Unassigned Devices - Managing Disk Drives and Remote Shares Outside of The Unraid Array


Recommended Posts

2 hours ago, bobobeastie said:

Not sure if this should go in my thread, but could this just be due to a duplicate UUID?  I understand that that issue is usually caused by a bad file system, but now that that is fixed and the UUID issue remains, should it be addressed?  Even if I can get around it now, I'm guessing I might have the same issue when I'm done with the drive and will want to add it as a new drive to my array, so might as well try to deal with it now.  I could try running "xfs_admin -U generate /dev/mapper/mdX" on the array drive that is a duplicate of the UD drive, or probably better, try changing the UUID of the UD drive.

Ok.  Go to a terminal and enter these commands:

/sbin/cryptsetup luksOpen /dev/sdX1 HGST_HDN726060ALE614_K1H90MAD -d /root/keyfile
xfs_admin -U generate /dev/mapper/HGST_HDN726060ALE614_K1H90MAD
/sbin/cryptsetup luksClose HGST_HDN726060ALE614_K1H90MAD

sdX1 is the current partition designation.

Edited by dlandon
Link to comment
2 hours ago, dlandon said:

Ok.  Go to a terminal and enter these commands:


/sbin/cryptsetup luksOpen /dev/sdX1 HGST_HDN726060ALE614_K1H90MAD -d /root/keyfile
xfs_admin -U generate /dev/mapper/HGST_HDN726060ALE614_K1H90MAD
/sbin/cryptsetup luksClose HGST_HDN726060ALE614_K1H90MAD

sdX1 is the current partition designation.

How do I tell what X should be in sdX1?  Is this telling it that the encryption key is the same as the array?

Link to comment
20 minutes ago, bobobeastie said:

How do I tell what X should be in sdX1?  Is this telling it that the encryption key is the same as the array?

Click on the + sign.  You'll see this:

1401146525_DriveDesignation.png.408c6c01818b3b6599b6865669029aeb.png

In this case it is sdg1.  The '1' is the partition number.

 

Yes, the array keyfile is used.

Link to comment

Hello,

Thank you for maintaining this plugin - it's very useful and seems to work rather well. Very much appreciated.

 

I understand Nmap was added as a requirement so that a "scan for NFS shares" button would be available. When I saw nmap show up during an upgrade - fears of compromise IMMEDIATELY set in. I believed that this plugin's repository was compromised and nefarious actors wished to scan users' networks swiftly and with ease - perhaps to install a RAT or compromise other devices within personal networks behind firewalls. This was extremely disconcerting to see!

 

 

From what I understand, this is a drive mapping/mounting utility - not a network scanning and discovery tool. I personally disagree with the choice of installing a hand-picked nmap version by default. It's understandable to want to provide the convenience to 'scan' for NFS shares, however by nature of the way NFS access is granted by IP restrictions (exclusive of more elaborate systems such as kerberos), it would follow that users must know the IP addresses, or at least hostnames, of both the server and the clients anyway, and won't need this feature to begin with.

 

 

Installing a network mapping binary by default for a drive mapping utility seems very excessive to me. May I suggest removing this, making it an optional extra (the button shows up if nmap was discovered), or foregoing any network scanning feature altogether?

 

For those of you that wish to continue to use this plugin, but would rather not have nmap installed - you can run the following to uninstall the package. The plugin appears to function just fine without nmap. (Again, thank you dlandon for providing this procedure in 2016)

cd /var/log/packages
removepkg nmap-*

Unfortunately, until the current maintainer of the project also agrees to remove the package requirement, it appears you must manually perform this step every time you update the plugin.

 

Cheers

Edited by bitcore
Link to comment
9 minutes ago, bitcore said:

I understand Nmap was added as a requirement so that a "scan for NFS shares" button would be available. When I saw nmap show up during an upgrade - fears of compromise IMMEDIATELY set in. I believed that this plugin's repository was compromised and nefarious actors wished to scan users' networks swiftly and with ease - perhaps to install a RAT or compromise other devices within personal networks behind firewalls. This was extremely disconcerting to see!

The nmap package was updated by me.  The repository was not compromised.

 

11 minutes ago, bitcore said:

From what I understand, this is a drive mapping/mounting utility - not a network scanning and discovery tool. I personally disagree with the choice of installing a hand-picked nmap version by default. It's understandable to want to provide the convenience to 'scan' for NFS shares, however by nature of the way NFS access is granted by IP restrictions (exclusive of more elaborate systems such as kerberos), it would follow that users must know the IP addresses, or at least hostnames, of both the server and the clients anyway, and won't need this feature to begin with.

This has been discussed ad-nauseum.  I removed the package, and then I agreed to leave nmap in as a convenience to users.

13 minutes ago, bitcore said:

Installing a network mapping binary by default for a drive mapping utility seems very excessive to me. May I suggest removing this, making it an optional extra (the button shows up if nmap was discovered), or foregoing any network scanning feature altogether?

I won't remove the package from the plugin.  Conditional plugin installation is not easy.  I'm not sure what could be done except your manual removal.

  • Haha 1
Link to comment
41 minutes ago, dlandon said:

The nmap package was updated by me.  The repository was not compromised.

 

This has been discussed ad-nauseum.  I removed the package, and then I agreed to leave nmap in as a convenience to users.

I won't remove the package from the plugin.  Conditional plugin installation is not easy.  I'm not sure what could be done except your manual removal.

Hello dlandon,

I understand, thanks for your reply and comments.

Is it possible to "echo" a comment during the install of the plugin, so that users who see the nmap and are alarmed, as I was, are presented with a way to remove without having to search?

 

Cheers.

Link to comment
1 hour ago, bitcore said:

Hello dlandon,

I understand, thanks for your reply and comments.

Is it possible to "echo" a comment during the install of the plugin, so that users who see the nmap and are alarmed, as I was, are presented with a way to remove without having to search?

 

Cheers.

No one will pay attention to the package installation comments, and I doubt many users even understand what nmap is or does.

 

A package won't be installed by UD unless specified in the plugin, is downloaded using a secure link, and the MD5 checksum is verified.  All UD packages are hosted on my secure Github.  They are not downloaded randomly from the Internet.  I think you are overreacting a bit here.

 

I have added a parameter to the "UD Settings" that will allow you to remove the nmap package if it is that much of a problem for you.  It is removed when the array is started, so you have to reboot or stop and start the array for it to take effect.  nmap is installed by default when the plugin is installed.

  • Thanks 1
Link to comment
2 hours ago, dlandon said:

No one will pay attention to the package installation comments, and I doubt many users even understand what nmap is or does.

 

A package won't be installed by UD unless specified in the plugin, is downloaded using a secure link, and the MD5 checksum is verified.  All UD packages are hosted on my secure Github.  They are not downloaded randomly from the Internet.  I think you are overreacting a bit here.

 

I have added a parameter to the "UD Settings" that will allow you to remove the nmap package if it is that much of a problem for you.  It is removed when the array is started, so you have to reboot or stop and start the array for it to take effect.  nmap is installed by default when the plugin is installed.

Hi dlandon,

Thanks again for your reply.

Yes, I tend to be more paranoid than most, still, I prefer to run minimal configurations where possible.

I appreciate your responses, and the time and energy you have put forth into maintaining the plugin. Genuinely: Thank you.

Link to comment
1 hour ago, jlficken said:

Can anyone explain to me how to make SMB shares thru UD not show up in Windows?

 

I have set browseable in the config file in memory, however, a reboot makes it go away (obviously) so how to I make it permanent?

 

 

smb-extra.cfg on the flash drive?

Link to comment
9 hours ago, jlficken said:

Can anyone explain to me how to make SMB shares thru UD not show up in Windows?

 

I have set browseable in the config file in memory, however, a reboot makes it go away (obviously) so how to I make it permanent?

 

 

Set the smb shares as hidden in UD settings.

Edited by dlandon
Link to comment

I've been trying this so many different ways and I'm just not sure what I'm doing wrong.  I have 2 unraid servers with one being a backup of the other.  What I'm trying to do at this time is mount a SMB share from Server 2 on Server 1.  I've selected SMB as the share type when setting it up.  I've let the system find the server which it does no problem.  I enter a username and password for an account (set the same on both servers).  I leave the domain empty.  I enter the share name just like it shows under shares.  I click Add.  Then I click on MOUNT and the first time it looks like it mounts no problem, but when I click the link for the mount point the screen just sits there loading and never shows the files or folders in the share.  I've let it sit there trying to load for over an hour as a test and it never does.  When I go back to MAIN the mapped share shows SIZE 0 B and USED 0 B.  If I try to unmount the share it takes a long time trying and sometimes it does it and sometimes it doesn't.  Based on some other posts I've seen from online searches I've even tried going into the Unassigned Devices settings and set Force all SMB remote shares to SMB v1? to Yes on both servers.  I even rebooted both servers just to eliminate possible issues there.  Nothing seems to work.  The issue is the same if I try to do the same from Server 1 to a share on Server 2.  Any guidance would be greatly appreciated.

Link to comment
4 hours ago, Haldanite said:

I've been trying this so many different ways and I'm just not sure what I'm doing wrong.  I have 2 unraid servers with one being a backup of the other.  What I'm trying to do at this time is mount a SMB share from Server 2 on Server 1.  I've selected SMB as the share type when setting it up.  I've let the system find the server which it does no problem.  I enter a username and password for an account (set the same on both servers).  I leave the domain empty.  I enter the share name just like it shows under shares.  I click Add.  Then I click on MOUNT and the first time it looks like it mounts no problem, but when I click the link for the mount point the screen just sits there loading and never shows the files or folders in the share.  I've let it sit there trying to load for over an hour as a test and it never does.  When I go back to MAIN the mapped share shows SIZE 0 B and USED 0 B.  If I try to unmount the share it takes a long time trying and sometimes it does it and sometimes it doesn't.  Based on some other posts I've seen from online searches I've even tried going into the Unassigned Devices settings and set Force all SMB remote shares to SMB v1? to Yes on both servers.  I even rebooted both servers just to eliminate possible issues there.  Nothing seems to work.  The issue is the same if I try to do the same from Server 1 to a share on Server 2.  Any guidance would be greatly appreciated.

Sounds like network issues.  Post your diagnostics.

Link to comment
1 hour ago, jlficken said:

I haven't messed with that yet as I don't see anything specific to my shares in there.

 

I was wondering if I need to put something into the samba config inside of the UD config directory where I actually see the SMB share config?

 

It's best to not mess with these files.  I suggested in an earlier post that you set the UD Setting for the SMB shares to enable Hidden shares.

413051835_Sharessetting.png.cbf52db8487fb3fab8224335e94f435a.png

The shares will not be browseable in Windows.  Isn't this what you are looking for?

  • Thanks 1
Link to comment
2 hours ago, dlandon said:

It's best to not mess with these files.  I suggested in an earlier post that you set the UD Setting for the SMB shares to enable Hidden shares.

413051835_Sharessetting.png.cbf52db8487fb3fab8224335e94f435a.png

The shares will not be browseable in Windows.  Isn't this what you are looking for?

That works with the user shares under the SHARES tab, however, I'm trying to disable browsing on the SMB Shares | NFS Shares | ISO File Shares under the MAIN tab.

 

These shares are defined in the /boot/config/plugins/unassigned.devices/samba_mount.cfg file.

 

In the /etc/samba/unassigned-shares/<ShareName> file you can add:

browseable = No

to hide them, however, those settings don't persist between reboots.

 

 

 

Link to comment
3 hours ago, dlandon said:

I suggested in an earlier post that you set the UD Setting for the SMB shares to enable Hidden shares.

413051835_Sharessetting.png.cbf52db8487fb3fab8224335e94f435a.png

The shares will not be browseable in Windows.

42 minutes ago, jlficken said:

That works with the user shares under the SHARES tab, however, I'm trying to disable browsing on the SMB Shares | NFS Shares | ISO File Shares under the MAIN tab.

The screenshot he showed you was from Settings - Unassigned Devices.

  • Like 1
Link to comment
3 minutes ago, trurl said:

The screenshot he showed you was from Settings - Unassigned Devices.

Doh, I get it now.  I'm a dumba$$ 🙁

 

I was looking under SMB settings on the shares.

 

Sorry @dlandon for my stupidity.  I changed it to what you suggested and it's working great now.

 

Now the only thing left for me to get figured out is why Heimdall errors out after awhile when behind the LetsEncrypt reverse proxy. 

 

 

Link to comment
4 minutes ago, Haldanite said:

Sorry, still a bit new to this.  I've pulled the diagnostics files from both servers, but not sure how to post them.  They created zip files with several folders and files inside them.

What's odd is that I tried to setup a new test share on one of the servers and created a few test documents there and that seems to work.  I was able to click the link on the main tab and it opened right up to show me the test files.

Link to comment
  • trurl pinned this topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.