HardenedBSD/share/examples/diskless/ME
1999-02-09 17:44:00 +00:00

38 lines
2.0 KiB
Plaintext

When templating, /conf/ME is typically a softlink to
/conf/<appropriate-machine>. When doing a diskless boot, /conf/ME is
retargeted by /etc/rc.diskless1 from pointing to the server to pointing
to the client's directory, /conf/<ip-address-of-client>. The retargeting
is accomplished through an MFS -o union mount.
When templating, this softlink should be different for each machine.
When doing a diskless boot, this softlink is typically part of the / NFS
mount from the server and points to the server's conf directory, but gets
retargeted during the /etc/rc.diskless1 phase.
System-wide configuration files must generally be targeted through /conf/ME.
For example, your /etc/rc.conf.local should become a softlink to
/conf/ME/rc.conf.local and your real rc.conf.local should go into the
appropriate /conf/<appropriate-machine> directory. This is also true of
/etc/rc.local, /etc/fstab, /etc/syslog.conf, /etc/ccd.conf, /etc/ipfw.conf,
/etc/motd, /etc/resolv.conf, and possibly even /etc/ttys ( if you want
to start an X session up on boot on certain of your machines ).
When templating, you duplicate your / and /usr partitions on each machine's
local disk from a single master ( assuming /var and /home reside elsewhere ),
EXCEPT for the /conf/ME softlink. The /conf/ME softlink is the only thing
on / that should be different for each machine.
There are often categories of configuration files. For example, all of your
shell machines may use one resolv.conf while all of your mail proxies may
use another. Configuration files can be categorized fairly easily through
/conf/HT.<category> directories. You put the actual configuration file in
/conf/HT.<category> and make a softlink from
/conf/ME/<appropriate-machines>/config-file to "../HT.<category/config-file".
This means that access to these files tends to run through more then one
softlink. The advantage is that for all the complexity of your /conf
directory hierarchy, most of your common config files exist in only one place
in reality.