Jump to content
XPEnology Community
  • 1

Thread for 25554/25556 breakage. Time to make alternate plans? What Next? And More


Captainfingerbang

Question

I thought I'd post here, not seeing a thread explaining what the deal is with the latest intermediate updates failing and so few people testing them, my curiosity got the best of me, unless i'm just missing something completely, which has been known to happen. 😉

Though not the newest member, I've been on Xpen 2 years maybe? I do have some noob-type questions since noticing the two latest updates failing, and not seeing a lot of discussion of it.

In my short time here I cannot recall new updates like 25554/25556 failing so quickly, and it does concern me. But again, I'm relatively new.

And I'm sure this isnt the first time this has happened, where Jun or others have had to fix loaders 

 

MY HW 2x Identical Baremetal DS918+ Xpen's 1.04b With Gigabyte B360-hd3's I3-8100's both working fantastically on DSM 6.2.3-25426 Update 3 

 

My questions regarding this are:

 

  • Should we be concerned? Long term, with the intermediate updates not working? (assuming we already have backups and have all the functionality we need) 
  • Could DSM 6.2.3-25426 Update 3 possibly be the last safe Xpen Version for us using Jun's Loaders?
  • Is Jun still kicking around to come up with a possible solution? Or anyone else?
  • How often in the past have 2 consecutive updates failed right out of the gate like the latest intermediate updates have?
  • Is there any particular reason, such as a major OS change, or Synology wanting to rid us "Open Sourcers" of this beautiful software, that is causing these updates not to work?
  • Have Xpen users been migrating to alternatives to Jun's loader or other solutions noobs may not be aware of? if so what's out there for Baremetal?

 

 

 

  • Like 3
Link to comment
Share on other sites

16 answers to this question

Recommended Posts

  • 1

Should we be concerned? Long term, with the intermediate updates not working? (assuming we already have backups and have all the functionality we need) 

Define concern?  Is there anything that can be done with 6.2.4 that cannot be done with 6.2.3?  The assumption has always been is that any update has the possibility of breaking the loader.

 

Could DSM 6.2.3-25426 Update 3 possibly be the last safe Xpen Version for us using Jun's Loaders?

Maybe.

 

Is Jun still kicking around to come up with a possible solution? Or anyone else?

Jun is the only one that can answer that question.  My guess is that if they are at all interested in keeping XPe alive, they will be focusing on DSM 7 and not a minor "last-of-the-line" patch on a DSM version that already works quite well.

 

How often in the past have 2 consecutive updates failed right out of the gate like the latest intermediate updates have?

25554 and 25556 are in fact the same update.  Updates either work, or they don't.

 

Is there any particular reason, such as a major OS change, or Synology wanting to rid us "Open Sourcers" of this beautiful software, that is causing these updates not to work?

I am sure Synology would prefer that we do not use DSM in this way.  They probably consider DSM as entirely their IP even though it is derived from GPL-licensed open source.  They could probably set up a Secure Boot solution that would probably shut DSM to us forever.  But that would also limit backward compatibility with the hundreds of thousands or millions of units they have shipped up until now, and probably interfere with any cloud service/virtualization plans they have in the wings.  So I don't think that this or the other issues that have been worked through in the past to be a result of an "anti-XPe" effort on the part of Synology.

 

Just to be clear, DSM 6.2.3 "broke" the loader.  FixSynoboot corrects the failure without modifying or updating the loader.  We have also had problems with PCI hardware compatibility, and were able to work through solutions.

 

Other than the irrational FOMO, I'm not clear why getting 6.2.4 working is anyone's priority at this point.  Personally, I'm far more interested in DSM 7.

Edited by flyride
  • Like 6
  • Thanks 1
Link to comment
Share on other sites

  • 1
3 hours ago, Orphée said:

My only concern would be the security fixes

...

https://www.synology.com/fr-fr/security/advisory/Synology_SA_21_02

 

"Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character."

 

take sudo binarys from 6.2.4 and copy them to 6.2.3 or compile new version from source (https://www.sudo.ws/stable.html) in the build enviroment used for packages and driver

 

 

3 hours ago, Orphée said:

 

if you figure out what cve it is you could help yourself too (cisco talos has a lists, you would need to compare with already mentioned and fixed stuff, or just wait for synology to be more precise or nudge them to give more information)

 

 

i'd say if that is important for you start a initiative for delivering and maintaining 6.2.3 security updates, i'm sure you will find some people willing to help in at least deliver information and ideas, getting people to do actual work consistently will be much harder so you should keep planning to do the compiling and base testing yourself

a good amount of security fixes might be possible by backporting and compiling things and by splitting things in more simple tasks it would be possible to find one person doing things once or twice if it hits the sweet spot of feeling confident (like comparing and adapting php code for someone doing that kind of stuff for a living)

 

 

On 4/6/2021 at 10:54 PM, Captainfingerbang said:

Should we be concerned? Long term, with the intermediate updates not working?

no (easy to handle) security updates from now on and that goes for functional fixes like in btrfs too

but we knew that all along and the "peace" lasted just longer because synology did not made progress with 7.0 as they planned

under normal conditions we would have seen this situation much earlier, from 6.0 to 6.2 they had 1 year for a new version

so the expectation would have been q2/2019 for 7.0 - we are in luck (kind of) it took 2 years longer and we had a nice worry free time (not entirely, but  thats just because of laziness in the xpe community)

 

 

On 4/6/2021 at 10:54 PM, Captainfingerbang said:

Could DSM 6.2.3-25426 Update 3 possibly be the last safe Xpen Version for us using Jun's Loaders?

looks like it for now until we know what the errors on the serial console are about (they are the same as in 7.0 preview and 6.2.4 comes with the same kernel version as 6.2.3 so its not a mismatch in kernel, seems to be something different and if taking it worst case its a new protection, but might be less then that)

 

if you want to play a little (test installation) you can update to 6.2.4 and when the boot stops, switch off, replace zImage on the loader with the one from 6.2.3u3 and start booting again, that will install 6.2.4 but you will end with a not entirely working system, the packages don't start, network can't be configured in the gui, ...

also the driver in rd.gz are still from 6.2.4 and there might be problems with them too

i don't know if its possible to replace the *.ko files with older ones in rd.gz or take the one from 6.2.3 and replace the VERSION file but i guess there is a protection against tempering zImage and rd.gz - might be a thing to look into if we still have that situation for longer, atm i have enough other things to to

feel free to poke around with a partly running 6.2.4

 

 

On 4/6/2021 at 10:54 PM, Captainfingerbang said:

Is Jun still kicking around to come up with a possible solution? Or anyone else?

 

On 2/27/2021 at 11:55 AM, IG-88 said:

what do you prefer? crystal ball, tea leaves or throwing bones?

:-)))

 

On 4/6/2021 at 10:54 PM, Captainfingerbang said:

How often in the past have 2 consecutive updates failed right out of the gate like the latest intermediate updates have?

 

dsm failing on updates is not new, normal with major updates (6.0, 6.1, 6.2) as they usually come with a newer kernel versions making at least drivers incompatible and it seemed with every of them they changed or added protection

a example for minor updates breaking things ? how about 6.2.1/6.2.2 (even if that one seemed to hit us accidentally as it seemed to address pcie power management driver  problems and synology addressed that in changing the kernel config and later on fixed it properly - at least that's my theory)

 

and as flyride already pointed out its just one update - if you want to count it extremely properly then its 3, because 25556 was replaced silently after 2 weeks with new files of the same version number

 

On 4/6/2021 at 10:54 PM, Captainfingerbang said:

Is there any particular reason, such as a major OS change, or Synology wanting to rid us "Open Sourcers" of this beautiful software, that is causing these updates not to work?

 

lets start with "open sourcers" - no we are not, we dont build our own version from source, we use synology's stuff, not just the files (<cough> - quick connect - i don't but some do)

on the other side synology does not comply with GPL and other licenses they use to create DSM, there are lots of examples and the most obvious is they NEVER release kernel source when they release a new dsm updates or versions (you can check immediately by looking for the source of 6.2.4) - even when poked for years they did not change, its not that they forgot it once or twice, its there strategy and only legal trouble seems to be the one thing that bothers them (they don't seem grateful to the thousands of people and work hours others did and don't want to be a part of it or add something, just use it to make profit)

 

i tend to say freeloaders, and synology could be much more hostile if they wanted to, i can imagine a lot of easy to do things to curb xpe users, maybe that changes now with 6.2.4/7.0 , i guess the two years extra for 7.0 also include plans to get rid of freeloaders

its also a question if its worth the effort to use dsm anymore, there are alternatives that improved over the years and docker makes extensions more universal so the 3rd party packages of dsm are not that interesting anymore (and are fading), when dsm 7.0 really is unable to load the older spk's i guess a lot of (xpe) people will stay way from it for longer then some expect

 

On 4/6/2021 at 10:54 PM, Captainfingerbang said:

Have Xpen users been migrating to alternatives to Jun's loader or other solutions noobs may not be aware of? if so what's out there for Baremetal?

 

i maintain the alternative of using open medial vault, if dsm breaks i can boot up omv from a disk or usb and have network access to my files and if synology gets nasty i will just switch to omv (btrfs and SHR are no problem, just work when starting omv)

https://xpenology.com/forum/topic/42793-hp-gen8-dsm-623-25426-update-3-failed/

its still a nice thing that you can switch from an dsm unit to any other linux without offloading all data, also makes recovery possible if things go wrong

 

On 4/7/2021 at 3:04 AM, flyride said:

Other than the irrational FOMO, I'm not clear why getting 6.2.4 working is anyone's priority at this point.  Personally, I'm far more interested in DSM 7.

having the maintained security updates might matter for some people if the make dsm accessible over internet (like photo station or nextcloud)

i'm more on the side of using vpn to access dsm, makes a much smaller attack surface but will also shut out less IT centered people like family member's

we will see what happens when dsm 7 is out for 1-3 month and i'm not even sure if 7.0 will really have something to offer, i haven't seen anything that triggers reflexes to make it a must have (at least for me)

 

Link to comment
Share on other sites

  • 1
On 4/11/2021 at 4:52 PM, IG-88 said:

 

i maintain the alternative of using open medial vault, if dsm breaks i can boot up omv from a disk or usb and have

Hi. I have tried OMV too. But it looks like windows XP in 2021. Works,but user experience is so strange. From my perspective, the DSM has much better UI/UX, at the same time give us the platform for a lot of apps. So, long story short, maybe it will be better to build our own alternative of DSM? Something like, docker friendly OS with a build in docker registry as a repository. Or for it can be a extra packages for OMV, with a new admin panel, etc.

 

Sandstorm

https://apps.sandstorm.io/

 

NextCloud

https://nextcloud.com/

 

Cozy

https://www.cozy.io/en/features/

 

Edited by T-REX-XP
Link to comment
Share on other sites

  • 0

I recently bought 5 new WD Red+ drives for my TheCUS running DSM 6.2.3.x.  When I redid the install I knew 6.2.4 would not work.  When I tried to load 6.2.3.whatever that was on my PC I got a message that the minimum version that could be installed was 6.2.3.25426.  So what happens if a few months from now the minimum install is 6.2.4?  Now how do we build a NAS using DSM?  I tried blocking the IP of my TheCUS from going out the Internet and was surprised to find out even using a manual install the installation does not work.  It requires a connection back to Synology to install DSM.  I could not see a way to install DSM without an internet connection.  Maybe someone has figured this out.  

 

It's got me worried.  I have a real Synology box (2415+) and three TheCUS units running DSM.  It's a great way for me to reuse that old hardware.  

Link to comment
Share on other sites

  • 0

I just tried unraid and it is a disaster. It all depends on docker containers and open source packages. File sharing and syncing is kind of ok with nextcloud but after that there pretty much no good software for anything. Even paid backup solutions are a joke compared to Synology. If this project dies I would rather spend 500 bugs on a real Synology than deal with this mess.

 

Stephan

Link to comment
Share on other sites

  • 0
1 hour ago, stephan1827 said:

I just tried unraid and it is a disaster. It all depends on docker containers and open source packages. File sharing and syncing is kind of ok with nextcloud but after that there pretty much no good software for anything. Even paid backup solutions are a joke compared to Synology. If this project dies I would rather spend 500 bugs on a real Synology than deal with this mess.

 

Stephan

 

I disagree... partly! Never used unraid and I installed only once freenas/truenas. The later was ok, but I was using mostly Openmediavault on x86s and Pis. They got the job done. Lately I got into synology with a DS220j for the family and rolled out a couple xpenology 6.2.3 for my needs. I think I'll stick with these configurations for the time being, until there is a working solution for 6.2.4 or DSM 7. I would be thrilled to update and get more active in this great community, but I won't hesitate to configure OMV on a spare pc, if needed. Setting up dockers (applications) for the less tech savvy is a lot more complicated than on a Synology/Xpenology. But there is a lot documentation and helping hands, if required.

 

Let's wait and see. In the meantime I'll be contributing to my best knowledge and skills to continue building this great community of users. Hope others do the same... while waiting for a new bootloader!

 

Cheers   

  • Like 1
Link to comment
Share on other sites

  • 0

Interesting topic, even for the ones who are staying with 6.1.x for their "production systems" (looking in the mirror ;-))

 

While trying to catch up on this topic, I stumbled across a minor discussion on DarkWeb ( aka. Facebook),

and I felt I should just "throw it in" to see if anyone have an opinion of what being posted there.

I removed their names, to respect their "privacy" 

 

 

Statement1.png

Statement2.png

Link to comment
Share on other sites

  • 0

"Most all of your problems with going to 6.2.4 is because VMWare pushed out patches with deprecation to linuxkernel."

 

VMWare may use a variant of Linux as its core hypervisor OS, but what it supplies as a hardware platform has nothing to with it - the VM doesn't even know what OS is going to run on it.  Yes, we select "Linux 3.x 64-bit blah blah" as a profile, but that is not linking to anything that is actually Linux, it's just defining a standard virtual hardware configuration that is presented to the client OS installation.

 

Furthermore, if this were somehow true, how would VMware's purported actions affect Proxmox and KVM and all the other hypervisors at the exact same moment?

 

So I'm gently calling foul on this assertion, but if someone can present a working baremetal configuration, that would be awesome and worth investigating further.

 

"[VM] has been proven to be bad from the get go way back with DSM 5.2.xxxx"

 

Um, yeah sure.

  • Like 4
Link to comment
Share on other sites

  • 0
On 4/11/2021 at 6:52 AM, IG-88 said:

 

On 4/6/2021 at 1:54 PM, Captainfingerbang said:

Have Xpen users been migrating to alternatives to Jun's loader or other solutions noobs may not be aware of? if so what's out there for Baremetal?

 

i maintain the alternative of using open medial vault, if dsm breaks i can boot up omv from a disk or usb and have network access to my files and if synology gets nasty i will just switch to omv (btrfs and SHR are no problem, just work when starting omv)

 

Just a quick comment on this, if folks do feel the need to start reposturing themselves away from DSM because they are concerned with access to security patches or just have to have the "latest" on whatever platform they want, it would probably make sense to steer away from using SHR - yes it can be supported on OMV or plain old Linux, but it becomes very hard to administrate/fix/assess/maintain once DSM is gone.

 

For me at least, Docker has freed me from value added services on DSM - those can run on a separate VM or wherever.  There are only a couple of things that really, really keep me on DSM:

  1. btrfs.  Synology's implementation is the only RAID5 solution that is "safe."  btrfs offers dedup/CoW in a memory/compute footprint that is smaller than anything else available, including zfs.
  2. Snapshot management and replication.  It's not perfect, but DSM makes these truly enterprise features available on (again) very low cost hardware.
  3. RAIDF1. This is the most elegant and unobtrusive solution to the SSD co-expiry problem that I've seen, and that includes enterprise solutions. 

Yes you can get btrfs, or snapshot management on other platforms. But not both together like DSM, and not with RAIDF1. I would love to see something compelling on the other open-source derived platforms that made me want to switch.

 

On 4/11/2021 at 6:52 AM, IG-88 said:
On 4/6/2021 at 6:04 PM, flyride said:

Other than the irrational FOMO, I'm not clear why getting 6.2.4 working is anyone's priority at this point.  Personally, I'm far more interested in DSM 7.

having the maintained security updates might matter for some people if the make dsm accessible over internet (like photo station or nextcloud)

i'm more on the side of using vpn to access dsm, makes a much smaller attack surface but will also shut out less IT centered people like family member's

we will see what happens when dsm 7 is out for 1-3 month and i'm not even sure if 7.0 will really have something to offer, i haven't seen anything that triggers reflexes to make it a must have (at least for me)

 

This is probably an opportunity for this community if 7.0 support doesn't present itself.  As long as no Synology update is likely to overwrite them, coming up with a maintainable library of middleware/security updates might be a way to keep XPe going for quite some time.  This is essentially what is happening now with the extended driver support via @IG-88's extra.lzma, @The Chief's patches for NVMe cache support and FixSynoboot

 

As far as 7.0 goes, btrfs capability (performance, native real-time dedup, etc) is purportedly enhanced. And given the btrfs is getting quasi-abandoned by everyone else in the industry, Synology may essentially be forking their own long-term development of btrfs as a primary contributor (which I guess you could consider both good and bad).  So even if we maintain 6.2.3 as a long-term stable niche as above, getting support for 7.0 will likely continue to be of interest to many.

Edited by flyride
  • Like 2
Link to comment
Share on other sites

  • 0
On 4/6/2021 at 6:04 PM, flyride said:

Jun is the only one that can answer that question.  My guess is that if they are at all interested in keeping XPe alive, they will be focusing on DSM 7 and not a minor "last-of-the-line" patch on a DSM version that already works quite well.

Was anyone even able to contact or have any contact with Jun at all? He is not replying since 2018... And last connection on March.

Hopefully I am wrong, but it doesn't look good.

Edited by ed_co
Link to comment
Share on other sites

  • 0
On 4/17/2021 at 1:24 PM, bearcat said:

While trying to catch up on this topic, I stumbled across a minor discussion on DarkWeb ( aka. Facebook),

and I felt I should just "throw it in" to see if anyone have an opinion of what being posted there.

I removed their names, to respect their "privacy" 

 

I've read it twice but can't see where he made anything different then usual, the hardware is from 2011 (nehalem) and has uefi bios, doesn't make it special in any way

any chance to get more information or a dmesg log from that system?

  • Like 2
Link to comment
Share on other sites

  • 0

Apologies as i started this thread while apparently under the influence and forgot i created it. Been dealing with some personal stuff lately. 

Thank you for your contributions. Will name best answer too. 

 

The only thing i don't see a blot of is FOMO posts about this. Are there a lot of them? Where are they, on Reddit or something?

Or are we speaking in historical terms, as in people getting FOMO about updates in years past, or regarding just this one or what?

 

FOMO may be true, but i dont feel as if any of the questions were unreasonable. DOUBLE POSTING would be unreasonable 😉

Edited by Captainfingerbang
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...