csant/log

Just a few notes to register my experiments, in order to remember, later, how I did stuff… and maybe useful for somebody who wants to go through the steps himself.

Got around to expriment a bit with Inferno, a Plan 9 based compact operating system designed for building distributed and networked systems.

Installation instructions are pretty straightforward. I did this on two machines of my local net (installing to userspace), then proceded to boot the systems up and get them to talk to each other. One of them functions as key and file server, the other one is the client. The online installation documentation [PDF] is very detailed.

Setting up the server

As a start, take care to edit the network setup file. I have installed Inferno in userspace to /home/csant/inferno - this file is the inferno_root. Open the file inferno_root/lib/ndb/local and in the section infernosite= edit SIGNER and FILESERVER to point to your local machine, say

SIGNER=10.0.0.5
FILESERVER=10.0.0.5

The file inferno_root/lib/ndb/inferno will also tell you which ports the system will need - if you run a firewall, it might be a good idea to make sure now that the other machine will be able to use these ports through your firewall, to avoid some grief later.

You'll now start the system that will function as server with the command line emu -r/home/csant/inferno, which tells it where to find its root. Next you are at the prompt.

;

I will not get into details on the shell, but lead you through the setup, providing commands you'll have to enter, and shell output.

First we set up the correct time:

; cp /locale/CET /locale/timezone

You can check out your initial namespace:

; ns
bind / /
bind -ac '#U' /
bind /dev /dev
bind -b '#c' /dev
bind '#p' /prog
bind '#d' /fd
bind /net /net
bind -a '#I' /net
bind -a /dev /dev
bind -a /net /net
bind /net.alt /net.alt
bind -a /net.alt /net.alt
bind -c '#e' /env
cd /

Now prepare a clean file of secrets:

; cp /dev/null /keydb/keys; chmod 600 /keydb/keys

and create a new entry for your network signer (either a fully qualified domain name, or an individual):

; auth/createsignerkey csant

Next start the authentication network services:

; svc/auth
Key: 
Confirm key:

The command ps should tell you if they are running:

; ps
       1        1      csant    0:00.0    release    73K Sh[$Sys]
      14       13      csant    0:00.0        alt    17K Cs
      18       17      csant    0:00.0       recv    25K Keyfs
      19       17      csant    0:00.0    release    47K Styx[$Sys]
      20       17      csant    0:00.0       recv    25K Keyfs
      22        1      csant    0:00.0        alt     9K Listen
      24        1      csant    0:00.0    release     9K Listen[$Sys]
      26        1      csant    0:00.0        alt     9K Listen
      28        1      csant    0:00.0    release     9K Listen[$Sys]
      30        1      csant    0:00.0        alt     9K Listen
      32        1      csant    0:00.0    release     9K Listen[$Sys]
      34        1      csant    0:00.0        alt     9K Listen
      36        1      csant    0:00.0    release     9K Listen[$Sys]
      37        1      csant    0:00.0      ready    73K Ps[$Sys]

Next create the users that will be allowed to authenticate with the signer:

; auth/changelogin csant
new account
secret: 
confirm: 
expires [DDMMYYYY/permanent, return = 21022007]: 
change written

and we need to generate a server key set - we'll obtain a certificate and save it in a file named default:

; getauthinfo default
use signer [$SIGNER]: localhost
remote user name [csant]: csant
password: 
listen: got connection on tcp!*!inflogin from 127.0.0.1!22226
save in file [yes]: yes

Our server is now up and running - time to get the client configured.

Setting up the client

The client is much less complicated to set up - he will get all information from the server. We'll edit the network setting file inferno_root/lib/ndb/local and enter the same values as for the server - yes, because the server will be 10.0.0.5. We assume the inferno_root is the same as above, just on another machine.

First start inferno on the client (in our case on 10.0.0.6) with the same command emu -r/home/csant/inferno.

Start your network and the connection server:

; ndb/cs

and get a certificate from the server:

; getauthinfo tcp!10.0.0.5
use signer [$SIGNER]: 10.0.0.5
remote user name [csant]: csant
password:
save in file [yes]: yes

We are authenticated - time to mount the remote machine and resources:

; mount 10.0.0.5 /n/remote

and you are ready for using your new distributed network operating system.

Disclaimer: did I ever say this was useful for something?