From owner-freebsd-security Tue Jan 11 17:46:19 2000 Delivered-To: freebsd-security@freebsd.org Received: from cc942873-a.ewndsr1.nj.home.com (cc942873-a.ewndsr1.nj.home.com [24.2.89.207]) by hub.freebsd.org (Postfix) with ESMTP id CCB5D15121 for ; Tue, 11 Jan 2000 17:46:16 -0800 (PST) (envelope-from cjc@cc942873-a.ewndsr1.nj.home.com) Received: (from cjc@localhost) by cc942873-a.ewndsr1.nj.home.com (8.9.3/8.9.3) id UAA09158; Tue, 11 Jan 2000 20:49:58 -0500 (EST) (envelope-from cjc) From: "Crist J. Clark" Message-Id: <200001120149.UAA09158@cc942873-a.ewndsr1.nj.home.com> Subject: Re: console disappears after reboot In-Reply-To: <387B9043.62415CF3@algroup.co.uk> from Adam Laurie at "Jan 11, 2000 08:19:15 pm" To: adam@algroup.co.uk (Adam Laurie) Date: Tue, 11 Jan 2000 20:49:58 -0500 (EST) Cc: security@FreeBSD.ORG Reply-To: cjclark@home.com X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Adam Laurie wrote, > Hi, > > I realise this is slightly off topic, but as the situation arises due to > a security procedure, I hope someone else here as already seen similar > problems... > > I am working at a facility that has a locked server room with an annexe > just outside where you can access the servers without being in the > cold/noise. For security reasons, the vga/keyboard switch that feeds the > annexe is switched off when there's no-one there. This setup has worked > fine for a number of years. However, we are now installing some new > servers and we've found that if they get rebooted when the switch is > off, the console gets changed to a serial device. This means we've lost > the machine(s) until we log in remotely and reboot again. Not good. > > It seems that FreeBSD 3.1+ scans for a console, and if it can't find kb > / vga it switches to serial. The old machines all work fine as they are > 3.0 or less. > > I know I can set the console device in /boot/loader.conf, but this leads > to other problems (possibly a bug here): on some machines we get a > "/boot/loader not found - Disk error 0x1", and we suspect that this is > to do with the boot partition not being constrained to the first 1024 > cylinders. > > Anyway, to cut a long story short, I would prefer to simply do something > in /etc/rc.local to force the console back to local kb/vga, or disable > the serial console in the kernel itself... so my question is: what? Is > there such a command/setting? If a console has "died," you should, # kill -HUP 1 To refresh. Rebooting the machine a second time should not be necessary. Since you can access the machine's remotely, this should work. -- Crist J. Clark cjclark@home.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message