tech-userlevel: Re: RFC: migration to a fully dynamically linked system

Subject: Re: RFC: migration to a fully dynamically linked system
To: Manuel Bouyer <bouyer@antioche.eu.org>
From: Luke Mewburn <lukem@wasabisystems.com>
List: tech-userlevel
Date: 08/22/2002 13:56:37

[getting back to an old thread]
On Thu, Jan 03, 2002 at 06:29:35PM +0100, Manuel Bouyer wrote:
  | On Sun, Dec 30, 2001 at 04:02:57PM +0700, Robert Elz wrote:
  | > That's easy - init can tell the kernel that it is running now, and
  | > all is OK. After that, panic, before then, try some other init
  | > path. init would tell the kernel all is OK as just about the first
  | > thing it does in main().
  | 
  | This doesn't cover all cases. In case of a partially corrupted libc,
  | init may die after the syscall has been issued.

Sure, but now we're starting to drag strawman cases out of the wood-work.

In the past, it was very easy to screw a system so you couldn't recover
without falling back to separate boot media/mechanisms:

	- Missing /dev/console
	  This is now fixed with the mfs-/dev workaround, assuming your
	  box has enough memory to cope, which 99.9% of NetBSD machines
	  do. (8MB I think)

	- Missing or corrupt /sbin/init, /sbin/init.bak, /sbin/oinit.
	  Oops :) (No easy solution yet)

I have just committed a bunch of stuff to enable the building and
installation of /rescue, which contains all of the stuff from /bin
and /sbin (as well as gzip, bzip, ldd, ktrace, kdump, ...)
If something goes wrong with the applications in /bin or /sbin, you
can prepend /rescue to your PATH and resolve your problem.

The change to a dynamic /bin and /sbin (with /sbin/init static),
adds the following potential problems:

	- Missing or corrupt /lib/ld.elf_so, /lib/libc.so.12, /lib/*...
	  To resolve:
	  	- boot to single user mode
		- enter "/rescue/sh" as the shell,
	  	- execute
			PATH=/rescue:$PATH
		- use the tools from /rescue the same way you would
		  have used the tools in /bin and /sbin to recover
		  your shared libraries

If we take this one step further and make /sbin/init dynamic as well,
we need do some or all of the following:

	- Make a link from /rescue/init to /sbin/init.bak

	- Support asking for the path to init with boot -a
	  (actually, RB_ASKNAME)
	  Recovery is as above, with the exception of booting with 
	  "boot -as" and entering the path to init as /rescue/init.

Luke.