NASLite Network Attached Storage

Is it possible to get the root password for the system? I'd like to go in a take a look around to see how things are set up. I'd also like to get a look at the script that executes when logging in as the NASlite+ admin user.

Thanks!

There is no root account, the admin user is essentially root.

Technically, that might be true. The “admin” user may be assigned UID 0 like the root account but after having worked at Bell Labs with UNIX since 1977, I know that no one releases a system without a root account and a password associated with that account, or some other means of getting a root shell.

The “admin” user for NASlite+ may have root permissions to execute the limited set of commands the menu provides, or the restricted shell that gets executed by the “admin” user may be set up to execute as root (having the setuid bit turned on and the owner of the script set to root). Regardless of how you do it, I know that the box has a root account and a password associated with it and there is some way of getting a root prompt.

It would be unwise for you, as a development team, to sell a system and not be able to get into the box other that through the "admin" user to perform some type of diagnostics should a customer complain that there is something terribly wrong. Maybe you use some special "cookie" at the command prompt where you enter a particular string of characters and it gets you a root prompt. Whatever it is, you and I both know there is a "backdoor" that let's either you (Ralph) or Tony in to search around and see what's happening.

I am requesting that same type of access.

Hello sanmaster,

It's good to hear from you again.

I'm not sure what exactly is your point. My initial opinion is that you are extremely presumptuous or just plain confused about what the purpose of an embedded OS such as NASLite really is. Without entering into a long-winded discussion regarding our design philosophies and methodologies, I'll repeat the answer that Ralph provided:

"There is no root account, the admin user is essentially root."

I know that the above is not the answer that you want to hear, but from a user standpoint it is accurate. We are well aware of all the "conventional" practices that you outlined in your post. Those are used with conventional distributions, which for some reason you seem to think NASLite should be. Well, it is anything but conventional and those "conventional" practices that you outlined are simply not applicable to NASlite.

As far as diagnostics "should a customer complain that there is something terribly wrong", NASLite is not a diagnostics tool, but an embedded OS. It contains only the mission-critical binary content that is necessary for it to achieve its primary goal of functioning as an automated NAS file server. The only thing that can go terribly wrong would be hardware, at which time one can turn the machine off, troubleshoot the hardware, and reboot the read-only NASLite embedded OS.

Anything above and beyond that will diminish the value and stability gained by simplicity and ease of use designed into the NASLite OS.

I can also assure you that there is no "backdoor". What is the necessity for a “backdoor” when the OS itself is read-only and all shared resources are open and unsecured? I can assure you that root = admin and admin = root. If you can login as root, which I personally can’t, you’ll be greeted by the same menu that you see when you log in as admin. Someone of your extensive background should be very clear on the reasons why.

Hope that makes things clear.

Hi Tony,

It's good to be back and discussing system design with you again


I may be presumptuous and if you ask my wife she'll probably tell you I'm confused but although NASLite appears to be an embedded system, the fact is that NASLite is really a fully capable Linux system rendered impotent by the login shell you've assigned to the admin user account.

I'm certain you were already aware of the points I made in my previous post. I would never question someone's ability with respect to having the knowledge of how to implement a system such as NASLite, but unlike you, I see NASLite as a "conventional" distribution, not an embedded system. Just because the OS is loaded onto a RAM disk instead of a partition on a standard hard drive doesn't make it embedded. It only makes it "read-only" so what would the harm be in having root access? If I had root access and screwed things up I could always reload from my trusty .iso and be on my way again, no harm, no foul.

Now, being a software developer you don't really mean to say this with a straight face, do you?

For who? The person who paid for it and now wants to see "what's under the hood"? I'll resurrect our car analogy again. If I buy a Ford Focus and want to mess around with the engine timing, or reprogram the firmware on the computer that regulates the fuel injector's who's to say I can't do that? Ford was kind enough to supply me with a nice simple interface for operating my vehicle to get me from point A to point B in the easiest, simplest manner with a very stable procedure (just put in the key, turn it, put in gear, go).

There are many books that tell you how to adjust all types of settings in your car. No one tries to hide the system design for my protection. They make this information available to anyone. If you use it and screw it up, oh well, too bad.

No, it is not very clear why. If you are referring to a security issue, I ask "security against who?" Remember, this is a "read-only" embedded system. No security issues here. If it's not security you are implying, then I would like to know what that clear reason is?

I also know that as a good developer (and I believe you are ) you would have some way of getting a root shell on a NASLite box, there is no doubt in my mind about that. You can deny it all you like and try to spin that embedded stuff, but we both know the truth.

One more thing, what the heck does this mean?

I am referring specifically to the phrase "essentially root". That's like saying someone is a little pregnant. Can't be. Either you're pregnant or you're not. In UNIX/Linux, either you're root or not (unless you have discrete privileges )

It would be nice if you would relent and reveal how someone would get a root shell on a NASLite box. But you must admit that the rational you used to justify not doing that doesn't hold water. It appears to be an attitude of "I must do what's best for you and save you from yourself". Kind of like the group of people who want to censor what is or is not allowed on the Internet because they know what's best for me, too.

I'm really perplexed by your relentless attitude of entitlement. What really makes you think that purchasing NASLite should entitle you to anything other than the advertised functionality.

NASLite is a commercial product and not an open source product. Altho it's comprised of open source components, there is a fair number of items that are not open source. You can not have a look under the hood because that's where we put our super-duper secret 1s and 0s that make this particular collection of software items NASLite. In order to ensure that isn't possible, the root login is automatically randomized by the boot process, in addition, it's tied to the menu which happens to be the shell. That way no one, including myself can log in as root.

Since all one can do with the NASLite OS is USE IT, from a user standpoint there is no root account, the admin user is essentially root. What that means, in case I need to further interpret it for you, is that the admin account has all the same privileges that root would have, it's just called admin. Why is that so difficult for you to grasp.

NASLite does not contain most of the command line utilities that you'd expect to see in a "conventional" Linux distribution. There is nothing one can do with NASLite other than use it as NASLite. If you wish to do more, then the sources are available for you to use as you please. You stated in an earlier post that you may opt to do your own NASLite. That's OK with us as long as you don't call it NASlite. That name is allready taken, plus we really really like it

As I stated before, I'd prefer not to enter into a long-winded discussion regarding our design philosophies and methodologies. That said, I am ending this conversation with a smile

Wow! Talk about touching a nerve I must have said something to piss you off because your previous post sounded like you thought you had good points for not entertaining my request and never expected a reply.

It appears that you either agree with my counter-points (hence the rather un-friendly, but carefully couched ("end with a smile"), response) or you feel that my request is way out of line. What piqued my interest was the fact that you and Ralph tried to "worm" around the issue that there is no method of obtaining a root shell on a NASLite box. That's OK, I just object to non-sensical reasons.



As far as my entitlement is concerned, while you give away a "retarded" version of NASLite for free (a commendable action), you also charge for a better functioning system. Since I did, in fact, plunk down some $$ for this product I do feel entitled to certain considerations. Otherwise, why wouldn't I just use the "less-functioning but somewhat capable" version and leave it at that.

I'll state this here for those who may not be familiar with our previous discussions regarding the Samba deficiencies. I like the product. I use the product. I would just like to "examine" the product the way I could any other OS. I don't want the 0's and 1's of your "little secrets" but I would like to have the ability to look at scripts, directories and versions of what you choose to install in your "watered-down" Linux system. I can do this with Windows XP (view .bat files, the registry, directory structure, etc.). It's not clear to me why you don't allow the same courtesy for your product.

Naah sanmaster,

I have two toddler boys that have made sure my nerves are well exercised and in excellent shape, so such topics are hardly causing a ripple.

I do think that your request is out of line. If you ask me a question and I give you an answer, then I expect that you respect that answer. Otherwise, it’s a waste of time for me to respond since any response I provide to you is discarded and you are back to your original point.

Although we are very thankful for your purchase and support, there was no commitment on our part to provide you with anything more than the advertised functionality.

Tony,

I understand that you are reluctant to give access to your system but to be honest, I don't understand why you won't. I'm not trying to be a "hard-ass" here, I just made a simple request based on my knowledge of how things work and you (Ralph) responded essentially with a "no".

Now, that type of answer might satisfy your two toddler boys , but it only tends to make me more inquisitive. You suggest I respect your answer, and I do, but that doesn't mean I have to agree with it. I gave you my reasons why I didn't agree with it. I'm sorry if you view that as "discarding your answer and getting back to my original point".

Your replies lack a sound, solid technical reason for your refusal. If you're going to take such a stance it should be backed up. The answer shouldn't be "No, because!" when an honest request is made.

That was the approach I was taking in explaining my point of view, that is, to back up what I said with technical examples. The only other option I had, after Ralph's original response, was to accept the answer as "law" and retreat back to my little hole in the wall, afraid to voice another opinion. Is this what you expect from your user community? I don't believe it is, but that is the impression you're giving.

Tony,

I understand that you are reluctant to give access to your system but to be honest, I don't understand why you won't. I'm not trying to be a "hard-ass" here, I just made a simple request based on my knowledge of how things work and you (Ralph) responded essentially with a "no".

Now, that type of answer might satisfy your two toddler boys , but it only tends to make me more inquisitive. You suggest I respect your answer, and I do, but that doesn't mean I have to agree with it. I gave you my reasons why I didn't agree with it. I'm sorry if you view that as "discarding your answer and getting back to my original point".

Your replies lack a sound, solid technical reason for your refusal. If you're going to take such a stance it should be backed up. The answer shouldn't be "No, because!" when an honest request is made.

That was the approach I was taking in explaining my point of view, that is, to back up what I said with technical examples. The only other option I had, after Ralph's original response, was to accept the answer as "law" and retreat back to my little hole in the wall, afraid to voice another opinion. Is this what you expect from your user community? I don't believe it is, but that is the impression you're giving.

You are a funny guy sanmaster . I really wish we could share a few drinks and discuss technical issues, rationales and reasons. I really mean that…

Whether you agree with the “no”, or not is not the issue here. You can’t log in as root because there is no way to do it. NASLite is compiled that way and can’t be changed without reworking the product on the source end. I can’t login as root into the NASLite server I’m using. How then do you expect me to satisfy your request to do so?

After telling you that in 5 different flavors, you continue to insist that we are holding back or "worm around the issue" as you put it. My two toddler boys would have gotten the point loud and clear 4 times by now.

Tony,

I, too, would love a chance to sit and chat with you about various issues relating to UNIX/Linux or anything we would care to talk about. But, I guess we're at an impass here (similar to the situation we arrived at with the Samba deficiency issue).

Yes, you have told me that in all of your postings but I hope you listen to your little guys a little better than you appear to be listening to what I'm saying. I believe that there must be a way to get a root prompt. Whether that's from a login prompt (that you insist does not exist) or some other method, I believe the capability exists. Why do I believe this? Because it is common sense to have some method of acquiring root permission on a UNIX/Linux box by the people responsible for the system. Every system I've worked on has provided this capability because humans are prone to error and having the means to correct those errors, if and when they occur, makes for good practice.

You claim otherwise and I have no means (currently) of proving otherwise so I will end my participation in this thread. My request has brought me to yet another dead end in this forum.

By the way, any ETA for 2.x

Although I hate answering questions with questions, if there was root access, and thier isn't, what exactly are you going to do?

look at the scripts and directories? How? there's no shell bin, and vi,ls,ps shell commands? whats your next move? are you going to compile your own? and link them against what? now how are you going to insert them in to the system path if you do?

Please explain, if your able to do this, then you should already be doing it with the admin user, looking at the directories, scripts etc.


>Because it is common sense to have some method of acquiring root >permission on a UNIX/Linux box by the people responsible for the >system.

Go after these people to, I haven't been able to get root access or a shell to my dvd player from them that uses linux as well. The list goes on.

http://www.kiss-technology.com/

Whatever I can depending on the commands that you and Tony have left on the system.

Does "ed" still exist? There has to be some type of editor available so you can create/modify/copy the configuration file that gets written with the user supplied information. If you do it through some executable program, that would be fun to examine as well.

Ah, but your DVD player is a true embedded system. They supplied you the hardware and whatever supporting software you need to perform your task. NASLite, as discussed previously, is not an embedded OS. It is strictly a watered down version of a fully capable Linux system. Because you and Tony tried to position it as an embedded system doesn't mean it is. By the way, did you ask them for root access?

One other thing, if there is no shell binary what do you use to execute your commands? There has to be some type of command line interpreter to execute commands found in the admin menu.

>Whatever I can depending on the commands that you and Tony have >left >on the system.

As we have said before, there are none of the conventional binaries.

>Does "ed" still exist? There has to be some type of editor available so >you >can create/modify/copy the configuration file that

No it's not there, if you look at the source code, which is freely available, you'll see whats being used. BusyBox is the command shell.