Loader.conf.local deleted on restart

Yhalen

I need to delay the start of pfsense for a bit to let my cable modem connect fully first after a power outage

I am running 2.4.3 and have add the line autoboot_delay="60" to a new file /boot/loader.conf.local
I have also try editing the autoboot setting in /boot/loader.conf
(I know you don't need to edit loader.conf as well as loader.conf.local)

Setting works ok but after a system reboot /boot/loader.conf.local will be deleted and /boot/load.conf will also get reset to the default 3 I have also noticed that if you change some settings in the webGUI loader.conf.local will be deleted and load.conf will also get reset to the default (enabling SSH is one setting that caused this)

How do I get this setting to stick?

I have been editing files on the console or in SSH not in the webGUI

I have also tried this on two different systems and both are giving the same results.

Any help would be appreciated

Thanks

Derelict

Yeah it doesn't do that. Something else is happening.

loader.conf.local is never written except perhaps on first installation from a memstick/iso.

loader.conf is fair game to the system for doing whatever it wants with.

loader.conf.local will override the autoboot_delay that might be present in loader.conf.

Yhalen

After trying out a few tests i have found that version 2.4.3 and 2.4.4 are removing the line  autoboot_delay="60"  from the loader.conf.local file and if that is the only line in the file the file is deleted, if there are other lines the file is not deleted the but autoboot line will be removed.

Version 2.4.2 do not remove the autoboot line

Is this a bug?

Is there another setting I can use to delay startup?

Derelict

It is not removing it here.

There does seem to be a FreeBSD display issue (the system appears hung here for 50 seconds then the count resumes and it boots after 60 seconds as instructed.)

So no, I don't see a bug. What kind of system are you running? nanobsd? 32-bit? 64-bit? CE? ADI? VGA? Factory hardware?

But /boot/loader.conf.local remains unmolested as expected.


Yhalen

Running 2.4.3 AMD 64-bit fresh install (i have only been using pfsense for 3 days)

System is a i3 7100u VGA on ZFS instated off memory stick

I also noticed the display is stuck at 9 sec for the first 50 but it still works.

only problem I experiencing is after reboot , the count down will work that 1 reboot but next time I check the loader file the auto delay line will be removed and will be back to just 3 seconds again on next reboot.

Derelict

Not doing that here.

bkraptor

This got broken with this commit. That change is insidious as it could prevent admins from getting their console to work for their specific hardware setup. I was not aware that pfSense touches /boot/loader.conf.local as I always assumed I was the one controlling that file, as is commonly expected.

kpa

That is not good. The loader.conf.local file should never be touched by the firmware (the PfSense OS) no matter how good the intentions for doing so are. Validation of the file and notification of errors would be ok but silent modifications are definitely not.

chbmb

I can confirm I'm seeing loader.conf.local being deleted after a reboot on the current stable release of pfSense. Here's my shell output.

EDIT: Running on x64 hardware with a VGA install from USB.

chbmb@thinkpad ~ $ ssh admin@192.168.0.1
Password for admin@pfSense.localdomain:
....pfSense - Netgate Device ID: xxxxxxxxxxxxxxxxxxxx

*** Welcome to pfSense 2.4.3-RELEASE-p1 (amd64) on pfSense ***

 WAN (wan)       -> pppoe0     -> v4/PPPoE: xxx.xxx.xxx.xxx/xx
 LAN (lan)       -> em1        -> v4: 192.168.0.1/24
 GUEST (opt1)    -> em1.10     -> v4: 192.168.10.1/24
 VM (opt2)       -> em1.20     -> v4: 192.168.20.1/24

 0) Logout (SSH only)                  9) pfTop
 1) Assign Interfaces                 10) Filter Logs
 2) Set interface(s) IP address       11) Restart webConfigurator
 3) Reset webConfigurator password    12) PHP shell + pfSense tools
 4) Reset to factory defaults         13) Update from console
 5) Reboot system                     14) Disable Secure Shell (sshd)
 6) Halt system                       15) Restore recent configuration
 7) Ping host                         16) Restart PHP-FPM
 8) Shell

Enter an option: 8

[2.4.3-RELEASE][admin@pfSense.localdomain]/root: dmesg | grep console
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: dmesg | grep uart
uart2: <16550 or compatible> port 0x2e0-0x2e7 irq 7 on acpi0
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: echo comconsole_port="0x2e0" > /boot/loader.conf.local
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: ls -la /boot/loader*
-r-xr-xr-x  1 root  wheel  311296 May 10 20:06 /boot/loader
-r--r--r--  1 root  wheel    7127 May 10 20:06 /boot/loader.4th
-rw-r--r--  1 root  wheel     159 Jun  4 00:19 /boot/loader.conf
-r-xr-xr-x  1 root  wheel  402432 May 10 20:06 /boot/loader.efi
-r--r--r--  1 root  wheel   14766 May 10 20:06 /boot/loader.help
-rw-r--r--  1 root  wheel      22 Jun  4 00:19 /boot/loader.conf.local
-r--r--r--  1 root  wheel     350 May 10 20:06 /boot/loader.rc
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: reboot

chbmb@thinkpad ~ $ ssh admin@192.168.0.1
Password for admin@pfSense.localdomain:
....pfSense - Netgate Device ID: xxxxxxxxxxxxxxxxxxxx

*** Welcome to pfSense 2.4.3-RELEASE-p1 (amd64) on pfSense ***

 WAN (wan)       -> pppoe0     -> v4/PPPoE: xxx.xxx.xxx.xxx/xx
 LAN (lan)       -> em1        -> v4: 192.168.0.1/24
 GUEST (opt1)    -> em1.10     -> v4: 192.168.10.1/24
 VM (opt2)       -> em1.20     -> v4: 192.168.20.1/24

 0) Logout (SSH only)                  9) pfTop
 1) Assign Interfaces                 10) Filter Logs
 2) Set interface(s) IP address       11) Restart webConfigurator
 3) Reset webConfigurator password    12) PHP shell + pfSense tools
 4) Reset to factory defaults         13) Update from console
 5) Reboot system                     14) Disable Secure Shell (sshd)
 6) Halt system                       15) Restore recent configuration
 7) Ping host                         16) Restart PHP-FPM
 8) Shell

Enter an option: 8

[2.4.3-RELEASE][admin@pfSense.localdomain]/root: dmesg | grep console
uart2: console (115200,n,8,1)
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: ls -la /boot/loader*
-r-xr-xr-x  1 root  wheel  311296 May 10 20:06 /boot/loader
-r--r--r--  1 root  wheel    7127 May 10 20:06 /boot/loader.4th
-rw-r--r--  1 root  wheel     159 Jun  4 00:26 /boot/loader.conf
-r-xr-xr-x  1 root  wheel  402432 May 10 20:06 /boot/loader.efi
-r--r--r--  1 root  wheel   14766 May 10 20:06 /boot/loader.help
-r--r--r--  1 root  wheel     350 May 10 20:06 /boot/loader.rc

chbmb

As a workaround I've set the system immutable flag, which preserves loader.conf.local across reboots.

chflags schg /boot/loader.conf.local

Turn it off with:

chflags noschg /boot/loader.conf.local

stephenw10

Curious. I'm not seeing that here. The file is touched, that timestamp matches the reboot, but the contents are the same.

Steve

chbmb

@stephenw10 said in Loader.conf.local deleted on restart:

Curious. I'm not seeing that here. The file is touched, that timestamp matches the reboot, but the contents are the same.

Steve

Yeah, I see that @Derelict couldn't reproduce it either, mine is a completely fresh install of 2.4.3 and the only package I've installed is Telegraf, so I'm at a loss to explain it as well.

Happy to try troubleshooting if anyone can think of anything.

stephenw10

Try putting something else in the file, something not ever specified in loader.conf. I used:

legal.intel_ipw.license_ack=1
legal.intel_iwi.license_ack=1

Steve

chbmb

@stephenw10 said in Loader.conf.local deleted on restart:

Try putting something else in the file, something not ever specified in loader.conf. I used:

legal.intel_ipw.license_ack=1
legal.intel_iwi.license_ack=1

Steve

Interestingly, when I did that the file was persistent.

[2.4.3-RELEASE][admin@pfSense.localdomain]/root: ls -la /boot/loader*
-r-xr-xr-x  1 root  wheel  311296 May 10 20:06 /boot/loader
-r--r--r--  1 root  wheel    7127 May 10 20:06 /boot/loader.4th
-rw-r--r--  1 root  wheel     159 Jun  5 18:41 /boot/loader.conf
-rw-r--r--  1 root  wheel      30 Jun  7 21:30 /boot/loader.conf.local
-r-xr-xr-x  1 root  wheel  402432 May 10 20:06 /boot/loader.efi
-r--r--r--  1 root  wheel   14766 May 10 20:06 /boot/loader.help
-r--r--r--  1 root  wheel     350 May 10 20:06 /boot/loader.rc
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: cat /boot/loader.conf.local
legal.intel_ipw.license_ack=1
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: reboot
Connection to 192.168.0.1 closed by remote host.
Connection to 192.168.0.1 closed.
chbmb@thinkpad ~ $ ssh admin@192.168.0.1
Password for admin@pfSense.localdomain:
pfSense - Netgate Device ID: xxxxxxxxxxxxxxxxxxxx

*** Welcome to pfSense 2.4.3-RELEASE-p1 (amd64) on pfSense ***

 WAN (wan)       -> pppoe0     -> v4/PPPoE: xxx.xxx.xxx.xxx/32
 LAN (lan)       -> em1        -> v4: 192.168.0.1/24
 GUEST (opt1)    -> em1.10     -> v4: 192.168.10.1/24
 VM (opt2)       -> em1.20     -> v4: 192.168.20.1/24

 0) Logout (SSH only)                  9) pfTop
 1) Assign Interfaces                 10) Filter Logs
 2) Set interface(s) IP address       11) Restart webConfigurator
 3) Reset webConfigurator password    12) PHP shell + pfSense tools
 4) Reset to factory defaults         13) Update from console
 5) Reboot system                     14) Disable Secure Shell (sshd)
 6) Halt system                       15) Restore recent configuration
 7) Ping host                         16) Restart PHP-FPM
 8) Shell

Enter an option: 8

[2.4.3-RELEASE][admin@pfSense.localdomain]/root: ls -la /boot/loader*
-r-xr-xr-x  1 root  wheel  311296 May 10 20:06 /boot/loader
-r--r--r--  1 root  wheel    7127 May 10 20:06 /boot/loader.4th
-rw-r--r--  1 root  wheel     159 Jun  7 21:33 /boot/loader.conf
-rw-r--r--  1 root  wheel      30 Jun  7 21:33 /boot/loader.conf.local
-r-xr-xr-x  1 root  wheel  402432 May 10 20:06 /boot/loader.efi
-r--r--r--  1 root  wheel   14766 May 10 20:06 /boot/loader.help
-r--r--r--  1 root  wheel     350 May 10 20:06 /boot/loader.rc

chbmb

And then, once again, when I make my changes the file is deleted on reboot. However the changes are picked up as evidenced by dmesg | grep console at the beginning and end of the below output. However that is not the case on subsequent reboots,

[2.4.3-RELEASE][admin@pfSense.localdomain]/root: dmesg | grep console
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: rm /boot/loader.conf.local 
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: ls -la /boot/loader*
-r-xr-xr-x  1 root  wheel  311296 May 10 20:06 /boot/loader
-r--r--r--  1 root  wheel    7127 May 10 20:06 /boot/loader.4th
-rw-r--r--  1 root  wheel     159 Jun  7 21:33 /boot/loader.conf
-r-xr-xr-x  1 root  wheel  402432 May 10 20:06 /boot/loader.efi
-r--r--r--  1 root  wheel   14766 May 10 20:06 /boot/loader.help
-r--r--r--  1 root  wheel     350 May 10 20:06 /boot/loader.rc
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: echo comconsole_port="0x2e0" > /boot/loader.conf.local
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: ls -la /boot/loader*
-r-xr-xr-x  1 root  wheel  311296 May 10 20:06 /boot/loader
-r--r--r--  1 root  wheel    7127 May 10 20:06 /boot/loader.4th
-rw-r--r--  1 root  wheel     159 Jun  7 21:33 /boot/loader.conf
-rw-r--r--  1 root  wheel      22 Jun  7 21:37 /boot/loader.conf.local
-r-xr-xr-x  1 root  wheel  402432 May 10 20:06 /boot/loader.efi
-r--r--r--  1 root  wheel   14766 May 10 20:06 /boot/loader.help
-r--r--r--  1 root  wheel     350 May 10 20:06 /boot/loader.rc
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: reboot
Connection to 192.168.0.1 closed by remote host.
Connection to 192.168.0.1 closed.
chbmb@thinkpad ~ $ ssh admin@192.168.0.1
Password for admin@pfSense.localdomain:
....pfSense - Netgate Device ID: xxxxxxxxxxxxxxxxx

*** Welcome to pfSense 2.4.3-RELEASE-p1 (amd64) on pfSense ***

 WAN (wan)       -> pppoe0     -> v4/PPPoE: xxx.xxx.xxx.xxx/32
 LAN (lan)       -> em1        -> v4: 192.168.0.1/24
 GUEST (opt1)    -> em1.10     -> v4: 192.168.10.1/24
 VM (opt2)       -> em1.20     -> v4: 192.168.20.1/24

 0) Logout (SSH only)                  9) pfTop
 1) Assign Interfaces                 10) Filter Logs
 2) Set interface(s) IP address       11) Restart webConfigurator
 3) Reset webConfigurator password    12) PHP shell + pfSense tools
 4) Reset to factory defaults         13) Update from console
 5) Reboot system                     14) Disable Secure Shell (sshd)
 6) Halt system                       15) Restore recent configuration
 7) Ping host                         16) Restart PHP-FPM
 8) Shell

Enter an option: 8

[2.4.3-RELEASE][admin@pfSense.localdomain]/root: ls -la /boot/loader*
-r-xr-xr-x  1 root  wheel  311296 May 10 20:06 /boot/loader
-r--r--r--  1 root  wheel    7127 May 10 20:06 /boot/loader.4th
-rw-r--r--  1 root  wheel     159 Jun  7 21:38 /boot/loader.conf
-r-xr-xr-x  1 root  wheel  402432 May 10 20:06 /boot/loader.efi
-r--r--r--  1 root  wheel   14766 May 10 20:06 /boot/loader.help
-r--r--r--  1 root  wheel     350 May 10 20:06 /boot/loader.rc
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: dmesg | grep console
uart2: console (115200,n,8,1)

stephenw10

Hmm, odd.
What if you add the license line first and keep the comconsole line in addition?

Steve

stephenw10

I have one box with a very similar line that has no issues but it's running 2.3.5:

[2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: cat /boot/loader.conf.local
comconsole_port="0x2F8"
legal.intel_wpi.license_ack=1
legal.intel_ipw.license_ack=1
legal.intel_iwi.license_ack=1

[2.3.5-RELEASE][admin@xtm8.stevew.lan]/root: ls -la /boot/loader*
-r-xr-xr-x  1 root  wheel  262144 May 10 21:07 /boot/loader
-r--r--r--  1 root  wheel    6747 May 10 21:07 /boot/loader.4th
-rw-r--r--  1 root  wheel     133 Jun 10 17:49 /boot/loader.conf
-rw-r--r--  1 root  wheel     113 Sep 21  2017 /boot/loader.conf.local
-r-xr-xr-x  1 root  wheel  393724 May 10 21:07 /boot/loader.efi
-r--r--r--  1 root  wheel   14766 May 10 21:07 /boot/loader.help
-r--r--r--  1 root  wheel     350 May 10 21:07 /boot/loader.rc

Interesting that it does not get touched at boot.....

Steve

chbmb

Interesting.

So editing the /boot/loader.conf.local to give this

[2.4.3-RELEASE][admin@pfSense.localdomain]/root: cat /boot/loader.conf.local
legal.intel_wpi.license_ack=1
legal.intel_ipw.license_ack=1
legal.intel_iwi.license_ack=1
comconsole_port=0x2e0

Then after a reboot

[2.4.3-RELEASE][admin@pfSense.localdomain]/root: ls -la /boot/loader*
-r-xr-xr-x  1 root  wheel  311296 May 10 21:06 /boot/loader
-r--r--r--  1 root  wheel    7127 May 10 21:06 /boot/loader.4th
-rw-r--r--  1 root  wheel     159 Jun 11 20:06 /boot/loader.conf
-rw-r--r--  1 root  wheel      90 Jun 11 20:06 /boot/loader.conf.local
-r-xr-xr-x  1 root  wheel  402432 May 10 21:06 /boot/loader.efi
-r--r--r--  1 root  wheel   14766 May 10 21:06 /boot/loader.help
-r--r--r--  1 root  wheel     350 May 10 21:06 /boot/loader.rc
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: cat /boot/loader.conf.local
legal.intel_wpi.license_ack=1
legal.intel_ipw.license_ack=1
legal.intel_iwi.license_ack=1

So it's removing the comconsole_port=0x2e0 entry, which if there is nothing else in the file, results in it being deleted.

stephenw10

Do you have a comconsole_port setting in loader.conf that might be conflicting?

What hardware are you running on that requires this change? I wonder if it's being recognised incorrectly.

Steve

chbmb

No comconsole_port setting in loader.conf

[2.4.3-RELEASE][admin@pfSense.localdomain]/root: cat /boot/loader.conf
kern.cam.boot_delay=10000
boot_multicons="YES"
boot_serial="YES"
console="comconsole,vidconsole"
comconsole_speed="115200"
autoboot_delay="3"
hw.usb.no_pf="1"

Running on an i5 SBC which has multiple serial ports, but disabled all of them in BIOS except the one I'm using.