Removing E (DiskError) flag on system drive of a Synology NAS
Recently, I came across the following problem: A user of a Synology DiskStation wanted upgrade the disk drives to bigger ones. So he tried to do everything correctly:
First, he identified the list of possible disk drives officially supported for his Disk Station and bought the appropriate hard disk.
Then removed one disk drive (drive 2) in the bay and exchanged it with one of the newly bought disks and tols the NAS to repair the volume in order to sync system and data to the new drive.
And here is, where the problems started: The data RAID fortunately synced fine to the second drive, but the System RAID did not sync and left him with a faulty system volume.
This is where I came into play. A quick check via commandline revealed the following status:
sh-4.3# cat /proc/mdstat Personalities : [linear] [raid0] [raid1] [raid10] [raid6] [raid5] [raid4] md2 : active raid1 sda5[2] sdb5[1] 1948779648 blocks super 1.2 [2/2] [UU] md1 : active raid1 sda2[0] sdb2[1] 2097088 blocks [2/2] [UU] md0 : active raid1 sdb1[1](E) 2490176 blocks [2/1] [_E]
Now my first thought was: Status E? I’m used to Linux Software RAID, but I never saw such a RAID status code. Checked documentation, no mention if it either. It’s not “F” for faulty, it’s “E”.
After digging around in Google I finally figured out that this is a proprietary status code from Synology RAIDs not implemented in official Linux kernel.
Now how to find out more about it? I found an article on how to reset the “Faulty” flag on an existing array disk, but it didn’t sound very safe given the fact that I didn’t know the original RAID parameters of the RAID.
Now the first thing to do when working with such volumes obviously is to make a copy and work only with the copied drive to have the original drive secured in case something goes wrong. So I dug out another good spare drive of the same size from my collection and copied the existing drive to it sector per sector with dd.
During copying, it turned out there was a bad block (fortunately only one!) on the original drive within the system partition, so that was the reason why the drive’s state went to “E”, which seems to indicate “Disk error”. ddrescue to the rescue! It skipped the bad sector and I had a working copy of the drive to mess around with. I later checked the location of the bad sector and there were sectors with 00s around it, so I guess that there was nothing important on that bad sector anyway.
Now how to reset this damn E flag? First, I needed to identify the Superblock of the RAID volume that went bed. So obviously, just examine it with
mdadm --examine /dev/sdb1
right? BOOM:
mdadm: No md superblock detected on /dev/sdb1.
Where the heck is it? After much googling around, I found a hint, that the Superblock has swapped endianness and was in fact version 0.9 as opposed to the data partition which has a version 1.2 superblock:
# mdadm --examine /dev/sdb1 -e 0 mdadm: No super block found on /dev/sdb1 (Expected magic a92b4efc, got fc4e2ba9)
Now the author of the article changed byte endianness to use the RAID on a PC, but my intention was to just remove the E flag and not mess around with the partition style. By looking at the mdadm source code, I found out that there already was a parameter to obey the different endianness of the superblock, the parameter to be specified is: “-e 0.9”
So I finally was able to dump the superblock of the disk with:
# ./mdadm.synology --examine /dev/sdb1 -e 0.9 /dev/sdb1: Magic : a92b4efc Version : 0.90.00 UUID : 5b116fc2:267b242b:3017a5a8:c86610be Creation Time : Sat Jan 1 00:00:02 2000 Raid Level : raid1 Used Dev Size : 2490176 (2.37 GiB 2.55 GB) Array Size : 2490176 (2.37 GiB 2.55 GB) Raid Devices : 2 Total Devices : 1 Preferred Minor : 0 Update Time : Wed Mar 8 16:25:39 2023 State : clean Active Devices : 1 Working Devices : 1 Failed Devices : 0 Spare Devices : 0 Checksum : c15399ef - correct Events : 12649239 Number Major Minor RaidDevice State this 1 8 17 1 active sync /dev/sdb1 0 0 0 0 0 removed 1 1 8 17 1 active sync /dev/sdb1
When looking at the output, the array component seemed to be in a perfectly fine condition, no sign of the failure indication from Synology. So I checked the available open source of the Synology Linux kernel for this disk error flag. Turns out that it can be found in md_p.h header file:
#ifdef MY_ABC_HERE #define MD_DISK_ERROR 6 #endif
Fortunately, Synology marked all their changes to the Stock Linux kernel with the #define MY_ABC_HERE, so specific code paths are easy to spot in the source.
Next, I had to identify the location of the flag in the superblock to confirm my findings. I hexdumped the superblock of the affected device. The 0.90 superblock is of struct mdp_superblock_s, which -according to md_p.h has the following structure:
typedef struct mdp_superblock_s { /* * Constant generic information */ __u32 md_magic; /* 0 MD identifier */ __u32 major_version; /* 1 major version to which the set conforms */ __u32 minor_version; /* 2 minor version ... */ __u32 patch_version; /* 3 patchlevel version ... */ ... /* * Disks information */ mdp_disk_t disks[MD_SB_DISKS]; /* * Reserved */ __u32 reserved[MD_SB_RESERVED_WORDS]; /* * Active descriptor */ mdp_disk_t this_disk; } mdp_super_t; typedef struct mdp_device_descriptor_s { __u32 number; /* 0 Device number in the entire set */ __u32 major; /* 1 Device major number */ __u32 minor; /* 2 Device minor number */ __u32 raid_disk; /* 3 The role of the device in the raid set */ __u32 state; /* 4 Operational state */ __u32 reserved[MD_SB_DESCRIPTOR_WORDS - 5]; } mdp_disk_t;
So the state of the individual disks is in the state field of the mdp_disk_t structure. Let’s check the dump and interpret it:
mdp_super_t: ------------ 0000 A9 2B 4E FC 00 00 00 00 00 00 00 5A 00 00 00 00 0010 00 00 00 00 5B 11 6F C2 38 6D 43 82 00 00 00 01 0020 00 25 FF 40 00 00 00 01 00 00 00 02 00 00 00 00 0030 00 00 00 00 26 7B 24 2B 30 17 A5 A8 C8 66 10 BE 0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0080 64 08 B7 03 00 00 00 01 00 00 00 01 00 00 00 01 0090 00 00 00 00 00 00 00 00 C1 53 9A 6F 00 00 00 00 00A0 00 C1 03 17 00 00 00 00 00 C1 03 17 FF FF FF FF 00B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0200 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0210 00 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 0220 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0230 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0240 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0250 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0260 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0270 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 mdp_disk_t disks[MD_SB_DISKS]; 0280 00 00 00 01 00 00 00 08 00 00 00 11 00 00 00 01 0290 00 00 00 46 00 00 00 00 00 00 00 00 00 00 00 00 02A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0300 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0310 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0320 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0330 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0340 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0350 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0360 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0370 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0380 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0390 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0400 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0410 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0420 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0430 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0440 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0450 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0460 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0470 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0480 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0490 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0500 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0510 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0520 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0530 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0540 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0550 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0560 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0570 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0580 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0590 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0600 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0610 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0620 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0630 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0640 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0650 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0660 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0670 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0680 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0690 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0700 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0710 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0720 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0730 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0740 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0750 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0760 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0770 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0780 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0790 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 07A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 07B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 07C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 07D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 07E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 07F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0800 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0810 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0820 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0830 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0840 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0850 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0860 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0870 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0880 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0890 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0900 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0910 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0920 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0930 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0940 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0950 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0960 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0970 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0980 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0990 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 09F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0AA0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0AB0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0AC0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0AD0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0AE0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0AF0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0B90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0BA0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0BB0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0BC0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0BD0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0BE0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0BF0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0C00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0C10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0C20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0C30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0C40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0C50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0C60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0C70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0C80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0C90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0CA0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0CB0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0CC0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0CD0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0CE0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0CF0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0DA0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0DB0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0DC0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0DD0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0DE0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0DF0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E90 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0EA0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0EB0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0EC0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0ED0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0EE0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0EF0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0F00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0F10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0F20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0F30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0F40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0F50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0F60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0F70 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 mdp_disk_t this_disk; 0F80 00 00 00 01 00 00 00 08 00 00 00 11 00 00 00 01 0F90 00 00 00 46 00 00 00 00 00 00 00 00 00 00 00 00 0FA0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0FB0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0FC0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0FD0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0FE0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0FF0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
I marked the significant fields in the dump. It can be seen that the state flag is 0x46 (that is 1000110b) which indicates:
#define MD_DISK_FAULTY 0 #define MD_DISK_ACTIVE 1 #define MD_DISK_SYNC 2 #define MD_DISK_REMOVED 3 #define MD_DISK_CLUSTER_ADD 4 #define MD_DISK_CANDIDATE 5 #define MD_DISK_ERROR 6 #define MD_DISK_WRITEMOSTLY 9 #define MD_DISK_JOURNAL 18
Bingo, there it is, MD_DISK_ERROR! So I was temtped to just remove the flag with a Hex editor, but beware: There is a checksum for the superblock header! So what’s the easiest thing to do?
First, check if Synology’s mdadm fork contained functions to maybe already clear the error flag. There must be a custom implementation, because it is able to display the E flag.
Turns out, there is no such function, so I had to extend the mdadm source code to introduce such a feature.
So, in short, I forked mdadm and implemented it, it can be downlaoded here together with a description on how to use it, so read the README there for a continuation of this story.
In short, I cleared the errorflag of the partition with my patched mdadm:
./mdadm.synology --misc --no-diskerr /dev/sdb1 -e 0.9
and put the disk back in the Synology, booted up, repaired system partition and got back a running system without having to reinstall the Synology DSM Software and its settings.
Installing BoundsChecker 8 on Windows 7 x64
I had real pain installing DevParther Studio Professional Edition
for its BoundsChecker 8 component under Windows 7 64 bit.
MSI installations fortunately can be debugged with
msiexec /i "Compuware DevPartner Studio Professional Edition.msi" /lvx log2.txt
Searching for ‘1603’ in log file helps finding the error location.
First of all, after installing the .NET Framework 1.1, it refues
to isntall saying that Boundchecker was already installed, which was
not true.
Turns out, that it checks for
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\NuMega\BoundsChecker
key, which has been set during .NET Framework installation to
mark that it had been installed.
But that in turn makes further setup atempts impossible.
So first problem was resolved by deleting above mentioned key.
Next, it went further, but rolled back during writing registry keys.
According to the log, it had problems overwriting a CLSID key
of MSXML3 parser:
MSI (s) (54!A8) [20:17:50:008]: Creating MSIHANDLE (12522) of type 790531 for thread 2984
Finding the key CLSID\{2933BF90-7B36-11d2-B20E-00C04F983E60}\SideBySide; the result is: 5
MSI (s) (54!A8) [20:17:50:009]: Closing MSIHANDLE (12522) of type 790531 for thread 2984
MSI (s) (54!A8) [20:17:50:009]: Creating MSIHANDLE (12523) of type 790531 for thread 2984
AddRefcountMsxml returns the code 5
So,next, I had to change the owner of the following Registry key
(which is owned by TrustedInstaller) to Administrators group and then
allow full access to everyone for this key:
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2933BF90-7B36-11D2-B20E-00C04F983E60}
Next, it went a bit further but stopped at:
MSI (s) (54!50) [20:48:20:465]: Creating MSIHANDLE (15175) of type 790531 for thread 4176
PerformTypeLib Name: 'msxml3.dll' LibDir: 'C:\Windows\SysWOW64\' HelpDir: 'C:\Windows\SysWOW64\'
MSI (s) (54!50) [20:48:20:466]: Closing MSIHANDLE (15175) of type 790531 for thread 4176
MSI (s) (54!50) [20:48:20:468]: Creating MSIHANDLE (15176) of type 790531 for thread 4176
PerformTypeLib failed with error code 11 and function code 0x8002801C.
Error code 0x8002801C is TYPE_E_REGISTRYACCESS
Fired up Process Monitor and checked where there is access denied
for msiexec.exe furing installation. Turned out to be:
MsiExec.exe 2588 RegCreateKey HKCR\TypeLib\{F5078F18-C551-11D3-89B9-0000F81FE221}\3.0\HELPDIR ACCESS DENIED Desired Access: Maximum Allowed
So I did the same Permission adjustment for the key
HKCR\TypeLib\{F5078F18-C551-11D3-89B9-0000F81FE221}\3.0
in the registry so allo everyone to access it.
Finally, installation finished properly. However I wasn’t very happy with it on Win 7 anyway, as the dpinject64.sys driver that gets installes crashes the system and makes it stuck. Maybe it can be fixed, but I then gave up on it. Seems that a new version is needed.
Installing Collabora Office on Devuan Beowulf
Unfortunately, the Package coolwsd from Collabora for Debian 10 relies on systemd. And most recent loolwsd is now coolwsd for Collabora online (office suite to use with nextcloud).
So here is a short how-to how to set it up on Devuan Beowulf:
Setup repo:
apt install gnupg apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0C54D189F4BA284D
echo "deb https://www.collaboraoffice.com/repos/CollaboraOnline/CODE-debian10 ./" >/etc/apt/sources.list.d/collabora.list
apt update
Install cooldwsd without systemd:
apt-get download coolwsd code-brand
dpkg -i --ignore-depends=systemd coolwsd_22.05.7.2-1_amd64.deb
I actually did it this way, as I was unaware of –ignore-depends option, but I leave it in here for reference in case it doesn’t work with ignore-depends option:
dpkg --force-all -i coolwsd_22.05.7.2-1_amd64.deb
Then remove systemd dependency to fix package cache:
vi /var/lib/dpkg/status
Remove “systemd” from “coolwsd” package in dependency list so that your apt isn’t damaged anymore.
When you installed with –force-all, install missing dependencies:
apt install expat collaboraofficebasis-calc collaboraofficebasis-core collaboraofficebasis-graphicfilter collaboraofficebasis-images collaboraofficebasis-impress collaboraofficebasis-ooofonts collaboraofficebasis-writer collaboraoffice collaboraoffice-ure collaboraofficebasis-en-us collaboraofficebasis-draw collaboraofficebasis-extension-pdf-import collaboraofficebasis-ooolinguistic collaboraofficebasis-math code-brand
Create logfile dir:
mkdir /var/log/coolwsd
chown cool:cool /var/log/coolwsd
Configure coolwsd:
vi /etc/coolwsd/coolwsd.xml
ssl/enable -> false
ssl/termination -> true
net/listen -> loopback
file -> enable=true
file/patch -> /var/log/coolwsd/coolwsd.log
trace_event/path -> /var/log/coolwsd/coolwsd.trace.json
net/proto -> IPv4
storage/ssl/as_scheme -> false
net/
<host desc="External IP of server">123\.123\.123\.123</host>
Create init.d script /etc/init.d/coolwsd
#!/bin/sh ### BEGIN INIT INFO # Provides: coolwsd # Required-Start: $local_fs $remote_fs $network $syslog $named # Required-Stop: $local_fs $remote_fs $network $syslog $named # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: libreoffice # Description: LibreOffice Online WebSocket server # This script will start the libreoffice server ### END INIT INFO # run update-rc.d for create K S file in /etc/init.d/* DESC="LibreOffice Online WebSocket server" NAME=coolwsd USER=cool DAEMON=/usr/bin/$NAME PIDFILE=/var/run/$NAME.pid PARAM="" PARAM="$PARAM --version" PARAM="$PARAM --disable-ssl" PARAM="$PARAM --o:sys_template_path=/opt/cool/systemplate" PARAM="$PARAM --o:child_root_path=/opt/cool/child-roots" PARAM="$PARAM --o:file_server_root_path=/usr/share/coolwsd" PARAM="$PARAM --o:logging.file[@enable]=true" test -x $DAEMON || exit 0 . /lib/lsb/init-functions if [ "$(id -u)" != "0" ] then log_failure_msg "You must be root to start, stop or restart cool" exit 1 fi do_status () { log_daemon_msg "$DESC" "$name" start-stop-daemon --status --verbose --pidfile $PIDFILE log_end_msg $? return $? } do_start () { log_daemon_msg "Starting $DESC" "$name" start-stop-daemon --start --verbose --pidfile $PIDFILE --make-pidfile --chuid $USER --background --exec $DAEMON -- $PARAM log_end_msg $? return $? } do_stop () { log_daemon_msg "Stopping $DESC" "$name" start-stop-daemon --stop --verbose --pidfile $PIDFILE --remove-pidfile log_end_msg $? return $? } case "$1" in status) do_status || exit 1 ;; start) do_start || exit 1 ;; stop) do_stop || exit 1 ;; force-reload|restart) do_stop && sleep 3 do_start || exit 1 ;; *) echo "Usage: /etc/init.d/lool {start|stop|restart|force-reload|status}" exit 1 esac exit 0
Install with: update-rc.d coolwsd defaults
Now setup apache virtualhost to collabora.yourdomain.com:
cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/collabora.conf
vi /etc/apache2/sites-available/collabora.conf
Uncomment & set the ServerName directive.
Install SSL certificate:
a2ensite collabora
/etc/init.d/apache2 reload
certbot --apache -d collabora.yourdomain.com
a2enmod proxy proxy_wstunnel proxy_http
Add configuration options for coolwsd:
vi /etc/apache2/sites-enabled/collabora-le-ssl.conf
:
# Encoded slashes need to be allowed AllowEncodedSlashes NoDecode # Container uses a unique non-signed certificate SSLProxyEngine Off SSLProxyVerify None SSLProxyCheckPeerCN Off SSLProxyCheckPeerName Off # keep the host ProxyPreserveHost On # static html, js, images, etc. served from coolwsd # browser is the client part of LibreOffice Online ProxyPass /browser http://127.0.0.1:9980/browser retry=0 ProxyPassReverse /browser http://127.0.0.1:9980/browser # WOPI discovery URL ProxyPass /hosting/discovery http://127.0.0.1:9980/hosting/discovery retry=0 ProxyPassReverse /hosting/discovery http://127.0.0.1:9980/hosting/discovery # Main websocket ProxyPassMatch "/cool/(.*)/ws$" ws://127.0.0.1:9980/cool/$1/ws nocanon # Admin Console websocket ProxyPass /cool/adminws ws://127.0.0.1:9980/cool/adminws # Download as, Fullscreen presentation and Image upload operations ProxyPass /cool http://127.0.0.1:9980/cool ProxyPassReverse /cool http://127.0.0.1:9980/cool # Endpoint with information about availability of various features ProxyPass /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities retry=0 ProxyPassReverse /hosting/capabilities http://127.0.0.1:9980/hosting/capabilities
Start collabora and reload apache and it should work:
/etc/init.d/apache2 reload
/etc/init.d/coolwsd start
Hope that helps to use collabora without this dreaded systemd cr*p.
Fixing a bug in Zarafa Client 7.2.4 that crashed it on Outlook >2013
A customer is running a Zarafa Server for some years now and it works nicely with its webinterface and all integrations. He also used the Zarafa Client (zarafaclient-7.2.4-52167.msi) on Outlook 2010 without issues, but only on 2 machines.
But as the number of users grew, it was desirable to get it running an new machines and unfortunately, Microsoft doesn’t sell licenses for old Outlook versions anymore. I tried running the Zarafa Client on Outlook 2022, but after installation, Outlook just crashed after the Splash screen.
So time to look into the internals of the Zarafa connector.
It seems to use an old “trick” to hook Outlook by placing a version.dll in Outlook’s program directory so that due to the DLL search path, the “prepared” version.dll gets loaded, which forwards the normal functions to the system’s version.dll but is hooking 2 functions on startup:
MAPILogonEx in olmapi32.dll and GetProcAddress in kernel32.dll to filter dynamically loaded functions.
GetProcAddress checks for the import or Ordinal 11 in olmapit32.dll, which also is MAPILogonEx and hooks it and it also hooks functions FValidEmsabpEntryID and FValidEmsabpEntryIDBin.
Interesting for the problem is the MAPLogonEx hook. In there, it checks current Outlook version from HKEY_CLASSES_ROOT\Outlook.Application\CurVer key and compares it to the value 15, because the “IMAPISession” class that it tries to overload changed in version 15.
And here is the problem. It does (in pseudocode):
if (!SUCCEEDED(GetOutlookVersion(&dwVersion)) || dwVersion != 15) { *lppSession = &IMAPISessionWrapper; } else { *lppSession = &IMAPISessionOlk15Wrapper; }
Now Outlook 2022 is Version 16, (for a list of Outlook version numbers, see Wikipedia article on Outlook), therefore it falls back to Version 14 and below vtable and then the wrapper functions call the wrong functions and so – besides wrong function calls – we end up with a ruined stack that finally crashes Outlook.
The fix is incredibly simple: Change dwVersion != 15 to dwVersion < 15, so in ASM:
.text:100038BA cmp [esp+8+arg_10], 0Fh .text:100038BF jnz short loc_100038E3
So change jnz to jb. And tadaa… It works! (with a Hex-Editor, you can change 75h to 72h on offset 2CBFh).
I made a little Patcher that does the work for you, if you are experiencing the same problem.
For me, this simple fix was enough to get it running.
Testing file system repair attempts on a read-only disk image
I recently got a damaged HFS+ formatted volume for analysis and repair.
Now I did what has to be done first on all data recovery attempts, obviously: Create a dd Disk image from the disk before messing around with it.
As the volume was very large, it would cost a lot of time and disk space to always make a copy of the image, mess around with it and if it fails, restore the original image. Copying around terabytes of data on a slow medium like classic harddisks is taking a lot of time, after all.
So I was searching for a way to operate on a snapshot-overlay of the original image to mess around with it and just dump the snapshot and revert, if something goes wrong.
Fortunately, I found this Stackoverflow post, which describes a way to do what I want.
So here is a little mount script mount_ovl.sh:
#!/bin/sh if [ $# -eq 0 ]; then echo Usage: $0 ro-device \[overlay-size\] echo i.e.: $0 /dev/loop0 exit fi if [ ! -e $1 ]; then echo $1 does not exist exit fi if [ -z "$2" ]; then ovlsz=10G else ovlsz=$2 fi ovl=/tmp/ovl newdevname=ovldev truncate -s$ovlsz $ovl size=$(blockdev --getsz "$1") loop=$(losetup -f --show -- "$ovl") echo "0 $size snapshot $1 $loop P 8" | dmsetup create "$newdevname" echo Mounted $loop to $newdevname
So, to i.e. do a fsck.hfsplus without ruining the original image, I first create a loopf device of the disk image:
# losetup -P /dev/loop0 /mnt/winhexraw.dd
Let’s list the partitions that it autodetected with -P:
# fdisk -lu /dev/loop0 Disk /dev/loop0: 931,5 GiB, 1000170586112 bytes, 1953458176 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: gpt Disk identifier: B9D171AA-7F12-4DD2-B1BD-FAE6A14B1DA8 Device Start End Sectors Size Type /dev/loop0p1 40 409639 409600 200M EFI System /dev/loop0p2 409640 1953195991 1952786352 931,2G Apple HFS/HFS+
So /dev/loop0p2 is the partition that needs to be checked.
Now mount it R/W with the script to /dev/mapper/ovldev:
./mount_ovl.sh /dev/loop0p2
Now it can be i.e. checked with
fsck.hfsplus -f /dev/mapper/ovldev
and possibly fixed. In my case, file system was damaged and fsck was unable to fix it, so I finally resorted to HFS+ rescue to get the files off from it. But this little hint can still be useful for futher attempts to i.e. repair the filesystem by hand.
To drop the snapshot again, assuming that it got mounted to /dev/loop1:
dmsetup remove "ovldev" losetup -d /dev/loop1
And to release original loop device for disk image:
losetup -d /dev/loop0
Might become handy some day.
Open in VLC Media Player in Firefox 52.9.0 ESR on WinXP
Recently, the ORF tvthek made some really bad updates to their player.
1) the fullscreen function now throws a javascript error in Firefox 52.9.0 ESR (last version that works on WinXP), so you cannot put the video to fullscreen anymore.
2) No matter what resolution you choose, the video resolution always gets adapted during playback and worsens over time, so videos cannot be viewed in full quality anymore rendeing the player useless.
So I needed an alternative to open up the videos in VLC media player, which also has the advantage that it uses much less CPU than the Firefox integrated video player.
Now there is this usedful “Open in VLC media player” Firefox plugin.
The problem with it is that it requires a node.js native client and nodeJS executable only works up to version v5.12.0 on Windows XP.
Therefore you need an older client script version and need to adapt it for the old node.js version.
1) Download nodejs nativeclient version 0.5.5
2) Download NodeJS node.exe v5.12.0
3) Unpack the nativeclient above and replace node\x86\node.exe with version from 2)
4) Fix install.bat and uninstall.bat by adding the following line after @echo off, as Windows XP doesn’t have a %LocalAPPData% environment (which can get quite danerous on later versions of uninstall.bat):
if "%LocalAPPData%"=="" set LocalAPPData=%AppData%
5) The host.js file is not fully compatible with the node.js version, therefore you have to patch the following lines:
a) Replace
const walk = (dir, depth = 0) => {
with
const walk = (dir, depth) => {
b) Replace
walk(msg.path);
with
walk(msg.path, 0);
6) Now you can run install.bat and finally install the “open in VLC” plugin into Firefox.
Here is a patched version of the nodejs-nativeclient that contains the appropriate node.js exe and patched files so that you just need to install it.
Removing the timebomb of the Adobe Flash Player
As known, Adobe placed a time bomb in their flash player in order to disable it by 12/01/2021.
This is – of course – a horrible move, rendering a lot of applications (i.e. HP Printer Software, interactive tutorials, Flash games, etc.) useless and therefore it has to be fixed in order to re-enable it.
Flash was available for download from Adobe, but an up-to-date version also was shipped and updated with Windows 10. So for the ActiveX-version, this one got maintained by Windows Update, whereas the other versions (i.e. npapi) got maintained by Adobe.
Lately, some people even said that the optional Microsoft patch KB4577586, which removes Flash from the system, got deployed to them via Windows Update.
So in order to re-enable flash (even when the evil, unremovable patch KB4577586 has been installed to the system), I made a little patcher, based on the work of KuromeSan which you can download here
Hopefully this will get you up and running again.
Install Winhlp32 (32bit Winhelp) on Windows 10
As I recently got asked on how to install WinHlp32.exe on Windows 10, I once wrote a little script to automate the task that I share here, as Microsoft fails to provide an installer for it on Windows 10.
Just copy the following lines into a file called install_winhelp.cmd and then execute it, it should download and install winhlp32.exe automatically:
@echo off setlocal echo Detecting language... set LANG=%1 if "%1"=="" for /f "delims=" %%a in ('powershell.exe -ExecutionPolicy ByPass -Command "$PSUICulture"') DO set "LANG=%%a" if "%LANG%"=="" set LANG=de-de rem Ensure that we are run from 64bit prompt if "%ProgramFiles(x86)%" == "" goto StartExec if not exist %SystemRoot%\Sysnative\cmd.exe goto StartExec %SystemRoot%\Sysnative\cmd.exe /C "%~f0" %* exit /b :StartExec >nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system" if '%errorlevel%' NEQ '0' ( echo Requesting administrative privileges... goto UACPrompt ) else ( goto gotAdmin ) :UACPrompt echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs" echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs" "%temp%\getadmin.vbs" exit /B :gotAdmin if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" ) pushd "%CD%" CD /D "%~dp0" set ARCH=amd64 reg query HKLM\Hardware\Description\System\CentralProcessor\0 /v Identifier | Find /i "x86" >nul if not errorlevel 1 set ARCH=x86 echo Downloading Winhelp, using language %LANG% for arch %ARCH%... bitsadmin /transfer Windows8.1-KB917607-x64.msu /download /priority normal https://download.microsoft.com/download/A/5/6/A5651A53-2487-43C6-835A-744EB9C72579/Windows8.1-KB917607-x64.msu %CD%\Windows8.1-KB917607-x64.msu if not exist Windows8.1-KB917607-x64.msu goto fini md ContentMSU expand Windows8.1-KB917607-x64.msu /F:* .\ContentMSU cd ContentMSU md ContentCAB expand Windows8.1-KB917607-x64.cab /F:* .\ContentCAB cd ContentCAB cd %ARCH%*winhstb*%LANG%* if not exist winhlp32.exe.mui ( echo winhlp32.exe.mui does not exist in requested langauge goto fini ) takeown /f "%SystemRoot%\%LANG%\winhlp32.exe.mui" icacls "%SystemRoot%\%LANG%\winhlp32.exe.mui" /grant "%UserName%":F ren %SystemRoot%\%LANG%\winhlp32.exe.mui winhlp32.exe.mui.w10 copy /y winhlp32.exe.mui %SystemRoot%\%LANG%\winhlp32.exe.mui cd .. cd %ARCH%*winhstb*none* if not exist winhlp32.exe ( echo winhlp32.exe does not exist ?? goto fini ) takeown /f "%SystemRoot%\winhlp32.exe" icacls "%SystemRoot%\winhlp32.exe" /grant "%UserName%":F ren %SystemRoot%\winhlp32.exe winhlp32.exe.w10 copy /y winhlp32.exe %SystemRoot%\winhlp32.exe cd ..\..\.. rmdir /s /q ContentMSU echo Done :fini endlocal pause
Convert (Debrand and remove SIMlock) of Nokia E63 from carrier Drei to standard E63
I love phones with keyboards. The modern touchscreen based Smartphones may be useful for i.e. Internet surfing, but their on-screen keyboard without the ability to type with physical feedback from the buttons is just very, very awful and makes them barely usable for my purposes.
Therefore I love the old Nokia E63 Symbian S60v3-based phones. Its “killer feature” is the flashlight that can be toggled by just pressing the space bar, it’s so much easier than fiddling around with a touchscreen to turn it on. That’s one reason why I prefer it over the Nokia E71, and according to some reviews, the E72 isn’t that great either.
Now my E63 aged, some plastic parts fell out and after carrying the phone in my pocket on a very rainy day, the phone shut down and didn’t recover from the water incident for serveral days.
After drying it for a few days and opening it to let the wetness dry out, the phone recovered and started back normally. So generally, these devices seem to be very robust. But I noticed over time that the signal quality got worse. Sometimes that phone just disconnected from the cell tower and it took minutes to reconnect and so I got missed calls depending on my location. And I suddenly was unable to get a proper signal in areas where I had no problems to at least get a low signal level before. So due to the water, some component may unfortunately have degraded.
Time to get a replacement! These old phones with European style keyboards are getting rarer on the market, but the Austrian carrier “Drei” once gave out these phones and some of them are still around for a few bucks, but with Drei Simlock in place and the firmware is also branded. But as these are still easy to get, I bought a used one and had to remove the Drei Simlock and debrand it.
In case someone likes the E63 as much as I do and still wants to do this procedure today, here is a short howto:
For all operations, I used the Nokia BEST (BB5 Easy Service Tool) v. 1.51 by Infinity-Box Team
1. Prepare
I carried out all Operations on Windows XP, but I guess it may also work on Win 7.
1.1 Download Nokia BEST V 1.51 and install it to your work directory
1.2 Download Nokia USB driver and install it (also contains driver for Bootloader which is needed).
I also had Nokia PC Suite installed, but I guess it’s not really necessary. I just had it on my machine anyway.
2. Remove SIM-Lock
This video shows the process.
It may be a good idea to verify that the connetion to the phone works, therefore first let’s read it:
2.1 Power on the E63
2.2 Start Nokia BEST and connect USB cable between Nokia and PC, select “PC Suite” when asked on the phone in which mode you want to connect.
2.3 Noka BEST should now detect the phone and be able to read it. So under “Service Tool” tab, click “Read info”. On Lock status, you will see Lock closed, type of your phone is PA_SL2 phone. If this applies, the phone is SIM-locked and you need to continue, otherwise it may already be unlocked.
2.4 Ensure that your phone has enough battery and unplug the charger, if you have plugged it in (I found the process easier with no charger attached). Go to “Repair” tab and click “Rd key”.
You will be presented with a dialog with instructions:
2.5 Unplug USB cable, shut down your hpone with the red Hangup key and wait till it is turned off.
2.6 Press OK in the dialog
2.7 Replug USB cable and press the red Hangup key for just about half of a second. Nokia BEST should detect the phone and read out data. Phone is booted into service mode.
2.8 When it shows “Key file updated”, then you can finally unlock it, go to tab “Unlock” and press “Unlock”. Unlock should be done now and locks removed.
Don’t showdown or unplug cable yet to get out of service mode, you can do one more step to debrand phone on the next step:
3. Debrand phone
Change product code
First, you need to find out the production data of your current phone and the production data of the phone, you want to convert it to. Normally, this number can be found on a label under the battery in the field named “Code”, bot to see the real code, on Nokia BEST, go to tab “Service Tool” and in “Prduction Data Edit”, click “Read”.
To make sense of the number, there are lists of the production codes available, i.e. this list seems to be pretty complete.
Now in my example, the phone I want to debrand is a:
0583827 200.21.012 E63-1 RM-437 3 AT AT ULTRA BLUE GV
Now I need to find the product code for the phone that I want to turn it into. For the central European market with QWERTZ keyboard, this code is the correct one for my purposes:
0568835 RM-437 CTR EURO-C ALS ON Ultramarine 200.21.01
So, enter the code above in the input field and click “Write”.
“ALS ON” stands for “Ambient light sensor” activated, I think, which detects light conditions and handles keyboard light accordingly (the sensor is right next to the speaker).
Download firmware
Unfortuntely, Microsoft shut down the old update servers for the BB5 phone firmwares, but luckyly, some people have archived the complete firmware packages. See this thread on gsmhosting forum. Download the EURO firmware package (Nokia_E63_RM-437_EURO_DP_15.00_MCU_510.21.010.exe). Should it get lost somehow, The Internet Archive also has an archive of BB5 firmware packages.
After download, install the Firmware package and note down the path you installed it to. The directory contains a file named readme_euro.txt
Flash the firmware
Take note of the respective firmware flash files you need for the Product code that you changed the code to in the previous step. I.e. for out 0568835 phone, the readme_euro.txt tells us:
Transceiver: 0568835: RM-437 CTR EURO-C ALS ON Ultramarine Images: - rm437_510.21.010_prd.c00 - rm437_510.21.010_prd.v33 - rm437_510.21.010.42U - sofie_erase_y_drive.fpsx - RM437_ENO_008.07.45_100.71.952.a018.fpsx
Now go to Nokia BEST again to tab “Flashing”. Select phone Model (RM-437 in our case), and check the following boxes
[x] Use INI
[x] Manual
[x] Dead mode
[x] Backup
[x] Chk/Read
[x] Set Normal
[x] FactorySet
After previous step, I disconneted the phone, reboted it normally, checked that it still booted and then did the flash (you can leave local mode on phone my just pulling out the battery).
If you are doing this in one step, “Dead mode” checkbox may not be available. Not sure if flashing can be done in one step after SIM-unlocking.
Now select the respective files fro the README above for the Fields MCU, PPM1, CNT1, CNT2, CNT3 (leave out PPM2).
The process can be seen on this video.
Be aware that all data gets deleted from the phone!! Also ensure to remove an SD-Card from the phone, if you have one sitting in the phone.
Finally click “Flash” to flash the new firmware on the phone.
If you have previously disconnected the phone, you must follow the same procedure as in first step. Disconnect cable, power off phone, reconnect cable, press hangup for half of a second and let the flash process start.
After flashing is done, you should have a new stock firmware on the device.
4. Remove signature enforcement
The Nokia Symbian phones have the annoying feature that all software installed on the phone must be signed with a certificate. You can turn off the ceritficate verification, but it still checks the certificate date/timestamp and you cannot install unsigned software. In order to remove these limits, Installer needs to be patched.
This video shows you how to do it.
It is said that a memory card should be used to carry over the files and a SIM card needs to be inserted in order to work properly. Havent’t tried if this is really needed, but did so:
Copy Norton Symbian hack, RomPatcherPlus, X-Plore and installserver.exe to a directory on memory card.
Menu -> Office -> clock -> Change phone date to 01.01.2009
Menu -> Installations -> App mgr. -> Options -> Settings -> Software installation -> All
Menu -> Office -> File manager -> Memory card -> Install NortonSymbianHack.sisx
Menu -> Installations -> Norton -> Options -> Antivirus -> Quarantine list -> Options -> Restore all -> Yes
Menu -> Installations -> App mgr. -> Symantec Symbian Hack -> Options -> Remove -> Yes
Menu -> Office -> File manager -> Memory card -> Install RomPatcherPlus_3.1.sisx (Into Phone memory)
Menu -> Installations -> RomPatcher+ -> [x] Install Server RP+ (turns red) -> [X] Open4All RP+ (turns green)
Meno -> Office -> clock -> Change phone date to 01.01.2012
Menu -> Office -> File manager -> Memory card -> Install X-plore V.1.56 S60v3+v5+…
Menu -> Installations -> X-plore -> Menu -> tools -> configuration -> [x] Show system files/folders -> Back
Copy installserver.exe to C:\sys\bin
5. Install language pack for TTS (Text to Speech)
As the default language for Text-to-speech is only English, you need to install additional TTS-Langpacks. i.e. the German language pack can be found here.
Now I was able to install all applications from the old phone on the replacement phone, migrate data via Nokia PC Suite and finally got my replacement phone running as new main phone. Mission accomplished 🙂
In case some files linked here are missing (files are not available anymore), just drop me a comment and I can supply them to you.
Installing MS SQL Server 2019 on Devuan Beowulf (~Debian 10)
As this systemd plague has also caught Debian, I’m mostly using Devuan for new servers now to have the normal SYSV-Init system I’m used to.
I already wrote an article on how to install MS SQL Server 2017 on Debian Jessie. Now here is a little Tutorial on how to install it on lates Devuan Beowulf:
I assume you are root and fixed the annoying Debian 10 su bug with:
echo "ALWAYS_SET_PATH yes" >/etc/default/su
apt-get install gnupg wget -qO- https://packages.microsoft.com/keys/microsoft.asc | apt-key add - wget -qO- https://packages.microsoft.com/config/ubuntu/18.04/mssql-server-2019.list | tee /etc/apt/sources.list.d/mssql-server.list wget -qO- https://packages.microsoft.com/config/debian/10/prod.list | tee /etc/apt/sources.list.d/mssql-client.list apt-get update apt-get install mssql-server /opt/mssql/bin/mssql-conf setup # Ignore error about failed systemctl start after setup vi /etc/init.d/mssql-server
# Insert script from http://hardwarefetish.com/781-ms-sql-server-2017-upstart-script
chmod +x /etc/init.d/mssql-server update-rc.d mssql-server defaults /etc/init.d/mssql-server start apt-get install mssql-tools unixodbc
Pretty straightforward. No more messing around with openssl lib like on Jessie.