OpenBSD Journal

Flashboot 4.2 released

Contributed by merdely on from the n'sync dept.

Rickard Dahlstrand announces:

Flashboot 4.2, which is in-sync with stable-4.2, has now been released. The big news this release is the addition of additional platforms including an bootable cd-image.

About Flashboot (from tilde.se):

Flashboot is a system built by Damien Miller (djm@) and others as an adaptation of OpenBSD that's more suited for small flash-based hardware. For most applications you don't have to compile it on you own, you just put the binary release on a flashcard and you're set (somewhat simplified).

See the README and ChangeLog for more information.

(Comments are closed)


Comments
  1. By A Nonymous Howard (24.37.242.64) on

    What's the difference between this and just installing a full OpenBSD -release or [-stable] release(8) and running everything in MFS? Not knocking this down, it looks great, but does this remove some stuff from the base OpenBSD and not permit running a stock install?

    Curious to know as I've never had a problem running -stable on a CF card on Soekris, WRAP or doing it with USB Flash, SD, etc. as read-only and /var, /dev and /tmp in read-write MFS. Works great with 256M - 512M flash, even with WRAP devices having only 128M RAM.

    I've also written a shell script to assist in such setup's, just needs some cleaning up and maybe some new additions. The idea/concept I think is similar to this, but different.

    This is one of mine; can be tweaked a lot better too.

    $ dmesg | grep -i cpu | head -1
    cpu0: Geode(TM) Integrated Processor by National Semi ("Geode by NSC" 586-class) 267 MHz

    $ mount
    /dev/wd0a on / type ffs (local, noatime, read-only)
    mfs:1371 on /dev type mfs (asynchronous, local, noexec, nosuid, size=1200 512-blocks)
    mfs:22797 on /var type mfs (asynchronous, local, nodev, noexec, nosuid, size=32768 512-blocks)
    mfs:1460 on /tmp type mfs (asynchronous, local, nodev, nosuid, size=2048 512-blocks)

    $ df -h
    Filesystem Size Used Avail Capacity Mounted on
    /dev/wd0a 479M 150M 305M 33% /
    mfs:1371 87.0K 11.0K 72.0K 13% /dev
    mfs:22797 15.5M 4.0M 10.7M 27% /var
    mfs:1460 975K 5.0K 922K 1% /tmp

    load averages: 0.04, 0.06, 0.07 10:37:34
    20 processes: 19 idle, 1 on processor
    CPU states: 0.2% user, 0.0% nice, 0.2% system, 0.0% interrupt, 99.7% idle
    Memory: Real: 13M/35M act/tot Free: 88M Swap: 0K/0K used/tot

    PS: Thanks for the posting, I'm going to take a closer look at it.

    Comments
    1. By Kostas Zorbadelos (212.205.221.244) kzorba AT gmail DOT com on

      > What's the difference between this and just installing a full OpenBSD -release or [-stable] release(8) and running everything in MFS? Not knocking this down, it looks great, but does this remove some stuff from the base OpenBSD and not permit running a stock install?
      >
      > Curious to know as I've never had a problem running -stable on a CF card on Soekris, WRAP or doing it with USB Flash, SD, etc. as read-only and /var, /dev and /tmp in read-write MFS. Works great with 256M - 512M flash, even with WRAP devices having only 128M RAM.
      >

      I have the same question. My setup is a stock 4.1 install on a PC Engines WRAP.
      kzorba@mini-kerveros[11:27]:~-> cat /etc/fstab
      /dev/wd0a / ffs ro 1 1
      swap /var mfs rw,-P=/tmplate/var,-s=65536,noexec,nosuid,nodev 0 0
      swap /dev mfs rw,nosuid,-P=/tmplate/dev,-s=1200,-i=128,noexec,nosuid 0 0
      kzorba@mini-kerveros[11:27]:~-> ls -l /tmp
      lrwxr-xr-x 1 root wheel 8 May 29 2007 /tmp -> /var/tmp

      Is there any benefit in running everything out of an MFS? I have seen no problems with my setup on a 512 flash
      kzorba@mini-kerveros[11:27]:~-> df -k
      Filesystem 1K-blocks Used Avail Capacity Mounted on
      /dev/wd0a 498558 181308 292324 38% /
      mfs:22782 31727 7802 22339 26% /var
      mfs:24133 87 34 49 41% /dev

      but I would be interested to know if there are any shortcomings in my approach. Anyway, flashboot is a very interesting project.

      Thanks

      Comments
      1. By Massimo Lusetti (62.94.186.166) on

        > I have the same question. My setup is a stock 4.1 install on a PC Engines WRAP.


        The first noticeable feature is the ability to update the whole system with one scp command, replacing the booting kernel.
        This seems very similar as when you upgrde/update a firmware in any device.

        Ciao.

        Comments
        1. By Anonymous Coward (24.37.242.64) on

          > > I have the same question. My setup is a stock 4.1 install on a PC Engines WRAP.
          >
          >
          > The first noticeable feature is the ability to update the whole system with one scp command, replacing the booting kernel.
          > This seems very similar as when you upgrde/update a firmware in any device.
          >
          > Ciao.

          That's nice, rather than doing a binary upgrade (after making a -stable release from another system) or scp'ing specific binaries compiled from another system - but what stops this from being modified to work with a stock install -release or -stable on such devices? Is flashboot more intended for smaller flash media, such as 32/64M? What are the other benefits of using this over a stock install or creating a -stable stock install?

          Thanks!

          Comments
          1. By Damien Miller (djm) on http://www.mindrot.org/~djm/

            > That's nice, rather than doing a binary upgrade (after making a
            > -stable release from another system) or scp'ing specific binaries
            > compiled from another system - but what stops this from being modified
            > to work with a stock install -release or -stable on such devices?

            You can load stock binaries onto a flashboot system, so long as you pull along the libraries that they need (if they aren't there already). Only the kernel and some of the initscripts are really custom.

            A good way to think about it is that flashboot is essentially a bsd.rd with a different (and larger) set of userland utilities that are chosen for appropriateness for use in network devices. Since the flashboot kernel contains ssh(1), it also makes for a better recovery tool than bsd.rd - I keep a GENERIC flashboot kernel on a USB key for this purpose.

            > Is flashboot more intended for smaller flash media, such as 32/64M?

            A flashboot kernel (that contains the userland ramdisk) is ~6MB, so it is very suitable for systems with smaller flash.

            > What are the other benefits of using this over a stock install
            > or creating a -stable stock install?

            The entire-system-in-a-single-file thing is the big benefit. Apart from that, the entire userland runs from RAM, so the flash is never touched (it can even be de-powered or unplugged after boot).

            Comments
            1. By John Doe (69.70.68.38) on

              > A flashboot kernel (that contains the userland ramdisk) is ~6MB, so it is very suitable for systems with smaller flash.

              A 6MB kernel, isn't that big? Mine's down to ~1.2MB, uncompressed.

              > The entire-system-in-a-single-file thing is the big benefit. Apart from that, the entire userland runs from RAM, so the flash is never touched (it can even be de-powered or unplugged after boot).

              Isn't that the point of running in an MFS and having flash as read-only? As for the one file, I think that is a great way! But being able to do that with a stock install would be better (if do-able or possible?) IMHO - `tar cxvf` everything? This way everything is installed, unless you skip X packages of course and it's still fully functional & the patch branch can be built from release(8).

              Curious to know more though too.

              Comments
              1. By Anonymous Coward (207.210.17.73) on

                I have an alix 2c3 that i would like to use as my firewall and wireless access point to replace an existing power hungry beast of a box and have been banging my head against the wall flashing images that do not seem to work. From what i gather the soekeris 5501 is the closest to my board.

                I tried the flash image (128mb soekeris5501.image) and get "Trying disk 0 partion 3 No O/S found"

                I am flashing this from windows using physdiskwrite.

                If anyone has any hints please let me know..

                Comments
                1. By Anonymous Coward (207.210.17.73) on

                  > I have an alix 2c3 that i would like to use as my firewall and wireless access point to replace an existing power hungry beast of a box and have been banging my head against the wall flashing images that do not seem to work. From what i gather the soekeris 5501 is the closest to my board.
                  >
                  > I tried the flash image (128mb soekeris5501.image) and get "Trying disk 0 partion 3 No O/S found"
                  >
                  > I am flashing this from windows using physdiskwrite.
                  >
                  > If anyone has any hints please let me know..

                  Edit....

                  I tried installing directly to the cf card and get the following:

                  PC Engines ALIX.2 v0.98
                  640 KB Base Memory
                  261120 KB Extended Memory

                  01F0 Master 848A TOSHIBA THNCF1G02QG
                  Phys C/H/S 1985/16/63 Log C/H/S 992/32/63
                  Using drive 0, partition 3;
                  Loading;...
                  probing: pc0 com0 pci mem[640K 255M a20=on]
                  disk: hd0
                  >> OpenBSD/i386 BOOT 3.01
                  boot>
                  booting hd0a:/bsd: 5665588+872060 [52+291168+272312]=0x6c5c70
                  entry point at 0x200120



                  It hangs there...i guess i need a custom kernel for this thing

                  Comments
                  1. By Anonymous Coward (24.37.242.64) on

                    > > I have an alix 2c3 that i would like to use as my firewall and wireless access point to replace an existing power hungry beast of a box and have been banging my head against the wall flashing images that do not seem to work. From what i gather the soekeris 5501 is the closest to my board.
                    > >
                    > > I tried the flash image (128mb soekeris5501.image) and get "Trying disk 0 partion 3 No O/S found"
                    > >
                    > > I am flashing this from windows using physdiskwrite.
                    > >
                    > > If anyone has any hints please let me know..
                    >
                    > Edit....
                    >
                    > I tried installing directly to the cf card and get the following:
                    >
                    > PC Engines ALIX.2 v0.98
                    > 640 KB Base Memory
                    > 261120 KB Extended Memory
                    >
                    > 01F0 Master 848A TOSHIBA THNCF1G02QG
                    > Phys C/H/S 1985/16/63 Log C/H/S 992/32/63
                    > Using drive 0, partition 3;
                    > Loading;...
                    > probing: pc0 com0 pci mem[640K 255M a20=on]
                    > disk: hd0
                    > >> OpenBSD/i386 BOOT 3.01
                    > boot>
                    > booting hd0a:/bsd: 5665588+872060 [52+291168+272312]=0x6c5c70
                    > entry point at 0x200120
                    >
                    >
                    >
                    > It hangs there...i guess i need a custom kernel for this thing

                    Can you PXE boot? If so, try booting like that and verify if the CHS settings match or even do the disklabel/fdisk then re-try your image. If they don't, that's probably why and can be fixed various ways (on the system) or from a CF reader/writer on another system then back in the ALIX system. It might also be something with installboot(8) which can be fixed either way too.

                    Are you looking to do a flashboot or flashdist install, or your own custom install [in MFS] of -release or -stable? There's other ways too.

                    Hope this helps.

                    Comments
                    1. By Anonymous Coward (207.210.17.73) on

                      > > > I have an alix 2c3 that i would like to use as my firewall and wireless access point to replace an existing power hungry beast of a box and have been banging my head against the wall flashing images that do not seem to work. From what i gather the soekeris 5501 is the closest to my board.
                      > > >
                      > > > I tried the flash image (128mb soekeris5501.image) and get "Trying disk 0 partion 3 No O/S found"
                      > > >
                      > > > I am flashing this from windows using physdiskwrite.
                      > > >
                      > > > If anyone has any hints please let me know..
                      > >
                      > > Edit....
                      > >
                      > > I tried installing directly to the cf card and get the following:
                      > >

                      > > PC Engines ALIX.2 v0.98
                      > > 640 KB Base Memory
                      > > 261120 KB Extended Memory
                      > >
                      > > 01F0 Master 848A TOSHIBA THNCF1G02QG
                      > > Phys C/H/S 1985/16/63 Log C/H/S 992/32/63
                      > > Using drive 0, partition 3;
                      > > Loading;...
                      > > probing: pc0 com0 pci mem[640K 255M a20=on]
                      > > disk: hd0
                      > > >> OpenBSD/i386 BOOT 3.01
                      > > boot>
                      > > booting hd0a:/bsd: 5665588+872060 [52+291168+272312]=0x6c5c70
                      > > entry point at 0x200120
                      > >
                      > >
                      > >
                      > > It hangs there...i guess i need a custom kernel for this thing
                      >
                      > Can you PXE boot? If so, try booting like that and verify if the CHS settings match or even do the disklabel/fdisk then re-try your image. If they don't, that's probably why and can be fixed various ways (on the system) or from a CF reader/writer on another system then back in the ALIX system. It might also be something with installboot(8) which can be fixed either way too.
                      >
                      > Are you looking to do a flashboot or flashdist install, or your own custom install [in MFS] of -release or -stable? There's other ways too.
                      >
                      > Hope this helps.

                      Thanks for the suggestions. I ended up doing a full install with the cf in a usb reader on my build box. After the fact I replaced the kernel with one I compiled using the net5501 config from flashdist and it booted straight away. I think I will play around with this for awhile and try the image again when i get another cf card.

                      I always follow stable and will probably be coping the binaries over from my other box to this one.

                      I hope this works out as it is nice to have such a cheap-on-the-power-bill box

                      Comments
                      1. By Anonymous Coward (24.37.242.64) on

                        > > > > I have an alix 2c3 that i would like to use as my firewall and wireless access point to replace an existing power hungry beast of a box and have been banging my head against the wall flashing images that do not seem to work. From what i gather the soekeris 5501 is the closest to my board.
                        > > > >
                        > > > > I tried the flash image (128mb soekeris5501.image) and get "Trying disk 0 partion 3 No O/S found"
                        > > > >
                        > > > > I am flashing this from windows using physdiskwrite.
                        > > > >
                        > > > > If anyone has any hints please let me know..
                        > > >
                        > > > Edit....
                        > > >
                        > > > I tried installing directly to the cf card and get the following:
                        > > >
                        >
                        > > > PC Engines ALIX.2 v0.98
                        > > > 640 KB Base Memory
                        > > > 261120 KB Extended Memory
                        > > >
                        > > > 01F0 Master 848A TOSHIBA THNCF1G02QG
                        > > > Phys C/H/S 1985/16/63 Log C/H/S 992/32/63
                        > > > Using drive 0, partition 3;
                        > > > Loading;...
                        > > > probing: pc0 com0 pci mem[640K 255M a20=on]
                        > > > disk: hd0
                        > > > >> OpenBSD/i386 BOOT 3.01
                        > > > boot>
                        > > > booting hd0a:/bsd: 5665588+872060 [52+291168+272312]=0x6c5c70
                        > > > entry point at 0x200120
                        > > >
                        > > >
                        > > >
                        > > > It hangs there...i guess i need a custom kernel for this thing
                        > >
                        > > Can you PXE boot? If so, try booting like that and verify if the CHS settings match or even do the disklabel/fdisk then re-try your image. If they don't, that's probably why and can be fixed various ways (on the system) or from a CF reader/writer on another system then back in the ALIX system. It might also be something with installboot(8) which can be fixed either way too.
                        > >
                        > > Are you looking to do a flashboot or flashdist install, or your own custom install [in MFS] of -release or -stable? There's other ways too.
                        > >
                        > > Hope this helps.
                        >
                        > Thanks for the suggestions. I ended up doing a full install with the cf in a usb reader on my build box. After the fact I replaced the kernel with one I compiled using the net5501 config from flashdist and it booted straight away. I think I will play around with this for awhile and try the image again when i get another cf card.
                        >
                        > I always follow stable and will probably be coping the binaries over from my other box to this one.
                        >
                        > I hope this works out as it is nice to have such a cheap-on-the-power-bill box
                        >
                        >

                        Personally, I suggest making a -stable release with release(8) (rather than copy only the binaries) and run most filesystems in a MFS, / as read-only and sync to flash periodically and/or with /etc/rc.shutdown.

                        Or, on the other hand, flashdist or flashboot might be good for what you need too.

                  2. By chris cappuccio (24.177.169.53) chris@nmedia.net on


                    > >> OpenBSD/i386 BOOT 3.01
                    > boot>
                    > booting hd0a:/bsd: 5665588+872060 [52+291168+272312]=0x6c5c70
                    > entry point at 0x200120
                    >
                    >
                    >
                    > It hangs there...i guess i need a custom kernel for this thing

                    No, you need to type in some things at the boot prompt:

                    boot> set tty com0
                    boot> stty com0 19200

                    Also you need to turn on tty00 in /etc/ttys

                    A custom kernel is NOT requiredch

                    Comments
                    1. By Anonymous Coward (24.37.242.64) on

                      >
                      > > >> OpenBSD/i386 BOOT 3.01
                      > > boot>
                      > > booting hd0a:/bsd: 5665588+872060 [52+291168+272312]=0x6c5c70
                      > > entry point at 0x200120
                      > >
                      > >
                      > >
                      > > It hangs there...i guess i need a custom kernel for this thing
                      >
                      > No, you need to type in some things at the boot prompt:
                      >
                      > boot> set tty com0
                      > boot> stty com0 19200
                      >
                      > Also you need to turn on tty00 in /etc/ttys
                      >
                      > A custom kernel is NOT requiredch
                      >
                      lol, that's true, i forgot too.

                      just wanted to add that those can be added to a new /etc/boot.conf

  2. By Motley Fool (MotleyFool) motleyfool@dieselrepower.org on

    Thanks a lot to Rickard for updating Flashboot to 4.2. I've been running Flashboot on several soekris systems as redundant PF firewalls for a couple of years.

    For people wondering what's the point? When Flashboot first came out the standard, well and only, pre-built embedded OpenBSD was Flashdist from Chris Cappuccio. Flashdist was cool if you wanted some hand holding, but for people who wanted to work directly in OpenBSD Flashboot was perfect.

    Flashboot is a good starting point for customization.

    Comments
    1. By Martin C. (217.17.34.18) on

      > For people wondering what's the point? When Flashboot first came out
      > the standard, well and only, pre-built embedded OpenBSD was Flashdist
      > from Chris Cappuccio. Flashdist was cool if you wanted some hand
      > holding, but for people who wanted to work directly in OpenBSD Flashboot > was perfect.

      If You mean the nsh shell, which is quite cisco-like, than I agree. It doesn't have to be installed, in which case You may use it like flashboot.

      > Flashboot is a good starting point for customization.

      So is flashdist :)

      However I'm going to try flashboot also.

      Cheers!

  3. By Anonymous Coward (190.18.128.252) on

    This is quite an interesting project, I'll take a closer look next week.

    Anyway I'm currently using a desktop computer (soon to be replaced with an ALIX board) with OpenBSD 4.2 + PF. This system has a 1GB CF card but I'm not using any mfs partition. Should I be worried about its MTBF ? How long will it last ? Which are the benefits of having a rdonly filesystem ? Thanks for any clarification.

    JC

    Comments
    1. By chris cappuccio (24.177.169.53) chris@nmedia.net on

      > This system has a 1GB CF card but I'm not using any mfs partition. Should I be worried about its MTBF ? How long will it last ?

      If you are using flashboot (or flashdist, or any other read-only scheme) then you are less likely to expose flaws in the card itself, both defects in the flash memory (that supposedly disappear with "wear leveling", not the case in my experience) and defects in the firmware.

      I've had a number of flash cards that were mounted read-write simply die or come up completely scrambled for no apparent reason under OpenBSD (mounted read/write), FreeBSD (running pfsense with no activity but packet routing), and using Linux (with crappy mesh wireless software.) The scrambled images were recovered by reinstalling to the same flash card in most cases.

      I've NEVER had a failure with a flash card prepared by flashdist (and I still have a large amount of old 64MB cards that I'm trying to use up) short of a total flash card failure (rare but it happens.)

      The ATA flash card has a micro-controller and runs its own firmware too. These are not linear flash. No PC BIOS nor OpenBSD have routines built in to handle linear flash, anyways. ATA flash emulates a hard disk interface so the standard software works fine.

      But, unless you control the quality of the firmware, then you want to use it as little as possible. flashboot is the best in this regard because it loads everything into a ramdisk, you touch the flash as little as possible. flashdist touches the flash during routine operation, but only for reads.

      If I was selling OpenBSD based equipment, like Vantronix or someone, then I would use flashboot to prepare my images. I would do this for the simple reason that it can be upgraded in one easy pass. But for all my professional and personal use of flash on routers (and other no-moving-parts OpenBSD boxes), I use flashdist because it's very easy to modify without making radical changes to a system (like rewriting the entire image). I'm still trying to see if there is a decent way to make a flashdist system easily remotely upgradeable (but it probably won't be as clean as flashboot)

    2. By Anonymous Coward (203.167.97.51) on

      > Which are the benefits of having a rdonly filesystem ? Thanks for any

      One benefit that's really handy on routers and firewalls is that with a read-only filesystem you can do hard reboots and power cycles without risking corruption and fsck.
      Of course, you dont need flash to run read-only, it works just as good with a hd.

  4. By chris cappuccio (24.177.169.53) chris@nmedia.net on

    While this article is on the front page, i'll take an opportunity to also let everyone know that I have been releasing binary images for flashdist since the beginning of November. They run great under qemu for testing software and configurations that you apply to them, too (qemu -hda flashimg.blah)

    They are up at http://www.nmedia.net/flashdist/ and they also include a utility that grows the filesystem image to whatever flash size you are using (the base images are only 32MB and 64MB which fits the flash cards I have, but are too small for anyone who wants to take advantage of the space available on new flash cards!)

    They are based on OpenBSD 4.2-current, and not release or stable. (I never use release or stable anyways) I will update the images as new security fixes, bug fixes or features come to current, at least ones relevant to the OpenBSD kernel and the utilities that flashdist installs. In particular I'm waiting for Reyk to declare snmpd ready to link to the main builds to release new -current flashdist images which include it.

    Comments
    1. By Anonymous Coward (190.18.128.252) on


      Chris, I'm just trying one of the binary images under qemu and it's really cool! In a couple of weeks I should receive my ALIX board and will test it there. Thanks!
      JC

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]