65 lines
1.7 KiB
Markdown
65 lines
1.7 KiB
Markdown
+++
|
|
date = 2013-03-03T00:00:00+00:00
|
|
title = "Synology DS123 Hacking"
|
|
+++
|
|
|
|
Links
|
|
|
|
- [SynoCommunity](http://www.synocommunity.com/)
|
|
- [Optware](http://www.nslu2-linux.org/wiki/Optware/HomePage/)
|
|
|
|
What's running
|
|
|
|
## The usuals
|
|
|
|
- cron
|
|
- inetd
|
|
- syslogd
|
|
- rsyslogd
|
|
- hotplugd
|
|
|
|
## Services
|
|
|
|
- ntpd
|
|
- sshd
|
|
- Apache httpd 2.2.22
|
|
- postgres
|
|
- cupsd
|
|
- Sambda nmbd / smbd
|
|
- snmpd
|
|
- avahi-daemon
|
|
- lighttpd for MediaServer
|
|
|
|
## Layout
|
|
|
|
Generally under `/usr/syno` with one directory per package. Some in the
|
|
usual UNIX `bin` etc.
|
|
|
|
## Installing Debian
|
|
|
|
SynoCommunity provide a chroot package that can be installed from the
|
|
DSM. It needs a little bit of work past there. Some incomplete notes:
|
|
|
|
- `admin` and `root` have the same password, but only `root` can `su;
|
|
chroot`
|
|
- The chroot ended up in
|
|
`/volume1/@appstore/debian-chroot/var/chroottarget`
|
|
- Create the user and role account through DSM first
|
|
- Copy into the chroot `passwd` and `shadow` - don't overwrite
|
|
- Bind mount `/volume1/homes` (`/var/services/homes`)
|
|
- Bind mount `/dev`, `/dev/pts`, and `/proc` for sshd to work
|
|
- Run `sshd` inside the chroot to get direct, non-root access. Use a
|
|
different port in `/etc/ssh/sshd_config`
|
|
- Change `/etc/apt/sources.list` to testing only. Drop the pinning in
|
|
`/etc/apt/preferences`
|
|
|
|
A bit of hacking later, it seems that the scripts can do most of this
|
|
for you. `/var/packages/debian-chroot/scripts/start-stop-status` will do
|
|
the bind mounts (except /home). The Services tab lets you start and
|
|
monitor the ssh server from DSM.
|
|
|
|
Next question is should I run everything inside the chroot or try to use
|
|
the built-in basic services? The router will hide the port number
|
|
differences.
|
|
|