Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 21 Jul 2017 01:14:16 +0100
From:      Frank Leonhardt <frank2@fjl.co.uk>
To:        freebsd-questions@freebsd.org
Subject:   Re: Stop ZFS/opensolaris from autoloading?
Message-ID:  <c3d2e12e-dbfb-791e-a4bc-0b7d39086d8c@fjl.co.uk>
In-Reply-To: <alpine.BSF.2.20.1707181730300.77917@prime.gushi.org>
References:  <alpine.BSF.2.20.1704301614190.9510@prime.gushi.org> <fd29a51e-993f-1610-8d5b-cb58d68907ca@fjl.co.uk> <alpine.BSF.2.20.1707181730300.77917@prime.gushi.org>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On 19/07/2017 03:31, Dan Mahoney, System Admin wrote:
> On Tue, 18 Jul 2017, Frank Leonhardt wrote:
>
>> On 01/05/2017 00:17, Dan Mahoney wrote:
>>       Short of renaming the modules (which breaks upgrades and is 
>> unpredictable) is there any easy way to stop a system from 
>> auto-loading the ZFS
>>       modules?
>>
>>       We've got some memory-constrained systems and the concept of 
>> "modules that load themselves" somewhat bugs me.
>>
>>       I'd rather "zpool status" (which is often called by things like 
>> Facter) simply return an error than load a kernel module that will 
>> never be
>>       used.
>>
>>
>> I've not had that problem myself, but my inclination would be to make 
>> sure it's not loaded or compiled in the kernel (obvious) and then simply
>> rename/replace all the zxxxx executables with scripts that do what I 
>> want. Less intrusive fiddling that way.
>
> That also breaks freebsd-update.  You're on to something, however.  I 
> wonder if chmod'ing the appropriate files 000 will stop it, or 
> chmod'ing the kernel module 000. 

There are stronger ways of making files immutable but I don't think it's 
the way. Just run a script after the update:

echo exit 1 >/sbin/zfs
echo exit 1 >/sbin/zpool
...
chmod a+x /sbin/z*

You could even put it in rc.local and have it re-patched every time you 
boot. I do something similar for modifications; it helps to keep a 
record of everything that's changed in a system in one place for all 
sorts of reasons. For example, I put a wrapper around "shutdown" on 
remote servers so I don't accidentally "shutdown -p now" anything in a 
data centre. thinking I'm turning off my local box.

Regards, Frank.




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?c3d2e12e-dbfb-791e-a4bc-0b7d39086d8c>