From: "Frank D. Engel, Jr." <fde101@fjrhome.net>
To: 9fans@9fans.net
Subject: Re: [9fans] Newbie Question
Date: Wed, 18 Dec 2019 19:50:47 -0500 [thread overview]
Message-ID: <71403bd2-a7ae-5a9f-da2e-e421c63a2f0c@fjrhome.net> (raw)
In-Reply-To: <1eb563f8-905f-0274-9e70-b5629845d422@fjrhome.net>
I figured this one out... I had missed adding the "-a tcp!*!564" option
on the file server bootargs.
Now it is working!
On 12/18/19 6:57 PM, Frank D. Engel, Jr. wrote:
> ok, I seem to have run into another one.
>
> I now have the file server booting as a cpu server with authentication
> enabled, and am trying to net boot another host from there.
>
> I have dhcpd and tftpd running on the file server; my /cfg/pxe/default
> looks like this:
>
>
> bootfile=/386/9pc
>
> bootargs=tls
>
> auth=192.168.81.12
>
> fs=192.168.81.10
>
> mouseport=ps2intellimouse
>
> monitor=vesa
>
> vgasize=1440x900x32
>
> *acpi=1
>
>
> The entry in /lib/ndb/local is (with "..." being the actual MAC address):
>
>
> sys=thinker ether=... ip=192.168.81.20
>
> dom=thinker.9cluster
>
> bootf=/386/9bootpxe
>
>
>
> The "thinker" system is starting the plan9 kernel over the network (it
> has no local disk); I get prompted for a user account and for now am
> just using "glenda". I enter the password I set for the auth server,
> for secstore, and for the filesystem on the file server (I used the
> same for each), and I am getting this on "thinker":
>
>
> mount: mount /root: tls error
>
> mount -c #s/boot /root: mount 145: mount
>
>
> bootargs is (tcp, tls, il, local!device)[tls]
>
>
> When this happens the file server console shows this:
>
>
> /bin/aux/trampoline: dial net!$fs!9fs: connection rejected
>
>
> I'm not sure if this means that the file server is rejecting the
> connection from the (currently) terminal, or what might be going
> on... the "$fs" showing up on the file server console seems curious
> to me as I would have thought if that were coming from the terminal
> the "$fs" would have been translated from there? Again not sure where
> to go from here...
>
>
> I was originally having a problem with secstored not having a
> "factotum" file for the terminal to retrieve, but after having worked
> that one out it now stored a key in it (and is no longer asking me to
> set one) for my "dom=9cluster", so I did manage to get past that one.
>
>
> I also noticed that if I retry from the bootargs prompt I get the
> additional message "ipconfig: dialicmp6: address in use", but I am
> guessing that is simply a leftover from the earlier attempt, and
> assuming I can safely ignore that...
>
>
>
>
> On 12/16/19 4:40 PM, Frank D. Engel, Jr. wrote:
>> Thank you!
>>
>>
>> When I tried bringing it up as a cpu server with auth enabled it did
>> indeed make it past the errors.
>>
>> I'll see if I can work things out from there.
>>
>>
>> On 12/16/19 2:27 PM, cinap_lenrek@felloff.net wrote:
>>> i believe that this is due to running a with service=terminal.
>>> this causes factotum to be started as a client with no keys in it.
>>>
>>> the p9any auth protocol starts by the server presenting a set of
>>> keys, auth domains and protocols, which you wont have in this
>>> case (no keys there). which is most likely the reason the whole
>>> thing fails.
>>>
>>> if you boot your fileserver with service=cpu, then when factotum starts
>>> it will prompt you for authid and password which will be the
>>> credentials
>>> of the hostowner (of the fileserver) which should have to match what
>>> you
>>> have on the authentication server. this information can be stored in
>>> nvram to avoid the prompt on boot.
>>>
>>> even if it doesnt match the auth key for (that user) on the authserver,
>>> the fileserver should be able to boot and mount its root filesystem
>>> as factotum talks to itself in this scenario and having the same keys
>>> on both sides.
>>>
>>> its just about to fail when there are no keys at all.
>>>
>>> i hope this makes sense.
>>>
>>> --
>>> cinap
>>>
>>
>
> ------------------------------------------
> 9fans: 9fans
> Permalink:
> https://9fans.topicbox.com/groups/9fans/Tda6e61e03ce222c0-Mb08127daf7703de537047e02
> Delivery options: https://9fans.topicbox.com/groups/9fans/subscription
>
>
next prev parent reply other threads:[~2019-12-19 0:51 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-16 18:00 Frank D. Engel, Jr.
2019-12-16 19:27 ` [9fans] " cinap_lenrek
2019-12-16 21:40 ` Frank D. Engel, Jr.
2019-12-18 23:57 ` Frank D. Engel, Jr.
2019-12-19 0:50 ` Frank D. Engel, Jr. [this message]
2019-12-19 19:11 ` cinap_lenrek
2019-12-19 19:10 ` cinap_lenrek
-- strict thread matches above, loose matches on Subject: below --
2009-04-21 17:35 [9fans] Newbie question philo565
2009-04-21 19:14 ` Eoghan Sherry
2007-05-28 4:28 YAMANASHI Takeshi
2007-05-28 11:17 ` erik quanstrom
2007-05-23 18:25 Fabrizio Colalucci
2007-05-23 18:36 ` Sape Mullender
2007-05-23 18:41 ` Sape Mullender
2007-05-23 18:45 ` Paul Lalonde
2007-05-24 14:51 ` Fabrizio Colalucci
2007-05-23 18:39 ` andrey mirtchovski
2007-05-23 18:49 ` ron minnich
2007-05-23 18:58 ` Paul Lalonde
2007-05-23 19:47 ` ron minnich
2006-12-05 11:35 Markus Sonderegger
2006-12-05 11:01 ` Lee Duhem
2006-12-05 11:58 ` erik quanstrom
2006-12-05 11:24 ` John Stalker
2006-12-05 11:42 ` Lucio De Re
2006-12-05 16:49 ` Gabriel Diaz
2006-12-06 10:38 ` Markus Sonderegger
2006-12-06 11:37 ` Rodolfo Garcia
2006-12-07 1:02 ` John Floren
2006-12-07 22:25 ` Georg Lehner
2006-12-07 23:07 ` andrey mirtchovski
2006-12-07 23:19 ` LiteStar numnums
2006-12-08 0:26 ` Charles Forsyth
2006-12-08 9:47 ` Steve Simon
2006-12-08 15:33 ` Brantley Coile
2006-12-08 15:46 ` ron minnich
2006-12-09 9:17 ` sretzki
2006-12-09 9:22 ` Markus Sonderegger
2006-12-09 15:49 ` Tim Wiess
2006-12-09 14:26 ` Gregory Pavelcak
2006-12-09 15:47 ` Brantley Coile
2006-12-09 20:16 ` Rodolfo Garcia
2006-02-07 17:14 [9fans] newbie question Riza Dindir
[not found] <20060207134101.GA435@routi.local.net>
2006-02-07 15:02 ` Riza Dindir
2006-02-07 15:20 ` Lluís Batlle
2006-02-07 15:39 ` andrey mirtchovski
2006-02-07 16:46 ` Russ Cox
2006-02-07 20:44 ` uriel
2006-02-07 13:10 Riza Dindir
2006-02-07 13:07 Riza Dindir
2006-02-06 16:38 Riza Dindir
2006-02-06 16:51 ` andrey mirtchovski
2006-02-06 16:54 ` "Nils O. Selåsdal"
2006-02-06 17:00 ` Russ Cox
2006-02-06 17:18 ` Lluís Batlle
2006-02-06 19:46 ` Russ Cox
2006-02-06 20:10 ` Lluís Batlle
2006-02-06 20:21 ` uriel
2006-02-06 20:26 ` andrey mirtchovski
2006-02-06 20:53 ` Russ Cox
2006-02-06 21:05 ` uriel
2006-02-07 4:28 ` lucio
2006-02-10 19:16 ` rog
2006-02-10 19:28 ` Russ Cox
2006-02-06 20:42 ` Russ Cox
2006-02-07 2:09 ` Skip Tavakkolian
2006-02-06 20:52 ` William Josephson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=71403bd2-a7ae-5a9f-da2e-e421c63a2f0c@fjrhome.net \
--to=fde101@fjrhome.net \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).