.. toctree:: :hidden: FreeNAS® 9.2.1.8 Errata ------------------------ Several items have changed since 9.2.1 due to various bug fixes. There were eight bug fix releases between FreeNAS® 9.2.1 and 9.2.1.8, where: * 9.2.1.1 fixed `this list of bugs `_, * 9.2.1.2 fixed `this list of bugs `_, * 9.2.1.3 fixed `this list of bugs `_, * 9.2.1.4 fixed `this list of bugs `_, * 9.2.1.5 fixed `this list of bugs `_, * 9.2.1.6 fixed `this list of bugs `_, * 9.2.1.7 fixed `this list of bugs `_, and * 9.2.1.8 fixed `this list of bugs `_. This Errata provides a listing of screens and features that differ from the 9.2.1 Users Guide. It is organized by the names of the sections which have changed in numerical order. Section 1.1 What's New Since 9.2.1 ---------------------------------- * Incorporates all of the `security releases `_ issued since FreeBSD 9.2 RELEASE. * `Shellshock security vulnerability in bash `_ proactively closed. * Samba has been updated to `version 4.1.12 `_. * Netatalk upgraded to `version 3.1.2 `_. * :file:`*.usb` files are now available from the FreeNAS® download page. These files can be either burned to CD (like an .iso file) or written directly to USB (like an .img file). * A "Performance Test" button has been added to :menuselection:`System --> Settings --> Advanced`. * "System Dataset" has been added as the fifth tab in :menuselection:`System --> Settings`. * A "Media Status" column has been added to :menuselection:`Network --> Interfaces --> View Interfaces`. * The "Enable High Speed Ciphers" field has been renamed in :menuselection:`Storage --> Replication Tasks --> Add Replication Task`. The "Replication Stream Compression" field has been added to this screen. * A "Share type" drop-down menu has been added to the :menuselection:`Storage -> Volumes --> Create ZFS Dataset` screen. * The "Permission Type" in the Change Permissions screen has changed to *Unix / Mac* and *Windows*. * The "Database Path" field has been removed from the :menuselection:`Sharing --> Apple (AFP) Shares --> Add Apple (AFP) Share` screen and added to the :menuselection:`Services --> AFP screen`. * The "Apply Default Permissions" checkbox has been added to :menuselection:`Sharing --> Windows (CIFS) Shares --> Add Windows (CIFS) Share`. * The "Use syslog", "Server minimum protocol", "Server maximum protocol", "Allow execute always", and "Bind IP Addresses" fields have been added to :menuselection:`Services --> CIFS`. The "Authentication Model" field has been removed as *Anonymous* is not a valid setting for Samba4. Instead, *Local User* is used unless the system is joined to an Active Directory domain. The "EA Support" and "Support DOS File Attributes" fields have been removed. * The "Windbind NSS Info" field has been added to :menuselection:`Services --> Directory Services --> Active Directory`. * The location of the SSL certificate of the LDAP server can now be browsed to in the "Self signed certificate" field of :menuselection:`Services --> Directory Services --> LDAP`. * The "Enable experimental target" checkbox has been added to :menuselection:`Services --> iSCSI --> Target Global Configuration`. This allows beta testers to use the experimental kernel iSCSI which adds support for Windows 2012 clustering. Checking this box requires the system to be rebooted. * The "Enable multithreaded mode" checkbox has been added to :menuselection:`Services --> iSCSI --> Target Global Configuration`. * The ability to specify a "LUN ID" has been added to :menuselection:`Services --> iSCSI --> Add Target / Extent`. * The "VirtualBox" jail type has been added which will create a jail with `phpVirtualBox `_ installed. Once installed, input the IP address of the VirtualBox jail into a browser and enter the username and password of *admin* in the login screen. * The Alert system will provide a warning if the ZFS volume's capacity reaches 80% and will report a critical error if the ZFS volume's capacity reaches 90%. * The `zsh shell `_ has been added to the base system. Section 2.1: Getting FreeNAS® ------------------------------ FreeNAS® 9.2.1.8 can be downloaded from the `download page of the FreeNAS® website `_. * **USB Image:** this file ends in a :file:`.usb` extension and can either be written to CDROM as described in Installing from CDROM or written to a USB device as described in Burning an IMG File. Section 2.3: Installing from CDROM ---------------------------------- If you prefer to install FreeNAS® using a menu-driven installer, download the ISO or USB image that matches the architecture of the system you will install onto (32- or 64-bit) and burn it to a CDROM. Section 2.4 Burning an IMG File ------------------------------- .. note:: you can also write the :file:`.usb` file to a USB thumbdrive. Since this file is not compressed, it does not need to be uncompressed first using :command:`xzcat` or 7-Zip. When using :command:`dd`, the command shown in the examples will change to: :: dd if=FreeNAS-9.2.1.8-RELEASE-x64.usb of=/dev/da0 bs=64k Section 2.6.1: Preparing for the Upgrade ---------------------------------------- #. Download the :file:`.iso`, :file:`.usb`, or :file:`.txz` file that matches the system's architecture to the computer that you use to access the FreeNAS® system. Section 2.6.2: Using the ISO to Upgrade --------------------------------------- Burn the downloaded :file:`.iso` or :file:`.usb` file to a CDROM. Section 3.1.2: Set the Administrative Email Address --------------------------------------------------- Remove the last line in the first paragraph. Section 3.2.2: Users -------------------- **Figure 3.2d: Managing User Accounts** |Figure32d.png| .. |Figure32d.png| image:: Figure32d.png :width: 10.5in :height: 4.3in If you click a user account, the following buttons will appear for that account: * **Modify User:** used to modify the account's settings, as listed in Table 3.2b. * **Change E-mail:** used to change the email address associated with the account. Section 4.6.2: Advanced Tab --------------------------- Add this button to "This tab also contains the following buttons:" **Performance Test:** runs a series of performance tests and prompts to save the results as a tarball. Since running the tests can affect performance, a warning is provided and the tests should be run at a time that will least impact users. Section 4.6.5: System Dataset Tab --------------------------------- The "System Dataset" tab, shown in Figure 4.6e, is used to select the pool which will contain the persistent system dataset. The system dataset stores debugging core files and Samba4 metadata such as the user/group cache and share level permissions. If the FreeNAS® system is configured to be a Domain Controller, all of the domain controller state is stored there as well, including domain controller users and groups. The system dataset can optionally be configured to also store the system log and the Reporting information. If there are lots of log entries or reporting information, moving these to the system dataset will prevent :file:`/var/` from filling up as :file:`/var/` has limited space. **Figure 4.6e: System Dataset Tab** |Figure46e.png| .. |Figure46e.png| image:: Figure46e.png :width: 5.9in :height: 4.2in Use the drop-down menu to select the ZFS volume (pool) to contain the system dataset. To also store the system log on the system dataset, check the "Syslog" box. To also store the reporting information, check the "Reporting Database" box. If you change the pool storing the system dataset at a later time, FreeNAS® will automatically migrate the existing data in the system dataset to the new location. Section 6.2.2: Configure PUSH ----------------------------- **Figure 6.2b: Adding a Replication Task** |Replication1i.png| .. |Replication1i.png| image:: Replication1i.png :width: 9.0in :height: 5.1in In Table 6.2a, replace the entry for "Enable High Speed Ciphers" with: +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ | **Setting** | **Value** | **Description** | | | | | +===================+==================+=========================================================================================================+ | Encryption Cipher | drop-down menu | used to select whether or not the data is encrypted during transmission; choices are *Standard*, | | | | *Fast*, or | | | | *Disabled* | | | | | +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ Add this entry to Table 6.2a: +---------------------+------------------+-----------------------------------------------------------------------------------------------------------+ | **Setting** | **Value** | **Description** | | | | | +=====================+==================+===========================================================================================================+ | Replication Stream | drop-down menu | used to select whether or not the data is compressed during transmission; choices are *Off*, | | Compression | | *lz4* (fastest), | | | | *pigz* (all rounder), or | | | | *plzip* (best compression) | | | | | +---------------------+------------------+-----------------------------------------------------------------------------------------------------------+ Section 6.3.6: Creating ZFS Datasets ------------------------------------ **Figure 6.3i: Creating a ZFS Dataset** |Figure63i.png| .. |Figure63i.png| image:: Figure63i.png :width: 7.4in :height: 3.8in Add extra entry to **Table 6.3d: ZFS Dataset Options**: +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ | **Setting** | **Value** | **Description** | | | | | +===================+==================+=========================================================================================================+ | Share type | drop-down menu | select the type of share that will be used on the dataset; choices are *UNIX* for an NFS share, | | | | *Windows* for a CIFS share, or | | | | *Apple* for an AFP share | | | | | +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ Section 6.3.10: Setting Permissions ----------------------------------- **Figure 6.3q: Changing Permissions on a Volume or Dataset** |Figure63q.png| .. |Figure63q.png| image:: Figure63q.png :width: 3.5in :height: 3.5in Section 7.1.1: Creating AFP Shares ---------------------------------- **Figure 7.1a: Creating an AFP Share** |Figure71a.png| .. |Figure71a.png| image:: Figure71a.png :width: 6.7in :height: 4.1in The entry for "Database Path" has been removed from **Table 7.1a: AFP Share Configuration Options**. Section 7.1.3: Using Time Machine --------------------------------- In step 4, remove this line: **Server name:** freenas Section 7.3.1: Creating CIFS Shares ----------------------------------- The manual page for the Samba4 version of smb.conf(5) is `http://www.sloop.net/smb.conf.html `_. **Figure 7.3a: Adding a CIFS Share** |Figure73a.png| .. |Figure73a.png| image:: Figure73a.png :width: 6.7in :height: 4.1in Add the following entry to **Table 7.3a: Options for a CIFS Share**: +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ | **Setting** | **Value** | **Description** | | | | | +===================+==================+=========================================================================================================+ |Apply Default | checkbox | sets the ACLs to allow read/write for owner/group and read-only for others; should only be unchecked | |Permissions | | when creating a share on a system that already has custom ACLs set | | | | | +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ Remove the following deprecated entries from **Table 7.3a: Options for a CIFS Share**: * Inherit Owner * Inherit Permissions Section 7.3.2: Configuring Anonymous Access ------------------------------------------- In Step 4, remove this bullet: * **Authentication Model:** Anonymous Section 7.3.3: Configuring Authenticated Access ----------------------------------------------- First sentence changed to: If you would like each user to authenticate before accessing the CIFS share, configure the share as follows: Remove the first bullet for "Authentication Model" in Step 5. Section 8.2: AFP ---------------- **Figure 8.2a: AFP Configuration** |Figure82a.png| .. |Figure82a.png| image:: Figure32d.png :width: 6.4in :height: 3.6in Add this entry to **Table 8.2a: AFP Configuration Options** +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ | **Setting** | **Value** | **Description** | | | | | +===================+==================+=========================================================================================================+ | Database Path | string | specify the path to store the CNID databases used by AFP (default is the root of the volume); the path | | | | must be writable | | | | | +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ Section 8.3: CIFS ----------------- **Figure 8.3a: Configuring CIFS** |Figure83a.png| .. |Figure83a.png| image:: Figure83a.png :width: 8.1in :height: 4.2in Remove these entries from **Table 8.3a: CIFS Configuration Options**: * Authentication Model * EA Support * Support DOS File Attributes Add these entries to **Table 8.3a: CIFS Configuration Options**: +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ | **Setting** | **Value** | **Description** | | | | | +===================+==================+=========================================================================================================+ | Use syslog | checkbox | logs most events to syslog instead of the samba log files | | | | | +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ | Server minimum | drop-down menu | the minimum protocol version the server will support where the default of *------* sets automatic | | protocol | | negotiation; refer to Table 8.3b for descriptions | | | | | +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ | Server maximum | drop-down menu | the maximum protocol version the server will support; refer to Table 8.3b for descriptions | | protocol | | | +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ | Allow execute | checkbox | if checked, Samba will allow the user to execute a file, even if that user's permissions are not set to | | always | | execute | +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ | Bind IP Addresses | checkbox(es) | used to specify which IP address(es) the CIFS service will listen on | | | | | +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ Add new table: **Table 8.3b: Description of SMB Protocol Versions** +-------------------------------------------------------------------------------+ | **Value** | **Description** | | | | +==================+============================================================+ | CORE | used by DOS | | | | +------------------+------------------------------------------------------------+ | COREPLUS | used by DOS | | | | +------------------+------------------------------------------------------------+ | LANMAN1 | used by Windows for Workgroups, OS/2, and Windows 9x | | | | +------------------+------------------------------------------------------------+ | LANMAN2 | used by Windows for Workgroups, OS/2, and Windows 9x | | | | +------------------+------------------------------------------------------------+ | NT1 | used by Windows NT | | | | +------------------+------------------------------------------------------------+ | SMB2 | used by Windows 7; same as SMB2_10 | | | | +------------------+------------------------------------------------------------+ | SMB2_02 | used by Windows Vista | | | | +------------------+------------------------------------------------------------+ | SMB2_10 | used by Windows 7 | | | | +------------------+------------------------------------------------------------+ | SMB2_22 | used by early Windows 8 | | | | +------------------+------------------------------------------------------------+ | SMB2_24 | used by Windows 8 beta | | | | +------------------+------------------------------------------------------------+ | SMB3 | used by Windows 8 | | | | +------------------+------------------------------------------------------------+ | SMB3_00 | used by Windows 8, mostly the same as SMB2_24 | | | | +------------------+------------------------------------------------------------+ .. note:: Windows 8.1 and Windows Server 2012 R2 use SMB3.02 which is not yet supported by Samba. Section 8.3.1: Troubleshooting Tips ----------------------------------- Change :command:`testparm` command to: :: testparm /usr/local/etc/smb4.conf Add the following tips: If clients have problems connecting to the CIFS share, go to :menuselection:`Services --> CIFS` and verify that "Server maximum protocol" is set to "SMB2". It is recommended to use a dataset for CIFS sharing. When creating the dataset, make sure that the "Share type" is set to Windows. Do not use :command:`chmod` to attempt to fix the permissions on a CIFS share as it destroys the Windows ACLs. The correct way to manage permissions on a CIFS share is to manage the share security from a Windows system as either the owner of the share or a member of the group the share is owned by. To do so, right-click on the share, click "Properties" and navigate to the "Security" tab. If you already destroyed the ACLs using :command:`chmod`, :command:`winacl` can be used to fix them. Type :command:`winacl` from "Shell" for usage instructions. Section 8.4.1: Active Directory ------------------------------- Add the following entry to **Table 8.4a: Active Directory Configuration Options**: +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ | **Setting** | **Value** | **Description** | | | | | +===================+==================+=========================================================================================================+ | Windbind NSS Info | drop-down menu | select the service for retrieving the user's home directory and login shell; choices are use *sfu* | | | | (Services for Unix, version 3.x), *sfu20* (Services for Unix, version 2.0), or | | | | *rfc2307* (use LDAP) | | | | | +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ Section 8.7.5: Target Global Configuration ------------------------------------------ **Figure 8.7g Target Global Configuration Variables** |Figure87g.png| .. |Figure87g.png| image:: Figure87g.png :width: 8.4in :height: 4.4in Add the following entries to **Table 8.7f: Target Global Configuration Settings**: +----------------------+------------------+---------------------------------------------------------------------------------------------------------+ | **Setting** | **Value** | **Description** | | | | | +======================+==================+=========================================================================================================+ | Enable experimental | checkbox | this option is for beta testers of kernel iSCSI; requires a reboot | | target | | | +----------------------+------------------+---------------------------------------------------------------------------------------------------------+ | Enable multithreaded | checkbox | do not check as experimental | | mode | | | +----------------------+------------------+---------------------------------------------------------------------------------------------------------+ Section 8.7.7: Target/Extents ----------------------------- **Figure 8.7i: Associating iSCSI Targets/Extents** |Figure87i.png| .. |Figure87i.png| image:: Figure87i.png :width: 5.1in :height: 4.1in Add this entry to **Table 8.7g: Target/Extents Configuration Settings**: +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ | **Setting** | **Value** | **Description** | | | | | +===================+==================+=========================================================================================================+ | LUN ID | drop-down menu | specify the ID of the LUN; the default of *Auto* will select the next available LUN ID, starting at 0 | | | | | +-------------------+------------------+---------------------------------------------------------------------------------------------------------+ Section 8.12.2: Chrooting Command Line SFTP Users ------------------------------------------------- **Figure 8.12b: Permissions Required by SSH Chroot** |Figure812b.png| .. |Figure812b.png| image:: Figure812b.png :width: 3.6in :height: 3.5in Section 9.1: Installing a FreeNAS® PBI Using Plugins ----------------------------------------------------- **Figure 9.1a: Using Plugins to Install a PBI** |Figure91a.png| .. |Figure91a.png| image:: Figure91a.png :width: 7.6in :height: 4.4in Section 9.2: Available FreeNAS® PBIs ------------------------------------- Add the following to the list of PBIs: * `Headphones `__ * `LazyLibrarian `_ * `Subsonic `_ * `XDM `_ Remove the following from the list of PBIs: * Gamez Section 10: Jails ----------------- Add the following type of jail: 5. **VirtualBox jail:** installs an instance of `phpVirtualBox `_, which provides a web-based front-end to `VirtualBox `_. This can then be used to install any operating system and to use the software management tools provided by that operating system. Section 10.2: Adding Jails -------------------------- Add *VirtualBox* to the "Description" of "type" in Table 10.2a. Section 10.3: Jail Templates ---------------------------- **Figure 10.3a: Listing of Default Jail Templates** |Figure103a.png| .. |Figure103a.png| image:: Figure103a.png :width: 7.6in :height: 4.4in Change the bullet on "Instances" to read: * **Instances:** indicates if the template has been used to create a jail. In this example, one pluginjail, portjail, standard, and debian jail have been created, so their instances show as *1*. The rest of the templates have not been used yet so their instances show as *0*. Section 11: Reporting --------------------- Change second last paragraph to: Reporting data is saved, allowing you to view and monitor usage trends over time. By default, reporting data is saved to :file:`/data/rrd_dir.tar.bz2` and should be preserved across system upgrades and at shutdown. To instead save this data to the system dataset, check the "Reporting database" box in :menuselection:`System --> Settings --> System Dataset`. Section 12.5: Help ------------------ Change bullet for the Bug Tracker to: * the Bug Tracker link to the bugs database Section 13.2: Forums -------------------- The "FreeNAS 4 N00bs" forum has been renamed to "New to FreeNAS?". Section 16.1: Building a Local Copy of the APIs ----------------------------------------------- Add note after first paragraph: .. note:: an online version of the API is now hosted at `api.freenas.org `_.