[Soekris] OpenBSD on Soekris
nic-lists at plumtree.co.nz
Thu Apr 22 02:27:13 UTC 2004
On Mon, Apr 19, 2004 at 08:05:20PM -0400, Chuck Yerkes wrote:
> > -Mount a read-only filesystem on the CF Card for everything but /var
> > -MFS for /var (symlink /tmp to /var/tmp) and /dev
> /var is too much. 95% of it is fine on "disk." There's about 500k
> that you really want in an MFS. Oh and I have 200k in /dev/ (which
> is rsync'd from /DEV/ on boot).
Based on Chris's flashdist.
[pool:/home/nic] du -hs /dev/
[pool:/home/nic] sudo du -hs /tmp/var/*
[pool:/home/nic] df -h
Filesystem Size Used Avail Capacity Mounted on
/dev/wd0a 58M 35M 21M 63% /
mfs:9410 15M 385K 14M 3% /tmp
kernfs 120M 212K 0B 100% /kern
> > -Have a r/w filesystem to store configuration bits (think /etc/pf.conf
> > and ssh host keys) (perhaps make this fs MSDOS)
> Eww. These almost NEVER change.
> mount -uw / covers you for the occasional change.
Definitely. In fact a ro fs can probably provide further protection
I've been using my own modified version of flashdist, but I find it
difficult to manage remote binary upgrades. Particularly sybc kernel and
What I'd really like is a method to do core/kernel upgrades on a system
and be 99% certain that it'll be accessible after a reboot.
I thinking now that a method based on flashboot, with the just
networking core (enough for direct accessibility) and kernel in the
You could then add things like dhcpd, openvpn, ipsec, dnscache in a
seperate application tgz file.
You'd keep these things seperate so you could do updates of the
applications without having to replace the kernel or reboot.
More information about the Soekris-tech