Clasxt: Difference between revisions

From CLONWiki
Jump to navigation Jump to search
No edit summary
No edit summary
 
(3 intermediate revisions by 2 users not shown)
Line 23: Line 23:


'''NOTE:''' to patch machine remotely ssh as ''admin'' with usual root pass; to check for updates, use ''softwareupdate --list''; for actual update, use ''sudo softwareupdate --install --all'' and then ''sudo reboot'' commands.
'''NOTE:''' to patch machine remotely ssh as ''admin'' with usual root pass; to check for updates, use ''softwareupdate --list''; for actual update, use ''sudo softwareupdate --install --all'' and then ''sudo reboot'' commands.
'''Existing units'''
* F425587 - F239 for Valery Sytnik; MAC: C4:2C:03:24:E7:48




Line 39: Line 44:


* clasxt37
* clasxt37
* clasxt38 (F425588, TIDF)


* clasxt39
* clasxt39


* clasxt40 (F425589, counting room)
* clasxt40 (F425589, bldg. 98)
 
* ctof (F425590, EEL 108)


To reboot in single user mode do following:
To reboot in single user mode do following:

Latest revision as of 15:09, 8 May 2013

Clasxt's are mac mini's running MAC OS X.

Initial installation

  • connect monitor, ethernet, keyboard and mouse and power up; sometimes it will not recognize keyboard or/and mouse, in that case just unplug mouse/keyboard and plug them back; follow instructions to identify keyboard; when asked to 'Create Your Account', enter 'admin' with usual root pass
  • in System preferences/Network: turn off AirPort; configure Ethernet as Manually and type IP address (ex. 129.56.167.xxx), mask (ex. 255.255.255.0), router (ex. 129.57.167.99), DNS server (ex. 129.57.167.5, 129.57.167.14) and search domain (ex. jlab.org); goto Advanced/Proxies, check Automatic Proxy Configuration and type in file name http://jprox.jlab.org/wpad.dat
  • in System preferences/Accounts change Admin's user password to the our clon root password (if not done yet, should be done on first step); create new user clasrun with usual clasrun's pass, keep Automatic login is ON; click on Login Options and choose Automatic Login as clasrun
  • in System preferences/Sharing set correct computer name (ex. clasxt35); enable Remote Login for user admin only
  • in System preferences/Energy Saver move Computer Sleep to Never to prevent user's forced logging off, and click on Start up automatically after a power failure
  • type sudo emacs /etc/ssh_config and set Host * and ForwardX11 yes
  • insert Mac OS X Install DVD and install Xcode and Optional Installs (last one contains X11)
  • insert Applications Install DVD and click on Install Bundled Software, then follow instructions
  • run Software Update


NOTE: to patch machine remotely ssh as admin with usual root pass; to check for updates, use softwareupdate --list; for actual update, use sudo softwareupdate --install --all and then sudo reboot commands.


Existing units

  • F425587 - F239 for Valery Sytnik; MAC: C4:2C:03:24:E7:48


OBSOLETE: OLD DISKLESS CLIENTS

Clasxt machines are diskless 'thin clients' from neoware, running newlinux. We have 5 those machines still in use:

  • clasxt23 (425563, Counting room)
  • clasxt33
  • clasxt34 (F425591, EEL room 121)
  • clasxt35 (F425584, counting room)
  • clasxt37
  • clasxt38 (F425588, TIDF)
  • clasxt39
  • clasxt40 (F425589, bldg. 98)
  • ctof (F425590, EEL 108)

To reboot in single user mode do following:

  • Power on the EON and hold the left shift key down until you are shown a boot prompt
  • The boot prompt should display 'Software'
  • Enter Software -s ramdisk=12000 and press enter
  • As the OS boots, press alt-F2 (possibly more than once) until you are greeted with a bash prompt


IMPORTANT:

On clon machines where clasxt's suppose to login, XDM server must be running. On Solaris 10 XDM server is running as part of dtlogin. By default it has following options:

clon00:/etc> ps -ef | grep dtlogin
  root  7799     1   0 17:25:38 ?           0:00 /usr/dt/bin/dtlogin -daemon -udpPort 0

which means upd connection is not allowed. Looking into options will see following:

clon00:/etc> svcprop svc:/application/graphical-login/cde-login | grep udpPort
dtlogin/args astring \ -udpPort\ 0

To change that use following command:

clon00:/etc> svccfg -s svc:/application/graphical-login/cde-login setprop dtlogin/args=\"\"

Now that option is gone:

clon00:/etc> svcprop svc:/application/graphical-login/cde-login | grep udpPort
clon00:/etc>

To place that option back type following:

clon00:/etc> svccfg -s svc:/application/graphical-login/cde-login setprop dtlogin/args=\" -udpPort 0\"

Restart dtlogin server:

/etc/init.d/dtlogin stop
/etc/init.d/dtlogin start

Now it is running without upd restriction:

clon00:/etc> ps -ef | grep dtlogin
   root 11503     1   0 17:30:46 ?           0:00 /usr/dt/bin/dtlogin -daemon


In addition to that, to make fonts loading process work enable xfs service. Normally it will be enabled on the machines with monitors, but on servers like clon00 and clon10 it will be disabled by default:

clon00:/etc> svcs -a | grep xfs
disabled       Jan_04   svc:/application/x11/xfs:default
clon00:/etc>

so enable it:

clon00:/etc> svcadm enable svc:/application/x11/xfs
clon00:/etc> svcs | grep xfs
online         12:55:53 svc:/application/x11/xfs:default
clon00:/etc> 



Some useful information can be found in following paper:

Some reports indicate that 3.x builds do not work. The error that is reported is FATAL ERROR The device that contains the configuration file (config.xml) could not be found. m0n0wall cannot continue booting. I do not yet know of a solution. This tutorial should be construed to apply only to the 2.x builds in the meantime. Please email me if you get 3.x working on an EON.

Here's how to install the latest build of the excellent m0n0wall firewall on a Neoware EON 4000 thin client. These machines make excellent firewalls for home users and small businesses because they are cheap, compact, sturdy, and powerful enough to run a several megabit connection. The hardware is available in a variety of configurations, with CPUs roughly equivalent to a 150-200Mhz Pentium. Before embarking on this little journey, you should be aware of a few caveats:

   * Some Neoware boxes come with a 32-pin Disk-on-Chip module in a socket on the motherboard. m0n0wall does not ship with the required driver to run this module. Therefore, on these systems you will need a hard drive, compact flash to IDE adapter, or similar device to boot from. You may also be able to netboot your firewall (this is supported on the built-in network device), though I do not cover that in this tutorial.
   * The motherboard accepts both PC133 DIMMs or SO-DIMMs. It will use both at the same time. However, when using a DIMM, be sure it is less than 1.1" (28mm) tall, or you will not be able to install a second network card.
   * There are many different revisions of the NeoLinux operating system and not all include the necessary software to complete this tutorial.
   * You may need to purchase several EON 4000s to get suitable software and hardware.
   * These instructions were based on NeoLinux 2.4-100802, with kernel 2.2.20. Your particular configuration may vary slightly.

With those potential issues in mind, follow along!

There are three main steps to be completed to get m0n0wall running on your EON. First, you will need to get single-user access to the NeoLinux installation. Next, you need to enable networking and fetch and install m0n0wall. Third, you need to configure it to fit your requirements. I will address the first two of these, as adequate resources exist to help with the latter.

To begin, you will need:

   * One or more Neoware EONs with disk-on-chip modules that plug into the IDE header
   * Access to the internet from your EON (or to a web server on a LAN)
   * A supported PCI network card. Common Intel or 3Com cards work fine.
   * At least 64MB of suitable memory. Some EONs ship with SO-DIMMs, others with DIMMs. These should be short enough to accomodate a PCI network card.
   * See the m0n0wall supported hardware page for more information.

Step ONE: Get single-user access to the NeoLinux distribution.

   * Power on the EON and hold the left shift key down until you are shown a boot prompt
   * The boot prompt may vary, but pressing tab should display either 'Software' or 'Eon_Software'.
   * Enter, as appropriate, either
     Software -s ramdisk=12000
     or
     Eon_Software -s ramdisk=12000
     and press enter.
   * As the OS boots, press alt-F2 (possibly more than once) until you are greeted with a bash prompt.

Step TWO: Fetch and install m0n0wall.

   * Check that your installation has the necessary software:
     bash# ls /usr/bin/wget
     . If NeoLinux reports that it is not found, you will have to try a different EON. Keep this hardware however: a single working EON can program m0n0wall onto several disk-on-chip modules, even those without the proper software. More on this later.
   * Plug the EON into a network which provides DHCP information and enable the ethernet connection:
     bash# cp /etc/sysconfig/network-scripts/ifcfg-eth0.default /etc/sysconfig/network-scripts/ifcfg-eth0
     bash# ifup eth0
   * Create a ramdisk on which to place temporary files during the installation:
     bash# mkfs.ext2 /dev/ram0
     bash# mount /dev/ram0 /mnt/usbcdrom
     bash# cd /mnt/usbcdrom
     bash# /usr/bin/wget http://hostname/path/to/m0n0wall
     bash# cp /bin/gunzip .
     bash# cp /bin/dd .
   * Now you're ready. You have created a ramdisk with the two utilities you will need to rewrite IDE disk-on-chip modules with m0n0wall. At this point, if you have modules containing copies of NeoLinux without wget, you should try using them first. That way if something goes wrong you can repeat these steps later. With the machine running, remove the IDE DOC that you booted from and replace it with the one you want to reprogram.
   * Then,
     gunzip -c m0n0wall-file-name.img | dd of=/dev/hda bs=16k
     Ignore the warning about trailing garbage.

That's it! At this point you can remove the DOC and replace it with another one and repeat the reprogramming step, as many times as needed.

When you next boot the machine, it should load m0n0wall exactly as it would on any other x86-compatible system. Jump right in with the m0n0wall quick-start guide for PC platforms. Chapter 3: Initial Configuration is probably where you will want to start. Good luck!

Version 0.3 | Content date: 05 July 2008 | Page last generated: 2009-01-18 13:11 CST