Table of Contents
Build the system to boot fromPrepare the host system
Configure the client system
gPXE: When BIOS does not support LAN boot
Configure the client system
Read rc.initdiskless to better understand the boot process.
Chroot to the client system first:
# chroot /share/lanboot/FreeBSD-9.0
Initialize the installation:
# cd / # ln -s usr/home # mkdir -p /conf/base/etc # echo "15M" > /conf/base/etc/md_size # echo "/etc" > /conf/base/etc/diskless_remount # echo 'autoboot_delay="3"' > /boot/loader.conf
Create default /etc/fstab (remove sec=krb5i if you haven't setup the Kerberized NFS):
# Device Mountpoint FStype Options Dump Pass# 192.168.10.1:/share/lanboot/FreeBSD-9.0 / nfs ro 0 0 192.168.10.1:/share /share nfs ro 0 0 coffin.lan:/usr/home /usr/home nfs rw,late,sec=krb5i 0 0 /dev/cd0 /media/cdrom cd9660 ro,noauto 0 0 /dev/da0s1 /media/flash msdosfs rw,sync,noauto,longnames,-Lru_RU.UTF-8 0 0 proc /proc procfs rw 0 0
Note that I use hostname for sec=krb5i filesystem (this is required). Root filesystem must be specified by an ip address as name resolution won't work that early.
# mkdir /media/cdrom /media/flash /share /usr/home
Set timezone:
# ln -s /usr/share/zoneinfo/Europe/Kiev /etc/localtime
Enable NTP daemon on the host. Create clients configuration (/etc/ntp.conf) by commenting out present server's and adding:
server coffin.lan
Add to /etc/rc.conf:
# Allow running programs from /usr/local/[s]bin export PATH=/root/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin # This fixes ntpd, had to list all possible interfaces # of all the clients ifconfig_re0_ipv6="inet6 auto_linklocal" ifconfig_nfe0_ipv6="inet6 auto_linklocal" # Enable NTP ntpd_enable="YES" ntpd_sync_on_start="YES" # Enable SSH sshd_enable="YES"
Edit /etc/ssh/sshd_config:
PermitRootLogin yes
Enable other daemons you might need on the clients.
Invent a separate root's password for client systems because anyone can mount the NFS share with master.passwd and try to pick the password.
# passwd root
Add your users now or better yet use my Secure Unix LAN howto to setup central user management and secure access to server's /usr/home NFS share from clients.