Booting from PXE to NFS (using Ubuntu)

SILLY ME for thinking that the latest greatest release of Ubuntu (Hardy Heron 8.04.1) would support PXE / NFS booting for clients with multiple NICs... Silly me and a couple days wasted trying to get that shit to work (even after patching my kernel)...

Point to note:
DO NOT USE HARDY IF YOU HAVE INTENTIONS OF PXE / NFS BOOTING CLIENTS WITH MODERN NICS!

---

OS Configuration:

I upgraded from Hardy 8.04.1 to the release that I know is actually "stable" when they called it "stable" (Dapper Drake 6.06.2 AKA my bread and butter lately).


First up, installation of Dapper... I installed LAMP default. Nothing fancy here. Once installed update your /etc/apt/sources.list so that the universe, multiverse, and restricted sites are no longer commented out. I also recommend commenting out the deb cdrom from the sources.list so you don't have to worry about having your cd handy.

Here's what is in my sources.list:

deb http://us.archive.ubuntu.com/ubuntu/ dapper main restricted
deb-src http://us.archive.ubuntu.com/ubuntu/ dapper main restricted
deb http://us.archive.ubuntu.com/ubuntu/ dapper-updates main restricted
deb-src http://us.archive.ubuntu.com/ubuntu/ dapper-updates main restricted
deb http://us.archive.ubuntu.com/ubuntu/ dapper universe
deb-src http://us.archive.ubuntu.com/ubuntu/ dapper universe
deb http://us.archive.ubuntu.com/ubuntu/ dapper-backports main restricted universe multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ dapper-backports main restricted universe multiverse
deb http://security.ubuntu.com/ubuntu dapper-security main restricted
deb-src http://security.ubuntu.com/ubuntu dapper-security main restricted
deb http://security.ubuntu.com/ubuntu dapper-security universe
deb-src http://security.ubuntu.com/ubuntu dapper-security universe

Now you'll need to update apt and install the required packages by performing:

sudo apt-get update
sudo apt-get install dhcp3-server tftpd-hpa syslinux nfs-kernel-server initramfs-tools

---

PXE / TFTP configuration:

(Next two steps not necessary but makes life easier)
1 - Let's setup the tftp locations for files we'll be using:

sudo mkdir -p /tftpboot/pxelinux.cfg

2 - Change the /etc/default/tftpd-hpa file to reflect the new directory and to start on boot. Here's what mine looks like:

RUN_DAEMON="yes"
OPTIONS="-l -s /tftpboot"

Start up your tftp daemon:

/etc/init.d/tftpd-hpa start

TFTP is now up and ready (you can check to see that it is listening by doing:

netstat -anu|grep 69

PXE is really just a boot loader file ("pxlinux.0" is included in your syslinux package) that allows one to boot via a NIC versus CD-ROM, USB key, hard drive, etc... Most NICs nowadays support PXE booting and you will need to visit your client(s) to enable and bring your NIC to the top / first of the boot order in the BIOS.

Copy your "pxelinux.0" file and kernel into your tftpboot directory:

sudo cp /usr/lib/syslinux/pxelinux.0 /tftpboot
sudo cp /boot/vmlinuz* /tftpboot/vmlinuz

ORDER IS IMPORTANT FOR THE NEXT THREE STEPS

1 - We're going to create our own initrd.img for booting purposes. Because I have nuked many (MANY) systems in my day, I now have a policy of always copying whatever I'm working on to a new location (sandbox) and work with the new copy. We're going to need an entire directory tree copied:

sudo cp -Rp /etc/mkinitramfs /etc/mkinitramfs-pxe

2 - We now have our own mkinitramfs sandbox. Modify the /etc/mkinitramfs-pxe/initramfs.conf so that "BOOT=nfs" "DEVICE=eth1" (We're using eth1 as an example since this IS a lament post regarding multi-NIC clients. Typically eth0 is your first NIC) and "NFSROOT=192.168.0.254:/nfsroot" where 192.168.0.254 is your NFS server.

Here's what my /etc/mkinitramfs-pxe/initramfs.conf looks like:

BUSYBOX=y
BOOT=nfs
MODULES=most
DEVICE=eth1
NFSROOT=192.168.0.254:/nfsroot

3 - Now we can make our own initrd.img (which is nothing more than a cpio file that is gzipped):

sudo mkinitramfs -d /etc/mkinitramfs-pxe -o /tftpboot

Now we'll need to create / edit our /tftpboot/pxelinux.cfg/default (or the hardware address of the client, mine is named "01-00-30-48-2d-1b-a3") and I am a visual person, so I create a pause with dialog. Here's what's inside my pxe configuration file:

timeout 100
prompt 1
display a3-menu.txt
default 0

label 0
kernel vmlinuz
append root=/dev/nfs nfsroot=192.168.0.254:/nfsroot ip=dhcp initrd=initrd.img rw --

---

DHCP Configuration:

You'll need to configure your dhcp server now so the client(s) can get IP addresses and boot to their PXE image. Modify your /etc/dhcp3/dhcpd.conf file to reflect the correct settings for your network.
Here's what mine looks like:

allow booting;
ddns-update-style none;
default-lease-time 600;
max-lease-time 7200;
option domain-name "sandbox.local";
option domain-name-servers 172.24.17.21,172.24.17.23;
authoritative;

subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.1 192.168.0.200;
option routers 192.168.0.254;
next-server 192.168.0.254;
filename "pxelinux.0";
# i1620
host i1620 {
hardware ethernet 00:30:48:2D:1B:A3;
fixed-address 192.168.0.69;
option host-name "i1620";
}
}

Your configuration will probably have different:

domain-name = the domain suffix for the clients
domain-name-servers = ip addresses of your DNS servers
subnet = the subnet that you will be handing out IP addresses on
netmask = the network mask for the subnet (above)
range = the range of IP addresses to use for your clients
routers = your default route and / or all other routes
next-server = your tftp / PXE server
filename = the name of the PXE boot loader file
host = name and configurations for any given host
hardware ethernet = your (above) host's machine address
fixed-address = the address your (above) host will always get
host-name = the hostname for your (above) host if it doesn't already have one

Start the DHCP service:

sudo /etc/init.d/dhcp3-server start

---

NFS Configuration:

(your location may vary) Create a location for the NFS root:

sudo mkdir /nfsroot

Edit your /etc/exports file to reflect your NFS root folder you will be using.
Mine looks like this:

/nfs 192.168.0.0/255.255.255.0(rw,no_root_squash,async)

Now start the service:

sudo /etc/init.d/nfs-kernel-server start

---

Client configuration:

Many people will install locally to their client, copy the OS files to the nfsroot, and then pull the drive from the client. I'm lazy, so I just copied my server files over to the /nfsroot directory and modified a handful of files. There are only a few gotchas, that I will explain after you modify your basic files. Your configurations will vary from mine, so make sure you at least look into each of the following:

/etc/hostname
/etc/hosts
/etc/fstab
/etc/network/interfaces

The last two will need some serious changing. First edit your /etc/fstab to reflect correct mount points for "/proc" and "/"
Mine looks like this:

# /etc/fstab: static file system information.
#
#
proc /proc proc defaults 0 0
/dev/nfs / nfs defaults 1 1

Finally you will need to edit your /etc/network/interfaces file to reflect correct activation.
Mine looks like this:

auto lo
iface lo inet loopback
iface eth0 inet manual
iface eth1 inet manual

---

You're done! (weeeeeee *plop*)

Go reboot your client and it will boot up PXE and mount / to your nfsroot!

Intel, Microsoft, and their dicktard antics

Recently, I needed to replace my old file server in my house. I bought pieces here and there, from newegg, ebay, and other computer shops, until I finally had all the stuff required to replace my old machine.

The old machine was an old Dell desktop machine that had more than served a full life sentence in my basement. It had an old PATA 3ware RAID card and 4 250GB drives attached. Regardless, the drives were starting to go bad and it was long since time to replace that old P II 350 with something that had a little more horsepower.

This post is dedicated to Intel, Microsoft, and their dicktard antics in trying to force the consumer to use a specific set of software on a specific set of hardware.

The motherboard for the new machine is an Intel DF33TL, (yeah, I know... not bleeding edge stuff here). However, it has a built in RAID controller, 6 SATA ports, and was cheap.

If you look at the RAID driver's readme, section 2.2, you will notice that Windows Server 2003 is in the list.

Here's where I think Microsoft and Intel have been in bed doing nasty things with each other's anal sphincters and tongues. The drivers for this motherboard (not just the RAID drivers) WILL NOT install on Windows Server 2003. This is because in the inf (the file that tells windows what driver to load for hardware instance IDs) Intel has "purposefully left no support for NT >= 5.2" which means no 2003 on it... Since this is a workstation motherboard, I can only assume that there is anal-dickery going on here between the makers of the board and the seller of the operating systems.

And this is how to fix your problems, so the drivers will install and run on Windows Server 2003:

1 - For each driver, download, extract, and find the corresponding inf file
2 - Find the sections (an inf section is defined by [label.in.braces]) NTx86.5.2 and NTx86.5.1
3 - Copy the section NTx86.5.1 and paste it into the NTx86.5.2 section
4 - manually install driver by searching for the location where you just updated the driver to support 5.2

Now, on top of that fun, I had to do this before making my OEM install disk (see my OEM cd blog... since there's no floppy controller and I don't have a USB floppy...

WHAT.A.FUCKING.JOKE

Recovering (not resetting) Lost Windows Passwords

I suppose I did it to myself, by choosing software engineering as my career path: I am my family's and my wife's family's personal and free tech support. All they have to do is put up with my bad attitude and condescending remarks as they pertain to computer (and life) literacy...

The problems I 'get' to help them resolve are rarely technical issues... This weekend's example, a surprise visit from the in-laws resulted in my being volunteered to recover their lost passwords on their laptop. This is NOT a technical issue or even a computer / software problem. This is a process / policy execution problem, manifested in all areas of their lives.

Well, after a quick visit to Ophcrack on sourceforge, a download of the ISO, finally a burned CD, I was set in motion for recovering (not resetting) the lost / forgotten passwords.

You might ask why I went this route as apposed to resetting the password. This is a multifaceted answer. 1 - I've never used Ophcrack, so this was kind of fun for me (please, for the love of God, do NOT tell my in-laws that I enjoyed ANY part of this)... and 2 - I prefer to pick locks, instead of breaking them.

I knew my dear in-laws would not have complex or long passwords, so Ophcrack shouldn't run into any problems. Ophcrack recovered the admin, guest, and mother-in-law's passwords in about 5 minutes... Not too shabby, considering the dinosaur laptop it was running on.