[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
howtos:network_services:nfs_root [2018/05/28 21:10 (UTC)] – created bifferos | howtos:network_services:nfs_root [2018/05/28 22:21 (UTC)] (current) – [First Boot] bifferos | ||
---|---|---|---|
Line 50: | Line 50: | ||
==== Creating the kernel ==== | ==== Creating the kernel ==== | ||
- | The full huge kernel that comes with Slackware is close to providing everything we need, but we still need to recompile it. I'd recommend doing the compilation on a 32-bit virtual machine if you are targeting a 32-bit thin client, or 64-bit if your thin client is 64-bit. | + | The full huge kernel that comes with Slackware |
< | < | ||
Line 56: | Line 56: | ||
# make menuconfig</ | # make menuconfig</ | ||
- | Configuration order is important, as selecting certain options makes others available: | + | Configuration order is important, as selecting certain options makes others available. First off we will need a network driver compiled into the kernel for the NIC we're going to use. For VirtualBox the default NIC is PCnet32, an lspci will probably tell you yours: |
- | Device Drivers -> Network Device Support -> Ethernet driver support -> AMD PCnet32 PCI support <*> | + | < |
- | Networking support -> Networking options -> IP: kernel level autoconfiguration [*] | + | |
- | IP: DHCP support [*] | + | |
- | File Systems -> Network File systems -> Root file system on NFS [*] | + | |
- | Save the configuration and them do a: | + | Make sure this is compiled into the kernel (e.g. hitting ' |
- | < | + | [OPTIONAL] We also need to tell the kernel which IP address to use, which can be set statically, but DHCP is much easier, so generally you will want to include these options: |
+ | |||
+ | < | ||
+ | IP: DHCP support [*]</ | ||
+ | |||
+ | Finally, we absolutely need the support for Root FS on NFS: | ||
+ | |||
+ | < | ||
+ | |||
+ | [OPTIONAL] It's pretty useful to append a local version to this kernel release. | ||
+ | |||
+ | < | ||
+ | |||
+ | Save the configuration and then do a: | ||
+ | |||
+ | < | ||
While that build is running, it's time to configure LILO. | While that build is running, it's time to configure LILO. | ||
Line 72: | Line 84: | ||
==== Configuring LILO ==== | ==== Configuring LILO ==== | ||
- | Let's call the kernel / | + | Let's call the kernel / |
- | Add a section to the lilo.conf file: | + | |
- | < | + | < |
label = nfs | label = nfs | ||
read-only | read-only | ||
append= " | append= " | ||
- | (substitute your nfsroot | + | If you didn't want to use dhcp you'll now need to have a read of |
+ | Documentation/ | ||
+ | include | ||
Obviously keep your default linux kernel in another image= section so you can switch between booting the nfsroot and the normal kernel to play around with this stuff. | Obviously keep your default linux kernel in another image= section so you can switch between booting the nfsroot and the normal kernel to play around with this stuff. | ||
- | You cannot specify a normal root = entry in this section because | + | You cannot specify a normal root= entry in this section because |
The v3 seems to be really important in making anything at all happen on boot. If that isn't set, no communication seems to occur. | The v3 seems to be really important in making anything at all happen on boot. If that isn't set, no communication seems to occur. | ||
- | The ' | + | The ' |
+ | |||
+ | With the kernel compilation finished, copy the kernel into the /boot directory and rename it: | ||
+ | |||
+ | < | ||
+ | |||
+ | It may be created elsewhere than arch/x86 depending on your architecture, | ||
+ | |||
+ | Don't forget to run LILO: | ||
+ | |||
+ | < | ||
+ | |||
+ | ==== First Boot ==== | ||
+ | |||
+ | The above is enough to get you a booting Slackware system, or should be. There are some additional steps that you may wish to now do. | ||
+ | |||
+ | === Modules === | ||
+ | |||
+ | None of the modules have been installed, let's add them. Shutting down the nfsroot system and booting back into the Slackware kernel compilation virtual machine we can now compile the missing modules. | ||
+ | |||
+ | < | ||
+ | |||
+ | Then we can compile and install the modules: | ||
+ | |||
+ | < | ||
+ | # make modules | ||
+ | # make modules_install INSTALL_MOD_PATH=/ | ||
+ | |||
+ | For the last command, avoid adding a trailing slash to /mnt/tmp, and try not to forget the INSTALL_MOD_PATH, | ||
+ | |||
+ | === Swap on NFS === | ||
+ | |||
+ | You can create a swap file on your NFS share somewhere like this: | ||
+ | |||
+ | < | ||
+ | |||
+ | Then format it for swap: | ||
+ | |||
+ | < | ||
+ | |||
+ | Then on the client you associate a loopback device with the file: | ||
+ | |||
+ | < | ||
+ | |||
+ | Then start using the loopback device for swap: | ||
+ | |||
+ | < | ||
+ | |||
+ | Obviously you need to add the last two commands to / | ||
+ | |||
+ | === Locking down / | ||
+ | |||
+ | Assuming your thin client connects from a predictable address, now that we've installed the modules we can finally lock down access to only the thin client (/ | ||
+ | |||
+ | < | ||
+ | |||
+ | And we presumably don't want all-and-sundry using our newly prepared rootfs directory, so drop it down a level and qualify it by IP address (on the server): | ||
+ | |||
+ | < | ||
+ | # mv nfs_share 172.17.0.81 | ||
+ | # mkdir nfs_share | ||
+ | # mv 172.17.0.81 nfs_share</ | ||
+ | |||
+ | Now over on the client machine, configure LILO so nfsroot | ||
+ | requests the nfs share based on the client' | ||
+ | |||
+ | < | ||
+ | label = nfs | ||
+ | read-only | ||
+ | append= " | ||
+ | |||
+ | NFS Root is never going to be considered secure, but at least this makes cross-contamination of nfsroots less likely. | ||
+ | Note that I am using dhcp in the above example, but I've added an entry to / | ||