Several items have changed since 9.2.1 due to various bug fixes. There were six bug fix releases between FreeNAS® 9.2.1 and 184.108.40.206, where:
- 220.127.116.11 fixed this list of bugs,
- 18.104.22.168 fixed this list of bugs,
- 22.214.171.124 fixed this list of bugs,
- 126.96.36.199 fixed this list of bugs,
- 188.8.131.52 fixed this list of bugs, and
- 184.108.40.206 fixed this list of bugs.
This section provides an errata of screens and features that differ from the 9.2.1 Users Guide.
Section 1.1 What's New Since 9.2.1
- Samba has been updated to version 4.1.9 which addresses the following security vulnerabilities: CVE-2014-0244, CVE-2014-3493, CVE-2014-0239, and CVE-2014-0178.
- Netatalk upgraded to version 3.1.2.
- Pre-made VMDK images are now available from the FreeNAS® download page.
- *.usb files are now available from the FreeNAS® download page. These files can be either burned to CD (like an .iso file) or written directly to USB (like an .img file).
- "System Dataset" has been added as the fifth tab in System → Settings.
- A "Media Status" column has been added to Network → Interfaces → View Interfaces.
- A "Share type" drop-down menu has been added to the Storage → Volumes → Create ZFS Dataset screen.
- The "Database Path" field has been removed from the Sharing → Apple (AFP) Shares → Add Apple (AFP) Share screen and added to the Services → AFP screen.
- The "Apply Default Permissions" checkbox has been added to Sharing → Windows (CIFS) Shares → Add Windows (CIFS) Share.
- The "Use syslog", "Server minimum protocol", "Server maximum protocol", and "Allow execute always" fields have been added to Services → CIFS. The "Authentication Model" field has been removed from as Anonymous is not a valid setting for Samba4. Instead Local User is used unless the system is joined to an Active Directory domain. The "EA Support" and "Support DOS File Attributes" fields have been removed as they are deprecated in Samba4.
- The location of the SSL certificate of the LDAP server can now be browsed to in the "Self signed certificate" field of Services → Directory Services → LDAP.
- The "Enable experimental target" checkbox has been added to Services → iSCSI → Target Global Configuration. This allows beta testers to use the experimental kernel iSCSI which adds support for Windows 2012 clustering. Checking this box requires the system to be rebooted.
- The "Enable multithreaded mode" checkbox has been added to Services → iSCSI → Target Global Configuration.
- The ability to specify a "LUN ID" has been added to Services → iSCSI → Add Target / Extent.
- The "VirtualBox" jail type has been added which will create a jail with phpVirtualBox installed. Once installed, input the IP address of the VirtualBox jail into a browser and enter the username and password of admin in the login screen.
- The Alert system will provide a warning if the ZFS volume's capacity reaches 80% and will report a critical error if the ZFS volume's capacity reaches 90%.
- The zsh shell has been added to the base system.
Section 2.1 Getting FreeNAS®
FreeNAS® 220.127.116.11 can be downloaded from the download page of the FreeNAS® website.
- USB Image: this file ends in a .usb extension and can either be written to CDROM as described in Installing from CDROM or written to a USB device as described in Burning an IMG File.
Section 18.104.22.168 Creating the Virtual Machine
- VMDK: select this option if you downloaded the the .vmdk.xz file. This file must first be decompressed using xzcat or 7-Zip so that it ends in a .vmdk extension. This option can also be used when a .img file is converted to VMDK format using the instructions in Running FreeNAS® from a USB Image.
Section 2.3 Installing from CDROM
If you prefer to install FreeNAS® using a menu-driven installer, download the ISO or USB image that matches the architecture of the system you will install onto (32- or 64-bit) and burn it to a CDROM.
Section 2.4 Burning an IMG File
NOTE: You can also write the .usb file to a USB thumbdrive. Since this file is not compressed, it does not need to be uncompressed first using xzcat or 7-Zip. When using dd, the command shown in the examples will change to:
dd if=FreeNAS-22.214.171.124-RELEASE-x64.usb of=/dev/da0 bs=64k
Section 2.6.1 Preparing for the Upgrade
1. Download the .iso, .usb, or .txz file that matches the system's architecture to the computer that you use to access the FreeNAS® system.
Section 2.6.2 Using the ISO to Upgrade
Burn the downloaded .iso or .usb file to a CDROM.
Section 3.1.2 Set the Administrative Email Address
Remove the last line in the first paragraph.
Section 3.2.2 Users
Figure 3.2d: Managing User Accounts
If you click a user account, the following buttons will appear for that account:
- Modify User: used to modify the account's settings, as listed in Table 3.2b.
- Change E-mail: used to change the email address associated with the account.
Section 4.6.5 System Dataset Tab
The System Dataset tab, shown in Figure 4.6e, is used to select the pool which will contain the persistent system dataset. The system dataset stores debugging core files and Samba4 metadata such as the user/group cache and share level permissions. If the FreeNAS® system is configured to be a Domain Controller, all of the domain controller state is stored there as well, including domain controller users and groups.
The system dataset can optionally be configured to also store the system log and the Reporting information. If there are lots of log entries or reporting information, moving these to the system dataset will prevent /var/ from filling up as /var/ has limited space.
Figure 4.6e: System Dataset Tab
Use the drop-down menu to select the ZFS volume (pool) to contain the system dataset.
To also store the system log on the system dataset, check the "Syslog" box.
To also store the reporting information, check the "Reporting Database" box.
If you change the pool storing the system dataset at a later time, FreeNAS® will automatically migrate the existing data in the system dataset to the new location.
Section 6.3.6 Creating ZFS Datasets
Figure 6.3i: Creating a ZFS Dataset
Extra entry to Table 6.3d: ZFS Dataset Options:
|Share type||drop-down menu||select the type of share that will be used on the dataset; choices are UNIX for an NFS share, Windows for a CIFS share, or Mac for an AFP share|
Section 6.3.10 Setting Permissions
Figure 6.3q: Changing Permissions on a Volume or Dataset
Figure 7.1a: Creating an AFP Share
The entry for "Database Path" has been removed from Table 7.1a: AFP Share Configuration Options.
Section 7.1.3 Using Time Machine
In step 4, remove this line:
- Server name: freenas
The manual page for the Samba4 version of smb.conf(5) is http://www.sloop.net/smb.conf.html.
Figure 7.3a: Adding a CIFS Share
Add the following entry to Table 7.3a: Options for a CIFS Share:
|Apply Default Permissions||checkbox||sets the ACLs to allow read/write for owner/group and read-only for others; should only be unchecked when creating a share on a system that already has custom ACLs set|
Remove the following deprecated entries from Table 7.3a: Options for a CIFS Share:
- Inherit Owner
- Inherit Permissions
Section 7.3.2 Configuring Anonymous Access
In Step 4, remove this bullet:
- Authentication Model: Anonymous
Section 7.3.3 Configuring Authenticated Access
First sentence changed to: If you would like each user to authenticate before accessing the CIFS share, configure the share as follows:
Remove the first bullet for "Authentication Model" in Step 5.
Section 8.2 AFP
Figure 8.2a: AFP Configuration
Add this entry to Table 8.2a: AFP Configuration Options
|Database Path||string||specify the path to store the CNID databases used by AFP (default is the root of the volume); the path must be writable|
Section 8.3 CIFS
Figure 8.3a: Configuring CIFS
Remove these entries from Table 8.3a: CIFS Configuration Options:
- Authentication Model
- EA Support
- Support DOS File Attributes
Add these entries to Table 8.3a: CIFS Configuration Options:
|Use syslog||checkbox||logs most events to syslog instead of the samba log files|
|Server minimum protocol||drop-down menu||the minimum protocol version the server will support where the default of ------ sets automatic negotiation; refer to Table 8.3b for descriptions|
|Server maximum protocol||drop-down menu||the maximum protocol version the server will support; refer to Table 8.3b for descriptions|
|Allow execute always||checkbox||if checked, Samba will allow the user to execute a file, even if that user's permissions are not set to execute|
Add new table:
Table 8.3b: Description of SMB Protocol Versions
|CORE||used by DOS|
|COREPLUS||used by DOS|
|LANMAN1||used by Windows for Workgroups, OS/2, and Windows 9x|
|LANMAN2||used by Windows for Workgroups, OS/2, and Windows 9x|
|NT1||used by Windows NT|
|SMB2||used by Windows 7; same as SMB2_10|
|SMB2_02||used by Windows Vista|
|SMB2_10||used by Windows 7|
|SMB2_22||used by early Windows 8|
|SMB2_24||used by Windows 8 beta|
|SMB3||used by Windows 8|
|SMB3_00||used by Windows 8, mostly the same as SMB2_24|
NOTE: Windows 8.1 and Windows Server 2012 R2 use SMB3.02 which is not yet supported by Samba.
Section 8.3.1 Troubleshooting Tips
Change testparm command to:
Add the following tips:
If clients have problems connecting to the CIFS share, go to Services → CIFS and verify that "Server maximum protocol" is set to "SMB2".
It is recommended to use a dataset for CIFS sharing. When creating the dataset, make sure that the "Share type" is set to Windows.
Do not use chmod to attempt to fix the permissions on a CIFS share as it destroys the Windows ACLs. The correct way to manage permissions on a CIFS share is to manage the share security from a Windows system as either the owner of the share or a member of the group the share is owned by. To do so, right-click on the share, click "Properties" and navigate to the "Security" tab. If you already destroyed the ACLs using chmod, winacl can be used to fix them. Type winacl from Shell for usage instructions.
Section 8.7.5 Target Global Configuration
Figure 8.7g Target Global Configuration Variables
Add the following entries to Table 8.7f: Target Global Configuration Settings:
|Enable experimental target||checkbox||this option is for beta testers of kernel iSCSI; requires a reboot|
|Enable multithreaded mode||checkbox||do not check as experimental|
Section 8.7.7 Target/Extents
Figure 8.7i: Associating iSCSI Targets/Extents
Add this entry to Table 8.7g: Target/Extents Configuration Settings:
|LUN ID||drop-down menu||specify the ID of the LUN; the default of Auto will select the next available LUN ID, starting at 0|
Section 8.12.2 Chrooting Command Line SFTP Users
Figure 8.12b: Permissions Required by SSH Chroot
Section 9.1 Installing a FreeNAS® PBI Using Plugins
Figure 9.1a: Using Plugins to Install a PBI
Section 9.2 Available FreeNAS® PBIs
Add the following to the list of PBIs:
Remove the following from the list of PBIs:
Section 10 Jails
Add the following type of jail:
5. VirtualBox jail:
Section 10.2 Adding Jails
Add VirtualBox to the "Description" of "type" in Table 10.2a.
Section 10.3 Jail Templates
Figure 10.3a: Listing of Default Jail Templates
Change the bullet on Instances to read:
- Instances: indicates if the template has been used to create a jail. In this example, one pluginjail, portjail, standard, and debian jail have been created, so their instances show as 1. The rest of the templates have not been used yet so their instances show as 0.
Section 11 Reporting
Change second last paragraph to:
Reporting data is saved, allowing you to view and monitor usage trends over time. By default, reporting data is saved to /data/rrd_dir.tar.bz2 and should be preserved across system upgrades and at shutdown. To instead save this data to the system dataset, check the "Reporting database" box in System → Settings → System Dataset.
Section 12.5 Help
Change bullet for the Bug Tracker to:
- the Bug Tracker link to the bugs database
Section 13.2 Forums
The "FreeNAS 4 N00bs" forum has been renamed to "New to FreeNAS?".
Section 16.1 Building a Local Copy of the APIs
Add note after first paragraph:
NOTE: an online version of the API is now hosted at api.freenas.org.