[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Diskless boot NFS server image



Christian Leutloff wrote:
>IMHO the easiest way would be todo automatic configuration with answer
>files (or a similar way to provide the necessary informations) - and
>this would be useful for non-diskless clients to ;-) - some time ago
>there has been discussion about this topic. I think that there has
>been a proposal, too. But I don't know that anyone is working on this
>issue.

There are two issues here, which one do you mean?

1. Automatic entering of configuration for each group and host (ie the
prompts my program asks). These can all be supplied by command line
parameters. There are also the prompts "do you want to replace file x?",
it will be interesting to see how an unattended version of dpkg copes
with these...

The only problem I see with this is that the questions asked don't
yet cover all the issues required (eg most sites probably do not want
nfs-server to be loaded, but it is). What set of prompts should I have?
I don't want to have to many, but I don't want to have to few either.
Currently I have:

Master directory?
NFS exported home directory?
NFS server?
Password (encrypted)?
Nameserver?
DNS Domain?
Use NIS (yes/no)?
Use DEVFS for /dev (yes/no)?
Enable shadow passwords on clients (yes/no)?
Enable xdm on clients (yes/no)?

(I haven't tested all of these options; one of them "devfs" isn't
supported by current versions of the kernel).

-------------------------
Some sites may not want /home to be mounted from anywhere, maybe
I should support a magic value, "none" for this.
-------------------------
Asking the user for an encypted password seems silly, but does
mean that the current value can be kept simply by pushing
enter.
-------------------------
Eventually, I probably should an options:

Read only /etc and /var filesystem?
Allow local (non-xdm) logins?

Setting the first option to yes would place restrictions on what you
could use the computer for, ie remote X logins. A better solution might
be to somehow copy /var into /tmp at startup and use it. If anyone broke
into a computer then, it would be simply a matter of rebooting to fix
any problems that may have been caused. This would wipe /tmp clean, the
only writable parition.

-------------------------
Maybe that last option should somehow ask if you want X to be run with
the "-query", "-broadcast", or "-indirect" options, ie connect to an
existing xdm server, eg:

Enable X on clients (xdm/query/broadcast/indirect/none)? query
XDMCP Server? 

-------------------------
Also: maybe that another option could be added for something like:

Servers to start (none/min/max)?

none: no servers;
min: would only start servers like sshd, telnet, and ftp;
max: all servers that won't conflict (ie no dhcp server), but would
     allow nfs-server, apache, no squid (seems pointless).

-------------------------
IS THERE ANYTHING I HAVE MISSED?


2. Then there is the issue that some files need to be configured
automatically by executing a program. So far I don't have a excellent
solution to this, and an excellent solution may not even be required
because of the minimal number of programs that I have identified
that have to be configured by running a program (eg ssh). There
is a work around for the ssh problem: Setup a private key in
/var/lib/diskless/template/host/etc/ssh/..., and it will be copied to
all clients.

The biggest problem I have recently identified are files in:
/usr/lib/diskless/template/etc/init.d, eg nis. These files must be
different to the copy on masterdir, but how do I keep them at the same
version as the one on masterdir? In changing from hamm to slink, nis has
completely changed the machanism to allow finding the NIS server via
broadcasts, and the older version of the script will not work with the
newer version of the program or vice-versa.

I have the newest version, diskless_0.1.2_all.deb,
available at http://snoopy.apana.org.au/~ftp/linux/
it corrects some bugs in the earlier versions.

Brian May <bam@snoopy.apana.org.au>


Reply to: