Date: Tue, 11 Jan 2000 20:49:58 -0500 (EST) From: "Crist J. Clark" <cjc@cc942873-a.ewndsr1.nj.home.com> To: adam@algroup.co.uk (Adam Laurie) Cc: security@FreeBSD.ORG Subject: Re: console disappears after reboot Message-ID: <200001120149.UAA09158@cc942873-a.ewndsr1.nj.home.com> In-Reply-To: <387B9043.62415CF3@algroup.co.uk> from Adam Laurie at "Jan 11, 2000 08:19:15 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Adam Laurie wrote,
> Hi,
>
> I realise this is slightly off topic, but as the situation arises due to
> a security procedure, I hope someone else here as already seen similar
> problems...
>
> I am working at a facility that has a locked server room with an annexe
> just outside where you can access the servers without being in the
> cold/noise. For security reasons, the vga/keyboard switch that feeds the
> annexe is switched off when there's no-one there. This setup has worked
> fine for a number of years. However, we are now installing some new
> servers and we've found that if they get rebooted when the switch is
> off, the console gets changed to a serial device. This means we've lost
> the machine(s) until we log in remotely and reboot again. Not good.
>
> It seems that FreeBSD 3.1+ scans for a console, and if it can't find kb
> / vga it switches to serial. The old machines all work fine as they are
> 3.0 or less.
>
> I know I can set the console device in /boot/loader.conf, but this leads
> to other problems (possibly a bug here): on some machines we get a
> "/boot/loader not found - Disk error 0x1", and we suspect that this is
> to do with the boot partition not being constrained to the first 1024
> cylinders.
>
> Anyway, to cut a long story short, I would prefer to simply do something
> in /etc/rc.local to force the console back to local kb/vga, or disable
> the serial console in the kernel itself... so my question is: what? Is
> there such a command/setting?
If a console has "died," you should,
# kill -HUP 1
To refresh. Rebooting the machine a second time should not be
necessary. Since you can access the machine's remotely, this should
work.
--
Crist J. Clark cjclark@home.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001120149.UAA09158>