Is there a "correct" way to add a service file (e.g. I want to add a timemachine.service file in /tmp/avahi/services)

[iTyPsIDg]

NOTE: I fully understand that it is recommended that we buy and use an actual NAS instead of using the router as a NAS. When I'm no longer a nomad, I'll do that. For now, I need what fits in 23kg. Therefore, I want to configure the router to do what it is advertised as capable of doing.
It is my understanding that I should create a timemachine.service file for Avahi to advertise TimeMachine capabilities on my router. Can I simply add the file to /tmp/avahi/services? I know for some things we need to use /jffs/configs or /jffs/addons (I think?). Is it okay to have multiple files in that directory? This is what I want to add:

Spoiler: /tmp/avahi/services/timemachine.service

<?xml version="1.0" standalone='no'?>
<!DOCTYPE service-group SYSTEM "avahi-service.dtd">
<service-group>
  <name replace-wildcards="yes">%h</name>

  <!-- advertise SMB -->
  <service>
    <type>_smb._tcp</type>
    <port>445</port>
  </service>

  <!-- advertise TimeMachine -->
  <service>
    <type>_adisk._tcp</type>
    <port>9</port>
    <!-- sys=waMa=0,adVF=0x82 flags it as TM over SMB -->
    <txt-record>sys=waMa=0,adVF=0x82</txt-record>
  </service>

  <!-- device-info to look like a Time Capsule -->
  <service>
    <type>_device-info._tcp</type>
    <port>0</port>
    <txt-record>model=TimeCapsule</txt-record>
  </service>
</service-group>

I already managed to install version 4.18.8 of smbd from entware instead of using version 3.6.25 that is built into the Merlin (and/or stock) firmware. My personal experience is that I've seen lower CPU usage from using 4.18.8. I believe this next step (timemachine.service) is required for proper advertisement to avoid the need for SparseBundles.

AGAIN: I fully understand that it is recommended that we buy and use an actual NAS instead of using the router as a NAS. When I'm no longer a nomad, I'll do that. For now, I need what fits in 23kg. Therefore, I want to configure the router to do what it is advertised as capable of doing.

 

[ColinTaylor]

See the wiki regarding postconf scripts. In particular adisk.postconf, afpd.postconf and avahi-daemon.postconf.

Custom config files

Third party firmware for Asus routers (newer codebase) - RMerl/asuswrt-merlin.ng

github.com

 

[iTyPsIDg]

See the wiki regarding postconf scripts. In particular adisk.postconf, afpd.postconf and avahi-daemon.postconf.

Custom config files

Third party firmware for Asus routers (newer codebase) - RMerl/asuswrt-merlin.ng

github.com

Since I'm not actually modifying the configuration, it seems like all I need to do is create the file elsewhere and use avahi-daemon.postconf to copy it to the appropriate location. Am I understanding this correcting?

 

[bennor]

@iTyPsIDg, If you haven't seen it already, there is the following post from 2021 (that turns up via forum search) that mentions using a timemachine.service file in the /jffs/user/ location. It may or may not be relevant to your question or what you are trying to achieve.
https://www.snbforums.com/threads/c...on-invalid-host-name-fixed.72111/#post-684939

 

[ColinTaylor]

Since I'm not actually modifying the configuration, it seems like all I need to do is create the file elsewhere and use avahi-daemon.postconf to copy it to the appropriate location. Am I understanding this correcting?

I'm not a mac guy but that would be my assumption. I don't know which of those three services you're still running, but you'd have to hook into one of them to copy your custom service file before the avahi-daemon starts up.

 

[iTyPsIDg]

@iTyPsIDg, If you haven't seen it already, there is the following post from 2021 (that turns up via forum search) that mentions using a timemachine.service file in the /jffs/user/ location. It may or may not be relevant to your question or what you are trying to achieve.
https://www.snbforums.com/threads/c...on-invalid-host-name-fixed.72111/#post-684939

I think that will help. I will give it a try. Thank you!

 

[bennor]

I think that will help. I will give it a try. Thank you!

If you figure out a method, please post it for others.

On a side note, in looking at the Time Machine code in the Asus-Merlin firmware it appears two of the open source modules/services used by the Time Machine feature are dated.
netatalk 3.0.5 - August 2013
avahi 0.8 - Feb 18, 2020
Do wonder if those two dated modules/services are playing a roll with the issues some are trying to overcome with Apple depreciating AFP in favor of SMB in the Mac OS over the past year or so.

 

[bluzfanmr1]

Netatalk was abandoned for awhile and became incompatible with newer versions of Debian etc but is back from the dead. For awhile that caused me issues when using other devices as Time Machine backup servers. Not sure if it's relevant here but thought I'd toss it out there so it's known.

 

[iTyPsIDg]

If you figure out a method, please post it for others.

On a side note, in looking at the Time Machine code in the Asus-Merlin firmware it appears two of the open source modules/services used by the Time Machine feature are dated.
netatalk 3.0.5 - August 2013
avahi 0.8 - Feb 18, 2020
Do wonder if those two dated modules/services are playing a roll with the issues some are trying to overcome with Apple depreciating AFP in favor of SMB in the Mac OS over the past year or so.

So far, 4.18.8 of samba is working splendidly. When I was on version 3.6.25 on the old router, one CPU would always peg at 100% for about five to fifteen minutes after booting/restarting samba before I could actually see the shared volume. That does not happen at all anymore. It starts sharing instantly. I’m not sure if that might be enough reason for @RMerlin to bake it into future firmware upgrades. Obviously, my situation is just one example, but if others see improved performance and it isn’t too complicated to do, it may be worthwhile.

I can get _smb._tcp and _adisk._tcp working on Ethernet but I have only seen _smb._tcp working once on Wifi and I have tried so many things that I don’t remember what combination made that work. The Wifi I’m using is the same subnet as my wired connection. From what I can tell, avahi hasn’t been updated in a very long time.

As soon as I unplug my ethernet capable, my connection drops; however, if I use NETBIOS in smb.conf, then I can still see the router under the NETBIOS name. I believe the main problem with that is automatically mounting the share. I need to figure out the mDNS issue now. I saw some threads about it and have tried many of the items in them, but so far I only have luck with it on Ethernet.

Once I get it all figured out, I will create a new thread with step-by-step instructions.

 

[Jeffrey Young]

Interested in how things work out with using Entware's Samba Server. Others have tried but ran into issues with Asus security process killing Samba if it was not turned on in the GUI.

I was going to play around with this at one time by trying a bind mount of Entware's smbd binary over Asus's version, then using a post conf script to setup my own SMB.conf script. But never got around to it. I only use Samba on the router to retrieve the odd log file, so I don't have much drive to actually get it done.

 

[iTyPsIDg]

Interested in how things work out with using Entware's Samba Server. Others have tried but ran into issues with Asus security process killing Samba if it was not turned on in the GUI.

I was going to play around with this at one time by trying a bind mount of Entware's smbd binary over Asus's version, then using a post conf script to setup my own SMB.conf script. But never got around to it. I only use Samba on the router to retrieve the odd log file, so I don't have much drive to actually get it done.

Yes, I discovered that and spent a lot of time trying to figure it out. Initially, I added this to the end of

Spoiler: /jffs/scripts/post-mount

# --------------------------------------------------------------
# After Entware is mounted under /opt, start Samba4 exactly once
# --------------------------------------------------------------
if [ -x "${1}/entware/bin/opkg" ]; then
  logger -t entware-smb "post-mount: waiting 30s before launching Entware Samba4"
  sleep 30
  logger -t entware-smb "post-mount: launching Entware Samba4"
  /opt/etc/init.d/S91smb start
fi

I found that the Entware Samba was automatically launching (likely from /jffs/addons/amtm/mount-entware.mod calling rc.unslung); however, as soon as the sleep ended and the rest of post-mount ran, the process was killed. I tried using service-event as well. Neither worked. Eventually, I settled on a cron job and my own

Spoiler: custom-start-smb.sh

#!/bin/sh
#
# only start my services if they’re not already running

# 1) Bail out if Core-Files/Entware isn’t mounted yet
[ -x /opt/bin/opkg ] || exit 0

MARKER=/jffs/configs/.smb_started

# 2) if we already did our “first start”, bail
[ -f "$MARKER" ] && exit 0

# 3) Samba
if ! pidof smbd >/dev/null; then
  logger -t custom-start "First-time start: Samba4"
  /opt/etc/init.d/S91smb start
fi

# record that we ran once
touch "$MARKER"

The cron job is */3 * * * * /jffs/scripts/custom-start-smb.sh #entware_smb#.

Then I have BOTH service-event and post-mount delete the MARKER file. Post-mount deletes it when the Entware disk is mounted (since Samba from Entware can't run without the disk mounted) and service-event deletes it if samba or nasapps stops or is restarted. This has been completely stable for me.

Current

Spoiler: /jffs/scripts/post-mount snippet

[ -x "${1}/entware/bin/opkg" ] && rm -f /jffs/configs/.smb_started # clear stale flag file so our cron task will run

and

Spoiler: /jffs/scripts/service-event snippet

if { [ "$1" = "stop" ] || [ "$1" = "restart" ]; } && [ "$2" = "samba" -o "$2" = "nasapps" ]; then
  logger -t entware-smb "service-event: firmware NAS stopping, clearing .smb_started flag"
  rm -f /jffs/configs/.smb_started
fi

 

[Jeffrey Young]

Sweet. And inventive. Camping season now, so most of my playing comes to an end until fall. Lol. I may still play around with the bind mount idea and just keep Samba turned on in the GUI. Just to see if it works.

I did this with acme.sh on the router when I set up my certificate management system and it has worked well (bind mount acme.sh using the post-mount script).

 

[ColinTaylor]

When we discussed this before my issue was:

The first problem is that after Entware's Samba is started via post-mount the router runs restart_nasapps. This kills smbd and nmbd regardless of whether Samba is enabled or not in the GUI.

My solution was:

Something I considered but initially dismissed as requiring too many changes was to the make copies of Entware's smbd and nmbd called smbd4 and nmbd4. Then modify S91smb with these new names. Generally speaking I'm not keen on modifying system scripts in case they get reset by a subsequent software update. But in the end it might be the easiest way to avoid the firmware erroneously stopping and starting Samba.

EDIT: I've just tried this and it seems to work well enough.

As stated, I'm not overly keen on my solution but it seems like the lesser of all evil's. Whatever you do is going to involve some ugly hacks.

 

[iTyPsIDg]

When we discussed this before my issue was:

My solution was:

As stated, I'm not overly keen on my solution but it seems like the lesser of all evil's. Whatever you do is going to involve some ugly hacks.

Could this be what keeps killing it?

Spoiler: /jffs/scripts/MerlinAU.sh

##----------------------------------------##           
## Modified by Martinski W. [2023-Mar-24] ##
##----------------------------------------##                       
_ShutDownNonCriticalServices_()
{
    for procName in nt_center nt_monitor nt_actMail
    do                       
         procNum="$(ps w | grep -w "$procName" | grep -cv "grep -w")"
         if [ "$procNum" -gt 0 ]             
         then         
             printf "$procName: [$procNum]\n"
             killall -9 "$procName" && sleep 1
         fi                                 
    done                                   
                  
    for service_name in conn_diag samba nasapps                                                   
    do                                             
        procNum="$(ps w | grep -w "$service_name" | grep -cv "grep -w")"
        if [ "$procNum" -gt 0 ]
        then                                                                 
            printf "$service_name: [$procNum]\n"
            service "stop_$service_name" && sleep 1                                               
        fi
    done                                   
}

 

[ColinTaylor]

Could this be what keeps killing it?

Spoiler: /jffs/scripts/MerlinAU.sh

##----------------------------------------##       
## Modified by Martinski W. [2023-Mar-24] ##
##----------------------------------------##                   
_ShutDownNonCriticalServices_()
{
    for procName in nt_center nt_monitor nt_actMail
    do                   
         procNum="$(ps w | grep -w "$procName" | grep -cv "grep -w")"
         if [ "$procNum" -gt 0 ]         
         then     
             printf "$procName: [$procNum]\n"
             killall -9 "$procName" && sleep 1
         fi                             
    done                               
              
    for service_name in conn_diag samba nasapps                                               
    do                                         
        procNum="$(ps w | grep -w "$service_name" | grep -cv "grep -w")"
        if [ "$procNum" -gt 0 ]
        then                                                             
            printf "$service_name: [$procNum]\n"
            service "stop_$service_name" && sleep 1                                           
        fi
    done                               
}

I don't know what that script does but it seems unrelated. The problem I encountered (which may not be applicable to the new 3006.102 branch) is part of the design of the firmware. It wasn't designed to cope with an alternate instance of Samba being run.

The firmware calls the stop_samba() function at various points (e.g. bootup, shutdown, changes to ftp, VPN state changes, etc.). If you follow the code you end up at the kill_samba() function where you can see the issue.

 

[iTyPsIDg]

Oddly, mDNS is advertising services correctly on my Guest Networks but not on my main network wifi. So, Ethernet and Guest wifi correctly broadcasts mDNS services.

 

[iTyPsIDg]

Okay! I think I got it. I disabled IGMP Snooping on both Wireless interfaces under the Professional tab and rebooted. Only after the reboot did it start working.

I think I can finally turn NETBIOS back off now.

EDIT: Oh, I also added nvram set igmp_snooping=0 committed the change and rebooted before I rebooted from the Wireless - Professional changes, so I honestly don't know which actually did it.

 

[Jeffrey Young]

EDIT2: I got this working, see this post;

Tutorial - How to get Samba 4.18.8 running on an RT-AX86U Pro running Merlin 3006.102.4_0

I, like others, noticed that my 3006 firmware router was pegging the CPU at 100% when I enabled Samba in the GUI (version 3.6.25). I was using built-in Samba on my RT-AX86U running Merlin 3004.388.9_2 just fine. I had even figured out how to make Time Machine backups work. The CPU issue made me...

www.snbforums.com

EDIT: Scrap this. After a reboot, Samba did not start. Back to the drawing board.....


So, I ended up having to come home today to take care of some other items, so I found myself having some time to play with this.

I was able to get Entware Samba4 Server working on the router using the credentials you set up in the Samba GUI of the router by using the following /jffs/scripts/smb.postconf script;

[S]#!/bin/sh

CONFIG=$1
source /usr/sbin/helper.sh

count=0
while ! [ -f "/opt/sbin/smbd" ]
do
    sleep 5
    let "count=count+5"
    if [ $count -gt 60 ];then
        exit 1
    fi
done

pc_delete "unix charset" $CONFIG
pc_delete "display charset" $CONFIG
pc_delete "use spnego" $CONFIG
pc_delete "client use spnego" $CONFIG
pc_delete "max protocol" $CONFIG

pc_insert "[global]" "max protocol = SMB3" $CONFIG
pc_insert "[global]" "private dir = /etc/samba" $CONFIG
pc_insert "[global]" "client min protocol = NT1" $CONFIG

mount --bind /opt/sbin/smbd /usr/sbin/smbd
mount --bind /opt/sbin/nmbd /usr/sbin/nmbd

After restarting Samba (using ScMerlin), then executing smbd -V, I get;

user@RTAX86UPro:/jffs/addons/young# smbd -V
Version 4.18.8
user@RTAX86UPro:/jffs/addons/young#

user@RTAX86UPro:/jffs/scripts# nmbd -V
Version 4.18.8
user@RTAX86UPro:/jffs/scripts#

and browsing the shares from a Windows 11 computer seems to work just fine.

Note: Yep, I know about SMB1 not being secure. Unfortunately, I have one printer that only uses SMB1 when using scan to network. In a home network, not a biggy.

I will have to let this work for a few weeks to see how this works out.

Thought I would share.

EDIT: This script is rough. If I am happy with it in a few weeks, I want to clean it up, added some logging into the syslog, etc.

Edit2: Remove the execute permission from the S91smb script in the init.d directory.[/S]

 

[iTyPsIDg]

You will probably need to try that cron job and custom start script I created to get it to remain up.

 

[Jeffrey Young]

I was hoping to come up with a method of using samba4 along with user management from the GUI. Weird thing is that everything works when done manually (after the GUI builds the password file, I can bind mount, then start smbd). As soon as I do a restart via nasapps, the password file gets truncated to 0 bytes. It looks like Asus has rolled everything samba into one binary called samba_multicall. smbd, numbd, smbpasswd, etc are all symbolic links to samba_multicall. As soon as I bind mount samba4 smbd to Asus smbd, it seems that somehow the smbpasswd no longer works as the GUI builds the password file on nasapp restart.

Something more to play with in the fall, I guess.