shithub: docs.9front.org

--- a/cpu-setup.md

+++ b/cpu-setup.md

@@ -31,67 +31,36 @@

 	/sys/lib/newuser

    This will set up your home directory.

+4. Setting up the CPU listener

-4. Setting up the FS listener

-   This step is OPTIONAL.  If you don't plan to set up

-   TCP/TLS or PXE booting it is fine to skip it for now.

-   For `cwfs(4)` to start a network listener it must be told to

-   to so in the command line used to start it.  This can be done

-   through the `plan9.ini`.

-   First we'll need to mount the `9fat` partition. If you aren't doing

-   this from the console, i.e. you've done step 1., then you'll have

-   to make sure you are mounting and modifying the target machine's

-   `plan9.ini`, and not the one belonging to your terminal.  We can do

-   this by binding correct devices and being explicit with the `9fs`

-   command:

-	; bind -b '#S' /dev

-	; 9fs 9fat /dev/sdF0/9fat

-   You may now edit `/n/9fat/plan9.ini`.

-   Modify the `bootargs=` parameter as follows, or use the equivalent

-   `nobootprompt=` parameter to avoid the need for manual intervention

-   during the boot. The latter is highly recommended.

-	nobootprompt=local!/dev/sdF0/fscache -a tcp!*!564

-   This tells `cwfs(4)` to start a listener on port 564.

-   By default the file server doesn't require authentication, this

-   is so that local mounting can work without an auth server. However,

-   with the previous step we've exposed the file server to the network

-   which means anyone could mount it just by guessing an existing user.

-   To prevent this we'll tell the file server to authenticate remote

-   clients. This is done on the file server console by toggling the

-   `noauth` command.  Make sure you get `auth enabled` message.

-	; con -C /srv/cwfs.cmd

-	noauth

-	auth enabled

-5. Setting up the CPU listener

    For CPU listener to get started at boot time it is enough to set

    the `service=` parameter in `plan9.ini`:

 	service=cpu

-6. Setting up hands-free booting

+5. Setting up hands-free booting

-   In step 4. we've set up the `nobootprompt=` parameter, which makes

-   sure the root file system is mounted automatically at boot.

-   In this step we'll set up hostowner credentials, the user name and

-   password, so as to avoid the need for manual intervention on the

-   system console.

+   While booting the system will prompt for several parameters

+   like the disk partition to mount, user name and password, and

+   possibly some others.

+   This is an issue for CPU servers which usually boot in the dark,

+   with no one present at the console to confirm the defaults.

+   We want to specify and confirm these parameters up front instead.

-   The auth credentials must be stored in the system NVRAM, which

-   is usually a small disk partition on PC systems.  We can

-   write to it with the `auth/wrkey(8)`.

+   First, we want to skip the `bootargs` prompt asking us to select

+   the partition to boot from.  This is done by changing the `plan9.ini`

+   key `bootargs=` to `nobootprompt=`; the value stays the same.

+	bootargs=local!/dev/sdF0/fscache

+	# change to...

+	nobootprompt=local!/dev/sdF0/fscache

+   Next we'll store the hostowner authentication credentials. These

+   must be stored in the so-called NVRAM, which is just a small disk

+   partition on PC systems.  We can write to it with the `auth/wrkey(8)`

+   command.

    **NOTE** Make very sure to enter correct information when prompted.

    It is very common for people to mistype their password, or specify

    a wrong authentication domain, or even username, which will cause

@@ -114,7 +83,7 @@

 	secstore key: <press enter to skip>

 	password: <type your password>

-7. Setting up the AUTH server

+6. Setting up the AUTH server

    We are almost done and ready to reboot, but almost nothing set

    up above will work before an authentication server is running.

@@ -171,7 +140,7 @@

 	hostid=kvik

 		uid=!sys uid=!adm uid=*

-8. Reboot

+7. Reboot

 	fshalt -r