os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
doc/en_US.ISO8859-1/books/handbook/disks/chapter.sgml
Benedict Reuschling 6e4fe8ed77 Remove a superfluous semicolon.
2011-03-10 18:03:32 +00:00

4671 lines
180 KiB
Text
Raw Blame History

<!--
The FreeBSD Documentation Project
$FreeBSD$
-->
<chapter id="disks">
<title>Storage</title>
<sect1 id="disks-synopsis">
<title>Synopsis</title>
<para>This chapter covers the use of disks in FreeBSD. This
includes memory-backed disks, network-attached disks,
standard SCSI/IDE storage devices, and devices using the USB
interface.</para>
<para>After reading this chapter, you will know:</para>
<itemizedlist>
<listitem><para>The terminology FreeBSD uses to describe the
organization of data on a physical disk (partitions and slices).</para>
</listitem>
<listitem><para>How to add additional hard disks to your system.</para>
</listitem>
<listitem>
<para>How to configure &os; to use USB storage devices.</para>
</listitem>
<listitem><para>How to set up virtual file systems, such as memory
disks.</para></listitem>
<listitem>
<para>How to use quotas to limit disk space usage.</para>
</listitem>
<listitem>
<para>How to encrypt disks to secure them against attackers.</para>
</listitem>
<listitem>
<para>How to create and burn CDs and DVDs on FreeBSD.</para>
</listitem>
<listitem>
<para>The various storage media options for backups.</para>
</listitem>
<listitem>
<para>How to use backup programs available under FreeBSD.</para>
</listitem>
<listitem>
<para>How to backup to floppy disks.</para>
</listitem>
<listitem>
<para>What file system snapshots are and how to use them efficiently.</para>
</listitem>
</itemizedlist>
<para>Before reading this chapter, you should:</para>
<itemizedlist>
<listitem>
<para>Know how to configure and install a new FreeBSD kernel
(<xref linkend="kernelconfig">).</para>
</listitem>
</itemizedlist>
</sect1>
<sect1 id="disks-naming">
<title>Device Names</title>
<para>The following is a list of physical storage devices
supported in FreeBSD, and the device names associated with
them.</para>
<table id="disk-naming-physical-table" frame="none">
<title>Physical Disk Naming Conventions</title>
<tgroup cols="2">
<thead>
<row>
<entry>Drive type</entry>
<entry>Drive device name</entry>
</row>
</thead>
<tbody>
<row>
<entry>IDE hard drives</entry>
<entry><literal>ad</literal></entry>
</row>
<row>
<entry>IDE CDROM drives</entry>
<entry><literal>acd</literal></entry>
</row>
<row>
<entry>SCSI hard drives and USB Mass storage devices</entry>
<entry><literal>da</literal></entry>
</row>
<row>
<entry>SCSI CDROM drives</entry>
<entry><literal>cd</literal></entry>
</row>
<row>
<entry>Assorted non-standard CDROM drives</entry>
<entry><literal>mcd</literal> for Mitsumi CD-ROM and
<literal>scd</literal> for Sony CD-ROM devices
</entry>
</row>
<row>
<entry>Floppy drives</entry>
<entry><literal>fd</literal></entry>
</row>
<row>
<entry>SCSI tape drives</entry>
<entry><literal>sa</literal></entry>
</row>
<row>
<entry>IDE tape drives</entry>
<entry><literal>ast</literal></entry>
</row>
<row>
<entry>Flash drives</entry>
<entry><literal>fla</literal> for &diskonchip; Flash device</entry>
</row>
<row>
<entry>RAID drives</entry>
<entry><literal>aacd</literal> for &adaptec; AdvancedRAID,
<literal>mlxd</literal> and <literal>mlyd</literal>
for &mylex;,
<literal>amrd</literal> for AMI &megaraid;,
<literal>idad</literal> for Compaq Smart RAID,
<literal>twed</literal> for &tm.3ware; RAID.</entry>
</row>
</tbody>
</tgroup>
</table>
</sect1>
<sect1 id="disks-adding">
<sect1info>
<authorgroup>
<author>
<firstname>David</firstname>
<surname>O'Brien</surname>
<contrib>Originally contributed by </contrib>
</author>
</authorgroup>
<!-- 26 Apr 1998 -->
</sect1info>
<title>Adding Disks</title>
<indexterm>
<primary>disks</primary>
<secondary>adding</secondary>
</indexterm>
<para>The following section will describe how to add a new
<acronym>SCSI</acronym> disk to a machine that
currently only has a single drive. First turn off the computer
and install the drive in the computer following the instructions
of the computer, controller, and drive manufacturer. Due to the
wide variations of procedures to do this, the details are beyond
the scope of this document.</para>
<para>Login as user <username>root</username>. After you have installed the
drive, inspect <filename>/var/run/dmesg.boot</filename> to ensure the new
disk was found. Continuing with our example, the newly added drive will
be <devicename>da1</devicename> and we want to mount it on
<filename>/1</filename> (if you are adding an IDE drive, the device name
will be <devicename>ad1</devicename>).</para>
<indexterm><primary>partitions</primary></indexterm>
<indexterm><primary>slices</primary></indexterm>
<indexterm>
<primary><command>fdisk</command></primary>
</indexterm>
<para>FreeBSD runs on IBM-PC compatible computers, therefore it must
take into account the PC BIOS partitions. These are different
from the traditional BSD partitions. A PC disk has up to four
BIOS partition entries. If the disk is going to be truly
dedicated to FreeBSD, you can use the
<emphasis>dedicated</emphasis> mode. Otherwise, FreeBSD will
have to live within one of the PC BIOS partitions. FreeBSD
calls the PC BIOS partitions <emphasis>slices</emphasis> so as
not to confuse them with traditional BSD partitions. You may
also use slices on a disk that is dedicated to FreeBSD, but used
in a computer that also has another operating system installed.
This is a good way to avoid confusing the <command>fdisk</command> utility of
other, non-FreeBSD operating systems.</para>
<para>In the slice case the drive will be added as
<filename>/dev/da1s1e</filename>. This is read as: SCSI disk,
unit number 1 (second SCSI disk), slice 1 (PC BIOS partition 1),
and <filename>e</filename> BSD partition. In the dedicated
case, the drive will be added simply as
<filename>/dev/da1e</filename>.</para>
<para>Due to the use of 32-bit integers to store the number of sectors,
&man.bsdlabel.8; is
limited to 2^32-1 sectors per disk or 2TB in most cases. The
&man.fdisk.8; format allows a starting sector of no more than
2^32-1 and a length of no more than 2^32-1, limiting partitions to
2TB and disks to 4TB in most cases. The &man.sunlabel.8; format
is limited to 2^32-1 sectors per partition and 8 partitions for
a total of 16TB. For larger disks, &man.gpt.8; partitions may be
used.</para>
<sect2>
<title>Using &man.sysinstall.8;</title>
<indexterm>
<primary><application>sysinstall</application></primary>
<secondary>adding disks</secondary>
</indexterm>
<indexterm>
<primary>su</primary>
</indexterm>
<procedure>
<step>
<title>Navigating <application>Sysinstall</application></title>
<para>You may use <command>sysinstall</command> to
partition and label a new disk using its easy to use menus.
Either login as user <username>root</username> or use the
<command>su</command> command. Run
<command>sysinstall</command> and enter the
<literal>Configure</literal> menu. Within the
<literal>FreeBSD Configuration Menu</literal>, scroll down and
select the <literal>Fdisk</literal> option.</para>
</step>
<step>
<title><application>fdisk</application> Partition Editor</title>
<para>Once inside <application>fdisk</application>, pressing <keycap>A</keycap> will
use the entire disk for FreeBSD. When asked if you want to
<quote>remain cooperative with any future possible operating
systems</quote>, answer <literal>YES</literal>. Write the
changes to the disk using <keycap>W</keycap>. Now exit the
FDISK editor by pressing <keycap>Q</keycap>. Next you will be
asked about the <quote>Master Boot Record</quote>. Since you are adding a
disk to an already running system, choose
<literal>None</literal>.</para>
</step>
<step>
<title>Disk Label Editor</title>
<indexterm><primary>BSD partitions</primary></indexterm>
<para>Next, you need to exit <application>sysinstall</application>
and start it again. Follow the directions above, although this
time choose the <literal>Label</literal> option. This will
enter the <literal>Disk Label Editor</literal>. This
is where you will create the traditional BSD partitions. A
disk can have up to eight partitions, labeled
<literal>a-h</literal>.
A few of the partition labels have special uses. The
<literal>a</literal> partition is used for the root partition
(<filename>/</filename>). Thus only your system disk (e.g,
the disk you boot from) should have an <literal>a</literal>
partition. The <literal>b</literal> partition is used for
swap partitions, and you may have many disks with swap
partitions. The <literal>c</literal> partition addresses the
entire disk in dedicated mode, or the entire FreeBSD slice in
slice mode. The other partitions are for general use.</para>
<para><application>sysinstall</application>'s Label editor
favors the <literal>e</literal>
partition for non-root, non-swap partitions. Within the
Label editor, create a single file system by pressing
<keycap>C</keycap>. When prompted if this will be a FS
(file system) or swap, choose <literal>FS</literal> and type in a
mount point (e.g, <filename>/mnt</filename>). When adding a
disk in post-install mode, <application>sysinstall</application>
will not create entries
in <filename>/etc/fstab</filename> for you, so the mount point
you specify is not important.</para>
<para>You are now ready to write the new label to the disk and
create a file system on it. Do this by pressing
<keycap>W</keycap>. Ignore any errors from
<application>sysinstall</application> that
it could not mount the new partition. Exit the Label Editor
and <application>sysinstall</application> completely.</para>
</step>
<step>
<title>Finish</title>
<para>The last step is to edit <filename>/etc/fstab</filename>
to add an entry for your new disk.</para>
</step>
</procedure>
</sect2>
<sect2>
<title>Using Command Line Utilities</title>
<sect3>
<title>Using Slices</title>
<para>This setup will allow your disk to work correctly with
other operating systems that might be installed on your
computer and will not confuse other operating systems'
<command>fdisk</command> utilities. It is recommended
to use this method for new disk installs. Only use
<literal>dedicated</literal> mode if you have a good reason
to do so!</para>
<screen>&prompt.root; <userinput>dd if=/dev/zero of=/dev/da1 bs=1k count=1</userinput>
&prompt.root; <userinput>fdisk -BI da1</userinput> #Initialize your new disk
&prompt.root; <userinput>bsdlabel -B -w da1s1 auto</userinput> #Label it.
&prompt.root; <userinput>bsdlabel -e da1s1</userinput> # Edit the bsdlabel just created and add any partitions.
&prompt.root; <userinput>mkdir -p /1</userinput>
&prompt.root; <userinput>newfs /dev/da1s1e</userinput> # Repeat this for every partition you created.
&prompt.root; <userinput>mount /dev/da1s1e /1</userinput> # Mount the partition(s)
&prompt.root; <userinput>vi /etc/fstab</userinput> # Add the appropriate entry/entries to your <filename>/etc/fstab</filename>.</screen>
<para>If you have an IDE disk, substitute <filename>ad</filename>
for <filename>da</filename>.</para>
</sect3>
<sect3>
<title>Dedicated</title>
<indexterm><primary>OS/2</primary></indexterm>
<para>If you will not be sharing the new drive with another operating
system, you may use the <literal>dedicated</literal> mode. Remember
this mode can confuse Microsoft operating systems; however, no damage
will be done by them. IBM's &os2; however, will
<quote>appropriate</quote> any partition it finds which it does not
understand.</para>
<screen>&prompt.root; <userinput>dd if=/dev/zero of=/dev/da1 bs=1k count=1</userinput>
&prompt.root; <userinput>bsdlabel -Bw da1 auto</userinput>
&prompt.root; <userinput>bsdlabel -e da1</userinput> # create the `e' partition
&prompt.root; <userinput>newfs /dev/da1e</userinput>
&prompt.root; <userinput>mkdir -p /1</userinput>
&prompt.root; <userinput>vi /etc/fstab</userinput> # add an entry for /dev/da1e
&prompt.root; <userinput>mount /1</userinput></screen>
<para>An alternate method is:</para>
<screen>&prompt.root; <userinput>dd if=/dev/zero of=/dev/da1 count=2</userinput>
&prompt.root; <userinput>bsdlabel /dev/da1 | bsdlabel -BR da1 /dev/stdin</userinput>
&prompt.root; <userinput>newfs /dev/da1e</userinput>
&prompt.root; <userinput>mkdir -p /1</userinput>
&prompt.root; <userinput>vi /etc/fstab</userinput> # add an entry for /dev/da1e
&prompt.root; <userinput>mount /1</userinput></screen>
</sect3>
</sect2>
</sect1>
<sect1 id="raid">
<title>RAID</title>
<sect2 id="raid-soft">
<title>Software RAID</title>
<sect3 id="ccd">
<sect3info>
<authorgroup>
<author>
<firstname>Christopher</firstname>
<surname>Shumway</surname>
<contrib>Original work by </contrib>
</author>
</authorgroup>
<authorgroup>
<author>
<firstname>Jim</firstname>
<surname>Brown</surname>
<contrib>Revised by </contrib>
</author>
</authorgroup>
</sect3info>
<indexterm><primary>RAID</primary><secondary>software</secondary></indexterm>
<indexterm>
<primary>RAID</primary><secondary>CCD</secondary>
</indexterm>
<title>Concatenated Disk Driver (CCD) Configuration</title>
<para>When choosing a mass storage solution the most important
factors to consider are speed, reliability, and cost. It is
rare to have all three in balance; normally a fast, reliable mass
storage device is expensive, and to cut back on cost either speed
or reliability must be sacrificed.</para>
<para>In designing the system described below, cost was chosen
as the most important factor, followed by speed, then reliability.
Data transfer speed for this system is ultimately
constrained by the network. And while reliability is very important,
the CCD drive described below serves online data that is already
fully backed up on CD-R's and can easily be replaced.</para>
<para>Defining your own requirements is the first step
in choosing a mass storage solution. If your requirements prefer
speed or reliability over cost, your solution will differ from
the system described in this section.</para>
<sect4 id="ccd-installhw">
<title>Installing the Hardware</title>
<para>In addition to the IDE system disk, three Western
Digital 30GB, 5400 RPM IDE disks form the core
of the CCD disk described below providing approximately
90GB of online storage. Ideally,
each IDE disk would have its own IDE controller
and cable, but to minimize cost, additional
IDE controllers were not used. Instead the disks were
configured with jumpers so that each IDE controller has
one master, and one slave.</para>
<para>Upon reboot, the system BIOS was configured to
automatically detect the disks attached. More importantly,
FreeBSD detected them on reboot:</para>
<programlisting>ad0: 19574MB &lt;WDC WD205BA&gt; [39770/16/63] at ata0-master UDMA33
ad1: 29333MB &lt;WDC WD307AA&gt; [59598/16/63] at ata0-slave UDMA33
ad2: 29333MB &lt;WDC WD307AA&gt; [59598/16/63] at ata1-master UDMA33
ad3: 29333MB &lt;WDC WD307AA&gt; [59598/16/63] at ata1-slave UDMA33</programlisting>
<note><para>If FreeBSD does not detect all the disks, ensure
that you have jumpered them correctly. Most IDE drives
also have a <quote>Cable Select</quote> jumper. This is
<emphasis>not</emphasis> the jumper for the master/slave
relationship. Consult the drive documentation for help in
identifying the correct jumper.</para></note>
<para>Next, consider how to attach them as part of the file
system. You should research both &man.vinum.4; (<xref
linkend="vinum-vinum">) and &man.ccd.4;. In this
particular configuration, &man.ccd.4; was chosen.</para>
</sect4>
<sect4 id="ccd-setup">
<title>Setting Up the CCD</title>
<para>The &man.ccd.4; driver allows you to take
several identical disks and concatenate them into one
logical file system. In order to use
&man.ccd.4;, you need a kernel with
&man.ccd.4; support built in.
Add this line to your kernel configuration file, rebuild, and
reinstall the kernel:</para>
<programlisting>device ccd</programlisting>
<para>The &man.ccd.4; support can also be
loaded as a kernel loadable module.</para>
<para>To set up &man.ccd.4;, you must first use
&man.bsdlabel.8; to label the disks:</para>
<programlisting>bsdlabel -w ad1 auto
bsdlabel -w ad2 auto
bsdlabel -w ad3 auto</programlisting>
<para>This creates a bsdlabel for <devicename>ad1c</devicename>, <devicename>ad2c</devicename> and <devicename>ad3c</devicename> that
spans the entire disk.</para>
<para>The next step is to change the disk label type. You
can use &man.bsdlabel.8; to edit the
disks:</para>
<programlisting>bsdlabel -e ad1
bsdlabel -e ad2
bsdlabel -e ad3</programlisting>
<para>This opens up the current disk label on each disk with
the editor specified by the <envar>EDITOR</envar>
environment variable, typically &man.vi.1;.</para>
<para>An unmodified disk label will look something like
this:</para>
<programlisting>8 partitions:
# size offset fstype [fsize bsize bps/cpg]
c: 60074784 0 unused 0 0 0 # (Cyl. 0 - 59597)</programlisting>
<para>Add a new <literal>e</literal> partition for &man.ccd.4; to use. This
can usually be copied from the <literal>c</literal> partition,
but the <option>fstype</option> <emphasis>must</emphasis>
be <userinput>4.2BSD</userinput>. The disk label should
now look something like this:</para>
<programlisting>8 partitions:
# size offset fstype [fsize bsize bps/cpg]
c: 60074784 0 unused 0 0 0 # (Cyl. 0 - 59597)
e: 60074784 0 4.2BSD 0 0 0 # (Cyl. 0 - 59597)</programlisting>
</sect4>
<sect4 id="ccd-buildingfs">
<title>Building the File System</title>
<para>Now that you have all the disks labeled, you must
build the &man.ccd.4;. To do that,
use &man.ccdconfig.8;, with options similar to the following:</para>
<programlisting>ccdconfig ccd0<co id="co-ccd-dev"> 32<co id="co-ccd-interleave"> 0<co id="co-ccd-flags"> /dev/ad1e<co id="co-ccd-devs"> /dev/ad2e /dev/ad3e</programlisting>
<para>The use and meaning of each option is shown below:</para>
<calloutlist>
<callout arearefs="co-ccd-dev">
<para>The first argument is the device to configure, in this case,
<filename>/dev/ccd0c</filename>. The <filename>/dev/</filename>
portion is optional.</para>
</callout>
<callout arearefs="co-ccd-interleave">
<para>The interleave for the file system. The interleave
defines the size of a stripe in disk blocks, each normally 512 bytes.
So, an interleave of 32 would be 16,384 bytes.</para>
</callout>
<callout arearefs="co-ccd-flags">
<para>Flags for &man.ccdconfig.8;. If you want to enable drive
mirroring, you can specify a flag here. This
configuration does not provide mirroring for
&man.ccd.4;, so it is set at 0 (zero).</para>
</callout>
<callout arearefs="co-ccd-devs">
<para>The final arguments to &man.ccdconfig.8;
are the devices to place into the array. Use the complete pathname
for each device.</para>
</callout>
</calloutlist>
<para>After running &man.ccdconfig.8; the &man.ccd.4;
is configured. A file system can be installed. Refer to &man.newfs.8;
for options, or simply run: </para>
<programlisting>newfs /dev/ccd0c</programlisting>
</sect4>
<sect4 id="ccd-auto">
<title>Making it All Automatic</title>
<para>Generally, you will want to mount the
&man.ccd.4; upon each reboot. To do this, you must
configure it first. Write out your current configuration to
<filename>/etc/ccd.conf</filename> using the following command:</para>
<programlisting>ccdconfig -g &gt; /etc/ccd.conf</programlisting>
<para>During reboot, the script <command>/etc/rc</command>
runs <command>ccdconfig -C</command> if <filename>/etc/ccd.conf</filename>
exists. This automatically configures the
&man.ccd.4; so it can be mounted.</para>
<note><para>If you are booting into single user mode, before you can
&man.mount.8; the &man.ccd.4;, you
need to issue the following command to configure the
array:</para>
<programlisting>ccdconfig -C</programlisting>
</note>
<para>To automatically mount the &man.ccd.4;,
place an entry for the &man.ccd.4; in
<filename>/etc/fstab</filename> so it will be mounted at
boot time:</para>
<programlisting>/dev/ccd0c /media ufs rw 2 2</programlisting>
</sect4>
</sect3>
<sect3 id="vinum">
<title>The Vinum Volume Manager</title>
<indexterm><primary>RAID</primary><secondary>software</secondary></indexterm>
<indexterm>
<primary>RAID</primary>
<secondary>Vinum</secondary>
</indexterm>
<para>The Vinum Volume Manager is a block device driver which
implements virtual disk drives. It isolates disk hardware
from the block device interface and maps data in ways which
result in an increase in flexibility, performance and
reliability compared to the traditional slice view of disk
storage. &man.vinum.4; implements the RAID-0, RAID-1 and
RAID-5 models, both individually and in combination.</para>
<para>See <xref linkend="vinum-vinum"> for more
information about &man.vinum.4;.</para>
</sect3>
</sect2>
<sect2 id="raid-hard">
<title>Hardware RAID</title>
<indexterm>
<primary>RAID</primary>
<secondary>hardware</secondary>
</indexterm>
<para>FreeBSD also supports a variety of hardware <acronym>RAID</acronym>
controllers. These devices control a <acronym>RAID</acronym> subsystem
without the need for FreeBSD specific software to manage the
array.</para>
<para>Using an on-card <acronym>BIOS</acronym>, the card controls most of the disk operations
itself. The following is a brief setup description using a Promise <acronym>IDE</acronym> <acronym>RAID</acronym>
controller. When this card is installed and the system is started up, it
displays a prompt requesting information. Follow the instructions
to enter the card's setup screen. From here, you have the ability to
combine all the attached drives. After doing so, the disk(s) will look like
a single drive to FreeBSD. Other <acronym>RAID</acronym> levels can be set up
accordingly.
</para>
</sect2>
<sect2>
<title>Rebuilding ATA RAID1 Arrays</title>
<para>FreeBSD allows you to hot-replace a failed disk in an array. This requires
that you catch it before you reboot.</para>
<para>You will probably see something like the following in <filename>/var/log/messages</filename> or in the &man.dmesg.8;
output:</para>
<programlisting>ad6 on monster1 suffered a hard error.
ad6: READ command timeout tag=0 serv=0 - resetting
ad6: trying fallback to PIO mode
ata3: resetting devices .. done
ad6: hard error reading fsbn 1116119 of 0-7 (ad6 bn 1116119; cn 1107 tn 4 sn 11)\\
status=59 error=40
ar0: WARNING - mirror lost</programlisting>
<para>Using &man.atacontrol.8;, check for further information:</para>
<screen>&prompt.root; <userinput>atacontrol list</userinput>
ATA channel 0:
Master: no device present
Slave: acd0 &lt;HL-DT-ST CD-ROM GCR-8520B/1.00&gt; ATA/ATAPI rev 0
ATA channel 1:
Master: no device present
Slave: no device present
ATA channel 2:
Master: ad4 &lt;MAXTOR 6L080J4/A93.0500&gt; ATA/ATAPI rev 5
Slave: no device present
ATA channel 3:
Master: ad6 &lt;MAXTOR 6L080J4/A93.0500&gt; ATA/ATAPI rev 5
Slave: no device present
&prompt.root; <userinput>atacontrol status ar0</userinput>
ar0: ATA RAID1 subdisks: ad4 ad6 status: DEGRADED</screen>
<procedure>
<step>
<para>You will first need to detach the ata channel with the failed
disk so you can safely remove it:</para>
<screen>&prompt.root; <userinput>atacontrol detach ata3</userinput></screen>
</step>
<step>
<para>Replace the disk.</para>
</step>
<step>
<para>Reattach the ata channel:</para>
<screen>&prompt.root; <userinput>atacontrol attach ata3</userinput>
Master: ad6 &lt;MAXTOR 6L080J4/A93.0500&gt; ATA/ATAPI rev 5
Slave: no device present</screen>
</step>
<step>
<para>Add the new disk to the array as a spare:</para>
<screen>&prompt.root; <userinput>atacontrol addspare ar0 ad6</userinput></screen>
</step>
<step>
<para>Rebuild the array:</para>
<screen>&prompt.root; <userinput>atacontrol rebuild ar0</userinput></screen>
</step>
<step>
<para>It is possible to check on the progress by issuing the
following command:</para>
<screen>&prompt.root; <userinput>dmesg | tail -10</userinput>
[output removed]
ad6: removed from configuration
ad6: deleted from ar0 disk1
ad6: inserted into ar0 disk1 as spare
&prompt.root; <userinput>atacontrol status ar0</userinput>
ar0: ATA RAID1 subdisks: ad4 ad6 status: REBUILDING 0% completed</screen>
</step>
<step>
<para>Wait until this operation completes.</para>
</step>
</procedure>
</sect2>
</sect1>
<sect1 id="usb-disks">
<sect1info>
<authorgroup>
<author>
<firstname>Marc</firstname>
<surname>Fonvieille</surname>
<contrib>Contributed by </contrib>
</author>
</authorgroup>
<!-- Jul 2004 -->
</sect1info>
<title>USB Storage Devices</title>
<indexterm>
<primary>USB</primary>
<secondary>disks</secondary>
</indexterm>
<para>A lot of external storage solutions, nowadays, use the
Universal Serial Bus (USB): hard drives, USB thumbdrives, CD-R
burners, etc. &os; provides support for these devices.</para>
<sect2>
<title>Configuration</title>
<para>The USB mass storage devices driver, &man.umass.4;,
provides the support for USB storage devices. If you use the
<filename>GENERIC</filename> kernel, you do not have to change
anything in your configuration. If you use a custom kernel,
be sure that the following lines are present in your kernel
configuration file:</para>
<programlisting>device scbus
device da
device pass
device uhci
device ohci
device ehci
device usb
device umass</programlisting>
<para>The &man.umass.4; driver uses the SCSI subsystem to access
to the USB storage devices, your USB device will be seen as a
SCSI device by the system. Depending on the USB chipset on
your motherboard, you only need either <literal>device
uhci</literal> or <literal>device ohci</literal> for USB 1.X support, however
having both in the kernel configuration file is harmless.
Support for USB 2.0 controllers is provided by the
&man.ehci.4; driver (the <literal>device ehci</literal> line). Do
not forget to compile and install the new kernel if you added
any lines.</para>
<note>
<para>If your USB device is a CD-R or DVD burner, the SCSI CD-ROM
driver, &man.cd.4;, must be added to the kernel via the
line:</para>
<programlisting>device cd</programlisting>
<para>Since the burner is seen as a SCSI drive, the driver
&man.atapicam.4; should not be used in the kernel
configuration.</para>
</note>
</sect2>
<sect2>
<title>Testing the Configuration</title>
<para>The configuration is ready to be tested: plug in your USB
device, and in the system message buffer (&man.dmesg.8;), the
drive should appear as something like:</para>
<screen>umass0: USB Solid state disk, rev 1.10/1.00, addr 2
GEOM: create disk da0 dp=0xc2d74850
da0 at umass-sim0 bus 0 target 0 lun 0
da0: &lt;Generic Traveling Disk 1.11&gt; Removable Direct Access SCSI-2 device
da0: 1.000MB/s transfers
da0: 126MB (258048 512 byte sectors: 64H 32S/T 126C)</screen>
<para>Of course, the brand, the device node
(<devicename>da0</devicename>) and other details can differ
according to your configuration.</para>
<para>Since the USB device is seen as a SCSI one, the
<command>camcontrol</command> command can be used to list the
USB storage devices attached to the system:</para>
<screen>&prompt.root; <userinput>camcontrol devlist</userinput>
&lt;Generic Traveling Disk 1.11&gt; at scbus0 target 0 lun 0 (da0,pass0)</screen>
<para>If the drive comes with a file system, you should be able
to mount it. The <xref linkend="disks-adding"> will help you
to format and create partitions on the USB drive if
needed.</para>
<warning>
<para>Allowing untrusted users to mount arbitrary media,
e.g. by enabling <literal>vfs.usermount</literal> as
described below, should not be considered safe from a
security point of view. Most file systems in &os; were not
built to safeguard against malicious devices.</para>
</warning>
<para>To make this device mountable as a normal user, certain
steps have to be taken. First, the devices that are created
when a USB storage device is connected need to be accessible
by the user. A solution is to make all users of these devices
a member of the <groupname>operator</groupname> group. This
is done with &man.pw.8;. Second, when the devices are
created, the <groupname>operator</groupname> group should be
able to read and write them. This is accomplished by adding
these lines to
<filename>/etc/devfs.rules</filename>:</para>
<programlisting>[localrules=5]
add path 'da*' mode 0660 group operator</programlisting>
<note>
<para>If there already are SCSI disks in the system, it must
be done a bit different. E.g., if the system already
contains disks <devicename>da0</devicename> through
<devicename>da2</devicename> attached to the system, change
the second line as follows:</para>
<programlisting>add path 'da[3-9]*' mode 0660 group operator</programlisting>
<para>This will exclude the already existing disks from
belonging to the <groupname>operator</groupname>
group.</para>
</note>
<para>You also have to enable your &man.devfs.rules.5; ruleset
in your <filename>/etc/rc.conf</filename> file:</para>
<programlisting>devfs_system_ruleset="localrules"</programlisting>
<para>Next, the kernel has to be configured to allow regular
users to mount file systems. The easiest way is to add the
following line to
<filename>/etc/sysctl.conf</filename>:</para>
<programlisting>vfs.usermount=1</programlisting>
<para>Note that this only takes effect after the next reboot.
Alternatively, one can also use &man.sysctl.8; to set this
variable.</para>
<para>The final step is to create a directory where the file
system is to be mounted. This directory needs to be owned by
the user that is to mount the file system. One way to do that
is for <username>root</username> to create a subdirectory
owned by that user as
<filename>/mnt/<replaceable>username</replaceable></filename>
(replace <replaceable>username</replaceable> by the login name of
the actual user and <replaceable>usergroup</replaceable> by the
user's primary group):</para>
<screen>&prompt.root; <userinput>mkdir /mnt/<replaceable>username</replaceable></userinput>
&prompt.root; <userinput>chown <replaceable>username</replaceable>:<replaceable>usergroup</replaceable> /mnt/<replaceable>username</replaceable></userinput></screen>
<para>Suppose a USB thumbdrive is plugged in, and a device
<filename>/dev/da0s1</filename> appears. Since these devices
usually come preformatted with a FAT file system, one can
mount them like this:</para>
<screen>&prompt.user; <userinput>mount -t msdosfs -o -m=644,-M=755 /dev/da0s1 /mnt/<replaceable>username</replaceable></userinput></screen>
<para>If you unplug the device (the disk must be unmounted
before), you should see, in the system message buffer,
something like the following:</para>
<screen>umass0: at uhub0 port 1 (addr 2) disconnected
(da0:umass-sim0:0:0:0): lost device
(da0:umass-sim0:0:0:0): removing device entry
GEOM: destroy disk da0 dp=0xc2d74850
umass0: detached</screen>
</sect2>
<sect2>
<title>Further Reading</title>
<para>Beside the <link linkend="disks-adding">Adding
Disks</link> and <link linkend="mount-unmount">Mounting and
Unmounting File Systems</link> sections, reading various
manual pages may be also useful: &man.umass.4;,
&man.camcontrol.8;, and &man.usbconfig.8; under &os;&nbsp; 8.X or &man.usbdevs.8; under earlier versions of &os;.</para>
</sect2>
</sect1>
<sect1 id="creating-cds">
<sect1info>
<authorgroup>
<author>
<firstname>Mike</firstname>
<surname>Meyer</surname>
<contrib>Contributed by </contrib>
<!-- mwm@mired.org -->
</author>
</authorgroup>
<!-- Apr 2001 -->
</sect1info>
<title>Creating and Using Optical Media (CDs)</title>
<indexterm>
<primary>CDROMs</primary>
<secondary>creating</secondary>
</indexterm>
<sect2>
<title>Introduction</title>
<para>CDs have a number of features that differentiate them from
conventional disks. Initially, they were not writable by the
user. They are designed so that they can be read continuously without
delays to move the head between tracks. They are also much easier
to transport between systems than similarly sized media were at the
time.</para>
<para>CDs do have tracks, but this refers to a section of data to
be read continuously and not a physical property of the disk. To
produce a CD on FreeBSD, you prepare the data files that are going
to make up the tracks on the CD, then write the tracks to the
CD.</para>
<indexterm><primary>ISO 9660</primary></indexterm>
<indexterm>
<primary>file systems</primary>
<secondary>ISO 9660</secondary>
</indexterm>
<para>The ISO 9660 file system was designed to deal with these
differences. It unfortunately codifies file system limits that were
common then. Fortunately, it provides an extension mechanism that
allows properly written CDs to exceed those limits while still
working with systems that do not support those extensions.</para>
<indexterm>
<primary><filename role="package">sysutils/cdrtools</filename></primary>
</indexterm>
<para>The <filename role="package">sysutils/cdrtools</filename>
port includes &man.mkisofs.8;, a program that you can use to
produce a data file containing an ISO 9660 file
system. It has options that support various extensions, and is
described below.</para>
<indexterm>
<primary>CD burner</primary>
<secondary>ATAPI</secondary>
</indexterm>
<para>Which tool to use to burn the CD depends on whether your CD burner
is ATAPI or something else. ATAPI CD burners use the <command><link
linkend="burncd">burncd</link></command> program that is part of
the base system. SCSI and USB CD burners should use
<command><link linkend="cdrecord">cdrecord</link></command> from
the <filename role="package">sysutils/cdrtools</filename> port.
It is also possible to use <command><link
linkend="cdrecord">cdrecord</link></command> and other tools
for SCSI drives on ATAPI hardware with the <link
linkend="atapicam">ATAPI/CAM module</link>.</para>
<para>If you want CD burning software with a graphical user
interface, you may wish to take a look at either
<application>X-CD-Roast</application> or
<application>K3b</application>. These tools are available as
packages or from the <filename
role="package">sysutils/xcdroast</filename> and <filename
role="package">sysutils/k3b</filename> ports.
<application>X-CD-Roast</application> and
<application>K3b</application> require the <link
linkend="atapicam">ATAPI/CAM module</link> with ATAPI
hardware.</para>
</sect2>
<sect2 id="mkisofs">
<title>mkisofs</title>
<para>The &man.mkisofs.8; program, which is part of the
<filename role="package">sysutils/cdrtools</filename> port,
produces an ISO 9660 file system
that is an image of a directory tree in the &unix; file system name
space. The simplest usage is:</para>
<screen>&prompt.root; <userinput>mkisofs -o <replaceable>imagefile.iso</replaceable> <replaceable>/path/to/tree</replaceable></userinput></screen>
<indexterm>
<primary>file systems</primary>
<secondary>ISO 9660</secondary>
</indexterm>
<para>This command will create an <replaceable>imagefile.iso</replaceable>
containing an ISO 9660 file system that is a copy of the tree at
<replaceable>/path/to/tree</replaceable>. In the process, it will
map the file names to names that fit the limitations of the
standard ISO 9660 file system, and will exclude files that have
names uncharacteristic of ISO file systems.</para>
<indexterm>
<primary>file systems</primary>
<secondary>HFS</secondary>
</indexterm>
<indexterm>
<primary>file systems</primary>
<secondary>Joliet</secondary>
</indexterm>
<para>A number of options are available to overcome those
restrictions. In particular, <option>-R</option> enables the
Rock Ridge extensions common to &unix; systems, <option>-J</option>
enables Joliet extensions used by Microsoft systems, and
<option>-hfs</option> can be used to create HFS file systems used
by &macos;.</para>
<para>For CDs that are going to be used only on FreeBSD systems,
<option>-U</option> can be used to disable all filename
restrictions. When used with <option>-R</option>, it produces a
file system image that is identical to the FreeBSD tree you started
from, though it may violate the ISO 9660 standard in a number of
ways.</para>
<indexterm>
<primary>CDROMs</primary>
<secondary>creating bootable</secondary>
</indexterm>
<para>The last option of general use is <option>-b</option>. This is
used to specify the location of the boot image for use in producing an
<quote>El Torito</quote> bootable CD. This option takes an
argument which is the path to a boot image from the top of the
tree being written to the CD. By default, &man.mkisofs.8; creates an
ISO image in the so-called <quote>floppy disk emulation</quote> mode,
and thus expects the boot image to be exactly 1200, 1440 or
2880&nbsp;KB in size. Some boot loaders, like the one used by the
FreeBSD distribution disks, do not use emulation mode; in this case,
the <option>-no-emul-boot</option> option should be used. So, if
<filename>/tmp/myboot</filename> holds a bootable FreeBSD system
with the boot image in
<filename>/tmp/myboot/boot/cdboot</filename>, you could produce the
image of an ISO 9660 file system in
<filename>/tmp/bootable.iso</filename> like so:</para>
<screen>&prompt.root; <userinput>mkisofs -R -no-emul-boot -b boot/cdboot -o /tmp/bootable.iso /tmp/myboot</userinput></screen>
<para>Having done that, if you have <devicename>md</devicename>
configured in your kernel, you can mount the file system with:</para>
<screen>&prompt.root; <userinput>mdconfig -a -t vnode -f /tmp/bootable.iso -u 0</userinput>
&prompt.root; <userinput>mount -t cd9660 /dev/md0 /mnt</userinput></screen>
<para>At which point you can verify that <filename>/mnt</filename>
and <filename>/tmp/myboot</filename> are identical.</para>
<para>There are many other options you can use with
&man.mkisofs.8; to fine-tune its behavior. In particular:
modifications to an ISO 9660 layout and the creation of Joliet
and HFS discs. See the &man.mkisofs.8; manual page for details.</para>
</sect2>
<sect2 id="burncd">
<title>burncd</title>
<indexterm>
<primary>CDROMs</primary>
<secondary>burning</secondary>
</indexterm>
<para>If you have an ATAPI CD burner, you can use the
<command>burncd</command> command to burn an ISO image onto a
CD. <command>burncd</command> is part of the base system, installed
as <filename>/usr/sbin/burncd</filename>. Usage is very simple, as
it has few options:</para>
<screen>&prompt.root; <userinput>burncd -f <replaceable>cddevice</replaceable> data <replaceable>imagefile.iso</replaceable> fixate</userinput></screen>
<para>Will burn a copy of <replaceable>imagefile.iso</replaceable> on
<replaceable>cddevice</replaceable>. The default device is
<filename>/dev/acd0</filename>. See &man.burncd.8; for options to
set the write speed, eject the CD after burning, and write audio
data.</para>
</sect2>
<sect2 id="cdrecord">
<title>cdrecord</title>
<para>If you do not have an ATAPI CD burner, you will have to use
<command>cdrecord</command> to burn your
CDs. <command>cdrecord</command> is not part of the base system;
you must install it from either the port at <filename role="package">sysutils/cdrtools</filename>
or the appropriate
package. Changes to the base system can cause binary versions of
this program to fail, possibly resulting in a
<quote>coaster</quote>. You should therefore either upgrade the
port when you upgrade your system, or if you are <link
linkend="stable">tracking -STABLE</link>, upgrade the port when a
new version becomes available.</para>
<para>While <command>cdrecord</command> has many options, basic usage
is even simpler than <command>burncd</command>. Burning an ISO 9660
image is done with:</para>
<screen>&prompt.root; <userinput>cdrecord dev=<replaceable>device</replaceable> <replaceable>imagefile.iso</replaceable></userinput></screen>
<para>The tricky part of using <command>cdrecord</command> is finding
the <option>dev</option> to use. To find the proper setting, use
the <option>-scanbus</option> flag of <command>cdrecord</command>,
which might produce results like this:</para>
<indexterm>
<primary>CDROMs</primary>
<secondary>burning</secondary>
</indexterm>
<screen>&prompt.root; <userinput>cdrecord -scanbus</userinput>
Cdrecord-Clone 2.01 (i386-unknown-freebsd7.0) Copyright (C) 1995-2004 J&ouml;rg Schilling
Using libscg version 'schily-0.1'
scsibus0:
0,0,0 0) 'SEAGATE ' 'ST39236LW ' '0004' Disk
0,1,0 1) 'SEAGATE ' 'ST39173W ' '5958' Disk
0,2,0 2) *
0,3,0 3) 'iomega ' 'jaz 1GB ' 'J.86' Removable Disk
0,4,0 4) 'NEC ' 'CD-ROM DRIVE:466' '1.26' Removable CD-ROM
0,5,0 5) *
0,6,0 6) *
0,7,0 7) *
scsibus1:
1,0,0 100) *
1,1,0 101) *
1,2,0 102) *
1,3,0 103) *
1,4,0 104) *
1,5,0 105) 'YAMAHA ' 'CRW4260 ' '1.0q' Removable CD-ROM
1,6,0 106) 'ARTEC ' 'AM12S ' '1.06' Scanner
1,7,0 107) *</screen>
<para>This lists the appropriate <option>dev</option> value for the
devices on the list. Locate your CD burner, and use the three
numbers separated by commas as the value for
<option>dev</option>. In this case, the CRW device is 1,5,0, so the
appropriate input would be
<option>dev=1,5,0</option>. There are easier
ways to specify this value; see &man.cdrecord.1; for
details. That is also the place to look for information on writing
audio tracks, controlling the speed, and other things.</para>
</sect2>
<sect2 id="duplicating-audiocds">
<title>Duplicating Audio CDs</title>
<para>You can duplicate an audio CD by extracting the audio data from
the CD to a series of files, and then writing these files to a blank
CD. The process is slightly different for ATAPI and SCSI
drives.</para>
<procedure>
<title>SCSI Drives</title>
<step>
<para>Use <command>cdda2wav</command> to extract the audio.</para>
<screen>&prompt.user; <userinput>cdda2wav -vall -D2,0 -B -Owav</userinput></screen>
</step>
<step>
<para>Use <command>cdrecord</command> to write the
<filename>.wav</filename> files.</para>
<screen>&prompt.user; <userinput>cdrecord -v dev=<replaceable>2,0</replaceable> -dao -useinfo *.wav</userinput></screen>
<para>Make sure that <replaceable>2,0</replaceable> is set
appropriately, as described in <xref linkend="cdrecord">.</para>
</step>
</procedure>
<procedure>
<title>ATAPI Drives</title>
<note>
<para>With the help of the <link
linkend="atapicam">ATAPI/CAM module</link>,
<command>cdda2wav</command> can also be used on ATAPI
drives. This tool is usually a better choice for most of
users (jitter correction, endianness issues, etc.) than
the method proposed below.</para>
</note>
<step>
<para>The ATAPI CD driver makes each track available as
<filename>/dev/acd<replaceable>d</replaceable>t<replaceable>nn</replaceable></filename>,
where <replaceable>d</replaceable> is the drive number, and
<replaceable>nn</replaceable> is the track number written with two
decimal digits, prefixed with zero as needed.
So the first track on the first disk is
<filename>/dev/acd0t01</filename>, the second is
<filename>/dev/acd0t02</filename>, the third is
<filename>/dev/acd0t03</filename>, and so on.</para>
<para>Make sure the appropriate files exist in
<filename>/dev</filename>. If the entries are missing,
force the system to retaste the media:</para>
<screen>&prompt.root; <userinput>dd if=/dev/acd0 of=/dev/null count=1</userinput></screen>
</step>
<step>
<para>Extract each track using &man.dd.1;. You must also use a
specific block size when extracting the files.</para>
<screen>&prompt.root; <userinput>dd if=/dev/acd0t01 of=track1.cdr bs=2352</userinput>
&prompt.root; <userinput>dd if=/dev/acd0t02 of=track2.cdr bs=2352</userinput>
...
</screen>
</step>
<step>
<para>Burn the extracted files to disk using
<command>burncd</command>. You must specify that these are audio
files, and that <command>burncd</command> should fixate the disk
when finished.</para>
<screen>&prompt.root; <userinput>burncd -f <replaceable>/dev/acd0</replaceable> audio track1.cdr track2.cdr <replaceable>...</replaceable> fixate</userinput></screen>
</step>
</procedure>
</sect2>
<sect2 id="imaging-cd">
<title>Duplicating Data CDs</title>
<para>You can copy a data CD to a image file that is
functionally equivalent to the image file created with
&man.mkisofs.8;, and you can use it to duplicate
any data CD. The example given here assumes that your CDROM
device is <devicename>acd0</devicename>. Substitute your
correct CDROM device.</para>
<screen>&prompt.root; <userinput>dd if=/dev/acd0 of=file.iso bs=2048</userinput></screen>
<para>Now that you have an image, you can burn it to CD as
described above.</para>
</sect2>
<sect2 id="mounting-cd">
<title>Using Data CDs</title>
<para>Now that you have created a standard data CDROM, you
probably want to mount it and read the data on it. By
default, &man.mount.8; assumes that a file system is of type
<literal>ufs</literal>. If you try something like:</para>
<screen>&prompt.root; <userinput>mount /dev/cd0 /mnt</userinput></screen>
<para>you will get a complaint about <errorname>Incorrect super
block</errorname>, and no mount. The CDROM is not a
<literal>UFS</literal> file system, so attempts to mount it
as such will fail. You just need to tell &man.mount.8; that
the file system is of type <literal>ISO9660</literal>, and
everything will work. You do this by specifying the
<option>-t cd9660</option> option &man.mount.8;. For
example, if you want to mount the CDROM device,
<filename>/dev/cd0</filename>, under
<filename>/mnt</filename>, you would execute:</para>
<screen>&prompt.root; <userinput>mount -t cd9660 /dev/cd0 /mnt</userinput></screen>
<para>Note that your device name
(<filename>/dev/cd0</filename> in this example) could be
different, depending on the interface your CDROM uses. Also,
the <option>-t cd9660</option> option just executes
&man.mount.cd9660.8;. The above example could be shortened
to:</para>
<screen>&prompt.root; <userinput>mount_cd9660 /dev/cd0 /mnt</userinput></screen>
<para>You can generally use data CDROMs from any vendor in this
way. Disks with certain ISO 9660 extensions might behave
oddly, however. For example, Joliet disks store all filenames
in two-byte Unicode characters. The FreeBSD kernel does not
speak Unicode, but the &os; CD9660 driver is able to convert
Unicode characters on the fly. If some non-English characters
show up as question marks you will need to specify the local
charset you use with the <option>-C</option> option. For more
information, consult the &man.mount.cd9660.8; manual
page.</para>
<note>
<para>To be able to do this character conversion with the help
of the <option>-C</option> option, the kernel will require
the <filename>cd9660_iconv.ko</filename> module to be
loaded. This can be done either by adding this line to
<filename>loader.conf</filename>:</para>
<programlisting>cd9660_iconv_load="YES"</programlisting>
<para>and then rebooting the machine, or by directly loading the
module with &man.kldload.8;.</para>
</note>
<para>Occasionally, you might get <errorname>Device not
configured</errorname> when trying to mount a CDROM. This
usually means that the CDROM drive thinks that there is no
disk in the tray, or that the drive is not visible on the bus.
It can take a couple of seconds for a CDROM drive to realize
that it has been fed, so be patient.</para>
<para>Sometimes, a SCSI CDROM may be missed because it did not
have enough time to answer the bus reset. If you have a SCSI
CDROM please add the following option to your kernel
configuration and <link linkend="kernelconfig-building">rebuild your kernel</link>.</para>
<programlisting>options SCSI_DELAY=15000</programlisting>
<para>This tells your SCSI bus to pause 15 seconds during boot,
to give your CDROM drive every possible chance to answer the
bus reset.</para>
</sect2>
<sect2 id="rawdata-cd">
<title>Burning Raw Data CDs</title>
<para>You can choose to burn a file directly to CD, without
creating an ISO 9660 file system. Some people do this for
backup purposes. This runs more quickly than burning a
standard CD:</para>
<screen>&prompt.root; <userinput>burncd -f /dev/acd1 -s 12 data archive.tar.gz fixate</userinput></screen>
<para>In order to retrieve the data burned to such a CD, you
must read data from the raw device node:</para>
<screen>&prompt.root; <userinput>tar xzvf /dev/acd1</userinput></screen>
<para>You cannot mount this disk as you would a normal CDROM.
Such a CDROM cannot be read under any operating system
except FreeBSD. If you want to be able to mount the CD, or
share data with another operating system, you must use
&man.mkisofs.8; as described above.</para>
</sect2>
<sect2 id="atapicam">
<sect2info>
<authorgroup>
<author>
<firstname>Marc</firstname>
<surname>Fonvieille</surname>
<contrib>Contributed by </contrib>
</author>
</authorgroup>
</sect2info>
<indexterm>
<primary>CD burner</primary>
<secondary>ATAPI/CAM driver</secondary>
</indexterm>
<title>Using the ATAPI/CAM Driver</title>
<para>This driver allows ATAPI devices (CD-ROM, CD-RW, DVD
drives etc...) to be accessed through the SCSI subsystem, and
so allows the use of applications like <filename
role="package">sysutils/cdrdao</filename> or
&man.cdrecord.1;.</para>
<para>To use this driver, you will need to add the following
line to the <filename>/boot/loader.conf</filename>
file:</para>
<programlisting>atapicam_load="YES"</programlisting>
<para>then, reboot your machine.</para>
<note>
<para>If you prefer to statically compile the &man.atapicam.4;
support in your kernel, you will have to add this line to
your kernel configuration file:</para>
<programlisting>device atapicam</programlisting>
<para>You also need the following lines in your kernel
configuration file:</para>
<programlisting>device ata
device scbus
device cd
device pass</programlisting>
<para>which should already be present. Then rebuild, install
your new kernel, and reboot your machine.</para>
</note>
<para>During the boot process, your burner should show up,
like so:</para>
<screen>acd0: CD-RW &lt;MATSHITA CD-RW/DVD-ROM UJDA740&gt; at ata1-master PIO4
cd0 at ata1 bus 0 target 0 lun 0
cd0: &lt;MATSHITA CDRW/DVD UJDA740 1.00&gt; Removable CD-ROM SCSI-0 device
cd0: 16.000MB/s transfers
cd0: Attempt to query device size failed: NOT READY, Medium not present - tray closed</screen>
<para>The drive could now be accessed via the
<filename>/dev/cd0</filename> device name, for example to
mount a CD-ROM on <filename>/mnt</filename>, just type the
following:</para>
<screen>&prompt.root; <userinput>mount -t cd9660 <replaceable>/dev/cd0</replaceable> /mnt</userinput></screen>
<para>As <username>root</username>, you can run the following
command to get the SCSI address of the burner:</para>
<screen>&prompt.root; <userinput>camcontrol devlist</userinput>
&lt;MATSHITA CDRW/DVD UJDA740 1.00&gt; at scbus1 target 0 lun 0 (pass0,cd0)</screen>
<para>So <literal>1,0,0</literal> will be the SCSI address to
use with &man.cdrecord.1; and other SCSI application.</para>
<para>For more information about ATAPI/CAM and SCSI system,
refer to the &man.atapicam.4; and &man.cam.4; manual
pages.</para>
</sect2>
</sect1>
<sect1 id="creating-dvds">
<sect1info>
<authorgroup>
<author>
<firstname>Marc</firstname>
<surname>Fonvieille</surname>
<contrib>Contributed by </contrib>
</author>
</authorgroup>
<authorgroup>
<author>
<firstname>Andy</firstname>
<surname>Polyakov</surname>
<contrib>With inputs from </contrib>
</author>
</authorgroup>
<!-- Feb 2004 -->
</sect1info>
<title>Creating and Using Optical Media (DVDs)</title>
<indexterm>
<primary>DVD</primary>
<secondary>burning</secondary>
</indexterm>
<sect2>
<title>Introduction</title>
<para>Compared to the CD, the DVD is the next generation of
optical media storage technology. The DVD can hold more data
than any CD and is nowadays the standard for video
publishing.</para>
<para>Five physical recordable formats can be defined for what
we will call a recordable DVD:</para>
<itemizedlist>
<listitem>
<para>DVD-R: This was the first DVD recordable format
available. The DVD-R standard is defined by the <ulink
url="http://www.dvdforum.com/forum.shtml">DVD Forum</ulink>.
This format is write once.</para>
</listitem>
<listitem>
<para>DVD-RW: This is the rewritable version of
the DVD-R standard. A DVD-RW can be rewritten about 1000
times.</para>
</listitem>
<listitem>
<para>DVD-RAM: This is also a rewritable format
supported by the DVD Forum. A DVD-RAM can be seen as a
removable hard drive. However, this media is not
compatible with most DVD-ROM drives and DVD-Video players;
only a few DVD writers support the DVD-RAM format. Read
the <xref linkend="creating-dvd-ram"> for more information
on DVD-RAM use.</para>
</listitem>
<listitem>
<para>DVD+RW: This is a rewritable format defined by
the <ulink url="http://www.dvdrw.com/">DVD+RW
Alliance</ulink>. A DVD+RW can be rewritten about 1000
times.</para>
</listitem>
<listitem>
<para>DVD+R: This format is the write once variation
of the DVD+RW format.</para>
</listitem>
</itemizedlist>
<para>A single layer recordable DVD can hold up to
4,700,000,000&nbsp;bytes which is actually 4.38&nbsp;GB or
4485&nbsp;MB (1 kilobyte is 1024 bytes).</para>
<note>
<para>A distinction must be made between the physical media and
the application. For example, a DVD-Video is a specific
file layout that can be written on any recordable DVD
physical media: DVD-R, DVD+R, DVD-RW etc. Before choosing
the type of media, you must be sure that both the burner and the
DVD-Video player (a standalone player or a DVD-ROM drive on
a computer) are compatible with the media under consideration.</para></note>
</sect2>
<sect2>
<title>Configuration</title>
<para>The program &man.growisofs.1; will be used to perform DVD
recording. This command is part of the
<application>dvd+rw-tools</application> utilities (<filename
role="package">sysutils/dvd+rw-tools</filename>). The
<application>dvd+rw-tools</application> support all DVD media
types.</para>
<para>These tools use the SCSI subsystem to access to the
devices, therefore the <link linkend="atapicam">ATAPI/CAM
support</link> must be added to your kernel. If your burner
uses the USB interface this addition is useless, and you should
read the <xref linkend="usb-disks"> for more details on USB
devices configuration.</para>
<para>You also have to enable DMA access for ATAPI devices, this
can be done in adding the following line to the
<filename>/boot/loader.conf</filename> file:</para>
<programlisting>hw.ata.atapi_dma="1"</programlisting>
<para>Before attempting to use the
<application>dvd+rw-tools</application> you should consult the
<ulink
url="http://fy.chalmers.se/~appro/linux/DVD+RW/hcn.html">dvd+rw-tools'
hardware compatibility notes</ulink> for any information
related to your DVD burner.</para>
<note>
<para>If you want a graphical user interface, you should have
a look to <application>K3b</application> (<filename
role="package">sysutils/k3b</filename>) which provides a
user friendly interface to &man.growisofs.1; and many other
burning tools.</para>
</note>
</sect2>
<sect2>
<title>Burning Data DVDs</title>
<para>The &man.growisofs.1; command is a frontend to <link
linkend="mkisofs">mkisofs</link>, it will invoke
&man.mkisofs.8; to create the file system layout and will
perform the write on the DVD. This means you do not need to
create an image of the data before the burning process.</para>
<para>To burn onto a DVD+R or a DVD-R the data from the <filename
class="directory">/path/to/data</filename> directory, use the
following command:</para>
<screen>&prompt.root; <userinput>growisofs -dvd-compat -Z <replaceable>/dev/cd0</replaceable> -J -R <replaceable>/path/to/data</replaceable></userinput></screen>
<para>The options <option>-J -R</option> are passed to
&man.mkisofs.8; for the file system creation (in this case: an
ISO 9660 file system with Joliet and Rock Ridge extensions),
consult the &man.mkisofs.8; manual page for more
details.</para>
<para>The option <option>-Z</option> is used for the initial
session recording in any case: multiple sessions or not. The
DVD device, <replaceable>/dev/cd0</replaceable>, must be
changed according to your configuration. The
<option>-dvd-compat</option> parameter will close the disk,
the recording will be unappendable. In return this should provide better
media compatibility with DVD-ROM drives.</para>
<para>It is also possible to burn a pre-mastered image, for
example to burn the image
<replaceable>imagefile.iso</replaceable>, we will run:</para>
<screen>&prompt.root; <userinput>growisofs -dvd-compat -Z <replaceable>/dev/cd0</replaceable>=<replaceable>imagefile.iso</replaceable></userinput></screen>
<para>The write speed should be detected and automatically set
according to the media and the drive being used. If you want
to force the write speed, use the <option>-speed=</option>
parameter. For more information, read the &man.growisofs.1;
manual page.</para>
<note>
<para>In order to have working files larger than 4.38GB in
your compilation, an UDF/ISO-9660 hybrid filesystem must be
created by passing additional <option>-udf -iso-level
3</option> parameter to &man.mkisofs.8; and all related
programs (i.e., &man.growisofs.1;). This is required only
when creating an ISO image file, or writing files directly
to a disk. Disk created this way must be mounted as an UDF
filesystem with &man.mount.udf.8; utility, so it will be
usable only on an UDF aware Operating System,otherwise it
will look as if it contains corrupted files.</para>
<para>To create a such ISO file:</para>
<screen>&prompt.user; <userinput>mkisofs -R -J -udf -iso-level 3 -o <replaceable>imagefile.iso</replaceable> <replaceable>/path/to/data</replaceable></userinput></screen>
<para>To burn files directly to a disk:</para>
<screen>&prompt.root; <userinput>growisofs -dvd-compat -udf -iso-level 3 -Z <replaceable>/dev/cd0</replaceable> -J -R <replaceable>/path/to/data</replaceable></userinput></screen>
<para>When you have an ISO image containing large files
already inside, no additional options are required for
&man.growisofs.1; to burn that image on a disk.</para>
<para>Also, be sure that you have an up-to-date version of
<filename role="package">sysutils/cdrtools</filename> (which
contain &man.mkisofs.8;), as the older ones does not
contain large files support. If you experience troubles
please move to the development package, i.e., <filename
role="package">sysutils/cdrtools-devel</filename> and read
&man.mkisofs.8; manual page.</para>
</note>
</sect2>
<indexterm>
<primary>DVD</primary>
<secondary>DVD-Video</secondary>
</indexterm>
<sect2>
<title>Burning a DVD-Video</title>
<para>A DVD-Video is a specific file layout based on ISO 9660
and the micro-UDF (M-UDF) specifications. The DVD-Video also
presents a specific data structure hierarchy, it is the reason
why you need a particular program such as <filename
role="package">multimedia/dvdauthor</filename> to author the
DVD.</para>
<para>If you already have an image of the DVD-Video file system,
just burn it in the same way as for any image, see the
previous section for an example. If you have made the DVD
authoring and the result is in, for example, the directory
<filename class="directory">/path/to/video</filename>, the
following command should be used to burn the DVD-Video:</para>
<screen>&prompt.root; <userinput>growisofs -Z <replaceable>/dev/cd0</replaceable> -dvd-video <replaceable>/path/to/video</replaceable></userinput></screen>
<para>The <option>-dvd-video</option> option will be passed down to
&man.mkisofs.8; and will instruct it to create a DVD-Video file system
layout. Beside this, the <option>-dvd-video</option> option
implies <option>-dvd-compat</option> &man.growisofs.1;
option.</para>
</sect2>
<indexterm>
<primary>DVD</primary>
<secondary>DVD+RW</secondary>
</indexterm>
<sect2>
<title>Using a DVD+RW</title>
<para>Unlike CD-RW, a virgin DVD+RW needs to be formatted before
first use. The &man.growisofs.1; program will take care of it
automatically whenever appropriate, which is the
<emphasis>recommended</emphasis> way. However you can use the
<command>dvd+rw-format</command> command to format the
DVD+RW:</para>
<screen>&prompt.root; <userinput>dvd+rw-format <replaceable>/dev/cd0</replaceable></userinput></screen>
<para>You need to perform this operation just once, keep in mind
that only virgin DVD+RW medias need to be formatted. Then you
can burn the DVD+RW in the way seen in previous
sections.</para>
<para>If you want to burn new data (burn a totally new file
system not append some data) onto a DVD+RW, you do not need to
blank it, you just have to write over the previous recording
(in performing a new initial session), like this:</para>
<screen>&prompt.root; <userinput>growisofs -Z <replaceable>/dev/cd0</replaceable> -J -R <replaceable>/path/to/newdata</replaceable></userinput></screen>
<para>DVD+RW format offers the possibility to easily append data
to a previous recording. The operation consists in merging a
new session to the existing one, it is not multisession
writing, &man.growisofs.1; will <emphasis>grow</emphasis> the
ISO 9660 file system present on the media.</para>
<para>For example, if we want to append data to our previous
DVD+RW, we have to use the following:</para>
<screen>&prompt.root; <userinput>growisofs -M <replaceable>/dev/cd0</replaceable> -J -R <replaceable>/path/to/nextdata</replaceable></userinput></screen>
<para>The same &man.mkisofs.8; options we used to burn the
initial session should be used during next writes.</para>
<note>
<para>You may want to use the <option>-dvd-compat</option>
option if you want better media compatibility with DVD-ROM
drives. In the DVD+RW case, this will not prevent you from
adding data.</para>
</note>
<para>If for any reason you really want to blank the media, do
the following:</para>
<screen>&prompt.root; <userinput>growisofs -Z <replaceable>/dev/cd0</replaceable>=<replaceable>/dev/zero</replaceable></userinput></screen>
</sect2>
<indexterm>
<primary>DVD</primary>
<secondary>DVD-RW</secondary>
</indexterm>
<sect2>
<title>Using a DVD-RW</title>
<para>A DVD-RW accepts two disc formats: the incremental
sequential one and the restricted overwrite. By default
DVD-RW discs are in sequential format.</para>
<para>A virgin DVD-RW can be directly written without the need
of a formatting operation, however a non-virgin DVD-RW in
sequential format needs to be blanked before to be able to
write a new initial session.</para>
<para>To blank a DVD-RW in sequential mode, run:</para>
<screen>&prompt.root; <userinput>dvd+rw-format -blank=full <replaceable>/dev/cd0</replaceable></userinput></screen>
<note>
<para>A full blanking (<option>-blank=full</option>) will take
about one hour on a 1x media. A fast blanking can be
performed using the <option>-blank</option> option if the
DVD-RW will be recorded in Disk-At-Once (DAO) mode. To burn
the DVD-RW in DAO mode, use the command:</para>
<screen>&prompt.root; <userinput>growisofs -use-the-force-luke=dao -Z <replaceable>/dev/cd0</replaceable>=<replaceable>imagefile.iso</replaceable></userinput></screen>
<para>The <option>-use-the-force-luke=dao</option> option
should not be required since &man.growisofs.1; attempts to
detect minimally (fast blanked) media and engage DAO
write.</para>
<para>In fact one should use restricted overwrite mode with
any DVD-RW, this format is more flexible than the default
incremental sequential one.</para>
</note>
<para>To write data on a sequential DVD-RW, use the same
instructions as for the other DVD formats:</para>
<screen>&prompt.root; <userinput>growisofs -Z <replaceable>/dev/cd0</replaceable> -J -R <replaceable>/path/to/data</replaceable></userinput></screen>
<para>If you want to append some data to your previous
recording, you will have to use the &man.growisofs.1;
<option>-M</option> option. However, if you perform data
addition on a DVD-RW in incremental sequential mode, a new
session will be created on the disc and the result will be a
multi-session disc.</para>
<para>A DVD-RW in restricted overwrite format does not need to
be blanked before a new initial session, you just have to
overwrite the disc with the <option>-Z</option> option, this
is similar to the DVD+RW case. It is also possible to grow an
existing ISO 9660 file system written on the disc in a same
way as for a DVD+RW with the <option>-M</option> option. The
result will be a one-session DVD.</para>
<para>To put a DVD-RW in the restricted overwrite format, the
following command must be used:</para>
<screen>&prompt.root; <userinput>dvd+rw-format <replaceable>/dev/cd0</replaceable></userinput></screen>
<para>To change back to the sequential format use:</para>
<screen>&prompt.root; <userinput>dvd+rw-format -blank=full <replaceable>/dev/cd0</replaceable></userinput></screen>
</sect2>
<sect2>
<title>Multisession</title>
<para>Very few DVD-ROM drives support
multisession DVDs, they will most of time, hopefully, only read
the first session. DVD+R, DVD-R and DVD-RW in sequential
format can accept multiple sessions, the notion of multiple
sessions does not exist for the DVD+RW and the DVD-RW
restricted overwrite formats.</para>
<para>Using the following command after an initial (non-closed)
session on a DVD+R, DVD-R, or DVD-RW in sequential format,
will add a new session to the disc:</para>
<screen>&prompt.root; <userinput>growisofs -M <replaceable>/dev/cd0</replaceable> -J -R <replaceable>/path/to/nextdata</replaceable></userinput></screen>
<para>Using this command line with a DVD+RW or a DVD-RW in restricted
overwrite mode, will append data in merging the new session to
the existing one. The result will be a single-session disc.
This is the way used to add data after an initial write on these
medias.</para>
<note>
<para>Some space on the media is used between each session for
end and start of sessions. Therefore, one should add
sessions with large amount of data to optimize media space.
The number of sessions is limited to 154 for a DVD+R,
about 2000 for a DVD-R, and 127 for a DVD+R Double
Layer.</para>
</note>
</sect2>
<sect2>
<title>For More Information</title>
<para>To obtain more information about a DVD, the
<command>dvd+rw-mediainfo
<replaceable>/dev/cd0</replaceable></command> command can be
ran with the disc in the drive.</para>
<para>More information about the
<application>dvd+rw-tools</application> can be found in
the &man.growisofs.1; manual page, on the <ulink
url="http://fy.chalmers.se/~appro/linux/DVD+RW/">dvd+rw-tools
web site</ulink> and in the <ulink
url="http://lists.debian.org/cdwrite/">cdwrite mailing
list</ulink> archives.</para>
<note>
<para>The <command>dvd+rw-mediainfo</command> output of the
resulting recording or the media with issues is mandatory
for any problem report. Without this output, it will be
quite impossible to help you.</para>
</note>
</sect2>
<sect2 id="creating-dvd-ram">
<title>Using a DVD-RAM</title>
<indexterm>
<primary>DVD</primary>
<secondary>DVD-RAM</secondary>
</indexterm>
<sect3>
<title>Configuration</title>
<para>DVD-RAM writers come with either SCSI or ATAPI
interface. DMA access for ATAPI devices has to be enabled,
this can be done by adding the following line to the
<filename>/boot/loader.conf</filename> file:</para>
<programlisting>hw.ata.atapi_dma="1"</programlisting>
</sect3>
<sect3>
<title>Preparing the Medium</title>
<para>As previously mentioned in the chapter introduction, a
DVD-RAM can be seen as a removable hard drive. As any other
hard drive the DVD-RAM must be <quote>prepared</quote>
before the first use. In the example, the whole
disk space will be used with a standard UFS2 file system:</para>
<screen>&prompt.root; <userinput>dd if=/dev/zero of=<replaceable>/dev/acd0</replaceable> bs=2k count=1</userinput>
&prompt.root; <userinput>bsdlabel -Bw <replaceable>acd0</replaceable></userinput>
&prompt.root; <userinput>newfs <replaceable>/dev/acd0</replaceable></userinput></screen>
<para>The DVD device, <devicename>acd0</devicename>, must be
changed according to the configuration.</para>
</sect3>
<sect3>
<title>Using the Medium</title>
<para>Once the previous operations have been performed on the
DVD-RAM, it can be mounted as a normal hard drive:</para>
<screen>&prompt.root; <userinput>mount <replaceable>/dev/acd0</replaceable> <replaceable>/mnt</replaceable></userinput></screen>
<para>After this the DVD-RAM will be both readable and writeable.</para>
</sect3>
</sect2>
</sect1>
<sect1 id="floppies">
<sect1info>
<authorgroup>
<author>
<firstname>Julio</firstname>
<surname>Merino</surname>
<contrib>Original work by </contrib>
</author>
</authorgroup>
<!-- 24 Dec 2001 -->
<authorgroup>
<author>
<firstname>Martin</firstname>
<surname>Karlsson</surname>
<contrib>Rewritten by </contrib>
</author>
</authorgroup>
<!-- 27 Apr 2003 -->
</sect1info>
<title>Creating and Using Floppy Disks</title>
<para>Storing data on floppy disks is sometimes useful, for
example when one does not have any other removable storage media
or when one needs to transfer small amounts of data to another
computer.</para>
<para>This section will explain how to use floppy disks in
FreeBSD. It will primarily cover formatting and usage of
3.5inch DOS floppies, but the concepts are similar for other
floppy disk formats.</para>
<sect2>
<title>Formatting Floppies</title>
<sect3>
<title>The Device</title>
<para>Floppy disks are accessed through entries in
<filename>/dev</filename>, just like other devices. To
access the raw floppy disk, simply use
<filename>/dev/fd<replaceable>N</replaceable></filename>.</para>
</sect3>
<sect3>
<title>Formatting</title>
<para>A floppy disk needs to be low-level formated before it
can be used. This is usually done by the vendor, but
formatting is a good way to check media integrity. Although
it is possible to force larger (or smaller) disk sizes,
1440kB is what most floppy disks are designed for.</para>
<para>To low-level format the floppy disk you need to use
&man.fdformat.1;. This utility expects the device name as an
argument.</para>
<para>Make note of any error messages, as these can help
determine if the disk is good or bad.</para>
<sect4>
<title>Formatting Floppy Disks</title>
<para>Use the
<filename>/dev/fd<replaceable>N</replaceable></filename>
devices to format the floppy. Insert a new 3.5inch floppy
disk in your drive and issue:</para>
<screen>&prompt.root; <userinput>/usr/sbin/fdformat -f 1440 /dev/fd0</userinput></screen>
</sect4>
</sect3>
</sect2>
<sect2>
<title>The Disk Label</title>
<para>After low-level formatting the disk, you will need to
place a disk label on it. This disk label will be destroyed
later, but it is needed by the system to determine the size of
the disk and its geometry later.</para>
<para>The new disk label will take over the whole disk, and will
contain all the proper information about the geometry of the
floppy. The geometry values for the disk label are listed in
<filename>/etc/disktab</filename>.</para>
<para>You can run now &man.bsdlabel.8; like so:</para>
<screen>&prompt.root; <userinput>/sbin/bsdlabel -B -w /dev/fd0 fd1440</userinput></screen>
</sect2>
<sect2>
<title>The File System</title>
<para>Now the floppy is ready to be high-level formated. This
will place a new file system on it, which will let FreeBSD read
and write to the disk. After creating the new file system, the
disk label is destroyed, so if you want to reformat the disk, you
will have to recreate the disk label.</para>
<para>The floppy's file system can be either UFS or FAT.
FAT is generally a better choice for floppies.</para>
<para>To put a new file system on the floppy, issue:</para>
<screen>&prompt.root; <userinput>/sbin/newfs_msdos /dev/fd0</userinput></screen>
<para>The disk is now ready for use.</para>
</sect2>
<sect2>
<title>Using the Floppy</title>
<para>To use the floppy, mount it with &man.mount.msdosfs.8;. One can also use
<filename role="package">emulators/mtools</filename> from the ports
collection.</para>
</sect2>
</sect1>
<sect1 id="backups-tapebackups">
<title>Creating and Using Data Tapes</title>
<indexterm><primary>tape media</primary></indexterm>
<para>The major tape media are the 4mm, 8mm, QIC, mini-cartridge and
DLT.</para>
<sect2 id="backups-tapebackups-4mm">
<title>4mm (DDS: Digital Data Storage)</title>
<indexterm>
<primary>tape media</primary>
<secondary>DDS (4mm) tapes</secondary>
</indexterm>
<indexterm>
<primary>tape media</primary>
<secondary>QIC tapes</secondary>
</indexterm>
<para>4mm tapes are replacing QIC as the workstation backup media of
choice. This trend accelerated greatly when Conner purchased Archive,
a leading manufacturer of QIC drives, and then stopped production of
QIC drives. 4mm drives are small and quiet but do not have the
reputation for reliability that is enjoyed by 8mm drives. The
cartridges are less expensive and smaller (3 x 2 x 0.5 inches, 76 x 51
x 12 mm) than 8mm cartridges. 4mm, like 8mm, has comparatively short
head life for the same reason, both use helical scan.</para>
<para>Data throughput on these drives starts ~150&nbsp;kB/s, peaking at ~500&nbsp;kB/s.
Data capacity starts at 1.3&nbsp;GB and ends at 2.0&nbsp;GB. Hardware
compression, available with most of these drives, approximately
doubles the capacity. Multi-drive tape library units can have 6
drives in a single cabinet with automatic tape changing. Library
capacities reach 240&nbsp;GB.</para>
<para>The DDS-3 standard now supports tape capacities up to 12&nbsp;GB (or
24&nbsp;GB compressed).</para>
<para>4mm drives, like 8mm drives, use helical-scan. All the benefits
and drawbacks of helical-scan apply to both 4mm and 8mm drives.</para>
<para>Tapes should be retired from use after 2,000 passes or 100 full
backups.</para>
</sect2>
<sect2 id="backups-tapebackups-8mm">
<title>8mm (Exabyte)</title>
<indexterm>
<primary>tape media</primary>
<secondary>Exabyte (8mm) tapes</secondary>
</indexterm>
<para>8mm tapes are the most common SCSI tape drives; they are the best
choice of exchanging tapes. Nearly every site has an Exabyte 2&nbsp;GB 8mm
tape drive. 8mm drives are reliable, convenient and quiet. Cartridges
are inexpensive and small (4.8 x 3.3 x 0.6 inches; 122 x 84 x 15 mm).
One downside of 8mm tape is relatively short head and tape life due to
the high rate of relative motion of the tape across the heads.</para>
<para>Data throughput ranges from ~250&nbsp;kB/s to ~500&nbsp;kB/s. Data sizes start
at 300&nbsp;MB and go up to 7&nbsp;GB. Hardware compression, available with
most of these drives, approximately doubles the capacity. These
drives are available as single units or multi-drive tape libraries
with 6 drives and 120 tapes in a single cabinet. Tapes are changed
automatically by the unit. Library capacities reach 840+&nbsp;GB.</para>
<para>The Exabyte <quote>Mammoth</quote> model supports 12&nbsp;GB on one tape
(24&nbsp;GB with compression) and costs approximately twice as much as
conventional tape drives.</para>
<para>Data is recorded onto the tape using helical-scan, the heads are
positioned at an angle to the media (approximately 6 degrees). The
tape wraps around 270 degrees of the spool that holds the heads. The
spool spins while the tape slides over the spool. The result is a
high density of data and closely packed tracks that angle across the
tape from one edge to the other.</para>
</sect2>
<sect2 id="backups-tapebackups-qic">
<title>QIC</title>
<indexterm>
<primary>tape media</primary>
<secondary>QIC-150</secondary>
</indexterm>
<para>QIC-150 tapes and drives are, perhaps, the most common tape drive
and media around. QIC tape drives are the least expensive <quote>serious</quote>
backup drives. The downside is the cost of media. QIC tapes are
expensive compared to 8mm or 4mm tapes, up to 5 times the price per GB
data storage. But, if your needs can be satisfied with a half-dozen
tapes, QIC may be the correct choice. QIC is the
<emphasis>most</emphasis> common tape drive. Every site has a QIC
drive of some density or another. Therein lies the rub, QIC has a
large number of densities on physically similar (sometimes identical)
tapes. QIC drives are not quiet. These drives audibly seek before
they begin to record data and are clearly audible whenever reading,
writing or seeking. QIC tapes measure 6&nbsp;x 4&nbsp;x 0.7 inches
(152&nbsp;x 102&nbsp;x 17 mm).</para>
<para>Data throughput ranges from ~150&nbsp;kB/s to ~500&nbsp;kB/s. Data capacity
ranges from 40&nbsp;MB to 15&nbsp;GB. Hardware compression is available on many
of the newer QIC drives. QIC drives are less frequently installed;
they are being supplanted by DAT drives.</para>
<para>Data is recorded onto the tape in tracks. The tracks run along
the long axis of the tape media from one end to the other. The number
of tracks, and therefore the width of a track, varies with the tape's
capacity. Most if not all newer drives provide backward-compatibility
at least for reading (but often also for writing). QIC has a good
reputation regarding the safety of the data (the mechanics are simpler
and more robust than for helical scan drives).</para>
<para>Tapes should be retired from use after 5,000 backups.</para>
</sect2>
<sect2 id="backups-tapebackups-dlt">
<title>DLT</title>
<indexterm>
<primary>tape media</primary>
<secondary>DLT</secondary>
</indexterm>
<para>DLT has the fastest data transfer rate of all the drive types
listed here. The 1/2" (12.5mm) tape is contained in a single spool
cartridge (4 x 4 x 1 inches; 100 x 100 x 25 mm). The cartridge has a
swinging gate along one entire side of the cartridge. The drive
mechanism opens this gate to extract the tape leader. The tape leader
has an oval hole in it which the drive uses to <quote>hook</quote> the tape. The
take-up spool is located inside the tape drive. All the other tape
cartridges listed here (9 track tapes are the only exception) have
both the supply and take-up spools located inside the tape cartridge
itself.</para>
<para>Data throughput is approximately 1.5&nbsp;MB/s, three times the throughput of
4mm, 8mm, or QIC tape drives. Data capacities range from 10&nbsp;GB to 20&nbsp;GB
for a single drive. Drives are available in both multi-tape changers
and multi-tape, multi-drive tape libraries containing from 5 to 900
tapes over 1 to 20 drives, providing from 50&nbsp;GB to 9&nbsp;TB of
storage.</para>
<para>With compression, DLT Type IV format supports up to 70&nbsp;GB
capacity.</para>
<para>Data is recorded onto the tape in tracks parallel to the direction
of travel (just like QIC tapes). Two tracks are written at once.
Read/write head lifetimes are relatively long; once the tape stops
moving, there is no relative motion between the heads and the
tape.</para>
</sect2>
<sect2>
<title id="backups-tapebackups-ait">AIT</title>
<indexterm>
<primary>tape media</primary>
<secondary>AIT</secondary>
</indexterm>
<para>AIT is a new format from Sony, and can hold up to 50&nbsp;GB (with
compression) per tape. The tapes contain memory chips which retain an
index of the tape's contents. This index can be rapidly read by the
tape drive to determine the position of files on the tape, instead of
the several minutes that would be required for other tapes. Software
such as <application>SAMS:Alexandria</application> can operate forty or more AIT tape libraries,
communicating directly with the tape's memory chip to display the
contents on screen, determine what files were backed up to which
tape, locate the correct tape, load it, and restore the data from the
tape.</para>
<para>Libraries like this cost in the region of $20,000, pricing them a
little out of the hobbyist market.</para>
</sect2>
<sect2>
<title>Using a New Tape for the First Time</title>
<para>The first time that you try to read or write a new, completely
blank tape, the operation will fail. The console messages should be
similar to:</para>
<screen>sa0(ncr1:4:0): NOT READY asc:4,1
sa0(ncr1:4:0): Logical unit is in process of becoming ready</screen>
<para>The tape does not contain an Identifier Block (block number 0).
All QIC tape drives since the adoption of QIC-525 standard write an
Identifier Block to the tape. There are two solutions:</para>
<itemizedlist>
<listitem>
<para><command>mt fsf 1</command> causes the tape drive to write an
Identifier Block to the tape.</para>
</listitem>
<listitem>
<para>Use the front panel button to eject the tape.</para>
<para>Re-insert the tape and <command>dump</command> data to
the tape.</para>
<para><command>dump</command> will report <errorname>DUMP: End of tape
detected</errorname> and the console will show: <errorname>HARDWARE
FAILURE info:280 asc:80,96</errorname>.</para>
<para>rewind the tape using: <command>mt rewind</command>.</para>
<para>Subsequent tape operations are successful.</para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
<sect1 id="backups-floppybackups">
<title>Backups to Floppies</title>
<sect2 id="floppies-using">
<title>Can I Use Floppies for Backing Up My Data?</title>
<indexterm><primary>backup floppies</primary></indexterm>
<indexterm><primary>floppy disks</primary></indexterm>
<para>Floppy disks are not really a suitable media for
making backups as:</para>
<itemizedlist>
<listitem>
<para>The media is unreliable, especially over long periods of
time.</para>
</listitem>
<listitem>
<para>Backing up and restoring is very slow.</para>
</listitem>
<listitem>
<para>They have a very limited capacity (the days of backing up
an entire hard disk onto a dozen or so floppies has long since
passed).</para>
</listitem>
</itemizedlist>
<para>However, if you have no other method of backing up your data then
floppy disks are better than no backup at all.</para>
<para>If you do have to use floppy disks then ensure that you use good
quality ones. Floppies that have been lying around the office for a
couple of years are a bad choice. Ideally use new ones from a
reputable manufacturer.</para>
</sect2>
<sect2 id="floppies-creating">
<title>So How Do I Backup My Data to Floppies?</title>
<para>The best way to backup to floppy disk is to use
&man.tar.1; with the <option>-M</option> (multi
volume) option, which allows backups to span multiple
floppies.</para>
<para>To backup all the files in the current directory and sub-directory
use this (as <username>root</username>):</para>
<screen>&prompt.root; <userinput>tar Mcvf /dev/fd0 *</userinput></screen>
<para>When the first floppy is full &man.tar.1; will prompt you to
insert the next volume (because &man.tar.1; is media independent it
refers to volumes; in this context it means floppy disk).</para>
<screen>Prepare volume #2 for /dev/fd0 and hit return:</screen>
<para>This is repeated (with the volume number incrementing) until all
the specified files have been archived.</para>
</sect2>
<sect2 id="floppies-compress">
<title>Can I Compress My Backups?</title>
<indexterm>
<primary><command>tar</command></primary>
</indexterm>
<indexterm>
<primary><command>gzip</command></primary>
</indexterm>
<indexterm><primary>compression</primary></indexterm>
<para>Unfortunately, &man.tar.1; will not allow the
<option>-z</option> option to be used for multi-volume archives.
You could, of course, &man.gzip.1; all the files,
&man.tar.1; them to the floppies, then
&man.gunzip.1; the files again!</para>
</sect2>
<sect2 id="floppies-restoring">
<title>How Do I Restore My Backups?</title>
<para>To restore the entire archive use:</para>
<screen>&prompt.root; <userinput>tar Mxvf /dev/fd0</userinput></screen>
<para>There are two ways that you can use to restore only
specific files. First, you can start with the first floppy
and use:</para>
<screen>&prompt.root; <userinput>tar Mxvf /dev/fd0 <replaceable>filename</replaceable></userinput></screen>
<para>The utility &man.tar.1; will prompt you to insert subsequent floppies until it
finds the required file.</para>
<para>Alternatively, if you know which floppy the file is on then you
can simply insert that floppy and use the same command as above. Note
that if the first file on the floppy is a continuation from the
previous one then &man.tar.1; will warn you that it cannot
restore it, even if you have not asked it to!</para>
</sect2>
</sect1>
<sect1 id="backup-strategies">
<sect1info>
<authorgroup>
<author>
<firstname>Lowell</firstname>
<surname>Gilbert</surname>
<contrib>Original work by </contrib>
</author>
</authorgroup>
<!-- 3 Dec 2005 -->
</sect1info>
<title>Backup Strategies</title>
<para>The first requirement in devising a backup plan is to make sure that
all of the following problems are covered:</para>
<itemizedlist>
<listitem>
<para>Disk failure</para>
</listitem>
<listitem>
<para>Accidental file deletion</para>
</listitem>
<listitem>
<para>Random file corruption</para>
</listitem>
<listitem>
<para>Complete machine destruction (e.g. fire), including destruction
of any on-site backups.</para>
</listitem>
</itemizedlist>
<para>It is perfectly possible that some systems will be best served by
having each of these problems covered by a completely different
technique. Except for strictly personal systems with very low-value
data, it is unlikely that one technique would cover all of them.</para>
<para>Some of the techniques in the toolbox are:</para>
<itemizedlist>
<listitem>
<para>Archives of the whole system, backed up onto permanent media
offsite. This actually provides protection against all of the
possible problems listed above, but is slow and inconvenient to
restore from. You can keep copies of the backups onsite and/or
online, but there will still be inconveniences in restoring files,
especially for non-privileged users.</para>
</listitem>
<listitem>
<para>Filesystem snapshots. This is really only helpful in the
accidental file deletion scenario, but it can be
<emphasis>very</emphasis> helpful in that case, and is quick and
easy to deal with.</para>
</listitem>
<listitem>
<para>Copies of whole filesystems and/or disks (e.g. periodic &man.rsync.1; of
the whole machine). This is generally most useful in networks with
unique requirements. For general protection against disk failure,
it is usually inferior to <acronym>RAID</acronym>. For restoring
accidentally deleted files, it can be comparable to
<acronym>UFS</acronym> snapshots, but that depends on your
preferences.</para>
</listitem>
<listitem>
<para><acronym>RAID</acronym>. Minimizes or avoids downtime when a
disk fails. At the expense of having to deal with disk failures
more often (because you have more disks), albeit at a much lower
urgency.</para>
</listitem>
<listitem>
<para>Checking fingerprints of files. The &man.mtree.8; utility is
very useful for this. Although it is not a backup technique, it
helps guarantee that you will notice when you need to resort to your
backups. This is particularly important for offline backups, and
should be checked periodically.</para>
</listitem>
</itemizedlist>
<para>It is quite easy to come up with even more techniques, many of them
variations on the ones listed above. Specialized requirements will
usually lead to specialized techniques (for example, backing up a live
database usually requires a method particular to the database software
as an intermediate step). The important thing is to know what dangers
you want to protect against, and how you will handle each.</para>
</sect1>
<sect1 id="backup-basics">
<title>Backup Basics</title>
<para>The three major backup programs are
&man.dump.8;,
&man.tar.1;,
and
&man.cpio.1;.</para>
<sect2>
<title>Dump and Restore</title>
<indexterm>
<primary>backup software</primary>
<secondary>dump / restore</secondary>
</indexterm>
<indexterm><primary><command>dump</command></primary></indexterm>
<indexterm><primary><command>restore</command></primary></indexterm>
<para>The traditional &unix; backup programs are
<command>dump</command> and <command>restore</command>. They
operate on the drive as a collection of disk blocks, below the
abstractions of files, links and directories that are created by
the file systems. Unlike other backup software,
<command>dump</command> backs up an entire
file system on a device. It is unable to backup only part of a
file system or a directory tree that spans more than one
file system. The <command>dump</command> command does not write files and
directories to tape, but rather writes the raw data blocks that
comprise files and directories. When being used to extract
data, <command>restore</command> stores temporary files
in <filename>/tmp/</filename> by default &mdash; if you are
operating from a recovery disk with a small
<filename>/tmp</filename> directory, you may need to set the
<envar>TMPDIR</envar> environment variable to a directory
with more free space for the restore to be successful.</para>
<note><para>If you use <command>dump</command> on your root directory, you
would not back up <filename>/home</filename>,
<filename>/usr</filename> or many other directories since
these are typically mount points for other file systems or
symbolic links into those file systems.</para></note>
<para><command>dump</command> has quirks that remain from its early days in
Version 6 of AT&amp;T UNIX (circa 1975). The default
parameters are suitable for 9-track tapes (6250 bpi), not the
high-density media available today (up to 62,182 ftpi). These
defaults must be overridden on the command line to utilize the
capacity of current tape drives.</para>
<indexterm><primary><filename>.rhosts</filename></primary></indexterm>
<para>It is also possible to backup data across the network to a
tape drive attached to another computer with <command>rdump</command> and
<command>rrestore</command>. Both programs rely upon &man.rcmd.3; and
&man.ruserok.3; to access the remote tape drive. Therefore,
the user performing the backup must be listed in the
<filename>.rhosts</filename> file on the remote computer. The
arguments to <command>rdump</command> and <command>rrestore</command> must be suitable
to use on the remote computer. When
<command>rdump</command>ing from a FreeBSD computer to an
Exabyte tape drive connected to a Sun called
<hostid>komodo</hostid>, use:</para>
<screen>&prompt.root; <userinput>/sbin/rdump 0dsbfu 54000 13000 126 komodo:/dev/nsa8 /dev/da0a 2>&amp;1</userinput></screen>
<para>Beware: there are security implications to
allowing <filename>.rhosts</filename> authentication. Evaluate your
situation carefully.</para>
<para>It is also possible to use <command>dump</command> and
<command>restore</command> in a more secure fashion over
<command>ssh</command>.</para>
<example>
<title>Using <command>dump</command> over <application>ssh</application></title>
<screen>&prompt.root; <userinput>/sbin/dump -0uan -f - /usr | gzip -2 | ssh -c blowfish \
targetuser@targetmachine.example.com dd of=/mybigfiles/dump-usr-l0.gz</userinput></screen>
</example>
<para>Or using <command>dump</command>'s built-in method,
setting the environment variable <envar>RSH</envar>:</para>
<example>
<title>Using <command>dump</command> over <application>ssh</application> with <envar>RSH</envar> set</title>
<screen>&prompt.root; <userinput>RSH=/usr/bin/ssh /sbin/dump -0uan -f targetuser@targetmachine.example.com:/dev/sa0 /usr</userinput></screen>
</example>
</sect2>
<sect2>
<title><command>tar</command></title>
<indexterm>
<primary>backup software</primary>
<secondary><command>tar</command></secondary>
</indexterm>
<para>&man.tar.1; also dates back to Version 6 of AT&amp;T UNIX
(circa 1975). <command>tar</command> operates in cooperation
with the file system; it writes files and
directories to tape. <command>tar</command> does not support the
full range of options that are available from &man.cpio.1;, but
it does not require the unusual command
pipeline that <command>cpio</command> uses.</para>
<indexterm><primary><command>tar</command></primary></indexterm>
<para>To <command>tar</command> to an
Exabyte tape drive connected to a Sun called
<hostid>komodo</hostid>, use:</para>
<screen>&prompt.root; <userinput>tar cf - . | rsh komodo dd of=<replaceable>tape-device</replaceable> obs=20b</userinput></screen>
<para>If you are worried about the security of backing up over a
network you should use the <command>ssh</command> command
instead of <command>rsh</command>.</para>
</sect2>
<sect2>
<title><command>cpio</command></title>
<indexterm>
<primary>backup software</primary>
<secondary><command>cpio</command></secondary>
</indexterm>
<para>&man.cpio.1; is the original &unix; file interchange tape
program for magnetic media. <command>cpio</command> has options
(among many others) to perform byte-swapping, write a number of
different archive formats, and pipe the data to other programs.
This last feature makes <command>cpio</command> an excellent
choice for installation media. <command>cpio</command> does not
know how to walk the directory tree and a list of files must be
provided through <filename>stdin</filename>.</para>
<indexterm><primary><command>cpio</command></primary></indexterm>
<para><command>cpio</command> does not support backups across
the network. You can use a pipeline and <command>rsh</command>
to send the data to a remote tape drive.</para>
<screen>&prompt.root; <userinput>for f in <replaceable>directory_list; do</replaceable></userinput>
<userinput>find $f &gt;&gt; backup.list</userinput>
<userinput>done</userinput>
&prompt.root; <userinput>cpio -v -o --format=newc &lt; backup.list | ssh <replaceable>user</replaceable>@<replaceable>host</replaceable> "cat &gt; <replaceable>backup_device</replaceable>"</userinput></screen>
<para>Where <replaceable>directory_list</replaceable> is the list of
directories you want to back up,
<replaceable>user</replaceable>@<replaceable>host</replaceable> is the
user/hostname combination that will be performing the backups, and
<replaceable>backup_device</replaceable> is where the backups should
be written to (e.g., <filename>/dev/nsa0</filename>).</para>
</sect2>
<sect2>
<title><command>pax</command></title>
<indexterm>
<primary>backup software</primary>
<secondary><command>pax</command></secondary>
</indexterm>
<indexterm><primary><command>pax</command></primary></indexterm>
<indexterm><primary>POSIX</primary></indexterm>
<indexterm><primary>IEEE</primary></indexterm>
<para>&man.pax.1; is IEEE/&posix;'s answer to
<command>tar</command> and <command>cpio</command>. Over the
years the various versions of <command>tar</command> and
<command>cpio</command> have gotten slightly incompatible. So
rather than fight it out to fully standardize them, &posix;
created a new archive utility. <command>pax</command> attempts
to read and write many of the various <command>cpio</command>
and <command>tar</command> formats, plus new formats of its own.
Its command set more resembles <command>cpio</command> than
<command>tar</command>.</para>
</sect2>
<sect2 id="backups-programs-amanda">
<title><application>Amanda</application></title>
<indexterm>
<primary>backup software</primary>
<secondary><application>Amanda</application></secondary>
</indexterm>
<indexterm><primary><application>Amanda</application></primary></indexterm>
<!-- Remove link until <port> tag is available -->
<para><application>Amanda</application> (Advanced Maryland
Network Disk Archiver) is a client/server backup system,
rather than a single program. An <application>Amanda</application> server will backup to
a single tape drive any number of computers that have <application>Amanda</application>
clients and a network connection to the <application>Amanda</application> server. A
common problem at sites with a number of large disks is
that the length of time required to backup to data directly to tape
exceeds the amount of time available for the task. <application>Amanda</application>
solves this problem. <application>Amanda</application> can use a <quote>holding disk</quote> to
backup several file systems at the same time. <application>Amanda</application> creates
<quote>archive sets</quote>: a group of tapes used over a period of time to
create full backups of all the file systems listed in <application>Amanda</application>'s
configuration file. The <quote>archive set</quote> also contains nightly
incremental (or differential) backups of all the file systems.
Restoring a damaged file system requires the most recent full
backup and the incremental backups.</para>
<para>The configuration file provides fine control of backups and the
network traffic that <application>Amanda</application> generates. <application>Amanda</application> will use any of the
above backup programs to write the data to tape. <application>Amanda</application> is available
as either a port or a package, it is not installed by default.</para>
</sect2>
<sect2>
<title>Do Nothing</title>
<para><quote>Do nothing</quote> is not a computer program, but it is the
most widely used backup strategy. There are no initial costs. There
is no backup schedule to follow. Just say no. If something happens
to your data, grin and bear it!</para>
<para>If your time and your data is worth little to nothing, then
<quote>Do nothing</quote> is the most suitable backup program for your
computer. But beware, &unix; is a useful tool, you may find that within
six months you have a collection of files that are valuable to
you.</para>
<para><quote>Do nothing</quote> is the correct backup method for
<filename>/usr/obj</filename> and other directory trees that can be
exactly recreated by your computer. An example is the files that
comprise the HTML or &postscript; version of this Handbook.
These document formats have been created from SGML input
files. Creating backups of the HTML or &postscript; files is
not necessary. The SGML files are backed up regularly.</para>
</sect2>
<sect2>
<title>Which Backup Program Is Best?</title>
<indexterm>
<primary>LISA</primary>
</indexterm>
<para>&man.dump.8; <emphasis>Period.</emphasis> Elizabeth D. Zwicky
torture tested all the backup programs discussed here. The clear
choice for preserving all your data and all the peculiarities of &unix;
file systems is <command>dump</command>. Elizabeth created file systems containing
a large variety of unusual conditions (and some not so unusual ones)
and tested each program by doing a backup and restore of those
file systems. The peculiarities included: files with holes, files with
holes and a block of nulls, files with funny characters in their
names, unreadable and unwritable files, devices, files that change
size during the backup, files that are created/deleted during the
backup and more. She presented the results at LISA V in Oct. 1991.
See <ulink
url="http://www.coredumps.de/doc/dump/zwicky/testdump.doc.html ">torture-testing
Backup and Archive Programs</ulink>.</para>
</sect2>
<sect2>
<title>Emergency Restore Procedure</title>
<sect3>
<title>Before the Disaster</title>
<para>There are only four steps that you need to perform in
preparation for any disaster that may occur.</para>
<indexterm>
<primary><command>bsdlabel</command></primary>
</indexterm>
<para>First, print the bsdlabel from each of your disks
(e.g. <command>bsdlabel da0 | lpr</command>), your file system table
(<filename>/etc/fstab</filename>) and all boot messages,
two copies of
each.</para>
<indexterm><primary>livefs CD</primary></indexterm>
<para>Second, burn a <quote>livefs</quote> CDROM. This CDROM
contains support for booting into a &os;
<quote>livefs</quote> rescue mode allowing the user to
perform many tasks like running &man.dump.8;,
&man.restore.8;, &man.fdisk.8;, &man.bsdlabel.8;,
&man.newfs.8;, &man.mount.8;, and more. Livefs CD image for
&os;/&arch.i386;&nbsp;&rel.current;-RELEASE is available
from <ulink
url="ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/&arch.i386;/ISO-IMAGES/&rel.current;/&os;-&rel.current;-RELEASE-&arch.i386;-livefs.iso"></ulink>.</para>
<para>Third, create backup tapes regularly. Any changes that you make
after your last backup may be irretrievably lost. Write-protect the
backup tapes.</para>
<para>Fourth, test the <quote>livefs</quote> CDROM
you made in step two and backup tapes. Make notes of the
procedure. Store these notes with the CDROM, the
printouts and the backup tapes. You will be so distraught when
restoring that the notes may prevent you from destroying your backup
tapes (How? In place of <command>tar xvf /dev/sa0</command>, you
might accidentally type <command>tar cvf /dev/sa0</command> and
over-write your backup tape).</para>
<para>For an added measure of security, make <quote>livefs</quote> CDROM and two
backup tapes each time. Store one of each at a remote location. A
remote location is NOT the basement of the same office building. A
number of firms in the World Trade Center learned this lesson the
hard way. A remote location should be physically separated from
your computers and disk drives by a significant distance.</para>
</sect3>
<sect3>
<title>After the Disaster</title>
<para>The key question is: did your hardware survive? You have been
doing regular backups so there is no need to worry about the
software.</para>
<para>If the hardware has been damaged, the parts should be replaced
before attempting to use the computer.</para>
<para>If your hardware is okay, insert the
<quote>livefs</quote> CDROM in the CDROM drive and
boot the computer. The original install menu will be displayed on
the screen. Select the correct country, then choose
<guimenuitem>Fixit -- Repair mode with CDROM/DVD/floppy or
start a shell.</guimenuitem> option and select the
<guimenuitem>CDROM/DVD -- Use the live filesystem
CDROM/DVD</guimenuitem> item. The tool
<command>restore</command> and the other programs that you need are
located in <filename class="directory">/mnt2/rescue</filename>.</para>
<para>Recover each file system separately.</para>
<indexterm>
<primary><command>mount</command></primary>
</indexterm>
<indexterm><primary>root partition</primary></indexterm>
<indexterm>
<primary><command>bsdlabel</command></primary>
</indexterm>
<indexterm>
<primary><command>newfs</command></primary>
</indexterm>
<para>Try to <command>mount</command> (e.g. <command>mount /dev/da0a
/mnt</command>) the root partition of your first disk. If the
bsdlabel was damaged, use <command>bsdlabel</command> to re-partition and
label the disk to match the label that you printed and saved. Use
<command>newfs</command> to re-create the file systems. Re-mount the root
partition of the disk read-write (<command>mount -u -o rw
/mnt</command>). Use your backup program and backup tapes to
recover the data for this file system (e.g. <command>restore vrf
/dev/sa0</command>). Unmount the file system (e.g. <command>umount
/mnt</command>). Repeat for each file system that was
damaged.</para>
<para>Once your system is running, backup your data onto new tapes.
Whatever caused the crash or data loss may strike again. Another
hour spent now may save you from further distress later.</para>
</sect3>
<![ %not.published; [
<sect3>
<title>* I Did Not Prepare for the Disaster, What Now?</title>
<para></para>
</sect3>
]]>
</sect2>
</sect1>
<sect1 id="disks-virtual">
<sect1info>
<authorgroup>
<author>
<firstname>Marc</firstname>
<surname>Fonvieille</surname>
<contrib>Reorganized and enhanced by </contrib>
</author>
</authorgroup>
</sect1info>
<title>Network, Memory, and File-Backed File Systems</title>
<indexterm><primary>virtual disks</primary></indexterm>
<indexterm>
<primary>disks</primary>
<secondary>virtual</secondary>
</indexterm>
<para>Aside from the disks you physically insert into your computer:
floppies, CDs, hard drives, and so forth; other forms of disks
are understood by FreeBSD - the <firstterm>virtual
disks</firstterm>.</para>
<indexterm><primary>NFS</primary></indexterm>
<indexterm><primary>Coda</primary></indexterm>
<indexterm>
<primary>disks</primary>
<secondary>memory</secondary>
</indexterm>
<para>These include network file systems such as the <link
linkend="network-nfs">Network File System</link> and Coda, memory-based
file systems and
file-backed file systems.</para>
<para>According to the FreeBSD version you run, you will have to use
different tools for creation and use of file-backed and
memory-based file systems.</para>
<note>
<para>Use &man.devfs.5; to allocate device nodes transparently for the
user.</para>
</note>
<sect2 id="disks-mdconfig">
<title>File-Backed File System</title>
<indexterm>
<primary>disks</primary>
<secondary>file-backed</secondary>
</indexterm>
<para>The utility &man.mdconfig.8; is used to configure and enable
memory disks, &man.md.4;, under FreeBSD. To use
&man.mdconfig.8;, you have to load &man.md.4; module or to add
the support in your kernel configuration file:</para>
<programlisting>device md</programlisting>
<para>The &man.mdconfig.8; command supports three kinds of
memory backed virtual disks: memory disks allocated with
&man.malloc.9;, memory disks using a file or swap space as
backing. One possible use is the mounting of floppy
or CD images kept in files.</para>
<para>To mount an existing file system image:</para>
<example>
<title>Using <command>mdconfig</command> to Mount an Existing File System
Image</title>
<screen>&prompt.root; <userinput>mdconfig -a -t vnode -f <replaceable>diskimage</replaceable> -u <replaceable>0</replaceable></userinput>
&prompt.root; <userinput>mount /dev/md<replaceable>0</replaceable> <replaceable>/mnt</replaceable></userinput></screen>
</example>
<para>To create a new file system image with &man.mdconfig.8;:</para>
<example>
<title>Creating a New File-Backed Disk with <command>mdconfig</command></title>
<screen>&prompt.root; <userinput>dd if=/dev/zero of=<replaceable>newimage</replaceable> bs=1k count=<replaceable>5</replaceable>k</userinput>
5120+0 records in
5120+0 records out
&prompt.root; <userinput>mdconfig -a -t vnode -f <replaceable>newimage</replaceable> -u <replaceable>0</replaceable></userinput>
&prompt.root; <userinput>bsdlabel -w md<replaceable>0</replaceable> auto</userinput>
&prompt.root; <userinput>newfs md<replaceable>0</replaceable>a</userinput>
/dev/md0a: 5.0MB (10224 sectors) block size 16384, fragment size 2048
using 4 cylinder groups of 1.25MB, 80 blks, 192 inodes.
super-block backups (for fsck -b #) at:
160, 2720, 5280, 7840
&prompt.root; <userinput>mount /dev/md<replaceable>0</replaceable>a <replaceable>/mnt</replaceable></userinput>
&prompt.root; <userinput>df <replaceable>/mnt</replaceable></userinput>
Filesystem 1K-blocks Used Avail Capacity Mounted on
/dev/md0a 4710 4 4330 0% /mnt</screen>
</example>
<para>If you do not specify the unit number with the
<option>-u</option> option, &man.mdconfig.8; will use the
&man.md.4; automatic allocation to select an unused device.
The name of the allocated unit will be output on stdout like
<devicename>md4</devicename>. For more details about
&man.mdconfig.8;, please refer to the manual page.</para>
<para>The utility &man.mdconfig.8; is very useful, however it
asks many command lines to create a file-backed file system.
FreeBSD also comes with a tool called &man.mdmfs.8;,
this program configures a &man.md.4; disk using
&man.mdconfig.8;, puts a UFS file system on it using
&man.newfs.8;, and mounts it using &man.mount.8;. For example,
if you want to create and mount the same file system image as
above, simply type the following:</para>
<example>
<title>Configure and Mount a File-Backed Disk with <command>mdmfs</command></title>
<screen>&prompt.root; <userinput>dd if=/dev/zero of=<replaceable>newimage</replaceable> bs=1k count=<replaceable>5</replaceable>k</userinput>
5120+0 records in
5120+0 records out
&prompt.root; <userinput>mdmfs -F <replaceable>newimage</replaceable> -s <replaceable>5</replaceable>m md<replaceable>0</replaceable> <replaceable>/mnt</replaceable></userinput>
&prompt.root; <userinput>df <replaceable>/mnt</replaceable></userinput>
Filesystem 1K-blocks Used Avail Capacity Mounted on
/dev/md0 4718 4 4338 0% /mnt</screen>
</example>
<para>If you use the option <option>md</option> without unit
number, &man.mdmfs.8; will use &man.md.4; auto-unit feature to
automatically select an unused device. For more details
about &man.mdmfs.8;, please refer to the manual page.</para>
</sect2>
<sect2 id="disks-md-freebsd5">
<title>Memory-Based File System</title>
<indexterm>
<primary>disks</primary>
<secondary>memory file system</secondary>
</indexterm>
<para>For a
memory-based file system the <quote>swap backing</quote>
should normally be used. Using swap backing does not mean
that the memory disk will be swapped out to disk by default,
but merely that the memory disk will be allocated from a
memory pool which can be swapped out to disk if needed. It is
also possible to create memory-based disk which are
&man.malloc.9; backed, but using malloc backed memory disks,
especially large ones, can result in a system panic if the
kernel runs out of memory.</para>
<example>
<title>Creating a New Memory-Based Disk with
<command>mdconfig</command></title>
<screen>&prompt.root; <userinput>mdconfig -a -t swap -s <replaceable>5</replaceable>m -u <replaceable>1</replaceable></userinput>
&prompt.root; <userinput>newfs -U md<replaceable>1</replaceable></userinput>
/dev/md1: 5.0MB (10240 sectors) block size 16384, fragment size 2048
using 4 cylinder groups of 1.27MB, 81 blks, 192 inodes.
with soft updates
super-block backups (for fsck -b #) at:
160, 2752, 5344, 7936
&prompt.root; <userinput>mount /dev/md<replaceable>1</replaceable> <replaceable>/mnt</replaceable></userinput>
&prompt.root; <userinput>df <replaceable>/mnt</replaceable></userinput>
Filesystem 1K-blocks Used Avail Capacity Mounted on
/dev/md1 4718 4 4338 0% /mnt</screen>
</example>
<example>
<title>Creating a New Memory-Based Disk with
<command>mdmfs</command></title>
<screen>&prompt.root; <userinput>mdmfs -s <replaceable>5</replaceable>m md<replaceable>2</replaceable> <replaceable>/mnt</replaceable></userinput>
&prompt.root; <userinput>df <replaceable>/mnt</replaceable></userinput>
Filesystem 1K-blocks Used Avail Capacity Mounted on
/dev/md2 4846 2 4458 0% /mnt</screen>
</example>
</sect2>
<sect2>
<title>Detaching a Memory Disk from the System</title>
<indexterm>
<primary>disks</primary>
<secondary>detaching a memory disk</secondary>
</indexterm>
<para>When a memory-based or file-based file system
is not used, you should release all resources to the system.
The first thing to do is to unmount the file system, then use
&man.mdconfig.8; to detach the disk from the system and release
the resources.</para>
<para>For example to detach and free all resources used by
<filename>/dev/md4</filename>:</para>
<screen>&prompt.root; <userinput>mdconfig -d -u <replaceable>4</replaceable></userinput></screen>
<para>It is possible to list information about configured
&man.md.4; devices in using the command <command>mdconfig
-l</command>.</para>
</sect2>
</sect1>
<sect1 id="snapshots">
<sect1info>
<authorgroup>
<author>
<firstname>Tom</firstname>
<surname>Rhodes</surname>
<contrib>Contributed by </contrib>
</author>
</authorgroup>
<!-- 15 JUL 2002 -->
</sect1info>
<title>File System Snapshots</title>
<indexterm>
<primary>file systems</primary>
<secondary>snapshots</secondary>
</indexterm>
<para>FreeBSD offers a feature in conjunction with
<link linkend="soft-updates">Soft Updates</link>: File system snapshots.</para>
<para>Snapshots allow a user to create images of specified file
systems, and treat them as a file.
Snapshot files must be created in the file system that the
action is performed on, and a user may create no more than 20
snapshots per file system. Active snapshots are recorded
in the superblock so they are persistent across unmount and
remount operations along with system reboots. When a snapshot
is no longer required, it can be removed with the standard &man.rm.1;
command. Snapshots may be removed in any order,
however all the used space may not be acquired because another snapshot will
possibly claim some of the released blocks.</para>
<para>The un-alterable <option>snapshot</option> file flag is set
by &man.mksnap.ffs.8; after initial creation of a snapshot file.
The &man.unlink.1; command makes an exception for snapshot files
since it allows them to be removed.</para>
<para>Snapshots are created with the &man.mount.8; command. To place
a snapshot of <filename>/var</filename> in the file
<filename>/var/snapshot/snap</filename> use the following
command:</para>
<screen>&prompt.root; <userinput>mount -u -o snapshot /var/snapshot/snap /var</userinput></screen>
<para>Alternatively, you can use &man.mksnap.ffs.8; to create
a snapshot:</para>
<screen>&prompt.root; <userinput>mksnap_ffs /var /var/snapshot/snap</userinput></screen>
<para>One can find snapshot files on a file system (e.g. <filename>/var</filename>)
by using the &man.find.1; command:</para>
<screen>&prompt.root; <userinput>find /var -flags snapshot</userinput></screen>
<para>Once a snapshot has been created, it has several
uses:</para>
<itemizedlist>
<listitem>
<para>Some administrators will use a snapshot file for backup purposes,
because the snapshot can be transfered to CDs or tape.</para>
</listitem>
<listitem>
<para>The file system integrity checker, &man.fsck.8;, may be run on the snapshot.
Assuming that the file system was clean when it was mounted, you
should always get a clean (and unchanging) result.
This is essentially what the
background &man.fsck.8; process does.</para>
</listitem>
<listitem>
<para>Run the &man.dump.8; utility on the snapshot.
A dump will be returned that is consistent with the
file system and the timestamp of the snapshot. &man.dump.8;
can also take a snapshot, create a dump image and then
remove the snapshot in one command using the
<option>-L</option> flag.</para>
</listitem>
<listitem>
<para>&man.mount.8; the snapshot as a frozen image of the file system.
To &man.mount.8; the snapshot
<filename>/var/snapshot/snap</filename> run:</para>
<screen>&prompt.root; <userinput>mdconfig -a -t vnode -f /var/snapshot/snap -u 4</userinput>
&prompt.root; <userinput>mount -r /dev/md4 /mnt</userinput></screen>
</listitem>
</itemizedlist>
<para>You can now walk the hierarchy of your frozen <filename>/var</filename>
file system mounted at <filename>/mnt</filename>. Everything will
initially be in the same state it was during the snapshot creation time.
The only exception is that any earlier snapshots will appear
as zero length files. When the use of a snapshot has delimited,
it can be unmounted with:</para>
<screen>&prompt.root; <userinput>umount /mnt</userinput>
&prompt.root; <userinput>mdconfig -d -u 4</userinput></screen>
<para>For more information about <option>softupdates</option> and
file system snapshots, including technical papers, you can visit
Marshall Kirk McKusick's website at
<ulink url="http://www.mckusick.com/"></ulink>.</para>
</sect1>
<sect1 id="quotas">
<title>File System Quotas</title>
<indexterm>
<primary>accounting</primary>
<secondary>disk space</secondary>
</indexterm>
<indexterm><primary>disk quotas</primary></indexterm>
<para>Quotas are an optional feature of the operating system that
allow you to limit the amount of disk space and/or the number of
files a user or members of a group may allocate on a per-file
system basis. This is used most often on timesharing systems where
it is desirable to limit the amount of resources any one user or
group of users may allocate. This will prevent one user or group
of users from consuming all of the available disk space.</para>
<sect2>
<title>Configuring Your System to Enable Disk Quotas</title>
<para>Before attempting to use disk quotas, it is necessary to make
sure that quotas are configured in your kernel. This is done by
adding the following line to your kernel configuration
file:</para>
<programlisting>options QUOTA</programlisting>
<para>The stock <filename>GENERIC</filename> kernel does not have
this enabled by default, so you will have to configure, build and
install a custom kernel in order to use disk quotas. Please refer
to <xref linkend="kernelconfig"> for more information on kernel
configuration.</para>
<para>Next you will need to enable disk quotas in
<filename>/etc/rc.conf</filename>. This is done by adding the
line:</para>
<programlisting>enable_quotas="YES"</programlisting>
<indexterm>
<primary>disk quotas</primary>
<secondary>checking</secondary>
</indexterm>
<para>For finer control over your quota startup, there is an
additional configuration variable available. Normally on bootup,
the quota integrity of each file system is checked by the
&man.quotacheck.8; program. The
&man.quotacheck.8; facility insures that the data in
the quota database properly reflects the data on the file system.
This is a very time consuming process that will significantly
affect the time your system takes to boot. If you would like to
skip this step, a variable in <filename>/etc/rc.conf</filename>
is made available for the purpose:</para>
<programlisting>check_quotas="NO"</programlisting>
<para>Finally you will need to edit <filename>/etc/fstab</filename>
to enable disk quotas on a per-file system basis. This is where
you can either enable user or group quotas or both for all of your
file systems.</para>
<para>To enable per-user quotas on a file system, add the
<option>userquota</option> option to the options field in the
<filename>/etc/fstab</filename> entry for the file system you want
to enable quotas on. For example:</para>
<programlisting>/dev/da1s2g /home ufs rw,userquota 1 2</programlisting>
<para>Similarly, to enable group quotas, use the
<option>groupquota</option> option instead of
<option>userquota</option>. To enable both user and
group quotas, change the entry as follows:</para>
<programlisting>/dev/da1s2g /home ufs rw,userquota,groupquota 1 2</programlisting>
<para>By default, the quota files are stored in the root directory of
the file system with the names <filename>quota.user</filename> and
<filename>quota.group</filename> for user and group quotas
respectively. See &man.fstab.5; for more
information. Even though the &man.fstab.5; manual page says that
you can specify
an alternate location for the quota files, this is not recommended
because the various quota utilities do not seem to handle this
properly.</para>
<para>At this point you should reboot your system with your new
kernel. <filename>/etc/rc</filename> will automatically run the
appropriate commands to create the initial quota files for all of
the quotas you enabled in <filename>/etc/fstab</filename>, so
there is no need to manually create any zero length quota
files.</para>
<para>In the normal course of operations you should not be required
to run the &man.quotacheck.8;,
&man.quotaon.8;, or &man.quotaoff.8;
commands manually. However, you may want to read their manual pages
just to be familiar with their operation.</para>
</sect2>
<sect2>
<title>Setting Quota Limits</title>
<indexterm>
<primary>disk quotas</primary>
<secondary>limits</secondary>
</indexterm>
<para>Once you have configured your system to enable quotas, verify
that they really are enabled. An easy way to do this is to
run:</para>
<screen>&prompt.root; <userinput>quota -v</userinput></screen>
<para>You should see a one line summary of disk usage and current
quota limits for each file system that quotas are enabled
on.</para>
<para>You are now ready to start assigning quota limits with the
&man.edquota.8; command.</para>
<para>You have several options on how to enforce limits on the
amount of disk space a user or group may allocate, and how many
files they may create. You may limit allocations based on disk
space (block quotas) or number of files (inode quotas) or a
combination of both. Each of these limits are further broken down
into two categories: hard and soft limits.</para>
<indexterm><primary>hard limit</primary></indexterm>
<para>A hard limit may not be exceeded. Once a user reaches his
hard limit he may not make any further allocations on the file
system in question. For example, if the user has a hard limit of
500 kbytes on a file system and is currently using 490 kbytes, the
user can only allocate an additional 10 kbytes. Attempting to
allocate an additional 11 kbytes will fail.</para>
<indexterm><primary>soft limit</primary></indexterm>
<para>Soft limits, on the other hand, can be exceeded for a limited
amount of time. This period of time is known as the grace period,
which is one week by default. If a user stays over his or her
soft limit longer than the grace period, the soft limit will
turn into a hard limit and no further allocations will be allowed.
When the user drops back below the soft limit, the grace period
will be reset.</para>
<para>The following is an example of what you might see when you run
the &man.edquota.8; command. When the
&man.edquota.8; command is invoked, you are placed into
the editor specified by the <envar>EDITOR</envar> environment
variable, or in the <application>vi</application> editor if the
<envar>EDITOR</envar> variable is not set, to allow you to edit
the quota limits.</para>
<screen>&prompt.root; <userinput>edquota -u test</userinput></screen>
<programlisting>Quotas for user test:
/usr: kbytes in use: 65, limits (soft = 50, hard = 75)
inodes in use: 7, limits (soft = 50, hard = 60)
/usr/var: kbytes in use: 0, limits (soft = 50, hard = 75)
inodes in use: 0, limits (soft = 50, hard = 60)</programlisting>
<para>You will normally see two lines for each file system that has
quotas enabled. One line for the block limits, and one line for
inode limits. Simply change the value you want updated to modify
the quota limit. For example, to raise this user's block limit
from a soft limit of 50 and a hard limit of 75 to a soft limit of
500 and a hard limit of 600, change:</para>
<programlisting>/usr: kbytes in use: 65, limits (soft = 50, hard = 75)</programlisting>
<para>to:</para>
<programlisting>/usr: kbytes in use: 65, limits (soft = 500, hard = 600)</programlisting>
<para>The new quota limits will be in place when you exit the
editor.</para>
<para>Sometimes it is desirable to set quota limits on a range of
UIDs. This can be done by use of the <option>-p</option> option
on the &man.edquota.8; command. First, assign the
desired quota limit to a user, and then run
<command>edquota -p protouser startuid-enduid</command>. For
example, if user <username>test</username> has the desired quota
limits, the following command can be used to duplicate those quota
limits for UIDs 10,000 through 19,999:</para>
<screen>&prompt.root; <userinput>edquota -p test 10000-19999</userinput></screen>
<para>For more information see &man.edquota.8; manual page.</para>
</sect2>
<sect2>
<title>Checking Quota Limits and Disk Usage</title>
<indexterm>
<primary>disk quotas</primary>
<secondary>checking</secondary>
</indexterm>
<para>You can use either the &man.quota.1; or the
&man.repquota.8; commands to check quota limits and
disk usage. The &man.quota.1; command can be used to
check individual user or group quotas and disk usage. A user
may only examine his own quota, and the quota of a group he
is a member of. Only the super-user may view all user and group
quotas. The
&man.repquota.8; command can be used to get a summary
of all quotas and disk usage for file systems with quotas
enabled.</para>
<para>The following is some sample output from the
<command>quota -v</command> command for a user that has quota
limits on two file systems.</para>
<programlisting>Disk quotas for user test (uid 1002):
Filesystem usage quota limit grace files quota limit grace
/usr 65* 50 75 5days 7 50 60
/usr/var 0 50 75 0 50 60</programlisting>
<indexterm><primary>grace period</primary></indexterm>
<para>On the <filename>/usr</filename> file system in the above
example, this user is currently 15 kbytes over the soft limit of
50 kbytes and has 5 days of the grace period left. Note the
asterisk <literal>*</literal> which indicates that the user is
currently over his quota limit.</para>
<para>Normally file systems that the user is not using any disk
space on will not show up in the output from the
&man.quota.1; command, even if he has a quota limit
assigned for that file system. The <option>-v</option> option
will display those file systems, such as the
<filename>/usr/var</filename> file system in the above
example.</para>
</sect2>
<sect2>
<title>Quotas over NFS</title>
<indexterm><primary>NFS</primary></indexterm>
<para>Quotas are enforced by the quota subsystem on the NFS server.
The &man.rpc.rquotad.8; daemon makes quota information available
to the &man.quota.1; command on NFS clients, allowing users on
those machines to see their quota statistics.</para>
<para>Enable <command>rpc.rquotad</command> in
<filename>/etc/inetd.conf</filename> like so:</para>
<programlisting>rquotad/1 dgram rpc/udp wait root /usr/libexec/rpc.rquotad rpc.rquotad</programlisting>
<para>Now restart <command>inetd</command>:</para>
<screen>&prompt.root; <userinput>/etc/rc.d/inetd restart</userinput></screen>
</sect2>
</sect1>
<sect1 id="disks-encrypting">
<sect1info>
<authorgroup>
<author>
<firstname>Lucky</firstname>
<surname>Green</surname>
<contrib>Contributed by </contrib>
<affiliation>
<address><email>shamrock@cypherpunks.to</email></address>
</affiliation>
</author>
</authorgroup>
<!-- 11 MARCH 2003 -->
</sect1info>
<title>Encrypting Disk Partitions</title>
<indexterm>
<primary>disks</primary>
<secondary>encrypting</secondary></indexterm>
<para>FreeBSD offers excellent online protections against
unauthorized data access. File permissions and Mandatory
Access Control (MAC) (see <xref linkend="mac">) help prevent
unauthorized third-parties from accessing data while the operating
system is active and the computer is powered up. However,
the permissions enforced by the operating system are irrelevant if an
attacker has physical access to a computer and can simply move
the computer's hard drive to another system to copy and analyze
the sensitive data.</para>
<para>Regardless of how an attacker may have come into possession of
a hard drive or powered-down computer, both <application>GEOM
Based Disk Encryption (gbde)</application> and
<command>geli</command> cryptographic subsystems in &os; are able
to protect the data on the computer's file systems against even
highly-motivated attackers with significant resources. Unlike
cumbersome encryption methods that encrypt only individual files,
<command>gbde</command> and <command>geli</command> transparently
encrypt entire file systems. No cleartext ever touches the hard
drive's platter.</para>
<sect2>
<title>Disk Encryption with <application>gbde</application></title>
<procedure>
<step>
<title>Become <username>root</username></title>
<para>Configuring <application>gbde</application> requires
super-user privileges.</para>
<screen>&prompt.user; <userinput>su -</userinput>
Password:</screen>
</step>
<step>
<title>Add &man.gbde.4; Support to the Kernel Configuration File</title>
<para>Add the following line to the kernel configuration
file:</para>
<para><literal>options GEOM_BDE</literal></para>
<para>Rebuild the kernel as described in <xref
linkend="kernelconfig">.</para>
<para>Reboot into the new kernel.</para>
</step>
<step>
<para>An alternative to recompiling the kernel is to use
<command>kldload</command> to load &man.gbde.4;:</para>
<screen>&prompt.root; <userinput>kldload geom_bde</userinput></screen>
</step>
</procedure>
<sect3>
<title>Preparing the Encrypted Hard Drive</title>
<para>The following example assumes that you are adding a new hard
drive to your system that will hold a single encrypted partition.
This partition will be mounted as <filename>/private</filename>.
<application>gbde</application> can also be used to encrypt
<filename>/home</filename> and <filename>/var/mail</filename>, but
this requires more complex instructions which exceed the scope of
this introduction.</para>
<procedure>
<step>
<title>Add the New Hard Drive</title>
<para>Install the new drive to the system as explained in <xref
linkend="disks-adding">. For the purposes of this example,
a new hard drive partition has been added as
<filename>/dev/ad4s1c</filename>. The
<filename>/dev/ad0s1<replaceable>*</replaceable></filename>
devices represent existing standard FreeBSD partitions on
the example system.</para>
<screen>&prompt.root; <userinput>ls /dev/ad*</userinput>
/dev/ad0 /dev/ad0s1b /dev/ad0s1e /dev/ad4s1
/dev/ad0s1 /dev/ad0s1c /dev/ad0s1f /dev/ad4s1c
/dev/ad0s1a /dev/ad0s1d /dev/ad4</screen>
</step>
<step>
<title>Create a Directory to Hold gbde Lock Files</title>
<screen>&prompt.root; <userinput>mkdir /etc/gbde</userinput></screen>
<para>The <application>gbde</application> lock file contains
information that <application>gbde</application> requires to
access encrypted partitions. Without access to the lock file,
<application>gbde</application> will not be able to decrypt
the data contained in the encrypted partition without
significant manual intervention which is not supported by the
software. Each encrypted partition uses a separate lock
file.</para>
</step>
<step>
<title>Initialize the gbde Partition</title>
<para>A <application>gbde</application> partition must be
initialized before it can be used. This initialization needs to
be performed only once:</para>
<screen>&prompt.root; <userinput>gbde init /dev/ad4s1c -i -L /etc/gbde/ad4s1c.lock</userinput></screen>
<para>&man.gbde.8; will open your editor, permitting you to set
various configuration options in a template. For use with UFS1
or UFS2, set the sector_size to 2048:</para>
<programlisting>$<!-- This is not the space you are looking
for-->FreeBSD: src/sbin/gbde/template.txt,v 1.1 2002/10/20 11:16:13 phk Exp $
#
# Sector size is the smallest unit of data which can be read or written.
# Making it too small decreases performance and decreases available space.
# Making it too large may prevent filesystems from working. 512 is the
# minimum and always safe. For UFS, use the fragment size
#
sector_size = 2048
[...]
</programlisting>
<para>&man.gbde.8; will ask you twice to type the passphrase that
should be used to secure the data. The passphrase must be the
same both times. <application>gbde</application>'s ability to
protect your data depends entirely on the quality of the
passphrase that you choose.
<footnote>
<para>For tips on how to select a secure passphrase that is easy
to remember, see the <ulink
url="http://world.std.com/~reinhold/diceware.html">Diceware
Passphrase</ulink> website.</para></footnote></para>
<para>The <command>gbde init</command> command creates a lock
file for your <application>gbde</application> partition that in
this example is stored as
<filename>/etc/gbde/ad4s1c.lock</filename>.
<application>gbde</application> lock files must end in
<quote>.lock</quote> in order to be correctly detected by
the
<filename>/etc/rc.d/gbde</filename> start up script.</para>
<caution>
<para><application>gbde</application> lock files
<emphasis>must</emphasis> be backed up together with the
contents of any encrypted partitions. While deleting a lock
file alone cannot prevent a determined attacker from
decrypting a <application>gbde</application> partition,
without the lock file, the legitimate owner will be unable
to access the data on the encrypted partition without a
significant amount of work that is totally unsupported by
&man.gbde.8; and its designer.</para>
</caution>
</step>
<step>
<title>Attach the Encrypted Partition to the Kernel</title>
<screen>&prompt.root; <userinput>gbde attach /dev/ad4s1c -l /etc/gbde/ad4s1c.lock</userinput></screen>
<para> You will be asked to provide the passphrase that you
selected during the initialization of the encrypted partition.
The new encrypted device will show up in
<filename>/dev</filename> as
<filename>/dev/device_name.bde</filename>:</para>
<screen>&prompt.root; <userinput>ls /dev/ad*</userinput>
/dev/ad0 /dev/ad0s1b /dev/ad0s1e /dev/ad4s1
/dev/ad0s1 /dev/ad0s1c /dev/ad0s1f /dev/ad4s1c
/dev/ad0s1a /dev/ad0s1d /dev/ad4 /dev/ad4s1c.bde</screen>
</step>
<step>
<title>Create a File System on the Encrypted Device</title>
<para>Once the encrypted device has been attached to the kernel,
you can create a file system on the device. To create a file
system on the encrypted device, use &man.newfs.8;. Since it is
much faster to initialize a new UFS2 file system than it is to
initialize the old UFS1 file system, using &man.newfs.8; with
the <option>-O2</option> option is recommended.</para>
<screen>&prompt.root; <userinput>newfs -U -O2 /dev/ad4s1c.bde</userinput></screen>
<note>
<para>The &man.newfs.8; command must be performed on an
attached <application>gbde</application> partition which
is identified by a
<filename><replaceable>*</replaceable>.bde</filename>
extension to the device name.</para>
</note>
</step>
<step>
<title>Mount the Encrypted Partition</title>
<para>Create a mount point for the encrypted file system.</para>
<screen>&prompt.root; <userinput>mkdir /private</userinput></screen>
<para>Mount the encrypted file system.</para>
<screen>&prompt.root; <userinput>mount /dev/ad4s1c.bde /private</userinput></screen>
</step>
<step>
<title>Verify That the Encrypted File System is Available</title>
<para>The encrypted file system should now be visible to
&man.df.1; and be available for use.</para>
<screen>&prompt.user; <userinput>df -H</userinput>
Filesystem Size Used Avail Capacity Mounted on
/dev/ad0s1a 1037M 72M 883M 8% /
/devfs 1.0K 1.0K 0B 100% /dev
/dev/ad0s1f 8.1G 55K 7.5G 0% /home
/dev/ad0s1e 1037M 1.1M 953M 0% /tmp
/dev/ad0s1d 6.1G 1.9G 3.7G 35% /usr
/dev/ad4s1c.bde 150G 4.1K 138G 0% /private</screen>
</step>
</procedure>
</sect3>
<sect3>
<title>Mounting Existing Encrypted File Systems</title>
<para>After each boot, any encrypted file systems must be
re-attached to the kernel, checked for errors, and mounted, before
the file systems can be used. The required commands must be
executed as user <username>root</username>.</para>
<procedure>
<step>
<title>Attach the gbde Partition to the Kernel</title>
<screen>&prompt.root; <userinput>gbde attach /dev/ad4s1c -l /etc/gbde/ad4s1c.lock</userinput></screen>
<para>You will be asked to provide the passphrase that you
selected during initialization of the encrypted
<application>gbde</application> partition.</para>
</step>
<step>
<title>Check the File System for Errors</title>
<para>Since encrypted file systems cannot yet be listed in
<filename>/etc/fstab</filename> for automatic mounting, the
file systems must be checked for errors by running &man.fsck.8;
manually before mounting.</para>
<screen>&prompt.root; <userinput>fsck -p -t ffs /dev/ad4s1c.bde</userinput></screen>
</step>
<step>
<title>Mount the Encrypted File System</title>
<screen>&prompt.root; <userinput>mount /dev/ad4s1c.bde /private</userinput></screen>
<para>The encrypted file system is now available for use.</para>
</step>
</procedure>
<sect4>
<title>Automatically Mounting Encrypted Partitions</title>
<para>It is possible to create a script to automatically attach,
check, and mount an encrypted partition, but for security reasons
the script should not contain the &man.gbde.8; password. Instead,
it is recommended that such scripts be run manually while
providing the password via the console or &man.ssh.1;.</para>
<para>As an alternative, an <filename>rc.d</filename> script is
provided. Arguments for this script can be passed via
&man.rc.conf.5;, for example:</para>
<programlisting>gbde_autoattach_all="YES"
gbde_devices="ad4s1c"
gbde_lockdir="/etc/gbde"</programlisting>
<para>This will require that the <application>gbde</application>
passphrase be entered at boot time. After typing the correct
passphrase, the <application>gbde</application> encrypted
partition will be mounted automatically. This can be very
useful when using <application>gbde</application> on
notebooks.</para>
</sect4>
</sect3>
<sect3>
<title>Cryptographic Protections Employed by gbde</title>
<para>&man.gbde.8; encrypts the sector payload using 128-bit AES in
CBC mode. Each sector on the disk is encrypted with a different
AES key. For more information on <application>gbde</application>'s
cryptographic design, including how the sector keys are derived
from the user-supplied passphrase, see &man.gbde.4;.</para>
</sect3>
<sect3>
<title>Compatibility Issues</title>
<para>&man.sysinstall.8; is incompatible with
<application>gbde</application>-encrypted devices. All
<devicename><replaceable>*</replaceable>.bde</devicename> devices must be detached from the
kernel before starting &man.sysinstall.8; or it will crash during
its initial probing for devices. To detach the encrypted device
used in our example, use the following command:</para>
<screen>&prompt.root; <userinput>gbde detach /dev/ad4s1c</userinput></screen>
<para>Also note that, as &man.vinum.4; does not use the
&man.geom.4; subsystem, you cannot use
<application>gbde</application> with
<application>vinum</application> volumes.</para>
</sect3>
</sect2>
<sect2>
<sect2info>
<authorgroup>
<author>
<firstname>Daniel</firstname>
<surname>Gerzo</surname>
<contrib>Contributed by </contrib>
</author>
</authorgroup>
<!-- Date of writing: 28 November 2005 -->
</sect2info>
<title>Disk Encryption with <command>geli</command></title>
<para>An alternative cryptographic GEOM class is available -
<command>geli</command>. It is currently being developed by
&a.pjd;. The <command>geli</command> utility is different to
<command>gbde</command>; it offers different features and uses
a different scheme for doing cryptographic work.</para>
<para>The most important features of &man.geli.8; are:</para>
<itemizedlist>
<listitem>
<para>Utilizes the &man.crypto.9; framework &mdash; when
cryptographic hardware is available, <command>geli</command>
will use it automatically.</para>
</listitem>
<listitem>
<para>Supports multiple cryptographic algorithms (currently
AES, Blowfish, and 3DES).</para>
</listitem>
<listitem>
<para>Allows the root partition to be encrypted. The
passphrase used to access the encrypted root partition will
be requested during the system boot.</para>
</listitem>
<listitem>
<para>Allows the use of two independent keys (e.g. a
<quote>key</quote> and a <quote>company key</quote>).</para>
</listitem>
<listitem>
<para><command>geli</command> is fast - performs simple
sector-to-sector encryption.</para>
</listitem>
<listitem>
<para>Allows backup and restore of Master Keys. When a user
has to destroy his keys, it will be possible to get access
to the data again by restoring keys from the backup.</para>
</listitem>
<listitem>
<para>Allows to attach a disk with a random, one-time key
&mdash; useful for swap partitions and temporary file
systems.</para>
</listitem>
</itemizedlist>
<para>More <command>geli</command> features can be found in the
&man.geli.8; manual page.</para>
<para>The next steps will describe how to enable support for
<command>geli</command> in the &os; kernel and will explain how
to create and use a <command>geli</command> encryption provider.</para>
<para>
Super-user privileges will be
required since modifications to the kernel are necessary.</para>
<procedure>
<step>
<title>Adding <command>geli</command> Support to the Kernel</title>
<para>Add the following lines to the kernel configuration
file:</para>
<programlisting>options GEOM_ELI
device crypto</programlisting>
<para>Rebuild the kernel as described in <xref
linkend="kernelconfig">.</para>
<para>Alternatively, the <command>geli</command> module can
be loaded at boot time. Add the following line to the
<filename>/boot/loader.conf</filename>:</para>
<programlisting>geom_eli_load="YES"</programlisting>
<para>&man.geli.8; should now be supported by the kernel.</para>
</step>
<step>
<title>Generating the Master Key</title>
<para>The following example will describe how to generate a
key file, which will be used as part of the Master Key for
the encrypted provider mounted under
<filename class="directory">/private</filename>. The key
file will provide some random data used to encrypt the
Master Key. The Master Key will be protected by a
passphrase as well. Provider's sector size will be 4kB big.
Furthermore, the discussion will describe how to attach the
<command>geli</command> provider, create a file system on
it, how to mount it, how to work with it, and finally how to
detach it.</para>
<para>It is recommended to use a bigger sector size (like 4kB) for
better performance.</para>
<para>The Master Key will be protected with a passphrase and
the data source for key file will be
<filename>/dev/random</filename>. The sector size of
<filename>/dev/da2.eli</filename>, which we call provider,
will be 4kB.</para>
<screen>&prompt.root; <userinput>dd if=/dev/random of=/root/da2.key bs=64 count=1</userinput>
&prompt.root; <userinput>geli init -s 4096 -K /root/da2.key /dev/da2</userinput>
Enter new passphrase:
Reenter new passphrase:</screen>
<para>It is not mandatory that both a passphrase and a key
file are used; either method of securing the Master Key can
be used in isolation.</para>
<para>If key file is given as <quote>-</quote>, standard
input will be used. This example shows how more than one
key file can be used.</para>
<screen>&prompt.root; <userinput>cat keyfile1 keyfile2 keyfile3 | geli init -K - /dev/da2</userinput></screen>
</step>
<step>
<title>Attaching the Provider with the generated Key</title>
<screen>&prompt.root; <userinput>geli attach -k /root/da2.key /dev/da2</userinput>
Enter passphrase:</screen>
<para>The new plaintext device will be named
<filename>/dev/<replaceable>da2</replaceable>.eli</filename>.</para>
<screen>&prompt.root; <userinput>ls /dev/da2*</userinput>
/dev/da2 /dev/da2.eli</screen>
</step>
<step>
<title>Creating the new File System</title>
<screen>&prompt.root; <userinput>dd if=/dev/random of=/dev/da2.eli bs=1m</userinput>
&prompt.root; <userinput>newfs /dev/da2.eli</userinput>
&prompt.root; <userinput>mount /dev/da2.eli /private</userinput></screen>
<para>The encrypted file system should be visible to &man.df.1;
and be available for use now:</para>
<screen>&prompt.root; <userinput>df -H</userinput>
Filesystem Size Used Avail Capacity Mounted on
/dev/ad0s1a 248M 89M 139M 38% /
/devfs 1.0K 1.0K 0B 100% /dev
/dev/ad0s1f 7.7G 2.3G 4.9G 32% /usr
/dev/ad0s1d 989M 1.5M 909M 0% /tmp
/dev/ad0s1e 3.9G 1.3G 2.3G 35% /var
/dev/da2.eli 150G 4.1K 138G 0% /private</screen>
</step>
<step>
<title>Unmounting and Detaching the Provider</title>
<para>Once the work on the encrypted partition is done, and
the <filename class="directory">/private</filename> partition
is no longer needed, it is prudent to consider unmounting
and detaching the <command>geli</command> encrypted
partition from the kernel.</para>
<screen>&prompt.root; <userinput>umount /private</userinput>
&prompt.root; <userinput>geli detach da2.eli</userinput></screen>
</step>
</procedure>
<para>More information about the use of &man.geli.8; can be
found in the manual page.</para>
<sect3>
<title>Using the <filename>geli</filename> <filename>rc.d</filename> Script</title>
<para><command>geli</command> comes with a <filename>rc.d</filename> script which
can be used to simplify the usage of <command>geli</command>.
An example of configuring <command>geli</command> through
&man.rc.conf.5; follows:</para>
<programlisting>geli_devices="da2"
geli_da2_flags="-p -k /root/da2.key"</programlisting>
<para>This will configure <filename>/dev/da2</filename> as a
<command>geli</command> provider of which the Master Key file
is located in <filename>/root/da2.key</filename>, and
<command>geli</command> will not use a passphrase when
attaching the provider (note that this can only be used if <option>-P</option>
was given during the <literal>geli init</literal> phase). The
system will detach the <command>geli</command> provider from
the kernel before the system shuts down.</para>
<para>More information about configuring <filename>rc.d</filename> is provided in the
<link linkend="configtuning-rcd">rc.d</link> section of the
Handbook.</para>
</sect3>
</sect2>
</sect1>
<sect1 id="swap-encrypting">
<sect1info>
<authorgroup>
<author>
<firstname>Christian</firstname>
<surname>Br&uuml;ffer</surname>
<contrib>Written by </contrib>
</author>
</authorgroup>
</sect1info>
<title>Encrypting Swap Space</title>
<indexterm>
<primary>swap</primary>
<secondary>encrypting</secondary>
</indexterm>
<para>Swap encryption in &os; is easy to configure
. Depending on which version
of &os; is being used, different options are available
and configuration can vary slightly.
The &man.gbde.8; or &man.geli.8; encryption systems can be used
for swap encryption.
Both systems use the <filename>encswap</filename>
<link linkend="configtuning-rcd">rc.d</link> script.</para>
<para>The previous section, <link linkend="disks-encrypting">Encrypting
Disk Partitions</link>, includes a short discussion on the different
encryption systems.</para>
<sect2>
<title>Why should Swap be Encrypted?</title>
<para>Like the encryption of disk partitions, encryption of swap space
is done to protect sensitive information. Imagine an application
that e.g. deals with passwords. As long as these passwords stay in
physical memory, all is well. However, if the operating system starts
swapping out memory pages to free space for other applications, the
passwords may be written to the disk platters unencrypted and easy to
retrieve for an adversary. Encrypting swap space can be a solution for
this scenario.</para>
</sect2>
<sect2>
<title>Preparation</title>
<note>
<para>For the remainder of this section, <devicename>ad0s1b</devicename>
will be the swap partition.</para>
</note>
<para>Up to this point the swap has been unencrypted. It is possible that
there are already passwords or other sensitive data on the disk platters
in cleartext. To rectify this, the data on the swap partition should be
overwritten with random garbage:</para>
<screen>&prompt.root; <userinput>dd if=/dev/random of=/dev/ad0s1b bs=1m</userinput></screen>
</sect2>
<sect2>
<title>Swap Encryption with &man.gbde.8;</title>
<para>The
<literal>.bde</literal> suffix should be added to the device in the
respective <filename>/etc/fstab</filename> swap line:</para>
<programlisting>
# Device Mountpoint FStype Options Dump Pass#
/dev/ad0s1b.bde none swap sw 0 0
</programlisting>
</sect2>
<sect2>
<title>Swap Encryption with &man.geli.8;</title>
<para>Alternatively, the procedure for using &man.geli.8; for swap
encryption is similar to that of using &man.gbde.8;. The
<literal>.eli</literal> suffix should be added to the device in the
respective <filename>/etc/fstab</filename> swap line:</para>
<programlisting>
# Device Mountpoint FStype Options Dump Pass#
/dev/ad0s1b.eli none swap sw 0 0
</programlisting>
<para>&man.geli.8; uses the <acronym>AES</acronym> algorithm with
a key length of 256 bit by default.</para>
<para>Optionally, these defaults can be altered using the
<literal>geli_swap_flags</literal> option in
<filename>/etc/rc.conf</filename>. The following line tells the
<filename>encswap</filename> rc.d script to create &man.geli.8; swap
partitions using the Blowfish algorithm with a key length of 128 bit,
a sectorsize of 4 kilobytes and the <quote>detach on last close</quote>
option set:</para>
<programlisting>geli_swap_flags="-e blowfish -l 128 -s 4096 -d"</programlisting>
<para>Please refer to the description of the <command>onetime</command> command
in the &man.geli.8; manual page for a list of possible options.</para>
</sect2>
<sect2>
<title>Verifying that it Works</title>
<para>Once the system has been rebooted, proper operation of the
encrypted swap can be verified using the
<command>swapinfo</command> command.</para>
<para>If &man.gbde.8; is being used:</para>
<screen>&prompt.user; <userinput>swapinfo</userinput>
Device 1K-blocks Used Avail Capacity
/dev/ad0s1b.bde 542720 0 542720 0%
</screen>
<para>If &man.geli.8; is being used:</para>
<screen>&prompt.user; <userinput>swapinfo</userinput>
Device 1K-blocks Used Avail Capacity
/dev/ad0s1b.eli 542720 0 542720 0%
</screen>
</sect2>
</sect1>
<sect1 id="disks-hast">
<sect1info>
<authorgroup>
<author>
<firstname>Daniel</firstname>
<surname>Gerzo</surname>
<contrib>Contributed by </contrib>
</author>
</authorgroup>
<authorgroup>
<author>
<firstname>Freddie</firstname>
<surname>Cash</surname>
<contrib>With inputs from </contrib>
</author>
<author>
<firstname>Pawel Jakub</firstname>
<surname>Dawidek</surname>
</author>
<author>
<firstname>Michael W.</firstname>
<surname>Lucas</surname>
</author>
<author>
<firstname>Viktor</firstname>
<surname>Petersson</surname>
</author>
</authorgroup>
<!-- Date of writing: 26 February 2011 -->
</sect1info>
<title>Highly Available Storage (HAST)</title>
<indexterm>
<primary>HAST</primary>
<secondary>high availability</secondary>
</indexterm>
<sect2>
<title>Synopsis</title>
<para>High-availability is one of the main requirements in serious
business applications and highly-available storage is a key
component in such environments. Highly Available STorage, or
<acronym>HAST<remark role="acronym">Highly Available
STorage</remark></acronym>, was developed by &a.pjd; as a
framework which allows transparent storage of the same data
across several physically separated machines connected by a
TCP/IP network. <acronym>HAST</acronym> can be understood as
a network-based RAID1 (mirror), and is similar to the
DRBD&reg; storage system known from the GNU/&linux; platform.
In combination with other high-availability features of &os;
like <acronym>CARP</acronym>, <acronym>HAST</acronym> makes it
possible to build a highly-available storage cluster that is
resistant to hardware failures.</para>
<para>After reading this section, you will know:</para>
<itemizedlist>
<listitem>
<para>What <acronym>HAST</acronym> is, how it works and
which features it provides.</para>
</listitem>
<listitem>
<para>How to set up and use <acronym>HAST</acronym> on
&os;.</para>
</listitem>
<listitem>
<para>How to integrate <acronym>CARP</acronym> and
&man.devd.8; to build a robust storage system.</para>
</listitem>
</itemizedlist>
<para>Before reading this section, you should:</para>
<itemizedlist>
<listitem>
<para>Understand &unix; and &os; basics
(<xref linkend="basics">).</para>
</listitem>
<listitem>
<para>Know how to configure network interfaces and other
core &os; subsystems (<xref
linkend="config-tuning">).</para>
</listitem>
<listitem>
<para>Have a good understanding of &os; networking
(<xref linkend="network-communication">).</para>
</listitem>
<listitem>
<para>Use &os;&nbsp;8.1-RELEASE or newer.</para>
</listitem>
</itemizedlist>
<para>The <acronym>HAST</acronym> project was sponsored by The
&os; Foundation with the support from <ulink
url="http://www.omc.net/">OMCnet Internet Service GmbH</ulink>
and <ulink url="http://www.transip.nl/">TransIP BV</ulink>.</para>
</sect2>
<sect2>
<title>HAST Features</title>
<para>The main features of the <acronym>HAST</acronym> system
are:</para>
<itemizedlist>
<listitem>
<para>Can be used to mask I/O errors on local hard
drives.</para>
</listitem>
<listitem>
<para>File system agnostic, thus allowing to use any file
system supported by &os;.</para>
</listitem>
<listitem>
<para>Efficient and quick resynchronization, synchronizing
only blocks that were modified during the downtime of a
node.</para>
</listitem>
<!--
<listitem>
<para>Has several synchronization modes to allow for fast
failover.</para>
</listitem>
-->
<listitem>
<para>Can be used in an already deployed environment to add
additional redundancy.</para>
</listitem>
<listitem>
<para>Together with <acronym>CARP</acronym>,
<application>Heartbeat</application>, or other tools, it
can be used to build a robust and durable storage
system.</para>
</listitem>
</itemizedlist>
</sect2>
<sect2>
<title>HAST Operation</title>
<para>As <acronym>HAST</acronym> provides a synchronous
block-level replication of any storage media to several
machines, it requires at least two nodes (physical machines)
&mdash; the <literal>primary</literal> (also known as
<literal>master</literal>) node, and the
<literal>secondary</literal> (<literal>slave</literal>) node.
These two machines together will be called a cluster.</para>
<note>
<para>HAST is currently limited to two cluster nodes in
total.</para>
</note>
<para>Since the <acronym>HAST</acronym> works in
primary-secondary configuration, it allows only one of the
cluster nodes to be active at any given time. The
<literal>primary</literal> node, also called
<literal>active</literal>, is the one which will handle all
the I/O requests to <acronym>HAST</acronym>-managed
devices. The <literal>secondary</literal> node is then being
automatically synchronized from the <literal>primary</literal>
node.</para>
<para>The physical components of the <acronym>HAST</acronym>
system are:</para>
<itemizedlist>
<listitem>
<para>local disk (on primary node)</para>
</listitem>
<listitem>
<para>disk on remote machine (secondary node)</para>
</listitem>
</itemizedlist>
<para><acronym>HAST</acronym> operates synchronously on a block
level, which makes it transparent for file systems and
applications. <acronym>HAST</acronym> provides regular GEOM
providers in <filename class="directory">/dev/hast/</filename>
directory for use by other tools or applications, thus there is
no difference between using <acronym>HAST</acronym>-provided
devices and raw disks, partitions, etc.</para>
<para>Each write, delete or flush operation is sent to the local
disk and to the remote disk over TCP/IP. Each read operation
is served from the local disk, unless the local disk is not
up-to-date or an I/O error occurs. In such case, the read
operation is sent to the secondary node.</para>
<sect3>
<title>Synchronization and Replication Modes</title>
<para><acronym>HAST</acronym> tries to provide fast failure
recovery. For this reason, it is very important to reduce
synchronization time after a node's outage. To provide fast
synchronization, <acronym>HAST</acronym> manages an on-disk
bitmap of dirty extents and only synchronizes those during a
regular synchronization (with an exception of the initial
sync).</para>
<para>There are many ways to handle synchronization.
<acronym>HAST</acronym> implements several replication modes
to handle different synchronization methods:</para>
<itemizedlist>
<listitem>
<para><emphasis>memsync</emphasis>: report write operation
as completed when the local write operation is finished
and when the remote node acknowledges data arrival, but
before actually storing the data. The data on the
remote node will be stored directly after sending the
acknowledgement. This mode is intended to reduce
latency, but still provides very good reliability. The
<emphasis>memsync</emphasis> replication mode is
currently not implemented.</para>
</listitem>
<listitem>
<para><emphasis>fullsync</emphasis>: report write
operation as completed when local write completes and when
remote write completes. This is the safest and the
slowest replication mode. This mode is the
default.</para>
</listitem>
<listitem>
<para><emphasis>async</emphasis>: report write operation
as completed when local write completes. This is the
fastest and the most dangerous replication mode. It
should be used when replicating to a distant node where
latency is too high for other modes. The
<emphasis>async</emphasis> replication mode is currently
not implemented.</para>
</listitem>
</itemizedlist>
<warning>
<para>Only the <emphasis>fullsync</emphasis> replication mode
is currently supported.</para>
</warning>
</sect3>
</sect2>
<sect2>
<title>HAST Configuration</title>
<para><acronym>HAST</acronym> requires
<literal>GEOM_GATE</literal> support in order to function.
The <literal>GENERIC</literal> kernel does
<emphasis>not</emphasis> include <literal>GEOM_GATE</literal>
by default, however the <filename>geom_gate.ko</filename>
loadable module is available in the default &os; installation.
For stripped-down systems, make sure this module is available.
Alternatively, it is possible to build
<acronym>GEOM_GATE</acronym> support into the kernel
statically, by adding the following line to the custom kernel
configuration file:</para>
<programlisting>options GEOM_GATE</programlisting>
<para>The <acronym>HAST</acronym> framework consists of several
parts from the operating system's point of view:</para>
<itemizedlist>
<listitem>
<para>the &man.hastd.8; daemon responsible for the data
synchronization,</para>
</listitem>
<listitem>
<para>the &man.hastctl.8; userland management utility,</para>
</listitem>
<listitem>
<para>the &man.hast.conf.5; configuration file.</para>
</listitem>
</itemizedlist>
<para>The following example describes how to configure two nodes
in <literal>master</literal>-<literal>slave</literal> /
<literal>primary</literal>-<literal>secondary</literal>
operation using <acronym>HAST</acronym> to replicate the data
between the two. The nodes will be called
<literal><replaceable>hasta</replaceable></literal> with an IP
address <replaceable>172.16.0.1</replaceable> and
<literal><replaceable>hastb</replaceable></literal> with an IP
address <replaceable>172.16.0.2</replaceable>. Both of these
nodes will have a dedicated hard drive
<devicename>/dev/<replaceable>ad6</replaceable></devicename> of
the same size for <acronym>HAST</acronym> operation.
The <acronym>HAST</acronym> pool (sometimes also referred to
as a resource, i.e. the GEOM provider in <filename
class="directory">/dev/hast/</filename>) will be called
<filename><replaceable>test</replaceable></filename>.</para>
<para>The configuration of <acronym>HAST</acronym> is being done
in the <filename>/etc/hast.conf</filename> file. This file
should be the same on both nodes. The simplest configuration
possible is following:</para>
<programlisting>resource test {
on hasta {
local /dev/ad6
remote 172.16.0.2
}
on hastb {
local /dev/ad6
remote 172.16.0.1
}
}</programlisting>
<para>For more advanced configuration, please consult the
&man.hast.conf.5; manual page.</para>
<tip>
<para>It is also possible to use host names in the
<literal>remote</literal> statements. In such a case, make
sure that these hosts are resolvable, e.g. they are defined
in the <filename>/etc/hosts</filename> file, or
alternatively in the local <acronym>DNS</acronym>.</para>
</tip>
<para>Now that the configuration exists on both nodes, it is
possible to create the <acronym>HAST</acronym> pool. Run the
following commands on both nodes to place the initial metadata
onto the local disk, and start the &man.hastd.8; daemon:</para>
<screen>&prompt.root; <userinput>hastctl create test</userinput>
&prompt.root; <userinput>/etc/rc.d/hastd onestart</userinput></screen>
<note>
<para>It is <emphasis>not</emphasis> possible to use GEOM
providers with an existing file system (i.e. convert an
existing storage to <acronym>HAST</acronym>-managed pool),
because this procedure needs to store some metadata onto the
provider and there will not be enough required space
available.</para>
</note>
<para>HAST is not responsible for selecting node's role
(<literal>primary</literal> or <literal>secondary</literal>).
Node's role has to be configured by an administrator or other
software like <application>Heartbeat</application> using the
&man.hastctl.8; utility. Move to the primary node
(<literal><replaceable>hasta</replaceable></literal>) and
issue the following command:</para>
<screen>&prompt.root; <userinput>hastctl role primary test</userinput></screen>
<para>Similarly, run the following command on the secondary node
(<literal><replaceable>hastb</replaceable></literal>):</para>
<screen>&prompt.root; <userinput>hastctl role secondary test</userinput></screen>
<caution>
<para>It may happen that both of the nodes are not able to
communicate with each other and both are configured as
primary nodes; the consequence of this condition is called
<literal>split-brain</literal>. In order to troubleshoot
this situation, follow the steps described in <xref
linkend="disks-hast-sb">.</para>
</caution>
<para>It is possible to verify the result with the
&man.hastctl.8; utility on each node:</para>
<screen>&prompt.root; <userinput>hastctl status test</userinput></screen>
<para>The important text is the <literal>status</literal> line
from its output and it should say <literal>complete</literal>
on each of the nodes. If it says <literal>degraded</literal>,
something went wrong. At this point, the synchronization
between the nodes has already started. The synchronization
completes when the <command>hastctl status</command> command
reports 0 bytes of <literal>dirty</literal> extents.</para>
<para>The last step is to create a filesystem on the
<devicename>/dev/hast/<replaceable>test</replaceable></devicename>
GEOM provider and mount it. This has to be done on the
<literal>primary</literal> node (as the
<filename>/dev/hast/<replaceable>test</replaceable></filename>
appears only on the <literal>primary</literal> node), and
it can take a few minutes depending on the size of the hard
drive:</para>
<screen>&prompt.root; <userinput>newfs -U /dev/hast/test</userinput>
&prompt.root; <userinput>mkdir /hast/test</userinput>
&prompt.root; <userinput>mount /dev/hast/test /hast/test</userinput></screen>
<para>Once the <acronym>HAST</acronym> framework is configured
properly, the final step is to make sure that
<acronym>HAST</acronym> is started during the system boot time
automatically. The following line should be added to the
<filename>/etc/rc.conf</filename> file:</para>
<programlisting>hastd_enable="YES"</programlisting>
<sect3>
<title>Failover Configuration</title>
<para>The goal of this example is to build a robust storage
system which is resistant from the failures of any given node.
The key task here is to remedy a scenario when a
<literal>primary</literal> node of the cluster fails. Should
it happen, the <literal>secondary</literal> node is there to
take over seamlessly, check and mount the file system, and
continue to work without missing a single bit of data.</para>
<para>In order to accomplish this task, it will be required to
utilize another feature available under &os; which provides
for automatic failover on the IP layer &mdash;
<acronym>CARP</acronym>. <acronym>CARP</acronym> stands for
Common Address Redundancy Protocol and allows multiple hosts
on the same network segment to share an IP address. Set up
<acronym>CARP</acronym> on both nodes of the cluster according
to the documentation available in <xref linkend="carp">.
After completing this task, each node should have its own
<devicename>carp0</devicename> interface with a shared IP
address <replaceable>172.16.0.254</replaceable>.
Obviously, the primary <acronym>HAST</acronym> node of the
cluster has to be the master <acronym>CARP</acronym>
node.</para>
<para>The <acronym>HAST</acronym> pool created in the previous
section is now ready to be exported to the other hosts on
the network. This can be accomplished by exporting it
through <acronym>NFS</acronym>,
<application>Samba</application> etc, using the shared IP
address <replaceable>172.16.0.254</replaceable>. The only
problem which remains unresolved is an automatic failover
should the primary node fail.</para>
<para>In the event of <acronym>CARP</acronym> interfaces going
up or down, the &os; operating system generates a &man.devd.8;
event, which makes it possible to watch for the state changes
on the <acronym>CARP</acronym> interfaces. A state change on
the <acronym>CARP</acronym> interface is an indication that
one of the nodes failed or came back online. In such a case,
it is possible to run a particular script which will
automatically handle the failover.</para>
<para>To be able to catch the state changes on the
<acronym>CARP</acronym> interfaces, the following
configuration has to be added to the
<filename>/etc/devd.conf</filename> file on each node:</para>
<programlisting>notify 30 {
match "system" "IFNET";
match "subsystem" "carp0";
match "type" "LINK_UP";
action "/usr/local/sbin/carp-hast-switch master";
};
notify 30 {
match "system" "IFNET";
match "subsystem" "carp0";
match "type" "LINK_DOWN";
action "/usr/local/sbin/carp-hast-switch slave";
};</programlisting>
<para>To put the new configuration into effect, run the
following command on both nodes:</para>
<screen>&prompt.root; <userinput>/etc/rc.d/devd restart</userinput></screen>
<para>In the event that the <devicename>carp0</devicename>
interface goes up or down (i.e. the interface state changes),
the system generates a notification, allowing the &man.devd.8;
subsystem to run an arbitrary script, in this case
<filename>/usr/local/sbin/carp-hast-switch</filename>. This
is the script which will handle the automatic
failover. For further clarification about the above
&man.devd.8; configuration, please consult the
&man.devd.conf.5; manual page.</para>
<para>An example of such a script could be following:</para>
<programlisting>#!/bin/sh
# Original script by Freddie Cash &lt;fjwcash@gmail.com&gt;
# Modified by Michael W. Lucas &lt;mwlucas@BlackHelicopters.org&gt;
# and Viktor Petersson &lt;vpetersson@wireload.net&gt;
# The names of the HAST resources, as listed in /etc/hast.conf
resources="test"
# delay in mounting HAST resource after becoming master
# make your best guess
delay=3
# logging
log="local0.debug"
name="carp-hast"
# end of user configurable stuff
case "$1" in
master)
logger -p $log -t $name "Switching to primary provider for ${resources}."
sleep ${delay}
# Wait for any "hastd secondary" processes to stop
for disk in ${resources}; do
while $( pgrep -lf "hastd: ${disk} \(secondary\)" > /dev/null 2>&1 ); do
sleep 1
done
# Switch role for each disk
hastctl role primary ${disk}
if [ $? -ne 0 ]; then
logger -p $log -t $name "Unable to change role to primary for resource ${disk}."
exit 1
fi
done
# Wait for the /dev/hast/* devices to appear
for disk in ${resources}; do
for I in $( jot 60 ); do
[ -c "/dev/hast/${disk}" ] && break
sleep 0.5
done
if [ ! -c "/dev/hast/${disk}" ]; then
logger -p $log -t $name "GEOM provider /dev/hast/${disk} did not appear."
exit 1
fi
done
logger -p $log -t $name "Role for HAST resources ${resources} switched to primary."
logger -p $log -t $name "Mounting disks."
for disk in ${resources}; do
mkdir -p /hast/${disk}
fsck -p -y -t ufs /dev/hast/${disk}
mount /dev/hast/${disk} /hast/${disk}
done
;;
slave)
logger -p $log -t $name "Switching to secondary provider for ${resources}."
# Switch roles for the HAST resources
for disk in ${resources}; do
if ! mount | grep -q "^/dev/hast/${disk} on "
then
else
umount -f /hast/${disk}
fi
sleep $delay
hastctl role secondary ${disk} 2>&1
if [ $? -ne 0 ]; then
logger -p $log -t $name "Unable to switch role to secondary for resource ${disk}."
exit 1
fi
logger -p $log -t $name "Role switched to secondary for resource ${disk}."
done
;;
esac</programlisting>
<para>In a nutshell, the script does the following when a node
becomes <literal>master</literal> /
<literal>primary</literal>:</para>
<itemizedlist>
<listitem>
<para>Promotes the <acronym>HAST</acronym> pools as
primary on a given node.</para>
</listitem>
<listitem>
<para>Checks the file system under the
<acronym>HAST</acronym> pool.</para>
</listitem>
<listitem>
<para>Mounts the pools at appropriate place.</para>
</listitem>
</itemizedlist>
<para>When a node becomes <literal>backup</literal> /
<literal>secondary</literal>:</para>
<itemizedlist>
<listitem>
<para>Unmounts the <acronym>HAST</acronym> pools.</para>
</listitem>
<listitem>
<para>Degrades the <acronym>HAST</acronym> pools to
secondary.</para>
</listitem>
</itemizedlist>
<caution>
<para>Keep in mind that this is just an example script which
should serve as a proof of concept solution. It does not
handle all the possible scenarios and can be extended or
altered in any way, for example it can start/stop required
services etc.</para>
</caution>
<tip>
<para>For the purpose of this example we used a standard UFS
file system. In order to reduce the time needed for
recovery, a journal-enabled UFS or ZFS file system can
be used.</para>
</tip>
<para>More detailed information with additional examples can be
found in the <ulink
url="http://wiki.FreeBSD.org/HAST">HAST Wiki</ulink>
page.</para>
</sect3>
</sect2>
<sect2>
<title>Troubleshooting</title>
<sect3>
<title>General Troubleshooting Tips</title>
<para><acronym>HAST</acronym> should be generally working
without any issues, however as with any other software
product, there may be times when it does not work as
supposed. The sources of the problems may be different, but
the rule of thumb is to ensure that the time is synchronized
between all nodes of the cluster.</para>
<para>The debugging level of the &man.hastd.8; should be
increased when troubleshooting <acronym>HAST</acronym>
problems. This can be accomplished by starting the
&man.hastd.8; daemon with the <literal>-d</literal>
argument. Note, that this argument may be specified
multiple times to further increase the debugging level. A
lot of useful information may be obtained this way. It
should be also considered to use <literal>-F</literal>
argument, which will start the &man.hastd.8; daemon in
foreground.</para>
</sect3>
<sect3 id="disks-hast-sb">
<title>Recovering from the Split-brain Condition</title>
<para>The consequence of a situation when both nodes of the
cluster are not able to communicate with each other and both
are configured as primary nodes is called
<literal>split-brain</literal>. This is a dangerous
condition because it allows both nodes to make incompatible
changes to the data. This situation has to be handled by
the system administrator manually.</para>
<para>In order to fix this situation the administrator has to
decide which node has more important changes (or merge them
manually) and let the <acronym>HAST</acronym> perform
the full synchronization of the node which has the broken
data. To do this, issue the following commands on the node
which needs to be resynchronized:</para>
<screen>&prompt.root; <userinput>hastctl role init &lt;resource&gt;</userinput>
&prompt.root; <userinput>hastctl create &lt;resource&gt;</userinput>
&prompt.root; <userinput>hastctl role secondary &lt;resource&gt;</userinput></screen>
</sect3>
</sect2>
</sect1>
</chapter>
<!--
Local Variables:
mode: sgml
sgml-declaration: "../chapter.decl"
sgml-indent-data: t
sgml-omittag: nil
sgml-always-quote-attributes: t
sgml-parent-document: ("../book.sgml" "part" "chapter")
End:
-->
Reference in a new issue View git blame Copy permalink