Date: Fri, 10 May 2002 11:09:10 -0700 (PDT) From: Gordon Tetlow <gordont@gnf.org> To: Terry Lambert <tlambert2@mindspring.com> Cc: Julian Elischer <julian@elischer.org>, Jonathan Mini <mini@freebsd.org>, Michael Smith <msmith@mass.dis.org>, <hackers@freebsd.org> Subject: Re: nextboot loader diff Message-ID: <Pine.LNX.4.44.0205101100520.27477-100000@smtp.gnf.org> In-Reply-To: <3CDC01ED.A188796F@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Picking a random message to respond to... On Fri, 10 May 2002, Terry Lambert wrote: > It's actually just as easy to make boot1 go read it itself, assuming > boot1 has the ability to read. It also decouples it somewhat, which > (IMO) is a good thing. This is actually the same effect they get from > using a seperate file, which gets rewritten, rather than hacking "YES" > vs. "TRY" vs. "NO" in a common .conf file (which makes me incredibly > nervous, just like Mike's complaint about it). This is not intended to be used in an "Oh Crap, I just lost a disk and need to recover situation". This is to be used in the following situation (at least, this is how I envisioned it): I have machine A co-located far far away with no console access. I want to put a new kernel on it, but am nervous about what happens if the machine doesn't come back up because I botched the new kernel. I use nextboot to make my new kernel only boot once, in case where the machine hangs and needs to be rebooted (maybe I can tell a noc monkey to reboot the sucker), it'll then fall back to my known good kernel. There are some huge assumptions on my part that I should have spelled out a bit more in my initial email: A) you are going to be using nextboot on a consistent filesystem (after all you rebooted the box, it should (in theory) be a consistent filesystem when the loader goes and rewrites the /boot/nextboot.conf) B) this wasn't to do anything more clever than pass a few args to loader for one shot. C) this was intended to be used by developers who know what they are doing and would like a little extra security and don't want to have to pay a noc monkey to try and fix their configuration over the phone. I've done that waaaay too many times than I care to remember. If this feature was in there, I could just tell them to reboot the box, and it would come back to the kernel that I know was good. Again, please look at it as a convenience, not something that will save your ass. It will happily let you shoot yourself in the foot, but hey so will rm(1). -gordon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.44.0205101100520.27477-100000>