to change permissions and add and delete users from the NAS GUI (for samba) after following this procedure. I got round this initially by creating a symbolic link from the new samba conf file to the old samba config file. This did work (I checked!). But for some reason my box became unstable! It may have nothing to do with this but I decided I was happy changing permissions and adding/deleting users from the command line. The good news for me was that after I upgraded Samba and followed the procedures below; my system has been stable. Before this I had Samba stopping after about 8GB transfer and dropouts in connection. I've checked this from both Windows and my Kubuntu installation. At first, I used my old smb.conf for the new samba but after reading through the samba documentation, I found a re-written conf file was better. I've included a copy at the bottom of the 'how to' for you to modify for your configuration.
Ssh into your NAS and get a decent editor for the NAS. Vi is a nightmare so;
#ipkg install jed
From your local machine terminal type;
you should see the netbios name, ip address and samba version you are running from your NAS. This will be 3.0.25a. Ssh into your NAS and copy your smb.conf file into somewhere safe for now like your public folder; your smb.conf file should be in /usr/hddapp/etc/samba/
#cp /usr/hddapp/etc/samba/smb.conf /mnt/ide2/public/smb.conf_old
Now install the new samba;
#ipkg upgrade samba
Check its installed properly; you should see 3.2.13 for the output.
Once installed you may find that 3.0.25a is still running! so....
#killall smbd #killall nmbd
check with your local machine that it can see nothing;
At this point you can choose either to; use the old smb.conf file or create your own! Samba will run smoother and quicker if you take your time and create your own. Looking at the samba documentation. It states that the size of this file has an impact on Samba's performance. My suggestion here is to use the old conf file at this point to get everything running and then create a new one when time permits. If you want to create a new conf file then skip the next section and go to === Creating a new smb.conf file === then carry-on from 'testparm'
..back with putty, edit your old smb.conf file using your new editor;
Note*Press F10 to enter jed's menu to save and exit.
put in your own netbios name and comment out unix charset & dos charset as shown.
#netbios name = smbnas4220 #unix charset = UTF-8 #dos charset = CP1250 #set ports = 139
adding the set ports (shown above) because there have been reports of problems with samba disconnect. add a hosts allow line in the [global] section for added security;
#hosts allow = 192.168.0
(this will allow hosts from 192.168.0.0 – 192.168.0.254 for added security be more explicit. i.e. 192.168.0.4 etc)
If you put the above entry into your conf file, also add (in global);
#hosts deny = all
Note* I commented out the original log file and directed it to another place on my hard drive. Basically, leave it as it is if you don't check it that much!
copy your modified file to;
#/opt/etc/samba/smb.conf & set permissions chmod 755 smb.conf
enter you new smb.conf directory and type;
This will test your new config file for errors. You will get 'use receivefile' errors! Scouting the net, these seem to be a relic of old samba. I commented them all out and can confirm they haven't caused me any problems.
You should have copied your old samba (as above) so cd to your old samba directory (/usr/hddapp/etc/samba/) & rename it inside its directory;
#mv smb.conf smb.conf_old
You will have no old smb.conf which causes a problem later when you want to set permissions from the NAS GUI. So I had to tweak it a little to work around that problem. Set up a symlink to your new smb.conf directory as follows; – PLEASE READ NOTE AT TOP OF PAGE FOR THIS AND THE NEXT STEP!!
#ln -s /usr/hddapp/etc/samba/smb.conf /opt/etc/samba/smb.conf
One more thing! If you want your NAS GUI to show samba logging; do this:
#rm /usr/hddapp/etc/samba/smb.conf #ln -s /opt/etc/samba/smb.conf /usr/hddapp/etc/samba/smb.conf
Now start up your new samba;
#nmbd -D #smbd -D
go to your local machine and check the shares are ok and that is sees your IP address and the netbios name you entered in your smb.conf file;
#smbclient -U domain/username -L //server
you will be prompted for the user password, once entered you should see the shares available.
This should allow you to add/delete users and set share permissions etc. from your NAS GUI. One more problem seems to be upon restart the box writes another smb.conf file in the old directory breaking the symlink and therefore the GUI use. I wrote a script as shown, which is placed in userscript/scripts/ folder, which will;
- stop the old samba
- delete the old smb.conf file.
- Delete the old smb logfile (don't need this really)
- write out a logfile
You will need to modify the script to suit your box.
#!/bin/ash # #Script for running Cron and others # LOGFILE=/mnt/ide2/public/logs/started/started_`date +%b-%d-%y`.log echo `date +%H:%M:%S` : starting_program > $LOGFILE #kill crond echo "killing old crond" >> $LOGFILE killall crond sleep 1 echo "done!" >> $LOGFILE #kill all samba! echo "killing samba" >> $LOGFILE killall nmbd killall smbd sleep 1 #remove old samba – old samba makes a fresh file on NAS startup! rm /usr/hddapp/etc/samba/smb.conf # #start cron echo "done!" >> $LOGFILE echo "starting cron" >> $LOGFILE /mnt/ide2/public/optware/sbin/cron echo "done!" >> $LOGFILE #start nmbd echo "starting nmbd" >> $LOGFILE /mnt/ide2/public/optware/sbin/nmbd -D echo "done!" >> $LOGFILE #start smbd echo "starting smbd" >> $LOGFILE /mnt/ide2/public/optware/sbin/smbd -D echo "done!" >> $LOGFILE exit 0
- As you can see – I like to use logfiles! - adjust as required!
Feel free to abuse the script as required. I have an updated cron (V5) as I had major problems with the built-in crond. You will also find that over time the NAS GUI will add the use receivefiles back into the smb.conf file as you edit each user & share, it won't harm! But reading through the volumes of samba info, it does state that the size of the smb.conf file has a noticeable effect on the speed of the samba server. There is a program within the samba package which will optimize this file (sorry forgotten its name) I didn't use it. If anyone does please let me know!
Creating a new smb.conf file.
- I stated above that you can use the old smb.conf. But, making your own may;
Increase your transfer speed – Samba docs state 'reducing the smb.conf size may have a significant impact for your Samba transfer times.
- Remove the need to add or remove users from samba – adding a 'Homes' section will allow users based on your NAS passwd file.
Here is my new smb.conf file; Make sure you enter your netbios name etc!
[global] workgroup = WORKGROUP server string = SNBNAS4220 netbios name = SNBNAS4220 wins support = no name resolve order = lmhosts host wins bcast interfaces = eth0 bind interfaces only = yes #logging syslog only = no log file = /mnt/ide2/public/logs/Samba/smb.log max log size = 3000 panic action = /mnt/ide2/public/logs/Samba/panic-action %d #security security = user encrypt passwords = yes obey pam restrictions = yes unix password sync = no map to guest = bad user domain logons = yes logon path = \\%N\%U\profile logon drive = IDE2 smb passwd file = /system/hddapp/etc/samba/smbpasswd lock directory = /mnt/ide2/run smb ports = 139 hosts allow = 192.168.0. hosts deny = all guest ok = no #performance socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 domain master = auto [homes] comment = Home Directories browseable = no writeable = yes create mask = 0700 directory mask = 0700 valid users = %S
Make sure you state the path to your smbpasswd file! I changed my lock directory after advice from the forum – it works! Socket options appears to increase performance. If you have access problems then add each share from your old smb.conf file, similar to this; BUT TRY THE ABOVE FIRST!
[peter] create mask = 0700 write list = peter directory mask = 0700 writeable = yes valid users = peter path = /mnt/ide2/peter
Don't forget to test the file...
Hopefully, this will help some people having problems with Samba connectivity! I wrote it for myself initially. As my NAS has been stable since this upgrade, I thought it worthwhile adding it to the Wiki. Please feel free to edit out errors and clean up my poor linux scripting skills! Good Luck - Muttley!
command line mount
- If you want to automatically mount your samba share in your linux distro, you can do this;
you need to allow the user to mount using smbmount, so;
#chmod u+s /usr/bin/smbmount
make a text file in your home directory; and hide it (.)
add these two lines to your empty file (put in your username and password for accessing Samba);
Create your mount point;
#sudo mkdir /media/NAS
open a terminal and;
#smbmount //192.168.0.3/david /media/NAS -o credentials=/home/david/.smb_credentials.txt
- First part is your NAS IP then source directory, second is your mount point and the last part will log you in without the security prompt guided to the credentials file. You can also make a script with the above command to load on startup!
To have your NAS mount on start-up. You could add this to your fstab; (/etc/fstab)
//SNBNAS4220/david /media/NAS/david cifs username=xxxxxx,password=xxxxxxx,uid=david,gid=users,dmask=777,fmask=777,rw 0 0
Some people won't like this as your allowing a user access to your password so you could direct it to a credentials file (similar to the 'command line mount' how to), something like this;
//SNBNAS4220/david /home/david/NAS cifs credentials=~/.smb_credentials 0 0
- If you want to use your netbios name then replace the ip address with netbios name and map the ip to the netbios name in your local pc in (my) etc/hosts file by adding a line similar to this; (replace with your netbios name and NAS IP address).
- Before I did this my permissions were screwed up for writing and reading to the mount after I did this they reverted to normal (anyone know why? Confused!)
How to create a crypt Partition with different FS and without saving of the key on the system
If you need some real security you can't rely on that no one will find the .crypt in the /system-Partition, so here is a way to exchange a non-crypt /dev/hda2 with a crypt one. (If you have another configuration you need to change /dev/hda to something different, maybe /dev/md):
# fdisk /dev/hda (d)elete partitions 2 and 3 (n)ew partition 2: 50M (n)ew partition 3: 512M (n)ew partition 4: all (t)ype partition 2: 82 (w)rite changes
After this you have a new layout with 4 instead of 3 partitions, but as partition 1 is already used, you can't use it right ahead, so reboot now. After the reboot you need to initialize the swap and the second partition (the web interface is in this stage a little bit fucked up):
# mkefs /dev/hda2 # mkswap /dev/hda3
Now reboot again, everything should be in order (also in the web-interface) for now. Now create the loopback and crypto Partition (example with NTFS):
# losetup -e aes /dev/loop0 /dev/hda4 # mkntfs -f /dev/loop0 (ignore the warnings)
And after every reboot you need to do this (you could do this now without a reboot too):
# umount /mnt/ide1 # mv /dev/hda2 /dev/hda2.org # ln /dev/loop0 /dev/hda2 # losetup -e aes /dev/hda2 /dev/hda4 # mount -t ufsd -o umask=0000,fmask=0000,dmask=0000,quiet /dev/hda2 /mnt/ide1
(I use to have this in my /system Partition as script, so I just need to connect and run /system/swapcrypt - don't forget to chmod 755 the script.) You need to create the shares again, so maybe this helps:
# mkdir /mnt/ide1/public # mkdir /mnt/ide1/admin