DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 8th January 2016
mamalos mamalos is offline
New User
 
Join Date: Dec 2015
Posts: 8
Default How to guarantee booting without manual intervention on an OpenBSD router

Hi everyone,

I have an OpenBSD 5.8 running on an alix apu1.d that operates as a router. Since this system is going to eventually be reset at some moment accidentally without properly unmounting its file systems, which means that, when booting, there is a possibility where automatic file system check won't be enough and fsck will have to run manually, I was wondering what the best way would be to manage such a situation.

At the moment, I thought of editing fstab to disable fsck for all file systems. The truth is that the only file systems that may be written when on operation is /var/log and /tmp (or /var/tmp as well), so boot wise I could just disable file system checks on these two file systems, but we'll discuss that if this solution is acceptable. So, is this method "safe" (since I don't care if I lose any newly written information in this machine) or will I end up with a non usable system? And if so, what would be the best solution that could allow for a system to "always" boot without leaving a chance of having to run fsck manually?

Thanks for your time and answers in advance!
Reply With Quote
  #2   (View Single Post)  
Old 8th January 2016
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

On booting, a memory/RAM file system for the writeable directories (mount_mfs(8)) will be newly (re)created/formatted.

mount_mfs is kind of an alias for newfs. They share so much functionality that they are the same binary and are described in the same man page.

Code:
$ ls -li /sbin/{newfs,mount_mfs} 
26020 -r-xr-xr-x  2 root  bin  214224 Dec 21  2012 /sbin/mount_mfs
26020 -r-xr-xr-x  2 root  bin  214224 Dec 21  2012 /sbin/newfs
These executables have the same inode, and one is thus a hard linked to the other.

From mount_mfs(8)
Code:
NAME
     newfs, mount_mfs - construct a new file system
With the -P option you specify a directory or file system that on (re)boot will be copied to the the newly newfsed file system.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump

Last edited by J65nko; 8th January 2016 at 10:42 AM.
Reply With Quote
  #3   (View Single Post)  
Old 10th January 2016
mamalos mamalos is offline
New User
 
Join Date: Dec 2015
Posts: 8
Default

Thanks for the reply!

To see if I understood correctly, you're proposing me to replace /var and /tmp (and whichever writable file systems I "don't care about losing their data") in my fstab with a memory file system whose "source" will be the appropriate device node? If so, I like the idea, otherwise please re-explain.

Ah, and the -P option can be added in fstab's options?

EDIT: I am trying to create one but I don't think I'm getting the syntax right. I am not sure what to put as a special node (I tried md without luck). So I ran this:
Code:
# mount_mfs  -P /var -s 256m md /root/var
mount_mfs: md: No such file or directory
Could you please give an example (and also the relevant fstab entry)?

Last edited by mamalos; 10th January 2016 at 11:40 AM.
Reply With Quote
  #4   (View Single Post)  
Old 10th January 2016
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

What I am proposing is that you:
  • create a 'template' directory let us call it /Template
  • copy the /var contents to that directory, for example: # rsync -aviH /var/ /Template. Please note that the trailing "/" of /var/ is critical.

    EDIT: As pointed out by IdOp this is wrong, it should be:
    # rsync -aviH /var /Template


    You will now have a /Template/var with a clone of /var
  • create a directory for testing the mount: # mdir /monkey
  • edit your /etc/fstab to:
    Code:
    swap /monkey mfs rw,noexec,nosuid,-P=Template/var,s=80000 0 0
  • make an offering to Puffy and reboot
If I did not make a mistake you will now have the /var contents in /monkey.

I have to go out now, I could only test the rsync part ....
Good luck
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump

Last edited by J65nko; 11th January 2016 at 10:40 AM. Reason: Corrected according to IdOp's remark, and added '=" after -P option
Reply With Quote
  #5   (View Single Post)  
Old 10th January 2016
IdOp's Avatar
IdOp IdOp is offline
Too dumb for a smartphone
 
Join Date: May 2008
Location: twisting on the daemon's fork(2)
Posts: 1,027
Default

Quote:
Originally Posted by J65nko View Post
[*]copy the /var contents to that directory, for example: # rsync -aviH /var/ /Template. Please note that the trailing "/" of /var/ is critical.
You will now have a /Template/var with a clone of /var
I believe you want to leave the trailing '/' off of /var/ in the rsync command, otherwise you just get the contents of /var in the /Template directory, not /var itself as you want.
Reply With Quote
  #6   (View Single Post)  
Old 10th January 2016
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

@ldOp, yes Your Honor, I plead guilty
Code:
$ sudo rsync -aviH -n  /var/ /Template/ | head -10 
sending incremental file list
.d..t...... ./
cd+++++++++ account/
cd+++++++++ audit/
cd+++++++++ authpf/
cd+++++++++ backups/
>f+++++++++ backups/device.backup
>f+++++++++ backups/device.current
>f+++++++++ backups/disklabel.sd0.backup
>f+++++++++ backups/disklabel.sd0.current
$ sudo rsync -aviH -n  /var/ /Template | head -10   
sending incremental file list
.d..t...... ./
cd+++++++++ account/
cd+++++++++ audit/
cd+++++++++ authpf/
cd+++++++++ backups/
>f+++++++++ backups/device.backup
>f+++++++++ backups/device.current
>f+++++++++ backups/disklabel.sd0.backup
>f+++++++++ backups/disklabel.sd0.current
As you stated correctly, /var without a trailing "/" works:
Code:
 $ sudo rsync -aviH -n  /var  /Template/ | head -10  
sending incremental file list
cd+++++++++ var/
cd+++++++++ var/account/
cd+++++++++ var/audit/
cd+++++++++ var/authpf/
cd+++++++++ var/backups/
>f+++++++++ var/backups/device.backup
>f+++++++++ var/backups/device.current
>f+++++++++ var/backups/disklabel.sd0.backup
>f+++++++++ var/backups/disklabel.sd0.current
According to the script(1) log this is also what I used.
My defense: "Significant other" was already complaining why I still was at the computer, when we were supposed to be leaving for Eindhoven ....

This also shows the importance of "peer review" , I suppose
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #7   (View Single Post)  
Old 11th January 2016
IdOp's Avatar
IdOp IdOp is offline
Too dumb for a smartphone
 
Join Date: May 2008
Location: twisting on the daemon's fork(2)
Posts: 1,027
Default

Quote:
Originally Posted by J65nko View Post
My defense: "Significant other" was already complaining why I still was at the computer, when we were supposed to be leaving for Eindhoven
Ahh, well then, case dismissed, we must all defer to a higher authority.
Reply With Quote
  #8   (View Single Post)  
Old 10th January 2016
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

The following has been tested on an old OpenBSD machine:
Code:
# uname -a 
OpenBSD hercules.utp.xnet 5.2 GENERIC#9 amd64
So beware .
Code:
# ls -l /Template/var
total 92
drwxr-xr-x   2 root    wheel      512 Dec 21  2012 account
drwxrws---   2 root    wheel      512 Dec 21  2012 audit
drwxrwx---   2 root    authpf     512 Dec 21  2012 authpf
drwx------   2 root    wheel     6144 Jan 10 01:30 backups
drwxr-xr-x   3 root    wheel      512 Dec  4  2012 cache
drwxrwx---   2 root    wheel      512 Dec 26  2012 crash
dr-xr-xr-x   4 root    wheel      512 Jan 10 22:00 cron
drwxr-xr-x  10 root    wheel      512 Jan  9 03:30 db
drwxr-xr-x   3 root    wheel      512 Dec 21  2012 empty
drwxrwxr-x   5 root    games      512 Dec 26  2012 games
drwxr-xr-x   3 root    wheel     2048 Jan 10 22:00 log
drwxr-xr-x   2 root    wheel      512 Jan 10 01:30 mail
drwx------   8 _mysql  _mysql    2048 Aug 10 13:58 mysql
drwxr-xr-x   8 root    wheel      512 Dec 26  2012 named
drwxr-xr-x   6 root    wheel      512 Dec 21  2012 nsd
drwxr-x---   2 root    operator   512 Dec 21  2012 quotas
drwxr-xr-x   3 root    wheel      512 Jan 10 21:53 run
drwxr-xr-x   2 root    wheel      512 Dec 21  2012 rwho
drwxr-xr-x  11 root    wheel      512 Dec 31  2012 spool
drwxrwxrwt   3 root    wheel      512 Jan  9 03:30 tmp
drwxr-xr-x   2 root    wheel      512 Dec 21  2012 yp

# mount
/dev/wd0a on / type ffs (local, noatime, softdep)

# cat /etc/fstab
3a6d4322b09ba067.b none swap sw
3a6d4322b09ba067.a / ffs rw,noatime,softdep 1 1
swap               /monkey mfs rw,noatime,nosuid,noexec,-P=/Template/var,-s=120000

# mount
/dev/wd0a on / type ffs (local, noatime, softdep)

# swapctl -l
Device      512-blocks     Used    Avail Capacity  Priority
/dev/wd0b      4180991        0  4180991     0%    0

# df -h
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/wd0a     27.6G   15.0G   11.2G    57%    /

# mount -a
pax: /monkey/./cron/tabs/.sock skipped. Sockets cannot be copied or extracted
pax: /monkey/./empty/dev/log skipped. Sockets cannot be copied or extracted

# mount
/dev/wd0a on / type ffs (local, noatime, softdep)
mfs:5237 on /monkey type mfs (asynchronous, local, noatime, noexec, nosuid, size=120000 512-blocks)

# df -h
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/wd0a     27.6G   15.0G   11.2G    57%    /
mfs:5237      56.7M   38.1M   15.7M    71%    /monkey

# ls -l /monkey
total 56
drwxr-xr-x   2 root    wheel      512 Dec 21  2012 account
drwxrws---   2 root    wheel      512 Dec 21  2012 audit
drwxrwx---   2 root    authpf     512 Dec 21  2012 authpf
drwx------   2 root    wheel     6144 Jan 10 01:30 backups
drwxr-xr-x   3 root    wheel      512 Dec  4  2012 cache
drwxrwx---   2 root    wheel      512 Dec 26  2012 crash
dr-xr-xr-x   4 root    wheel      512 Jan 10 22:00 cron
drwxr-xr-x  10 root    wheel      512 Jan  9 03:30 db
drwxr-xr-x   3 root    wheel      512 Dec 21  2012 empty
drwxrwxr-x   5 root    games      512 Dec 26  2012 games
drwxr-xr-x   3 root    wheel     2048 Jan 10 22:00 log
drwxr-xr-x   2 root    wheel      512 Jan 10 01:30 mail
drwx------   8 _mysql  _mysql    2048 Aug 10 13:58 mysql
drwxr-xr-x   8 root    wheel      512 Dec 26  2012 named
drwxr-xr-x   6 root    wheel      512 Dec 21  2012 nsd
drwxr-x---   2 root    operator   512 Dec 21  2012 quotas
drwxr-xr-x   3 root    wheel      512 Jan 10 21:53 run
drwxr-xr-x   2 root    wheel      512 Dec 21  2012 rwho
drwxr-xr-x  11 root    wheel      512 Dec 31  2012 spool
drwxrwxrwt   3 root    wheel      512 Jan  9 03:30 tmp
drwxr-xr-x   2 root    wheel      512 Dec 21  2012 yp
You will notice that I deleted /Template/var/www but forgot to do that with /Template/var/mysql as well as to empty /Template/var/mail:
Code:
# ls -lh /Template/var/mail
total 6368
-rw-------  1 adriaan  adriaan   229K Dec 28  2014 adriaan
-rw-------  1 root     wheel     2.8M Jan 10 01:30 root
I am now going to do this on an Alix board with an recent OpenBSD version and will report my findings.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #9   (View Single Post)  
Old 10th January 2016
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

Re: mfs size

You can use du(1) to find out the size in sectors for the -s option:
Code:
# du -s /var
115276  /var

# du -sh /var
56.3M   /var

# du -sh /Template/var
39.4M   /Template/var

# du -s /Template/var  
80752   /Template/var
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Old 11th January 2016
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default

I just tested the procedure and it works on an Alix board with an OpenBSD current version of :
Code:
OpenBSD 5.8-current (GENERIC) #1430: Sat Dec 12 09:13:24 MST 2015
    deraadt@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
I have a attached a transcript (serial cable console connection) Please note that I use the more descriptive directory name /Template.mfs as source to populate the mfs.

An excerpt of the interesting part where the test directory /monkey is being edited into the /var.
Code:
    171 ------ So reboot works ....
    172 Now adjusting to really using /var instead of /monkey
    173 -------------------------------------------------------
    174 
    175 ------------ reboot to single user mode
    176 Note that I am connected with a serial console.
    177 Single user mode will stop networking, so if you are logged in with SSH you have a problem. ....
    178 
    179 --- see init(8) for more info about sending a 'TERM' signal to process nr 1 ...
    180 
    181 root@alix[~]kill -TERM 1
    182 Enter pathname of shell or RETURN for sh: 
    183 
    184 \u@\h[\w]                                                               
    185 \u@\h[\w]mount
    186 /dev/wd0a on / type ffs (local, noatime, softdep)
    187 /dev/wd0e on /home type ffs (local, noatime, nodev, nosuid, softdep)
    188 /dev/wd0d on /usr type ffs (local, noatime, nodev, softdep)
    189 
    190 -- So we lost our 'mfs' file system ...
    191 
    192 --- delete the contents of the /var directory, so we only have an empty
    193 --- /var directory as mount point for the mfs reincarnation of /var 
    194  
    195 \u@\h[\w]rm -r /var/*
    196 \u@\h[\w]ls -l /var
    197 
    198 \u@\h[\w]cat /etc/fstab
    199 72e6d0f437619269.b none swap sw
    200 72e6d0f437619269.a / ffs rw,noatime,softdep 1 1
    201 72e6d0f437619269.e /home ffs rw,noatime,softdep,nodev,nosuid 1 2
    202 72e6d0f437619269.d /usr ffs rw,noatime,softdep,nodev 1 2
    203 swap               /monkey mfs rw,noatime,nosuid,noexec,-P=/Template.mfs/var,-s=80000
    204 
    205 --- copy the /etc/fstab file
    206 
    207 \u@\h[\w]cp /etc/fstab /etc/fstab.orig
    208 
    209 --- test with sed(1) to change 'monkey' into 'var'
    210 
    211 \u@\h[\w]sed -e 's/monkey/var/' /etc/fstab.orig
    212 
    213 72e6d0f437619269.b none swap sw
    214 72e6d0f437619269.a / ffs rw,noatime,softdep 1 1
    215 72e6d0f437619269.e /home ffs rw,noatime,softdep,nodev,nosuid 1 2
    216 72e6d0f437619269.d /usr ffs rw,noatime,softdep,nodev 1 2
    217 swap               /var mfs rw,noatime,nosuid,noexec,-P=/Template.mfs/var,-s=80000
    218 
    219 --- Now the real thing ...
    220 
    221 \u@\h[\w]sed -e 's/monkey/var/' /etc/fstab.orig >/etc/fstab
    222 \u@\h[\w]cat /etc/fstab
    223 72e6d0f437619269.b none swap sw
    224 72e6d0f437619269.a / ffs rw,noatime,softdep 1 1
    225 72e6d0f437619269.e /home ffs rw,noatime,softdep,nodev,nosuid 1 2
    226 72e6d0f437619269.d /usr ffs rw,noatime,softdep,nodev 1 2
    227 swap               /var mfs rw,noatime,nosuid,noexec,-P=/Template.mfs/var,-s=80000
    228 
    229 --- Looks good so we can reboot 
    230 \u@\h[\w]reboot
    231 dd: /var/db/host.random: No such file or directory
    232 chmod: /var/db/host.random: No such file or directory
    233 dd: /var/db/host.random: No such file or directory
    234 single user: not running shutdown scripts
    235 syncing disks... done
    236 rebooting...
    252 root@alix[~]mount                                                       
    253 /dev/wd0a on / type ffs (local, noatime, softdep)
    254 /dev/wd0e on /home type ffs (local, noatime, nodev, nosuid, softdep)
    255 /dev/wd0d on /usr type ffs (local, noatime, nodev, softdep)
    256 mfs:1731 on /var type mfs (asynchronous, local, noatime, noexec, nosuid, size=80000 512-blocks)
    257 
    258 root@alix[~]ls -l /var
    259 total 40
    260 drwxr-xr-x  2 root  wheel      512 Dec 12 17:05 account
    261 drwxrws---  2 root  wheel      512 Dec 12 17:05 audit
    262 [snip]
    263 drwxr-xr-x  4 root  wheel      512 Dec 12 17:05 unbound
    264 drwxr-xr-x  2 root  wheel      512 Dec 12 17:06 yp
    265 
    266 root@alix[~]df -h
    267 Filesystem     Size    Used   Avail Capacity  Mounted on
    268 /dev/wd0a      873M   44.2M    785M     5%    /
    269 /dev/wd0e      376M    9.8M    348M     3%    /home
    270 /dev/wd0d      2.2G    185M    1.9G     9%    /usr
    271 mfs:1731      37.7M    3.5M   32.3M    10%    /var
    272 
    273 --- end of transcript (slightly edited of course ;) )
Re: /tmp directory

I don't think it worth to move /tmp to use a memory file system. It usually is empty.
Another reason is the following section of mount_mfs(1):
Code:
ENVIRONMENT
     TMPDIR  Directory in which to create temporary mount points for use by
             mount_mfs -P instead of /tmp.
I just wonder how that would work if /tmp is configured to be a memory file system....

Re: /dev

Some people also use a MFS for /dev. See https://www.mail-archive.com/openbsd.../msg01014.html

I will try that another day ...

BTW In case of questions you can use $ less -N alix-mfs.txt to see or refer to the line numbers of the transcript.
Attached Files
File Type: txt alix-mfs.txt (10.0 KB, 65 views)
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Old 13th January 2016
mamalos mamalos is offline
New User
 
Join Date: Dec 2015
Posts: 8
Default

Thanks J65nko, you've been ridiculously helpful!

I haven't tested it yet, but I'll do it on Friday, so I'll come with news once it works.

If I encounter any problems after such an analytical explanation, I'll have to upgrade my IQ. Then I will ask for help.

Thanks again!!
Reply With Quote
Old 29th January 2016
mamalos mamalos is offline
New User
 
Join Date: Dec 2015
Posts: 8
Default

J65nko, I've tested it and it works fine. Thanks again!
Reply With Quote
Reply

Tags
/etc/fstab, memory disk, mfs, ram disk

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenBSD Native EFI booting coming to OpenBSD ocicat News 10 17th September 2015 01:25 PM
Dual booting encrypted OpenBSD with Windows e1-531g OpenBSD General 2 16th August 2015 02:06 PM
Info for openbsd manual in italian language ilparente OpenBSD General 3 23rd November 2013 07:25 PM
dual booting OpenBSD and NetBSD daemonfowl NetBSD Installation and Upgrading 1 21st February 2012 01:06 PM
Beep or visual signal after booting OpenBSD/sparc64 hansivers OpenBSD General 10 20th September 2009 04:08 PM


All times are GMT. The time now is 07:03 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick