SNMPD and other tools on Zyxel NAS540

Sometimes I like to buy solutions that work out of the box, I don’t want to spend time fiddeling with everything. However, I usually end up with buying a solution that does not do what I want out of the box and I spend lots of time fiddeling with it.

This NAS540 was rather cheap and houses 4 bays. It runs some semi-lockedin linux but allows ssh access with the same login for admin/root as the admin login from the web interface so you can easily poke around with its sometimes confusing internals.

 

There are tons of different 3rd party package managers I believe (or I don’t know what the hell I’m looking at).

The common Optoware is outdated/deprecated. Whats apparently cool now is metarepository which can enable several repositores, and from there you can install Entware-NG which has a crapload of packages, but its missing the glorious nmon so you will have to compile that manually (I did it and it works great).

You can probably install entware-ng without metarepository but using both should be a bit more satisfactory.

So, it starts bad. The official instructions talk about some web_prefix file that we can use to add the repository and make it visible from the filesystem. I never got that working but I found another file that was pointing to official zyxel ftp instead.

In my case, I replaced the line below which was found in /etc/package_src_url

ftp://ftp2.zyxel.com/NAS540/zypkg/5.11

with http://downloads.zyxel.nas-central.org/Users/Mijzelf/zypkg-repo/NAS540/zypkg/5.11/

5.11 is the current firmware version on my NAS. Edit to whatever you are running.

So from here you can go into the nas web ui and into packages and hit refresh.
Now your package list will only list MetaRepository. Go ahead and install.
Follow the link in the description field:
http://NAS_IP:5000/pkg/MetaRepository/pkgcgi.cgi

Here you can see how it enables several repositories.
My list looks like this:

# Official repository
ftp://ftp2.zyxel.com/+ ZyXEL
http://downloads.zyxel.nas-central.org/Users/Mijzelf/zypkg-repo/ + NAS540
# Local repository
/i-data/sysvol/admin/MyRepo/ Local

Go back and refresh the list in package management. If you still only see MetaRepository, you might need to revert /etc/package_src_url to the stock one and refresh again. Can be a little bit tricky.

So now you should install Entware-ng to get access to even more packages.
randomtools is nice as well since you’ll get rsync and so on.

Now go back into your filthy and moisty shell and install snmpd (prefer statically linked for clandestine environments such as this nas):

/opt/bin/opkg install snmpd-static

Entware creates a symlink to /opt so you can place your snmpd.conf in

/opt/etc/snmp/

You can summon the daemon by invoking:
/opt/sbin/snmpd

You might wanna hack togheter an init script for this service.

Advertisements

ownCloud 9 on Zyxel NAS540

This nas comes shipped with ownCloud v7 and they don’t support any newer version.

But luckily its very easy to install ownCloud 9 by (almost) simply replacing v7.
TLDR; Replace v7 installation and use external mysql database with innodb support.
SQLite database works fine though.

Replace 2eb5eb98 with whatever your disk is called in the system.

  1. Install owncloud provided by stock firmware. Just leave it, do not configure anything.
  2. Login with SSH and cd into /i-data/2eb5eb98/.PKG/ownCloud/gui
  3. mv ownCloud/ ownCloud_7_old (or delete)
    curl -O https://download.owncloud.org/community/owncloud-9.1.0.zip -k
    unzip owncloud-9.1.0.zip
    mv owncloud ownCloud
    chown -R nobody:nogroup ownCloud

If you get error 500 on https://NAS:5001/pkg/ownCloud/index.php
Try restarting the ownCloud service from the packages page in the NAS web ui by selecting disable and then enable again.

Now go to the https://NAS:5001/pkg/ownCloud/index.php site and configure your installation. Zyxel was kind enough to install MySQL so you don’t have to rely on silly flat files…but this mysql install doesn’t work with newer ownCloud like v9 because they switched from myisam db engine to innodb, which zyxels mysql doesn’t provide.

So your options here:

  • Use SQLite.
  • Use external database.
  • Upgrade the zyxel mysql to a newer version.

I went for external database on another server, but its nicer to have things consolidated in this case though…

Install Powerwalker UPS Software, “Viewpower” on RHEL 7

I’m connecting my Powerwalker UPS to one of my servers so I can benefit from features that allows my server to be shutdown nicely when my UPS battery is running out of cream.

Fetch the installer: http://www.powerwalker.com/software/ViewPower/installViewPower_Linux_text_x86_64.tar.gz

The installer can’t really been tested much, so there is some fixes to be implemented.

Make sure you edit the upsMonitor file at MONITOR_HOME  in /etc/init.d/ to match your installation directory. The installer doesn’t really care to automatically set that for you.

In my case,  I installed it into /opt/ViewPower as I don’t think it should be installed in root directory or using a version number in the directory name.

Fixes:

1) Create some symlinks so the application can find some libs:
ln -s /usr/lib64/libc.so.6 /lib/libc.so.6

2) The upsMonitor requires netstat. Since we don’t have netstat anymore we need to install net-tools:

yum install -y net-tools

3) If your /etc/init.d/upsMonitor is an empty file, just copy the file to:

cp /opt/ViewPower/upsMonitor  /etc/init.d/

Now we can start the monitor by running  /etc/init.d/upsMonitor start

While using the init script, you can see that the language is a bit broken, for instance:

“upsMonitor is not run”
“start upsMonitor servcie”
“upsMonitor service already start”

🙂

So there are many things that feels quite lax in this software.

The upsMonitor spawn 2 processes:

  • /opt/ViewPower/jre/bin/java com.zerog.lax.LAX /opt/ViewPower2.14/./StartMain.lax /tmp/env.properties.18050
  • /opt/ViewPower/jdk/bin/java -Djava.util.logging.config.file=/opt/ViewPower/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager-Djava.endorsed.dirs=/opt/ViewPower/tomcat/endorsed -classpath /opt/ViewPower/tomcat/bin/bootstrap.jar:/opt/ViewPower/tomcat/bin/tomcat-juli.jar -Dcatalina.base=/opt/ViewPower/tomcat -Dcatalina.home=/opt/ViewPower/tomcat -Djava.io.tmpdir=/opt/ViewPower/tomcat/temp org.apache.catalina.startup.Bootstrap start

It launches the /opt/ViewPower/StartMain file which exposes tcp port 15178 that shows the default tomcat welcome page.
Some manuals actually says that the web interface can be found on another port which is wrong in this case.
You’ll find the actually ups web interface on http://serverip:15178/ViewPower/

Autostart the service using the legacy mode simply by running:

systemctl enable upsMonitor

Security patches in CentOS

No and nein.. yum –security check-update/update does NOT work in CentOS. This is simply because the CentOS is missing this metadata. When you are using RHEL you pay for this metadata. This is not entirely obvious at first glance, but I guess they didn’t want to alter the source code for yum, which still provides –security parameter for CentOS.

If you want automatically flagged packages, buy RHEL license and use RHEL instead…or if you are a dev, use the free developer program.

Otherwise, use https://cefs.steve-meier.de/

Sadly his parser is not open source so you need to rely on this guy. He hasn’t failed this far though.