Project

General

Profile

Bug #4009

Selecting "Embedded" during install does not activate the serial console in a persistent way on amd64

Added by Jim Pingle over 3 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
High
Assignee:
-
Category:
Console Menu
Target version:
Start date:
11/14/2014
Due date:
% Done:

0%

Affected Version:
2.2
Affected Architecture:
amd64

Description

Selecting "Embedded" during install does not activate the serial console in a persistent way on amd64 now that there is no "embedded" kernel there.
If a config.xml is restored that does not include the tags to enable the serial port, the user is left with a broken console.

Easy to reproduce on APU:
  • Install to mSATA in an APU, choose Embedded
  • After install, once it boots, download a config backup
  • Remove "<enableserial/>" from the config backup
  • Restore the backup and wait for it to reboot
  • The unit will boot, but the console never produces a menu at the end of the boot process
  • "Bootup complete" is displayed but no menu

There is some code to force the serial console on ( enableserial_force ) but it may need some adjustment to work in this scenario.

Associated revisions

Revision 719db60e
Added by Ermal Luçi over 3 years ago

Ticket #4009 Force serial console whenever the installer told us so.

History

#1 Updated by Ermal Luçi over 3 years ago

Why is this the fault of pfSense?

#2 Updated by Jim Pingle over 3 years ago

It's a regression. In previous versions with the embedded kernel you could not stop the serial console from working since the kernel was built that way.

Now it's possible to completely break the console very easily. We should not allow the user to brick their device if we can help it.

#3 Updated by Chris Buechler over 3 years ago

  • Priority changed from Normal to High

This is important in that it'll be a support nightmare to put out a release that makes it this easy to break the console.

#4 Updated by Ermal Luçi over 3 years ago

Do you agree with this diff?

diff --git a/usr/local/www/diag_backup.php b/usr/local/www/diag_backup.php
index d71a3b2..5192c4a 100644
--- a/usr/local/www/diag_backup.php
+++ b/usr/local/www/diag_backup.php
@@ -411,6 +411,13 @@ if ($_POST) {
                                                                if(file_exists("{$g['tmp_path']}/config.cache"))
                                                                        unlink("{$g['tmp_path']}/config.cache");
                                                                $config = parse_config(true);
+                                                               if (file_exists("/boot/loader.conf")) {
+                                                                       $loaderconf = file_get_contents("/boot/loader.conf");
+                                                                       if (strpos($loaderconf, "comconsole")) {
+                                                                               $config['system']['enableserial'] = true;
+                                                                               write_config("Restore serial console enabling in configuration.");
+                                                                       }
+                                                               }
                                                                /* extract out rrd items, unset from $config when done */
                                                                if($config['rrddata']) {
                                                                        restore_rrddata();

#5 Updated by Chris Buechler over 3 years ago

Yeah that seems fine if it works, haven't tested it. Maybe JimP can think of a scenario where that doesn't work, but it seems reasonable.

#6 Updated by Jim Pingle over 3 years ago

Seems like that would still be possible to bypass in a few ways (like ACB). Relying on config.xml for what should be a property of the installed OS seems wrong. It should persist independent of the contents of config.xml

#7 Updated by Ermal Luçi over 3 years ago

I committed that part by accident.
Though i think returning a embedded kernel only for this is redundant no?

#8 Updated by Jim Pingle over 3 years ago

No need for an embedded kernel, maybe a flag file in /conf/ that is set/checked to signal that the serial console should always be enabled, similar to the enableserial_force that is there but file based not just in $g

#9 Updated by Ermal Luçi over 3 years ago

  • Status changed from Confirmed to Feedback

Hoepfully the latest commits with a file makes this final solution.

#10 Updated by Renato Botelho over 3 years ago

Worked fine on my tests, will leave it open to hear a 2nd opinion

#11 Updated by Jim Pingle over 3 years ago

  • Status changed from Feedback to Resolved

Works for me, too. I restored a problem config and it still has a console when it boots back up. Marking this as resolved.

#12 Updated by Chris Buechler over 3 years ago

yeah looks good

Also available in: Atom PDF