• Posts

  • Joined

  • Last visited

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

digitalformula's Achievements


Apprentice (3/14)



  1. Unfortunately that doesn't reveal anything. I could throw some debug stuff in there though, I guess. Jul 27 10:59:16 ***-unRAID root: Starting go script Jul 27 10:59:16 ***-unRAID root: Starting emhttpd
  2. Ok, good to know. And no, I missed that info in the release notes - happy to accept fault for that. However, I wouldn't expect that change to cause /boot/config/go to fail/stop executing at that point. If that were the case I guess emhttp wouldn't start, either (and it does, since that's the webserver GUI, right?)
  3. Some, yes. Examples: - There's a folder called "shares". The share names within that folder are "anonymized" by having only the first and last letter included, but syslog.txt includes references to the full share name. I have shares based on customer names that I don't want exposed. - IP address info isn't anonymized i.e. my client IP addresses are in there - VM names are in logs/libvirt.txt and I have VMs matching project names - Hardware serial numbers are in syslog.txt e.g. HDD serials (this actually is a big deal for some client types) - sshd port number is in syslog.txt (etc) I can understand the potential argument that none of this is overly useful for malicious purposes if your network security is up to scratch, but that argument is negated by posting diagnostics on a forum. That said, IMO system information must be either 100% anonymized (*all* instance-specific/identifiable data removed) or there's no point in anonymizing at all. In my experience, logs can show why something happened without showing who it happened to. The disclaimer is that yes, there are situations where information is useless without knowing who was involved, but that's not the case here (again, IMO).
  4. Perfect, thank you. (Seriously, thanks - not trying to be a smartass).
  5. I'm running 6.9.0-beta25. No need for diagnostics yet since I just want to know if /boot/config/go is still used at this point. If the answer is yes, I'll worry about it then (I'm not comfortable with attaching those diagnostics dumps to forum posts, for fairly obvious reasons).
  6. As per the subject, is /boot/config/go still used? I'm asking as I have stuff in my /boot/config/go file that never gets run. Follow up question - If /boot/config/go is still used, why would the commands there get ignored? Here is /boot/config/go, for reference: #!/bin/bash # Start the Management Utility # modprobe i915 # chmod -R 777 /dev/dri # copy SSH keys mkdir -p /root/.ssh chmod 700 /root/.ssh cp /boot/config/ssh/authorized_keys /root/.ssh/ chmod 600 /root/.ssh/authorized_keys mount -o remount,size=384m /var/log /usr/local/sbin/emhttp & I have verified that authorized_keys is not where it should be after reboot.
  7. Sure, but that's why I asked if it's possible to make it user configurable. It wouldn't diminish the functionality of the plugin at all and could even still allow FCP to throw up a notification when an emergency release comes out. Edit: An "error" suggests something is broken. A plugin that isn't updated isn't something that's broken.
  8. Is it possible to add a user-defined alert level for the things FCP raises? To me it's not an error if FCP isn't the latest and isn't a warning if a Docker container isn't the latest (i.e. "if it ain't broke, don't fix it"). Showing those as errors and warnings is misleading.
  9. I would have thought that, too, but I have various aliases setup that do specify the appropriate private key when making the connection, and on a non-standard port now. ssh-agent shouldn't really be required after adding the key to the server's ~/.ssh/authorized_keys though (which I have done). I didn't "fix" it though. The workstation in question needed to be rebuilt and so I've just setup an unRAID-specific key pair that I'll use from now on. The original key is only used for some other private connections so doesn't need to be used for unRAID on this network. Thanks for responding, though!
  10. Where's the configuration or setting that says which IPs are blocked from connecting via SSH? I have checked /etc/hosts.deny but I believe it won't persist between reboots anyway. I can only connect if I use this: ssh -o IdentitiesOnly=yes root@unraid Additional info re why I'm asking: - Fix Common Problems said I was possibly compromised on March 14th. All the attempts came from the static IP of my workstation and all on a range of ports that aren't explicitly configured in unRAID - Until this afternoon SSH was still on port 22 but that's OK because of the other stuff below (it's not on port 22 anymore, but that's made no difference) - My ISP's router is a gateway device only and everything inside it is protected by various IDP and DPI devices (I would never use an ISP's "free" device as anything other than a gateway) - unRAID is not exposed to the internet, is not in any sort of DMZ and there are no port forwards or pinholes that allow SSH anywhere near it from the outside - I've rebooted - unRAID is the latest version - All containers and plugins are on latest versions - There's no access to anything from the outside except via a VPN from specific approved devices, including explicit MAC filtering - SSH keys in /boot/config/ssh are not 0 bytes in size, as per this: For that reason, I don't think I've actually been compromised - it was probably something else that I'm yet to track down. On that day I was making some changes and might've messed something up. Thanks
  11. I gave up waiting and moved PiHole to a CentOS 7 VM a while back. Deleted the PiHole container. Didn't have a lot of choice since I need VMs more than I need PiHole to be running as a container.
  12. how many subnet do you have? Is the computer that you tried to connect to pihole on the same subnet as the pihole? If not, try to use the same subnet, btw, pihole should have a web interface, try to open that as well Yup sorry I should've included that info before. unRAID, this desktop, the Pi-hole WebUI etc are all on the same subnet. Pi-hole and its UI are working fine and I can see traffic there + ads being blocked. Tested with and a few others that are known to be bad for ads. I don't really use KVM on unRAID anymore so I'll just ignore it for now. Thanks, though.
  13. Yes, same subnet - this part of the network is all on the same /24 (the other parts are DMZ etc, so completely isolated from unRAID). Edit: THe Pi-hole UI does show that IP as the "Pi-hole IPv4 address" though. Edit 2: Btw, Pi-hole is functioning just fine and ads are being blocked. I can see the stats in the UI.
  14. It is already configured as bridge. There's a setting for "Server IP" but no matter what I set that to, that IP doesn't respond to anything. It's no biggie, though - stopping KVM has worked.
  15. Hello - Is dnsmasq required for the operation of KVM? Asking as I'm trying to install Pihole but the Docker container is failing due to port 53 already being in use. Netstat tells me it is in use by dnsmasq on local address and I've tracked that down to being attached to virbir0 in the routing table. Stopping KVM allows the container to work. Can I still use KVM if I somehow remove/stop dnsmasq? Docker is more important than KVM on this server so it's not a biggie if the answer is no.