Date: Thu, 4 Jul 2019 11:37:06 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: Ed Maste <emaste@freebsd.org>, Doug Hardie <bc979@lafn.org> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-19:10.ufs Message-ID: <02d4f9e8-f01f-aba1-1000-432a821a04d7@grosbein.net> In-Reply-To: <CAPyFy2Dhf4Mj2gNk-K%2BsvvJPEpbDwueeMDKR-86dESYOh0StcQ@mail.gmail.com> References: <20190703004924.8A5411A7D5@freefall.freebsd.org> <D6176CD2-C613-42C0-BC9B-2695B8048C06@lafn.org> <CAPyFy2CRrLZwbpHXAnbT-RWT35TDbtZjtqenLeAp6Vgxp--sXg@mail.gmail.com> <CC18847F-1EAA-4674-A65C-A9EA706A5ABF@lafn.org> <CAPyFy2Dhf4Mj2gNk-K%2BsvvJPEpbDwueeMDKR-86dESYOh0StcQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
03.07.2019 19:29, Ed Maste wrote:
> On Wed, 3 Jul 2019 at 11:21, Doug Hardie <bc979@lafn.org> wrote:
>>
>> That is going to be a bit tricky to do on a headless server that is remote. None of mine have consoles. They are all accessed via SSH. Any ideas how this situation can be handled?
>
> Probably an rc.d script with BEFORE: root that invokes the fsck
> command - something along the lines of the following (as yet untested
> and missing error checking etc.):
>
> #!/bin/sh
> #
>
> # PROVIDE: fsck_ufs
> # BEFORE: root
> # REQUIRE: fsck
> # KEYWORD: nojail
>
> . /etc/rc.subr
>
> name="fsck_ufs"
> desc="fsck UFS filesystems for FreeBSD-SA-19:10.ufs"
> start_cmd="fsck_ufs_start"
> stop_cmd=":"
>
> fsck_ufs_start()
> {
> fsck -t ufs -f -p -T ufs:-z
> }
>
> load_rc_config $name
> run_rc_command "$1"
We should resurrect "early" rc.d script. Its removal in 6.x as opposed to rewrite was a mistake
as such script is irreplaceable for multiple situations including pretty ordinary ones
like enabling kernel crashdumps to gmirror.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?02d4f9e8-f01f-aba1-1000-432a821a04d7>