Hey guys,
After months with some virtual machines runing FreeBSD system, in one of those, I have forgotten the password...
Then, searching a bit on the web have some tutorials about log in single user mode and then use
For my surprise the
After CD Boot I use the Live CD then I do the slices manually:
Then I load the Modules for ZFS:
Then I get sure if everything will be aligned to ashift 12 (on my vmware esxi the default setup does not do it):
So I enable encryption for SWAP:
Then I setup the boot partition:
So I do the dataset:
With the base system ready then I get inside of the fresh install to setup the things:
After reboot the system is up and working, or at least I was think it...
The fact is till now (almost 1 year) noone of the system using this custom setup got any problem, being updated every month and runing fine.
After this issue of does not be able to setup the password in single user mode, I am worried about what else would be broken because my custom setup?
And offcourse, is possible to fix it or I need reinstall all?
Thanks in advice and forgive me about my bad english (this is not my native language).
After months with some virtual machines runing FreeBSD system, in one of those, I have forgotten the password...
Then, searching a bit on the web have some tutorials about log in single user mode and then use
passwd to change it.For my surprise the
passwd is not found in single user mode, so I will post how I did the install and if someone can, please point me what I have forgot setup in my custom install.After CD Boot I use the Live CD then I do the slices manually:
Code:
gpart destroy -F ada0
gpart create -s GPT
ada0 gpart show ada0
gpart add -t freebsd-boot -a 4k -b 40 -s 512K -l gptboot0 da0
gpart add -t freebsd-swap -a 4k -b 526336 -s 4G -l swap0 ada0
gpart add -t freebsd-zfs -a 4k -b 9439232 -l zfs0 ada0Then I load the Modules for ZFS:
Code:
kldload /boot/kernel/opensolaris.ko
kldload /boot/kernel/zfs.ko
kldload /boot/kernel/crypto.ko
kldload /boot/kernel/geom_eli.ko
kldload /boot/kernel/aesni.koThen I get sure if everything will be aligned to ashift 12 (on my vmware esxi the default setup does not do it):
Code:
sysctl vfs.zfs.min_auto_ashift=12
sysctl vfs.zfs.max_auto_ashift=12So I enable encryption for SWAP:
Code:
geli onetime -d -e AES-XTS -l 256 -s 4096 da0p2Then I setup the boot partition:
Code:
gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 da0
gpart set -a bootme -i 1 da0So I do the dataset:
Code:
zpool create -O atime=off -o autoexpand=on -O canmount=on -O checksum=sha256 -O compression=lz4 -O dedup=off -o failmode=wait -O normalization=formKC -O recordsize=128K -O reservation=10G -m none zroot da0p3
zfs create zroot/ROOT
zfs create -o mountpoint=/tmp/mnt/zroot zroot/ROOT/default
zfs create -o exec=on -o mountpoint=/tmp/mnt/zroot/tmp -o setuid=off zroot/tmp
chmod 1777 /tmp/mnt/zroot/tmp
zfs create -o mountpoint=/tmp/mnt/zroot/usr zroot/usr
zfs create -o setuid=off zroot/usr/home
zfs create zroot/usr/jails
zfs create zroot/usr/local
zfs create zroot/usr/obj
zfs create -o setuid=off zroot/usr/ports
zfs create -o compression=off -o exec=off -o setuid=off zroot/usr/ports/distfiles
zfs create -o compression=off -o exec=off -o setuid=off zroot/usr/ports/packages
zfs create -o exec=off -o setuid=off zroot/usr/src
zfs create -o mountpoint=/tmp/mnt/zroot/var zroot/var
zfs create -o exec=off -o setuid=off zroot/var/audit
zfs create -o exec=off -o setuid=off zroot/var/crash
zfs create -o exec=off -o primarycache=metadata -o setuid=off zroot/var/db
zfs create -o compression=off -o exec=off -o primarycache=metadata -o recordsize=16K -o setuid=off zroot/var/db/mysql
zfs create -o compression=off -o exec=off -o primarycache=metadata -o setuid=off zroot/var/db/mysql_log
zfs create -o exec=on -o setuid=off zroot/var/db/pkg
# Do not set -o readonly=on now, because the directory need be writable to uncompress temporary files of base system in /var/empty
zfs create -o exec=off -o setuid=off zroot/var/empty
zfs create -o exec=off -o setuid=off zroot/var/named
zfs create -o exec=off -o setuid=off zroot/var/log
zfs create -o exec=off -o setuid=off zroot/var/mail
zfs create -o exec=off -o setuid=off zroot/var/run
zfs create -o exec=on -o setuid=off zroot/var/tmp
chmod 1777 /tmp/mnt/zroot/var/tmp
zpool set bootfs=zroot/ROOT/default zroot
cd /tmp/mnt/zroot
tar -xf /usr/freebsd-dist/base.txz -C .
tar -xf /usr/freebsd-dist/kernel.txz -C .
tar -xf /usr/freebsd-dist/lib32.txz -C .With the base system ready then I get inside of the fresh install to setup the things:
Code:
chroot /tmp/mnt/zroot
echo 'aesni_load="YES"' >> /boot/loader.conf
echo 'geom_eli_load="YES"' >> /boot/loader.conf
echo 'vfs.root.mountfrom="zfs:zroot/ROOT/default"' >> /boot/loader.conf
echo 'zfs_load="YES"' > /boot/loader.conf
echo 'kern.geom.label.gptid.enable="0"' >> /boot/loader.conf
echo 'zpool_cache_load="YES"' >> /boot/loader.conf
echo 'zpool_cache_type="/boot/zfs/zpool.cache"' >> /boot/loader.conf
echo 'zpool_cache_name="/boot/zfs/zpool.cache"' >> /boot/loader.conf
echo '' >> /boot/loader.conf
echo '# ZFS Tuning for use less Memory' >> /boot/loader.conf
echo '# https://wiki.freebsd.org/ZFSTuningGuide' >> /boot/loader.conf
echo 'vfs.zfs.prefetch_disable="1"' >> /boot/loader.conf
echo 'vm.kmem_size="512M"' >> /boot/loader.conf
echo 'vm.kmem_size_max="512M"' >> /boot/loader.conf
echo 'vfs.zfs.arc_max="80M"' >> /boot/loader.conf
echo 'vfs.zfs.vdev.cache.size="10M"' >> /boot/loader.conf
echo '' >> /boot/loader.conf
echo '# Disable ZFS prefetching' >> /boot/loader.conf
echo '# http://southbrain.com/south/2008/04/the-nightmare-comes-slowly-zfs.html' >> /boot/loader.conf
echo '# Increases overall speed of ZFS, but when disk flushing/writes occur,' >> /boot/loader.conf
echo '# system is less responsive (due to extreme disk I/O).' >> /boot/loader.conf
echo '# NOTE: Systems with 4 GB of RAM or more have prefetch enabled by default.' >> /boot/loader.conf
echo 'vfs.zfs.prefetch_disable="1"' >> /boot/loader.conf
echo '' >> /boot/loader.conf' >> /boot/loader.conf
echo '# Decrease ZFS txg timeout value from 30 (default) to 5 seconds. This' >> /boot/loader.conf
echo '# should increase throughput and decrease the "bursty" stalls that' >> /boot/loader.conf
echo '# happen during immense I/O with ZFS.' >> /boot/loader.conf
echo '# http://lists.freebsd.org/pipermail/freebsd-fs/2009-December/007343.html' >> /boot/loader.conf
echo '# http://lists.freebsd.org/pipermail/freebsd-fs/2009-December/007355.html' >> /boot/loader.conf
echo '# default in FreeBSD since ZFS v28' >> /boot/loader.conf
echo 'vfs.zfs.txg.timeout="5"' >> /boot/loader.conf
echo '' >> /boot/sysctl.conf
echo '# Increase number of vnodes; we've seen vfs.numvnodes reach 115,000' >> /boot/sysctl.conf
echo '# at times. Default max is a little over 200,000. Playing it safe...' >> /boot/sysctl.conf
echo '# If numvnodes reaches maxvnode performance substantially decreases.' >> /boot/sysctl.conf
echo 'kern.maxvnodes=250000' >> /boot/sysctl.conf
echo 'hostname="test.mydomain.com"' >> /etc/rc.conf
echo 'keymap="us.iso.acc.kbd"' >> /etc/rc.conf
echo 'ifconfig_vmx0="192.168.215.111 netmask 255.255.255.0"' >> /etc/rc.conf
echo '#ifconfig_vmx3f0="192.168.215.111 netmask 255.255.255.0"' >> /etc/rc.conf
echo 'defaultrouter="192.168.215.1"' >> /etc/rc.conf
echo 'moused_enable="YES"' >> /etc/rc.conf
echo '' >> /etc/rc.conf
echo '# Setting Firewall ipfw' >> /etc/rc.conf
echo 'firewall_enable="YES"' >> /etc/rc.conf
echo 'firewall_script="/etc/ipfw.rules"' >> /etc/rc.conf
echo 'firewall_logging="YES"' >> /etc/rc.conf
echo '' >> /etc/rc.conf
echo '# Sync Datetime' >> /etc/rc.conf
echo 'ntpd_enable="YES"' >> /etc/rc.conf
echo 'ntpd_sync_on_start="YES"' >> /etc/rc.conf
echo 'ntpd_config="/etc/ntp.conf"' >> /etc/rc.conf
echo ''" >> /etc/rc.conf
echo '# Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable' > /etc/rc.conf
echo 'dumpdev="AUTO"' >> /etc/rc.conf
echo '' >> /etc/rc.conf
echo 'zfs_enable="YES"' >> /etc/rc.conf
echo '' >> /etc/rc.conf
echo '# Jails' >> /etc/rc.conf
echo '# jail_enable="YES" # Enabling Jails' >> /etc/rc.conf
echo '# jail_conf="/etc/jail.conf" # Config file of Jails' >> /etc/rc.conf
echo '# jail_parallel_start="YES" # Start Jails at sametime' >> /etc/rc.conf
echo '# jail_list="nsf" # Jails to get on' >> /etc/rc.conf
echo '' >> /etc/rc.conf
echo '#kern_securelevel_enable="YES"' >> /etc/rc.conf
echo '#kern_securelevel="3"' >> /etc/rc.conf
# Add to ntp.conf private ntpd server
ee /etc/ntp.conf
server 192.168.215.13 iburst
#server 0.BR.pool.ntp.org iburst
echo 'nameserver 192.168.215.12' >> /etc/resolv.conf
echo '#nameserver 208.67.222.222' >> /etc/resolv.conf
echo '#nameserver 208.67.220.220' >> /etc/resolv.conf
echo '#nameserver 8.8.8.8' >> /etc/resolv.conf
set HOSTNAME=test.mydomain.com
echo hostname="$HOSTNAME"
hostname -s "$HOSTNAME"
cd /etc/mail
make aliases
tzsetup
passwd root
printf "# Device\t\tMountpoint\tFStype\tOptions\t\tDump\tPass#\n" > /etc/fstab
printf "/dev/ada0p2.eli\t\t\tnone\t\t\tswap\tsw\t\t0\t0\n" >> /etc/fstab
exit
zfs set readonly=on zroot/var/empty
zfs set sync=disabled zroot/var/db
zfs set sync=disabled zroot/var/db/mysql
zfs set sync=disabled zroot/var/db/mysql_log
cd /
zfs unmount -a
zfs set mountpoint=legacy zroot/ROOT/default
zfs set mountpoint=/tmp zroot/tmp
zfs set mountpoint=/usr zroot/usr
zfs set mountpoint=/var zroot/var
rebootAfter reboot the system is up and working, or at least I was think it...
The fact is till now (almost 1 year) noone of the system using this custom setup got any problem, being updated every month and runing fine.
After this issue of does not be able to setup the password in single user mode, I am worried about what else would be broken because my custom setup?
And offcourse, is possible to fix it or I need reinstall all?
Thanks in advice and forgive me about my bad english (this is not my native language).
