I bought a QNAP TS-209 Pro NAS in the hope of reducing the load on my fileserver a little bit. The TS-209 comes with a bunch of features (though I won’t use many of these) including, notably, NFS and CIFS support. Sadly, the latter was the one thing which didn’t work perfectly first time, as everything else on this very nice little unit did. I was given the option of participating in a Windows Workgroup or joining an Active Directory domain but there was no option to do an RPC join. This is a problem as my domain controller is the aforementioned fileserver.
Not to worry, though. One of my reasons for buying this particular unit was that it is an embedded Linux system with SSH access. Let’s have a look inside.
[~] # find /etc -name smb.conf /etc/smb.conf /etc/default_config/smb.conf
So if I edit the
smb.conf and configure the domain I should be able to join it.
[~] # net join -sh: net: command not found
Ah. Where’s Samba?
[~] # ps waux | grep smbd 1020 admin 2920 S /usr/local/samba/sbin/smbd -D
Let’s try this then.
[~] # /usr/local/samba/bin/net join Joined domain CAMBRIDGE.
Great! But there’s one problem. Without knowledge of my LDAP accounts the QNAP won’t be able to assign consistent UIDs to Samba connections and there’s no nss_ldap installed. Let’s poke some more.
Although the guts of the TS-209 comprise an embedded distribution, the device ships with a basic install of Debian Etch on
/share/MD0_DATA/etch. If we chroot into it we should be able to install the LDAP libraries.
[~] # chroot /share/MD0_DATA/etch [~] # apt-get update ... [~] # apt-get install libnss-ldap
Unfortunately the C libraries used by the Etch install and the embedded OS outside the chroot don’t match so I couldn’t just use the new libnss_ldap.so.2. So how about I disable Samba from the QNAP web interface and apt-get Samba inside the chroot?
There’s one more hurdle. The QNAP puts shares you create under
/share/MD0_DATA which is outside the chroot. A bind mount fixes this.
[~] # mkdir -p /share/MD0_DATA/export/home [~] # mount -o bind /share/MD0_DATA/home /share/MD0_DATA/export/home
Samba inside the chroot can be configured to share out
This is all very well except Samba won’t start on reboot because the Etch init scripts won’t be run. Some investigation revealed that the QNAP runs two sets of startup scripts stored inside the chroot.
/share/MD0_DATA/etch/ext/extchroot-binare run outside the chroot.
/share/MD0_DATA/etch/ext/binare then run inside the chroot.
So the solution is very simple.
#!/bin/sh DATA=/share/MD0_DATA EXPORT=$DATA/etch/export for share in home files smb; do mkdir -p $EXPORT/$share mount -o bind $DATA/$share $EXPORT/$share done
#!/bin/sh /etc/init.d/samba start