10-20-2010 07:27 PM
Has anyone ever looked at using the
usr.local.etc.tar.bz2 file to inject data or atleast a script into the system that would allow us to run our own things from the usb drive?
ie, change that one file, then let the firmware install stuff whatever it has onto somewhere usefull on the flash. I do not know if you are able to force paths into the tar like /etc/init.d/somescript ??
I saw some weird things at .... for some other hardware.
Really, all we need is a way to get the system to automatically run something at bootup that can be on an external drive and the rest is in our control.
on a side note, I'd love a driver for this to be able to use an external USB video capter card
10-21-2010 06:12 AM
You raise great questions for firmwares 1.45 and earlier.
In fact, playdude did a lot of very useful modding right here on this forum:
After 1.55, all the install files have been encrypted and thus far have not proven to be openable.
So altering the files prior to installation is not possible.
Under 1.55, telnetting in to the live machine was also not possible- because the /etc/passwd file presumably contained the same unknown encrypted password that all the previous firmwares had by default.
In 1.45 and prior, you could do as playdude had done- change the password on the yaffs2_1.img, permitting logging in and various postinstallation mod possibilities.
So 1.55 locked out users altogether. in everyway.
2.2 has the password blanked out for telnet, like almost every other realtek player on the market.
Under 2.2, the firmware installation files are encrypted, but the open telnet access means you can login and change things however you want after startup.
Because, unlike every other realtek media player out there, seagate has kept ALL of their startup scripts (/etc/init.d/ files mostly) out of the /usr/local/etc/ partition. Every other player has a /usr/local/etc/rcS script that is called to start the DvdPlayer app- and give every user a chance to slip in what they want at startup.
This matters because /etc/init.d is on the rootfs & the rootfs is squashfs. It is NOT writable. You can't change the files there.
There are two executable scripts in the /usr/local/etc:
And, as there does not appear to be a way to invoke either of those scripts through any manipulation of the gui, that's a dead end.
I stand by the notion that, for right now, there is no way to change the startup routine of the 2.2 flashed seagate media player.
You've got to telnet in and alter things that way.
Hope someone proves me wrong.
You could ask Seagate to move the /etc/init,d/rcS2 over to the /usr/local/etc/ -- that would make everything possible. I think they'd be unresponsive.
Of course I am confounded by the fact that they 2.2 without a password for telnet, so I guess anything is possible.
10-22-2010 09:46 AM
oh rain on my parade eh.
Well , i've downloaded the gnu sources and the toolchain and , i'll try to compile the MTD tools.
ie flash unlock or wahtever its called. I do not know how the handle the image, ie is it mounted from an ecrypted image into memory or what, and if it's mounted, and the nand unlocked, can I write a change to it...
I'll compile something ifpossible but not sure I want to blow up myGTV
during the install though, the usr.local.etc Tar is extracted ad mounted. and its not encrypted,
Could we not (depending on what order something happens) input a root path into that tar and overwrite the /initd or whatever scripts to our needs?
all ofcourse depends on what order stuff happens during bootup and install i guess.
10-22-2010 01:18 PM
This doesn't help you (you already have a firmware 2.2 flashed device) BUT
I believe that if someone repacked their 2.2 firmware as a typical pair of yaffs2 img files and otherwise used the old file stuff from firmware 1.45 (the configuration.xml, install_a, etc) that you could flash firmware 2.2 on such a device.
And, if it didn't work, well you could always use the recovery procedure for the 1.45 devices-- that's not locked out for those devices.
As for not blowing up your goflex, you need to explore the recovery procedure and see if works properly.
I'd try it like this:
try and simply reload your present firmware using the recovery method.
if that is successful, then try and flash with firmware 1.45 -- you never know, perhaps rolling back is now unlocked just as the password for telnet disappeared.
If that works you're in for modded firmware feast.
10-22-2010 06:20 PM
never give up...
anyone seen this on the source released?
has a ref to http://ebase.sourceforge.net