NetBSD Journey

Logging my quest into the NetBSD universe.

Saturday, August 13, 2011

Guruplug meets NetBSD step 5: IPv4 configuration and daemon startup.

At this point we have a Guruplug which boots NetBSD from a USB stick and which is more-or-less in order. We're still stuck with the serial line so let's just add some basic ip configuration to it so the unit will boot up, configure its ip address (in this case a static one) and launch an SSH daemon.

We will also take this opportunity to shut some of the services which we don't need and will only use scarce resources (and slow down booting).

The currently (by default running processes are, minus the login, ps and csh that is):

GURUPLUGGER# ps -aux
USER    PID %CPU %MEM  VSZ  RSS TTY   STAT STARTED    TIME COMMAND
root      0  3.0  1.4    0 7188 ?     DKl   1:00PM 0:38.74 [system]
root      1  0.0  0.2 3448  892 ?     Ss    1:00PM 0:00.04 init 
root    182  0.0  0.3 5596 1348 ?     Is    1:00PM 0:00.06 /usr/sbin/syslogd -s
postfix 412  0.0  0.4 7644 2220 ?     I     1:00PM 0:00.09 pickup -l -t fifo -u
root    418  0.0  0.4 7652 2220 ?     Is    1:00PM 0:00.12 /usr/libexec/postfix
root    454  0.0  0.2 3488  952 ?     Is    1:00PM 0:00.02 /usr/sbin/cron 
postfix 477  0.0  0.4 7644 2260 ?     I     1:00PM 0:00.08 qmgr -l -t unix -u 
root    484  0.0  0.2 3528  804 ?     Is    1:00PM 0:00.01 /usr/sbin/inetd -l 
root    113  0.0  0.2 3524  852 tty00 O+    1:36PM 0:00.01 ps -aux 
root    491  0.0  0.4 7228 2172 tty00 Is    1:00PM 0:00.52 login 
root    517  0.2  0.2 3288 1024 tty00 S     1:20PM 0:00.07 -csh

So we will remove cron, postfix and inetd from the startup, only allowing syslog to start up and we will also add an sshd to that list.

This is done through editing /etc/rc.conf and we can look in /etc/defaults/rc.conf for some inspiration.

I've seen some kernel warnings in the past, which result in myself not trusting the RTC for timekeeping when the unit is off hence I'll add an ntpdate(8) to execute just once at boottime followed by the startup of an ntpd(8). Meaning rc.conf looks as follows:

# Load the defaults in from /etc/defaults/rc.conf (if it's readable).
# These can be overridden below.
#
if [ -r /etc/defaults/rc.conf ]; then
        . /etc/defaults/rc.conf
fi

# If this is not set to YES, the system will drop into single-user mode.
#
rc_configured=YES

# Add local overrides below
#

hostname="GURUPLUGGER"

# Do not start some default daemons
cron=NO
inetd=NO
postfix=NO

# Do start SSH
sshd=YES

# Launch an ntpdate at boottime prior to starting the ntpd
ntpdate=YES
ntpdate_flags="-b -s pool.ntp.org"
ntpd=YES

If we would want to launch a dhclient at boottime on the first gigabit device we would add, the following line to rc.conf:
dhclient=YES
However, since this is a standalone box, I really want this box to have a static configuration.

Hence configuring the network will be done by adding the following lines to rc.conf:
auto_ifconfig=yes
ifconfig_mvgbe0="inet 192.168.10.2 netmask 0xffffff00" 
defaultroute="192.168.10.1"
Here mvgbe0 is the interface on which the configuration should be applied. Alternatively we could also have written the route to /etc/mygate and the interface specific things to /etc/ifconfig.mvgbe0 (ifconfig.if(5).

Next we add the nameservers to resolv.conf(5):
GURUPLUGGER# cat /etc/resolv.conf
nameserver 195.130.130.5
nameserver 195.130.131.5
And setup a default route, we can either write this in /etc/mygate or append the following to rc.conf:
defaultroute="192.168.10.1"

If we're adding an sshd, we also need to add a user (unless we modify the sshd config to permit root logins which is not a good idea). This can be done as follows:
GURUPLUGGER# useradd -m edb
GURUPLUGGER# passwd edb
Changing password for edb.
New Password:
Retype New Password:
GURUPLUGGER# usermod -G wheel edb
In the last step we added edb to the wheel group, this is required for the su(1) command to function.

And after a reboot we see that our mission has been accomplished, the network is propery configured, only the daemons we requested are running:
GURUPLUGGER# ifconfig mvgbe0                                            
mvgbe0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	capabilities=3700<IP4CSUM_Rx,IP4CSUM_Tx,TCP4CSUM_Rx,UDP4CSUM_Rx,UDP4CSUM_Tx>
	enabled=0
	address: f0:ad:4e:ff:11:d5
	media: Ethernet autoselect (100baseTX full-duplex)
	status: active
	inet 192.168.10.2 netmask 0xffffff00 broadcast 192.168.10.255
	inet6 fe80::f2ad:4eff:feff:11d5%mvgbe0 prefixlen 64 scopeid 0x1
GURUPLUGGER# netstat -rn -f inet
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use    Mtu Interface
default            192.168.10.1       UGS         1       73      -  mvgbe0
127/8              127.0.0.1          UGRS        0        0  33192  lo0
127.0.0.1          127.0.0.1          UH          1        0  33192  lo0
192.168.10/24      link#1             UC          2        0      -  mvgbe0
192.168.10.1       00:14:bf:8a:1b:c1  UHLc        1        0      -  mvgbe0
192.168.10.103     00:1d:e0:6f:b6:cf  UHLc        0       98      -  mvgbe0
GURUPLUGGER# ps -aux                     
USER PID %CPU %MEM  VSZ  RSS TTY   STAT STARTED    TIME COMMAND
root   0  0.0  1.4    0 7288 ?     DKl  12:27PM 0:00.40 [system]
root   1  0.0  0.2 3448  968 ?     Is   12:27PM 0:00.04 init 
root 195  0.0  0.3 5596 1356 ?     Ss   12:27PM 0:00.06 /usr/sbin/syslogd -s 
root 324  0.0  1.0 5340 5224 ?     Ss   12:28PM 0:00.33 /usr/sbin/ntpd 
root 344  0.0  0.4 8196 1996 ?     Is   12:28PM 0:00.02 /usr/sbin/sshd 
root 108  0.0  0.2 3524  976 tty00 O+   12:33PM 0:00.01 ps -aux 
root 326  0.0  0.5 7228 2432 tty00 Is   12:28PM 0:00.51 login 
root 398  0.0  0.2 3288 1176 tty00 S    12:29PM 0:00.05 -csh

References:
Posted by ElieDeBrauwer at 2:35 PM