Poor man's NAS
nasA Network Attached Storage(NAS) has been in my wanted list for quite a long time, thanks to Live Search Cashback program to make it happen: a Western Digital MyBook World Edition(500GB). More information about the hardware specification:
- ARM926EJ-Sid(wb) [41069265] revision 5 (ARMv5TEJ) 99.73 MHz
- Memory: 32M
- VIA Networking Velocity Family Gigabit Ethernet
- WD5000AAVS-0 500G HD
I believe 100MHz ARM CPU is powerful enough to drive this tiny box, but the limited capacity of memory cripples it as a lame duck. The sustainable file write(85G using lftp mirror) rate is approximately 3.8MB/s. It hardly qualifies any service beyond file server. Now, it is time to hack.
Jailbreak and SSH
The first thing to do is to create a user in the web interface of MyBook as root
with null password is banned for security reason. Log on with admin
and
123456
, create a user JOE
and setup the password for later use. Run the
script discussed in the
wiki, and ssh with
JOE. Now you can su to root with blank password, 0wned!
User management
MyBook takes a very intricate way to manage users:
All Samba users are granted shell access, but unix password sync = yes
is not
set, the /etc/shadow
and /var/private/smbpasswd
are updated individually by
a Perl script via the web interface. The only reasonable explanation is the
minimized Samba lacks PAM support.
All user names are capitalized. I assume this is a brutal force approach to address the difference between Samba and Linux native accounts: Windows user name is case insensitive, while Linux is case-sensitive.
As the password scrambled in /etc/shadow
, it is easier to add/delete/update
users via the web interface, then fine-tune the corresponding files. The user
administration executives are hidden in /usr/www/nbin
Share with Samba
The default exported directory is /share/internal/PUBLIC
, the permission of
the directory is set as rwsr-sr-x
, and the owner is www-data
, YMMV. So any
file/directory created will be owned by www-data.
remember to change the default mask in /etc/smb.conf:
create mask = 0775
directory mask = 0775
Package management
Though I am a big fan of Gentoo, it is a little bit paranoid to build everything from scratch. A precompiled package management, like Optware makes more sense. Check out this tutorial for bootstrapping.
The essential packages for daily administration imho are screen, lftp.
Feature requests
There are some itchy miss features, if you happen to know a solution or hint, please drop me a message in the comment:
Access Anywhere No mionet, just SSH. If you are a perfectionist, consider to port this Delphi application to MyBook to host MyBook in your preferred domain.
Download Manager A web front-end to listen to download requests from Firefox/IE plugins, then delegate it to wget backend with cookie support. A more aggressive approach may support megaupload happy hour.