FreeBSD Notizen

gptzfsboot error

gptzfsboot error 16 lba ...  (16 -> eine platte hate einen lesefehler)

Error Codes (http://www.ctyme.com/intr/rb-0606.htm#Table234):

00h    successful completion
01h    invalid function in AH or invalid parameter
02h    address mark not found
03h    disk write-protected
04h    sector not found/read error
05h    reset failed (hard disk)
05h    data did not verify correctly (TI Professional PC)
06h    disk changed (floppy)
07h    drive parameter activity failed (hard disk)
08h    DMA overrun
09h    data boundary error (attempted DMA across 64K boundary or >80h sectors)
0Ah    bad sector detected (hard disk)
0Bh    bad track detected (hard disk)
0Ch    unsupported track or invalid media
0Dh    invalid number of sectors on format (PS/2 hard disk)
0Eh    control data address mark detected (hard disk)
0Fh    DMA arbitration level out of range (hard disk)
10h    uncorrectable CRC or ECC error on read
11h    data ECC corrected (hard disk)
20h    controller failure
31h    no media in drive (IBM/MS INT 13 extensions)
32h    incorrect drive type stored in CMOS (Compaq)
40h    seek failed
80h    timeout (not ready)
AAh    drive not ready (hard disk)
B0h    volume not locked in drive (INT 13 extensions)
B1h    volume locked in drive (INT 13 extensions)
B2h    volume not removable (INT 13 extensions)
B3h    volume in use (INT 13 extensions)
B4h    lock count exceeded (INT 13 extensions)
B5h    valid eject request failed (INT 13 extensions)
B6h    volume present but read protected (INT 13 extensions)
BBh    undefined error (hard disk)
CCh    write fault (hard disk)
E0h    status register error (hard disk)
FFh    sense operation failed (hard disk)

binary jail

$ zfs create machines/jail_XXX
$ cd create machines/jail_XXX
$ fetch -q -o - http://ftp.freebsd.org/pub/FreeBSD/releases/amd64/amd64/10.0-RELEASE/base.txz | tar xvpf -
$ #opt# fetch -q -o - http://ftp.freebsd.org/pub/FreeBSD/releases/amd64/amd64/10.0-RELEASE/lib32.txz | tar xvpf -
$ #opt# fetch -q -o - http://ftp.freebsd.org/pub/FreeBSD/releases/amd64/amd64/10.0-RELEASE/ports.txz | tar xvpf -
$ #opt# http://pkg.freebsd.org/freebsd:10:x86:64/latest/Latest/pkg.txz
$ cp /etc/resolv.conf etc
$ vim etc/rc.conf

see also next section

debian kfreebsd amd64 jail

/etc/rc.conf (add)

jail_enable="YES"
kld_list="pty"

root@x4:~ # uname -a
... FreeBSD 10.0-RELEASE ...
root@_:~ # debootstrap --arch=kfreebsd-amd64 wheezy /stuff/tempjail
...

root@_:~ # echo 'root::0:0::0:0:Charlie &:/root:/bin/csh' > /stuff/tempjail/etc/master.passwd
root@_:~ # pwd_mkdb -d /stuff/tempjail/etc/ /stuff/tempjail/etc/master.passwd


# set 'login' where /etc/rc.d/jail console search for it
ln -s /stuff/tempjail/bin/login /stuff/tempjail/usr/bin/login

cat /stuff/tempjail/etc/jail.start 
#!/bin/sh
/etc/init.d/rc 0

cat /stuff/tempjail/etc/jail.stop
#!/bin/sh
/etc/init.d/rc 3


# start jail
/etc/rc.d/jail start debian
# enter jail
/etc/rc.d/jail console debian


# add alias to network device
$ ifconfig igb0 192.168.0.25/24 alias

/etc/jails.conf (add)

debian {
    path = "/stuff/tempjail";
        host.hostname = "debian.domain";
        ip4.addr = 192.168.0.25;
    mount.devfs;
    exec.clean;
    exec.start = "/etc/jail.start";
    exec.stop = "/etc/jail.stop";
}

Freebsd anpassen

Shell

Bash als Paket installieren

freebsd# pkg_add -r bash

Standard Shell wechseln

freebsd# chsh

.vimrc

set nocompatible

virtualbox installieren

Mit sysinstall -> Configure -> Distributions src/all installieren.

32bit Libraries installieren

cd /usr/src/
make build32 install32; ldconfig -v -m -R /usr/lib32

Virtualbox installieren (hier ohne GUI)

# cd /usr/ports/emulators/virtualbox

# make config
      Options for virtualbox-ose 3.2.6                 
 [ ] QT4             Build with QT4 Frontend           
 [ ] DEBUG           Build with debugging symbols      
 [ ] GUESTADDITIONS  Build with Guest Additions        
 [ ] DBUS            Build with D-Bus and HAL support  
 [ ] PULSEAUDIO      Build with PulseAudio             
 [ ] X11             Build with X11 support            
 [ ] VDE             Build with VDE support            
 [X] VNC             Build with VNC support            
 [ ] WEBSERVICE      Build Webservice                  

# make install

.....

VirtualBox was installed.

You need to load the vboxdrv kernel module via /boot/loader.conf:
vboxdrv_load="YES"
For bridged networking please add the following line to your /etc/rc.conf:
vboxnet_enable="YES"
Reboot the machine to load the needed kernel modules.
You also have to add all users to your vboxusers group in order to use vbox.
% pw groupmod vboxusers -m jerry
Running VirtualBox as non-root user may fail with a fatal error 
NS_ERROR_FACTORY_NOT_REGISTERED. In this case delete /tmp/.vbox-*-ipc file.

Check wiki page for known issues and troubleshooting:
http://wiki.freebsd.org/VirtualBox

VBoxManage

VM Beschreibung anlegen

VBoxManage createvm --name <NAME> --ostype Linux  --register

Blockdevice als virtuelle Festplatte anlegen

VBoxManage internalcommands createrawvmdk -filename .VirtualBox/disks/openvz-host.vmdk -rawdisk /dev/zvol/tank/openvz-host 
   RAW host disk access VMDK file .VirtualBox/disks/openvz-host.vmdk created successfully.

SATA Controller zu virtueller Maschine hinzufügen

VBoxManage storagectl openvz-host --name controller-1 --add sata

Festplatte an SATA Controller hängen

VBoxManage storageattach openvz-host --storagectl controller-1 --port 0 --device 0 --type hdd --medium ~/.VirtualBox/disks/openvz-host.vmdk

Ein DVD-Medium registrieren

VBoxManage openmedium dvd /tank/share/software/betriebssystem/debian/debian-505-i386-netinst.iso

Alle bekannten DVDs listen

VBoxManage list dvds

Einen IDE-Controller hinzufügen

VBoxManage storagectl openvz-host --name controller-2 --add ide

Eine DVD anhand ihrer UUID an den IDE-Controller hängen

VBoxManage storageattach openvz-host --storagectl controller-2 --port 0 --device 0 --type dvddrive --medium 712395e2-656a-4916-b18f-83b053f53aa9

Eine weitere physikalisches Blockdevice als Datei repräsentiert anlegen

VBoxManage internalcommands createrawvmdk -filename .VirtualBox/disks/vz.nbd.vmdk -rawdisk /dev/zvol/tank/nbd/vz.nbd

Und an Port 2 des SATA Controller hängen

VBoxManage storageattach openvz-host --storagectl controller-1 --port 1 --device 0 --type hdd --medium ~/.VirtualBox/disks/vz.nbd.vmdk

Verschlüsseltes swap

http://www.freebsd.org/doc/handbook/swap-encrypting.html

/etc/rc.conf

geli_swap_flags="-e blowfish -l 128 -s 4096 -d"

/etc/fstab

/dev/ad2s1b.eli     none    swap    sw  0   0

Swap einmal eingehängt:

geli onetime -e blowfish -l 128 -s 4096 -d /dev/ad2s1b
swapon /dev/ad2s1b.eli

Swap auf zfs zvols's ist evil.

Fesptlatte einbinden

mit sysinstall

[root@x3 ~]% sysinstall
# erstellen eines slice mit 2929854312 Sektoren a 512byte
# bei sysinstall fehlen bei dieser Eingabe 16065 Sektoren
# deshalb 2929854312+16065=2929870377
# so bleiben ca. 216mb ungenutzt als Reserve

oder fdisk

fdisk -p /dev/QUELLE | fdisk -i -f - /dev/ZIEL
# -p Ausgabe maschinenlesbar
# -i initialize
# -f config quelle

[root@x3 ~]% geli init -b -l 256 -s 4096 /dev/da2s1
[root@x3 ~]% geli attach /dev/da2s1
[root@x3 ~]% zpool add -nf tank da2s1.eli
[root@x3 ~]% zpool add -f tank da2s1.eli

Network Block Devices (NBD) Server

FIXME - synchronize

#!/bin/sh
#
# $FreeBSD$
#

# PROVIDE: nbd-server
# REQUIRE: devfs syslogd

. /etc/rc.subr

name="nbd-server"
rcvar="nbd_server_enable"
start_cmd="nbd_server_start"
stop_cmd="nbd_server_stop"


nbd_server_start()
{
        echo -n "Start nbd-server: "
        for port_file in ${nbd_server_disks}; do
                port="`echo ${port_file} | cut -d : -f 1`"
                file="`echo ${port_file} | cut -d : -f 2`"
                echo -n "${file}@${port} "
                nbd-server ${port} "${file}"
        done
        echo
}

nbd_server_stop() {
        echo -n "Stoppe nbd-server:"
        for pid in `pgrep nbd-server`; do
                echo -n " $pid"
                kill $pid
                echo -n "."
        done
        echo
}

load_rc_config $name
load_rc_config $name
run_rc_command "$1"

/etc/rc.conf

nbd_server_enable="YES"
nbd_server_disks="10101:/dev/zvol/tank/nbd/aurora_root.nbd 10102:/dev/zvol/tank/nbd/orakel_root.nbd"

Troubleshooting

Zerkonfiguriertes root ufs Dateisystem unter Linux editieren

Linux Kernel anpassen

Um ufs beschreibbar unter Linux laufen lassen zu können muss wahrscheinlich bei den meisten Distributionen der Kernel angepasst werden.

File systems  --->
   [*] Miscellaneous filesystems  --->
      <M>   UFS file system support (read only)
      [*]     UFS file system write support (DANGEROUS)

Eine Anleitung um den Kernel unter zu kompilieren gibts hier: http://ghantoos.org/2009/04/04/mounting-ufs-in-readwrite-under-linux/

Mounten

Da Freebsd Slices verwendet und diese auch mit Kernel Unterstützung bei Loop Devices nicht erkannt werden muss eventuell ein Offset beim mounten angegeben werden um das passende Slice zu finden.

mount -o loop,rw,ufstype=5xbsd,offset=32256 -t ufs freebsd_root.img /mnt/

FIXME woher offset nehmen?

Administration

ports Sicherheitsaudit

PKG_DBDIR=/###/jail_###/var/db/pkg pkg_info -aE | portaudit -f -

ports Sammlung installieren/updaten

# Erstmalig runterladen z.b. in neuer Jail.
portsnap fetch
# auspacken
portsnap extract
# updaten
portsnap update
# oder 
portsnap fetch update

jails aus sourcen erzeugen

(in virtalbox)

Die jails werden auf einer virtuellen Festplatte mit zfs installiert.

new install log

Ausgangspunkt ist das Grundsystem der Installer CD.

# portsnap fetch extract
# cd /usr/ports/ports-mgmt/portmaster
# make install clean distclean
# portmaster editors/vim-lite sysutils/smartmontools sysutils/screen shells/bash ports-mgmt/portaudit

Die portmaster.conf editieren, damit alte Distfiles beim Update gelöscht werden:

# mv /usr/local/etc/portmaster.rc.src /usr/local/etc/portmaster.rc

Die Zeile "ALWAYS_SCRUB_DISTFILES=dopt" einkommentieren.

echo "hw.syscons.bell=0" >> /etc/sysctl.conf
cp /usr/local/share/vim/vim73/vimrc_example.vim /usr/local/share/vim/vimrc
pw usernmod user -G wheel

Jails einrichten

mkdir /usr/jails
mkdir /usr/jails/template
fetch -q -o - ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/amd64/9.1-RELEASE/base.txz | tar xvpf -
fetch -q -o - ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/amd64/9.1-RELEASE/lib32.txz | tar xpf -
fetch -q -o - http://ftp.freebsd.org/pub/FreeBSD/releases/amd64/amd64/9.1-RELEASE/ports.txz | tar xvpf -

tar cpf - . | tar xvf - -C /usr/jails/first

ifconfig epair0 create
ifconfig epair0 vnet first
ifconfig bridge0 create
ifconfig bridge0 addm bfe0 addm epair0b up
ifconfig epair0a up

http://bsdbased.com/2009/12/06/freebsd-8-vimage-epair-howto http://wiki.polymorf.fr/index.php/Howto:FreeBSD_jail_vnet