[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.

Welcome to the Slackware Documentation Project

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Next revisionBoth sides next revision
howtos:network_services:nfs_root [2018/05/28 21:33 (UTC)] – [Configuring LILO] bifferoshowtos:network_services:nfs_root [2018/05/28 22:04 (UTC)] bifferos
Line 90: Line 90:
   read-only   read-only
   append= "root=/dev/nfs ip=dhcp nfsroot=172.17.0.80:/nfs_share,v3 rw"</code>   append= "root=/dev/nfs ip=dhcp nfsroot=172.17.0.80:/nfs_share,v3 rw"</code>
 +
 +If you didn't want to use dhcp you'll now need to have a read of 
 +Documentation/filesystems/nfs/nfsroot.txt in the kernel sources to figure out the many options that you can 
 +include for ip= other than 'dhcp'.
  
 Obviously keep your default linux kernel in another image= section so you can switch between booting the nfsroot and the normal kernel to play around with this stuff. Obviously keep your default linux kernel in another image= section so you can switch between booting the nfsroot and the normal kernel to play around with this stuff.
Line 97: Line 101:
 The v3 seems to be really important in making anything at all happen on boot.  If that isn't set, no communication seems to occur. The v3 seems to be really important in making anything at all happen on boot.  If that isn't set, no communication seems to occur.
  
-The 'rw' is also important.  It prevents the fsck of the root fs. because root is NFS and can't be checked.  Slackware won't boot properly if we give 'ro' Instead of doing this you could optionally hack fsck out of the slackware startup scripts on your NFS root, however simply using 'rw' is quicker (albeit dirtier).+The 'rw' is also important.  It prevents the fsck of the root fs. because root is NFS and can't be checked.  Slackware won't boot properly if we give 'ro' Instead of using 'rw' you could optionally hack fsck out of the slackware startup scripts on your NFS root, however simply using 'rw' is quicker (albeit dirtier).
  
 With the kernel compilation finished, copy the kernel into the /boot directory and rename it: With the kernel compilation finished, copy the kernel into the /boot directory and rename it:
Line 103: Line 107:
 <code>cp /usr/src/linux/arch/x86/boot/bzImage /boot/vmlinuz-nfsroot</code> <code>cp /usr/src/linux/arch/x86/boot/bzImage /boot/vmlinuz-nfsroot</code>
  
-It may be elsewhere depending on your architecture.  +It may be created elsewhere depending on your architecture, e.g. x64, arm.
  
 Don't forget to run LILO: Don't forget to run LILO:
  
 <code># lilo</code> <code># lilo</code>
 +
 +==== First Boot ====
 +
 +The above is enough to get you a booting Slackware system, or should be.  There are some additional steps that you may wish to now do.
 +
 +=== Modules ===
 +
 +None of the modules have been installed, let's add them.  Shutting down the nfsroot system and booting back into the Slackware kernel compilation virtual machine we can now compile the missing modules.  First we will mount the rootfs, just as we did from the installer virtual machine:
 +
 +<code>mount -o rw,nolock slack-nfs-server:/nfs_share /mnt</code>
 +
 +Then we can compile and install the modules:
 +
 +<code># cd /usr/src/linux
 +# make modules
 +# make modules_install INSTALL_MOD_PATH=/mnt</code>
 +
 +For the last command, try to avoid adding a trailing slash to /mnt, and try not to forget the INSTALL_MOD_PATH, otherwise you've just clobbered your system modules.  If you gave your kernel a local suffix (e.g. -nfsroot) you'd have been protected against that.
 +
 +=== Swap on NFS ===
 +
 +You can create a swap file on your NFS share somewhere like this:
 +
 +<code># dd if=/dev/zero of=/nfs_share/swapfile bs=1024 count=64k</code>
 +
 +Then format it for swap:
 +
 +<code># mkswap /nfs_share/swapfile</code>
 +
 +Then on the client you associate a loopback device with the file:
 +
 +<code># losetup /dev/loop0 /swapfile</code>
 +
 +Then start using the loopback device for swap:
 +
 +<code># swapon /dev/loop0</code>
 +
 +Obviously you need to add the last two commands to /etc/rc.d/rc.local or another startup script to run on each boot.
 +
 +=== Locking down /etc/exports ===
 +
 +Assuming your thin client connects from a predictable address, now that we've installed the modules we can finally lock down access to only the thin client (/etc/exports on the server):
 +
 +<code>/nfs_share 172.17.0.81/32(rw,sync,no_root_squash,no_subtree_check)</code>
 +
 +And we presumably don't want all-and-sundry using our newly prepared rootfs directory, so drop it down a level and qualify it by IP address:
 +
 +<code># cd /
 +# mv nfs_share 172.17.0.81
 +# mkdir nfs_share
 +# mv 172.17.0.81 nfs_share</code>
 +
 +Now over on the client machine, having booted into the kernel compilation machine, configure lilo so nfsroot
 +requests the nfs share based on the client's IP address with '%s':
 +
 +<code>image=/boot/vmlinuz-nfsroot
 +  label = nfs
 +  read-only
 +  append= "root=/dev/nfs ip=dhcp nfsroot=172.17.0.80:/nfs_share/%s,v3 rw"</code>
 +
 +NFS Root is never going to be considered secure, but at least this makes cross-contamination of nfsroots less likely.
 +
 +
  
 ====== Sources ====== ====== Sources ======
 howtos:network_services:nfs_root ()