Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the '10.4: Use NetBoot to install 10.4 on non-DVD systems' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
10.4: Use NetBoot to install 10.4 on non-DVD systems
Authored by: nemoinis on May 12, '05 01:13:08PM
I've got a text dump of outlined notes I made that I can share - but I cannot answer questions or support it (no time, sorry). You may want to paste the text below into a plain-text editor set to "Monaco 10" to preserve the proper indentations. And please do backup your system before making any netinfo changes! Good luck...

NETBOOT WITH OSX CLIENT TIPS
- 1 Setup
    - 1.1 unless stated otherwise, you must create all the links,
          folders and netinfo entries listed here
    - 1.2 /Library/NetBoot
        - What is it
            - create this directory, make it owned by root,with
                  world read access
            - it will contain all your netboot images and various
                  other files
            - More info on netboot images and the boot process:
                - a netboot image is a folder whose name ends in
                      ".nbi", and which contains 3 or 4 files read or
                      mounted by the clients when netbooting:
                -FOR OS9:
                    - Mac OS ROM
                        - the (pre Mac OSX) rom-in-ram file. This
                              is an executable file in ELF format. Get
                              it from a working system folder for the
                              machine you want to boot, or use the one
                              from Apple's netboot disk, which you can
                              get from Apple
                              <http://docs.info.apple.com/article.html?artnum=120243>
                             (or search for "NetBoot for Mac OS 9" in the Downloads section)
                        - this file is downloaded from the host by
                              the client's open firmware using TFTP.
                        - Once it starts, the Mac OS ROM connects
                              to the host via Apple Filesharing
                              Protocol (AFP) and tries to mount the
                              image(s) that form your netbook image,
                              and start Mac OS from them.
                    - NetBoot HD.img  (this is the default name -
                          you can change it)
                        - A OS9 Disk Copy disk image, which must be
                              .img with Finder type "dimg" and creator
                              "ddsk".  The images created by Disk Copy
                              under OSX (.dmg) will NOT work in OS9
                        - This disk image must contain a working
                              and blessed system folder plus whatever
                              applications/utilities you want
                        - You can change the name "NetBoot HD".
                              Edit the file NBImageInfo.plist
                              accordingly, and change the image file
                              name(also mount the image and change its
                              mounted name)
                    - Applications HD.img (optional, may be absent,
                          or different name)
                        - A OS9 Disk Copy disk image, which must be
                              .img extension with Finder type "dimg"
                              and creator "ddsk".  The images created
                              by Disk Copy under OSX (.dmg) will NOT
                              work
                        - If present, this is the "Private Image"
                              disk image that's mounted read-only by
                              the client. Can contain additional
                              applications, etc...
                        - If you don't want it, delete the "Private
                              Image" entry in NBImageInfo.plist. Or
                              edit that entry to use a different name.
                    - NBImageInfo.plist
                        - a text file that describes the netboot
                              image. Among other things, it tells the
                              server what files (.img) make up the
                              image, what type of computers it's for,
                              etc...
                        - see the Apple NetBoot Info page in the
                              FOR MORE INFORMATION section if you want
                              more details on the contents of this file
                        - also see "NetBootSP0" below for an example
                 - FOR OSX:
                    - booter, mach.macosx, mach.machosx.mkext
                        - OSX boot files. You can get these from an existing system
                        - theses files are downloaded from the host by
                              the client's open firmware using TFTP.
                        - Once started, the boot software connects
                              to the host via Apple Filesharing
                              Protocol (AFP) and tries to mount the
                              image(s) that form your netbook image,
                              and start Mac OS from them.
                    - SomeNameHere.dmg
                       - a OSX Disk Utility disk image
                       - you can create it with Disk Utility (eg make an image of your boot CD)
                       - make sure the CD you are imaging is bootable!
                    - NBImageInfo.plist
                        - a text file that describes the netboot
                              image. Among other things, it tells the
                              server what files (.dmg) make up the
                              image, what type of computers it's for,
                              etc...
                        - see the Apple NetBoot Info page in the
                              FOR MORE INFORMATION section if you want
                              more details on the contents of this file
                        - also see "NetBootSP0" below for an example
                - a netboot image folder must be owned by root,
                      with world read access. If not root owned, the
                      server will pretend it's not there
        - /Library/NetBoot/.sharepoint
            - soft link to image sharing folder (usually
                  NetBootSP0, can be any folder that is shared as a
                  Volume via AFP)
        - /Library/NetBoot/.clients
            - soft link to clients folder (usually NetBootClients0,
                  can be any folder shared as a Volume via AFP).
            - this folder is initially empty. NetBoot server puts
                  image shadows in there. (shadows contain changes made
                  by clients to read-only system images)
        - /Library/NetBoot/NetBootSP0
            - contains netboot images ("anyname.nbi" folders, must be owned by root)
                - each .nbi folder contains:
                          - 1 or more ".img" disk images (for OS9) or ".dmg" (for OSX) 
                             - may have one boot image and one private disk image in same folder
                          - a file named "NBImageInfo.plist"
                          - system boot files (get these from existing systems):
                             - for OSX:
                               mach.macosx.mkext
                               booter
                               mach.macosx
                             - for OS9:
                               Mac OS ROM
                - NBImageInfo.plist example for an OSX image (the Panther install CD)
                    - <?xml version="1.0" encoding="UTF-8"?>
                          <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
                          <plist version="1.0">
                          <dict>
                             <key>BootFile</key>
                             <string>booter</string>
                             <key>Index</key>
                             <integer>22</integer>
                             <key>IsDefault</key>
                             <false/>
                             <key>IsEnabled</key>
                             <false/>
                             <key>IsInstall</key>
                             <true/>
                             <key>Name</key>
                             <string>PantherInstall</string>
                             <key>RootPath</key>
                             <string>PantherInstall.dmg</string>
                             <key>SupportsDiskless</key>
                             <false/>
                             <key>Type</key>
                             <string>NFS</string>
                          </dict>
                          </plist>

                - Index number must be less than 4096 and unique among multiple images
                - IF YOU HAVE MORE THAN ONE .NBI IMAGE
                    - Only one image should be active
                          (IsEnabled=true in NBImageInfo.plist) at a time for the same type
                          of computer
                    - Once a client has netbooted from an image,
                          the server remembers it and serves it back,
                          regardless of the IsEnabled flag??
                    - So check /var/db/bsdpd_clients  and change
                          the image index there if needed to select the
                          image you want. Seems strange, but...
        - /Library/NetBoot/NetBootClients0
            - Clients folder (usually named NetBootClients0, but
                  can be any folder shared as a Volume via AFP).
            - this folder is initially empty. NetBoot server puts
                  image shadows in there. Shadows contain changes made
                  by clients to read-only system images.
            - You can safely delete the contents of this folder, or
                  just the subfolder for one particular client. This
                  will remove the shadow files and thus "forget" any
                  changes a client has made to his/her netboot images.
                  Useful to clear up messes sometimes, or after you
                  made a change to the actual (host-based) netboot
                  image.

    - 1.3 Netinfo manager database
        - 1.3.1 Use Netinfo Manager to access. Make a backup first.
        - 1.3.2 /Machines
            - must contain one entry per client machine, with these
                  properties:
                - name -> name of client machine
                - ip_address -> static IP address to assign to
                      client machine upon boot
                - en_address -> client MAC address, in
                      hex:hex:hex:hex:hex:hex format
        - 1.3.3 /config/NetBootServer
            - configuration for NetBootServer (which is part of the
                  bootpd daemon). Properties:
                - name -> NetBootServer
                - age_time_seconds -> number of seconds (86400 =
                      1day) before client is considered aged. 
                    - aged clients resources can be reclaimed if
                          needed (if server runs out of client
                          entries). In that case the shadow file for
                          that client is erased => any change made to
                          the netboot image on the client side is lost.
                    - NOTE: this won't happen unless you connect
                          more than 'afp_users_max' clients. If not,
                          client resources are saved and reused even
                          when aged.
                - afp_users_max -> number of AFP users the server
                      will create.
                    -  If you increase this, server will create
                          additional users to allow more clients.
                          Decrease has no effect since server will not
                          delete clients, so start small. 
                    - Suggested value = 10.
                    - Can probably delete user entries by hand in
                          netinfo manager
                - afp_uid_start -> starting uid used when creating
                      AFP machine users.
                    - The default is uid 100. 
                    - I did not play with this, so use the default.
                          Stay away from 500, which are interactive OSX
                          users.
                - shadow_size_meg -> size of client shadow file in
                      megabytes
                    - shadow file is used to store "changes" made
                          by a client to a netboot image.
                    - default is 48 Mb
                    - I used 64Mb, just in case I need huge temp
                          files or something.
                    - If you need to install new apps, do it on the
                          host netboot image or on the Private Image,
                          if any. If you do it on the client's netboot
                          image, it will go into the shadow file and
                          might get lost later. On the other hand, it's
                          a great way to implement an "undo install"
                          function!
                - machine_name_format -> name template for NetBoot
                      clients
                    - default value is "NetBoot%03d", which creates
                          names like "NetBoot001", etc...
                    - I think this is a NetBoot Server 2.0
                          property. It did not do anything on my
                          implementation. The clients get named
                          "bsdp001", etc...
        - 1.3.4 /config/SharePoints
            - define folders shared as AFP Volumes
            - must have /Library/NetBoot/NetBootSP0 exported as
                  NetBootSP0
            - must have /Library/NetBoot/NetBootClients0 exported
                  as NetBootClients0
            - use shareware program "SharePoints" to set this up. 
            - To do it by hand:
                - properties for each entry:
                    - name -> entry name (eg NetBootSP0)
                    - afp_name -> name to use for the AFP Volume 
                          (eg NetBootSP0)
                    - directory_path ->  path to the folder to
                          share (eg /Library/NetBoot/NetBootSP0)
                    - afp_shared -> 1
                    - afp_use_parents_privs -> 0  (use parent
                          folder privileges property)
                    - afp_use_parent_owner -> 0
        - 1.3.5 /users/netboot100 to /users/netbootNNN
            - these user accounts are created by the NetBoot server
                  for access to the netboot images from the clients
                  machine.
            - NNN depends on the max number of users you defined in
                  /config/NetBootServer
            - these accounts are setup automatically, the passwords
                  are changed after each login, so leave them alone.
 
    - 1.4 BOOTP and Trivial FTP servers
        - must enable these servers on OSX:
            - BOOTPD server (also contains NetBoot server)
                - What it does
                    - catches the boot request from the client
                    - looks up the client in the netinfo database
                    - assigns the client the static IP address
                          found in the database
                    - starts netboot server, which then
                    - looks up /Library/NetBoot/.sharepoint to find
                          out which images are available
                    - finds an image suitable for this client
                    - sends the boot file name (Mac OS ROM
                          usually), an AFP user name (NetbootNNN) and
                          one-time password, and the image volumes &
                          file names to the client.
                    - client then downloads the Mac OS ROM via TFTP
                          and boots it
                    - Mac OS ROM connects to host via AFP using the
                          name & password above
                    - opens the volumes (NetBootSP0 and
                          NetBootClients0) via AFP
                    - mounts the images (NetBoot HD.img or whatever
                          you called it, and optionally the private
                          image, eg, Applications HD.img
                    - starts the system
                - edit (as root) /etc/xined.d/bootps to look as
                      follows (yes that's bootps not bootpd as you
                      would expect)
                - service bootps
                      {
                              disable         = no
                              socket_type     = dgram
                              wait            = yes
                              user            = root
                              server          = /usr/libexec/bootpd
                              server_args     = -m -v 
                              groups          = yes
                              flags           = REUSE
                      }

                - The -m flag enables the NetBoot server 1.0 for
                      older Macs (B&W G3, PowerBook G3 without
                      Firewire, original iMac Bondi Blue)
                - There is a -N flag to enable NetBoot server 2.0
                      for newer Macs (including all PowerBooks with
                      firewire, and all G4s and G5s). Have not played
                      with it.
                - The -v flag logs information in the System log,
                      which you will need if things aren't working
                - More settings:
                    - create (as root) /private/tftpboot
                    - create a link to the NetBoot library:
                        - sudo ln -s /Library/NetBoot 
                              /private/tftpboot/NetBoot
            - TFTPD server
                - What it does
                    - dumb version of FTP server, without
                          authorization or encryption
                    - used by the client to download the boot file
                          (Mac OS ROM)
                    - Security issues
                        - can totally expose your system, so be
                              careful
                        - setting server_args to /private/tftpboot
                              limits the server to downloading files
                              starting with this path. 
                        - TFTPD will NOT download any file that has
                              ".." in the path, for obvious security
                              reasons
                - edit (as root) /etc/xined.d/tftp to look as
                      follows
                    - service tftp
                          {
                                  disable         = no
                                  socket_type     = dgram
                                  wait            = yes
                                  user            = nobody
                                  server          = /usr/libexec/tftpd
                                  server_args     = /private/tftpboot
                                  groups          = yes
                                  flags           = REUSE
                          }

            - Note on xinetd
                - xinetd is the daemon that starts other daemons
                      (like ftp, bootp, tftp, and others) whenever
                      they're needed instead of having them running all
                      the time.
                - it's sometimes a bit capricious after you made
                      changes to the /etc/xinetd.d/ configuration files
                - to kick start it, you can either restart the
                      computer or go into system preferences and start
                      then stop (or stop then start) FTP, or open a
                      Terminal session and send a sighup signal to
                      xinetd (sudo killall -SIGHUP xinetd). This will
                      make xinet look at all its config files again.
 
    - 1.5 AppleFileServer
        - 1.5.1 Personal File Sharing must be enabled. AppleTalk is not needed
        - 1.5.2 Must export /Library/NetBoot/NetBootSP0 and
              /Library/NetBoot/NetBootClients0 as AFP volumes
        - 1.5.3 Since OS X desktop does not do that by default, either
              use the shareware program SharePoints or do it by hand
        - 1.5.4 see Netinfo manager database setup for more info

    - 1.6 FOR MORE INFORMATION
        - see Mike Bombich's NetBoot explanation page:
	          <http://www.bombich.com/mactips/nbas.html>
        - see this Apple NetBoot Info page:
            - developer.apple.com - bootpd.8.html
                  <http://developer.apple.com/documentation/Darwin/Reference/ManPages/html/bootpd.8.html>
        - Where to get the Apple OS9 netboot images:
            - netboot image from docs.info.apple.com-article.html
                  <http://docs.info.apple.com/article.html?artnum=120243>
                 (or search for "NetBoot for Mac OS 9" in the Downloads section)
            - application image from
                  docs.info.apple.com-article.html
                  <http://docs.info.apple.com/article.html?artnum=60322>
                   (or search for "Applications HD Image" in the Downloads section)
        - TROUBLESHOOTING
            - scrutinize the System Log, /var/system.log
            - instead of holding the N key during startup on the
                  client, you can hold option-command-O-F to start in
                  Open Firmware. Then type "boot enet:0" to boot from
                  the network. This will display a bit more information
                  if things go wrong during the inital boot of the Mac
                  OS ROM. For the most part though, look on the host
                  for log info. There is no setup on the client.
            - if you have enabled verbose mode in Bootpd (use -v
                  flag) the netboot server will log information in the
                  System log.
            - If Netboot server runs into a problem it turns itself
                  off - check the system log
            - If anything goes wrong the client crashes during boot
                  without explanation. Check the host system log.
                  Usually it's because the netboot images aren't
                  accessible to the client (not shared, not correct,
                  not recognized by netboot server, etc...)
            - If you can't figure out what's happening, use a
                  packet sniffer to monitor the
                  client-host traffic. In particular look for the AFP
                  packets at the end of the boot process. If the
                  images, users, or host setup is wrong you'll see some
                  replies from the host stating that.
            - Common problems
                - netboot images are not configured properly (check
                      the NBImageInfo.plist file). make sure the image
                      is enabled. check against documentation.
                - imagename.nbi folder not owned by root -> the
                      server pretends it's not there
                - your ".img" file is corrupt or not correct. Make
                      sure you can mount it from an OS9 client. Get a
                      fresh one from Apple or the NetBoot Software CD.
                - can only use ".img" image files for OS9, not ".dmg"
                - your ".dmg" must be created from a *bootable* OSX CD
                - NetBootSP0 or NetBootClients0 are not exported as
                      AFP volumes. check you can see them through
                      AppleShare sharing from OS9 client, when
                      connected AS GUEST.  You will NOT see them when
                      connected as an admin user, if you already have
                      access to "/".
                - Make sure you use "ditto -rsrc" (do a man ditto)
                      or the Finder when moving ".img" image files around,
                      since they do have a resource fork. Unix  cp will
                      lose the fork, corrupting the image.
                      
- 2 To NetBoot a client machine
    - 2.1 connect it to a local network where there is ON THE SAME
          SUBNET a OS X machine setup as above
    - 2.2 power up the client, and hold the N key
    - 2.3 (for OS 9 boot image) if you boot successfully, the client system will try to
          connect to Macintosh Manager, a user login remote management
          server. 
    - 2.4 (for OS 9 boot image) If you don't have a Macintosh Manager running on the host,
          click cancel then supply the name/password of the local
          system user.
    - 2.5 (for OS 9 boot image) If you booted from the original Apple NetBoot OS 9.2.2 image,
          use either of these accounts:
        - user NBAdmin, password netboot
        - user NBUser, password netboot
    - 2.6 you can check the System Log on the host to monitor the boot
          process
    - 2.7 See the FOR MORE INFORMATION part of the Setup section for
          help
    - 2.8 
- 3 To Modify a NetBoot Image under OS9
    - 3.1 Use NetBoot Desktop Admin
- 4 To Modify a NetBoot Image under OSX
    - 4.1 Unlock & change owner of image
        - 4.1.1 launch Pseudo
              drop FileBuddy on Pseudo
              in FileBuddy, open NetBoot image and unlock
              use Finder to change ownership

              OR (not recommended)

              log in as Root to unlock & make the changes
    - 4.2 Mount the image, make changes needed
    - 4.3 UnMount image
    - 4.4 Image will be locked (and chown'ed back to root) by the server



[ Reply to This | # ]