Don't Ask.
Jul. 3rd, 2009 10:53 am![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
lwoodYOUR DATA IS SAFE.
lorien had two different /boot directories--one on a mounted partition, and one just lying around on the file system.
The mounted /boot doesn't keep itself mounted in the running filesystem (I vaguely recall I did this for security reasons, but who knows?), so the new OS's new kernel installed itself in /boot.
On reboot, of course, the old /boot partition was consulted, and the old (OOOOOOOOLD, two updates ago) kernel loaded.
![[livejournal.com profile]](https://www.dreamwidth.org/img/external/lj-userinfo.gif)
countgeiger and I guessed at a fix--and failed.
YOUR DATA IS SAFE. Just in an advanced state of inaccessibility, which will be remedied as soon as I spank grub a few times.
A risk I knew I was taking when doing a massive OS upgrade in place--and hey, it almost worked except for that pesky pesky kernel!
Meanwhile, once we have this back up and running, our thought is to whip 'round to the Apple store and pick up some replacement hardware that will be much quieter and more energy-efficient. My only concern is that going from two hard drives in a RAID-1 to one (even if I sit that one on top of an external HDD attached with firewire 800 and sync every hour or some such) will make it considerably less fault-tolerant, so I'm still thinking about it.
-- Lorrie
lorien had two different /boot directories--one on a mounted partition, and one just lying around on the file system.
The mounted /boot doesn't keep itself mounted in the running filesystem (I vaguely recall I did this for security reasons, but who knows?), so the new OS's new kernel installed itself in /boot.
On reboot, of course, the old /boot partition was consulted, and the old (OOOOOOOOLD, two updates ago) kernel loaded.
countgeiger and I guessed at a fix--and failed. YOUR DATA IS SAFE. Just in an advanced state of inaccessibility, which will be remedied as soon as I spank grub a few times.
A risk I knew I was taking when doing a massive OS upgrade in place--and hey, it almost worked except for that pesky pesky kernel!
Meanwhile, once we have this back up and running, our thought is to whip 'round to the Apple store and pick up some replacement hardware that will be much quieter and more energy-efficient. My only concern is that going from two hard drives in a RAID-1 to one (even if I sit that one on top of an external HDD attached with firewire 800 and sync every hour or some such) will make it considerably less fault-tolerant, so I'm still thinking about it.
-- Lorrie
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2009-07-03 06:14 pm (UTC);)
no subject
Date: 2009-07-03 07:04 pm (UTC)no subject
Date: 2009-07-03 10:57 pm (UTC)Not a security fix - if the partition exists, anyone with root privileges can mount it.
If you're looking to make /boot unwritable, the best way to do this is to write boot to a CD-R or a DVD-D, and keep that mounted in the CD tray, configuring the kernel to boot off of this. I would also recommend adding something like /recovery to that disk, containing statically compiled filesystem and investigation utilities, which will help in the event of Pw0nage.
And....don't do this at work :-D LOLZ!!!!!
no subject
Date: 2009-07-04 12:42 am (UTC)And if I did that at work, I'd fire me, sheesh. 8-P
-- Lorrie