ref: b6a160edfb7683492504597fbd51e1e343e0cd2c
parent: 00946101e0f6e90156016e84aa6f0c1f44072dba
author: kvik <kvik@a-b.xyz>
date: Thu Dec 31 12:10:00 EST 2020
cpu-setup: delete FS listener setup
--- a/cpu-setup.md
+++ b/cpu-setup.md
@@ -31,67 +31,36 @@
/sys/lib/newuser
This will set up your home directory.
+
+4. Setting up the CPU listener
-4. Setting up the FS listener
-
- This step is OPTIONAL. If you don't plan to set up
- TCP/TLS or PXE booting it is fine to skip it for now.
-
- For `cwfs(4)` to start a network listener it must be told to
- to so in the command line used to start it. This can be done
- through the `plan9.ini`.
-
- First we'll need to mount the `9fat` partition. If you aren't doing
- this from the console, i.e. you've done step 1., then you'll have
- to make sure you are mounting and modifying the target machine's
- `plan9.ini`, and not the one belonging to your terminal. We can do
- this by binding correct devices and being explicit with the `9fs`
- command:
-
- ; bind -b '#S' /dev
- ; 9fs 9fat /dev/sdF0/9fat
-
- You may now edit `/n/9fat/plan9.ini`.
-
- Modify the `bootargs=` parameter as follows, or use the equivalent
- `nobootprompt=` parameter to avoid the need for manual intervention
- during the boot. The latter is highly recommended.
-
- nobootprompt=local!/dev/sdF0/fscache -a tcp!*!564
-
- This tells `cwfs(4)` to start a listener on port 564.
-
- By default the file server doesn't require authentication, this
- is so that local mounting can work without an auth server. However,
- with the previous step we've exposed the file server to the network
- which means anyone could mount it just by guessing an existing user.
- To prevent this we'll tell the file server to authenticate remote
- clients. This is done on the file server console by toggling the
- `noauth` command. Make sure you get `auth enabled` message.
-
- ; con -C /srv/cwfs.cmd
- noauth
- auth enabled
-
-5. Setting up the CPU listener
-
For CPU listener to get started at boot time it is enough to set
the `service=` parameter in `plan9.ini`:
service=cpu
-6. Setting up hands-free booting
+5. Setting up hands-free booting
- In step 4. we've set up the `nobootprompt=` parameter, which makes
- sure the root file system is mounted automatically at boot.
- In this step we'll set up hostowner credentials, the user name and
- password, so as to avoid the need for manual intervention on the
- system console.
+ While booting the system will prompt for several parameters
+ like the disk partition to mount, user name and password, and
+ possibly some others.
+ This is an issue for CPU servers which usually boot in the dark,
+ with no one present at the console to confirm the defaults.
+ We want to specify and confirm these parameters up front instead.
- The auth credentials must be stored in the system NVRAM, which
- is usually a small disk partition on PC systems. We can
- write to it with the `auth/wrkey(8)`.
+ First, we want to skip the `bootargs` prompt asking us to select
+ the partition to boot from. This is done by changing the `plan9.ini`
+ key `bootargs=` to `nobootprompt=`; the value stays the same.
+ bootargs=local!/dev/sdF0/fscache
+ # change to...
+ nobootprompt=local!/dev/sdF0/fscache
+
+ Next we'll store the hostowner authentication credentials. These
+ must be stored in the so-called NVRAM, which is just a small disk
+ partition on PC systems. We can write to it with the `auth/wrkey(8)`
+ command.
+
**NOTE** Make very sure to enter correct information when prompted.
It is very common for people to mistype their password, or specify
a wrong authentication domain, or even username, which will cause
@@ -114,7 +83,7 @@
secstore key: <press enter to skip>
password: <type your password>
-7. Setting up the AUTH server
+6. Setting up the AUTH server
We are almost done and ready to reboot, but almost nothing set
up above will work before an authentication server is running.
@@ -171,7 +140,7 @@
hostid=kvik
uid=!sys uid=!adm uid=*
-8. Reboot
+7. Reboot
fshalt -r