Absolute OpenBSD: Unix for the Practical Paranoid
All these nifty boot functions let you do some pretty useful things in trouble situations, but how are you supposed to use them if your server isn't right in front of you? If your computer is on the other side of the country or wedged uncomfortably behind the last ten years of payroll records in the basement storeroom, and you want to perform some low-level hardware maintenance, a serial console will make your life far more pleasant.
A true serial console allows you to run a serial cable between two computers and have complete access to the hardware BIOS, the early operating system boot messages, and startup processes. One computer (the client) will be able to see all the messages that appear on the console of the booting machine (the server). This makes remote system management much easier. Serial consoles are invaluable when you're trying to debug a system crash — the debugging messages come over the serial port where they can be captured easily, rather than displayed on a glass screen to be copied by hand.
Real UNIX hardware (such as HP and Sparc) has a serial console capability. Most i386 hardware does not support this functionality. A very few Intel mother-boards, such as the L440GX, do support serial consoles, but it's a feature you must specifically shop around for.
Because i386 hardware is the most common these days, that lack is something of a problem. Fortunately, it's possible to work around this and build a highly functional serial console anyway. While OpenBSD's i386 serial console doesn't give you access to the hardware BIOS, it does let you interface with the OpenBSD boot process. You could also choose to install an actual hardware serial console.
Hardware Serial Console
Nothing any operating system can do will give you access to the i386 BIOS messages across a serial port. This stuff happens before the operating system starts and before the hard drive even starts to spin up.
Some hardware solutions can work around this by pretending to be a video board and directing the console out to a serial port. The best I've seen is the PC Weasel (http://www.realweasel.com/). By putting the Weasel in your computer and running a null modem cable between the Weasel and another computer's serial port you can manipulate the BIOS remotely, interrupt the boot to come up in single-user mode, and generally muck around with the hardware just as if you were at the actual keyboard and monitor attached to the system. Other companies do manufacture similar devices, but they either require proprietary client software or are far more expensive.
Software Serial Console
OpenBSD includes a software serial console. As OpenBSD boots, it decides where to put its console. This defaults to the monitor and keyboard, but with a few tweaks you can have the console come up on a serial port. The only hardware requirement is that your system has a serial port. Some systems are increasingly arriving "legacy-free," meaning that they lack an ISA bus, serial ports, and even PS/2 ports. My latest laptop had a nasty surprise in lacking an actual serial port. You might need to buy a PCI serial card for your server if this is the case.
This serial console does not kick in until the OpenBSD boot loader starts, so you will not see the BIOS messages. You do get a chance to interact with the OpenBSD boot process, which is good enough for most cases — after all, you presumably made sure that the BIOS was correct before shipping the computer across the country!
Non-i386 Serial Consoles
Every different hardware platform has its own standards for serial consoles. If you're running on one of these platforms, check your hardware documentation. In general, if your hardware supports serial consoles, you need to set it up at the hardware level. Your Sparc hardware will support OpenBSD's console just as well as it supports Solaris's console.
Serial Console Physical Setup
You must have a null modem cable to use a serial console. A regular modem cable will not work! Get the best cable you can find; if you have an emergency and need the serial console, you're probably not in the mood to deal with line noise.
Plug one end of the null modem cable into the first serial port on your OpenBSD server. Traditionally, this is the first COM port. You can use any serial port that is convenient, so long as you remember which port it is. [1] You can choose to use any serial port as your serial console. Plug the other end of your null modem cable into an open serial port on another system. I recommend that you use either another OpenBSD or UNIX system, or a terminal server if you have a lot of servers that include serial consoles. You can use a Windows system as your serial console terminal, but that won't give you any remote-control functionality. (Yes, you could use VNC or Windows Terminal Services on the Windows system, but you're starting to look at a complicated and error-prone setup when a simple 486 running OpenBSD would do.) In a pinch, on a local system that didn't have a monitor or keyboard, I've used a vt100 emulator running on my PalmPilot — the screen was cramped, but it worked.
If you have two OpenBSD machines at a remote location and want to use serial consoles on both of them, simply attach the console cable to the second serial port on the other server. If you have three machines, you can daisy-chain them into a loop. By combining twos and threes, you should be able to get a serial console on every one of your systems. I've worked in areas with dozens of UNIX servers tightly packed together, and serial consoles saved a huge amount of space that monitors and keyboards would have taken up.
Serial Console Client
Before you can test your serial console, you need to configure your client to access the serial console. The key to setting up your client is to remember the following:
-
9600 baud
-
8 bits
-
no parity
-
1 stop bit
If you can configure your client program to use these settings, the serial console will "just work." Conveniently enough, these are the default settings on Microsoft's HyperTerm program. [2] If you don't like HyperTerm, you can find any number of vt100 terminal programs for Microsoft platforms. Even Macintosh and Palm platforms have any number of free vt100 terminal programs kicking around. If your second computer also runs OpenBSD or, for that matter, almost any version of open-source UNIX, you can use the OpenBSD terminal program. Because this is an OpenBSD book, we'll discuss exactly how to do this.
OpenBSD accesses serial lines with tip(1), a program that allows you to connect to a remote system in a manner similar to telnet. To run tip and have it connect to a remote machine's serial port over a serial cable connected to the local machine's first serial port, do this:
# tip tty00
A port name is shorthand for specifying the settings and speed to be used when accessing a serial port. The file /etc/remote contains a list of port names for a variety of platforms.
Configuring the Serial Console
You can tell OpenBSD to boot either off the serial console or off the physical console, by an entry in /etc/boot.conf or a command at the boot prompt. The "set tty" command tells OpenBSD where to put the console. The common choices are com0 (for classic i386 COM1), com1 (for classic i386 COM2), or pc0 (for the physical hardware).
Plug in your serial console and access it from a client machine. Now reboot your test OpenBSD system. At the initial boot loader prompt, type:
boot> set tty com0
All of a sudden, your physical keyboard won't seem to be doing anything, and nothing else comes across your screen. On the other hand, your serial console client will abruptly show the boot loader prompt.
boot>
Anything you type in your serial console client is passed to the OpenBSD boot loader, just as we discussed in "Boot Configuration" earlier. It's just as if you were at the console. You can load alternate kernels, perform preboot configuration (as discussed in Chapter 11), boot in single-user mode, and do any of the other booting tricks we discuss in this chapter.
To switch back to the PC's physical console, use the pc0 device.
boot> set tty pc0
The keyboard and monitor will work again.
If you want to use the serial console permanently, you can place a "set tty" entry in /etc/boot.conf.
set tty com0
[1]A surprising number of people go to a lot of trouble to set up a serial port, then either forget which port it is on or forget which physical port is actually COM1.
[2]I'm refraining from making any comments about how this one of those rare times that Microsoft has done anything conveniently. That would be too cheap a shot even for me.
Категории