Jump to content
limetech

unRAID Server release 4.5-beta2 available

51 posts in this topic Last Reply

Recommended Posts

Download.

 

The main new feature here is Active Directory support.  Realizing not many unRAID users have their server in an Active Directory domain, please post here if you do give it a try.

 

unRAID Server 4.5-beta2 Release Notes
=====================================

Changes from 4.4.2 to 4.5-beta2
-------------------------------

New features:
- Support Active Directory Service (ADS).  This lets an unRAID server join an Active Directory (AD) domain.
- System Management Utility will now use a CSS style sheet file on the Flash (config/style.css) if present.
- May now read syslog directly via browser by referencing 'http://tower/log/syslog' (substitute 'tower' with your server name).  Actually any 'file' in the /var/log directory can be read via 'http://tower/log/file'.
- May now read arbitrary files on disk and user shares via http protocol by referencing URL 'http://tower/share/<diskN>/...' or 'http://tower/share/user/<sharename>/...' (substitute 'tower' with your server name).
- Samba configuration now 'includes' the file on the Flash 'config/smb.extra' if present.  This is included at the end of the 'global' section just before the share definitions.  This may be used to customize the Samba configuration.
- Added control to enable/disable 'mover' logging.

Bug fixes:
- With user mode security enabled, would not accept 'root' share login until password was set at least once.
- Fixed problem in 'mover' script where mover would attempt to move objects in a top-level directory staring with a '.' character.  These would all fail and cause excessive syslog messages.
- Fixed bug in 'logrotate' which would prevent syslog from rotating.

Other changes:
- Part of adding AD support: Removed "User security [enabled/disabled]" control from Shares page, and added "Share security [simple/User Level/Active Directory]" control to Settings page:
  unRAID 'Basic' (free version) supports only 'Simple' share security model;
  unRAID 'Plus' supports 'Simple' and 'User Level' share security models only;
  unRAID 'Pro' supports all share security models ('Simple', 'User Level', and 'Active Directory').
- Removed System Management Utility control for setting SMB ports; this can be done via 'config/smb.extra' if desired.
- Change spin-down logic to account for external programs spinning drives up/down.
- Per user request, added '/usr/lib/libstdc++.so.6.0.9'
- Upgraded to linux kernel 2.6.28.4.
- Upgraded to samba 3.3.0.


Upgrade Instructions (Please Read Carefully)
============================================

If you are currently running unRAID Server 4.2-beta1 or higher (including 4.2.x 'final'), please copy the following files from the new release to the root of your Flash device:
    bzimage
    bzroot

If you are currently running unRAID server 4.0 or 4.1, please copy the following files from the new release to the root of your Flash device:
    bzimage
    bzroot
    syslinux.cfg
    menu.c32
    memtest

This can be done either by plugging the Flash into your PC or, by copying the files to the 'flash' share on your running server.  The server must then be rebooted.

If you are currently running unRAID Server 3.0-beta1 or higher, please follow these steps to upgrade:

1. Referring to the System Management Utility 'Main' page, make a note of each disks's model/serial number; you will need this information later.

2. Shut down your server, remove the Flash and plug it into your PC.

3. Right-click your Flash device listed under My Computer and select Properties.  Make sure the volume label is set to "UNRAID" (without the quotes) and click OK.  You do NOT need to format the Flash.

4. Copy the files from the new release to the root of your Flash device.

5. Right-click your Flash device listed under My Computer and select Eject.  Remove the Flash, install in your server and power-up.

6. After your server has booted up, the System Management Utility 'Main' page will probably show no devices; this is OK, navigate to the 'Devices' page. Using the model/serial number information gathered in step 1, assign each of your hard drives to the correct disk slot.

7. Go back to the 'Main' page and your devices should appear correctly.  You may now Start the array.


If you are installing this release to a new Flash, please refer to instructions on our website at:

http://www.lime-technology.com/wordpress/?page_id=19

Share this post


Link to post

Tom what happens if we "join" unRAID to a domain and then try to access unRAID shares from a computer OUTSIDE the domain?

(like a remote computer)

 

 

Share this post


Link to post

I had an issue with 4.4.2 related to NCQ and queue_depth.  Coping a 1G file took 5-6 minutes!  I loaded 4.5b2 to see if this issue was resolved.

 

I have a P5B VM DO, 2 Adaptec 1430SA controllers, 14 data drives (+ parity), and 500G sata cache disk.  No IDE and nothing on PCI bus.  User shares disabled.

 

Like 4.4.2, the default queue_depth is set to 31 on all drives in 4.5b2.

 

Here's are the speed tests I ran ...

 

1.  Coping a 1G file over the network (from an XP client) to an array disk took 1:35 (using drag and drop).

2.  Copying the same 1G file from the XP client to the staging disk took :20 (using drag and drop).

3.  Copying the same 1G from from the staging disk to the array took 2:07 (using cp command via telnet).

 

I then set queue_depth to 1 on all drives, and reran the tests ...

 

1.  1:20 (:10 seconds quicker ~ 10%)

2.  :20 (exactly the same)

3.  1:23 (:44 seconds quicker ~35%)

 

These are a nice little performance boost over the fastest I saw on 4.3.3 and 4.4.2.

 

But something is still not quite right with intra server copies with NCQ.

 

(Prior thread where issue was discussed:  here)

 

Share this post


Link to post

Tom what happens if we "join" unRAID to a domain and then try to access unRAID shares from a computer OUTSIDE the domain?

(like a remote computer)

 

First a caveat: I am not an expert on Active Directory - this is Jerah's expertise & I will ask him about this tomorrow.  I'm not sure what you mean by a computer outside the domain.  If a user can authenticate with the AD domain controller, then that user will be able to access unRAID resources as set up by the admin for that user.

 

Perhaps this is related to your question.  One reason Samba 3.3 is used is for support of a 'hashing' algorithm to map windows SID's to linux GID/UID's.  This provides support for 'trusted domains' without having to use a separate LDAP server.  Refer to description of "idmap_hash" in the Samba 3.3.0 release notes: http://samba.org/samba/history/samba-3.3.0.html

 

BTW, there's now a Samba 3.3.1 release which will be incorporated in the next unRAID beta.

Share this post


Link to post

I had an issue with 4.4.2 related to NCQ and queue_depth.  Coping a 1G file took 5-6 minutes!  I loaded 4.5b2 to see if this issue was resolved.

 

...

 

(Prior thread where issue was discussed:  here)

 

 

I was ignoring this issuing, hoping it might be fixed in the linux kernel update; apparently it wasn't.  Refer to reply in that thread.

Share this post


Link to post

"outside a domain" means not joined in a domain (like a normal Linux distro, a machine in a workgroup, in another non-trusted domain and so on)...

 

In windows, it will ask you for credentials when you do it - INCLUDING the domain.

For example I have a computer that is not joined in my domain, but I still need to access a share. Credentials requester will pop-up and I will have to enter them in the form "mydomain\myuser" (and then password) or... lately even "myuser@mydomain".

 

 

Share this post


Link to post

Did read-only parity check get scrapped - or is it coming in a later 4.5 beta?  :'(

Share this post


Link to post

Its been a long day so Im likely being an idiot however:

 

I have no users defined. Security set to simple. For the life of me i cant connect to SAMBA as it prompts for a username and password.

 

What am I missing?

Share this post


Link to post

hmmm i reckon (and I hope I am wrong) that this new version needs explicit users.

 

Is there a catchall way to do this so I dont have to add user details for every device on my network?

Share this post


Link to post

"outside a domain" means not joined in a domain (like a normal Linux distro, a machine in a workgroup, in another non-trusted domain and so on)...

 

In windows, it will ask you for credentials when you do it - INCLUDING the domain.

For example I have a computer that is not joined in my domain, but I still need to access a share. Credentials requester will pop-up and I will have to enter them in the form "mydomain\myuser" (and then password) or... lately even "myuser@mydomain".

 

Yes that works the same.  Put another way, if you enable AD, then your only access to resources on the server is via AD (there is no more "workgroup" that the server belongs to).

Share this post


Link to post

Limetech can you maybe add a few words for each of the security models as its not immediately intuitive.

 

I have a seperate post to do with the fact I cant access any share that I may be able to solve myself if i can understand more of what each means in the context of unRAID implementation.

Share this post


Link to post

OK if i define a username and password at least i can acces the server. So is it fair to say the old "let anyone do anything" method is now gone?

 

Edit: it seems if i just define a root password, leave all the "Valid users:" in the shares blank and define no extra users is equivalent to the older version with no security. No real testing done on this just running about trying to get something working so i can watch a movie :)

Share this post


Link to post

Did read-only parity check get scrapped - or is it coming in a later 4.5 beta?  :'(

Code is there, no GUI control yet; for example, can type this:

 

To run parity-check, correcting errors (ie, write correct parity to parity disk):

mdcmd check CORRECT

or just

mdcmd check

 

To run parity-check, do not correct errors:

mdcmd check NOCORRECT

 

 

Share this post


Link to post

OK if i define a username and password at least i can acces the server. So is it fair to say the old "let anyone do anything" method is now gone?

 

Edit: it seems if i just define a root password, leave all the "Valid users:" in the shares blank and define no extra users is equivalent to the older version with no security. No real testing done on this just running about trying to get something working so i can watch a movie :)

 

This sounds like a bug - I will look into it.

 

Please keep any 4.5-beta discussion in this thread  ;)

Share this post


Link to post

kinda hard to follow that way with several simultaneous discussions but your the boss. :)

 

I thought i had found a solution which i posted above but I was wrong its just cached sessions or credentials. Moved to explicitly defined users but someone should try and replicate to see if they can make the "simple" method work without defining user names and passwords

Share this post


Link to post

I noticed that my whole flash drive is read-only when accessing via Windows.  This wasn't the case with v4.4.2.  I went back to v4.4.2 and now my flash drive is read-write again.  Did something change with v4.5b2?  Is there some setting somewhere so that I can make my flash drive read-write with v4.5b2?

Share this post


Link to post

OK if i define a username and password at least i can acces the server. So is it fair to say the old "let anyone do anything" method is now gone?

 

Edit: it seems if i just define a root password, leave all the "Valid users:" in the shares blank and define no extra users is equivalent to the older version with no security. No real testing done on this just running about trying to get something working so i can watch a movie :)

 

This sounds like a bug - I will look into it.

 

Please keep any 4.5-beta discussion in this thread  ;)

Here's what I found with this:

 

I was seeing the same behavior on one machine, and it was working with a machine sitting right next to it.  What I discovered was that on the machine that was working I had attempted to join the domain, failed, and then reverted back to 'simple'.  The AD domain field was still populated but greyed out.  When I did the same thing on the machine that was broken (tried to join domain, fail, set back to simple), I was able to access the shares afterwards.

 

More on the domain join failure in my next post.

 

Share this post


Link to post

Did read-only parity check get scrapped - or is it coming in a later 4.5 beta?  :'(

Code is there, no GUI control yet; for example, can type this:

 

To run parity-check, correcting errors (ie, write correct parity to parity disk):

mdcmd check CORRECT

or just

mdcmd check

 

To run parity-check, do not correct errors:

mdcmd check NOCORRECT

 

Excellent!  Thanks Tom.

Share this post


Link to post

I was seeing the same behavior on one machine, and it was working with a machine sitting right next to it.  What I discovered was that on the machine that was working I had attempted to join the domain, failed, and then reverted back to 'simple'.  The AD domain field was still populated but greyed out.  When I did the same thing on the machine that was broken (tried to join domain, fail, set back to simple), I was able to access the shares afterwards.

 

Some followup:  I tried this on three more machines.  You don't actually need to fail to join the domain, you just need to set share security to Active Directory, type in the name of your domain, hit apply, then change share security back to simple and hit apply.

Share this post


Link to post

Some followup:  I tried this on three more machines.  You don't actually need to fail to join the domain, you just need to set share security to Active Directory, type in the name of your domain, hit apply, then change share security back to simple and hit apply.

And a final followup: It doesn't look like it even has to be the name of a real domain - I just put in 'foobar' and it started working.  And, as a bonus, if I change it back to a blank it still works, even after a reboot.  Funky.

 

Share this post


Link to post

I noticed that my whole flash drive is read-only when accessing via Windows.  This wasn't the case with v4.4.2.  I went back to v4.4.2 and now my flash drive is read-write again.  Did something change with v4.5b2?  Is there some setting somewhere so that I can make my flash drive read-write with v4.5b2?

 

Yes there is yet another problem with handling Flash share attribute bits - but finally I think it's sorted out in 4.5-beta3.

Share this post


Link to post

I noticed that my whole flash drive is read-only when accessing via Windows.  This wasn't the case with v4.4.2.  I went back to v4.4.2 and now my flash drive is read-write again.  Did something change with v4.5b2?  Is there some setting somewhere so that I can make my flash drive read-write with v4.5b2?

 

Yes there is yet another problem with handling Flash share attribute bits - but finally I think it's sorted out in 4.5-beta3.

Tom,

 

While you are making tiny tweaks...

 

Can you mount the flash drive with the noatime and nodiratime attributes enabled? 

 

We've discovered "write" activity to the flash drive when anything on it is read. (config files, etc.)  Normal "writes" are not an issue, as they are infrequent, but as the product evolves, there will be more and more files "read" from the flash drive on an on-going basis (css, php files, config files, etc.), and the repeated "writing" to update file and directory access times will only wear the flash drives out quicker.

 

Thanks in advance...

 

Joe L.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.