[sclug] Fsck after an unexpected shutdown

Alex Butcher lug at assursys.co.uk
Thu Apr 6 17:19:51 UTC 2006 

On Thu, 6 Apr 2006, Sapan Ganguly wrote:

> I have an ext3 filesystem, if my machine is powered off unexpectedly the
> next time it boots up it asks me if I want to do an fsck, shouldn't
> journalling negate the need for this?

Usually, yes.

> I read somewhere that if you do hit 'Y' for an fsck and you have a
> journalled filesystem you may risk screwing things up.

This is what <http://www.brunolinux.com/04-The_File_System/Auto_Fsck.html>
says:

"In case of a hard-reset, init messages indicate the computer was not shut
down cleanly, and a message appear :"Press Y within 5 seconds to force the
file system check "Actually this is very misleading : if you do it with
ext3, it does NOT use the journal and then you will experience system
losses. Lots of newbies have reported that problem. Now that would be nice
to change this message so that people leave the journalisation do the good
work. --Eric"

This came as a surprise to me, as I try to remember to hit the Y key when I
know I've shut a machine down uncleanly, hoping to force the most paranoid
checking. I've never (knowingly) lost any data, and I'm quite particular.

> Is that true?

Looking at e2fsck(8), we have:

"E2fsck also supports ext2 filesystems containing a journal, which are
also  sometimes known as ext3 filesystems, by first applying the jour-
nal to the filesystem before continuing with normal e2fsck processing."

This appears to mean that e2fsck_run_ext3_journal() is called.

and

"After  the  journal  has  been  applied, a filesystem will normally be
marked as clean."

Reading rc.sysinit, hitting the 'Y' key appends '-f' to fsck's options.
According to the fsck manpage, -f:

"-f     Force checking even if the file system seems clean."

Looking at the source for e2fsprogs-1.38 as supplied with FC3, this sets the
E2F_OPT_FORCE bit in the internal options flag, which appears to force a
check, via check_if_skip() called from unix.c/main() AFTER the calls to
e2fsck_check_ext3_journal and e2fsck_run_ext3_journal() from unix.c/main().
The only reasons the journal recovery gets skipped is if a) fsck is doing a
read-only check, or b) if it detects the journal has been run twice (due to
bogus hardware or device driver)

Therefore, I'm of the opinion that Eric's comment on the brunolinux.com
article is incorrect, and has always been incorrect. From the Changelog:

"2001-12-21  Theodore Tso  <tytso at mit.edu>

[...]
         * e2fsck.h (E2F_OPT_FORCE), unix.c (PRS, check_if_skip): Use a
                 bitfield in the e2fsck context flags word to indicate
                 whether or not a check should be forced.  This allows the
                 journal code to set the option if necessary to force a
                 filesystem check."

Sure enough, e2fsck_check_ext3_journal can set E2F_OPT_FORCE, just like the
-f switch.

> Thanks,
> Sapan

HTH,
Alex.
-- 
Alex Butcher      Brainbench MVP for Internet Security: www.brainbench.com
Bristol, UK                      Need reliable and secure network systems?
PGP/GnuPG ID:0x5010dbff                         <http://www.assursys.com/>

More information about the Sclug mailing list