Update diskless and templated booting examples

share/examples/diskless/209.157.86.12/README

@@ -8,13 +8,20 @@
     rc.conf.local by having it source ../HT.DISKLESS/rc.conf.local to get
     class-based defaults.
 
-total 6
-drwxr-xr-x  3 root  wheel  512 Jan 26 10:56 .
-drwxr-xr-x  7 root  wheel  512 Jan 26 10:58 ..
-drwxr-xr-x  2 root  wheel  512 Jan 26 10:56 CVS
-lrwxr-xr-x  1 root  wheel   17 Jan 25 10:26 kernel -> /kernel.diskless2
--rw-r--r--  1 root  wheel  146 Jan 25 01:21 rc.conf.local
-lrwxr-xr-x  1 root  wheel   23 Jan 25 10:26 rc.local -> ../HT.DISKLESS/rc.local
--rw-------  1 root  wheel  539 Jan 17 15:29 ssh_host_key
--rw-r--r--  1 root  wheel  343 Jan 17 15:29 ssh_host_key.pub
-lrwxr-xr-x  1 root  wheel   25 Jan 25 10:26 xdm-config -> ../HT.DISKLESS/xdm-config
+    Note: the ttys file below contains an example of how to have X startup
+    on boot.
+
+apollo:/conf/209.157.86.12# ls -la
+total 7
+drwxr-xr-x  2 root  wheel   512 Feb  9 00:27 .
+drwxr-xr-x  8 root  wheel   512 Feb  8 22:48 ..
+lrwxr-xr-x  1 root  wheel    20 Feb  8 22:04 fstab -> ../HT.DISKLESS/fstab
+lrwxr-xr-x  1 root  wheel    17 Jan 24 23:33 kernel -> /kernel.diskless2
+-rw-r--r--  1 root  wheel   133 Feb  8 22:04 rc.conf.local
+lrwxr-xr-x  1 root  wheel    23 Jan 25 00:41 rc.local -> ../HT.DISKLESS/rc.local
+-rw-------  1 root  wheel   539 Jan 17 15:29 ssh_host_key
+-rw-r--r--  1 root  wheel   343 Jan 17 15:29 ssh_host_key.pub
+lrwxr-xr-x  1 root  wheel    26 Feb  9 00:27 syslog.conf -> ../HT.DISKLESS/syslog.conf
+-rw-r--r--  1 root  wheel  1408 Feb  8 19:54 ttys
+lrwxr-xr-x  1 root  wheel    25 Jan 25 00:38 xdm-config -> ../HT.DISKLESS/xdm-config
+

share/examples/diskless/HT.DISKLESS/fstab

@@ -0,0 +1,5 @@
+# fstab for diskless machine.  Root is already mounted, as is swap.
+#
+209.157.86.2:/usr		/usr		nfs	ro 0 0
+209.157.86.2:/var		/var		nfs	ro 0 0
+proc                            /proc           procfs  rw 0 0

share/examples/diskless/HT.DISKLESS/rc.conf.local

@@ -5,7 +5,12 @@
 ldconfig_paths="$ldconfig_paths /usr/krb5/lib"
 ldconfig_paths_aout="$ldconfig_paths_aout /usr/krb5/lib/aout"
 
-syslogd_flags="-f /etc/syslog.diskless.conf"
+# Must do NFS mounts early
+# Must not attempt to mount root rw
+#
+early_nfs_mounts="YES"
+root_rw_mount="NO"
+
 inetd_enable="NO"
 portmap_enable="NO"
 router_enable="NO"
@@ -15,8 +20,8 @@ sendmail_enable="NO"
 # Enable additional services
 #
 
-lpd_enable="YES"
 nfs_client_enable="YES"
+lpd_enable="YES"
 ntpdate_enable="YES"
 ntpdate_flags="apollo.backplane.com"
 xntpd_enable="YES"
@@ -27,59 +32,3 @@ if [ -f /etc/ipfw.conf ]; then
     firewall_quiet="NO"
 fi
 
-
-# Add customizations to the diskless mount function
-#
-
-old_func=$diskless_mount_func
-diskless_mount_func=diskless_mount_user
-
-diskless_mount_user() {
-	$old_func
-
-	# Copy of ssh_host_key* files to where sshd
-	# expects them, assuming you add to /usr/local/etc/sshd_config:
-	#
-	#	HostKey /var/db/ssh_host_key
-	#
-
-	if [ -f $conf_dir/ssh_host_key ]; then
-		cp $conf_dir/ssh_host_key* /var/db
-	else
-		(cd /var/db; ssh-keygen -f ssh_host_key -P "")
-	fi
-	chmod 400 /var/db/ssh_host_key
-	chmod 644 /var/db/ssh_host_key.pub
-
-	# Copy home directory so you can login
-	#
-	#
-
-        mount_mfs -s 65536 -T qp120at dummy /home
-
-        if [ -d /home.diskless ]; then
-            cd /home.diskless
-            for i in *; do
-                if [ -f $i/home.tgz ]; then
-                    mkdir /home/$i
-                    chown $i /home/$i
-                    chmod 700 /home/$i
-                    (cd /home/$i; tar xvzpf /home.diskless/$i/home.tgz)
-                    homeok=1
-                fi
-            done
-        fi
-
-        if [ "$homeok" = "0" ]; then
-            echo "ERROR, NO /home.diskless DIRECTORY TO COPY TO /HOME"
-            homeok=0
-            sleep 10
-        fi
-
-	# Firewall helper - if we configure the firewall to let through
-	# ports > 4000, we need to configure the machines as such.
-	#
-
-	sysctl -w net.inet.ip.portrange.first=4000
-}
-

share/examples/diskless/HT.DISKLESS/rc.local

@@ -1,6 +1,17 @@
 #!/bin/sh
 
-. /etc/rc.conf
+if [ -f /etc/rc.conf ]; then
+    . /etc/rc.conf
+fi
+
+# Firewall helper - if we configure the firewall to let through
+# ports > 4000, we need to configure the machines as such.
+#
+
+sysctl -w net.inet.ip.portrange.first=4000
+
+# Setup spool
+#
 
 cat >> /var/spool/lpd/ljet4.ps << EOF
 #!/bin/sh
@@ -9,11 +20,58 @@ cat >> /var/spool/lpd/ljet4.ps << EOF
 gs -q -dSAFER -dNOPAUSE -sDEVICE=ljet4 -r600x600 -dBitsPerPixel=1 \
     -sOutputFile=- -
 EOF
+
 chmod 755 /var/spool/lpd/ljet4.ps
+
 mkdir /var/spool/ljet4
 chown daemon /var/spool/ljet4
 
-if [ "X$start_xdm" = "XYES" ]; then
-	( sleep 10; xdm -config $conf_dir/xdm-config ) > /dev/null 2>&1 &
+# Setup remote source
+#
+
+mount_mfs -s 600000 -T qp120at dummy /src
+mount apollo:/FreeBSD /FreeBSD
+mkdir /src/u3
+mkdir /src/u3/usr.obj
+
+# Copy of ssh_host_key* files to where sshd
+# expects them, assuming you add to /usr/local/etc/sshd_config:
+#
+#	HostKey /var/db/ssh_host_key
+#
+# Then restart sshd ( the /usr/local/etc/rc.d script installed by
+# the port probably failed due to the lack of host keys )
+
+if [ -f /conf/ME/ssh_host_key ]; then
+	cp /conf/ME/ssh_host_key* /var/db
+else
+	(cd /var/db; ssh-keygen -f ssh_host_key -P "")
+fi
+chmod 400 /var/db/ssh_host_key
+chmod 644 /var/db/ssh_host_key.pub
+/usr/local/sbin/sshd
+
+# Copy home directory so you can login
+#
+#
+
+mount_mfs -s 65536 -T qp120at dummy /home
+
+if [ -d /home.diskless ]; then
+    cd /home.diskless
+    for i in *; do
+	if [ -f $i/home.tgz ]; then
+	    mkdir /home/$i
+	    chown $i /home/$i
+	    chmod 700 /home/$i
+	    (cd /home/$i; tar xzpf /home.diskless/$i/home.tgz)
+	    homeok=1
+	fi
+    done
+fi
+
+if [ "${homeok:=0}" = "0" ]; then
+    echo "ERROR, NO /home.diskless DIRECTORY TO COPY TO /HOME"
+    sleep 10
 fi
 

share/examples/diskless/HT.DISKLESS/syslog.conf

@@ -0,0 +1,3 @@
+*.err;kern.debug;auth.notice;mail.crit;lpr.info	/dev/console
+*.err;kern.debug;auth.notice;mail.crit		root
+*.emerg						*

share/examples/diskless/HT.DISKLESS/ttys

@@ -0,0 +1,52 @@
+#
+#	@(#)ttys	5.1 (Berkeley) 4/17/89
+#
+# name	getty				type	status		comments
+#
+# This entry needed for asking password when init goes to single-user mode
+# If you want to be asked for password, change "secure" to "insecure" here
+console	none				unknown	off secure
+#
+ttyv0	"/usr/X11R6/bin/xdm -nodaemon -config /conf/209.157.86.6/xdm-config" cons25 on secure
+# Virtual terminals
+ttyv1	"/usr/libexec/getty Pc"		cons25	on secure
+ttyv2	"/usr/libexec/getty Pc"		cons25	on secure
+ttyv3	"/usr/libexec/getty Pc"		cons25	on secure
+# Serial terminals
+ttyd0	"/usr/libexec/getty std.9600"	unknown	off secure
+ttyd1	"/usr/libexec/getty std.9600"	unknown	off secure
+ttyd2	"/usr/libexec/getty std.9600"	unknown	off secure
+ttyd3	"/usr/libexec/getty std.9600"	unknown	off secure
+# Pseudo terminals
+ttyp0	none			network
+ttyp1	none			network
+ttyp2	none			network
+ttyp3	none			network
+ttyp4	none			network
+ttyp5	none			network
+ttyp6	none			network
+ttyp7	none			network
+ttyp8	none			network
+ttyp9	none			network
+ttypa	none			network
+ttypb	none			network
+ttypc	none			network
+ttypd	none			network
+ttype	none			network
+ttypf	none			network
+ttypg	none			network
+ttyph	none			network
+ttypi	none			network
+ttypj	none			network
+ttypk	none			network
+ttypl	none			network
+ttypm	none			network
+ttypn	none			network
+ttypo	none			network
+ttypp	none			network
+ttypq	none			network
+ttypr	none			network
+ttyps	none			network
+ttypt	none			network
+ttypu	none			network
+ttypv	none			network

share/examples/diskless/HT.STD/syslog.conf

@@ -0,0 +1,11 @@
+*.err;kern.debug;auth.notice;mail.crit		/dev/console
+# *.notice;kern.debug;lpr,auth.info;mail.crit	/var/log/messages
+*.debug;kern.debug;lpr,auth.info;mail.crit;news.crit	/var/log/messages
+mail.info					/var/log/maillog
+news.info					/var/log/news
+lpr.info					/var/log/lpd-errs
+cron.*						/var/log/cron
+#*.err						root
+#*.notice;auth.debug				root
+#*.alert						root
+*.emerg						*

share/examples/diskless/HT.STD/ttys

@@ -0,0 +1,52 @@
+#
+#	@(#)ttys	5.1 (Berkeley) 4/17/89
+#
+# name	getty				type	status		comments
+#
+# This entry needed for asking password when init goes to single-user mode
+# If you want to be asked for password, change "secure" to "insecure" here
+console	none				unknown	off secure
+#
+ttyv0	"/usr/libexec/getty Pc"		cons25	on  secure
+# Virtual terminals
+ttyv1	"/usr/libexec/getty Pc"		cons25	on secure
+ttyv2	"/usr/libexec/getty Pc"		cons25	on secure
+ttyv3	"/usr/libexec/getty Pc"		cons25	on secure
+# Serial terminals
+ttyd0	"/usr/libexec/getty std.9600"	unknown	off secure
+ttyd1	"/usr/libexec/getty std.9600"	unknown	off secure
+ttyd2	"/usr/libexec/getty std.9600"	unknown	off secure
+ttyd3	"/usr/libexec/getty std.9600"	unknown	off secure
+# Pseudo terminals
+ttyp0	none			network
+ttyp1	none			network
+ttyp2	none			network
+ttyp3	none			network
+ttyp4	none			network
+ttyp5	none			network
+ttyp6	none			network
+ttyp7	none			network
+ttyp8	none			network
+ttyp9	none			network
+ttypa	none			network
+ttypb	none			network
+ttypc	none			network
+ttypd	none			network
+ttype	none			network
+ttypf	none			network
+ttypg	none			network
+ttyph	none			network
+ttypi	none			network
+ttypj	none			network
+ttypk	none			network
+ttypl	none			network
+ttypm	none			network
+ttypn	none			network
+ttypo	none			network
+ttypp	none			network
+ttypq	none			network
+ttypr	none			network
+ttyps	none			network
+ttypt	none			network
+ttypu	none			network
+ttypv	none			network

share/examples/diskless/ME

@@ -1,18 +1,37 @@
 
-When templating, ME is typically a softlink to the appropriate host
-subdirectory.  This softlink is different for each machine and
-should not be updated by the template process.  Any system-wise configuration
-file that needs to be personalized is typically turned into a softlink
-through /conf/ME.  For example, /etc/rc.conf.local would be turned into a
-softlink pointing to /conf/ME/rc.conf.local.
+When templating, /conf/ME is typically a softlink to
+/conf/<appropriate-machine>.  When doing a diskless boot, /conf/ME is
+retargeted by /etc/rc.diskless1 from pointing to the server to pointing
+to the client's directory, /conf/<ip-address-of-client>.  The retargeting
+is accomplished through an MFS -o union mount.
 
-On any given machine, ME is typically a link to the hostname which also
-exists as a subdirectory in the /conf directory.  So, for each machine you
-do:
+When templating, this softlink should be different for each machine.
+When doing a diskless boot, this softlink is typically part of the / NFS
+mount from the server and points to the server's conf directory, but gets
+retargeted during the /etc/rc.diskless1 phase.
 
-	cd /conf
-	ln -s this_machines_name ME
+System-wide configuration files must generally be targeted through /conf/ME.
+For example, your /etc/rc.conf.local should become a softlink to
+/conf/ME/rc.conf.local and your real rc.conf.local should go into the 
+appropriate /conf/<appropriate-machine> directory.  This is also true of
+/etc/rc.local, /etc/fstab, /etc/syslog.conf, /etc/ccd.conf, /etc/ipfw.conf,
+/etc/motd, /etc/resolv.conf, and possibly even /etc/ttys ( if you want
+to start an X session up on boot on certain of your machines ).
+
+When templating, you duplicate your / and /usr partitions on each machine's
+local disk from a single master ( assuming /var and /home reside elsewhere ),
+EXCEPT for the /conf/ME softlink.  The /conf/ME softlink is the only thing
+on / that should be different for each machine.
+
+There are often categories of configuration files.  For example, all of your
+shell machines may use one resolv.conf while all of your mail proxies may
+use another.  Configuration files can be categorized fairly easily through
+/conf/HT.<category> directories.  You put the actual configuration file in
+/conf/HT.<category> and make a softlink from
+/conf/ME/<appropriate-machines>/config-file to "../HT.<category/config-file".
+This means that access to these files tends to run through more then one
+softlink.  The advantage is that for all the complexity of your /conf
+directory hierarchy, most of your common config files exist in only one place
+in reality.
 
-The ME link is not used with diskless booting.  It is designed for templating
-where each destination box has its own local disk.
 

share/examples/diskless/README.BOOTP

@@ -14,11 +14,10 @@
     to export read-only NFS partitions from the server, yet still be able to
     customize each workstation ( or not ).
 
-    The current /etc/rc.diskless file takes over the function of mounting 
-    'disks' and retargets rc.conf.local and rc.local from /etc
-    to /conf/$IP_OF_WORKSTATION.  The typical automatic configuration and
-    mounting of disks in /etc/rc is bypassed, but most if not all rc.conf
-    style options are left intact.
+    /etc/rc.diskless1 is responsible for doing core mounts and for retargeting
+    /conf/ME ( part of the read-only root NFS mount ) to /conf/$IP_OF_CLIENT.
+    /etc/rc.conf.local and /etc/rc.local, along with other machine-specific
+    configuration files, are typically softlinks to /conf/ME/<filename>.
 
     In the BOOTP workstation /conf/$IP/rc.conf.local, you must typically
     turn *OFF* most of the system option defaults in /etc/rc.conf as well
@@ -38,6 +37,13 @@
     syslogd and other programs.  This example is not designed to run out of
     the box and some modifications are required.
 
+    >> NOTE <<  HT.DISKLESS/ttys contains the typical configuration required
+    to bring X up at boot time.  Essentially, it runs xdm in the foreground
+    with the appropriate arguments rather then a getty on ttyv0.  You must
+    run xdm on ttyv0 in order to prevent xdm racing with getty on a virtual
+    terminal.  Such a race can cause your keyboard to be directed away from
+    the X session, essentially making the session unusable.
+
     Typically you should start with a clean slate by tar-copying this example
     directory to /conf and then hack on it in /conf rather then in 
     /usr/share/examples/diskless.

share/examples/diskless/README.TEMPLATING

@@ -148,6 +148,11 @@
     /conf/<full-host-name>/.  Depending on your system configuration, 
     there may be other files not listed above that you have to worry about.
 
+    In many cases, /conf/ME/filename is itself a softlink to 
+    "../HT.xxxx/filename", where HT.xxxx is something like HT.STD ... this
+    added complexity actually makes it easier to manage multiple
+    classifications of machines.
+
 				DELETION OF FILES
 
     Any file found on the template destination that does not exist in the

share/examples/diskless/archive.backplane.com/README

@@ -1,6 +1,6 @@
 
     aliases, forward.map, and ndomain.map are typically softlinks to some
-    other common directory such as HT.STD.
+    other common directory such as HT.STD.  Also syslog.conf and ttys.
 
     You can create machine classifications, which I call 'HT.XXX' directories,
     to hold common files for a particular functional machine class.
@@ -17,3 +17,5 @@ lrwxr-xr-x  1 root  wheel   21 Jan 25 10:27 forward.map -> ../HT.STD/forward.map
 lrwxr-xr-x  1 root  wheel   21 Jan 25 10:27 ndomain.map -> ../HT.STD/ndomain.map
 -rw-------  1 root  wheel  464 Jan 25 13:53 rc.conf.local
 -rw-r--r--  1 root  wheel  283 Jan 24 18:33 resolv.conf
+lrwxr-xr-x  1 root  wheel   21 Feb  9 01:09 syslog.conf -> ../HT.STD/syslog.conf
+lrwxr-xr-x  1 root  wheel   14 Feb  9 01:08 ttys -> ../HT.STD/ttys