Thank you Erik for your review - very much appreciated! I have integrated your suggestions (plus some further general enhancements and optimizations) into another draft version that I will upload shortly.
May I solicit just one more bit of feedback from you? In the 'Conventions' section, I have summarized the variables used throughout the howto; however there a few that I feel I have not accurately described, or that they could use more idiomatic nomenclature - could you help out with the following: <authdomain> - The authentication domain name used for the auth services your server will be supplying. <machinekey> - A secret key assigned to the machine. <secstorekey> - ???: summarize what the secstore key is. I'm not satisfied with my descriptions for authdomain and machinekey, and I simply was not even able to come up with a terse/succinct way of summarizing the secstore key. Many thanks! On Monday 10 August 2009 22:34:00 erik quanstrom wrote: > On Tue Aug 11 01:02:13 EDT 2009, [email protected] wrote: > > I finished the first draft of a cpu/auth server > > installation/configuration howto: > > > > http://www.p9dp.org/plan9-cpu-auth-server-howto.html > > > > It would be great if whoever's interested, and has a bit of time could > > check it out, try it, and offer any suggestions/comments. > > step 3. > you really don't want rwm on. use dmaon script instead of doing > it by hand. also ip/ipconfig with no args is recommended if you already > have a dhcp server. also, this should be in your cpurc.local. > > step 5. > these devices you suggest binding are already bound > * #S /lib/namespace > > it's probablly not a good idea to suggest that everyone bind > these: > * #m, #i > > since not everyone is interested in starting rio on their cpu server. > likewise aux/vga, aux/mouse and rio don't belong in everyone's > /cfg/$s/cpustart. (it's really difficult to use the serial console remotely > if you've started rio!) > > step 8. > don't invalidate the host keys after you've set them! do that first. > also set the hostowner's keys here. > > step 11. > refreshing cs is not required for ndb/query to work. ndb/query doesn't > care what cs thinks. > > step 14. > setting host key can be omitted. you should have done that in step 8. > > step 17. > it's a good idea to always leave a 9fat menu around on your auth server. > if you screw a kernel up, you'll really be proud of your self for it! > > - erik
