Synology Cubestation

Jan 2015

DS414: Marvell Armada XP armv7, 1.33 GHz, 2 cores, DDR3 1GB

IPKG for DS414:

2014 Embarrassing bug in OpenSSL for the Linux community. Also Synology-products suffered from this.

09 April 2014
We've addressed this CVE and are preparing the fix to the vulnerability.
We look forward to providing the fix shortly.

v 3-1-1638 - not affected.

Installed Sep 2014:

Nice storage-boxes from
Not really an alternative, very immature (i.e. fuugethaboutit): FreeNAS

Black Cube 407
CS407, Marvell Orion mv5281 ARM Processor, SATA, 32-bit Memory Bus, 128MB of RAM
Cubestation 407

Previously running a sub-optimal 2xRaid1 I now (2011? 2012?) have 1xRaid5 instead.

ConfigurationOld setupCheap
Upgrade A
Upgrade B
(Today, done)
Upgrade C
slot10,5 TB 2 TB 1 TB 2 TB
slot10,5 TB 2 TB 1 TB 2 TB
slot31 TB1 TB1 TB 2 TB
slot31 TB1 TB1 TB 2 TB
Raid type2x Raid12x Raid1Raid5Raid5
Brutto3 TB6 TB4 TB8 TB
Netto1,328 TB3 TB3 TB6 TB
0 CHF 250 CHF 200 CHF 500 CHF

Old setup:
Volume 1: RAID1 with 2x 1TB, Total capacity: 913.94 GB
Volume 3: RAID1 with 2x 500GB, Total capacity: 455.49 GB




Time Machine

For Mac users - easy peasy!!!

...until Apple upgraded the AFP-protocol just as CS407 had reached end-of-life for firmware support.
But luckily Synology decided to give us one last upgrade due to the move by Apple: Version: DSM 3.1-1636

Logitech Squeeze Center on the CubeStation

See SqueezeCenter


Customising *php.ini*:

vi /usr/syno/etc/php.ini

Adding a separate FTP-directory for PHP-access:
open_basedir = /volume1/ftp: [ ... ]

MOTD - Message of the Day

vi /etc/motd

|                      |
|     Welcome to       |
|    EbmatStation      |
|                      |
|   Cubestation 407    |


Enable in the web-config panel (perhaps default nowadays?).
Store public key as:


Change SSH Port-number to 5022
Lost after DSM-reinstallation/upgrade. Workaround; keep default 22, config your router to redicet WAN-5022 to local 22

vi /etc/ssh/sshd_config


Port 5022

...and reboot.

FTP welcome (will we ever use FTP again?)
vi /etc/ftpwelcome

FTP welcome after login
edit /etc/ftpmotd

IPKG package manager

Adding IPKG itself with a bootstrap:,_bootstrap,_ipkg_etc

ipkg is also dependant on a few other software bits and pieces that are not installed on the synology servers. Consequently to install ipkg you need to use the appropriate bootstrap which automates the installation of ipkg and the other packages it needs.

After you have installed ipkg (see the bootstrap section below), you can install ipkg packages of programs using the command "ipkg install xxxx" where xxxx is the name of the package. Once the package is installed you can run it using "xxxx" where xxxx is the name of the program you just installed (this is normally the same as the package name, but not always).

For help with ipkg commands use "ipkg -help":

usage: ipkg [options...] sub-command [arguments...]
where sub-command is one of:

Package Manipulation:
		update                  Update list of available packages
		upgrade                 Upgrade all installed packages to latest version
		install <pkg>           Download and install <pkg> (and dependencies)
		install <file.ipk>      Install package <file.ipk>
		configure [<pkg>]       Configure unpacked packages
		remove <pkg|regexp>     Remove package <pkg|packages following regexp>

IPKG Bootstrap

Lost after DSM-reinstallation/upgrade.
For mv5281 ARM models (such as my Black CS407) (Captured to be safe here: U:\bra_o_ha\_Synology\ )

The steps to install the bootstrap (provided as .xsh files) are below, you should replace the text in bold with the relevant text for your CPU's bootstrap file (listed above).
  1. Reboot your NAS.
  2. Enable and then Login to the Command Line Interface as user "root", password is the same as for admin.
  3. Change to a directory such as "/volume1/@tmp", i.e. enter the command "cd /volume1/@tmp"
  4. Get the NAS to download the bootstrap, e.g. if you have an mv5281 ARM model enter the command " wget " alternatively download the bootstrap to your PC and then copy it to a shared folder on the NAS
  5. Set the .xsh script to be executable "chmod +x syno-x07-bootstrap_1.2-7_arm.xsh"
  6. Now run the .xsh script, e.g. if you have an mv5281 ARM model and used the bootstrap above enter the command "sh syno-x07-bootstrap_1.2-7_arm.xsh"
  7. After the script has finished you can delete the script file, e.g. for mv5281 ARM users using the bootstrap above enter the command "rm syno-x07-bootstrap_1.2-7_arm.xsh"
  8. NEW: If you have DSM 4.0 there is an additional step. In the file /root/.profile you need to comment out (put a # before) the lines "PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/syno/sbin:/usr/syno/bin:/usr/local/sbin:/usr/local/bin" and "export PATH". To do this enter the command "vi /root/.profile" to open the file in vi. Now change vi to edit mode by pressing the "i" key on your keyboard. Use the down cursor key to move the cursor to the start of the line "PATH=/sbin..." and put a "#" infront of this line so it is now "#PATH=/sbin...". Do the same for the line below so it is now "#export PATH". Now press the escape key (to exit edit mode) and type "ZZ" (note they are capitals) to tell vi to save the file and exit. For background info on why this is neccessary for DSM 4 refer to
  9. Note: If you have the following error: "Cannot satisfy the following dependencies for wget-ssl: libidn", you need to manually download libidn and install with ipkg: Eg. for Synology DS108j: "wget" (wget should be already present on the system) and enter the command "ipkg install libidn_1.21-1_powerpc.ipk". Run the ipkg bootstrap process again (press yes when it asks to overwrite config file). For a procedure to install ipk packages without ipkg, see
  10. Reboot the NAS and login again to the Command Line Interface as user "root"
  11. Update the ipkg list of available packages using the command "ipkg update"
  12. Upgrade any ipkg installed packages to the latest versions using the command "ipkg upgrade"
  13. Finished, you can now install ipkg packages using the command "ipkg install xxxx" where xxxx is the name of the package. You can list all the available packages using the command "ipkg list". As this is a long list you can filter it using the command "ipkg list | grep xxxx" where xxxx is the text you want to search for. Alternatively, you view one page at a time using the "more" pipe, e.g. "ipkg list | more"

Exec summary of the above text:
cd /volume1/@tmp
chmod +x syno-x07-bootstrap_1.2-7_arm.xsh
sh syno-x07-bootstrap_1.2-7_arm.xsh
rm syno-x07-bootstrap_1.2-7_arm.xsh

REM   reboot your Cube

ipkg update
ipkg upgrade

Note: ipkg expects to find your ipkg files/programs in the path "/opt". As the synology NAS's put all your files in "/volume1" the bootstraps put your IPKG files/programs in "/volume1/@optware" but then mount this directory so it ALSO appears as "/opt". Hence, do not think that "/volume1/@optware" and "/opt" are duplicated files, they are not duplicated, they are in fact exactly the same directory.

IPKG Adding the NC FTP client

EbmaStation407> ipkg install ncftp
Installing ncftp (3.2.3-1) to root...
Nothing to be done
An error ocurred, return value: 22.
Collected errors:
ipkg_download: ERROR: Command failed with return value 8: `wget --passive-ftp    -q -P /opt/ipkg-qUE4jB'
Failed to download ncftp. Perhaps you need to run 'ipkg update'?
EbmaStation407> ipkg update
Updated list of available packages in /opt/lib/ipkg/lists/cross
Successfully terminated.
EbmaStation407> ipkg install ncftp
Installing ncftp (3.2.4-1) to root...
Configuring ncftp
Successfully terminated.

IPKG Adding screen

ipkg install screen

Info on this lovely linux utility:


In short, start with

ipkg install zlib

From OpenSSH we only need the archive 'data.tar.gz':

cd /tmp
ipkg download openssh

tar -xvzf openssh_5.9p1-1_arm.ipk ./data.tar.gz

From the 'data.tar.gz'-archive we only need the files 'sftp' und 'scp'.
Move them to 'bin', and link in the required library v0.9.7:

tar -xvzf data.tar.gz ./opt/bin/sftp ./opt/bin/openssh-scp
mv ./opt/bin/* /opt/bin

cd /usr/lib
ln -s

Finish off by installing a bunch of utilities. This will remove an error-message you'd face if not installing the utility 'group'.

ipkg install coreutils

Full text, in German:


First we will install the BASH package
ipkg install bash

Next we will tell the system that we prefer BASH over ASH, thank you very much. We will do this by editing the /etc/passwd file. Be very very very careful editing this file, as if you muff it up then you might not be able to log into your system!

So, let's be super extra careful and make a back-up of the file, just in case.
cp /etc/passwd ~/just-in-case

Now we'll edit the file
vi /etc/passwd

Note: I would NOT recommending to switch shell for root user. If things go belly up you sure want to be able to login again under any circumstances. Replace the shell for normal users *only*! Keep the default shell for root!

Look for a line like this: (

We want to change the end bit to point to bash, so we change "/bin/ash" to "/opt/bin/bash". When you're done it will look like this:

Save the file, but *DO NOT* exit your ssh session! First, test our modification by attempting to log in again from another ssh window. If you cannot log in for whatever reason, then restore the file and try again
cp ~/just-in-case /etc/passwd

If you can login, then you delete the backup file and Bob's yer uncle.
rm ~/just-in-case

The man page for BASH is a fantastic wealth of information.
Read it. Know it. Love it.

IPKG Socks proxy
  1. Configure ikpg to find the socks software over at DD-WRT.
  2. Download and install via ipkg

IPKG Subversion server

Binaries are lost after DSM-reinstallation/upgrade. Configs below are retained though.
ipkg install svn

Add a line for Subversion in '/etc/inetd.conf':
svn stream tcp nowait subba /opt/bin/svnserve svnserve -i -r /volume2/svn

Edit '/etc/services' to include Subversion data:
svn 3690/tcp # Subversion 
svn 3690/udp # Subversion

Finally, a *reboot* shall do the trick.

Full text:

If you get problems:

Swiss File Knife

A Command Line Tools Collection

Adding Linux programs and features

Additional packages for the DiskStation (called Optware)

Create Torrent-files

Cube System administration

How to retrieve data from RAID Volumes on Linux
PPC - Big endian
Wintel - Little endian

About little/big endian

Synology DSM - Email notification annoyance

As I understand it the Diskstation sends through the account I specify inn the SMTP settings, however it uses the preliminary email as sender. Workaround, not pretty: sender-account = primary email and the actual receiving account as the secondary email.

There are no comments on this page.
Valid XHTML :: Valid CSS: :: Powered by WikkaWiki