Subject: HOWTO install NetBSD 1.6.1 on a Cobalt Qube2 PREVIEW
To: None <port-cobalt@NetBSD.ORG>
From: Andreas Fuchs <fox@tcnet.ch>
List: port-cobalt
Date: 01/12/2004 13:39:20
Hi an updated version of my howto, comments, updates, drinks welcome
********************************************************************
HOWTO install NetBSD 1.6.1 on a Cobalt Qube2
I try to write a guide how to get NetBSD running on a Cobalt Qube2
And how to configure the Qube as a gateway to an ADSL moden
I'm not native english speaker so sorry for the "writing style"
Version 0.5 10.1.2004 Andreas Fuchs, fox@tcnet.ch
portions from Daniel Ouellet and many others on the
port-cobalt@NetBSD.ORG mailing list
speciall thank to Dennis Chernoivanov for the great
recovery cd image
- Get the rescue-cd image from:
ftp://ftp.netbsd.org/pub/NetBSD/arch/cobalt/restore-cd/1.6.1
- Burn this iso image to a cd
- Boot a machine which has network connection to your Qube2 with this CD
- follow the instructions and whatch the display on the Qube2
make shure you have only one dhcp server in your network,
otherwise the Qube might pick up a wrong ip-address or just not install
- the qube will reboot when finnish and display his ip-address
- telnet to your Qube
- set a root password
passwd
- if you disable dhclient do not forget to configure an ip-address!
edit /etc/ifconfig.tlp0
inet 192.168.1.3 netmask 255.255.255.0
Above, your network card may be different, but look your dmesg to be safe.
Mine is tlp0 and tlp1
- edit /etc/hosts
ip-address hostname hostname.yourdomain.ch
- add at least one nameserver to /etc/resolv.conf
search yourdomain.ch
nameserver a.b.c.d
nameserver d.e.f.g
- configure /etc/rc.conf to something like
hostname="qube"
defaultroute=192.168.1.1
#
dhclient=NO
nfs_client=NO
paneld=YES
inetd=NO
sshd=YES
- either give root access to ssh (change /etc/ssh/sshd_config) or better add
a second user
useradd -m nerd
passwd nerd
- start/stop services
/etc/rc.d/sshd start
/etc/rc.d/dhclient stop
/etc/rc.d/inetd stop
- test your ssh connection NOW, to make shure that you have access to the
box after reboot
- reboot and have fun
- to get some more software
setenv PKG_PATH ftp://ftp.netbsd.org/pub/NetBSD/packages/1.6/cobalt/All
pkg_add -v the_package
i do
pkg_add -v bash; usermod -c "" -s /usr/pkg/bin/bash root; /usr/pkg/bin/bash
export PKG_PATH=ftp://ftp.netbsd.org/pub/NetBSD/packages/1.6/cobalt/All
pkg_add -v apache
look at the above directory to see what else is available
- to get other tools and application install which are not available as pkg,
install pkgsrc
setenv CVSROOT anoncvs@anoncvs.NetBSD.org:/cvsroot
setenv CVS_RSH ssh
cd /usr
cvs checkout -P pkgsrc
this will take some time, depending on your internet speed...
then install
cd /usr/pkgsrc/pkgtools/pkg_install; make install
cd /usr/pkgsrc/security/audit-packages; make install
/usr/pkg/sbin/download-vulnerability-list
and i install:
cd /usr/pkgsrc/sysutils/adjustkernel; make install
echo ACCEPTABLE_LICENSES+=fee-based-commercial-use >> /etc/mk.conf
cd /usr/pkgsrc/security/openssl; make install
cd /usr/pkgsrc/net/wget; make install
and some other usefull stuf, for more info
http://www.netbsd.org/Documentation/software/packages.html#using-pkgsrc
- to later update pkgsrc info run:
setenv CVSROOT anoncvs@anoncvs.NetBSD.org:/cvsroot
setenv CVS_RSH ssh
cd /usr/pkgsrc
cvs -q update -dP
/usr/pkg/sbin/download-vulnerability-list
- to compile your own kernel get the src tarball from
cd /
wget ftp://ftp.netbsd.org/pub/NetBSD/NetBSD-1.6.1/source/sets/syssrc.tgz
tar -xvzf syssrc.tgz
cd /sys/arch/cobalt/conf
if you have some card in the pci slot run
adjustkernel -file GENERIC -outfile QUBE2IPF
otherwise you can just copy
cp GENERIC QUBE2IPF
edit QUBE2IPF, i set the following options
lcd0 at mainbus? if it's not already there
options GATEWAY
options IPSEC
options IPFILTER_LOG
pseudo-device ipfilter
pseudo-device pppoe
if you wish you can disable scsi to make the kernel smaller
#options SCSIVERBOSE
#ahc* at pci? dev ? function ?
#scsibus* at ahc?
#sd* at scsibus? target ? lun ?
#st* at scsibus? target ? lun ?
then run
wget http://only.mawhrin.net/~cdi/netbsd/cobalt/hd44780.diff.gz
gzip -d hd44780.diff.gz
cd /sys
patch -p1 < /sys/arch/cobalt/conf/hd44780.diff
cd -
and finally
config QUBE2IPF
cd ../compile/QUBE2IPF
make depend
make
if you got no error you have a new kernel! (will it boot? let's try)
mv /netbsd /netbsd.orig
cp netbsd /
here are some more details
http://www.netbsd.org/Documentation/kernel/#how_to_build_a_kernel
http://www.netbsd.org/guide/en/chap-kernel.html
- if boot fails, you have to a) start at top or b) connect a serial cable to
the Qube
if you can login run:
mount -u -o rw /
cp /netbsd.orig /netbsd
reboot
if the system does not boot at all try:
Press the SPACE bar on system init, you'll get a prompt: Cobalt:
bfd /boot/boot.gz nbsd=wd0a:netbsd.orig will boot the original kernel
##STUFF BEYOND THIS LINE IS NOT WELL TESTED, EVERY HELP WELCOME !
#################################################################
- if ipfilter is enabled in kernel you can use
/etc/rc.d/ipfilter start
/etc/rc.d/ipnat start
/etc/rc.d/ipmon start
to enable them permanently
add this to /etc/rc.conf
ipfilter=YES
ipnat=YES
ipmon=YES
here a standart ipnat.conf for nat where ethernet tlp0 (primary) is the
external
and tlp1 (secondary) is the internal network interface and we do a 1 to
many nat
map tlp0 10.1.1.0/24 -> 0/32 proxy port ftp ftp/tcp
map tlp0 10.1.1.0/24 -> 0/32 portmap tcp/udp 40000:60000
map tlp0 10.1.1.0/24 -> 0/32
a standart firewall config for /etc/ipf.conf can be installed like this
echo /usr/share/examples/ipf/BASIC_1.FW > /etc/ipf.conf
todo it the right way here is a description
/usr/share/examples/ipf/firewall
- changing prompt for bash
if you are using bash as shell you can add this to /etc/profile
set -p
if test "$UID" = 0 ; then
PS1="\h:\w # "
else
PS1="\u@\h:\w> "
fi
- to get apache running i had to change in
/usr/pkg/etc/httpd/httpd.conf
#Listen 80
#Listen 0.0.0.0:80
Listen *:80