network/ssh should depend on fs-minimal instead of fs-local
The ssh.xml manifest currently has a dependency on fs-local. If there's an issue with a non-critical mountpoint on boot, this will cause ssh to drop into maintenance and prevent remote access. If the dependency is changed to fs-minimal though, as long as critical mountpoints are there ssh will start allowing someone to log into the box and fix fs-local.
Diff for the service manifest:
--- ssh.xml.orig Fri Jul 22 15:50:43 2016 +++ ssh.xml Fri Jul 22 15:51:14 2016 @@ -42,12 +42,12 @@ <single_instance /> - <dependency name='fs-local' + <dependency name='fs-minimal' grouping='require_all' restart_on='none' type='service'> <service_fmri - value='svc:/system/filesystem/local' /> + value='svc:/system/filesystem/minimal' /> </dependency> <dependency name='fs-autofs'
Updated by Colin Roche-Dutch about 4 years ago
This also stops bad /etc/vfstab entries from breaking ssh on boot.
root:/export/home# mountall mount: /tmp is already mounted or swap is busy mount: Nonexistent mount point: /export/home/fake root:/export/home# zfs mount -a cannot mount '/export/home/testdir': directory is not empty maintenance 16:21:56 svc:/system/filesystem/local:default online 16:21:56 svc:/network/ssh:default online 16:21:53 svc:/system/filesystem/minimal:default
We initially ran into this issue when a user's home directory failed to mount due to a bad configuration. On a reboot zfs failed to mount the directory, which caused ssh to not start, and we couldn't access the box. Coincidentally IPMI also decided to break when we launched the remote console so it led to a pretty interesting situation.