>>home

NetBSD 3 read-mostly guide

Timeliness notice

NetBSD has recently imported some tools from FreeBSD for making read-only systems. I will evaluate them when I upgrade.

I have switched from using a hard drive for my soekris 4801 to a 512MB CF card. This has changed the system quite a bit. It makes it quieter, slower, and more likely to get worn out with a lot of write activity.

This didn't require any real technical marvel, but it is motivation to reduce the amount of write activity. My soekris performs the following major functions:

General System Stuff

First I wanted to reduce the writes to /, so I used the following options in my fstab: 

#/etc/fstab
/dev/wd0a               /       ffs     rw,noatime,nodevmtime            1 1
These options, obviously, reduce the amount of write operations done on / when files and devices are accessed.
Next disable rebuilding of the locate database (unless you want it): 
#/etc/weekly.conf
rebuild_locatedb=NO

Disable mtree checking in /etc/security.conf 

#/etc/security.conf
check_mtree=NO

Now remove mail delivery from weekly, daily, and monthly stuff: 

# crontab -e
#Remove tee with sendmail to simple redirect
15      3       *       *       *       /bin/sh /etc/daily 2>&1 > /var/log/daily.out                 
30      4       *       *       6       /bin/sh /etc/weekly 2>&1 > /var/log/weekly.out                 
#30     5       1       *       *       /bin/sh /etc/monthly 2>&1 > /var/log/monthly.out

/var

The next step is to take make /var, which is the most write-heavy directory structure, and make it less of a pain. To do this I mount of the most written subdirectories as mfs (memory file system). 

#/etc/fstab
/dev/wd0b       /var/run mfs rw,-s1m 0 0
/dev/wd0b       /var/log mfs rw,-s10m 0 0
To explain these- '/dev/wd0b' is my swap partition, '/var/run' & '/var/log' are the mount targets, 'mfs' is the type, 'rw' is the read-write option, '-s1m' & '-s10m' are the size of the mounts (1MB and 10MB respectively), and '0 0' is fsck stuff. Now to make this work, I need to have them mounted before the daemons start. NetBSD's awesome rc system has something for this: 
#/etc/rc.conf
critical_filesystems_local="/var/run /var/log"
Now my filesystems will mount over the on-disk versions before any other daemons are started.

dhclient

dhclient normally writes leases in /var/db, to change that I use: 

#/etc/rc.conf
dhclient=YES
dhclient_flags="-nw -lf /var/run/dhclient.leases sip0"

dhcpd

dhcpd, similarly needs options, but it won't startup if the leases file does not exist at all. This would normally mean that dhcpd.leases would get written to disk, but there is an easy workaround! 

#/etc/syslog.conf
#use syslog to create a dhcpd.leases file, but don't write anything to it.
notarealdeamon.info     /var/run/dhcpd.leases
Now syslog will touch our file for us and we can put our options in: 
#/etc/rc.conf
dhcpd=YES
dhcpd_flags="-lf /var/run/dhcpd.leases sip1"

lighttpd

I'm using lighttpd for my web server and just configured it to log into syslog: 

#/usr/pkg/etc/lighttpd/lighttpd.conf
server.errorlog-use-syslog      = "enable"
accesslog.use-syslog = "enable"
Because you're using syslog to log everything to a small memory partition, you may want to adjust /etc/newsyslog.conf to be more aggressive in rotation size, but I didn't need to do this.
To avoid excessive reads to my CF card by the web server, I am using a usb thumb drive to hold /usr/local/htdocs. :) 
#/etc/fstab
/dev/sd0a       /usr/local/htdocs       ffs     rw      1 1