Digital Ocean FreeBSD Users: HEADS UP!
The Market Ticker - Commentary on The Capital Markets
Logging in or registering will improve your experience here
Main Navigation
Sarah's Resources You Should See
Full-Text Search & Archives

Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions.


The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.

Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be sent unmodified to lawmakers via print or electronic means or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media, to republish full articles, or for any commercial use (which includes any site where advertising is displayed.)

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.

2018-01-13 19:33 by Karl Denninger
in Flash , 101 references Ignore this thread
Digital Ocean FreeBSD Users: HEADS UP!
[Comments enabled]

Just a quick and important note if you have FreeBSD servers spun up on Digital Ocean.

Go in there right now, snapshot each and every one of them, and make sure you can create a droplet from the snapshot that comes up correctly -- including most-particularly with the correct new IP address for the new droplet and that it can be "seen" from the Internet at large.

I have identified a problem that occurs under certain conditions.  Be warned that if you get bit by this your backups using their facility, which use the snapshot mechanism as well, are very nearly worthless as they will only boot once, and not correctly at that.  The second time you attempt to boot it, if you reset the droplet, you will not be able to get root at all as the failure appears to damage some part of the authentication system that sudo relies on during the first boot and as a result sudo will segfault.

This has been reported to them and I am NOT going to go into details here at this time although I have a very good idea what is causing it.  I do not know if this also impacts Linux droplets but given what I've been able to determine thus far it may.  I discovered the problem yesterday evening while doing testing in advance of a software update planned for today.

Do not power down or reset a droplet that you cannot successfully snapshot and clone, or which you have not yet tested, until I'm sure this is safe.

It may not be.

Contact me offline if you get screwed and do not reset a screwed server; the first time it is recoverable, at least far enough to get your data off or the box back online.  I do not know if it's recoverable in its entirety yet if it happens to you; I'm working on that.

Update 1/13 23:56 - I know what the problem is and it's recoverable without DO's intervention.  It stemmed from a security audit update that you may have (read that: should have!) performed -- if you did, you're in trouble if you have to reboot or restore your droplet.  Let me know if you need to know how to mitigate this but whatever you do, if it does NOT come up normally, do not reset it again as you will lose access to sudo and be hosed!

Go to responses (registration required to post)
User: Not logged on
Login Register Top Blog Top Blog Topics FAQ
User Info Digital Ocean FreeBSD Users: HEADS UP! in forum [Market-Ticker]
Posts: 188
Incept: 2013-02-13

Report This As A Bad Post Add To Your Ignored User List
Does this mean we now know which cloud provider Hawaii was using?
Login Register Top Blog Top Blog Topics FAQ