Please check the status of this specification in Launchpad before editing it. If it is Approved, contact the Assignee or another knowledgeable person before making changes.
Launchpad Entry: boot-login-with-full-filesystem
See also: FullFilesystemSanityGutsy
Packages affected: sysvinit
Summary
This specification is about making boot and login work when the disk runs out of free space.
In this spec we cover only the most basic kind of fix, to allow the user to be sure to be able to log in and delete some files. The user may need to reboot afterwards. See FullFilesystemSanityGutsy for a fuller approach which we will also pursue.
Rationale
At the moment the desktop session doesn't start when there is no free space on the disk and let the user without any easy way to fix his system.
Use Cases
- Michael just installed some new applications, ran out of disk space and didn't notice. The next login will warn him about the problem and let him to make some space. If Michael reboots first, the machine will still boot and let him log in.
Scope
The Ubuntu distribution. We will aim to make the system work well enough for a user to be able to log in and delete files using the normal graphical file manager. We will aim to allow the user to use USB removeable storage media even if their actual disk is full, so that they can move files offline.
Examples of problems we consider out of scope for this spec:
- The user may not be able to run firefox to get help.
- Other applications may not run properly.
- The user might fill up swap, eg by filling a tmpfs with junk; this is fixable with a reboot.
- It is possible that some parts of the system or of the user's session will come up in a suboptimal state if the disk was full; this is fixable by making space and then rebooting.
- The user might not know how to find out which files are using lots of space (and therefore which to consider deleting).
- The disk might be filled by a different installation writing to the installation in question's filesystem; which means that the at-shutdown deletions do not help. (If this is the user's use case, they can make space using the same method as when they filled the disk.)
Testing results
At UDS Seville, we did some tests. The current system is remarkably robust. We were able to boot and found only the following two problems:
- If even the reserved blocks are used on all relevant partitions, gdm cannot write an authority file and login is not possible. gdm already has a fallback feature to write the authority file to a different location, but the currently set alternative location can also be full.
- The session script attempts to create .gconfd, which can fail. This is only a problem if a user logs in for the first time with a full disk (and then the user's desktop session will not come up properly).
With an ad-hoc solution to the authority file problem, a test system was able to boot properly and the user was able to log in and delete files. A warning notification about low disk space was already displayed but had suboptimal wording and could do with some polish.
After the changes below are implemented we will proceed with FullFilesystemSanityGutsy.
Implementation
To address the problems properly:
- At boot time, check whether /tmp has at least 1Mby free. (This should be done after filesystems are mounted and after /tmp has been cleaned.)
- If not, mount a 1Mby tmpfs over /tmp.
- Display a better dialog on login explaining that the user needs to free some space and then restart the system. Currently gdm displays a warning after login (before starting gnome-session) when there is no space available to write .dmrc. The dialog mentions that configuration changes can't be stored due to lack of space. We will change the text to mention to the user than he needs to make some space and log again.
Release note
- Arrangements are now made to ensure that even if the disk is full, the system is functional enough for the user to boot, log in, and be able to view and delete files.
Demo plan
- install (with a single filesystem) and log in and check that all is well
- copy some of the example documents into the new user's desktop or home directory
- sudo dd if=/dev/zero of=/waste-space
- log out or reboot
- log in, observe the warning message appears properly, and view and move some of the example documents to a removeable USB stick
- if the system is wanted for some other purpose, sudo rm /waste-space and reboot