Creating the /etc/netboot Hierarchy on the WAN Boot Server

During the installation, WAN boot refers to the contents of the /etc/netboot hierarchy on the web server for instructions about how to perform the installation. This directory contains the configuration information, private key, digital certificate, and certificate authority required for a WAN boot installation. During the installation, the wanboot-cgi program converts this information into the WAN boot file system. The wanboot-cgi program then transmits the WAN boot file system to the client.

You can create subdirectories within the /etc/netboot directory to customize the scope of the WAN installation. Use the following directory structures to define how configuration information is shared among the clients that you want to install.

• Global configuration – If you want all the clients on your network to share configuration information, store the files that you want to share in the /etc/netboot directory.

• Network-specific configuration – If you want only those machines on a specific subnet to share configuration information, store the configuration files that you want to share in a subdirectory of /etc/netboot. Have the subdirectory follow this naming convention.

  /etc/netboot/net-ip

  In this example, net-ip is the IP address of the client's subnet.

• Client-specific configuration – If you want only a specific client to use the boot file system, store the boot file system files in a subdirectory of /etc/netboot. Have the subdirectory follow this naming convention.

  /etc/netboot/net-ip/client-ID

  In this example, net-ip is the IP address of the subnet. client-ID is either the client ID that is assigned by the DHCP server, or a user-specified client ID.

For detailed planning information about these configurations, see Storing Configuration and Security Information in the /etc/netboot Hierarchy.

The following procedure describes how to create the /etc/netboot hierarchy.

To Create the /etc/netboot Hierarchy on the WAN Boot Server

Follow these steps to create the /etc/netboot hierarchy.

1. Become superuser or assume an equivalent role on the WAN boot server.

2. Create the /etc/netboot directory.

   # mkdir /etc/netboot

3. Change the permissions of the /etc/netboot directory to 700.

   # chmod 700 /etc/netboot

4. Change the owner of the /etc/netboot directory to the web server owner.

   # chown web-server-user:web-server-group /etc/netboot/

   web-server-user

   Specifies the user owner of the web server process

   web-server-group

   Specifies the group owner of the web server process

5. Exit the superuser role.

   # exit

6. Assume the user role of the web server owner.

7. Create the client subdirectory of the /etc/netboot directory.

   # mkdir -p /etc/netboot/net-ip/client-ID

   -p

   Instructs the mkdir command to create all the necessary parent directories for the directory you want to create.

   (Optional) net-ip

   Specifies the network IP address of the client's subnet.

   (Optional) client-ID

   Specifies the client ID. The client ID can be a user-defined value or the DHCP client ID. The client-ID directory must be a subdirectory of the net-ip directory.

8. For each directory in the /etc/netboot hierarchy, change the permissions to 700.

   # chmod 700 /etc/netboot/dir-name

   dir-name

   Specifies the name of a directory in the /etc/netboot hierarchy

Example 11–4 Creating the /etc/netboot Hierarchy on the WAN Boot Server

The following example shows how to create the /etc/netboot hierarchy for the client 010003BA152A42 on subnet 192.168.198.0. In this example, the user nobody and the group admin own the web server process.

The commands in this example perform the following tasks.

• Create the /etc/netboot directory.

• Change the permissions of the /etc/netboot directory to 700.

• Change the ownership of the /etc/netboot directory to the owner of the web server process.

• Assume the same user role as the web server user.

• Create a subdirectory of /etc/netboot that is named after the subnet (192.168.198.0).

• Create a subdirectory of the subnet directory that is named after the client ID.

• Change the permissions of the /etc/netboot subdirectories to 700.

# cd /
# mkdir /etc/netboot/
# chmod 700 /etc/netboot
# chown nobody:admin /etc/netboot
# exit
server# su nobody
Password:
nobody# mkdir -p /etc/netboot/192.168.198.0/010003BA152A42
nobody# chmod 700 /etc/netboot/192.168.198.0
nobody# chmod 700 /etc/netboot/192.168.198.0/010003BA152A42

Continuing the WAN Boot Installation

After you create the /etc/netboot hierarchy, you must copy the WAN Boot CGI program to the WAN boot server. For instructions, see Copying the WAN Boot CGI Program to the WAN Boot Server.

See Also

For detailed planning information about how to design the /etc/netboot hierarchy, see Storing Configuration and Security Information in the /etc/netboot Hierarchy.