IIRC I have forced ntlvm2 support in the kernel, but it was deprecated around Linux 3.12
Hi Ken,
Your plan sounds good. Let us all know how you get on.
Gavin.
OK ā¦
ā¦ after a long period of experimentation with OSMC Kodi 16.1 Jarvis, I have been unable to get Samba v4 client on the OSMC machine working with the Samba v3 server on my PDC Data + File server machine. I think I have tried all the suggestions discussed in April 2016 when the changes to OSMC Kodi were first made, but Iām afraid I cannot make it work.
So, for the present I shall revert to OSMC Kodi 15.1, as I need the Media Centre working. I did consider downgrading the Samba client on Kodi 16.1, but I can leave that for now. Iāll watch the forums for any news of other possible solutions, but I think that for the moment I have to accept the incompatibility between my data server and the Kodi client. Even though several of the other Kodi 16.1 implementations are compatible with Samba v3, I have to stick with OSMC Kodi because this experimentation with other Kodi implementations have proved that OSMC is about twice the speed of the others in navigation and media list retrieval.
I realise that the best option would be to update the server OS and Samba to the latest versions - thatās the preferable option but I will have probably to build that from scratch so itās a job for the future.
Thanks Sam, and Gavin for the help and suggestions, and for your work with Kodi.
Cheers for now,
Kenneth A Spencer
Do you have a guest account enabled on your SMB server? Try adding a SMB guest account even if it doesnāt have permission share anything.
On your raspbian install try
sudo cp /etc/samba/smb.conf /etc/samba/smb.conf.bak
sudo nano /etc/samba/smb.conf
Paste the following at the end of the file then edit as appropriate:
[Dummy_share]
comment = Dummy share, doesn't contain any files
path = /some/folder/that/contains/nothing
public = yes
only guest = yes
browseable = yes
read only = no
writeable = yes
create mask = 0644
directory mask = 0755
force create mask = 0644
force directory mask = 0755
force user = pi
force group = pi
Then restart the raspbian install and try again. Hopefully this will work.
Hi Ken,
Iām sorry we couldnāt get it working for you. The only other options I can see for you to have a smooth upgrade would be:
-
Check what version of Samba is installed on LibreElec and try and install the same or a previous version on your OSMC Jarvis installation.
-
Change from SMB to NFS for video shares, but this would mean different paths and so would require rebuilding your library.
To be honest though with the release of Kodi Krypton (17) relatively close now, it may be worth pausing efforts until Krypton is released to save possible repeat effort.
I think in the long term though the only truly safe and reliable (as reliable as Samba ever gets) solution will be to upgrade your PDC and all other clients to Samba 4 and use a safer security method.
Again, sorry wr couldnāt get you up and running, but Iām sure weāve all learned something.
Gavin.
They use Samba 3.6, which is what Kodi still builds against for other platforms. We use Samba 4 and we have patched Badlock et al; so a bit different.
Kodi has no future plans to use Samba4, as it uses WAF (Python based build system) which does not fit in well with their current build system. It is an extremely painful build system to use, and I can empathise with them.
Thanks Sam, Martin and Gavin.
Yes indeed, LibreElec works with Samba v3.6, but I found it slow, and also is more difficult to work with in a few other respects.
Martin: Iāll try your ideas and report back. I may be able to do something with it over the weekend.
Gavin: yes, an interesting, if frustrating exercise! Eventually, yes, you are right, I will accept a rebuild of the PDC but I havenāt the time to do that just yet.
Sam: Presumably when you say: [quote=āsam_nazarko, post:46, topic:20081ā] Kodi has no future plans to use Samba4 ā¦[/quote] you are still referring to LibreElec, rather than Kodi in general. But it would have to improve itās speed and one or two other aspects before Iād consider it.
Iāll keep everyone informed!
Thanks all,
Kenneth Spencer
No ā Iām referring to Team Kodi and Kodi itself. They will build against libsamba of the target distro, but their depends system still uses Samba 3.6. There are some comments about this where they are struggling with WAF, which supersedes autoconf used prior to Samba 4.
We have some patches with our version of Kodi that do treat Samba 4 better, but as you can see, there are still some problems.
Iām still slightly suspicious of the domain controller setup though.
Is there an easy way for me to replicate this kind of setup in a VM so I can wireshark or tcpdump and have a look?
Cheers
Sam
Thanks, Sam.
I donāt mind you being suspicious of the domain controller!
It does a lot, but it works happily with everything else and has done for quite a few years now, after I got rid of my Windows 2003 R2 server. Let me know what you need to know to replicate the setup, and Iād be happy to supply it.
In the meantime here is more background info:
- provides data via MySQL for 3 websites hosted locally on another RPi under Apache2;
- provides nightly webstat collection from 3 above websites hosted locally on another RPi;
- provides nightly webstat collection from 4 (soon only 3) remotely hosted domains (in the LINX);
- provides nightly backups of daily changing data (accounts/SW_Dev/documents etc etc);
- provides Windows (XP/Vista/7/10) PCs access to shares, users by groups and individually;
- hosts 5,722 music files (51.5GB), 1708 video files (475GB own videos + Movies etc) and numerous photographs, for OSMC/Kodi;
- provides DNS Bind9 v9.8.4, DHCP ISC DHCPd v4.2.2, SSH Open SSH v6 & FTP ProFTPd v1.34
Machine is a Raspberry Pi model 2B. OS is Debian Linux 7.11. Samba is v3.6.6 - all have current latest updates installed.
Nightly Backups of daily changing data are to a 128 GB USB stick on the PDC.
All Shared Data is in a 4TB USB fixed disc on the PDC.
Machine Management is via Webmin 1.8.20.
Account Management is via LDAP AM OpenLDAP 58397 which controls access to shares via Hosts, Groups & Users. And of course, until the Jarvis update of OSMC/Kodi, Media storage & access worked extremely well.
As I have run online services from my office since 1995, I have tested the security of all my systems from inside & outside the LAN and within the limits of my security knowledge it seems secure. I regularly detect attempts to hack the sites and the servers and to use various techniques to use vulnerabilities of files & systems to gain access and block every such IP address used. One of my forums for local village use was hacked on an externally hosted site owing to a vulnerability in PhpBB, but I no longer run any forums now.
If you would like any of the configuration files I could send them but might prefer not to do so over the forum.
Thanks again for your interest and help.
Best wishes,
Kenneth Spencer
I wonder if you could do the following?
From your 2015 OSMC hold the following packages in apt
:
samba-common
samba-libs
libsmbclient
rbp2-mediacenter-osmc
and then run apt-get dist-upgrade
That should allow you to benefit from all the security upgrades etc in the last year but without compromising your samba setup and without upgrading kodi
to Jarvis.
Iām not 100% sure it would work, @sam_nazarko would be able to confirm that.
You could just hold libsmbclient and samba packages with a March version. Media center does not need to be held. Your device would be vulnerable to Badlock CVE though.
[quote=āsam_nazarko, post:51, topic:20081ā]Your device would be vulnerable to Badlock CVE though.
[/quote]
As his PDC is vulnerable this would be a moot point really, no?
Itās not something Iād really worry about, no.
For the benefit of the OP then, if all else fails this should get you working with newest OSMC and the newest Kodi.
Working from non-updated image:
sudo apt-mark hold samba-common
sudo apt-mark hold samba-libs
sudo apt-mark hold libsmbclient
sudo apt-get dist-upgrade
Hope this helps.
Now chaps, that looks helpful. Iāll give it a try and let you know.
Badlock CVE is new to me! But ignorance is (was) bliss. Iām reading about it now.
Thanks again!
Kenneth Spencer
OK, I have carried out the procedure Gavin suggested for holding the Samba components. I have also gone ahead with upgrade of OSMC Kodi from the 2015 release to the November 2016 release.
At first, I had the same symptoms as before: refusal of the Username/Password Lock dialogue to accept a valid user & password. But then I had a thought ā¦ maybe some of the files from the working Kodi 2015 release had been overwritten by the upgrade. So I wrote back:
- /home/osmc/.smb/smb.conf
and - /home/osmc/.kodi/userdata/passwords.xml
with the versions that worked in the 2015 release, as these two files had been overwritten in the upgrade.
Then Hey Presto - it works!
All this has given me one new idea which I may well mess about with at some point, but in the meantime, thanks alot. It is now resolved until I have the considerable amount of time Iād require to do a complete update of the PDC software.
So, if you, Sam, or Gavin, are likely to be anywhere near West Wiltshire let me know - I owe you a pint! (Well I suppose we owe Sam rather more then one!)
Best wishes,
Kenneth Spencer
Hi Ken,
Iām so glad we managed to get you working!
Itās definitely worth looking at the upgrade in the long run, but at least you can benefit from the latest OSMC in the meantime.
As for the pint, if Iām ever those few miles further southwest Iāll drop you a message
Gavin.
PS. Iād keep backups of those files you had to replace in case future upgrades overwrite them also.