Re: question(feature request..?)

From: Uwe Dippel
Subject: Re: question(feature request..?)
Date: Sun, 23 May 2004 16:20:01 +0800
User-agent: Mozilla Thunderbird 0.5 (X11/20040306)

address@hidden wrote:

hello. i have come to play with grub a bit and i am really excited about
it. however, i wonder if there is any function for rebooting in case of
kernel panic and booting a different entry in the menu (something
similar to what lilo can do: boot once + reboot on panic..)


not being so familiar with lilo, this sounds phantastic (in all meanings of the word). It implies that the boot-loader doesn't cede control to the kernel; rather works like a shell around it; controlling its ups and downs. Earlier I was working on a concept of a 'standing-up' OS and so find this a welcome support: If a boot-loader, as a very small, simple and reliable program, keeps in overall control during kernel load; that is through an initrd, mount, etc. and could intervene at any moment of failure, we might want to keep it as an outer shell around that kernel forever. If that boot-loader can throw out the kernel during boot, why should it not be able to throw out the kernel after boot, whenever the system comes to a grinding halt; be it after two weeks of uptime ? You might argue that the admin can restart the system; or the system reboot automatically. Right, but at times this won't work; the admin be unavailable or the system got corrupted and reboots over and over. One could even envisage a rudimentary message passing from the dying kernel to the boot-loader to inform it that reboot won't work; another partition ought to be started or even that a re-install respectively replacing the current install with the latest good image is the thing to do. Then the boot-loader could automatically boot to another partition with another install (back-up install) or quite another partition that simply regenerates the main install / partitions from a good image. With this boot in turn passing a message to that boot-loader in case of successfully writing back the image and auto-finishes with /sbin/reboot or similar; getting the boot-loader to go back to running the by now repaired / reinstalled system. Or just boot to a live-CD set up to return basic functionality to a system while waiting for the repair. Think of a compromised webserver that comes back automatically from live-CD.

The point should be clear by now. Can the experts in here say something about the feasability of this; and if lilo is really so close to being a URM (Uptime Reference Monitor) ?

Then I could only hope for grub to catch up ... !

