To Create the wanboot.conf File

The wanboot.conf file is a plain text configuration file that the WAN boot programs use to perform a WAN installation. The wanboot-cgi program, the boot file system, and the WAN boot miniroot all use the information included in the wanboot.conf file to install the client machine.

Save the wanboot.conf file in the appropriate client subdirectory in the /etc/netboot hierarchy on the WAN boot server. For information about how to define the scope of your WAN boot installation with the /etc/netboot hierarchy, see Creating the /etc/netboot Hierarchy on the WAN Boot Server.

If the WAN boot server is running the current Solaris release, a sample wanboot.conf file is located in /etc/netboot/wanboot.conf.sample. You can use this sample as a template for your WAN boot installation.

You must include the following information in the wanboot.conf file.

You specify this information by listing parameters with associated values in the following format.

parameter=value

For detailed information about wanboot.conf file parameters and syntax, see wanboot.conf File Parameters and Syntax.

To create the wanboot.conf file, follow these steps.

1. Assume the same user role as the web server user on the WAN boot server.

2. Create the wanboot.conf text file.

   You can create a new text file that is named wanboot.conf, or use the sample file that is located in /etc/netboot/wanboot.conf.sample. If you use the sample file, rename the file wanboot.conf after you add parameters.

3. Type the wanboot.conf parameters and values for your installation.

   For detailed descriptions of wanboot.conf parameters and values, see wanboot.conf File Parameters and Syntax.

4. Save the wanboot.conf file to the appropriate subdirectory of the /etc/netboot hierarchy.

   For information about how to create the /etc/netboot hierarchy, see Creating the /etc/netboot Hierarchy on the WAN Boot Server.

5. Validate the wanboot.conf file.

   # bootconfchk /etc/netboot/path-to-wanboot.conf/wanboot.conf

   path-to-wanboot.conf

   Specifies the path to the client's wanboot.conf file on the WAN boot server

   • If the wanboot.conf file is structurally valid, the bootconfchk command returns an exit code of 0.

   • If the wanboot.conf file is invalid, the bootconfchk command returns a nonzero exit code.

6. Change the permissions on the wanboot.conf file to 600.

   # chmod 600 /etc/netboot/path-to-wanboot.conf/wanboot.conf

Example 11–14 wanboot.conf File for WAN Boot Installation Over HTTPS

The following wanboot.conf file example includes configuration information for a WAN installation that uses secure HTTP. The wanboot.conf file also indicates that a 3DES encryption key is used in this installation.

boot_file=/wanboot/wanboot.s10_sparc
root_server=https://www.example.com:1234/cgi-bin/wanboot-cgi
root_file=/miniroot/miniroot.s10_sparc
signature_type=sha1
encryption_type=3des
server_authentication=yes
client_authentication=no
resolve_hosts=
boot_logger=https://www.example.com:1234/cgi-bin/bootlog-cgi
system_conf=sys-conf.s10–sparc

This wanboot.conf file specifies the following configuration.

boot_file=/wanboot/wanboot.s10_sparc

The second level boot program is named wanboot.s10_sparc. This program is located in the /wanboot directory in the WAN boot server's document root directory.

root_server=https://www.example.com:1234/cgi-bin/wanboot-cgi

The location of the wanboot-cgi program on the WAN boot server is https://www.example.com:1234/cgi-bin/wanboot-cgi. The https portion of the URL indicates that this WAN boot installation uses secure HTTP.

root_file=/miniroot/miniroot.s10_sparc

The WAN boot miniroot is named miniroot.s10_sparc. This miniroot is located in the /miniroot directory in the WAN boot server's document root directory.

signature_type=sha1

The wanboot.s10_sparc program and the WAN boot file system are signed with a HMAC SHA1 hashing key.

encryption_type=3des

The wanboot.s10_sparc program and the boot file system are encrypted with a 3DES key.

server_authentication=yes

The server is authenticated during the installation.

client_authentication=no

The client is not authenticated during the installation.

resolve_hosts=

No additional host names are needed to perform the WAN installation. All required files and information are located in the document root directory on the WAN boot server.

boot_logger=https://www.example.com:1234/cgi-bin/bootlog-cgi

(Optional) Booting and installation log messages are recorded on the WAN boot server by using secure HTTP.

For instructions on how to set up a logging server for your WAN boot installation, see (Optional) To Configure the WAN Boot Logging Server.

system_conf=sys-conf.s10–sparc

The system configuration file that contains the locations of the sysidcfg and JumpStart files is located in a subdirectory of the /etc/netboot hierarchy. The system configuration file is named sys-conf.s10–sparc.

Example 11–15 wanboot.conf File for Insecure WAN Boot Installation

The following wanboot.conf file example includes configuration information for a less secure WAN boot installation that uses HTTP. This wanboot.conf file also indicates that the installation does not use an encryption key or a hashing key.

boot_file=/wanboot/wanboot.s10_sparc
root_server=http://www.example.com/cgi-bin/wanboot-cgi
root_file=/miniroot/miniroot.s10_sparc
signature_type=
encryption_type=
server_authentication=no
client_authentication=no
resolve_hosts=
boot_logger=http://www.example.com/cgi-bin/bootlog-cgi
system_conf=sys-conf.s10–sparc

This wanboot.conf file specifies the following configuration.

boot_file=/wanboot/wanboot.s10_sparc

The second level boot program is named wanboot.s10_sparc. This program is located in the /wanboot directory in the WAN boot server's document root directory.

root_server=http://www.example.com/cgi-bin/wanboot-cgi

The location of the wanboot-cgi program on the WAN boot server is http://www.example.com/cgi-bin/wanboot-cgi. This installation does not use secure HTTP.

root_file=/miniroot/miniroot.s10_sparc

The WAN boot miniroot is named miniroot.s10_sparc. This miniroot is located in the /miniroot subdirectory in the WAN boot server's document root directory.

signature_type=

The wanboot.s10_sparc program and the WAN boot file system are not signed with a hashing key.

encryption_type=

The wanboot.s10_sparc program and the boot file system are not encrypted.

server_authentication=no

The server is not authenticated with keys or certificates during the installation.

client_authentication=no

The client is not authenticated with keys or certificates during the installation.

resolve_hosts=

No additional host names are needed to perform the installation. All required files and information are located in the document root directory on the WAN boot server.

boot_logger=http://www.example.com/cgi-bin/bootlog-cgi

(Optional) Booting and installation log messages are recorded on the WAN boot server.

For instructions on how to set up a logging server for your WAN boot installation, see (Optional) To Configure the WAN Boot Logging Server.

system_conf=sys-conf.s10–sparc

The system configuration file that contains the locations of the sysidcfg and JumpStart files is named sys-conf.s10–sparc. This file is located in the appropriate client subdirectory of the /etc/netboot hierarchy.

Continuing the WAN Boot Installation

After you create the wanboot.conf file, you can optionally configure a DHCP server to support WAN boot. For instructions, see (Optional) Providing Configuration Information With a DHCP Server.

If you do not want to use a DHCP server in your WAN boot installation, see To Check the net Device Alias in the Client OBP to continue the WAN boot installation.

See Also

For detailed descriptions of wanboot.conf parameters and values, see wanboot.conf File Parameters and Syntax and the man page wanboot.conf(4).