FreeBSD Security Advisory FreeBSD-SA-19:10.ufs
Eugene Grosbein
eugen at grosbein.net
Thu Jul 4 04:37:40 UTC 2019
03.07.2019 19:29, Ed Maste wrote:
> On Wed, 3 Jul 2019 at 11:21, Doug Hardie <bc979 at lafn.org> wrote:
>>
>> That is going to be a bit tricky to do on a headless server that is remote. None of mine have consoles. They are all accessed via SSH. Any ideas how this situation can be handled?
>
> Probably an rc.d script with BEFORE: root that invokes the fsck
> command - something along the lines of the following (as yet untested
> and missing error checking etc.):
>
> #!/bin/sh
> #
>
> # PROVIDE: fsck_ufs
> # BEFORE: root
> # REQUIRE: fsck
> # KEYWORD: nojail
>
> . /etc/rc.subr
>
> name="fsck_ufs"
> desc="fsck UFS filesystems for FreeBSD-SA-19:10.ufs"
> start_cmd="fsck_ufs_start"
> stop_cmd=":"
>
> fsck_ufs_start()
> {
> fsck -t ufs -f -p -T ufs:-z
> }
>
> load_rc_config $name
> run_rc_command "$1"
We should resurrect "early" rc.d script. Its removal in 6.x as opposed to rewrite was a mistake
as such script is irreplaceable for multiple situations including pretty ordinary ones
like enabling kernel crashdumps to gmirror.
More information about the freebsd-security
mailing list