Basic Configuration


OpenBSD includes a very nice afterboot(8) manual page that gives much good advice for new systems administrators. Some of that advice gives an overview of material that we'll cover later in this book, while some of it only applies to particular situations or network environments. You should skim afterboot(8) on your version of OpenBSD, as it has lots of pointers to things you might want to set up. Here, we'll cover the steps that should be done on every OpenBSD system.

All of the steps here must be performed as root. We'll discuss creating additional users in Chapter 7 and how to avoid use of the root account whenever possible. That's not necessary yet, however.

Time Zone

All of the time zones OpenBSD supports are in the /usr/share/zoneinfo directory tree. You'll find quite a few time zone names in this directory. You'll also find several subdirectories for various countries or continents, each containing either city names or local time zones. Find the file for the time zone you like or for a city whose time zone you share.

To set the time zone, just create a new symbolic link to the file from /etc/localtime.

 # ln -fs /usr/share/zoneinfo/America/Detroit /etc/localtime 

OpenBSD also supports POSIX-style time zones, which have their own rules. Those time zone files are stored in /usr/share/zoneinfo/Etc. Do not use POSIX times unless you are absolutely certain you understand them.

Date

Now that you have a time zone, set the correct date. OpenBSD supports programs such as xntpd(8) and ntpdate(8), but does not include them by default. OpenBSD does include rdate(8), if you have a time server accessible from your network. (This may not be an option behind a firewall, of course.) You might have to set the date by hand.

Date(1) can be used to set the system date. Confirm that you know the current year, month, day of the month, and time (in 24-hour format). To give them to date(1), just run them all together in order. In the following example, we set the date to the year 2002, month of August, day 16 of the month, and 1:24 p.m. (13:24).

 # date 200208161324 Fri Aug 16 13:24:00 EDT 2002 # 

Fortunately, date(1) spits out the date as it understands it, so you can check your work easily.

If you have access to a NTP server, you can set the time with rdate(8). While rdate(8) is generally used for older time protocols, OpenBSD's rdate(8) will speak to a NTP server if you use the -n flag.

 # rdate -n timeserver.company.com 

Set Host Name

You can set the system's host name in /etc/myname. For example, my test system is called openbsdtest.AbsoluteOpenBSD.com.

 # cat /etc/myname openbsdtest.AbsoluteOpenBSD.com # 

Ethernet Interface Configuration

If you have installed OpenBSD over the network, your Ethernet network card is already set up and working. If you installed from CD-ROM, you probably want to configure any network cards in the system. (If you want to connect to a network via PPP, see Chapter 9.) For a complete list of cards recognized by your installed OpenBSD system, run ifconfig -a.

If you're not familiar with Ethernet, IP addresses, default routes, and so on, you probably want to wait to configure your network until you read Chapters 8 and 9. This section is meant for experienced systems administrators who already know what they want to do, and just need to know which files to touch to do it. For a complete description of the configuration options for your version of OpenBSD, check hostname.if(5).

Each Ethernet card has its own configuration file, named /etc/hostname. interfacename. For example, the network card fxp1 has a configuration file named /etc/hostname.fxp1. The format of the file is very simple when using IPv4 addresses:

 inet 1 ipaddress 2 netmask 3 broadcastaddress 4 options 

This string is used as an argument to ifconfig(8).

The IP address 1 is standard dotted-quad notation, such as 10.8.3.250.

The 2 netmask can be given in dotted-quad format (255.255.255.0) or in hexadecimal (0xffffff00).

The 3 broadcast address gives you an option to hard-code the broadcast address on this network. If you put in the word NONE instead of an address, however, OpenBSD will compute the correct broadcast address from the IP address and the netmask you gave earlier.

Finally, the 4 options can be any valid arguments at the end of an ifconfig(8) statement. If you don't want any options, you can set this to the word NONE.

For example, if you wanted to give the fxp1 card an IP address of 192.168.1. 250, without any extra options and letting OpenBSD figure out its own netmask, you would use the following entry in /etc/hostname.fxp1.

 192.168.1.250 255.255.255.0 NONE NONE 

The next time you reboot, the system will get the network information from this file and configure your interfaces appropriately.

For more complicated uses of /etc/hostname.interfacename, take a look at Chapter 9.

DHCP

If this machine is a DHCP client, you can just put the string "dhcp" in /etc/hostname.interface.

Default Gateway

To set your default gateway on an Ethernet network, just place the IP address of the default gateway on a single line in /etc/mygate. This file should have no other entries. On your next reboot, the system will read this file and by default route packets to this IP.

Nameservice

If you want to contact other machines on the Internet from your OpenBSD machine, you probably want to configure your DNS client. Configure DNS resolution in /etc/resolv.conf.

The first line of /etc/resolv.conf tells the computer its local domain name. Label the domain name with the "domain" keyword.

Nameservers can appear on subsequent lines, each labeled with an IP address. Remember to use an IP address for a nameserver, not a host name. (It's very difficult to use a nameserver to look up a host name when you cannot find the nameserver!) When you're finished, /etc/resolv.conf should look something like this.

 domain AbsoluteOpenBSD.com nameserver 192.168.8.33 

We discuss /etc/resolv.conf in greater detail in Chapter 14.

Mail Aliases

Every standard OpenBSD system sends status emails on a regular basis. If you're on a middle-sized network, you probably have central systems administration email accounts that go to the proper people. Edit the mail aliases file, /etc/mail/ aliases, to direct those emails to that central account.

In /etc/mail/aliases, you'll see a section that looks like this.

 # Well-known aliases -- these should be filled in! # root: # manager: # dumper: 

Remove the leading pound sign from each of the "root," "manager," and "dumper" lines. Then put in your correct email address after the colon.

 # Well-known aliases -- these should be filled in! root: support@AbsoluteOpenBSD.com manager: support@AbsoluteOpenBSD.com dumper: support@AbsoluteOpenBSD.com 

Once you have done this, run newaliases(8) without any arguments to update the aliases database. Emails will now start going to the appropriate accounts.

Testing your Work

Once you have everything set up, reboot your system. After the reboot, log in and confirm that everything worked correctly. Generally speaking, if you follow the steps above you should get sensible answers from date(1), uname(1) should return the correct host name, and you should be able to ping sites on the Internet by name.




Absolute Openbsd(c) Unix for the Practical Paranoid
Absolute OpenBSD: Unix for the Practical Paranoid
ISBN: 1886411999
EAN: 2147483647
Year: 2005
Pages: 298

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net