Date: Fri, 4 Dec 1998 12:50:03 +1030 From: Greg Lehey <grog@lemis.com> To: Jason Evans <jasone@canonware.com>, freebsd-questions@FreeBSD.ORG Subject: Re: crashdump, dangerously dedicated, hosed system Message-ID: <19981204125003.M441@freebie.lemis.com> In-Reply-To: <Pine.BSF.4.05.9811251916280.26945-100000@sturm.canonware.com>; from Jason Evans on Wed, Nov 25, 1998 at 07:35:16PM -0800 References: <Pine.BSF.4.05.9811251916280.26945-100000@sturm.canonware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wednesday, 25 November 1998 at 19:35:16 -0800, Jason Evans wrote: > So, I found a reliable way to crash FreeBSD-stable (cvsup'ed today), and > being the good FreeBSDer wannabe that I am, I figured I should trace this > down, since it may be exploitable via a remote DoS attack. > > As the Handbook instructs, I did a "config -g", rebuilt the kernel, and > installed a stripped version of it. I also enabled dumpon by specifying > my swap partition in /etc/rc.conf: > > dumpdev="/dev/sd1s1b" > > (Should this have been a raw device?) > > I rebooted and crashed the machine. All appeared fine and the core was > apparently successfully dumped. When the machine rebooted though, fsck > gave nasty errors about two partitions, /dev/rsd1s1e and /dev/rsd1s1f. I > tried to run fsck manually, but fsck said the device was not configured. > Finally, I commented the two devices out of the /etc/fstab and rebooted > successfully. However, I got the following: > > kern.dumpdev: Device not configured > > A little more probing has turned up the fact that the disklabel for > /dev/sd1 is... not a disklabel anymore. > > As mentioned in the header, all disks in the system are dangerously > dedicated. > > My question: what did I do wrong? My home directory is on sd1, so I'm a > bit reluctant to do this again until I'm confident it won't trash my > system. There's nothing obvious you did wrong, though there's a possibility that something may have gone wrong if your swap partition was exactly the size of your memory (offhand I can't remember, but it needs a little bit more to at least note the fact that there's a dump in the partition). Also, of course, if you had laid out your drive with overlapping partitions, all bets would be off. Finally, depending on how your system crashed, that could have caused the corruption. I don't suppose you'll be able to find out now. It's very rare to have this kind of problem; I've been running BSD on multiple machines for nearly 7 years, and it's never happened to me. Greg -- See complete headers for address, home page and phone numbers finger grog@lemis.com for PGP public key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981204125003.M441>