SNMPD and other tools on Zyxel NAS540

Sometimes I like to buy solutions that work out of the box, I don’t want to spend time fiddeling with everything. However, I usually end up with buying a solution that does not do what I want out of the box and I spend lots of time fiddeling with it.

This NAS540 was rather cheap and houses 4 bays. It runs some semi-lockedin linux but allows ssh access with the same login for admin/root as the admin login from the web interface so you can easily poke around with its sometimes confusing internals.

 

There are tons of different 3rd party package managers I believe (or I don’t know what the hell I’m looking at).

The common Optoware is outdated/deprecated. Whats apparently cool now is metarepository which can enable several repositores, and from there you can install Entware-NG which has a crapload of packages, but its missing the glorious nmon so you will have to compile that manually (I did it and it works great).

You can probably install entware-ng without metarepository but using both should be a bit more satisfactory.

So, it starts bad. The official instructions talk about some web_prefix file that we can use to add the repository and make it visible from the filesystem. I never got that working but I found another file that was pointing to official zyxel ftp instead.

In my case, I replaced the line below which was found in /etc/package_src_url

ftp://ftp2.zyxel.com/NAS540/zypkg/5.11

with http://downloads.zyxel.nas-central.org/Users/Mijzelf/zypkg-repo/NAS540/zypkg/5.11/

5.11 is the current firmware version on my NAS. Edit to whatever you are running.

So from here you can go into the nas web ui and into packages and hit refresh.
Now your package list will only list MetaRepository. Go ahead and install.
Follow the link in the description field:
http://NAS_IP:5000/pkg/MetaRepository/pkgcgi.cgi

Here you can see how it enables several repositories.
My list looks like this:

# Official repository
ftp://ftp2.zyxel.com/+ ZyXEL
http://downloads.zyxel.nas-central.org/Users/Mijzelf/zypkg-repo/ + NAS540
# Local repository
/i-data/sysvol/admin/MyRepo/ Local

Go back and refresh the list in package management. If you still only see MetaRepository, you might need to revert /etc/package_src_url to the stock one and refresh again. Can be a little bit tricky.

So now you should install Entware-ng to get access to even more packages.
randomtools is nice as well since you’ll get rsync and so on.

Now go back into your filthy and moisty shell and install snmpd (prefer statically linked for clandestine environments such as this nas):

/opt/bin/opkg install snmpd-static

Entware creates a symlink to /opt so you can place your snmpd.conf in

/opt/etc/snmp/

You can summon the daemon by invoking:
/opt/sbin/snmpd

You might wanna hack togheter an init script for this service.

ownCloud 9 on Zyxel NAS540

This nas comes shipped with ownCloud v7 and they don’t support any newer version.

But luckily its very easy to install ownCloud 9 by (almost) simply replacing v7.
TLDR; Replace v7 installation and use external mysql database with innodb support.
SQLite database works fine though.

Replace 2eb5eb98 with whatever your disk is called in the system.

  1. Install owncloud provided by stock firmware. Just leave it, do not configure anything.
  2. Login with SSH and cd into /i-data/2eb5eb98/.PKG/ownCloud/gui
  3. mv ownCloud/ ownCloud_7_old (or delete)
    curl -O https://download.owncloud.org/community/owncloud-9.1.0.zip -k
    unzip owncloud-9.1.0.zip
    mv owncloud ownCloud
    chown -R nobody:nogroup ownCloud

If you get error 500 on https://NAS:5001/pkg/ownCloud/index.php
Try restarting the ownCloud service from the packages page in the NAS web ui by selecting disable and then enable again.

Now go to the https://NAS:5001/pkg/ownCloud/index.php site and configure your installation. Zyxel was kind enough to install MySQL so you don’t have to rely on silly flat files…but this mysql install doesn’t work with newer ownCloud like v9 because they switched from myisam db engine to innodb, which zyxels mysql doesn’t provide.

So your options here:

  • Use SQLite.
  • Use external database.
  • Upgrade the zyxel mysql to a newer version.

I went for external database on another server, but its nicer to have things consolidated in this case though…

Install Powerwalker UPS Software, “Viewpower” on RHEL 7

I’m connecting my Powerwalker UPS to one of my servers so I can benefit from features that allows my server to be shutdown nicely when my UPS battery is running out of cream.

Fetch the installer: http://www.powerwalker.com/software/ViewPower/installViewPower_Linux_text_x86_64.tar.gz

The installer can’t really been tested much, so there is some fixes to be implemented.

Make sure you edit the upsMonitor file at MONITOR_HOME  in /etc/init.d/ to match your installation directory. The installer doesn’t really care to automatically set that for you.

In my case,  I installed it into /opt/ViewPower as I don’t think it should be installed in root directory or using a version number in the directory name.

Fixes:

1) Create some symlinks so the application can find some libs:
ln -s /usr/lib64/libc.so.6 /lib/libc.so.6

2) The upsMonitor requires netstat. Since we don’t have netstat anymore we need to install net-tools:

yum install -y net-tools

3) If your /etc/init.d/upsMonitor is an empty file, just copy the file to:

cp /opt/ViewPower/upsMonitor  /etc/init.d/

Now we can start the monitor by running  /etc/init.d/upsMonitor start

While using the init script, you can see that the language is a bit broken, for instance:

“upsMonitor is not run”
“start upsMonitor servcie”
“upsMonitor service already start”

🙂

So there are many things that feels quite lax in this software.

The upsMonitor spawn 2 processes:

  • /opt/ViewPower/jre/bin/java com.zerog.lax.LAX /opt/ViewPower2.14/./StartMain.lax /tmp/env.properties.18050
  • /opt/ViewPower/jdk/bin/java -Djava.util.logging.config.file=/opt/ViewPower/tomcat/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager-Djava.endorsed.dirs=/opt/ViewPower/tomcat/endorsed -classpath /opt/ViewPower/tomcat/bin/bootstrap.jar:/opt/ViewPower/tomcat/bin/tomcat-juli.jar -Dcatalina.base=/opt/ViewPower/tomcat -Dcatalina.home=/opt/ViewPower/tomcat -Djava.io.tmpdir=/opt/ViewPower/tomcat/temp org.apache.catalina.startup.Bootstrap start

It launches the /opt/ViewPower/StartMain file which exposes tcp port 15178 that shows the default tomcat welcome page.
Some manuals actually says that the web interface can be found on another port which is wrong in this case.
You’ll find the actually ups web interface on http://serverip:15178/ViewPower/

Autostart the service using the legacy mode simply by running:

systemctl enable upsMonitor

Security patches in CentOS

No and nein.. yum –security check-update/update does NOT work in CentOS. This is simply because the CentOS is missing this metadata. When you are using RHEL you pay for this metadata. This is not entirely obvious at first glance, but I guess they didn’t want to alter the source code for yum, which still provides –security parameter for CentOS.

If you want automatically flagged packages, buy RHEL license and use RHEL instead…or if you are a dev, use the free developer program.

Otherwise, use https://cefs.steve-meier.de/

Sadly his parser is not open source so you need to rely on this guy. He hasn’t failed this far though.

 

fluentd: Install fluent-plugin-mysql on RHEL 7

fluent-plugin-mysql is a fluentd plugin that allows you to send logdata to MySQL/Mariadb database. However, it is a bit hard to find the exact details on how to install this in RHEL 7 (minimal install).

So here we go…

  • yum-config-manager –enable rhel-7-server-optional-rpms
  • yum install -y ruby-devel mysql-devel
  • /opt/td-agent/embedded/bin/fluent-gem install fluent-plugin-mysql
  • Profit!!

virt-manager xforward to OSX (release mouse)

When you forward virt-manager from a linux machine to OS X and try to release the mouse from the console, you might have noticed that this won’t work.

If you use XQuartz, simply go into preferences, select “Option keys send Alt_L and Alt_R”.

Source: https://major.io/2013/03/20/virt-manager-wont-release-the-mouse-when-using-ssh-forwarding-from-os-x/

Solaris SH and backspace

It is downright frustrating when you login to, for instance, Solaris 10 while you are in a hurry and keep pushing the wrong keys so your console looks like a greasy garbage dump filled with ^H^H^H^H and you just want to stangle yourself.

I shall never forget how to solve this problem by typing in this life saving coma^hmand:

stty erase <backspace key>

The command should look like this after you have hit your backspace key:

stty erase ^H

Now backspace key will function as expected, without starting bash.

To set-and-forget this on a global level:

echo stty erase <backspace key> >> /etc/profile

 

Pac Manager 4.5.5.7 on CentOS 7.1

This one is a sweet dependency hell, however, it is possible to get Pac Manager running using CentOS repo:s only (incl. epel) and one wget from cpan.

Since I’m running FreeBSD and Os X on my workstations and I have found that Pac Manager is the only really good connection manager I have encountered, I decided to set it up on a CentOS 7 vm and forward X over ssh to my FreeBSD workstation (Sure you can port the application, but for now this is the easy way).

So, this guide will show you how to get it running under a minimal CentOS 7 installation.  I’ve only tried with Pac Manager v 4.5.5.7 but could probably work with other versions as well.

I’ve sourced parts of the solution from forums and pac manager discussion board, most of them were broken in one way or another but this one has been refined several times using a clean CentOS 7 installations.

Manual installation

  1. Download pac-4.5.5.7-all.tar.gz from source forge.
  2. tar zvxf pac-4.5.5.7-all.tar.gz
  3. cd pac
  4. The embedded gnome2 vte modules are causing conflicts, removing them will force the application to look system wide instead:
    find . -name “Vte.so*” -exec rm -v {} +
  5. Perform a bunch of yum installs. 
    First enable epel repo:
    sudo yum install epel-release

    sudo yum install ftp perl-Gtk2.x86_64 unique-devel.x86_64 libglade2-devel.x86_64 perl-Socket6.x86_64 vte-devel.x86_64 GConf2-devel.x86_64 cpan perl-Gtk2 perl-YAML uuid-perl.x86_64 perl-Crypt-CBC.noarch

  6. Install development tools (maybe overkill with group install though):
    sudo yum groupinstall “Development tools”
  7. Bunch of cpan installs.You will be asked a few questions in some of these cpan installs, like

    This module requires X::Z to install itself.
    Install X::Z from CPAN? [n]

    Press Y on these.

    sudo cpan -if Module::Build
    sudo cpan -i IO::Stty
    sudo cpan -i Glib
    sudo cpan -i Expect
    sudo cpan -i Cairo
    sudo cpan -i Pango
    sudo cpan -if Gnome2::GConf
    sudo cpan -i Gtk2
    sudo cpan -i Gtk2::Unique
    sudo cpan -i Net:ARP
    sudo cpan -i Crypt::Rijndael
    sudo cpan -i Crypt::Blowfish
    sudo cpan -i Gtk2::Ex::Simple::List
    sudo cpan -i Gtk2::GladeXML

  8. Install Gnome2 vte:wget http://search.cpan.org/CPAN/authors/id/X/XA/XAOC/Gnome2-Vte-0.11.tar.gz
    tar zvxf Gnome2-Vte-0.11.tar.gz
    cd Gnome2-Vte-0.11
    sudo perl Makefile.PL
    sudo make
    sudo make install
  9. Try starting pac now.

    Things needed for x11 forwarding (if you installed CentOS 7.1 minimal)

  1. sudo yum install xorg-x11-xauth dbus-x11
  2. Again, possibly overkill with groupinstall…
    sudo yum groupinstall ‘Fonts’
  3. Now you should be able to start pac manger by running the following command from the pac manager directory (don’t forget to ssh -X user@host):
    dbus-launch ./pac

Sometimes, when running dbus-launcher ./pac I get:

Gtk-WARNING **: cannot open display: localhost:10.0 at /usr/local/lib64/perl5/Gtk2.pm line 168.

Log out/in from the SSH session solves this for me.

Scripted Installation

This script will install all dependences, except the ones related to X11 forwarding. Download the script from github:

https://github.com/telefax/Pac-manager-Dependency-installer-for-CentOS-7

 

FreeBSD and manual fan control on a Lenovo t410

Here is a quick way to manually control your fan speed on your Lenovo T410 running FreeBSD 10.x:

First load the kernel module:
$ kldload acpi_ibm.ko

Then check your new sysctl’s:

$ sysctl -a | grep -i fan
dev.acpi_ibm.0.fan_speed: 4527
dev.acpi_ibm.0.fan_level: 7
dev.acpi_ibm.0.fan: 1

Turn on manual mode:
$ sysctl dev.acpi_ibm.0.fan=0

Set fan for instance, to level 7:
$ dev.acpi_ibm.0.fan_level: 7

The man page for acpi_ibm.ko details the different levels:

    dev.acpi_ibm.0.fan_level
	     Indicates at what speed the fan should run	when being in manual
	     mode.  Values are ranging from 0 (off) to 7 (max).	 The resulting
	     speed differs from	model to model.	 On a T41p this	is as follows:
	     0		 off
	     1,	2	 ~3000 RPM
	     3,	4, 5	 ~3600 RPM
	     6,	7	 ~4300 RPM

It appears that my max speed is 4527 RPM.
You can check your temperature using
$ sysctl -a|grep temperature

FYI, mine shows 93.0C (!) right now cause this business laptop is utterly s**t since they put the inlet for air next to the air outlet. Really Genious. At least it helps a little to lower the CPU frequency using powerd.