# Mounting ISOs with mdconfig corrupts them



## jem (Mar 8, 2020)

I'm running a FreeBSD-12.1-RELEASE-r2 system as a ZFS file sever.  One of the things it does is serve the contents of various Linux DVD installation media to support kickstart in my home lab.  I was previously extracting the contents of the ISO files into ZFS datasets, but then decided to just mount the ISO files using mdconfig(8)+mount(8) and serve their mount points directly over HTTP.

Yesterday I noticed that some of the expected DVD content was missing from their mount directories.  Sub-directories that should have contained thousands of RPM files with names beginning from A-Z instead only contained a few hundred from A-C.  Further investigation revealed that the ISO files had the wrong checksums.  I assumed they got corrupted during download and re-downloaded them all, copied them back to my FreeBSD file server, verified the checksums to be correct, then mounted them again with mdconfig, whereupon they all immediately got corrupted again.

The first bunch of checksums in the following are all correct.


```
[root@filer /pool2/iso-images/Linux]# sha256 CentOS/CentOS-7-x86_64-DVD-1908.iso CentOS/CentOS-8.1.1911-x86_64-dvd1.iso \
RedHat/rhel-server-7.7-x86_64-dvd.iso RedHat/rhel-8.1-x86_64-dvd.iso
SHA256 (CentOS/CentOS-7-x86_64-DVD-1908.iso) = 9bba3da2876cb9fcf6c28fb636bcbd01832fe6d84cd7445fa58e44e569b3b4fe
SHA256 (CentOS/CentOS-8.1.1911-x86_64-dvd1.iso) = 3ee3f4ea1538e026fff763e2b284a6f20b259d91d1ad5688f5783a67d279423b
SHA256 (RedHat/rhel-server-7.7-x86_64-dvd.iso) = 88b42e934c24af65e78e09f0993e4dded128d74ec0af30b89b3cdc02ec48f028
SHA256 (RedHat/rhel-8.1-x86_64-dvd.iso) = 2323ad44d75df1a1e83048a34e196ddfedcd6c0f6c49ea59bf08095e3bb9ef65
```


```
[root@filer /pool2/iso-images/Linux]# grep mdconfig /etc/rc.conf
mdconfig_md0="-f /pool2/iso-images/Linux/CentOS/CentOS-7-x86_64-DVD-1908.iso"
mdconfig_md1="-f /pool2/iso-images/Linux/CentOS/CentOS-8.1.1911-x86_64-dvd1.iso"
mdconfig_md2="-f /pool2/iso-images/Linux/RedHat/rhel-server-7.7-x86_64-dvd.iso"
mdconfig_md3="-f /pool2/iso-images/Linux/RedHat/rhel-8.1-x86_64-dvd.iso"

[root@filer /pool2/iso-images/Linux]# grep "/dev/md" /etc/fstab
/dev/md0                /pool2/repo/centos/7.7.1908-dvd/        cd9660  ro,noauto       0       0
/dev/md1                /pool2/repo/centos/8.1.1911-dvd/        cd9660  ro,noauto       0       0
/dev/md2                /pool2/repo/redhat/7.7-dvd/             cd9660  ro,noauto       0       0
/dev/md3                /pool2/repo/redhat/8.1-dvd/             cd9660  ro,noauto       0       0
```


```
[root@filer /pool2/iso-images/Linux]# service mdconfig start
Creating md0 device (-f).
Mounting /dev/md0.
Creating md1 device (-f).
Mounting /dev/md1.
Creating md2 device (-f).
Mounting /dev/md2.
Creating md3 device (-f).
Mounting /dev/md3.

[root@filer /pool2/iso-images/Linux]# mdconfig -lv
md0     vnode    4448M  /pool2/iso-images/Linux/CentOS/CentOS-7-x86_64-DVD-1908.iso
md1     vnode    7205M  /pool2/iso-images/Linux/CentOS/CentOS-8.1.1911-x86_64-dvd1.iso
md2     vnode    4293M  /pool2/iso-images/Linux/RedHat/rhel-server-7.7-x86_64-dvd.iso
md3     vnode    7488M  /pool2/iso-images/Linux/RedHat/rhel-8.1-x86_64-dvd.iso

[root@filer /pool2/iso-images/Linux]# mount | grep "/dev/md"
/dev/md0 on /pool2/repo/centos/7.7.1908-dvd (cd9660, local, read-only)
/dev/md1 on /pool2/repo/centos/8.1.1911-dvd (cd9660, local, read-only)
/dev/md2 on /pool2/repo/redhat/7.7-dvd (cd9660, local, read-only)
/dev/md3 on /pool2/repo/redhat/8.1-dvd (cd9660, local, read-only)

[root@filer /pool2/iso-images/Linux]# service mdconfig stop
Umounting /dev/md0.
Destroying md0.
Umounting /dev/md1.
Destroying md1.
Umounting /dev/md2.
Destroying md2.
Umounting /dev/md3.
Destroying md3.
```


```
[root@filer /pool2/iso-images/Linux]# sha256 CentOS/CentOS-7-x86_64-DVD-1908.iso CentOS/CentOS-8.1.1911-x86_64-dvd1.iso \
RedHat/rhel-server-7.7-x86_64-dvd.iso RedHat/rhel-8.1-x86_64-dvd.iso
SHA256 (CentOS/CentOS-7-x86_64-DVD-1908.iso) = 6f0bad6bf75cf750471af4ab9c09faa48399fe9592b1cec384cea2a3ffc07ebc
SHA256 (CentOS/CentOS-8.1.1911-x86_64-dvd1.iso) = 2d0de16f15d26edecd8f9623d1fe89848c45c2cb15c2f42b560a6deadd70e6b3
SHA256 (RedHat/rhel-server-7.7-x86_64-dvd.iso) = 9f21e3391ada21f5bbb0ebe6e3aed2cc36036c6a072d3f68c3a945f9a5dd4785
SHA256 (RedHat/rhel-8.1-x86_64-dvd.iso) = 95703ee7b98feab21ac11e75fb0e4625779e2321661a8b9367e86d3bc3b96555
```

Does anyone know why this is happening?

I see that mdconfig(8) has a '-o readonly' option, but I've never seen this used in examples of how to mount an ISO on FreeBSD that I've found on the web.


----------



## Emrion (Mar 8, 2020)

I can't explain this behaviour, but I can reproduce it.

If I make & mount a md device "by hand", I mean without starting mdconfig as a service, the file remains unmodified. But if I run `service mdconfig start`, the iso file is actually changed. That being said, the iso disk does not seem damaged.

So, this is the script in /etc/rc.d/mdconfig that modifies the file. You can avoid that by adding "-o readonly" in your mdconfig_md* settings in /etc/rc.conf.


----------



## T-Daemon (Mar 8, 2020)

The creation of md devices and mounting ISO files can also be done in /etc/fstab,  ex.:

```
md0  /pool2/repo/centos/7.7.1908-dvd mfs ro,-P,-F/pool2/iso-images/Linux/CentOS/CentOS-7-x86_64-DVD-1908.iso,-Tcd9660  0 0
```
Info about the set options see mdmfs(8).


----------



## jem (Mar 8, 2020)

I added '-o readonly' but also removed all write permissions for the ISO files, after which `service mdconfig start` resulted in:


```
[root@filer /pool2/iso-images/Linux]# service mdconfig start
Creating md0 device (-f).
newfs: /dev/md0: failed to open disk for writing
Mounting /dev/md0.
```

It still created the md device and mounted it.

Not sure whether it was the extra option or the removal of write permissions that made the difference, but there's a clue there in the mention of 'newfs'.  Examining /etc/rc.d/mdconfig reveals that it does try to perform a newfs() command after creating the md device.  Perhaps that script just isn't suitable for simple read-only mounting of ISO images.


----------



## jem (Mar 8, 2020)

Thanks for pointing out that alternative method T-Daemon.  Works perfectly for my purposes.


----------



## Emrion (Mar 8, 2020)

jem said:


> I added '-o readonly' but also removed all write permissions for the ISO files, after which `service mdconfig start` resulted in:
> 
> 
> ```
> ...


I got the same. What's the problem? Since no one is supposed to write in a read only mount...


----------

