9.2.1.6 ERRATA

From Freenas
Revision as of 17:15, 15 July 2014 by Dru (Talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Several items have changed since 9.2.1 due to various bug fixes. There were six bug fix releases between FreeNAS® 9.2.1 and 9.2.1.6, where:

This section provides an errata of screens and features that differ from the 9.2.1 Users Guide.

Contents

Section 1.1 What's New Since 9.2.1

  • Samba has been updated to version 4.1.9 which addresses the following security vulnerabilities: CVE-2014-0244, CVE-2014-3493, CVE-2014-0239, and CVE-2014-0178.
  • Pre-made VMDK images are now available from the FreeNAS® download page.
  • *.usb files are now available from the FreeNAS® download page. These files can be either burned to CD (like an .iso file) or written directly to USB (like an .img file).
  • "System Dataset" has been added as the fifth tab in System → Settings.
  • A "Media Status" column has been added to Network → Interfaces → View Interfaces.
  • A "Share type" drop-down menu has been added to the Storage → Volumes → Create ZFS Dataset screen.
  • The "Database Path" field has been removed from the Sharing → Apple (AFP) Shares → Add Apple (AFP) Share screen and added to the Services → AFP screen.
  • The "Apply Default Permissions" checkbox has been added to Sharing → Windows (CIFS) Shares → Add Windows (CIFS) Share.
  • The "Use syslog", "Server minimum protocol", "Server maximum protocol", and "Allow execute always" fields have been added to Services → CIFS. The "Authentication Model" field has been removed from as Anonymous is not a valid setting for Samba4. Instead Local User is used unless the system is joined to an Active Directory domain. The "EA Support" and "Support DOS File Attributes" fields have been removed as they are deprecated in Samba4.
  • The location of the SSL certificate of the LDAP server can now be browsed to in the "Self signed certificate" field of Services → Directory Services → LDAP.
  • The "Enable experimental target" checkbox has been added to Services → iSCSI → Target Global Configuration. This allows beta testers to use the experimental kernel iSCSI which adds support for Windows 2012 clustering. Checking this box requires the system to be rebooted.
  • The "Enable multithreaded mode" checkbox has been added to Services → iSCSI → Target Global Configuration.
  • The ability to specify a "LUN ID" has been added to Services → iSCSI → Add Target / Extent.
  • The "VirtualBox" jail type has been added which will create a jail with phpVirtualBox installed. Once installed, input the IP address of the VirtualBox jail into a browser and enter the username and password of admin in the login screen.
  • The Alert system will provide a warning if the ZFS volume's capacity reaches 80% and will report a critical error if the ZFS volume's capacity reaches 90%.
  • The zsh shell has been added to the base system.

Section 2.1 Getting FreeNAS®

FreeNAS® 9.2.1.6 can be downloaded from the download page of the FreeNAS® website.

Section 2.2.1.1 Creating the Virtual Machine

  • VMDK: select this option if you downloaded the the .vmdk.xz file. This file must first be decompressed using xzcat or 7-Zip so that it ends in a .vmdk extension. This option can also be used when a .img file is converted to VMDK format using the instructions in Running FreeNAS® from a USB Image.

Section 2.3 Installing from CDROM

If you prefer to install FreeNAS® using a menu-driven installer, download the ISO or USB image that matches the architecture of the system you will install onto (32- or 64-bit) and burn it to a CDROM.

Section 2.4 Burning an IMG File

NOTE: You can also write the .usb file to a USB thumbdrive. Since this file is not compressed, it does not need to be uncompressed first using xzcat or 7-Zip. When using dd, the command shown in the examples will change to:

dd if=FreeNAS-9.2.1.6-RELEASE-x64.usb of=/dev/da0 bs=64k

Section 2.6.1 Preparing for the Upgrade

1. Download the .iso, .usb, or .txz file that matches the system's architecture to the computer that you use to access the FreeNAS® system.

Section 2.6.2 Using the ISO to Upgrade

Burn the downloaded .iso or .usb file to a CDROM.

Section 3.1.2 Set the Administrative Email Address

Remove the last line in the first paragraph.

Section 3.2.2 Users

Figure 3.2d: Managing User Accounts

Figure32d.png

If you click a user account, the following buttons will appear for that account:

  • Modify User: used to modify the account's settings, as listed in Table 3.2b.
  • Change E-mail: used to change the email address associated with the account.

Section 4.6.5 System Dataset Tab

The System Dataset tab, shown in Figure 4.6e, is used to select the pool which will contain the persistent system dataset. The system dataset stores debugging core files and Samba4 metadata such as the user/group cache and share level permissions. If the FreeNAS® system is configured to be a Domain Controller, all of the domain controller state is stored there as well, including domain controller users and groups.

The system dataset can optionally be configured to also store the system log and the Reporting information. If there are lots of log entries or reporting information, moving these to the system dataset will prevent /var/ from filling up as /var/ has limited space.

Figure 4.6e: System Dataset Tab

Figure46e.png

Use the drop-down menu to select the ZFS volume (pool) to contain the system dataset.

To also store the system log on the system dataset, check the "Syslog" box.

To also store the reporting information, check the "Reporting Database" box.

If you change the pool storing the system dataset at a later time, FreeNAS® will automatically migrate the existing data in the system dataset to the new location.

Section 6.3.6 Creating ZFS Datasets

Figure 6.3i: Creating a ZFS Dataset

Figure63i.png

Extra entry to Table 6.3d: ZFS Dataset Options:

Setting Value Description
Share type drop-down menu select the type of share that will be used on the dataset; choices are UNIX for an NFS share, Windows for a CIFS share, or Mac for an AFP share

Section 6.3.10 Setting Permissions

Figure 6.3q: Changing Permissions on a Volume or Dataset

Figure63q.png

Section 7.1.1 Creating AFP Shares

Figure 7.1a: Creating an AFP Share

Figure71a.png

The entry for "Database Path" has been removed from Table 7.1a: AFP Share Configuration Options.

Section 7.1.3 Using Time Machine

In step 4, remove this line:

  • Server name: freenas

Section 7.3.1 Creating CIFS Shares

The manual page for the Samba4 version of smb.conf(5) is http://www.sloop.net/smb.conf.html.

Figure 7.3a: Adding a CIFS Share

Figure73a.png

Add the following entry to Table 7.3a: Options for a CIFS Share:

Setting Value Description
Apply Default Permissions checkbox sets the ACLs to allow read/write for owner/group and read-only for others; should only be unchecked when creating a share on a system that already has custom ACLs set

Remove the following deprecated entries from Table 7.3a: Options for a CIFS Share:

  • Inherit Owner
  • Inherit Permissions

Section 7.3.2 Configuring Anonymous Access

In Step 4, remove this bullet:

  • Authentication Model: Anonymous

Section 7.3.3 Configuring Authenticated Access

First sentence changed to: If you would like each user to authenticate before accessing the CIFS share, configure the share as follows:

Remove the first bullet for "Authentication Model" in Step 5.

Section 8.2 AFP

Figure 8.2a: AFP Configuration

Figure82a.png

Add this entry to Table 8.2a: AFP Configuration Options

Setting Value Description
Database Path string specify the path to store the CNID databases used by AFP (default is the root of the volume); the path must be writable

Section 8.3 CIFS

Figure 8.3a: Configuring CIFS

Figure83a.png

Remove these entries from Table 8.3a: CIFS Configuration Options:

  • Authentication Model
  • EA Support
  • Support DOS File Attributes

Add these entries to Table 8.3a: CIFS Configuration Options:

Setting Value Description
Use syslog checkbox logs most events to syslog instead of the samba log files
Server minimum protocol drop-down menu the minimum protocol version the server will support where the default of ------ sets automatic negotiation; refer to Table 8.3b for descriptions
Server maximum protocol drop-down menu the maximum protocol version the server will support; refer to Table 8.3b for descriptions
Allow execute always checkbox if checked, Samba will allow the user to execute a file, even if that user's permissions are not set to execute

Add new table:

Table 8.3b: Description of SMB Protocol Versions

Value Description
CORE used by DOS
COREPLUS used by DOS
LANMAN1 used by Windows for Workgroups, OS/2, and Windows 9x
LANMAN2 used by Windows for Workgroups, OS/2, and Windows 9x
NT1 used by Windows NT
SMB2 used by Windows 7; same as SMB2_10
SMB2_02 used by Windows Vista
SMB2_10 used by Windows 7
SMB2_22 used by early Windows 8
SMB2_24 used by Windows 8 beta
SMB3 used by Windows 8
SMB3_00 used by Windows 8, mostly the same as SMB2_24

NOTE: Windows 8.1 and Windows Server 2012 R2 use SMB3.02 which is not yet supported by Samba.

Section 8.3.1 Troubleshooting Tips

Change testparm command to:

testparm /usr/local/etc/smb4.conf

Add the following tips:

If clients have problems connecting to the CIFS share, go to Services → CIFS and verify that "Server maximum protocol" is set to "SMB2".

It is recommended to use a dataset for CIFS sharing. When creating the dataset, make sure that the "Share type" is set to Windows.

Do not use chmod to attempt to fix the permissions on a CIFS share as it destroys the Windows ACLs. The correct way to manage permissions on a CIFS share is to manage the share security from a Windows system as either the owner of the share or a member of the group the share is owned by. To do so, right-click on the share, click "Properties" and navigate to the "Security" tab. If you already destroyed the ACLs using chmod, winacl can be used to fix them. Type winacl from Shell for usage instructions.

Section 8.7.5 Target Global Configuration

Figure 8.7g Target Global Configuration Variables

Figure87g.png

Add the following entries to Table 8.7f: Target Global Configuration Settings:

Setting Value Description
Enable experimental target checkbox this option is for beta testers of kernel iSCSI; requires a reboot
Enable multithreaded mode checkbox do not check as experimental

Section 8.7.7 Target/Extents

Figure 8.7i: Associating iSCSI Targets/Extents

Figure87i.png

Add this entry to Table 8.7g: Target/Extents Configuration Settings:

Setting Value Description
LUN ID drop-down menu specify the ID of the LUN; the default of Auto will select the next available LUN ID, starting at 0

Section 8.12.2 Chrooting Command Line SFTP Users

Figure 8.12b: Permissions Required by SSH Chroot

Figure812b.png

Section 9.1 Installing a FreeNAS® PBI Using Plugins

Figure 9.1a: Using Plugins to Install a PBI

Figure91a.png

Section 9.2 Available FreeNAS® PBIs

Add the following to the list of PBIs:

Remove the following from the list of PBIs:

  • Gamez

Section 10 Jails

Add the following type of jail:

5. VirtualBox jail:

Section 10.2 Adding Jails

Add VirtualBox to the "Description" of "type" in Table 10.2a.

Section 10.3 Jail Templates

Figure 10.3a: Listing of Default Jail Templates

Figure103a.png

Change the bullet on Instances to read:

  • Instances: indicates if the template has been used to create a jail. In this example, one pluginjail, portjail, standard, and debian jail have been created, so their instances show as 1. The rest of the templates have not been used yet so their instances show as 0.

Section 11 Reporting

Change second last paragraph to:

Reporting data is saved, allowing you to view and monitor usage trends over time. By default, reporting data is saved to /data/rrd_dir.tar.bz2 and should be preserved across system upgrades and at shutdown. To instead save this data to the system dataset, check the "Reporting database" box in System → Settings → System Dataset.

Section 12.5 Help

Change bullet for the Bug Tracker to:

  • the Bug Tracker link to the bugs database

Section 13.2 Forums

The "FreeNAS 4 N00bs" forum has been renamed to "New to FreeNAS?".

Section 16.1 Building a Local Copy of the APIs

Add note after first paragraph:

NOTE: an online version of the API is now hosted at api.freenas.org.

Personal tools
Navigation