bubbaQ

To get timezone data, I am mounting "-v /etc/localtime"/etc/localtime:ro" but it does not appear in the unRAID Docker UI list of Volume Mappings for each container. Bug?

Hmmm... I'm ruining 6.2B21 and am hitting the same ~450MB/s ceiling, even when copying ramdisk to ramdisk. What am I missing?

I want to point out that this illustrates one drawback of unRAID moving to xfs preference over ReiserFS.... and that is file recovery utilities, like File Scavenger, only work with certain filesystems, and many more work with ReiserFS than work with xfs so it limits your choices.

I have a working Dockerfile for Syncrify now. I had to wrap a script around it and add that to the image. The script basically tests some mandatory conditions (like if you have mounted /opt/ to a local path on the host) and it allows Syncrify to be stopped and will automatically restart it without re-running the container (which was necessary for the way Syncrify does its updating). Because Syncrify updates inside the GUI, the program itself has to be installed on permanent (i.e. local host) storage which is why you MUST mount a local filesystem to /opt/ in the image. Syncrify will also store its database files there. You will also need to make sure you are sending the backup's themselves to a mount on the local host. Finally, when you go through create the admin account in the Syncrify GUI, you must uncheck the option to limit admin access to localhost. If anyone wants to try to build it and run it on their system, PM me and I'll share it with you.

Yes, you can split the tach from one fan to 2 headers.... but JUST the tach signal.

Like lots of people, I've searched for fan Nirvana of silence and move a boatload of air at the same time. Luckily I gave up and accepted the laws of physics. I have, however, found a new favorite 120mm fan. Delta AFB1212SHE-PWM. I am rebuilding a 4U rack case and needed three 120MM fans for the fan plate. One problem I have always had is that 3-pin PWM fans (or 4-pin fans on a 3-pin connector) can only be spun down by about 1/3 so a 2000 RPM fan on high, can only be spun-down reliably to a 3rd of that number, or about 700 RPM. And when you do that, you often get an annoying pulsating noise from the PWM. Plus most common case fans deliver poor static pressure in restricted airflow environments... particularly those marketed as "quiet" since those marketed as "quiet" are usually 2000 RPM and below. My new Supermicro mobo forced my hand as all the fan headers are 4-pin, and they do not support 3-pin PWM. 3-pin fans run 100%.... period. So I started looking at 4-pin 120mm fans. I also wanted good static pressure to pull air through the grills on the disk trays so I was looking for 38mm thick fans. I have a couple of Delta fans that came with cases in the past, that like most Deltas, move tons of air but sound like jet engines. What many people don't know, however, is that 4-pin PWM Delta fans can reliably go down to a very small (~15% or less) of their top speed, and do so without the pulsating noise. So I tried a AFB1212SHE-PWM because it is only 3700 max speed, and it is 38mm thick so it has better static pressure. On the Supermicro with the fan speed at 30% duty, the fan spins at 600 RPM and is nearly silent. Coupled with a 20mm fan shroud www.amazon.com/Phobya-38112-120mm-Plexiglass-Shroud/dp/B004CLFFIA (so the blades don't have to fly so close to the grill, another source of noise) I can barely hear the fan outside the case. In fact, most of the noise is merely the air entering the grills on the front of the case and exiting the grill in the back (I am running with no exhaust fan other than the one on the PSU). And if I have the need for serious cooling, ramp them up to 100% and they wipe out anything in the traditional case fan lineups. At 150 CFM and 14.5 mmH2O, it will pull small animals into the grill. And they are only $10 on Amazon. So this is my new favorite fan in restricted airflow and for radiators. Probably not a good choice for someplace you want total silence like HTPC.

No. Not because I don't want to, but because I don't have time to commit to support.... and the only way I can get it working right now is to actually proceed with the registration in the docker, because the Linux install has to update itself AFTER the registration, and that won't get committed to the docker.... so I can't distribute a committed docker image because it already has copyrighted Syncrify code in it. Someone else might want to tackle it if they want to support it. But Syncrify has it's own built-in updating in the UI, and there is no direct download of the latest server tarball.

I like Syncrify. I have it working in a docker, but there are some configuration tweaks I'm still working on.

Depending on what filesystem was on it, these are the programs to try: FTKImager (http://accessdata.com/product-download) File Scavanger (http://www.quetek.com/download.htm) UFS Explorer Professional Recovery (http://www.sysdevlabs.com/product.php?id=ufsxp5&os=win) These can recover the actual filesystem, and not just carve for certain types of files (like jpg) All are free or have free trials. And don't let Windows write to the drive (i.e. put a signature on it or partition it).

The notion of a WORM share-type with an update window is not to eliminate 100% of ransomware exposure... it is to minimize the damage. If you want 100% protection, you need to implement versioning or a backup rotation strategy like grandfather-father-son.

I have a 7-disk array that got a power surge which 1) killed a disk, and 2) corrupted the flash drive. The system was idle, so I have a high degree of confidence that parity is good (or at least good enough to use to rebuild the fried disk). I have a printout of all the drive assignments, so I can do a new-config. But how can I do a new config and trust parity, with a missing disk? I was thinking that I could install a spare disk for configuration purposes, save the config, then unplug it before starting the array, but that seems like a kludge. Alternatively, is there a way to individually "trust" data disks? The controller was fried too, and with the new controller the drives have different names in the unRAID UI, so although I have reassigned the right disks to the right slots, the system thinks they are the "wrong" disk. If I can tell unRAID to "trust" what it thinks are wrong disks in slots 1,2,3, and leave slot 7 as "missing" I can rebuild #7. Suggestions?

Remember your exposure window will be the change window plus 2x the interval between job runs. And a lot of people attach as "root" because Windoze caches credentials.... and this won't protect against root, unless you use extended attributes like "immutable."

I don't think there is anything off-the-shelf in Linux that will do this, unfortunately. But a cron job to change permissions on files modified more than xx-days/hours ago to make them read only would work with minimum of work. Call it a "change window" on new files. CryptoFortress and progeny will encrypt any shares it finds that the workstation can get to... not just mapped drives.

I had a bad electrical surge that knocked four 4TB drives offline in a 7-drive array (5 data, plus 2 parity). As luck would have it the 2 parity drives are fine along with 1 data drive. I lost 4 data drives. I was able to clone the 4 dead drives to new drives with a PC-3000. The clones mount and the filesystems are intact. But the only spare drives I had on hand were 6TB. So they are 4TB drives cloned to 6TB physical drives, obviously retaining their 4TB partition table. (Before you ask, this was significantly faster than doing a restore from backup for a variety of reasons.) I am ready to reinit the array with the clones, but what will unRAID do with a 4TB unRAID-proper partition that is on a 6TB disk, particularly since the two parity disks are only 4TB.

No, because as the OP noted, I need clock speed more than cores. The E5-1620 gives me 3.5gHz w/o paying for unnecessary cores.

The Gemini cooler does *not* have a bracket for a narrow LGA 2011 so the CPU cooler will have to be Noctua NH-U9DX i4 or NH-U9DX i4 3U. Another potential mobo is a Supermicro MBD-X10SRI-F. Any comments on the Supermicro MBD-X10SRI-F vs. the ASRock EPC602D8A

I need to rebuild a moderate horsepower unRAID server without breaking the bank or electric bill. I require a minimum four PCIe 3.0 slots and 28 lanes. That means I have to go socket 2011 and a 40 lane Xenon (40 lane i7 cost too much). I also need IPMI. 32GB RAM and a CPU cooler that fits in a 4U rack case without sounding like a jet engine. I will be using Adaptec 71605Q maxcache controllers, so mobo SATA is irrelevant. I also want a CPU higher in clock speed rather than more cores since a couple of my main apps that will run on this system benefit much more by higher clock speed than more cores/threads. I am leaning toward the ASRock EPC602D8A with a Xenon E5-1620 and Cooler Master Gemini II cooler (replacing the fan with a high static pressure fan, like an Akasa Viper (3.12 mm H2O) or Cooler Master Excalibur, with a shroud). RAM is to be 2 sticks of KVR18R13D4/16KF. MoBo:ASRock EPC602D8A CPU:Xenon E5-1620 Cooler:Cooler Master Gemini II RAM:KVR18R13D4/16KF Comments or suggestions? BTW, I am still waiting for conformation from CM that the Gemini has a bracket for the narrow LGA 2011 mountpoints. If not, I am back to the drawing board on a mobo.

For backups I use Syncrify, which lets me preserve multiple iterations of changed files, and preserve against deletions, as well as retain multiple versions of modified files. The backup server has no writable shares....it all goes through rsync or Syncrify. Plus it has deleted file retention so files deleted from the source will be preserved in the backup for XX days before being deleted from the backup.

One way is to link a cache-only share to the main user share. So the user share "stuff" is linked to a cache-only share called "stuff_in" and a scheduled/manual process will commit the changes in "stuff_in" to "stuff." You should be able to "merge" the two shares in FUSE for live reading. Files with the same name have to be rejected.... otherwise you will be letting potentially corrupted/malware files overwrite a good file on the R/O share. Not sure if you can detect the name collision when copying to the cache-only share or if it will have to be caught in the commit process later.

We also have to take into account hos SMB handles the extended attributes. Plus, IIRC, SMB sees a directory where the sticky bit is set as an append-only directory (often used for tmp files). Have to do some experimenting to confirm that.

Just created the user and granted explicit write access to disk shares, flash, and cache.

There are the append-only and immutable extended attributes, but they aren't quite what we need. What I'm thinking of is something similar to SnapLock system by NetApp... essentially a software-enforced WORM. It uses a commit-architecture so you can create and modify files inside a commit window, and they then transition to immutable once "committed." So a "commit" job (either scheduled or on-demand) can flag them immutable as needed. Similarly, you could make the share directory on cache as writable to defined users (or public), but the share directory on the array disks is read-only except to the mover (and of course root).

That's a good idea.... not just for ransomware resistance. All but one of my shares are read-only or simply not accessible, except by one maintenance account (not root). The one writable share ("incoming") is used for depositing files on the server, and after files are uploaded to "incoming" I log in and move them to a final destination from the command line. It's a PITA, but secure. With a "Read & Append" share, 99% of it could be done (safely) directly to the destination share.

Any reason you abandoned the Syncrify docker? I have Syncrify running on bare-metal in unRAID, and would like to move it to a docker, but didn't want to waste time if there was a deal breaker in it.

I know, but the difference between italics and normal is hard to see t a glance.