Date: Fri, 4 Jun 2004 19:35:47 -0400 From: Bill Moran <wmoran@potentialtech.com> To: Brooks Davis <brooks@one-eyed-alien.net> Cc: jbronson@wixb.com Subject: Re: more on fsck with securelevel Message-ID: <20040604193547.6d69fa7f.wmoran@potentialtech.com> In-Reply-To: <20040604222232.GB25234@Odin.AC.HMC.Edu> References: <6.1.1.1.2.20040604170255.00bf3b38@cheyenne.wixb.com> <20040604222232.GB25234@Odin.AC.HMC.Edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Brooks Davis <brooks@one-eyed-alien.net> wrote: > On Fri, Jun 04, 2004 at 05:05:34PM -0500, J.D. Bronson wrote: > > I did set this in /etc/rc.conf: > > fsck_y_enable="YES" > > > > But I was wondering if this might be a good idea too: > > (looking at the defaults) > > > > fsck_y_enable="NO" # Set to YES to do fsck -y if the initial preen > > fails. > > background_fsck="YES" # Attempt to run fsck in the background where > > possible. > > background_fsck_delay="60" # Time to wait (seconds) before starting the > > fsck. > > > > ..might it not be prudent to set 'background_fsck="NO"' when running in > > secure mode? > > > > Eventhough I shut down carefully, sometimes it still feels the need to run > > fsck (even with soft updates)...but when running securelevel, is it > > actually going to accomplish anything? > > I think just setting background_fsck_delay=0 may allow bgfsck to work. > Once fsck has opened the FS, I think it should keep it open and writes > should work. I'm not 100% sure of that though. fsck_y_enable determines what happens when a normal fsck fails. If it's set to "NO", you're dumped into single-user mode with a scary message. If it's set to "YES", then fsck is rerun with the -y option. Setting it to "YES" will allow the system to boot automatically under almost all conditions, but you may lose data that you could have recovered if you'd run fsck manually ... assuming you know what you're doing well enough to recover that data. background_fsck controls whether the initial boot fsck is run in the background, after booting, or in the foreground during the boot, forcing the boot process to wait on it (background_fsck="NO" is basically the same behaviour as pre-5 systems) background_fsck_delay is pretty obvious. Hopefully, that will help you reach a config that works for you. -- Bill Moran Potential Technologies http://www.potentialtech.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040604193547.6d69fa7f.wmoran>