LaCie Ethernet Disk mini

(A post in English for all those millions and millions of non-Dutch speaking people out there desperately waiting for a guide to hack their EDmini.)

A while ago I was suddenly struck by the fear of losing all my data, so in a wild impulse, I bought a LaCie Ethernet Disk mini. The box has quite a few nice features:
  1. it looks pretty
  2. it runs Linux
  3. it is not too expensive when compared with other consumer-grade NAS products
  4. it is directly available in many stores (a very important factor if you are a victim of this type of anxiety—in this case: any second counts!)
Unfortunately, it also has a few drawbacks:
  1. it does not have a USB port to act as USB host (which basically means that you can forget about adding a USB Mass Storage device or a USB printer)
  2. the software for the Ethernet Disk mini v2.0 is a bit crappy (more specifically, the user interface via the web interface is a bit strange and especially the authentication mechanism is not as secure as what I deem necessary)
  3. file transfer via ethernet is, ehm, slow (see also the section Performance – Competative comparison in the review of the EDmini over at smallnetbuilder.com; the box does about 3 MB/s in both read and write tests, which is the slowest of all 8 tested NAS solutions)

Fortunately, drawback #1 is not an issue for me, and since it has feature #2, I can at least try to fix drawbacks #2 and #3.

Fortunately for me as well, I was not the first to try to customize the software on the EDmini. hypersonic.com has a small article explaining how to hack it so that you can have multiple samba shares, but I believe this is already addressed in the v2.0 firmware. Jim Studt however, has a bit more information on hacking the EDmini and adding an ssh server! Now we’re talking!

Jim Studts article is a little short on details, and it seems that besides having this sudden fear of losing all my data, I’m lacking both a very good memory and the brilliant idea of extensively documenting each and every step I make. Thus, I am typing all of this off the top of my head, and in case you discover any mistake in my “guide” here while hacking your EDmini, please let me know.

Step 1: Void your warranty

This is extensively covered by Jims guide, so I won’t repeat it here. In sort: pull the small sticker which says “Warranty void if seal broken”, take the box apart and put the disk in your desktop. Be careful to set the jumper for Master/Slave/Cable Select in the correct position.

It seems like partition 7 is root and 8 has an overlay of /etc, /tmp and /var. Therefore, in case you modify anything in one of those directories, be sure that those modifications are on both partitions! (I had the pleasure of discovering the consequences when they are not in sync: while I was hacking this thing and close to finishing it all up at 1:45 am, the box decided to put back the factory default settings, so I could start all over again… Lesson learned from this experience: mount is not the same as cat /proc/mounts! (Hint: use the latter one if you’re setting up this system!))

Step 2: Add remote root exploit

This is also covered by Jims guide. In short: place a file called exploit in /www/cgi-bin with the following contents:

  #!/bin/sh

  echo "Content-type: text/plain" 
  echo "" 
  eval $QUERY_STRING

Now you can do pretty much anything with this box (try this). (Oh, did I already mention that it was perhaps not a good idea to do this hack with the box connected directly to the Wild and Evil Internet? And if you’re stubborn and own-minded like I am, and still want to do this hack with the machine directly exposed to all of the dangers of the internet, then now is a good time to install a robots.txt in /www to keep out Google and friends.)

Step 3: Adding an SSH server

Jim describes adding an SSH server by cross compiling this from ELDK 3.1 since he thinks the software on the EDmini is based on ELDK 3.0. However, I have the impression that the software is based on Yellow Dog Linux, and furthermore, I’m not a compile-hero and felt a little left in the dark here. I ended up with unpacking the ELDK 3.1 dropbear binary RPM and copying the files and associated libraries manually. It seemed to work though.

The next step is adding a script to /etc/init.d and appropriate symlinks to /etc/rc.d/rc3.d and /etc/rc.d/rc6.d to start and stop dropbear. Be sure to also include some commands to enable pseudo terminals like this:

  if ! [ -e /dev/ptmx ] ; then
    mknod /dev/ptmx c 5 2
  fi
  if ! mount | grep devpts > /dev/null ; then
    mount devpts /dev/pts -t devpts
  fi
Now dropbear should start on boot. You can probably not yet login though, since we haven’t created a user yet. Create one with the root exploit by creating a simple script like this on your desktop and wget-ting and executing it on the EDmini:
  #!/bin/sh

  (echo secret; echo secret)|adduser me
to add a user called “me” with password “secret”. You should now be able to login.

As a last step, do some sed magic with the root exploit to set both UID and GID of this user in /etc/passwd to 0, so that this new user has root permissions.

Step 4: Add a Debian chroot

Of course adding only an SSH server to this machine is not enough. I want to run Debian! Native Debian might be a bit hard to accomplish, but a chroot should be close enough for my purposes.

On your favourite Debian machine, use debootstrap to create a minimal Debian environment for powerpc (don’t forget the --arch argument!), and tar this in a single file. Copy it over to the EDmini and extract it in /home/debian. Unpack the Debian chroot package on your desktop and copy usr/sbin/chroot to /usr/sbin/chroot on the EDmini. Now, on the EDmini, you should be able to do /usr/sbin/chroot /home/debian to get into the Debian environment! Add any packages you want; my favourites are vsftpd (slightly better performance than the default proftpd of the EDmini distribution), syslog, cron, rsync, nfs-user-server, ntp, postfix and dropbear (yes, again an SSH server; I modified the dropbear init.d script in /etc/init.d to start the server on a different port, so now I have two ssh servers running; one for the original system and one where I enter the Debian chroot directly).

Create a small script called startservices comparable to one of the scripts in /etc/init.d and place it in /home/debian/usr/local/sbin. The script should mount devpts and proc, create /dev/ptmx and start (or stop) the services you want to run in the chroot. Also add a small script to /etc/init.d which executes chroot /home/debian /usr/local/sbin/startservices $1 and create appropriate symlinks in /etc/rc.d/rc3.d and /etc/rc.d/rc6.d, so all services inside the chroot will be started on bootup and will be shutdown cleanly on shutdown.

Finally, you can change /dev/log in the host system to a symlink which points to /home/debian/dev/log; now all deamons should log to /var/log/messages on the host system. And don’t forget to remove the root exploit in /www/cgi-bin (or better: turn off the web interface completely)!

Step 5. Tips for tuning the performance

By default, the machine uses the boring FAT32 filesystem to store all your precious data. In the original webinterface, you can change this to ext3. This is what I did before I started this hack. In case you haven’t done that, then this might not apply to you.

/dev/hda3 contains all your data. Strangely though, this partition does not appear to be mounted on the EDmini. Instead, /dev/loop0 is mounted, and fdisk claims /dev/hda3 is FAT32. I decided to get rid if this strange setup by modifying /etc/init.d/userdata, and mounting /dev/hda3 directly as ext3 to /home. If it doesn’t increase performance, it surely will not decrease performance.

Result

The end result of this hack should be some 52 hours of hard sweaty work with about 10 hours of sleep in between (at least, that was my result), as well as a nice little box which you can configure to do (almost) anything you want and with a slightly better performance than the meager 3 MB/s. Currently, I’m getting 4.5 to 5 MB/s over FTP, which I think is close to the maximum of this machine. At least, the performance of the machine now belongs somewhere in the middle of the graphs in the review of smallnetbuilder.com, as opposed to the absolute bottom with the original firmware. A 2.6 kernel might help to improve the performance even a little more (it’s still running 2.4), but I doubt it will improve the performance to 8 or 9 MB/s; the teeny tiny CPU is just too limited. Besides, installing a different kernel on this box is non-trivial and I don’t know how to do that. (But if anyone manages to do install a new kernel, I would love to hear about this of course!)

Troubles

For some reasons still unclear to me, at some point during the install, the box was very unstable. This happened when I was installing packages in the Debian chroot, and the behaviour is very similar to what Art Age describes: suddenly, the box does not respond anymore and the fancy blue LED is blinking very fast. Only a hard reset will get it out of this state. In my case, it turned out that the ext3 filesystem on /home (where I was installing the packages) was screwed up, and the lovely and featureful default EDmini software does not have a fsck.ext3. (When I bought the device, I wondered how they solved the issue of checking the filesystem for errors and repairing if there were any. Well, it turns out they solved it by not checking it at all!) To repair the filesystem, I had to mount it read-only and chroot into the Debian install where I could do fsck.ext3 /dev/hda3 to repair it. Unfortunately, so many things were broken, that after letting fsck finish repairing the filesystem, I wiped out all files in /home and started again with building the chroot.

The second install went without any problems though, but this time, I accidentally installed Debian unstable instead of stable, and of course I only discovered this after I’d finished the whole installation. Sigh… (On a side note: downgrading to Etch (testing) proved to be quite easy though, and since Etch is expected to be released in a few months, this is not as bad as it initially looked. Only very, very stupid.)