The Plan 9 Cpu/Auth Server Installation and Basic Setup Howto

Purpose:

The purpose of 'The Plan 9 Cpu/Auth Server Installation and Basic Setup Howto' is to walk a user through the configuration of a Plan 9 combined cpu/auth server in a straight forward, quick, and linear fashion.

Very little explanation is provided regarding each step in the process. The goal is to get you into a basic usable Plan 9 environment in the quickest manner possible, and to instill confidence that all the necessary and important configuration elements have been satisfied.

Assumptions:

The bulk of this howto focuses on what to do immediately after completing a standard Plan 9 terminal installation, and additionally requires that you will be able to perform basic editing and user interface operations in a Plan 9 gui environment.

Parts 0 and 1 of this document will direct you to the appropriate resources necessary to fulfill these two requirements.

Conventions:

Throughout the howto you will come accross certain commands and text edits which require information regarding the specific details related to your system and environment. These variables will be shown in brackets using lowercase characters. Whenever you see these in the text, replace them with the correct value as appropriate.

The variables contained in this text are as follows:

Part 0, Preparation:

Step 0]  Introduction to the Plan 9 Operating System:

• if you're new to Plan 9, read sections 1 through 3 of 'A Plan 9 Newbie's Guide'   (http://www.quanstro.net/newbie-guide.pdf)
  

• fully review this howto before starting

Part 1, Installation:

Step 0]  Install Plan 9:

• refer to the Plan 9 Installation Howto (not yet available - simply follow all defaults presented by the install script)

• note: be sure to choose 'fossil' for configfs  (i.e. no venti)

Part 2, Basic Setup:

note: It should take approximately 20 to 30 minutes to complete the configuration process

note: It is absolutely crucial that you carefully review your work in each step in order to avoid typos and errors, which may easily introduce problems that will be difficult and annoying to identify and correct later

Step 0]  Boot into freshly installed Plan 9 terminal:

• select local root and login as user glenda:

root is from (tcp, local)[local!#/sdC0/fossil]: <ENTER>
user[none]: glenda <ENTER>

• read through the presented Rio and Acme introductions, then delete all rio windows

• draw a new rio window, this will be used throughout the rest of the howto

• note: it is suggested that you enable scrolling on your rio window (middle-click, select scroll)

Step 1]  Assign user glenda to group adm:

• connect to the fossilcons server, execute:

term% con -l /srv/fscons

• issue command at prompt:

prompt: uname adm +glenda <ENTER>
<CTRL>-\
>>> q <ENTER>

Step 2]  Set the timezone:

• list available timezones, execute:

term% lc /adm/timezone

• execute:

term% cp /adm/timezone/<timezone> /adm/timezone/local

Step 3]  Prepare local rc script directory:

• execute:

term% mv /cfg/example /cfg/<systemname>

Step 4]  Enable dma on disk(s) and configure network interface:

• edit /cfg/<systemname>/cpurc, append:

dmaon

ip/ipconfig

• note: the above assumes a dhcp server is in use on your network;
  if this is not the case, replace the ip/ipconfig line with:

ip/ipconfig -g <gatewayip> ether /net/ether0 <hostip> <subnetmask>

Step 5]  Enable authentication services:

• execute:

term% mv /rc/bin/service.auth/authsrv.tcp567 /rc/bin/service.auth/tcp567

• create /cfg/<systemname>/cpustart, insert:

aux/listen -q -t /rc/bin/service.auth -d /rc/bin/service tcp

Step 6]  Enable keyfs and cron:

• edit /rc/bin/cpurc, locate and uncomment the following two lines:

# auth/keyfs -wp -m /mnt/keys /adm/keys >/dev/null >[2=1]
# auth/cron >>/sys/log/cron >[2=1] &

Step 7]  Configure basic network database settings:

• get the ethernet card's mac address, execute:

term% cat /net/ether0/addr; echo

• note: you may want to snarf the output from the above command

• edit /lib/ndb/local, append:

ip=<hostip> sys=<systemname> ether=<mac>
   authdom=<authdomain> 
   auth=<systemname> 
   cpu=<systemname> 
   fs=<systemname> 
   dns=<dnsip>
   ipgw=<gatewayip>

• confirm changes, execute:

term% ndb/query sys <systemname>

• note: the output from the above command should show the expected values;
  if this is not the case, re-check /lib/ndb/local for errors

Step 8]  Compile and install a cpu kernel:

• execute:

term% cd /sys/src/9/pc
term% mk 'CONF=pccpuf'

• note: the above command will take a few moments to complete and will generate quite a bit of output to the window

• execute:

term% 9fat:
term% cp 9pccpuf /n/9fat/

Step 9]  Configure plan9.ini:

• edit /n/9fat/plan9.ini, prepend:

[menu]
menuitem=cpu, Plan 9 CPU Kernel
menuitem=terminal, Plan 9 Terminal Kernel
menudefault=cpu, 10

[cpu]
bootfile=<hd>!9fat!9pccpuf

[terminal]
bootfile=<hd>!9fat!9pcf

[common]
nobootprompt=local!#S/<hd>/fossil

• warning: make sure to remove the pre-existing bootfile=<hd>!9fat!9pcf entry from the top of this file;
  additionally, ensure that all remaining entries beneath the [common] tag form a single contiguous block

• warning: unless you compiled your cpu kernel with extra drivers, then you will have limited choices available for your monitor= and vgasize= entries (vesa won't be available, for instance)

Step 10]  Prepare nvram and provide a password for this machine:

• invalidate the current nvram contents, execute:

term% echo garbage >/dev/<hd>/nvram

• execute:

term% auth/keyfs

• follow prompts:

bad nvram key
bad authentication id
bad authentication domain
can't read /dev/key, please enter machine key
Password: <machinekey> <ENTER>
Confirm password: <machinekey> <ENTER>
0 keys read

Step 11]  Create and configure the hostowner:

• connect to the fossilcons server, execute:

term% con -l /srv/fscons

• note: you may need to press <ENTER> a couple times before getting a prompt

• issue commands at prompts:

prompt: uname <hostowner> <hostowner> <ENTER>
prompt: uname sys +<hostowner> <ENTER>
prompt: uname adm +<hostowner> <ENTER>
prompt: fsys main <ENTER>
main: create /active/cron/<hostowner> <hostowner> <hostowner> d775 <ENTER>
main: create /active/sys/log/cron <hostowner> <hostowner> a664 <ENTER>
<CTRL>-\
>>> q <ENTER>

• edit /lib/ndb/auth, append:

hostid=<hostowner>
       uid=!sys uid=!adm uid=*

Step 12]  Set hostowner password:

• execute:

term% auth/changeuser <hostowner>

• follow prompts:

Password: <hostownerpwd> <ENTER>
Confirm password: <hostownerpwd> <ENTER>
assign Inferno/POP secret? (y/n) y <ENTER>
make it the same as the plan 9 password? (y/n) y <ENTER>
Expiration date (YYYYMMDD or never)[return = never]: <ENTER>
1 keys read
Post id: <ENTER>
User's full name: <ENTER>
Department #: <ENTER>
User's email address: <ENTER>
Sponsor's email address: <ENTER>
user <hostowner> installed for Plan 9

• note: it is important that you remember the <hostownerpwd> supplied here at the Password: prompt;
  it will need to be accurately entered again during Step 14

Step 13]  Shutdown and reboot:

• execute:

term% fshalt

• note: the above command may take a few moments to complete;
  wait until you see the output: done halting

• reboot the machine

Step 14]  Initial login as hostowner:

• select the new cpu kernel at prompt:

Plan 9 Startup Menu:
====================
   1. Plan 9 CPU Kernel
   2. Plan 9 Terminal Kernel
Selection[default==1 (10s timeout)]: 1 <ENTER>

• create hostowner nvram key, follow prompts:

bad nvram key
bad authentication id
bad authentication domain
authid: <hostowner> <ENTER>
authdom: <authdomain> <ENTER>
secstore key: <secstorekey> <ENTER>
password: <hostownerpwd> <ENTER>

• warning: be particularly careful when entering the <hostownerpwd> at the password: prompt;
  failing to supply a matching password as entered at Step 12 will make it necessary to repeat Step 10

Step 15]  Verify configuration:

• scan for any obvious errors or warnings which may have occurred during bootup, execute:

systemname# cat /dev/kmesg

• confirm that basic networking is functional, execute:

systemname# ip/ping -n 3 <systemname>
systemname# ip/ping -n 3 plan9.bell-labs.com

Step 16]  Test remote access:

• note: carry out these tasks on a different machine, presumably a standard desktop os
  

• download and install drawterm for your platform: http://swtch.com/drawterm/

• run: drawterm -a <systemname> -c <systemname> -u <hostowner>

• at the drawterm login prompt, enter <hostownerpwd> to attach to your cpu server

• setup initial environment for hostowner, execute:

systemname# /sys/lib/newuser

• you should be presented with the familiar grey screen of an empty rio session

• note: it is only necessary to execute /sys/lib/newuser once for any new user

• note: your attempt to login via drawterm may error with: ?password mismatch with auth server
  if this is the case, re-running the auth/changeuser command as per Step 12 may solve the issue

Step 17]  Congratulations:

• you should now hopefully have a functional Plan 9 standalone cpu/auth server!
  refer to the Common Administrative Tasks document for further instruction

• note: if you ran into any issues, please review the Commonly Encountered Problems document

* complete the 'Commonly Encountered Problems' document

* complete the 'Common Administrative Tasks' document (when this gets lengthy enough, it will likely be divided into separate independent howto's)