DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD Installation and Upgrading

FreeBSD Installation and Upgrading Installing and upgrading FreeBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 13th February 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,154
Thanked 182 Times in 149 Posts
Default A plan for a remote install and reinstall of FreeBSD

In our guides/howto section there are two interesting guides about installing FreeBSD without using sysinstall.

However, these guides assume you have physical access to the machine. But what if you have not, and the machine is in a datacenter 200 kms away?

My suggestion is have a small, say 2 Gigabyte, FreeBSD on the disk. This mini-FreeBSD installation is only used for a sysinstall-less install of the 'real' FreeBSD in the other slice(s).


The partitioning plan for this remote machine:
Code:
ad0s1 = 2 Gigabyte mini-FreeBSD only to be used for installing 
        or reinstalling, the "real FBSD" on the other slices
ad0s2 = Real FreeBSD "/", swap, "/usr" 
ad0s3 = Real FreeBSD "/tmp", "/var",  "/var/tmp" , "/var/log" i 
ad0s4 = Real FreeBSD "/usr/local", "/home", "/var", "/var/mail"
Why a multiple slice install?

There is 8 labels restriction per slice (at least for the disklabel or bsdlabel utility).
The glabel man page doesn't mention any limit in number of glabel'led partitions.
During the growing pains of the FreebSD 5.x series, I became am more focussed on OpenBSD, so I have never used glabel yet.

An overview of this 'bsdlabel' 8 partition/file system limit

Code:
1) 	a = "/"		(reserved for "/" on the booting slice") 
2) 	b = swap		(reserved for swap)
3) 	c = complete slice	(cannot be used)
4) 	d =			
5) 	e =
6) 	f =
7) 	g =
8) 	h =
On the first slice you only have 4 not pre-defined labels and with
separate file systems for the following you have used them all.
Code:
1	"/usr"
2	"/var"
3	"/home"
4	"/tmp"
So for a real system, with separate files ystems as 'watertight compartments' one has to use multiple slices for a single FreeBSD install.
A reason for example is that you don't want an attacker to fill your "/var/log" logs with junk and thus leaving no more space for "/var/mail".

Code:
 1	"/"
 2	swap
 3	"/usr"
 4	"/usr/local"
 5	"/usr/ports"
 6	"/tmp"
 7	"/var"
 8	"/var/tmp"
 9	"/var/log"
10	"/var/mail"
11	"/home"
After you are done with the install, you use fdisk to change the active MBR partition
from ad0s1 (the mini-FBSD), to ad0s2, which has the "/" filesystem of your new fresh install and
reboot.

If next year yeat another new file system for FreeBSD emerges, let us call it YANFS, you can use the
the 'real' FBSD in slice 2,3 and 4 to first update your mini 'fixit" FBSD in slice 1 so it has all the
YANFS tools.

AFter changing the active partition from slice 2 to slice 1, you reboot and are in an "fixit" environment where you can (I am willing to bet on it) follow the Ultra-Modern FreeBSD Install with YANFS (vermaden way)

Does this sound like a good plan? I don't mean the bet, but the idea of using a mini-FBSD to create the equivalent of a Fixit or Rescue CD environment.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 13th February 2010
Beastie Beastie is offline
Daemonology student
 
Join Date: Jan 2009
Location: /dev/earth0
Posts: 270
Thanked 23 Times in 23 Posts
Default

Quote:
Originally Posted by J65nko View Post
one has to use multiple slices for a single FreeBSD install.
A reason for example is that you don't want an attacker to fill your "/var/log" logs with junk and thus leaving no more space for "/var/mail".
Both slices and partitions have fixed sizes. So partitions suffice and you can have those on slices 3 and 4 on a single slice. An attacker would only fill /var/log/ and /var/mail/ would be left untouched.
And why not prevent the attacker from filling the logs in the first place by rejecting repeated connections or errors?
__________________
May the source be with you!
Reply With Quote
  #3   (View Single Post)  
Old 13th February 2010
vermaden's Avatar
vermaden vermaden is offline
Administrator
 
Join Date: Apr 2008
Location: pl_PL.lodz
Posts: 1,052
Thanked 118 Times in 93 Posts
Default

Quote:
Why a multiple slice install?

There is 8 labels restriction per slice (at least for the disklabel or bsdlabel utility).
The glabel man page doesn't mention any limit in number of glabel'led partitions.
During the growing pains of the FreebSD 5.x series, I became am more focussed on OpenBSD, so I have never used glabel yet.
FreeBSD 8.0-RELEASE supports up to 26 partitions in bsdlabel:
http://lists.freebsd.org/pipermail/c...er/084949.html

Quote:
AFter changing the active partition from slice 2 to slice 1, you reboot and are in an "fixit" environment where you can (I am willing to bet on it) follow the Ultra-Modern FreeBSD Install with YANFS (vermaden way)
Heh, nice name

I would also consider using remotely controlled power switch, if you end up in kernel panic, then you will have to move your ass these 200km Also, great idea with selecting which one to boot by only switching the ACTIVE flag on slice.

Quote:
Does this sound like a good plan? I don't mean the bet, but the idea of using a mini-FBSD to create the equivalent of a Fixit or Rescue CD environment.
You should propably be able to use gmirror for that, for example, you need to make some bigger changes or even full reinstall, you detach one of the drives from gmirror, then boot one of the degraded ones, then wipe the second one, install everything there, reboot into just wiped out/installed new version, destroy the old degraded gmirror and create new gmirror
__________________
religions, worst damnation of mankind
"If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds

Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”.
vermaden's: links resources deviantart spreadbsd
Reply With Quote
  #4   (View Single Post)  
Old 14th February 2010
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Old man from scene 24
 
Join Date: Apr 2008
Location: Eindhoven, Netherlands
Posts: 2,074
Thanked 198 Times in 156 Posts
Default

Use a serial console and set your machine to boot from PXE?
Or is that solution to simple?
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #5   (View Single Post)  
Old 14th February 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,154
Thanked 182 Times in 149 Posts
Default

Serial console and PXE booting is simple on OpenBSD but not on FreeBSD
And I want to do an install without sysinstall.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Remote backups server using FreeBSD, ZFS, and Rsync phoenix Guides 1 5th March 2010 12:17 AM
System messed up, should I just reinstall? AncientDragonfly FreeBSD Ports and Packages 22 22nd April 2009 04:33 AM
Remote FreeBSD server upgrade - Guide! carpman Guides 8 5th April 2009 05:37 PM
Remote OpenBSD ssh-based install problems artix OpenBSD Installation and Upgrading 7 13th March 2009 08:52 PM
Remote OpenBSD install via ssh. Dazhelpwiz Guides 0 23rd May 2008 12:07 AM


All times are GMT. The time now is 09:01 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick