Kanedo

How to hide your XPEnoboot USB drive from DSM

Recommended Posts

For anyone using xpenoboot on a USB stick, you may be aware that this boot-loader USB stick is mounted and visible within DSM.

 

On Xpenoboot, it is by default enumerated as /dev/sdu. The partition /dev/sdu1 is mount on /volumeUSB1/usbshare.

 

On a real Synology system, there is also a USB bootdrive embedded inside the chassis. However, I believe there is some check for specific VID/PID during the boot process that prevents a specific Synology USB bootdrive device from being enumerated.

 

I know you can go and click unmount within DSM after it boots. That's not what I am asking. Unmounting it within DSM does not change the fact the USB stick is still /dev/sdu.

 

I would also like to have my system boot up without enumeration of this USB bootdrive at all. Does anyone know a way?

Edited by Guest

Share this post


Link to post
Share on other sites

Okay I just found the solution. Haha!

 

modify syslinux.cfg on your boot loader and assign the vid and pid boot parameters to the vid/pid of your usb stick.

 

To obtain the VID and PID of your USB stick, enter the following command as an admin user

cat /proc/bus/usb/devices |grep -e "^$" -e"Vendor" -e "Manufacturer" -e "Product"

 

Mine would return something like this for my Kingston USB stick.

...
...
P:  Vendor=0951 ProdID=1607 Rev= 2.00
S:  Manufacturer=Kingston
S:  Product=DataTraveler 2.0
...
...

 

In my case, my Kingston USB stick's VID is 0x0951 and PID is 0x1607

 

Now, go and edit syslinux.cfg on your xpenoboot usb stick, and modify the "vid" and "pid" values on each of the "APPEND" lines with the values of your USB stick.

 

Sample snippet of my syslinux.cfg with VID set to 0x0951 and PID set to 0x1607 for my Kingston USB stick


LABEL xpenology
      MENU LABEL XPEnology DSM 5.2-5565
      KERNEL /zImage
      APPEND root=/dev/md0 ihd_num=0 netif_num=4 syno_hw_version=DS3615xs sn=B3J4N01003 vid=0x0951 pid=0x1607 loglevel=0 vga=0x305

 

Save your changes and reboot the system.

 

If done correctly, your USB device will no longer be enumerated as /dev/sdu, and will not be auto-mounted in DSM. Instead, it should be enumerated as /dev/synoboot.

 

Diskstation> parted -l 2> /dev/null |grep "^Disk /dev/s"
Disk /dev/sda: 2000GB
Disk /dev/sdb: 2000GB
Disk /dev/sdc: 2000GB
Disk /dev/sdd: 2000GB
Disk /dev/sde: 2000GB
Disk /dev/sdf: 2000GB
Disk /dev/sdg: 2000GB
Disk /dev/sdh: 2000GB
Disk /dev/sdi: 2000GB
Disk /dev/sdj: 2000GB
Disk /dev/sdk: 1500GB
Disk /dev/synoboot: 4022MB

 

At any point, you can still manually mount the USB stick.

 

December 6th, 2015 - Updated mounting instruction for 5.1

IMPORTANT: Make sure you cd into /dev first, and then mount synoboot1

Diskstation> mkdir -p /mountMe
Diskstation> cd /dev
Diskstation> mount -t vfat synoboot1 /mountMe

 

December 6th, 2015 - Updated mounting instruction for 5.2

See viewtopic.php?f=2&t=5605&p=49332#p49332

Edited by Guest

Share this post


Link to post
Share on other sites

Thanks for the solution! :smile:

I will try it and give feedback.

 

EDIT:

Yeah, it works very well!! :grin:

Very good work as it makes the usb-unmount-script obsolete.

Share this post


Link to post
Share on other sites

I discovered only one little problem => manual mounting of the usb-stick doesn't work at my installation:

 

DiskStation> mount -t vfat /dev/synoboot1 /volumeUSB1
mount: mounting /dev/synoboot1 on /volumeUSB1 failed: Invalid argument

 

But this is not critical for me. I will investigate this later.

Share this post


Link to post
Share on other sites
I discovered only one little problem => manual mounting of the usb-stick doesn't work at my installation:

 

DiskStation> mount -t vfat /dev/synoboot1 /volumeUSB1
mount: mounting /dev/synoboot1 on /volumeUSB1 failed: Invalid argument

 

But this is not critical for me. I will investigate this later.

 

 

You probably don't have "volumeUSB1" folder. You can just create one

Diskstation> mkdir /volumeFoobar
Diskstation> mount -t vfat /dev/synoboot1 /volumeFoobar

 

UPDATE: Please follow my updated mounting instruction on second post

Edited by Guest

Share this post


Link to post
Share on other sites

Hallo Kanedo,

 

thank you for the tutorial.

I'am using XPenology on my HP Microserver Gen 8 but I'm not sure, which device I have to unmount.

Normally I'm working with the "unmount-script" but unfortunately I still can see the Boot-Stick in the File-Station etc. so I would like to use your script.

 

Could you take a look on my two links?

 

Putty command line: http://www.directupload.net/file/d/4011 ... 29_jpg.htm

Web-Interface: http://www.directupload.net/file/d/4011 ... b3_jpg.htm

 

If I got the vid and the pid how do I have to change the syslinux.cfg on the USB-Boot Stick?

Just copy something or what do I have to do?

 

Thank you very much.

Share this post


Link to post
Share on other sites

My 2 cents are on the flash drive. :smile:

Try to remove it (you can do that without any risk, as it is only used when booting), run the command again and check if it is gone.

Reinsert and it should be back when you run the command yet again.

Share this post


Link to post
Share on other sites

Hi,

 

I got it.

I have read the PID and VID with the tool SIV with Windows 7 (unplug the USB-Stick form the NAS).

After changing the syslinux.cfg (just editing the PID and VID in every line / entry) the USB-Stick is automatically unmount after a restart.

 

Thank you very much!

 

Moritz

Share this post


Link to post
Share on other sites

Hi Kanedo,

 

What version of XPenology are you running?

 

I have followed your instructions above, changed the PID/VID on the syslinux.cfg file, and rebooted and sure enough the USB boot device is not visible anymore.

However I also can't find it anywhere!

Running the parted command gives me this:

Disk /dev/sda: 3001GB
Disk /dev/sdb: 3001GB

Which is just my two physical internal disks, the USB boot device, and my external USB drive are not listed there.

 

Checking for 'volume' directories gives me:

ls -la / | grep volume
drwxr-xr-x   19 root     root          4096 Jun 11 22:08 volume1
drwxr-xr-x    2 root     root          4096 Jun 11 22:06 volumeUSB1
drwxr-xr-x    3 root     root          4096 Jun 11 22:08 volumeUSB2

volumeUSB2 has my external USB drive mounted on it, but there is nothing on volumeUSB1.

 

Equally attempting to mount any of the 'synoboot' devices fails:

DS001> mount -t vfat /dev/synoboot /volumeUSB1
mount: mounting /dev/synoboot on /volumeUSB1 failed: Invalid argument
DS001> mount -t vfat /dev/synoboot1 /volumeUSB1
mount: mounting /dev/synoboot1 on /volumeUSB1 failed: Invalid argument
DS001> mount -t vfat /dev/synoboot2 /volumeUSB1
mount: mounting /dev/synoboot2 on /volumeUSB1 failed: Invalid argument

 

Any idea where my usb stick has gone?

 

I am running DSM 5.1-5022 Update 5.

 

Thanks :smile:

Edited by Guest

Share this post


Link to post
Share on other sites

Never mind - turns out you must run the parted command with root permissions.

If I do:

sudo parted -l 2> /dev/null |grep "^Disk /dev/s"

 

Then I get:

sudo parted -l 2> /dev/null |grep "^Disk /dev/s"
Disk /dev/sda: 3001GB
Disk /dev/sdb: 3001GB
Disk /dev/synoboot: 1059MB
Disk /dev/sdu: 2000GB

 

Unfortunately even then I cannot mount it.

 

DS001> mount -t vfat /dev/synoboot /volumeFooBar/
mount: mounting /dev/synoboot on /volumeFooBar/ failed: Invalid argument
DS001> mount -t vfat /dev/synoboot /volumeFooBar
mount: mounting /dev/synoboot on /volumeFooBar failed: Invalid argument

 

/dev/synoboot1 also gets the same failure - I did try :smile:

Share this post


Link to post
Share on other sites

Or you use the built in option that the devs put in. The following is an example of the syslinux.cfg on your usb drive. just edit the the VID and PID #'s with that of your usb drive.

 

UI menu.c32
PROMPT 0
TIMEOUT 50
DEFAULT xpenology
MENU TITLE XPEnoboot 5.1-5055.1-19c83d5

LABEL xpenology
      MENU LABEL XPEnology DSM 5.1-5055
      KERNEL /zImage
      APPEND root=/dev/md0 ihd_num=0 netif_num=4 syno_hw_version=DS3615xs sn=B3J4N01003 vid=0x0EA0 pid=0x2168 loglevel=0 vga=0x305 rmmod=ata_piix

LABEL debug
      MENU LABEL XPEnology DSM 5.1-5055 Debug
      KERNEL /zImage
      APPEND root=/dev/md0 ihd_num=0 netif_num=4 syno_hw_version=DS3615xs sn=B3J4N01003 vid=0x0EA0 pid=0x2168 loglevel=0 vga=0x305 debug=1 console=ttyS1,115200 rmmod=ata_piix

LABEL install
      MENU LABEL XPEnology DSM 5.1-5055 Install/Upgrade
      KERNEL /zImage
      APPEND root=/dev/md0 ihd_num=0 netif_num=4 syno_hw_version=DS3615xs sn=B3J4N01003 vid=0x0EA0 pid=0x2168 loglevel=0 vga=0x305 upgrade=5.1-5055 rmmod=ata_piix

Share this post


Link to post
Share on other sites
Or you use the built in option that the devs put in. The following is an example of the syslinux.cfg on your usb drive. just edit the the VID and PID #'s with that of your usb drive.

 

UI menu.c32
PROMPT 0
TIMEOUT 50
DEFAULT xpenology
MENU TITLE XPEnoboot 5.1-5055.1-19c83d5

LABEL xpenology
      MENU LABEL XPEnology DSM 5.1-5055
      KERNEL /zImage
      APPEND root=/dev/md0 ihd_num=0 netif_num=4 syno_hw_version=DS3615xs sn=B3J4N01003 vid=0x0EA0 pid=0x2168 loglevel=0 vga=0x305 rmmod=ata_piix

LABEL debug
      MENU LABEL XPEnology DSM 5.1-5055 Debug
      KERNEL /zImage
      APPEND root=/dev/md0 ihd_num=0 netif_num=4 syno_hw_version=DS3615xs sn=B3J4N01003 vid=0x0EA0 pid=0x2168 loglevel=0 vga=0x305 debug=1 console=ttyS1,115200 rmmod=ata_piix

LABEL install
      MENU LABEL XPEnology DSM 5.1-5055 Install/Upgrade
      KERNEL /zImage
      APPEND root=/dev/md0 ihd_num=0 netif_num=4 syno_hw_version=DS3615xs sn=B3J4N01003 vid=0x0EA0 pid=0x2168 loglevel=0 vga=0x305 upgrade=5.1-5055 rmmod=ata_piix

 

Thanks Diverge, but I think you may have missed the point. Adding the VID and PID to the syslinux.cfg file is what this thread is about, but the query I'm having is the step that then lets you mount what is then known to the sytem as /dev/synoboot. Getting access to the USB stick itself is not easy for me, so it is handy to be able to mount it to make alterations to the files remotely, but at the moment I can't mount it.

Share this post


Link to post
Share on other sites

Thanks Diverge, but I think you may have missed the point. Adding the VID and PID to the syslinux.cfg file is what this thread is about, but the query I'm having is the step that then lets you mount what is then known to the sytem as /dev/synoboot. Getting access to the USB stick itself is not easy for me, so it is handy to be able to mount it to make alterations to the files remotely, but at the moment I can't mount it.

 

Yeah, I guess I missed that part :oops:

Share this post


Link to post
Share on other sites
Thanks Diverge, but I think you may have missed the point. Adding the VID and PID to the syslinux.cfg file is what this thread is about, but the query I'm having is the step that then lets you mount what is then known to the sytem as /dev/synoboot. Getting access to the USB stick itself is not easy for me, so it is handy to be able to mount it to make alterations to the files remotely, but at the moment I can't mount it.

 

Although I don't regularly make modifications to the boot stick files, I also like to have the drive be accessible, but not visible to most users. I simply handle this with permissions. I have a User Group which grants access to usb1 and the only User in that group is admin. I only use the admin account to do server maintenance, so I don't mind seeing the boot drive. When I login for normal usage I use my personal account and the boot drive is hidden.

Share this post


Link to post
Share on other sites

In hindsight that sounds like a plan...

 

In the meantime however anyone have any idea how I can mount the usb stick again?

I know once I can physically access the stick I could edit the vid and pid again and then when I boot I presume it will appear, but any ideas for the meantime?

Share this post


Link to post
Share on other sites

Guys, I apologize for the bad /dev/synoboot1 mounting command in my original instruction.

 

Let me demonstrate the non-working and working method to mounting /dev/synoboot1 to a folder.

 

This method does NOT work!

Diskstation> mkdir -p /mountMe
Diskstation> mount -t vfat /dev/synoboot1 /mountMe
mount: mounting /dev/synoboot1 on /mountMe failed: Invalid argument

NOTE: for some reason, you cannot perform the mount command by declaring the full path of /dev/synoboot1.

 

You must cd into /dev/ first, and then mount synoboot1

 

This method WORKS!!!

Diskstation> mkdir -p /mountMe
Diskstation> cd /dev
Diskstation> mount -t vfat synoboot1 /mountMe
Diskstation> ls -l /mountMe
-r-xr-xr-x    1 root     root        116632 Jun  5 20:39 ldlinux.c32
-r-xr-xr-x    1 root     root         61440 Jun  5 20:39 ldlinux.sys
-rwxr-xr-x    1 root     root         23488 Jun  5 20:39 libutil.c32
-rwxr-xr-x    1 root     root         25676 Jun  5 20:39 menu.c32
-rwxr-xr-x    1 root     root           767 Jun 23 02:17 syslinux.cfg
-rwxr-xr-x    1 root     root      15777952 Jun  5 20:39 zImage

 

 

I can't explain why the first method with full path does not work, but the second method works for me.

 

I've updated the mounting instruction on the first page with this. Hope it works for you guys too.

Edited by Guest

Share this post


Link to post
Share on other sites
Never mind - turns out you must run the parted command with root permissions.

If I do:

sudo parted -l 2> /dev/null |grep "^Disk /dev/s"

 

Then I get:

sudo parted -l 2> /dev/null |grep "^Disk /dev/s"
Disk /dev/sda: 3001GB
Disk /dev/sdb: 3001GB
Disk /dev/synoboot: 1059MB
Disk /dev/sdu: 2000GB

 

Unfortunately even then I cannot mount it.

 

DS001> mount -t vfat /dev/synoboot /volumeFooBar/
mount: mounting /dev/synoboot on /volumeFooBar/ failed: Invalid argument
DS001> mount -t vfat /dev/synoboot /volumeFooBar
mount: mounting /dev/synoboot on /volumeFooBar failed: Invalid argument

 

/dev/synoboot1 also gets the same failure - I did try :smile:

This might help you.

Share this post


Link to post
Share on other sites

Ok, so I can successfully hide it, and then see it listed as /dev/synoboot.

 

However I cannot mount it.

As a test I've now unplugged the USB stick from the server and now I see this:

 

> parted -l 2> /dev/null |grep "^Disk /dev/s"
Disk /dev/sda: 3001GB
Disk /dev/sdb: 3001GB
Disk /dev/sdu: 2000GB

 

So that's expected, I've removed the stick after all. (/dev/sdu is my attached USB backup drive).

 

> ls -la /dev | grep syno
crw-r--r--    1 root     root      201,   0 Dec  5 00:28 synobios
brw-r--r--    1 root     root        1,   1 Dec  5 00:28 synoboot1
brw-r--r--    1 root     root        1,   2 Dec  5 00:28 synoboot2

 

So I have no 'synoboot' device now (I've removed the stick though), but I do have a synoboot1 and a synoboot2, I presume that these are images of the boot stick on each of my fitted drives (sda and sdb).

Trying to mount them with '-t vfat' doesn't work though:

DS001> cd /dev
> mkdir -p /volumeBootStick
> mount -t vfat synoboot1 /volumeBootStick/
mount: mounting synoboot1 on /volumeBootStick/ failed: Invalid argument
> mount -t vfat synoboot2 /volumeBootStick
mount: mounting synoboot2 on /volumeBootStick failed: Invalid argument

 

So try without '-t vfat':

> mount synoboot1 /volumeBootStick
> mount | grep synoboot
synoboot1 on /volumeBootStick type ext2 (0)

 

Seems to mount, so what's on it?

1> ls -la /volumeBootStick/
drwxr-xr-x    4 root     root          4096 Dec  5 00:28 .
drwxr-xr-x   31 root     root          4096 Dec  6 18:46 ..
drwxr-xr-x    3 root     root          4096 Dec  5 00:28 boot
drwx------    2 root     root         16384 Dec  5 00:28 lost+found
-rw-r--r--    1 root     root          1024 Dec  5 00:28 rd.gz
-rw-r--r--    1 root     root          1024 Dec  5 00:28 zImage

 

Doesn't look like the content I'm expecting on the boot stick though...

 

So I unmount it and mount synoboot2 instead...

> mount synoboot2 /volumeBootStick/
> ls -la /volumeBootStick/
drwxr-xr-x    3 root     root          4096 Dec  5 00:28 .
drwxr-xr-x   31 root     root          4096 Dec  6 18:46 ..
-rw-r--r--    1 root     root          1024 Dec  5 00:28 checksum.syno
-rw-r--r--    1 root     root          1024 Dec  5 00:28 grub_cksum.syno
drwx------    2 root     root         16384 Dec  5 00:28 lost+found
-rw-r--r--    1 root     root          1024 Dec  5 00:28 rd.gz
-rw-r--r--    1 root     root         65536 Dec  5 00:28 vender
-rw-r--r--    1 root     root          1024 Dec  5 00:28 zImage

 

That doesn't look right either...

 

Checking the bootstick content in a Windows PC gives this:

 Volume in drive F is 5_2__5992_2
Volume Serial Number is XXXX-XXXX

Directory of F:\

03/08/2015  15:45            24,124 libutil.c32
03/08/2015  15:45            26,336 menu.c32
12/09/2015  15:25               759 syslinux.cfg
03/08/2015  15:45        21,538,496 zImage
              4 File(s)     21,589,715 bytes
              0 Dir(s)       3,295,232 bytes free

 

So it seems that the other synoboot# devices aren't copies of the bootstick?

 

To be sure I put it back in the server and rebooted.

 

> parted -l 2> /dev/null |grep "^Disk /dev/s"
Disk /dev/sda: 3001GB
Disk /dev/sdb: 3001GB
Disk /dev/sdu: 2000GB
Disk /dev/synoboot: 1059MB

 

Sure enough 'synoboot' is back.

 

Confirmed in the /dev directory:

> ls -la /dev | grep syno
crw-r--r--    1 root     root      201,   0 Dec  5 00:28 synobios
brw-------    1 root     root      135, 240 Dec  6 19:27 synoboot
brw-r--r--    1 root     root        1,   1 Dec  5 00:28 synoboot1
brw-r--r--    1 root     root        1,   2 Dec  5 00:28 synoboot2

 

So I try to mount it:

> mount synoboot /volumeBootStick/
mount: mounting synoboot on /volumeBootStick/ failed: No such device
> mount -t vfat synoboot /volumeBootStick/
mount: mounting synoboot on /volumeBootStick/ failed: Invalid argument

 

I'm suspicious of the "No such device".

Has something been done to block the mounting of the synoboot device?

Share this post


Link to post
Share on other sites

Schmill,

 

I can confirm that I have the same issue as you do with 5.2 Xpenoboot. My original mounting instruction worked for 5.1. So yea, I believe something changed on the 5.2 boot images that prevents us to properly mount it and see the same file listing as in a PC. I'll do some more testing to see what's going on.

 

I am also following your mounting command without "-t vfat" and it auto-mounts using ext2 as well, which isn't what we want.

Diskstation> mkdir -p /mountSynoboot
Diskstation> cd /dev
Diskstation> mount synoboot1 /mountSynoboot
Diskstation> mount |grep synoboot
synoboot1 on /mountSynoboot type ext2 (0)

 

So something funny is going on here.

Share this post


Link to post
Share on other sites

Okay, I finally cracked mounting synoboot for 5.2. Here's the updated instruction.

 

First, ssh into your box as root.

 

Create your mount dir

Diskstation> mkdir -p /mountUSB

 

Find the next free loopback device. Mine shows /dev/loop0 from a fresh boot.

Diskstation> losetup -f
/dev/loop0

 

Setup the loopback device to use /dev/synoboot with offset 32256. NOTE: 32256 = 63 sectors * 512 bytes

Diskstation> losetup -o 32256 /dev/loop0 /dev/synoboot

 

Now we mount the loopback device to our mount dir.

Diskstation> mount -t vfat /dev/loop0 /mountUSB

 

Now you can see the proper file listing

Diskstation> ls -l /mountUSB/
drwxr-xr-x    2 root     root         16384 Dec 31  1969 .
drwxr-xr-x   28 root     root          4096 Dec  6 22:50 ..
-r-xr-xr-x    1 root     root        116684 Aug  3 16:45 ldlinux.c32
-r-xr-xr-x    1 root     root         61952 Aug  3 16:45 ldlinux.sys
-rwxr-xr-x    1 root     root         24124 Aug  3 16:45 libutil.c32
-rwxr-xr-x    1 root     root         26336 Aug  3 16:45 menu.c32
-rwxr-xr-x    1 root     root           759 Aug 16 23:29 syslinux.cfg
-rwxr-xr-x    1 root     root      21538496 Aug  3 16:45 zImage

 

When you're done, unmount your device.

Diskstation> umount /mountUSB

 

Then release the loopback device

losetup -d /dev/loop0

 

The reason why we have to go through all this is loopback stuff is because the "mount" command on Synology firmware is a trimmed-down busybox version without the ability to use offset. That's why we have to do it manually.

 

Now, I don't know if the earlier 5.1 boot image was different or if Synology changed the mount binary in 5.2. Either way, this method is currently working for 5.2 until something changes again.

Edited by Guest

Share this post


Link to post
Share on other sites

Hi everyone,

 

i boot my xpenology with an internal pata device. Is there anyway to get this mounted too?

 

When i try your guidance then i get following error:

 

DiskStation> losetup -o 32256 /dev/loop0 /dev/synoboot

losetup: /dev/loop0: No such file or directory

 

Greetings holybabel

Share this post


Link to post
Share on other sites

I tried both (admin and root) and i get the error message with both accounts.

 

DiskStation> whoami
admin
DiskStation> losetup -f
/dev/loop0
DiskStation> losetup -o 32256 /dev/loop0 /dev/synoboot
losetup: /dev/loop0: No such file or directory

DiskStation> whoami
root
DiskStation> losetup -f
/dev/loop0
DiskStation> losetup -o 32256 /dev/loop0 /dev/synoboot
losetup: /dev/loop0: No such file or directory

 

DiskStation> ll /dev/loop0
brw-------    1 root     root        7,   0 Dec  1 19:17 /dev/loop0

Share this post


Link to post
Share on other sites
Okay, I finally cracked mounting synoboot for 5.2. Here's the updated instruction.

...

:grin:

 

Just wanted to provide feedback on this thread that Kanedo's updated instructions did also work for me.

Thanks Kanedo!

Share this post


Link to post
Share on other sites