On Thu, Jan 26, 2006 at 10:30:08PM -0500, Nick Holland wrote: > AndrC)s Delfino wrote: > > What I'm trying to ask is this: if a user turns on the computer, and > > can't log in, is it safe to power off the computer without using halt, > > or shutdown, (ie. pressing the power off button)? > > SHOULD you power down uncleanly? No. > Can you? Usually. :) > I would even go as far as to say, "almost always". > > If your machine is "busy", doing things that regularly write to disk, > yeah, you really don't want to hit the power button. HOWEVER, if your > machine is "idle" at the moment and you don't have an easy way to do a > proper shut down, go ahead, hit the power button. > > FFS is pretty darned robust. It will cough and sputter a small amount > on reboot, but it generally cleans itself up and comes up just fine. > Will it do this EVERY time? Probably not. If you were in the middle of > writing files, you can probably guess they are not-as-you-intended, and > depending on what they were, you might be really upset about this. Or > you might just say, "Whatever, get back to filtering packets for me, > please", and never notice any "dammage" at all. > > The only time I can recall a system going down hard and not getting back > up was when a SCSI card fell out of a machine with the power on (not a > very interesting story -- IBM NetFinity 3000, for some unknown reason, > they thought it was cute to HANG the cards umop apisdn in the > machine...and I thought I'd be lazy and not put that annoying bracket in > for this quick test. I think I was doing a cvs checkout (lots of > writing), and the SCSI adapter fell out. File system was trashed, there. :) > > (hm. just recalled another time, which also, curiously, involved a CVS > checkout...) > > IN FACT, on many occasions, I'll be too lazy to properly halt the > machine (and wasn't going to need it immediately when it came back up) > and just hit the power button. > > This is not how you want to run your machine normally, but stuff > happens. I'd never want to put a really unstable file system, one that > couldn't take an "oops!", into production. If it can take an "oops!", > it can probably take a "deliberate" :) > > IF you anticipate the need for this, a few tips: make your partitions as > small as possible (and extra space unused and unmounted) with as few > files as possible, mount as many partitions RO (Read Only) as you can > get away with for your application, try to minimize tasks that write to > disk, and have a good backup. This will minimize the time the system > spends doing an fsck on reboot...and the backup will save you when you > want to kick my butt because you didn't notice all the qualifiers I put > in this note. :)
Of course remember to keep / or more exactly /dev mounted RW because of permissions in /dev. Btw. shouldn't a warnig being spit out by syslog if system finds the /dev/tty* stuff unchangeable? > > Not bad design principles, in general. I have set up a large archiving > system -- the point is BIG and RELIABLE (or actually, repairable, > without losing data), not super fast. It currently has around 1.8T of > storage, and if maxed out with its current design (and current > technology), about 4T of storage (all for about $5000US! I used to > install 20M hard disks in machines for almost that much money! :). > Storage is broken up into manageable chunks (about 300G at the moment, > 500G if we were to max it out...much bigger, if we get the 1G physical > disk limit overcome in OpenBSD). Trip over that power cord, we'll be > waiting a while. HOWEVER, the design helps keep that manageable -- once > a chunk is "filled", it is remounted read-only, and only one or two > "reserve chunks" are kept read-write. Plus, the time critical stuff is > kept on a smaller machine to keep the (re)boot times to a minimum. And > yes, I yanked the power cord just to see what would happen (ans: after > about 20 minutes to reboot, nothing exciting...though I was careful not > to do this test during the hourly "fetch" cycle). Remounting stuff RO after it is "filled" is quite a nice idea I never thought about. How do you decide when to mount it RO? Cronjob? After each "fetch"? > So..in short: if you need to, go ahead, hit the button. Though if you > can shut it down properly, please do so, that is always the prefered method. > > Nick.
