Or, how to become a 9 tourist


A traditional Plan 9 network is distributed and is typically composed of 3 parts: Terminals, CPU servers, and Filesystem servers. A 9front network adds an Auth server, making the total 4 hosts. Luckily, we can configure a single machine to function as the CPU, FS, and Auth server. The Terminal here is another 9front machine or the drawterm program.

There is no easy way to make a 1:1 comparison to a UNIX system but I will try. The FS server is similar to an NFS server. The Auth server is similar ot LDAP. The CPU server is similar to using SSH to connect to a remote host. The Term is your local machine. Behind the scenes, these analogies break down. But they are close enough for a 10,000 foot view.

Adding users

First, we need to add a user to the file server. The newuser command is similar to adduser or pw. Then, we add the user to some groups, particarly the system, admin, and mail groups. Whether or not the mail group is necessary, I don't know. It's a standard group so it can't hurt.

% con -C /src/cwfs.cmd 
newuser username 
newuser sys +username
newuser adm +username
newuser upas +username

Set up user homedir

boot with the user=username bootarg, then run the following command. This is a similar concept to cp -r /etc/skel /home/username on a UNIX system. Now reboot again.

% /sys/lib/newuser

Setting up headless booting

Typically, a 9 install will ask the user which disk they want to boot from. We can configure it to automatically boot with specific options. First, we mount the 9fat partition. Note that this step differs on systems that are not i386 or amd64.

% 9fs 9fat

Then, we edit the config file with acme or sam. This is similar to editing /boot/grub2/grub.cfg on a Linux system or editing /boot/loader.conf on FreeBSD.

Make /n/9fat/plan9.ini look like this:

service=cpu # comment out if it breaks

Storing hostowner info in the NVRAM

The information we store in NVRAM will be automatically loaded at boot time. Make sure you type everything correctly. If your CMOS battery dies, you will have to repeat this step.

% nvram=/dev/sdC0/nvram auth/wrkey
bad nvram des key
bad authentication id
bad authentication domain
authid: username
authdom: 9front
secstore key: <press the return key if you do not want to type this at boot time>
password: <make it 8 chars>

Auth server

The auth server is very simple to set up. Since we have already added a user with a password to this system, we simply instruct 9 to start the start the process at boot time. Append this to /lib/ndb/local

auth=cirno authdom=9front

Adding a user to the Auth server

We will now add our user to the Auth server.

% auth/keyfs
% auth/changeuser username
Password: <what you put earlier>
Confirm password:
Assign new Inferno/POP secret? [y/n]: n
Expiration date (YYYYMMDD or never) [never]: never
Post id:
User's full name: 
Department #:
User's email address:
Sponsor's email address:
user username installed for Plan 9

Add perms

The next step is to add something similar to sudo permissions. This analogy is completely broken. Append this to /lib/ndb/auth

uid=!sys uid=!adm uid=*

Reboot and pray

If something fails, you will need to use ed or sed to fix it. Smile soldier, there are darker days ahead.

Connect with drawterm

To connect to our CPU server, we can use the rcpu or drawterm programs. Note that the 9front and Plan 9 From Bell Labs versions of these programs differ substantially because 9front added the concept of auth servers. You can download the source for drawterm here

To connect to a remote system, we specify the username, the CPU server, and the auth server. Since these are on the same box, we will repeat a few arguments.

$ ./drawterm -u username -h 9cpuserv -a 9cpuserv