Date: Tue, 19 Feb 2002 11:25:58 -0800 From: "Kevin Oberman" <oberman@es.net> To: Richard Glidden <richard@glidden.org> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Dropping to single user Message-ID: <20020219192558.B2BAE5D09@ptavv.es.net> In-Reply-To: Your message of "Tue, 19 Feb 2002 14:17:49 EST." <200202191917.g1JJHoa35783@zaphod.wox.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> Date: Tue, 19 Feb 2002 14:17:49 -0500 (EST) > From: Richard Glidden <richard@glidden.org> > > On 19 Feb, Kevin Oberman wrote: > > > Using the recommended order (as per the handbook) you know that the > > new kernel is bootable and, if it is not, you simply boot kernel.old > > and are right back where you were while you figure out what went > > wrong. > > > > Once you do an installworld, you really can't back out in any sure way > > other than a re-install. Not a lot of fun. > > Good point. It does make much more sense to test the kernel before > clobbering your world. > > > I see no advantage to breaking the kernel build into two steps if you > > plan to boot the new kernel immediately. > > If you run with kern.securelevel >= 1, then won't it be impossible to > install the kernel without first rebooting into single-user? The kernel > is flaged schg, so it can't be modified unless you remove the schg flag, > which is (according to init(8)) impossible at that secure level. Yes, this is true. I don't run an elevated kern.securelevel, so I overlooked this issue. Sorry. > It also lets you build while the machine is in multi-user, and install > while in single-user, which ensures that your installation doesn't > affect any logged-in users before you reboot, and the users don't affect > your installation. Installation of the kernel is safe while in multi-user mode as it only creates a new /kernel and new /modules (and renames the old ones /kernel.old and /modules.old), neither of which will effect the running system unless you do a kldload. (I am assuming that no one with su would do such a thing with you not knowing it.) I try to minimize the time the system is in single-user mode. I even do things that are unsafe on occasion, but I never recommend them to others. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020219192558.B2BAE5D09>