fsck-less Booting?

patrick42 asks: "I am working on a project where I'll be replacing a DOS/Windows-based system with that of Linux or FreeBSD. The company for whom I'm working uses cheap PC's running some proprietary software on DOS/Windows to perform a certain task. The machines are deployed in environments where there are no keyboards or displays, and minimum-wage clerks are the people watching these machines. The company has decided to go with a free Unix system because they no longer wish to pay the licensing fees for Windows. The machines get unplugged all the time when they are moved or whatnot. They do not get a proper shutdown procedure ever, and it's not possible to change this due to the environments in which they are deployed. I've been told that they've never had a problem running DOS in terms of filesystem corruption. So I guess I'm looking for the safest filesystem possible that I can use with either FreeBSD or Linux. My head would be served on a platter if I picked something that sometimes requires user-intervention." Note that Ask Slashdot covered a similar question back in 1999, the situations differed, but the need remains the same: can Linux work in environments where proper shutdowns are rare-to-non-existant?

"I have run many Linux machines, and I've experienced firsthand (only on occassion) where a machine did not get properly shutdown, and then on the next boot user-interaction was required to run fsck manually.

I really want to use either FreeBSD or Linux, but if there is any chance of this happening (hardware failures excluded) where someone needs to manually run fsck, I will not be able to use them.

I've been reading about the ext3 filesystem, and how corruption is quite rare, but it still seems possible. UFS claims to be quite stable as well, but fsck-less booting will not be available until FreeBSD 5.0 (from what I've read).

These machines aren't doing too much writing to the disk -- they are mostly just reading data, but that isn't to say that there will be no disk writes at all.

Can anyone offer some advice?"

Journalled file system and mounting read-only.

[Zocalo]

In addition to automating fsck's you could circumvent a large part of the issue by using one of the various journalling file systems (EXT3, JFS, ReiserFS, XFS). Being able to roll-back to a known good state is an ideal way of avoiding having to run fsck altogether.

Secondly, once the box is configured, edit your fstab file and change any partitions which don't need to be written to to be mounted read-only. If there are no writes to a volume, then there is no need to check the volume (this is how I used to speed up post hard-down boots before journalling filesystems). It's a good security practice as well - in combination with chattr it can be a very effective "escalation of priviledges" block.

Re:Synchronous

[displague]

You may also want to mount non-write needing partitions (/usr, /) as read-only... Generally, depending on the software, you can create a system which only writes to /var, /tmp, and the user-home directories.

Ofcourse, you should also use a journaling filesystem like reiser or ext3. These filesystems tend to take the whack out of impropper shutdowns.

If you have a modem, it is possible to direct all of the linux boot, and often (on newer systems) the bios, out to the serial port. This way you can handle all user intervention. Short of boot-up/bios your best administrative interface will be your ssh client. (don't forget to remount rw before installing new software)

I thought you said this application was DOS based? Why do you need windows licenses? You could easily go with FreeDOS, or just use an existing DOS 6.x license. You're not guaranteed an ssh interface that way, but you tend not to get instability as well.

Ext3

[Omniscient+Ferret]

Ext3 in ordered mode was my first thought. I'm comfortable with the stock kernel - after crashes (and on regular intervals), I don't think I've had to intervene with the fsck at bootup. If you'd prefer more QA, then you might examine the patches that, say, RedHat and Debian provide in their kernels, and stick with one.

eliminate the disk, doorknob

[aminorex]

eliminate the disk entirely, silly person.
boot from flash or from a CD. if you really
need to store more data than you can keep in
flash between power-cycles, then use CDRs.
when one fills up, eject it, and they can
pop in a new one. *bam* instant permanent
audit trail, in a compact format.