General NAS-Central Forums

Welcome to the NAS community
It is currently Mon Dec 11, 2017 9:35 am

All times are UTC




Post new topic Reply to topic  [ 30 posts ]  Go to page 1, 2  Next
Author Message
PostPosted: Mon Sep 01, 2014 7:23 pm 
Offline

Joined: Tue May 21, 2013 10:49 pm
Posts: 79
Dear All, hi,

Ive been using FFP with my Zyxel 310 and was very happy with it. Recently Ive bought (ocassionally) Shuttle omninas KD20. Its a 2 bay nas with usb3.0 and i got it for approx 65$
From what Ive learned this is the same or siminal to NSA 212:

From openwrt:
Quote:
into a new OpenWrt hardware target 'oxnas' adding support for
PLX Technology NAS7820/NAS7821/NAS7825/...
formally known as
Oxford Semiconductor OXE810SE/OXE815/OX820/...

For now there are 3 supported boards:
MitraStar STG-212
aka ZyXEL NSA-212,
aka Medion Akoya P89625 / P89636 / P89626 / P89630,
aka Medion MD 86407 / MD 86805 / MD 86517 / MD 86587


Ive managed to run ssh on the thing and:

cat /proc/cpuinfo
Code:
Processor       : ARMv6-compatible processor rev 5 (v6l)
processor       : 0
BogoMIPS        : 299.00

processor       : 1
BogoMIPS        : 299.82

Features        : swp half thumb fastmult edsp java
CPU implementer : 0x41
CPU architecture: 7
CPU variant     : 0x0
CPU part        : 0xb02
CPU revision    : 5

Hardware        : Oxsemi NAS
Revision        : 0000
Serial          : 0000000000000000


I need some FFP packages to run and I dont want to replace original firmware (messing with u-boot and so on) so only chrooted debian or FFP stick comes to my mind.

So, my question is:is the thing capable of running FFP. If so, what should I do to run it ;)

Any hint on how to start would be great!:)

P.S. Mijzelf can you help ?:P
P.S.2. here is the vendors link to this nas: http://global.shuttle.com/news/products ... uctId=1629


Top
 Profile  
 
PostPosted: Tue Sep 02, 2014 9:28 am 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6086
I think this box can run ffp. To run ffp you need to extract the ffp tarball to some data partition, create a symlink /ffp whichs points to it, and execute
Code:
/ffp/etc/rc start
That's all.

Problem is, in most cases the symlink has to be created at each boot, and the startscript has also to be executed on each boot. So it would be convenient to have that done by a script.

The first hard part is already solved by you, you have shell access (as root?). The second hard part is to find a way to get a user provided script to be executed on boot. To do so, you'll have to locate the mountpoints of the several partitions (to know which part of the filesystem is volatile, and which not), and sift the startscript(s). Mountpoints can be found with
Code:
cat /proc/mounts
And startscripts, well have a look at /etc/init.d/rcS, if it exists.

- Does the box support installable packages? If yes, can you provide one?
- The firmware files as provided by Shuttle are base64 encoded encrypted binaries. Can you find a script which decodes this? I'm mainly interested in the cipher and the key, to be able to extract it. The script problably contains calls to base64 and openssl.


Top
 Profile  
 
PostPosted: Tue Sep 02, 2014 6:25 pm 
Offline

Joined: Tue May 21, 2013 10:49 pm
Posts: 79
Mijzelf wrote:
To run ffp you need to extract the ffp tarball to some data partition, create a symlink /ffp whichs points to it, and execute
Code:
/ffp/etc/rc start
That's all.

I'll try that tommorow

Mijzelf wrote:

The first hard part is already solved by you, you have shell access (as root?).

yes, as root

Mijzelf wrote:

The second hard part is to find a way to get a user provided script to be executed on boot. To do so, you'll have to locate the mountpoints of the several partitions (to know which part of the filesystem is volatile, and which not), and sift the startscript(s). Mountpoints can be found with
Code:
cat /proc/mounts
And startscripts, well have a look at /etc/init.d/rcS, if it exists.

Code:
cat /proc/mounts
rootfs / rootfs rw 0 0
/dev/root.old /old ext2 rw,relatime,errors=continue 0 0
ubi0:rootfs / ubifs rw,relatime 0 0
/proc /proc proc rw,relatime 0 0
/sys /sys sysfs rw,relatime 0 0
/dev/ram0 /initrd ext2 rw,relatime,errors=continue 0 0
/dev/md0 /system ext2 rw,relatime,errors=continue 0 0
/dev/sda4 /share/atonnas xfs rw,relatime,noquota 0 0


Mijzelf wrote:

well have a look at /etc/init.d/rcS, if it exists

Code:
# ls /etc/init.d
post-rc.bootup  pre-rc.bootup   rc.banner

# ls /etc/rc.d
S01halt                      S12syslog.sh                 load_power_button_module.sh  sshd.sh
S01reboot                    S90crond.sh                  rcResponder.sh

but there is a /etc/rc script which i believe is the place to start any script:
Code:
vi /etc/rc
#!/bin/sh

HOME=/
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/hddapp/bin:/usr/hddapp/sbin:/usr/local/b
export HOME PATH

rm -rf /etc/mtab

. /etc/rc.conf

echo "Mounting proc filesystem..."
if [ ! -d /proc ]; then
        mkdir -p /proc
fi
mount -n -t proc /proc /proc

if [ ! -d /sys ]; then
        mkdir -p /sys
fi
mount -n -t sysfs /sys /sys
mount -t usbfs usbfs /proc/bus/usb

ConfList="/etc/rc.conf"
- /etc/rc 1/954 0%

// EDIT: I've confirmed that I can start a script from /etc/rc and it will load after reboot

Mijzelf wrote:

- Does the box support installable packages? If yes, can you provide one?

From the webgui there is no possibility to install any packages (unlike in NSA310 where you can download and install additional packets like SMART)

Mijzelf wrote:

- The firmware files as provided by Shuttle are base64 encoded encrypted binaries. Can you find a script which decodes this? I'm mainly interested in the cipher and the key, to be able to extract it. The script problably contains calls to base64 and openssl.

I'll look but If you have any clue where should it be, it would be helpful ;)

Rgds,
wicked


Top
 Profile  
 
PostPosted: Tue Sep 02, 2014 6:52 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6086
This is easy!
Quote:
Code:
ubi0:rootfs / ubifs rw,relatime 0 0
Your rootfs is writable, and stored in flash. So adding your own scripts should be no problem. Take care a bit, don't write logfiles or something like that to this filesystem. It's flash and can wear out.
Quote:
// EDIT: I've confirmed that I can start a script from /etc/rc and it will load after reboot
And you already found that too.

BTW, I think you can just put a script in /etc/rc.d/, and it will be executed on boot (in alphabetical order).

Quote:
I'll look but If you have any clue where should it be, it would be helpful
No idea, it could be anywhere. It's a script the firmware should execute when you upload a new firmware file.
Maybe you can automate the search:
Code:
grep -r base64 /
That will find all files containing the string 'base64'.

BTW, does /old contain the same filesystem as /initrd?


Top
 Profile  
 
PostPosted: Tue Sep 02, 2014 7:04 pm 
Offline

Joined: Tue May 21, 2013 10:49 pm
Posts: 79
Mijzelf wrote:
No idea, it could be anywhere. It's a script the firmware should execute when you upload a new firmware file.
Maybe you can automate the search:
Code:
grep -r base64 /
That will find all files containing the string 'base64'.


Will send you sth in a moment on PM I do believe I have found passcode

Quote:
BTW, does /old contain the same filesystem as /initrd?


hmm
# ls /old
ls: /old: No such file or directory


Top
 Profile  
 
PostPosted: Thu Sep 04, 2014 4:33 pm 
Offline

Joined: Tue May 21, 2013 10:49 pm
Posts: 79
well, Ive managed to run it however I have a problem with openvpn support - I'm missing proper tun.ko driver :/

Code:
# uname -r
2.6.31.14_7821


the processor is ARMv6-compatible processor rev 5 (v6l)

Can you point me where can I obtain proper tun.ko or how I can build one ?
Google doesnt help in this matter - Ive tried various tun.ko files and I get

Code:
# insmod tun.ko
Error: could not insert module tun.ko: Invalid module format


:(


Top
 Profile  
 
PostPosted: Thu Sep 04, 2014 5:59 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6086
wicked wrote:
well, Ive managed to run it
Great. Can you write some instructions? (don't forget the ssh). Google will bring others to this thread.

Quote:
Can you point me where can I obtain proper tun.ko or how I can build one ?
It's almost impossible that you will find a pre-build module. The module should have been build for exactly that kernel.

But fortunately it's not hard to build it yourself. It seems Shuttle doesn't provide GPL sources (at least I couldn't find it). They are obligated to provide the GPL sources to any owner of such a box, on request.
You own a box, you can request the GPL sources.

Meanwhile, the NSA212 has the same kernel, so you can use their GPL sources. Their .config file is almost right:
Code:
# Medion module:
modinfo ftdi_sio.ko | grep vermagic
vermagic:       2.6.31.14_SMP_820 SMP mod_unload ARMv6
# Shuttle module:
modinfo usbcore.ko | grep vermagic
vermagic:       2.6.31.14_7821 SMP mod_unload ARMv6
So the only thing you need to change is the version string.

Download and extract build_NSA212.tar.gz. Install gcc, make, binutils, and maybe more.
Find the kernel sources in the Medion package. There should be a .config file, but maybe it is called NSA212_config, or something like that.
Edit the Makefile. There is a line CROSS_COMPILE=, comment that away.
Now you can run
Code:
make menuconfig
and change the version string from _SMP_820 to _7821, and select all modules you want to build. Save it, and run
Code:
make modules
Have some coffee.


Top
 Profile  
 
PostPosted: Thu Sep 04, 2014 6:34 pm 
Offline

Joined: Tue May 21, 2013 10:49 pm
Posts: 79
thank you :) I'll make the instructions as soon as I figure out how to symlink the directories like disks and mounted usb devices (probably I need to use SymlinkDir function from ffp stick somehow)


Top
 Profile  
 
PostPosted: Fri Sep 05, 2014 6:04 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6086
Quote:
as I figure out how to symlink the directories like disks and mounted usb devices
Why would you want that?


Top
 Profile  
 
PostPosted: Sat Sep 06, 2014 2:44 pm 
Offline

Joined: Tue May 21, 2013 10:49 pm
Posts: 79
Mijzelf wrote:
Quote:
as I figure out how to symlink the directories like disks and mounted usb devices
Why would you want that?


My mistake - I assumed that ffp is chrooted (It was some time ago). Ive started chrooted debian succesfuly and I assumed ffp will run exacly the same.

So I managed to encounter two problems:

1. when I start ffp with the scipt you pointed - /ffp symlink and /ffp/etc/rc start and I've ran sshd daemon (on different port cause 22 I'm running original sshd) to get access to slacker. But when I try to login on this ffp's ssh port I get:

Code:
Server refused to allocate pty


Also weird thing that the sshd does not start after I run /ffp/etc/rc start sshd do not start automatically (chmod a+x done) and I need to run /ffp/start/sshd.sh start. Another weird thing is that it always asks If I want new ecdsa key :
Code:
 /ffp/start/sshd.sh start
Generating public/private ecdsa key pair.
/ffp/etc/ssh/ssh_host_ecdsa_key already exists.


am I I doing someting wrong ? I assumed that if I want full ffp functionality (packages and so on) I need to call /ffp/etc/rc, run the sshd daemon from withing ffp. Is this assumption wrong ?

2. Second problem is that Ive build tun.ko (with chrooted debian) but It hangs the box completely after I run openvpn. Ive used nsa 212 config file, maybe the config is not compatible with shuttle compilation of kernel and I need exact config from shuttle.
After I run ffp properly I'll try to compile it once again maybe this will help


Top
 Profile  
 
PostPosted: Sat Sep 06, 2014 6:32 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6086
wicked wrote:
Code:
Server refused to allocate pty
Uhm. Are you using a decent ssh client? connecting with -v or -vv might give more information.

Quote:
Also weird thing that the sshd does not start after I run /ffp/etc/rc start sshd do not start automatically (chmod a+x done)
My first reaction was: 'What does the logfile say?', but then I realized that you probably don't have a logfile.
Your startscript does
Code:
/ffp/etc/rc start
change that in
Code:
mkdir -p /ffp/log
exec >/ffp/log/boot.log 2>&1
/ffp/etc/rc start
Now you find your stdout and stderr in /ffp/log/boot.log

Quote:
Another weird thing is that it always asks If I want new ecdsa key :
Code:
 /ffp/start/sshd.sh start
Generating public/private ecdsa key pair.
/ffp/etc/ssh/ssh_host_ecdsa_key already exists.
That is a known bug. The startscript creates a key in /ffp/etc/ssh/, but checks for it's existence in /ffp/etc/. You can change that in the startscript.

Quote:
I assumed that if I want full ffp functionality (packages and so on) I need to call /ffp/etc/rc, run the sshd daemon from withing ffp. Is this assumption wrong ?
Partly. You need to call /ffp/etc/rc to autostart all ffp daemons, including sshd. But you don't need ffp sshd to have full ffp functionality. To have a full functional ffp shell, you only need that shell.
In /etc/passwd the shell for each user is defined. The shell for root is probably /bin/sh. You can change that in /ffp/bin/sh. In that case /ffp/etc/profile is executed on login, and you'll have full functionality. You'll also have to add /ffp/bin/sh to /etc/shells, to add it to the list of 'valid login shells'.
But beware: if /ffp/bin/sh doesn't exist, you can't login anymore. Maybe it's safer to create a ~/.profile file, which does
Code:
[ -f /ffp/etc/profile ] . /ffp/etc/profile
That way the ffp environment is added to the firmware shell. And if ffp fails (harddisk crash) you'll just have the firmware environment.
Quote:
Second problem is that Ive build tun.ko (with chrooted debian) but It hangs the box completely after I run openvpn. Ive used nsa 212 config file, maybe the config is not compatible with shuttle compilation of kernel and I need exact config from shuttle.
After I run ffp properly I'll try to compile it once again maybe this will help
It only hangs if you run openvpn? Not after insmod?


Top
 Profile  
 
PostPosted: Sat Sep 06, 2014 6:50 pm 
Offline

Joined: Tue May 21, 2013 10:49 pm
Posts: 79
Thanks - will try this regarding shells later in the evening. And the firmware root shell is ash
Code:
BusyBox v1.10.3 (2013-11-06 11:05:30 CST) built-in shell (ash)


Mijzelf wrote:
Quote:
Second problem is that Ive build tun.ko (with chrooted debian) but It hangs the box completely after I run openvpn. Ive used nsa 212 config file, maybe the config is not compatible with shuttle compilation of kernel and I need exact config from shuttle.
After I run ffp properly I'll try to compile it once again maybe this will help
It only hangs if you run openvpn? Not after insmod?


That's the weird thing. Insmod is ok. Even running openvpn is ok (whole connection in log looks ok). But after some network acticity (pinging some host in v-network, calling ifconfig or just waiting some time) the nas hangs completely (even the powerbutton does not respond). I've looked for some log with kernel panic but the nas does'nt log much.


Top
 Profile  
 
PostPosted: Sun Sep 07, 2014 11:28 am 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6086
wicked wrote:
I've looked for some log with kernel panic but the nas does'nt log much.
A kernel panic is never logged. It's only dumped to console. So to 'see' the kernel panic, you'll need a serial port.

But possibly it's only the network which fails, in that case you could log it yourself:
Code:
#!/bin/sh

Logger()
{
    # dump kernel ringbuffer
    dmesg -r >/dev/null

    while [ true ] ;
    do
        dmesg -r >/path/to/logfile/on/disk
        if ! ping -n 1 google.com
        then
            # network is down!
            reboot
        fi
        sleep 10
    done
}

Logger >/dev/null 2>&1 &

It's not a good idea to start this script automatically. If there is some bug, or if the network is not yet up when the script is executed, you have a permanently rebooting box.


Top
 Profile  
 
PostPosted: Sun Sep 07, 2014 11:57 am 
Offline

Joined: Tue May 21, 2013 10:49 pm
Posts: 79
Mijzelf wrote:
wicked wrote:
I've looked for some log with kernel panic but the nas does'nt log much.
A kernel panic is never logged. It's only dumped to console. So to 'see' the kernel panic, you'll need a serial port.

But possibly it's only the network which fails, in that case you could log it yourself


Done it. BTW should it be ping -n or ping -c ?

Code:
<3>[   73.970000] tun: version magic '2.6.31.8 mod_unload ARMv5 ' should be '2.6.31.14_7821 SMP mod_unload ARMv6 '
<6>[  327.190000] tun: Universal TUN/TAP device driver, 1.6
<6>[  327.190000] tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
<1>[  517.820000] Unable to handle kernel NULL pointer dereference at virtual address 00000000
<1>[  517.820000] pgd = cdec8000
<1>[  517.830000] [00000000] *pgd=00000000
<4>[  517.830000] Internal error: Oops: 5 [#1] SMP
<4>[  517.830000] Modules linked in: tun ehci_hcd etxhci_hcd usblp usb_storage usbcore scsi_wait_scan gmac mii
<4>[  517.830000] CPU: 0    Not tainted  (2.6.31.14_7821 #1)
<4>[  517.850000] PC is at register_netdevice+0x94/0x2f0
<4>[  517.850000] LR is at register_netdevice+0x88/0x2f0
<4>[  517.850000] pc : [<c0339d68>]    lr : [<c0339d5c>]    psr: 60000013
<4>[  517.850000] sp : cbfa7e98  ip : 0000001c  fp : cddb1400
<4>[  517.850000] r10: cbe7b400  r9 : cbe7b700  r8 : 00000000
<4>[  517.850000] r7 : cbfa7eb0  r6 : cf860820  r5 : cbe7b400  r4 : 00000001
<4>[  517.850000] r3 : ffffffff  r2 : 00000000  r1 : cbe7b580  r0 : cbe7b400
<4>[  517.850000] Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
<4>[  517.850000] Control: 00c5787d  Table: 6dec800a  DAC: 00000015
<4>[  517.850000] Process openvpn (pid: 3864, stack limit = 0xcbfa6270)
<4>[  517.850000] Stack: (0xcbfa7e98 to 0xcbfa8000)
<4>[  517.850000] 7e80:                                                       00000000 00000000
<4>[  517.920000] 7ea0: becd5ffc becd5ffc 00000000 bf08700c 00000000 00000000 00000000 00000000
<4>[  517.920000] 7ec0: 00003001 00000000 00000000 00000000 6a5d371f c0094ef0 00000001 cf860820
<4>[  517.920000] 7ee0: 400454ca becd5ffc 00000005 cf860820 cbfa6000 2a0c48bc 40024f10 c00b7f08
<4>[  517.920000] 7f00: 00000005 cf860820 becd5ffc c00b80e4 00000000 00000428 c0026db8 c0095d90
<4>[  517.920000] 7f20: 000000c6 00000000 00000000 c007ee30 00000000 4030a000 cdfeca70 cdfd7980
<4>[  517.960000] 7f40: 00000000 cdec9008 cbebfc28 00000002 cf4b1058 cdfeca70 cdfd7980 cbdea360
<4>[  517.960000] 7f60: 4030a5f0 00000000 becd5ffc 400454ca 00000005 cf860820 cbfa6000 2a0c48bc
<4>[  517.960000] 7f80: 40024f10 c00b86a0 2a088a1c 00000000 2a088a1c 2a0c48d0 40024f10 00000036
<4>[  517.960000] 7fa0: c002e144 c002dfc0 2a088a1c 2a0c48d0 00000005 400454ca becd5ffc 00000000
<4>[  517.960000] 7fc0: 2a088a1c 2a0c48d0 40024f10 00000036 becd5ffc 2a0c4074 2a0c48bc 40024f10
<4>[  517.960000] 7fe0: 2a0a4a7c becd5ff8 2a062ac4 4030a5fc 60000010 00000005 00000000 00000000
<4>[  517.960000] [<c0339d68>] (register_netdevice+0x94/0x2f0) from [<bf08700c>] (tun_chr_ioctl+0x820/0x9c0 [tun])
<4>[  517.960000] [<bf08700c>] (tun_chr_ioctl+0x820/0x9c0 [tun]) from [<c00b7f08>] (vfs_ioctl+0x2c/0x90)
<4>[  517.960000] [<c00b7f08>] (vfs_ioctl+0x2c/0x90) from [<c00b80e4>] (do_vfs_ioctl+0x6c/0x5c0)
<4>[  517.960000] [<c00b80e4>] (do_vfs_ioctl+0x6c/0x5c0) from [<c00b86a0>] (sys_ioctl+0x68/0x7c)
<4>[  517.960000] [<c00b86a0>] (sys_ioctl+0x68/0x7c) from [<c002dfc0>] (ret_fast_syscall+0x0/0x2c)
<4>[  517.960000] Code: ebfff1c4 e59520b4 e3e03000 e585304c (e5922000)
<4>[  518.060000] ---[ end trace 9c6cf14767db0ff5 ]---


the funny thing is that dmesg says:
Code:
<3>[   73.970000] tun: version magic '2.6.31.8 mod_unload ARMv5 ' should be '2.6.31.14_7821 SMP mod_unload ARMv6 '


but my compiled tun.ko is:

Code:
# modinfo tun.ko
filename:       //tun.ko
alias:          char-major-10-200
license:        GPL
author:         (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
description:    Universal TUN/TAP device driver
depends:
vermagic:       2.6.31.14_7821 SMP mod_unload ARMv6


Top
 Profile  
 
PostPosted: Sun Sep 07, 2014 12:25 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6086
wicked wrote:
ping -n or ping -c


Quote:
Code:
<3>[   73.970000] tun: version magic '2.6.31.8 mod_unload ARMv5 ' should be '2.6.31.14_7821 SMP mod_unload ARMv6 '

Code:
vermagic:       2.6.31.14_7821 SMP mod_unload ARMv6
Somehow this is a different module. '2.6.31.8 ARMv5' smells like a kirkwood module. Have you removed all not compatible modules from your system?
A bit strange that is loads at all. But the crash is in the tun module:
Code:
<4>[  517.960000] [<c0339d68>] (register_netdevice+0x94/0x2f0) from [<bf08700c>] (tun_chr_ioctl+0x820/0x9c0 [tun])
<4>[  517.960000] [<bf08700c>] (tun_chr_ioctl+0x820/0x9c0 [tun]) from [<c00b7f08>] (vfs_ioctl+0x2c/0x90)


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 30 posts ]  Go to page 1, 2  Next

All times are UTC


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group