Egbert-Jan Holleman, juli 2002
Location of this document:
http://www.dnd.utwente.nl/js/old-ej/Javastation-Installation-mini-Howto.sdw
This mini-howto is intended for people who are new to setting up a server-environment for a diskless workstation. It describes the necessary steps and some caveats that came to my mind while installing my first JS myself.
In this howto, some choices have been made on how to approach things. That doesn't mean it's the only way. For example, it is possible to use the flash rom for storing a root filesystem. Feel free to experiment!
If your JS contains a flash-rom, you have two options:
a) leave it in the JS and jumper 1-2 on jumperblock J1300 , press ctr-alt-brk during booting and type 'boot net' at the prompt that you will get.
b) remove it from the JS and it will automatically netboot.
First of all you need to hook it up to a UTP-network. When connecting it directly to a nic in a computer, make sure that you use a crosscable. Speed-negociation can work fine between the Javastation and the computer. If not, try forcing the computers nic to 100Mbit half duplex. We assume here that the nic in the computer has ip-number 192.168.1.1.
Now you need to think of a hostname and ip-number for the JS. The IP should preferrably be somewhere within a backend range, for example 192.168.2.1. Add the hostname and ip-number to /etc/hosts.
As you might know, there's needed some place on your computer to store the kernel-image (and other things) that the JS needsat boottime, and eventually you will need a directory for storing a root filesystem for the JS and things like an Xserver. You can define some place like /tftpboot for the kernel-image and /export/Krups for the file-system. If you want to use swap, make an /export/swaps.
Note: all the directories mentioned above are included in the filesystem that is mentioned below.
Maybe you want your javastation to run a kernel as recent as possible. But compiling a kernel for a different architecture than the one you are compiling on involves a lot of hassle and you don't want that. (The Javastation has a Sparc32 architecture.) It's much easier to use a pre-compiled kernel that is somewhat out of date and compile your own very recent kernel later on the Javastation itself.
Place a kernel-image in /tftpboot
A precompiled kernel-image can be found here: http://www.dnd.utwente.nl/js/vmlinux-2.4.18-cvs.aout
On the JS, the linux kernel can only be loaded on the JS if it is called by a utility called Proll. Place the Proll-binary in /tftpboot.
A proll image can be obtained here: http://people.redhat.com/zaitcev/linux/proll.krups.ID16
In order to load the Proll-binary, there should be made a symlink to the Proll-binary and the nam of it must be the ip-number that the JS is assigned in hexadecimal notation. So if the JS is assigned the ip 192.168.2.1, there should be made a symlink called C0A80201 to the Proll-binary.
Proll will look for the kernel-image that has the name of the ip-number in hexadecimal notation, followed by a dot and then 'PROLL'. So if the JS is assigned the ip 192.168.2.1, there should be made a symlink called C0A80201.PROLL to the kernel-image. Also there should be a symlink from the ip (in decimal notation) of the JS to the path for the root filesystem, something like 192.168.2.1 -> /export/Krups.
Finally, things should look like this:
lrwxrwxrwx 1 root root 13 Jul 18 23:33 192.168.2.1 -> /export/Krups
lrwxrwxrwx 1 root root 18 Jul 18 23:33 C0A80201 -> ./proll.krups.ID16
lrwxrwxrwx 1 root root 25 Jul 18 23:33 C0A80201.PROL -> ./vmlinux-2.4.18-cvs.aout
-rw-r--r-- 1 root root 89932 Jul 17 21:59 proll.krups.ID16
-rw-r--r-- 1 root root 1901312 Jul 17 21:57 vmlinux-2.4.18-cvs.aout
Before you begin: It is very important to secure all the services that you install so that they are not accessible from the public internet. Not doing so is like bending over and waiting for someone to fuck you in the arse. A way that often works is using /etc/hosts.allow and /hosts.deny. See appendix A for an example.
Unfortunately not all applications are run using tcpd and thus they can't be secured using this mechanism. You will need firewall-rules for this. (All services that are run as a daemon, for example xdm/gdm and xfs, aren't run from tcpd)
The JS needs to learn it's ip-number using the bootp-protocol. Nowadays, dhcp-servers often support bootp-request as well. The dhcp-daemon needs the MAC-address of the JS; it can be obtained by just switching on the JS.
Install a dhcp-daemon on your computer and make sure /etc/dhcpd.conf looks like this:
deny unknown-clients;
subnet 192.168.0.0 netmask 255.255.0.0
{
max-lease-time 3600;
default-lease-time 3600;
}
group {
host Koffiekopje {
hardware ethernet 08:00:20:94:e1:de;
filename "C0A80201";
fixed-address Koffiekopje;
option root-path "/export/Krups";
}
}
Thus the JS will be assigned the ip that you specified in /etc/hosts and it will be made to load the Proll-binary. Always make sure the dhcp-daemon does not answer dhcp-request from the internet, people can get really mad if this would happen!
The JS will want to download the given Proll-binary and the kernel-image using the tftp protocol. You need to have a tftp-daemon installed and it must be set up to serve files from the path where the Proll-binary resides. Most installations of tftpd default to serving from /tftpboot.
In order to mount a root-filesystem there should be running a nfs-server on the server and an entry like this in /etc/exports:
/export/Krups 192.168.2.1(rw,no_root_squash)
When you are editing this file anyway, you may add:
/usr/src/kernel-source-2.4.18 192.168.2.1(rw,no_root_squash)
For the JS to be able to swap, you need to setup a network block device server and have a swapfile. A swapfile is already provided in the filesystem image mentioned below, but you need to modify the name of the swapfile in /export/swaps/ to contain the ip-number that you assigned to the JS. Install a nbd-server and configure it, /etc/nbd-server should look like this:
NBD_PORT[0]=26
NBD_FILE[0]=/export/swaps/swp%s
You can make a 64MB swapfile yourself by doing:
dd if=/dev/zero of=/export/fs/swp192.168.2.1 bs=1024 count=65536
It is assumed here that you have a working installation of Xfree86 on your server. To use JS as an xterminal, modify the configuration file of your display-manager. For Gnome Display Manager (gdm), edit /etc/gdm/gdm.conf:
[xdmcp]
Enable=true
For xdm, add the hostname to /etc/X11/xdm/Xaccess and comment out a line in /etc/X11/xdm/xdm-config:
! DisplayManager.requestPort: 0
In either case, edit the configuration file of the fontserver, /usr/X11R6/lib/X11/fs/config, and comment out a line:
# no-listen = tcp
In order to have access to the internet directly from your JS, you need to setup IP Masquerading on your server. Debian Linux has a special package for this, called ipmasq.
If you want to use a timeserver, for synchronizing the clock of the JS during booting, you will need connection to the internet (or have a ntpd on your server).
When using your JS only as an Xterminal, you don't need to setup IP Masquerading, since all applications are running on the server.
Download a filesystem image, unpack it and place in /export/Krups.
A filesystem image can be obtained at: http://www.dnd.utwente.nl/js/js_filesystem_debian_woody_pw_changeme.tar.bz2
Now edit the following files to suit your needs:
/etc/network/interfaces/
/etc/nbd-client
/etc/fstab
/etc/hostname
/etc/hosts
/etc/resolv.conf
/etc/default/ntp-servers
/etc/init.d/xterminal
Now you should be ready to boot your JS. Success! If it doesn't boot after displaying the Java-logo and an exclamation mark in triangle is shown, there's something wrong with your utp-cable or the dhcp setup.
To modify the configuration of the software on the JS, switch to the console and log in. The default root password of your JS is 'changeme' if you used the above mentioned filesystem.
The Linux distribution that is in the filesystem is Debian. In order to fine-tune the xserver that runs on the JS, enter on the console:
dpkg-reconfigure xserver-xfree86
In this howto it has been assumed that you mounted the kernel-source that is on your server. For compiling a kernel for your JS, make sure you have a backup of the kernelconfig (.config) of your server and enter on the console of the JS:
cp /boot/config-2.4.18-cvs /usr/src/linux/.config
Now goto /usr/src/linux and enter:
make mrproper
Some modifications need to be made to the kernel source-tree. For information on this, see: http://www.dnd.utwente.nl/~jasper/javastation/
Now you are ready to configure your kernel as you were used to do on your server. Remember to do a make mrproper again before starting kernel-configuration on your server.
Example of /etc/hosts.allow:
portmap: 192.168.
rpc.statd: 192.168.
rpc.lockd: 192.168.
rpc.mountd: 192.168.
in.tftpd: 192.168.
nbd-server: 192.168.
gdm: 192.168.
Example of /etc/hosts.deny:
ALL: PARANOID
rpc.mountd: ALL
rpc.lockd: ALL
rpc.statd: ALL
portmap: ALL
in.tftpd: ALL
nbd-server: ALL
gdm: ALL
Many thanks to all the people from Datanet Drienerlo (http://www.dnd.utwente.nl) who helped me in finding out things about the boot process of the javastation. Also I could not have done without the help of the real javastation-howto. It can be found at: http://www.tldp.org/HOWTO/JavaStation-HOWTO/index.html. Also the diskless-howto has been of use: http://www.tldp.org/HOWTO/Diskless-HOWTO.html.
Also Bas van Sisseren is working on some nice documentation, see http://tsd.student.utwente.nl/cgi-bin/cvsweb/js-howto/
The filesystem mentioned above is based on a filesystem that was donated by Jorik Jonker (oxonium@nattekip.nl)
Last but not least, the whole usage of Linux on the javastation would probably not have been possible without the work of Pete Zaitcev. See his website: http://people.redhat.com/zaitcev/linux/