From owner-freebsd-rc@FreeBSD.ORG Sun Oct 13 22:59:21 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id CB086358 for ; Sun, 13 Oct 2013 22:59:21 +0000 (UTC) (envelope-from bounces+73574-d723-freebsd-rc=freebsd.org@sendgrid.me) Received: from o3.shared.sendgrid.net (o3.shared.sendgrid.net [208.117.48.85]) by mx1.freebsd.org (Postfix) with SMTP id 7A2822BDB for ; Sun, 13 Oct 2013 22:59:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h=from:mime-version:to:subject:content-type; s=smtpapi; bh=fSnyVSMbFX3vfIXJk1NRyvLxeho=; b=Ne0LvsVNdYfUQPDkN9/4k6IkorX1q wF+KANV118eM949QzPousgHH+pxWLYr4YOemmLTMpELu7c0b5Rgw0B174YUi4w7Z BauucggFMKpuNQVgdp6J/szIp9aq02oFL27XkBjLt6YlexZeGPLdBLzzZ1kjTlQn 09fft1GIEXrj7M= Received: by filter-151.sjc1.sendgrid.net with SMTP id filter-151.10611.525B25C32 Sun, 13 Oct 2013 22:59:15 +0000 (GMT) Received: from mail.tarsnap.com (unknown [10.60.208.13]) by mi19 (SG) with ESMTP id 141b40b77ab.19b5.197931b for ; Sun, 13 Oct 2013 22:59:12 +0000 (UTC) Received: (qmail 51882 invoked from network); 13 Oct 2013 22:59:11 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 13 Oct 2013 22:59:11 -0000 Received: (qmail 4131 invoked from network); 13 Oct 2013 22:58:23 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 13 Oct 2013 22:58:23 -0000 Message-ID: <525B258F.3030403@freebsd.org> Date: Sun, 13 Oct 2013 15:58:23 -0700 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: FreeBSD current , freebsd-rc@freebsd.org Subject: RFC: support for "first boot" rc.d scripts X-Enigmail-Version: 1.5.2 Content-Type: multipart/mixed; boundary="------------040902090405000607020909" X-SG-EID: ChUA/E68MWtQtYrYVmEHIGuqNmShXrFL3cq8iGM7RqXluu9jXtSBeGG351/b4LCb5kF5zBSNqPpCDG8PLU55yC4koZHVwTPG1/YMpY+7LTXlgRiGkXsrERFsWo7htvaRr6DuyI/M00xQ0d55llvNhBzg+H7HHB3XqQNkaoFg0js= X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Oct 2013 22:59:22 -0000 This is a multi-part message in MIME format. --------------040902090405000607020909 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Hi all, I've attached a very simple patch which makes /etc/rc: 1. Skip any rc.d scripts with the "firstboot" keyword if /var/db/firstboot does not exist, 2. If /var/db/firstboot and /var/db/firstboot-reboot exist after running rc.d scripts, reboot. 3. Delete /var/db/firstboot (and firstboot-reboot) after the first boot. The purpose of this is to support "run on first boot" rc.d scripts. These can be useful for both virtual machines and embedded systems; unlike conventional desktops and servers, these may have a lengthy gap between "installing" and "turning on" the system. As examples of what such scripts could do: * In Amazon EC2, I use a "first boot" script to download an SSH public key from EC2 so that users can log in to newly provisioned EC2 instances. * Now that (starting from 10.0-BETA1) it is possible to use FreeBSD Update to update everything on EC2 instances, I'm planning on writing a script which runs 'freebsd-update fetch install' when the system first boots, and then reboots if there were updates installed. (I imagine this would be useful to other embedded / VM providers too.) * Once packages are provided (properly) for 10.0 I'd like to allow people to specify a list of packages they want installed onto an EC2 instance and have them downloaded and installed when the EC2 instance launches. I'd like to get this into HEAD in the near future in the hope that I can convince re@ that this is a simple enough (and safe enough) change to merge before 10.0-RELEASE. Comments? -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid --------------040902090405000607020909 Content-Type: text/plain; charset=us-ascii; name="firstboot.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="firstboot.patch" Index: etc/rc =================================================================== --- etc/rc (revision 256432) +++ etc/rc (working copy) @@ -81,6 +81,9 @@ skip="$skip -s nojailvnet" fi fi +if ! [ -e /var/db/firstboot ]; then + skip="$skip -s firstboot" +fi # Do a first pass to get everything up to $early_late_divider so that # we can do a second pass that includes $local_startup directories @@ -116,6 +119,13 @@ run_rc_script ${_rc_elem} ${_boot} done +if [ -e /var/db/firstboot ]; then + rm /var/db/firstboot + if [ -e /var/db/firstboot-reboot ]; then + rm /var/db/firstboot-reboot + kill -INT 1 + fi +fi echo '' date exit 0 --------------040902090405000607020909-- From owner-freebsd-rc@FreeBSD.ORG Mon Oct 14 07:59:54 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 975BB206; Mon, 14 Oct 2013 07:59:54 +0000 (UTC) (envelope-from nick@van-laarhoven.org) Received: from vps.van-laarhoven.org (www.hibma.org [IPv6:2a02:2308::216:3eff:feec:b1b5]) by mx1.freebsd.org (Postfix) with ESMTP id 4C55D217A; Mon, 14 Oct 2013 07:59:54 +0000 (UTC) Received: from [IPv6:2001:980:530a:1:44c2:cf25:e90c:4287] (unknown [IPv6:2001:980:530a:1:44c2:cf25:e90c:4287]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by vps.van-laarhoven.org (Postfix) with ESMTPSA id 6132F5F2286; Mon, 14 Oct 2013 09:55:54 +0200 (CEST) Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\)) Subject: Re: RFC: support for "first boot" rc.d scripts From: Nick Hibma In-Reply-To: <525B258F.3030403@freebsd.org> Date: Mon, 14 Oct 2013 09:59:51 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <41F1219E-4DCC-4B04-A1DC-40038809556B@van-laarhoven.org> References: <525B258F.3030403@freebsd.org> To: Colin Percival X-Mailer: Apple Mail (2.1510) Cc: FreeBSD current , freebsd-rc@freebsd.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Oct 2013 07:59:54 -0000 Colin, Sounds useful: We have nanobsd images that configure a hard disk if = present, but obviously only need to be run once. However: NanoBSD stores uses a memory disk for /etc and stores it's = permanent scripts in /conf/* (/etc/rc.initdiskless) and/or /cfg = (NanoBSD) so I doubt whether the 'embedded systems' argument is of much = use, as deleting the script or flagging 'firstboot' is non-permanent. Nick Hibma nick@van-laarhoven.org Want to feel like going on a holiday tomorrow? Try GTD. On 14 Oct 2013, at 00:58, Colin Percival wrote: > Hi all, >=20 > I've attached a very simple patch which makes /etc/rc: >=20 > 1. Skip any rc.d scripts with the "firstboot" keyword if = /var/db/firstboot > does not exist, >=20 > 2. If /var/db/firstboot and /var/db/firstboot-reboot exist after = running rc.d > scripts, reboot. >=20 > 3. Delete /var/db/firstboot (and firstboot-reboot) after the first = boot. >=20 > The purpose of this is to support "run on first boot" rc.d scripts. = These can > be useful for both virtual machines and embedded systems; unlike = conventional > desktops and servers, these may have a lengthy gap between = "installing" and > "turning on" the system. >=20 > As examples of what such scripts could do: >=20 > * In Amazon EC2, I use a "first boot" script to download an SSH public = key > from EC2 so that users can log in to newly provisioned EC2 instances. >=20 > * Now that (starting from 10.0-BETA1) it is possible to use FreeBSD = Update > to update everything on EC2 instances, I'm planning on writing a = script which > runs 'freebsd-update fetch install' when the system first boots, and = then > reboots if there were updates installed. (I imagine this would be = useful > to other embedded / VM providers too.) >=20 > * Once packages are provided (properly) for 10.0 I'd like to allow = people to > specify a list of packages they want installed onto an EC2 instance = and have > them downloaded and installed when the EC2 instance launches. >=20 > I'd like to get this into HEAD in the near future in the hope that I = can > convince re@ that this is a simple enough (and safe enough) change to = merge > before 10.0-RELEASE. >=20 > Comments? >=20 > --=20 > Colin Percival > Security Officer Emeritus, FreeBSD | The power to serve > Founder, Tarsnap | www.tarsnap.com | Online backups for the truly = paranoid > _______________________________________________ > freebsd-current@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-current > To unsubscribe, send any mail to = "freebsd-current-unsubscribe@freebsd.org" From owner-freebsd-rc@FreeBSD.ORG Mon Oct 14 11:06:54 2013 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id E2E39539 for ; Mon, 14 Oct 2013 11:06:54 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id CF21A2C8B for ; Mon, 14 Oct 2013 11:06:54 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r9EB6sib035327 for ; Mon, 14 Oct 2013 11:06:54 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r9EB6sa6035325 for freebsd-rc@FreeBSD.org; Mon, 14 Oct 2013 11:06:54 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 14 Oct 2013 11:06:54 GMT Message-Id: <201310141106.r9EB6sa6035325@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-rc@FreeBSD.org Subject: Current problem reports assigned to freebsd-rc@FreeBSD.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Oct 2013 11:06:55 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o conf/181625 rc [patch] add rc.d/ script for freebsd-update o conf/180183 rc [rc.d] rc.d allows scripts without rcvar set to start o conf/179828 rc [rc.d] [PATCH] rc.d/syslogd link socket to /dev/log fa o conf/177217 rc [patch] rc.d/ddb -- squelch warning when ddb_enable=ye o conf/177089 rc ntpd startup script does not work well o conf/176347 rc [rc.conf] [patch] Add support for firewall deny lists o conf/176181 rc [rc.subr] rc.subr emitting warnings for non-defined xx o conf/175311 rc [patch] add "dump" fs type support to rc.d/dumpon o conf/175105 rc /etc/rc.d/* and more: syntax 'return_boolean_cmd && do o conf/175079 rc [rc.subr] [patch] rc.subr poorly handles recursive run o bin/173153 rc [rc.d] [patch] $netwait_ip should be more parallel o conf/172787 rc [rc.conf] FreeBSD 9.x broken alias syntax on vlan inte o conf/172532 rc [rc] [patch] service routing restart always fails o conf/169047 rc [rc.subr] [patch] /etc/rc.subr not checking some scrip p bin/168544 rc [patch] [rc]: addswap-mounted swapfiles cause panic on o conf/167566 rc [rc.d] [patch] ipdivert module loading vs. ipfw rc.d o o conf/166484 rc [rc] [patch] rc.initdiskless patch for different major o conf/165769 rc [rc][jai][ipv6] IPv6 Initialization on external iface o conf/164393 rc [rc.d] restarting netif with static addresses doesn't o conf/163508 rc [rc.subr] [patch] Add "enable" and "disable" commands o conf/163488 rc Confusing explanation in defaults/rc.conf o conf/163321 rc [rc.conf] [patch] allow _fib syntax in rc.conf o conf/162642 rc .sh scripts in /usr/local/etc/rc.d get executed, not s o conf/161107 rc [rc] stop_boot in mountcritlocal usage is incorrect. o conf/160403 rc [rc] [patch] concurrently running rc-scripts during bo o conf/160240 rc rc.d/mdconfig and mdconfig2 should autoset $_type to v o conf/159846 rc [rc.conf] routing_stop_inet6() logic doesn't handle ip o conf/158557 rc [patch] /etc/rc.d/pf broken messages o conf/158127 rc [patch] remount_optional option in rc.initdiskless doe o conf/153666 rc [rc.d][patch] mount filesystems from fstab over zfs da o conf/153200 rc post-boot /etc/rc.d/network_ipv6 start can miss neighb o conf/153123 rc [rc] [patch] add gsched rc file to automatically inser o conf/150474 rc [patch] rc.d/accounting: Add ability to set location o o conf/149867 rc [PATCH] rc.d script to manage multiple FIBS (kern opti o conf/149831 rc [PATCH] add support to /etc/rc.d/jail for delegating Z o conf/148656 rc rc.firewall(8): {oip} and {iip} variables in rc.firewa o conf/147685 rc [rc.d] [patch] new feature for /etc/rc.d/fsck o conf/147444 rc [rc.d] [patch] /etc/rc.d/zfs stop not called on reboot o conf/146053 rc [patch] [request] shutdown of jails breaks inter-jail o conf/145399 rc [patch] rc.d scripts are unable to start/stop programs o conf/145009 rc [patch] rc.subr(8): rc.conf should allow mac label con o conf/143637 rc [patch] ntpdate(8) support for ntp-servers supplied by o conf/143085 rc [patch] ftp-proxy(8) rc(8) with multiple instances a conf/142973 rc [jail] [patch] Strange counter init value in jail rc o conf/142434 rc [patch] Add cpuset(1) support to rc.subr(8) o conf/142304 rc rc.conf(5): mdconfig and mdconfig2 rc.d scripts lack e o conf/141909 rc rc.subr(8): [patch] add rc.conf.d support to /usr/loca o conf/141678 rc [patch] A minor enhancement to how /etc/rc.d/jail dete o conf/140440 rc [patch] allow local command files in rc.{suspend,resum o conf/140261 rc [patch] Improve flexibility of mdconfig2 startup scrip p conf/138208 rc [rc.d] [patch] Making rc.firewall (workstation) IPv6 a o conf/137271 rc [rc.d] Cannot update /etc/host.conf when root filesyst o conf/136624 rc [rc.d] sysctl variables for ipnat are not applied on b o conf/134918 rc [patch] rc.subr fails to detect perl daemons o conf/134660 rc [patch] rc-script for initializing ng_netflow+ng_ipfw o conf/134333 rc PPP configuration problem in the rc.d scripts in combi o conf/133890 rc [patch] sshd(8): add multiple profiles to the rc.d scr o conf/128299 rc [patch] /etc/rc.d/geli does not mount partitions using o conf/126392 rc [patch] rc.conf ifconfig_xx keywords cannot be escaped o conf/124747 rc [patch] savecore can't create dump from encrypted swap o conf/124248 rc [jail] [patch] add support for nice value for rc.d/jai o conf/123734 rc [patch] Chipset VIA CX700 requires extra initializatio o conf/123222 rc [patch] Add rtprio(1)/idprio(1) support to rc.subr(8). o conf/122968 rc [rc.d] /etc/rc.d/addswap: md swapfile multiplication a o conf/122477 rc [patch] /etc/rc.d/mdconfig and mdconfig2 are ignoring o conf/122170 rc [patch] [request] New feature: notify admin via page o o kern/121566 rc [nfs] [request] [patch] ethernet iface should be broug a conf/119874 rc [patch] "/etc/rc.d/pf reload" fails if there are macro o conf/119076 rc [patch] [rc.d] /etc/rc.d/netif tries to remove alias a o bin/118325 rc [patch] [request] new periodic script to test statuses f conf/118255 rc savecore never finding kernel core dumps (rcorder prob f conf/117935 rc [patch] ppp fails to start at boot because of missing f conf/113915 rc [ndis] [patch] ndis wireless driver fails to associate o conf/108589 rc rtsol(8) fails due to default ipfw rules o conf/106009 rc [ppp] [patch] [request] Fix pppoed startup script to p f conf/105689 rc [ppp] [request] syslogd starts too late at boot f conf/105145 rc [ppp] [patch] [request] add redial function to rc.d/pp f conf/104549 rc [patch] rc.d/nfsd needs special _find_processes functi o conf/102700 rc [geli] [patch] Add encrypted /tmp support to GELI/GBDE o conf/93815 rc [patch] Adds in the ability to save ipfw rules to rc.d f conf/92523 rc [patch] allow rc scripts to kill process after a timeo o conf/89870 rc [patch] [request] make netif verbose rc.conf toggle a conf/88913 rc [patch] wrapper support for rc.subr o conf/85819 rc [patch] script allowing multiuser mode in spite of fsc o kern/81006 rc ipnat not working with tunnel interfaces on startup o conf/77663 rc Suggestion: add /etc/rc.d/addnetswap after addcritremo o conf/73677 rc [patch] add support for powernow states to power_profi a conf/58939 rc [patch] dumb little hack for /etc/rc.firewall{,6} f conf/56934 rc [patch] rc.firewall rules for natd expect an interface f conf/13775 rc multi-user boot may hang in NIS environment 90 problems total. From owner-freebsd-rc@FreeBSD.ORG Mon Oct 14 12:09:12 2013 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id ED9196A4; Mon, 14 Oct 2013 12:09:12 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from mail.allbsd.org (gatekeeper.allbsd.org [IPv6:2001:2f0:104:e001::32]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 6ACB821FA; Mon, 14 Oct 2013 12:09:12 +0000 (UTC) Received: from alph.d.allbsd.org (p4181-ipbf1307funabasi.chiba.ocn.ne.jp [123.225.173.181]) (authenticated bits=128) by mail.allbsd.org (8.14.5/8.14.5) with ESMTP id r9EC8qwU070797 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 14 Oct 2013 21:09:03 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (localhost [IPv6:::1]) (authenticated bits=0) by alph.d.allbsd.org (8.14.7/8.14.5) with ESMTP id r9EC8oi9015742; Mon, 14 Oct 2013 21:08:52 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Mon, 14 Oct 2013 21:07:26 +0900 (JST) Message-Id: <20131014.210726.1989833413225901961.hrs@allbsd.org> To: cperciva@FreeBSD.org Subject: Re: RFC: support for "first boot" rc.d scripts From: Hiroki Sato In-Reply-To: <525B258F.3030403@freebsd.org> References: <525B258F.3030403@freebsd.org> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.5 on Emacs 24.3 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart(Mon_Oct_14_21_07_26_2013_864)--" Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.97.4 at gatekeeper.allbsd.org X-Virus-Status: Clean X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (mail.allbsd.org [133.31.130.32]); Mon, 14 Oct 2013 21:09:03 +0900 (JST) X-Spam-Status: No, score=-99.1 required=13.0 tests=CONTENT_TYPE_PRESENT, SPF_SOFTFAIL,USER_IN_WHITELIST autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on gatekeeper.allbsd.org Cc: freebsd-current@FreeBSD.org, freebsd-rc@FreeBSD.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Oct 2013 12:09:13 -0000 ----Security_Multipart(Mon_Oct_14_21_07_26_2013_864)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Colin Percival wrote in <525B258F.3030403@freebsd.org>: cp> I've attached a very simple patch which makes /etc/rc: cp> +if ! [ -e /var/db/firstboot ]; then cp> + skip="$skip -s firstboot" cp> +fi At this stage, it is possible that /var/db does not exist because it is before rc.d/mountcritlocal. -- Hiroki ----Security_Multipart(Mon_Oct_14_21_07_26_2013_864)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (FreeBSD) iEYEABECAAYFAlJb3n4ACgkQTyzT2CeTzy37bgCfXuALJ9zLzm1tBIK73KZK9zDl Ic0AnjTzKnonc/e4rjO4LVw0naeAtRqZ =CHGa -----END PGP SIGNATURE----- ----Security_Multipart(Mon_Oct_14_21_07_26_2013_864)---- From owner-freebsd-rc@FreeBSD.ORG Mon Oct 14 16:52:15 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C6DEF1FF for ; Mon, 14 Oct 2013 16:52:15 +0000 (UTC) (envelope-from bounces+73574-d723-freebsd-rc=freebsd.org@sendgrid.me) Received: from o3.shared.sendgrid.net (o3.shared.sendgrid.net [208.117.48.85]) by mx1.freebsd.org (Postfix) with SMTP id 68FA726A7 for ; Mon, 14 Oct 2013 16:52:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h=from:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; s=smtpapi; bh=hqG6oe06w4CXi8S9XwbVCMld+Bs=; b=CL/tb8Go1Q3DugdV8k rrKU06rfHzVlofXQOjFzk48UgjfdO4rosMXyy3cm1eEBj9QyXVRNMb1abCQbAYqQ rNNnXdZpZ2HLTngzV/N/WV2Aoe/EmEdwhPn/kvenEvNjZ9UE2PrrfTUyk9dF+fBw RbodsOjzcBir30fPhkGVwCQgk= Received: by filter-134.sjc1.sendgrid.net with SMTP id filter-134.9265.525C213E1 Mon, 14 Oct 2013 16:52:14 +0000 (GMT) Received: from mail.tarsnap.com (unknown [10.60.208.13]) by mi19 (SG) with ESMTP id 141b7e1d9c9.19bb.18f7779 for ; Mon, 14 Oct 2013 16:52:13 +0000 (UTC) Received: (qmail 88619 invoked from network); 14 Oct 2013 16:52:12 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 14 Oct 2013 16:52:12 -0000 Received: (qmail 10679 invoked from network); 14 Oct 2013 16:51:22 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 14 Oct 2013 16:51:22 -0000 Message-ID: <525C210A.2000306@freebsd.org> Date: Mon, 14 Oct 2013 09:51:22 -0700 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: Nick Hibma Subject: Re: RFC: support for "first boot" rc.d scripts References: <525B258F.3030403@freebsd.org> <41F1219E-4DCC-4B04-A1DC-40038809556B@van-laarhoven.org> In-Reply-To: <41F1219E-4DCC-4B04-A1DC-40038809556B@van-laarhoven.org> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-SG-EID: ChUA/E68MWtQtYrYVmEHIGuqNmShXrFL3cq8iGM7RqVeZL0Y86r/aQ+6pqlGqylNmPlOwO6mofSXfSM2zFHcq/5MY+1wASBp/WE9AccvMSD/S813SMYuZ53hH2LSqhscE0oBMp25jr+mWYjOnQ4cGXN7wyqv6WzJwFMIDhiKdos= Cc: FreeBSD current , freebsd-rc@freebsd.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Oct 2013 16:52:15 -0000 Hi Nick, On 10/14/13 00:59, Nick Hibma wrote: > Sounds useful: We have nanobsd images that configure a hard disk if present, but obviously only need to be run once. > > However: NanoBSD stores uses a memory disk for /etc and stores it's permanent scripts in /conf/* (/etc/rc.initdiskless) and/or /cfg (NanoBSD) so I doubt whether the 'embedded systems' argument is of much use, as deleting the script or flagging 'firstboot' is non-permanent. Yes, it's hard to store state on diskless systems... but I figured that anyone building a diskless system would know to not create a "run firstboot scripts" marker. And not all embedded systems are diskless... -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid From owner-freebsd-rc@FreeBSD.ORG Mon Oct 14 16:54:36 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id BF488350 for ; Mon, 14 Oct 2013 16:54:36 +0000 (UTC) (envelope-from bounces+73574-d723-freebsd-rc=freebsd.org@sendgrid.me) Received: from o3.shared.sendgrid.net (o3.shared.sendgrid.net [208.117.48.85]) by mx1.freebsd.org (Postfix) with SMTP id 61B4926C3 for ; Mon, 14 Oct 2013 16:54:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h=from:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; s=smtpapi; bh=0kISZbOR38SkcdNY1JMLJQ6HxRY=; b=Ygbx9OUu/4wdcs89zU qNdiaMd+/y58J0j2tzZgnDjYFNEh6P2veGgwsCZptiUlKYiRnwHGnl1ypOKjgQ7U QzlTvoY/JcZ9m2zbVDO4jcpK5yi7HLAkQ8qfHg6T70DGJCw6R8GNw/81NZ4FrVDq Nc2Wzo5aY7BnaGcKN3edLDvZw= Received: by filter-178.sjc1.sendgrid.net with SMTP id filter-178.20129.525C21CB5 Mon, 14 Oct 2013 16:54:35 +0000 (GMT) Received: from mail.tarsnap.com (unknown [10.60.208.15]) by mi13 (SG) with ESMTP id 141b7e4022c.4bb8.10ea1fb for ; Mon, 14 Oct 2013 16:54:35 +0000 (UTC) Received: (qmail 88671 invoked from network); 14 Oct 2013 16:54:34 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 14 Oct 2013 16:54:34 -0000 Received: (qmail 10689 invoked from network); 14 Oct 2013 16:53:43 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 14 Oct 2013 16:53:43 -0000 Message-ID: <525C2197.9020405@freebsd.org> Date: Mon, 14 Oct 2013 09:53:43 -0700 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: Hiroki Sato Subject: Re: RFC: support for "first boot" rc.d scripts References: <525B258F.3030403@freebsd.org> <20131014.210726.1989833413225901961.hrs@allbsd.org> In-Reply-To: <20131014.210726.1989833413225901961.hrs@allbsd.org> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-SG-EID: ChUA/E68MWtQtYrYVmEHIGuqNmShXrFL3cq8iGM7RqXUjTAWJRcZYNKxQTmJM9ICvPPBoN3Mvj5/bEmvNNx4nXB98ZQKSotGo+6pkn7k24hXlOXi5WtbyPT9E9EEVWR9Xci4R3G7sBNfp86HYytZ5DTNk8HkigMKjqt3b96lLio= Cc: freebsd-current@FreeBSD.org, freebsd-rc@FreeBSD.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Oct 2013 16:54:36 -0000 On 10/14/13 05:07, Hiroki Sato wrote: > Colin Percival wrote > in <525B258F.3030403@freebsd.org>: > > cp> I've attached a very simple patch which makes /etc/rc: > > cp> +if ! [ -e /var/db/firstboot ]; then > cp> + skip="$skip -s firstboot" > cp> +fi > > At this stage, it is possible that /var/db does not exist because it > is before rc.d/mountcritlocal. Ah, good point. I guess we need something on / then? -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid From owner-freebsd-rc@FreeBSD.ORG Mon Oct 14 17:00:17 2013 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 42ABF67E; Mon, 14 Oct 2013 17:00:17 +0000 (UTC) (envelope-from ian@FreeBSD.org) Received: from mho-01-ewr.mailhop.org (mho-03-ewr.mailhop.org [204.13.248.66]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 182522740; Mon, 14 Oct 2013 17:00:16 +0000 (UTC) Received: from c-24-8-230-52.hsd1.co.comcast.net ([24.8.230.52] helo=damnhippie.dyndns.org) by mho-01-ewr.mailhop.org with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1VVlV4-000MmG-Fm; Mon, 14 Oct 2013 17:00:10 +0000 Received: from [172.22.42.240] (revolution.hippie.lan [172.22.42.240]) by damnhippie.dyndns.org (8.14.3/8.14.3) with ESMTP id r9EH07FS025748; Mon, 14 Oct 2013 11:00:07 -0600 (MDT) (envelope-from ian@FreeBSD.org) X-Mail-Handler: Dyn Standard SMTP by Dyn X-Originating-IP: 24.8.230.52 X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/sendlabs/outbound_abuse.html for abuse reporting information) X-MHO-User: U2FsdGVkX18qFMUf7Hs80LW2GBYfnaWJ Subject: Re: RFC: support for "first boot" rc.d scripts From: Ian Lepore To: Colin Percival In-Reply-To: <525C210A.2000306@freebsd.org> References: <525B258F.3030403@freebsd.org> <41F1219E-4DCC-4B04-A1DC-40038809556B@van-laarhoven.org> <525C210A.2000306@freebsd.org> Content-Type: text/plain; charset="us-ascii" Date: Mon, 14 Oct 2013 11:00:07 -0600 Message-ID: <1381770007.42859.82.camel@revolution.hippie.lan> Mime-Version: 1.0 X-Mailer: Evolution 2.32.1 FreeBSD GNOME Team Port Content-Transfer-Encoding: 7bit Cc: FreeBSD current , freebsd-rc@FreeBSD.org, Nick Hibma X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Oct 2013 17:00:17 -0000 On Mon, 2013-10-14 at 09:51 -0700, Colin Percival wrote: > Hi Nick, > > On 10/14/13 00:59, Nick Hibma wrote: > > Sounds useful: We have nanobsd images that configure a hard disk if present, but obviously only need to be run once. > > > > However: NanoBSD stores uses a memory disk for /etc and stores it's permanent scripts in /conf/* (/etc/rc.initdiskless) and/or /cfg (NanoBSD) so I doubt whether the 'embedded systems' argument is of much use, as deleting the script or flagging 'firstboot' is non-permanent. > > Yes, it's hard to store state on diskless systems... but I figured > that anyone building a diskless system would know to not create a > "run firstboot scripts" marker. And not all embedded systems are > diskless... > The embedded systems we create at $work have readonly root and mfs /var, but we do have writable storage on another filesystem. It would work for us (not that we need this feature right now) if there were an rcvar that pointed to the marker file. Of course to make it work, something would have to get the alternate filesystem mounted early enough to be useful (that is something we do already with a custom rc script). Note that I'm not asking for any changes here, just babbling. -- Ian From owner-freebsd-rc@FreeBSD.ORG Mon Oct 14 19:12:07 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 283BE5B0 for ; Mon, 14 Oct 2013 19:12:07 +0000 (UTC) (envelope-from bounces+73574-d723-freebsd-rc=freebsd.org@sendgrid.me) Received: from o3.shared.sendgrid.net (o3.shared.sendgrid.net [208.117.48.85]) by mx1.freebsd.org (Postfix) with SMTP id D52742017 for ; Mon, 14 Oct 2013 19:12:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h=from:mime-version:to:cc:subject:references:in-reply-to:content-type; s=smtpapi; bh=gxGTAjlIQXnVU2nkFXqhxHbw/7I=; b=ZIAYAc0OHHePv+A9ln NU8GvX7bLDiFa6rJtFKYiu3DGlC9TO8o9o6n4YJTEpkDF8lF/cmAm9h0ZFanfobX Or5bg3vWL5YCBrPyA/CsaUQx3FImsP/vXsVy9S+QmVK1N4yO4Bs/n5LJ4ASDSR0X NuEIC34S9U03vY9rtGYIGa/ig= Received: by mf51.sendgrid.net with SMTP id mf51.11796.525C42055 Mon, 14 Oct 2013 19:12:05 +0000 (GMT) Received: from mail.tarsnap.com (unknown [10.60.208.13]) by mi17 (SG) with ESMTP id 141b861e5e4.18d.58bea5 for ; Mon, 14 Oct 2013 19:12:05 +0000 (UTC) Received: (qmail 93493 invoked from network); 14 Oct 2013 19:12:04 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 14 Oct 2013 19:12:04 -0000 Received: (qmail 17355 invoked from network); 14 Oct 2013 19:11:13 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 14 Oct 2013 19:11:13 -0000 Message-ID: <525C41D1.3040204@freebsd.org> Date: Mon, 14 Oct 2013 12:11:13 -0700 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: Ian Lepore Subject: Re: RFC: support for "first boot" rc.d scripts References: <525B258F.3030403@freebsd.org> <41F1219E-4DCC-4B04-A1DC-40038809556B@van-laarhoven.org> <525C210A.2000306@freebsd.org> <1381770007.42859.82.camel@revolution.hippie.lan> In-Reply-To: <1381770007.42859.82.camel@revolution.hippie.lan> X-Enigmail-Version: 1.5.2 Content-Type: multipart/mixed; boundary="------------030903020801090603020103" X-SG-EID: ChUA/E68MWtQtYrYVmEHIGuqNmShXrFL3cq8iGM7RqUoMMBZTPWb0uQeu1Zwu+GE0WEf1BV4nD3N630gnoLp5FNOYq8CArSQI64VBB0OCeOLRHIwLRf0OScgrma689hax8QseYSSnfFQ2Sdx7uh1dRg8pFxPnCE7re/0bMCWvso= Cc: FreeBSD current , freebsd-rc@FreeBSD.org, Nick Hibma X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Oct 2013 19:12:07 -0000 This is a multi-part message in MIME format. --------------030903020801090603020103 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit On 10/14/13 10:00, Ian Lepore wrote: > On Mon, 2013-10-14 at 09:51 -0700, Colin Percival wrote: >> Yes, it's hard to store state on diskless systems... but I figured >> that anyone building a diskless system would know to not create a >> "run firstboot scripts" marker. And not all embedded systems are >> diskless... > > The embedded systems we create at $work have readonly root and mfs /var, > but we do have writable storage on another filesystem. It would work > for us (not that we need this feature right now) if there were an rcvar > that pointed to the marker file. Of course to make it work, something > would have to get the alternate filesystem mounted early enough to be > useful (that is something we do already with a custom rc script). Indeed... the way my patch currently does things, it looks for the firstboot sentinel at the start of /etc/rc, which means it *has* to be on /. Making the path an rcvar is a good idea (updated patch attached) but we still need some way to re-probe for that file after mounting extra filesystems. > Note that I'm not asking for any changes here, just babbling. Babbling is good. Between us we might babble a useful solution. ;-) -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid --------------030903020801090603020103 Content-Type: text/plain; charset=us-ascii; name="firstboot.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="firstboot.patch" Index: etc/defaults/rc.conf =================================================================== --- etc/defaults/rc.conf (revision 256432) +++ etc/defaults/rc.conf (working copy) @@ -619,6 +619,9 @@ accounting_enable="NO" # Turn on process accounting (or NO). ibcs2_enable="NO" # Ibcs2 (SCO) emulation loaded at startup (or NO). ibcs2_loaders="coff" # List of additional Ibcs2 loaders (or NO). +firstboot_sentinel="/firstboot" # Scripts with "firstboot" keyword are run if + # this file exists. Should be on a R/W filesystem so + # the file can be deleted after the boot completes. # Emulation/compatibility services provided by /etc/rc.d/abi sysvipc_enable="NO" # Load System V IPC primitives at startup (or NO). Index: etc/rc =================================================================== --- etc/rc (revision 256432) +++ etc/rc (working copy) @@ -81,6 +81,9 @@ skip="$skip -s nojailvnet" fi fi +if ! [ -e ${firstboot_sentinel} ]; then + skip="$skip -s firstboot" +fi # Do a first pass to get everything up to $early_late_divider so that # we can do a second pass that includes $local_startup directories @@ -116,6 +119,13 @@ run_rc_script ${_rc_elem} ${_boot} done +if [ -e ${firstboot_sentinel} ]; then + rm ${firstboot_sentinel} + if [ -e ${firstboot_sentinel}-reboot ]; then + rm ${firstboot_sentinel}-reboot + kill -INT 1 + fi +fi echo '' date exit 0 --------------030903020801090603020103-- From owner-freebsd-rc@FreeBSD.ORG Tue Oct 15 08:58:57 2013 Return-Path: Delivered-To: freebsd-rc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id C5939226; Tue, 15 Oct 2013 08:58:57 +0000 (UTC) (envelope-from nick@van-laarhoven.org) Received: from vps.van-laarhoven.org (www.hibma.org [IPv6:2a02:2308::216:3eff:feec:b1b5]) by mx1.freebsd.org (Postfix) with ESMTP id 845532E27; Tue, 15 Oct 2013 08:58:57 +0000 (UTC) Received: from [IPv6:2001:980:530a:1:ad2b:26d6:5b53:cd53] (unknown [IPv6:2001:980:530a:1:ad2b:26d6:5b53:cd53]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by vps.van-laarhoven.org (Postfix) with ESMTPSA id D20C95F2647; Tue, 15 Oct 2013 10:54:56 +0200 (CEST) Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\)) Subject: Re: RFC: support for "first boot" rc.d scripts From: Nick Hibma In-Reply-To: <525C41D1.3040204@freebsd.org> Date: Tue, 15 Oct 2013 10:58:53 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <6C7D69EB-204B-45B9-AD67-EBC1AB39AB8B@van-laarhoven.org> References: <525B258F.3030403@freebsd.org> <41F1219E-4DCC-4B04-A1DC-40038809556B@van-laarhoven.org> <525C210A.2000306@freebsd.org> <1381770007.42859.82.camel@revolution.hippie.lan> <525C41D1.3040204@freebsd.org> To: Colin Percival X-Mailer: Apple Mail (2.1510) Cc: FreeBSD current , freebsd-rc@FreeBSD.org, Ian Lepore X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Oct 2013 08:58:57 -0000 >>> Yes, it's hard to store state on diskless systems... but I figured >>> that anyone building a diskless system would know to not create a >>> "run firstboot scripts" marker. And not all embedded systems are >>> diskless... >>=20 >> The embedded systems we create at $work have readonly root and mfs = /var, >> but we do have writable storage on another filesystem. It would work >> for us (not that we need this feature right now) if there were an = rcvar >> that pointed to the marker file. Of course to make it work, = something >> would have to get the alternate filesystem mounted early enough to be >> useful (that is something we do already with a custom rc script). >=20 > Indeed... the way my patch currently does things, it looks for the > firstboot sentinel at the start of /etc/rc, which means it *has* to > be on /. Making the path an rcvar is a good idea (updated patch > attached) but we still need some way to re-probe for that file after > mounting extra filesystems. In many cases a simple=20 test -f /firstboot && bla_enable=3D'YES' || bla_enable=3D'NO' rm -f /firstboot in your specific rc.d script would suffice. Or for installing packages: for pkg in $PKGS; do if ! pkg_info $pkg-'[0-9]*' >/dev/null 2>&1; then pkg_add /some/dir/$pkg.txz fi done I am not quite sure why we need /firstboot handling in /etc/rc. Perhaps it is a better idea to make this more generic, to move the rc.d = script containing a 'runonce' keyword to a subdirectory as the last step = in rc (or make that an rc.d script in itself!). That way you could = consider moving it back if you need to re-run it. Or have an rc.d script = setup something like a database after installing a package by creating a = rc.d runonce script. Default dir could be ./run-once relative to the rc.d dir it is in, = configurable through runonce_directory . Note: The move would need to be done at the very end of rc.d to prevent = rcorder returning a different ordering and skipping scripts because of = that. Nick= From owner-freebsd-rc@FreeBSD.ORG Tue Oct 15 19:33:49 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 81E7649C for ; Tue, 15 Oct 2013 19:33:49 +0000 (UTC) (envelope-from tim@kientzle.com) Received: from mail-qa0-f42.google.com (mail-qa0-f42.google.com [209.85.216.42]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 341F52278 for ; Tue, 15 Oct 2013 19:33:48 +0000 (UTC) Received: by mail-qa0-f42.google.com with SMTP id w8so3763806qac.15 for ; Tue, 15 Oct 2013 12:33:42 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:sender:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=kV1AoZF4f1mqFmpZmwol/iz4TWJt5v7yn+b3DCl5lGA=; b=MgZ8NTYBe3HT8Y8GV3ysk8mfK3DmC+G5uSzQXownLnVu5CtBSizsMrEIDJIiAMO/9S WLaM2hdvSuiRntsFauQpwUmPL4ZN2se9dSCEIUWHbo0+TxnUvv7XMXXU/vL+77S3mlPx sAy4fZFF9wQQydYrYacJUXL1+anrROHrvar/hKnRnR9/1S5RpZiethx0Di4M369j4Klf 4uHBd89prOAXLj1SjoWmRoP5/muPvVFr1ELvRiY0SGCwz3CDZxSI9fnbQ0URbPqYwEBF DRqnt1IrMc+whRsxUK6a1LnwiWIWYal83uS6KLLEEx1T2m6NH7hkzHkA1ylot6oUrtk7 HxMg== X-Gm-Message-State: ALoCoQnmKJqPP47feL0AInyY9VJJB7BGZTmrc0J/yOEVmzsWTJNMHebLsAmBgvU1ACm1GbIDGZh6 X-Received: by 10.224.137.133 with SMTP id w5mr2667156qat.24.1381865622154; Tue, 15 Oct 2013 12:33:42 -0700 (PDT) Received: from [10.1.20.109] ([50.59.37.123]) by mx.google.com with ESMTPSA id i4sm158845987qan.0.1969.12.31.16.00.00 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 15 Oct 2013 12:33:41 -0700 (PDT) Sender: Tim Kientzle Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\)) Subject: Re: RFC: support for "first boot" rc.d scripts From: Tim Kientzle In-Reply-To: <525B258F.3030403@freebsd.org> Date: Tue, 15 Oct 2013 12:33:39 -0700 Content-Transfer-Encoding: 7bit Message-Id: <89D8FB48-81BA-47CD-BAB9-BB2D448DE9A2@freebsd.org> References: <525B258F.3030403@freebsd.org> To: Colin Percival X-Mailer: Apple Mail (2.1510) Cc: FreeBSD current , freebsd-rc@freebsd.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Oct 2013 19:33:49 -0000 Wonderful! This capability is long overdue. On Oct 13, 2013, at 3:58 PM, Colin Percival wrote: > As examples of what such scripts could do: More examples: I've been experimenting with putting "gpart resize" and "growfs" into rc.d scripts to construct images that can be dd'ed onto some medium and then automatically grow to fill the medium. When cross-installing ports, there are certain operations (e.g., updating 'info' database) that can really only be done after the system next boots. > I'd like to get this into HEAD in the near future in the hope that I can > convince re@ that this is a simple enough (and safe enough) change to merge > before 10.0-RELEASE. Please. Tim From owner-freebsd-rc@FreeBSD.ORG Tue Oct 15 20:09:37 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id E8C621A9; Tue, 15 Oct 2013 20:09:36 +0000 (UTC) (envelope-from mdf356@gmail.com) Received: from mail-ob0-x233.google.com (mail-ob0-x233.google.com [IPv6:2607:f8b0:4003:c01::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9A2AD24B6; Tue, 15 Oct 2013 20:09:36 +0000 (UTC) Received: by mail-ob0-f179.google.com with SMTP id wp18so2094369obc.24 for ; Tue, 15 Oct 2013 13:09:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=DSBRA6QPZgOvduK2pIhoc2cRL3CgvCVsL/vWQ9+hPno=; b=FGPxCCtYNzsnTL1gRlLbo7dHvXETVyI6vUuGHQLm4ODqOY4wL7YJ79QQX/zBAOJ6l5 EY0YnhN6WRP8LO6s6OegFK5r15X6e656eyrilLdO0HECCBwFiRbgulAm4+0Zh+8bTGiP /EuymkASZP8mhGPRwUH0p2bHT+JL9jp39Y6jwdZoOYQb0eMWaEBozET3nrA5us/Fv58q YdHE6k42gp7++cAciatWXgRz0zccIPbwdVLA8FBrW8Ei0vgt7mNNTx/vQWttXa11YsWx WdE89mBNxoT0akbTva44sdzky0qFnpHTROYEkS/N0+4mMDgW59IfycIKngto97ti4SKN qhxA== MIME-Version: 1.0 X-Received: by 10.182.225.162 with SMTP id rl2mr97492obc.72.1381867775962; Tue, 15 Oct 2013 13:09:35 -0700 (PDT) Sender: mdf356@gmail.com Received: by 10.182.110.195 with HTTP; Tue, 15 Oct 2013 13:09:35 -0700 (PDT) In-Reply-To: <525B258F.3030403@freebsd.org> References: <525B258F.3030403@freebsd.org> Date: Tue, 15 Oct 2013 13:09:35 -0700 X-Google-Sender-Auth: XQAiI64w5SQZ7yGb66opGjNCl6A Message-ID: Subject: Re: RFC: support for "first boot" rc.d scripts From: Matthew Fleming To: Colin Percival Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 Cc: FreeBSD current , freebsd-rc@freebsd.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Oct 2013 20:09:37 -0000 On Sun, Oct 13, 2013 at 3:58 PM, Colin Percival wrote: > Hi all, > > I've attached a very simple patch which makes /etc/rc: > > 1. Skip any rc.d scripts with the "firstboot" keyword if /var/db/firstboot > does not exist, > > 2. If /var/db/firstboot and /var/db/firstboot-reboot exist after running > rc.d > scripts, reboot. > > 3. Delete /var/db/firstboot (and firstboot-reboot) after the first boot. > We use something like this at work. However, our version creates a file after the firstboot scripts have run, and doesn't run if the file exists. Is there a reason to prefer one choice over the other? Naively I'd expect it to be better to run when the file doesn't exist, creating when done; it solves the problem of making sure the magic file exists before first boot, for the other polarity. Thanks, matthew From owner-freebsd-rc@FreeBSD.ORG Tue Oct 15 20:57:05 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 927D71D4 for ; Tue, 15 Oct 2013 20:57:05 +0000 (UTC) (envelope-from bounces+73574-d723-freebsd-rc=freebsd.org@sendgrid.me) Received: from o3.shared.sendgrid.net (o3.shared.sendgrid.net [208.117.48.85]) by mx1.freebsd.org (Postfix) with SMTP id 3DC1F27D9 for ; Tue, 15 Oct 2013 20:57:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h=from:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; s=smtpapi; bh=rbXRo06VLoOEhi0ed6bLCnY2dRc=; b=dcrfmhBIROZMHY0Blg yUOtsL8hsrMZHMGpNv7xPurCGbMtQMAbVZ3WJRTU3E480RKyjM6GY8WvvCPKE/0P +JZAoQ7Il+AQ9M6GE8FgCa/JF8NAKyG3aTlRjR1l+3lamxD4B5cMz9ESr6cy59q8 ST/P3HenBRL+J+IHxokF2wPPs= Received: by mf98 with SMTP id mf98.2371.525DAC1FB Tue, 15 Oct 2013 20:57:03 +0000 (GMT) Received: from mail.tarsnap.com (unknown [10.60.208.15]) by mi12 (SG) with ESMTP id 141bde85c33.e6c.10b9a92 for ; Tue, 15 Oct 2013 20:57:03 +0000 (UTC) Received: (qmail 43532 invoked from network); 15 Oct 2013 20:57:02 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 15 Oct 2013 20:57:02 -0000 Received: (qmail 4898 invoked from network); 15 Oct 2013 20:56:10 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 15 Oct 2013 20:56:10 -0000 Message-ID: <525DABE9.2060902@freebsd.org> Date: Tue, 15 Oct 2013 13:56:09 -0700 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: Nick Hibma Subject: Re: RFC: support for "first boot" rc.d scripts References: <525B258F.3030403@freebsd.org> <41F1219E-4DCC-4B04-A1DC-40038809556B@van-laarhoven.org> <525C210A.2000306@freebsd.org> <1381770007.42859.82.camel@revolution.hippie.lan> <525C41D1.3040204@freebsd.org> <6C7D69EB-204B-45B9-AD67-EBC1AB39AB8B@van-laarhoven.org> In-Reply-To: <6C7D69EB-204B-45B9-AD67-EBC1AB39AB8B@van-laarhoven.org> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-SG-EID: ChUA/E68MWtQtYrYVmEHIGuqNmShXrFL3cq8iGM7RqUNCC4zzdU5OOf/pym/qmuCecsMAbd9ORgH1S8oGe+Q+V53c4Ds94FLs2WPYg3P8PSo8x/uc4BcsOQ+61JUZoSXjFrP9pXtiRNhUkyIIMG1aoJyDB79PdjZXQfYnjHQSTc= Cc: FreeBSD current , freebsd-rc@FreeBSD.org, Ian Lepore X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Oct 2013 20:57:05 -0000 On 10/15/13 01:58, Nick Hibma wrote: >> Indeed... the way my patch currently does things, it looks for the >> firstboot sentinel at the start of /etc/rc, which means it *has* to >> be on /. Making the path an rcvar is a good idea (updated patch >> attached) but we still need some way to re-probe for that file after >> mounting extra filesystems. > > In many cases a simple > > test -f /firstboot && bla_enable='YES' || bla_enable='NO' > rm -f /firstboot > > in your specific rc.d script would suffice. [...] > I am not quite sure why we need /firstboot handling in /etc/rc. Your suggestion wouldn't work if you have several scripts doing it; the first one would remove the sentinel and the others wouldn't run. In my EC2 code I have a single script which runs after all the others and removes the sentinel file, but that still means that every script has to be executed on every boot (even if just to check if it should do anything); putting the logic into /etc/rc would allow rcorder to skip those scripts entirely. > Perhaps it is a better idea to make this more generic, to move the rc.d script containing a 'runonce' keyword to a subdirectory as the last step in rc (or make that an rc.d script in itself!). That way you could consider moving it back if you need to re-run it. Or have an rc.d script setup something like a database after installing a package by creating a rc.d runonce script. > > Default dir could be ./run-once relative to the rc.d dir it is in, configurable through runonce_directory . > > Note: The move would need to be done at the very end of rc.d to prevent rcorder returning a different ordering and skipping scripts because of that. I considered this, but decided that the most common requirement use of "run once" would be for "run when the system is first booted", and it would be much simpler to provide just the firstboot functionality. -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid From owner-freebsd-rc@FreeBSD.ORG Tue Oct 15 21:13:13 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id DD08BCAA for ; Tue, 15 Oct 2013 21:13:13 +0000 (UTC) (envelope-from bounces+73574-d723-freebsd-rc=freebsd.org@sendgrid.me) Received: from o3.shared.sendgrid.net (o3.shared.sendgrid.net [208.117.48.85]) by mx1.freebsd.org (Postfix) with SMTP id 75E2B2923 for ; Tue, 15 Oct 2013 21:13:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h=from:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; s=smtpapi; bh=6r8RknqUuvzGPvYiHZqPTfK8nxg=; b=ExxYqZYQFBtIHw+sjI 9aLaOM0k3+T2Ik1AIax+Sx8spgnZ3jzspfj/2UF8D0D8iezL2eKELvjyoWIz8+8v 1arQGqiHU9cQW/DFGwy0dAHz9MJnSZtN4XDpotABPa5XkoXv7G86pVgBOByBLu3I IkA/zo/3/YLhenv44pXcS96qA= Received: by mf107 with SMTP id mf107.7920.525DAFE81 Tue, 15 Oct 2013 21:13:12 +0000 (GMT) Received: from mail.tarsnap.com (unknown [10.60.208.13]) by mi16 (SG) with ESMTP id 141bdf7240a.63d3.4a87ca for ; Tue, 15 Oct 2013 21:13:12 +0000 (UTC) Received: (qmail 44061 invoked from network); 15 Oct 2013 21:13:11 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 15 Oct 2013 21:13:11 -0000 Received: (qmail 4982 invoked from network); 15 Oct 2013 21:12:18 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 15 Oct 2013 21:12:18 -0000 Message-ID: <525DAFB2.7090105@freebsd.org> Date: Tue, 15 Oct 2013 14:12:18 -0700 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: Matthew Fleming Subject: Re: RFC: support for "first boot" rc.d scripts References: <525B258F.3030403@freebsd.org> In-Reply-To: X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-SG-EID: ChUA/E68MWtQtYrYVmEHIGuqNmShXrFL3cq8iGM7RqWvsUd1I63yWdJ14+KmopylDADbJ9tXe2kpT/Ddm0/4yBXDsbSl41wMs3cMPa+Sc8gGNK4n9OE2J/gWAuZm69YMFJB36KqxUbyWdolkBkF/wibptjAnj2Qs1RflTj58Hic= Cc: FreeBSD current , freebsd-rc@freebsd.org X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Oct 2013 21:13:13 -0000 On 10/15/13 13:09, Matthew Fleming wrote: > We use something like this at work. However, our version creates a file after > the firstboot scripts have run, and doesn't run if the file exists. > > Is there a reason to prefer one choice over the other? Naively I'd expect it to > be better to run when the file doesn't exist, creating when done; it solves the > problem of making sure the magic file exists before first boot, for the other > polarity. I don't see that making sure that the magic file exists is a problem, since you'd also need to make sure you have knobs turned on in /etc/rc.conf and/or extra rc.d scripts installed. In a very marginal sense, deleting a file is safer than creating one, since if the filesystem is full you can delete but not create. It also seems to me that the sensible polarity is that having something extra lying around makes extra things happen rather than inhibiting them. But probably the best argument has to do with upgrading systems -- if you update a 9.2-RELEASE system to 10.1-RELEASE and there's a "first boot" script in that new release, you don't want to have it accidentally get run simply because you failed to create a /firstboot file during the upgrade process. -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid From owner-freebsd-rc@FreeBSD.ORG Wed Oct 16 19:48:48 2013 Return-Path: Delivered-To: freebsd-rc@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id B6E88B2A for ; Wed, 16 Oct 2013 19:48:48 +0000 (UTC) (envelope-from bounces+73574-d723-freebsd-rc=freebsd.org@sendgrid.me) Received: from o3.shared.sendgrid.net (o3.shared.sendgrid.net [208.117.48.85]) by mx1.freebsd.org (Postfix) with SMTP id 631BB264B for ; Wed, 16 Oct 2013 19:48:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sendgrid.info; h=from:mime-version:to:cc:subject:references:in-reply-to:content-type; s=smtpapi; bh=KU95oUnZahTrd/9XzTR016vTYvw=; b=Y3oOtob8f5h5GZHeQA xUfbZd9ZgfxhTk69qbKGD3WCcaFcsz20/DYg4MfZUaXd8Vg4rRxdGzf/GWYpHp5a yXBv+NtRUrIcCWWUB1l+V4y9dosy1JwHvifkOjR3x3rZSCj4SELVDASrwzm+Y25i 2zJ9mTAbWawwSLn7tGkw6QmIM= Received: by filterdell-002.sjc1.sendgrid.net with SMTP id filterdell-002.30721.525EED9A4 Wed, 16 Oct 2013 19:48:42 +0000 (GMT) Received: from mail.tarsnap.com (unknown [10.60.208.15]) by mi17 (SG) with ESMTP id 141c2d02239.18f.1dfa7cc for ; Wed, 16 Oct 2013 19:48:42 +0000 (UTC) Received: (qmail 89473 invoked from network); 16 Oct 2013 19:48:40 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by ec2-107-20-205-189.compute-1.amazonaws.com with ESMTP; 16 Oct 2013 19:48:40 -0000 Received: (qmail 14078 invoked from network); 16 Oct 2013 19:47:44 -0000 Received: from unknown (HELO clamshell.daemonology.net) (127.0.0.1) by clamshell.daemonology.net with SMTP; 16 Oct 2013 19:47:44 -0000 Message-ID: <525EED60.2000404@freebsd.org> Date: Wed, 16 Oct 2013 12:47:44 -0700 From: Colin Percival User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: Ian Lepore Subject: Re: RFC: support for "first boot" rc.d scripts References: <525B258F.3030403@freebsd.org> <41F1219E-4DCC-4B04-A1DC-40038809556B@van-laarhoven.org> <525C210A.2000306@freebsd.org> <1381770007.42859.82.camel@revolution.hippie.lan> In-Reply-To: <1381770007.42859.82.camel@revolution.hippie.lan> X-Enigmail-Version: 1.5.2 Content-Type: multipart/mixed; boundary="------------060902050507040600000606" X-SG-EID: ChUA/E68MWtQtYrYVmEHIGuqNmShXrFL3cq8iGM7RqUzQzcFPg0oe9t0Opce22bZdZ7SGjc788YLjgUjQ1aOe8VdrUWGcLLItqJvdBrsv67tuCw04yl9opwcosew7iXjU9kinobkQnNF7aKO6d5dAlrQKC2pGuIJSxZAXQSfuG4= Cc: FreeBSD current , freebsd-rc@FreeBSD.org, Nick Hibma X-BeenThere: freebsd-rc@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Discussion related to /etc/rc.d design and implementation." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Oct 2013 19:48:48 -0000 This is a multi-part message in MIME format. --------------060902050507040600000606 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit On 10/14/13 10:00, Ian Lepore wrote: > The embedded systems we create at $work have readonly root and mfs /var, > but we do have writable storage on another filesystem. It would work > for us (not that we need this feature right now) if there were an rcvar > that pointed to the marker file. Of course to make it work, something > would have to get the alternate filesystem mounted early enough to be > useful (that is something we do already with a custom rc script). New patch attached. This one re-probes for the firstboot sentinel after ${early_late_divider}, so you can set firstboot_sentinel to /path/to/my/writable/storage as long as that's available once the boot process reaches FILESYSTEMS (or NETWORKING, or whatever you set early_late_divider to). I figure that if we can assume all the local rc.d scripts are available at that point we can assume that wherever people decide to put the firstboot sentinel will also be available at that point. Does anyone see any problems with this? -- Colin Percival Security Officer Emeritus, FreeBSD | The power to serve Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid --------------060902050507040600000606 Content-Type: text/plain; charset=us-ascii; name="firstboot.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="firstboot.patch" Index: etc/defaults/rc.conf =================================================================== --- etc/defaults/rc.conf (revision 256432) +++ etc/defaults/rc.conf (working copy) @@ -619,6 +619,9 @@ accounting_enable="NO" # Turn on process accounting (or NO). ibcs2_enable="NO" # Ibcs2 (SCO) emulation loaded at startup (or NO). ibcs2_loaders="coff" # List of additional Ibcs2 loaders (or NO). +firstboot_sentinel="/firstboot" # Scripts with "firstboot" keyword are run if + # this file exists. Should be on a R/W filesystem so + # the file can be deleted after the boot completes. # Emulation/compatibility services provided by /etc/rc.d/abi sysvipc_enable="NO" # Load System V IPC primitives at startup (or NO). Index: etc/rc =================================================================== --- etc/rc (revision 256432) +++ etc/rc (working copy) @@ -82,10 +82,15 @@ fi fi +# If the firstboot sentinel doesn't exist, we want to skip firstboot scripts. +if ! [ -e ${firstboot_sentinel} ]; then + skip_firstboot="-s firstboot" +fi + # Do a first pass to get everything up to $early_late_divider so that # we can do a second pass that includes $local_startup directories # -files=`rcorder ${skip} /etc/rc.d/* 2>/dev/null` +files=`rcorder ${skip} ${skip_firstboot} /etc/rc.d/* 2>/dev/null` _rc_elem_done=' ' for _rc_elem in ${files}; do @@ -107,7 +112,13 @@ *) find_local_scripts_new ;; esac -files=`rcorder ${skip} /etc/rc.d/* ${local_rc} 2>/dev/null` +# The firstboot sentinel might be on a newly mounted filesystem; look for it +# again and unset skip_firstboot if we find it. +if [ -e ${firstboot_sentinel} ]; then + skip_firstboot="" +fi + +files=`rcorder ${skip} ${skip_firstboot} /etc/rc.d/* ${local_rc} 2>/dev/null` for _rc_elem in ${files}; do case "$_rc_elem_done" in *" $_rc_elem "*) continue ;; @@ -116,6 +127,15 @@ run_rc_script ${_rc_elem} ${_boot} done +# Remove the firstboot sentinel, and reboot if it was requested. +if [ -e ${firstboot_sentinel} ]; then + rm ${firstboot_sentinel} + if [ -e ${firstboot_sentinel}-reboot ]; then + rm ${firstboot_sentinel}-reboot + kill -INT 1 + fi +fi + echo '' date exit 0 --------------060902050507040600000606--