This is the README for fallback-reboot version VERSION. ----- fallback-reboot is distributed under the terms of the FSF's GPL v2. For full licensing terms, see the file COPYING. ----- You can always find the latest version of fallback-reboot at http://dcs.nac.uci.edu/~strombrg/fallback-reboot ----- If you run it as root, say from an rc script, then it can be used as a last-resort remote-reboot facility. And I do mean last-resort; it doesn't even try to sync your disks, it just goes down hard and fast, on the assumption that you've already tried the good ways, and this is all that's left. ----- I've carefully set up the Makefile (augmented with a python script) to give you a random password, because I knew that if I distributed this package with a default password, some clown somewhere wouldn't bother to change the password and get into trouble. So there you go, you get a random, long password, but you can change it to something else if you want. I believe that using a hard-to-type random password is more effective at getting people to change a password, than giving them a password like "ChangeMe". ----- The program is at a lowish version number only because it hasn't been deployed anywhere that widely yet. ----- The program sits in the background, after doing an mlockall() to keep itself from being paged, and listening for connections on a compiled-in port number (3002 by default in the current incarnation, but I may look for a better port later), reads a password from that port, and if the password is correct, the program attempts a reboot -without- doing any sync()'s, or any other form of disk I/O. Yes, this means you could lose data, but then you already tried the orderly shutdown procedures, and they didn't work, right? ----- The preferred way to invoke it once a system gets pretty stuck, is to do something like the following: $ fallback-reboot-client remote.host.com Connected to cryptographic version of fallback-reboot Enter password: ----- However, the old way should mostly continue to work: telnet confused.host.com 3002 This is fallback-reboot version VERSION. Enter password: ----- BTW, if telnet (or fallback-reboot-client) just hangs instead of giving you a password prompt, the first thing to check is to see if you've neglected to punch a hole through your personal firewall (iptables, ipchains, whatever). ----- Server-side usage is like: #!/bin/sh /usr/local/sbin/fallback-reboot & ...I recommend putting this in /etc/rc3.d or rc5.d or whatever. You can often tell which runlevel you need, with "who -r". On Tru64, you may want to use my "daemon" program, like: /usr/local/sbin/daemon /usr/local/sbin/fallback-reboot & ...because at least -some- versions of Tru64 don't finish changing runlevels until all the programs started from the rc directory for that runlevel terminate - "daemon" gets around that. BTW, I -don't- recommend starting it like: /usr/local/sbin/fallback-reboot > /var/adm/fb.out 2>&1 ...or similar, because then you're getting back into disk I/O, which is a big part of what we're trying to avoid to gain accessibility/reliability. ----- I may someday do a getservbyname() for the port number, and possibly put the password in a file all by itself. ----- The current version works on Linux and Solaris. I may want to port it to AIX, IRIX and/or Tru64 as well later. ----- As far as linux versions go, I've built the program on Redhat 9, Redhat Enterprise Linux 3, Fedora Core 2 and Fedora Core 3, all with no errors despite compiling with -ansi -pedantic -Wall (a nice, high warning level). Also, I built it on Solaris 8 (again with no errors with the high warning level). As far as actually running it, I've only tried RHEL 3, FC3 and Solaris 9, where it appears to be working as intended. ----- If you disconnect after telnet'ing, but before entering a password, fallback-reboot will send some ominous looking errors to the TTY you started it from. Don't worry too much about them, as long as fallback-reboot keeps waiting around for the next authentication attempt. ----- fallback-reboot will attempt to confirm whether the reboot is working or not, but it may not be able to for obvious reasons. :) ping is your friend. BTW, if the machine isn't even pingable, you usually don't need to bother trying this program. ----- Naturally, when rolling out fallback-reboot, you need some sort of means of collecting the keys somewhere, so that you have them when you need them! :) We use srsh+gpg for this, but you could use ssh or scp or similar about as well. ----- Enjoy. ----- Dan Stromberg, Sun Aug 29 19:50:09 PDT 2004, strombrg@gmail.com, http://stromberg.dnsalias.org/~strombrg