Posts by semitones

Hi,

I'm having trouble mounting disks in OMV.

sdb -- this was working in OMV 3 before I did a fresh install of OMV 5

sdc -- this wasn't mounting in OMV 3.

In the web interface, disks sees the following (sorry for the huge image):

file systems sees this

notice that file systems sees devices that Disks does not see.

On the commandline, I have this information:

$ blkid
/dev/mmcblk0p1: LABEL_FATBOOT="boot" LABEL="boot" UUID="592B-C92C" TYPE="vfat" PARTUUID="8e92d448-01"
/dev/mmcblk0p2: LABEL="rootfs" UUID="706944a6-7d0f-4a45-9f8c-7fb07375e9f7" TYPE="ext4" PARTUUID="8e92d448-02"
/dev/sda1: UUID="0012-D687" TYPE="vfat"
/dev/sdc2: LABEL="Seagate Backup Plus Drive" UUID="4644636B44635CA5" TYPE="ntfs" PTTYPE="atari" PARTLABEL="Basic data partition" PARTUUID="cd03214c-767f-4473-84a6-7f99999521f5"
/dev/sdb1: LABEL="2-ext4" UUID="a8b2073b-f14f-4987-b966-aeafb72b0254" TYPE="ext4" PARTUUID="c940b2af-01"

I can do sudo mount /dev/sdb1 /mnt temporarily with no errors

I can mount sdc2 with no errors

sda1 is mounted by OMV to /srv/dev-disk-by-id-usb-SMI_USB_DISK-0-0-part1

Trying to mount sdb1 in the web interface gives the following errors:

Error #0:
OMV\ExecException: Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C.UTF-8; mount -v --source '/dev/disk/by-label/2-ext4' 2>&1' with exit code '32': mount: /srv/dev-disk-by-id-usb-SMI_USB_DISK-0-0-part1: wrong fs type, bad option, bad superblock on /dev/sdb1, missing codepage or helper program, or other error. in /usr/share/php/openmediavault/system/process.inc:182
Stack trace:
#0 /usr/share/php/openmediavault/system/filesystem/filesystem.inc(738): OMV\System\Process->execute()
#1 /usr/share/openmediavault/engined/rpc/filesystemmgmt.inc(931): OMV\System\Filesystem\Filesystem->mount()
#2 [internal function]: Engined\Rpc\OMVRpcServiceFileSystemMgmt->mount(Array, Array)
#3 /usr/share/php/openmediavault/rpc/serviceabstract.inc(123): call_user_func_array(Array, Array)
#4 /usr/share/php/openmediavault/rpc/rpc.inc(86): OMV\Rpc\ServiceAbstract->callMethod('mount', Array, Array)
#5 /usr/sbin/omv-engined(537): OMV\Rpc\Rpc::call('FileSystemMgmt', 'mount', Array, Array, 1)
#6 {main}

Trying to mount sdc2 gives me the following errors:

Error #0:
OMV\ExecException: Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C.UTF-8; mount -v --source '/dev/disk/by-label/2-ext4' 2>&1' with exit code '32': mount: /srv/dev-disk-by-id-usb-SMI_USB_DISK-0-0-part1: wrong fs type, bad option, bad superblock on /dev/sdb1, missing codepage or helper program, or other error. in /usr/share/php/openmediavault/system/process.inc:182
Stack trace:
#0 /usr/share/php/openmediavault/system/filesystem/filesystem.inc(738): OMV\System\Process->execute()
#1 /usr/share/openmediavault/engined/rpc/filesystemmgmt.inc(931): OMV\System\Filesystem\Filesystem->mount()
#2 [internal function]: Engined\Rpc\OMVRpcServiceFileSystemMgmt->mount(Array, Array)
#3 /usr/share/php/openmediavault/rpc/serviceabstract.inc(123): call_user_func_array(Array, Array)
#4 /usr/share/php/openmediavault/rpc/rpc.inc(86): OMV\Rpc\ServiceAbstract->callMethod('mount', Array, Array)
#5 /usr/sbin/omv-engined(537): OMV\Rpc\Rpc::call('FileSystemMgmt', 'mount', Array, Array, 1)
#6 {main}

Please let me know if there's anything for me to try.

Thanks ryecoaaron. I didn't see anything on the first page of the updates page, but I guess I should have searched. Thanks!

When I try to install regular updates from within the webgui (after not updating in a while) I get the following error:

>>> *************** Error ***************
Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; export DEBIAN_FRONTEND=noninteractive; apt-get --yes --force-yes --fix-missing --auto-remove --allow-unauthenticated --show-upgraded --option DPkg::Options::="--force-confold" install base-files bind9-host ca-certificates debconf debconf-i18n debian-archive-keyring firmware-adi firmware-amd-graphics firmware-atheros firmware-bnx2 firmware-bnx2x firmware-brcm80211 firmware-intelwimax firmware-ipw2x00 firmware-ivtv firmware-iwlwifi firmware-libertas firmware-linux firmware-linux-nonfree firmware-misc-nonfree firmware-myricom firmware-netxen firmware-qlogic firmware-ralink firmware-realtek firmware-samsung firmware-ti-connectivity git git-core git-man gnupg gpgv initramfs-tools intel-microcode libasn1-8-heimdal libbind9-90 libc-bin libc6 libcups2 libcurl3 libcurl3-gnutls libdb5.3 libdbi1 libdns-export100 libdns100 libexpat1 libffi6 libfreetype6 libgcrypt20 libgd3 libgnutls-deb0-28 libgnutls-openssl27 libgraphite2-3 libgssapi-krb5-2 libhcrypto4-heimdal libhdb9-heimdal libheimbase1-heimdal libhx509-5-heimdal libicu52 libirs-export91 libisc-export95 libisc95 libisccc90 libisccfg-export90 libisccfg90 libjs-extjs6 libk5crypto3 libkrb5-26-heimdal libkrb5-3 libkrb5support0 libldap-2.4-2 liblwres90 libmysqlclient18 libncurses5 libncursesw5 libonig2 libpam-modules libpam-modules-bin libpam0g libperl5.20 libpq5 libroken18-heimdal librtmp1 libssl1.0.0 libsystemd0 libtasn1-6 libtiff5 libtinfo5 libtirpc1 libudev1 libwbclient0 libwind0-heimdal libx11-6 libx11-data libxml2 libxslt1.1 linux-image-4.9.0-0.bpo.4-amd64 linux-image-amd64 locales login multiarch-support mysql-client-5.5 mysql-common mysql-server mysql-server-5.5 mysql-server-core-5.5 ncurses-base ncurses-bin nginx nginx-common nginx-full openmediavault openmediavault-plexmediaserver openssh-client openssh-server openssh-sftp-server openssl openvpn passwd perl perl-base perl-modules plexmediaserver postfix proftpd-basic python-samba rpcbind rsync samba samba-common samba-common-bin samba-dsdb-modules samba-libs samba-vfs-modules sensible-utils sudo systemd systemd-sysv tcpdump tzdata udev unzip vim-common vim-tiny wget wpasupplicant 2>&1' with exit code '100': Reading package lists...


Building dependency tree...


Reading state information...


firmware-adi is already the newest version.
firmware-ralink is already the newest version.
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:


The following packages have unmet dependencies:
 firmware-misc-nonfree : Breaks: firmware-adi
                         Breaks: firmware-ralink
E: Unable to correct problems, you have held broken packages.
<<< *************************************

(Also, this error repeats itself until I close the window).

Hello, I have a problem in my iptables

# iptables-save 
# Generated by iptables-save v1.4.21 on Thu Apr 27 10:11:38 2017 
*nat 
:PREROUTING ACCEPT [8164:549328] 
:INPUT ACCEPT [6700:449683] 
:OUTPUT ACCEPT [3095:230688] 
:POSTROUTING ACCEPT [3085:230256] 
-A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 192.168.1.175 
-A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 192.168.2.157 
-A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 192.168.2.157 
COMMIT 
# Completed on Thu Apr 27 10:11:38 2017

All those postrouting codes are messing things up. I don't know how they got there, but I suspect that the openmediavault-openvpn puts them there. I have temporarily removed them with the command `# iptables -t nat -F POSTROUTING`but I do not know how to make this change permanent. (For context: OMV used to be 192.168.1.175, but I have since changed my network and it now has the IP address of 192.168.2.157)

I do not see any of these in the webgui section. My "firewall" section of the GUI has no rules populating it, and there's nothing like this in the OpenVPN plugin. I'm not even sure if the openVPN plugin makes this change, but it is the most likely actor responsible.

I've heard that the iptables config resides in `/etc/openmediavault/config.xml` but I don't want to mess with this if I don't have to.

Thanks!

EDIT: SOLVED. I just had to look through my nginx configuration screens and make sure they were exactly set up as in the images.

Quote from tinh_x7

I don't use RPI, can't help you much.
Your error seem to be PHP-FPM related.

Clear out your histories/cookies, and start a fresh NC installation.

Check this out: scalescale.com/tips/nginx/502-bad-gateway-error-using-nginx/

Hey, thank you for this guide!

I started a fresh installation of NC and ran into this same issue. Maybe there is a problem with the php settings?

I followed the link, and found this

> Nginx with PHP-FPM: same as Apache example, let’s imagine your php daemon stop working, or get’s overloaded by requests, it will not work properly and the all the php requests from nginx would not be served, so, a 502 Bad Gateway error will appear. How to fix it? Restart php-fpm daemon and check the logs.

I was wondering what is the best way to restart php-fpm, check the logs, and troubleshoot this?

EDIT: SOLVED. I just had to look through my nginx configuration screens and make sure they were exactly set up as in the images

Quote from tekkb

PS- The OpenVPN mobile app is called OpenVPN Connect (in the Google Play Store). You have to get the zipped cert file on your phone, unzip it and then import it. The is a drop down to import in that app. You can guide it to where you have those files.

When I download the zipped file, it unzips to be a .crt file. But the OpenVPN clients all want .ovpn files. What am I doing wrong?

EDIT: I realized the zip contains ALL the needed files after all.

I can access OMV shares from Windows by directly connecting, but the server and the folders do not "show up" in Windows Explorer. Is that expected behavior, and is there a guide to walk through that process?

Thanks for your help -- I just didn't know how to enable the *testing* repo of OMV extras, but figured out how. I'm installing fail2ban now, via the GUI.

To enable the testing repo of OMV-extras, just need to go to "OMV-extras" on the webgui and there is an option to enable it.

Thanks!

P.S. The output of the code is now:

$ apt-cache policy openmediavault-fail2ban
openmediavault-fail2ban:
  Installed: 1.3.1
  Candidate: 1.3.1
  Version table:
 *** 1.3.1 0
        500 https://dl.bintray.com/openmediavault-plugin-developers/erasmus-testing/ jessie/main amd64 Packages
        100 /var/lib/dpkg/status
     1.3.0 0
        500 https://dl.bintray.com/openmediavault-plugin-developers/erasmus-testing/ jessie/main amd64 Packages

Yes, I do, and have OpenVPN installed, for example.

What is the most OMV-friendly way to install fail2ban currently? It's not showing up in the plugins list.

Thanks

I have three questions related to setting up OpenVPN:

1. For the DNS server section, is that used to assign the vpn client an internal IP address? I have a pi-hole DNS server running on the network at 192.168.1.185. Could I put that as the DNS server?

2. I got this warning in the OpenVPN logs. Is there any way to take this problem into account without messing with the IP addresses of my LAN?

NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.

3. My friend told me that security best practices are setting up a firewall to autoblock IP addresses after 3 failed login attempts. Can I accomplish that from within the webgui, or do I use the CLI for that?

Thanks!

When I tried this in OMV 3.0 I followed the same steps, but got an error after applying the "secure connection portion.

Here is the error:

Error #0:
exception 'OMV\ExecException' with message 'Failed to execute command 'export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; systemctl restart nginx 2>&1' with exit code '1': Job for nginx.service canceled.' in /usr/share/php/openmediavault/system/process.inc:175
Stack trace:
#0 /usr/share/php/openmediavault/system/systemctl.inc(83): OMV\System\Process->execute(Array, 1)
#1 /usr/share/php/openmediavault/system/systemctl.inc(154): OMV\System\SystemCtl->exec('restart', NULL, false)
#2 /usr/share/openmediavault/engined/module/webserver.inc(48): OMV\System\SystemCtl->restart()
#3 /usr/share/openmediavault/engined/rpc/config.inc(189): OMVModuleNginxAbstract->startService()
#4 [internal function]: OMVRpcServiceConfig->applyChanges(Array, Array)
#5 /usr/share/php/openmediavault/rpc/serviceabstract.inc(124): call_user_func_array(Array, Array)
#6 /usr/share/php/openmediavault/rpc/serviceabstract.inc(150): OMV\Rpc\ServiceAbstract->callMethod('applyChanges', Array, Array)
#7 /usr/share/php/openmediavault/rpc/serviceabstract.inc(528): OMV\Rpc\ServiceAbstract->OMV\Rpc\{closure}('/tmp/bgstatuspn...', '/tmp/bgoutputIn...')
#8 /usr/share/php/openmediavault/rpc/serviceabstract.inc(151): OMV\Rpc\ServiceAbstract->execBgProc(Object(Closure))
#9 /usr/share/openmediavault/engined/rpc/config.inc(208): OMV\Rpc\ServiceAbstract->callMethodBg('applyChanges', Array, Array)
#10 [internal function]: OMVRpcServiceConfig->applyChangesBg(Array, Array)
#11 /usr/share/php/openmediavault/rpc/serviceabstract.inc(124): call_user_func_array(Array, Array)
#12 /usr/share/php/openmediavault/rpc/rpc.inc(86): OMV\Rpc\ServiceAbstract->callMethod('applyChangesBg', Array, Array)
#13 /usr/sbin/omv-engined(536): OMV\Rpc\Rpc::call('Config', 'applyChangesBg', Array, Array, 1)
#14 {main}

Is there a way in webgui to configure when the hard drives spin down, or do you have to install hd-idle?

Quote from ryecoaaron

(admin cannot login locally because the shell is set to /usr/sbin/nologin

I think I understand now. This is the "admin:openmediavault" account for webgui. I thought you meant admin like administrator or root account, which can login locally.

And just so you know, if you use the OMV ISO and don't create a root account, the installer creates a user account with sudo powers, and you can login locally with that account. So it is still possible to login locally.

Sorry for the confusion, and thanks for helping.

Quote from subzero79

Privileges password protect shares (ftp and samba) or you might wanna use home folders. Is up to you

Hi subzero
Where does the system put the home folders -- or does it give you the choice where to store them?

Hey, I posted that and I did get an answer for that part of the question.

I'm still curious if this OMV 1.0 guide is still good for 2 and 3, or if they are significantly different.

Quote from davidh2k

It needs to be in the ssh group to be able to ssh into the system. You also need to add the sudo group.

Then you can login with that user and just execute any command with sudo command.

Greetings
David

Thanks David! Should I be concerned with any of the other groups, as they pertain to OMV? Like the sambashare group or the adm group?

I'm wary about working in a root shell, and want to set up a sudoer account to SSH into, so I don't accidentally make a typo that messes up the system. I've heard from various people that the more you do through the webgui, the better. But I know there are some things you need SSH for.

So,
What's the preferred OMV way for creating an admin account that can sudo? Specifically, which groups should the new admin account belong to, so that it can SSH and administer the system like root would?

Does this guide still apply in OMV 2 and OMV 3?

Also, I'd like to make a new sudo account to SSH into so I'm not logged in as root, where I can accidentally mess things up. Is there a preferred "OMV" way of doing this, or should I follow Debian guides?

I'm mainly wondering what groups the new sudo user should belong to.

Thanks!

Quote from ryecoaaron

When you select every package in the web interface, it tries to install every one of those packages. It does not execute and apt-get upgrade or dist-upgrade which knows how to deal with dependencies and removes old packages while installing new packages. So, this isn't really a bug because it is doing exactly what you are telling it to do - install the packages it wants to uninstall. That is why it works deselecting those two packages. There is no way to fix this. I suggested adding an update all packages button which would work but someone would still select all packages then click install and have a failure.

If you don't enter a root password during install, how do you login with root/password after it boots?

For the software update button, what you describe would be very useful! I ended up running apt update & upgrade from the CLI.

On my first installation without root, I logged in with username/password. I recently reinstalled, this time with a root password. So now I can login with root/password. Should I not be able to?