NetSUS can't enable NetBoot service

anpender
New Contributor

Our longtime NetSUS (version 1.02) rolled over dead after some network work this weekend, so we decided to start clean with a new install. NetBoot is all we use this for.

Imported the freshly-downloaded 4.0.0 .ova file, connected, fed it the right network settings successfully. Uploaded a netboot .nbi, chose it, added the local network subnet, all looks right. Except, when I click Enable NetBoot, the status stays red.

I suspect the issue is this, from syslog:

Nov 30 15:00:26 netsus dhcpd: /etc/dhcpd.conf line 13: expecting hexadecimal number. Nov 30 15:00:26 netsus dhcpd: #011 option vendor-encapsulated-options 01:01:01:04:02:FF:FF:07:04:0:00:00:00:08:0 Nov 30 15:00:26 netsus dhcpd: /etc/dhcpd.conf line 16: right brace expected. Nov 30 15:00:26 netsus dhcpd: if

But I don't have any experience with configuring dhcpd to know what to tweak.

The /etc/dhcpd.conf file as it currently stands, as auto-generated by NetSUS, is:

ddns-update-style none;
ddns-updates off;
ignore client-updates;
allow booting;

class "AppleNBI-i386" {
match if substring (option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";

if (option dhcp-message-type = 8) { 
option vendor-class-identifier "AAPLBSDPC"; 
   if (substring (option vendor-encapsulated-options, 0, 6) = 01:01:01:02:02:01) {
      option dhcp-parameter-request-list 60, 43;
      option vendor-encapsulated-options 01:01:01:04:02:FF:FF:07:04:0:00:00:00:08:04:0:00:00:00:09:05:0:00:00:00:00:0A:;
      }

if ((substring (option vendor-encapsulated-options, 0, 6) = 01:01:02:02:02:01
      and substring (option vendor-encapsulated-options, 7, 12) = 08:04:0:00:00:00:03:04:0A:01:18:40)
      or (substring (option vendor-encapsulated-options, 0, 6) = 01:01:02:02:02:01
      and substring (option vendor-encapsulated-options, 7, 12) = 03:04:0A:01:18:40:08:04:0:00:00:00))
      {
      option dhcp-parameter-request-list 17, 43, 60;
      option vendor-encapsulated-options 01:01:02:08:04:0:00:00:00:80:24:61:66:70:3A:2F:2F:61:66:70:75:73:65:72:3A:61:66:70:75:73:65:72:31:40:31:30:2E:31:30:2E:31:32:2E:31:33:31:2F:4E:65:74:42:6F:6F:74:81:11:4E:65:74:42:6F:6F:74:30:30:31:2F:53:68:61:64:6F:77;
      next-server 10.48.88.69; 
      filename "10.11.1-NBI.nbi/i386/booter";
      option root-path "http://10.48.88.69/NetBoot/NetBootSP0/10.11.1-NBI.nbi/NetInstall.dmg";
      }
}
}

subnet 10.48.88.0 netmask 255.255.252.0 {
    allow unknown-clients;
}

The :; combo at the end of line 13 struck me as suspicious but making it just ; had no effect (the system overwrote it).

7 REPLIES 7

nzmacgeek
New Contributor III

Is your NetBoot NBI's NBImageInfo.plist in plaintext XML or binary XML? You may need to use plutil to convert the plist file as follows:

plutil -convert xml1 /srv/NetBoot/NetBootSP0/10.11.1-NBI.nbi/NBImageInfo.plist

Keep in mind that you might need to mount your NetBoot share on your Mac and carry out this command, as plutil is only included in OS X.

bmarks
Contributor II

Does your NetBoot image name have spaces in it?

anpender
New Contributor

No spaces in the name, just 10.11.1-NBI.nbi as it's listed in the .conf file.

The NetBoot image was created by DeployStudio Assistant with identical settings to the last one we made (which worked on the old NetSUS server). It looks to be in XML format when I open it on my Mac.

nzmacgeek
New Contributor III

The problem is that you can have Binary XML, which automatically gets read out as plaintext by most of the good text editors (read: TextMate, TextWrangler, Bbedit, etc...). The 'defaults' and 'PlistBuddy' commands write in binary XML by default.

trenzalore:~ wmcgrath$ defaults write preferenceFile Foo -string foo
trenzalore:~ wmcgrath$ defaults read preferenceFile Foo
foo
trenzalore:~ wmcgrath$ cat Library/Preferences/preferenceFile.plist 
bplist00?SFooSfoo
trenzalore:~ wmcgrath$ plutil -convert xml1 Library/Preferences/preferenceFile.plist 
trenzalore:~ wmcgrath$ cat Library/Preferences/preferenceFile.plist 
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Foo</key>
    <string>foo</string>
</dict>
</plist>

You should try converting just to be sure!

brunerd
Contributor

I've been doing some work lately taking apart NetSUS! :D

Take a look at this script that comes with the install: /usr/local/bin/configurefornetboot

A lot of sed'ing of going on in there... I ran it on a RHEL system without having run the appliance .run file, since I didn't run the installer scripts, xxd was not installed (part of vim-common) /etc/dhcpd.conf mangling ensued...

Edit the script: sudo nano /usr/local/bin/configurefornetboot
Insert this bit under #!/bin/bash: set -x
Then run the script: sudo /usr/local/bin/configurefornetboot
It will echo everything out to the Terminal, see if there are any errors going on...

This is the stock /etc/dhcpd.conf that NetSUSLP comes with in the .run file

ddns-update-style none;
ddns-updates off;
ignore client-updates;
allow booting;

class "AppleNBI-i386" {
match if substring (option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";

if (option dhcp-message-type = 8) { 
option vendor-class-identifier "AAPLBSDPC"; 
   if (substring (option vendor-encapsulated-options, 0, 6) = 01:01:01:02:02:01) {
      option dhcp-parameter-request-list 60, 43;
      option vendor-encapsulated-options 01:01:01:04:02:FF:FF:07:04:01:00:02:0E:08:04:01:00:02:0E:09:11:01:00:02:0E:0C:46:61:75:78:20:4E:65:74:42:6F:6F:74;
      }

if ((substring (option vendor-encapsulated-options, 0, 6) = 01:01:02:02:02:01
      and substring (option vendor-encapsulated-options, 7, 12) = 08:04:01:00:02:0E:03:04:0A:01:18:40)
      or (substring (option vendor-encapsulated-options, 0, 6) = 01:01:02:02:02:01
      and substring (option vendor-encapsulated-options, 7, 12) = 03:04:0A:01:18:40:08:04:01:00:02:0E))
      {
      option dhcp-parameter-request-list 17, 43, 60;
      option vendor-encapsulated-options 01:01:02:08:04:01:00:02:0E:80:24:61:66:70:3A:2F:2F:61:66:70:75:73:65:72:3A:61:66:70:75:73:65:72:31:40:31:30:2E:31:30:2E:31:32:2E:31:33:31:2F:4E:65:74:42:6F:6F:74:81:11:4E:65:74:42:6F:6F:74:30:30:31:2F:53:68:61:64:6F:77;
      next-server 192.168.0.100; 
      filename "NetInstall.nbi/i386/booter";
      option root-path "http://192.168.0.100/NetBoot/NetBootSP0/NetInstall.nbi/NetBoot.dmg";
      }
}
}

##SUBNETS##

nzmacgeek
New Contributor III

There are a few other components you need. For example, you should have a user account named 'afpuser'. That password should be changed by the web application so that you update the dhcpd config. (Secret is in the scripts/adminHelper.sh)

There is also the netatalk install too...

anpender
New Contributor

NBImageInfo.plist has been run through plutil with no apparent change in file or behavior.

I am using the appliance so assuming netatalk and other requirements are in there. I did have to set the smbuser password before I could use that account even with the supposed default password, so I went ahead and reset the afpuser password as well, but to no change.

There is indeed a lot of sed in configurefornetboot, but the only obvious errors are the same ones showing up in the log file, line 13 expecting hex and line 16 expecting right brace. (This is using the configurefornetboot found in /var/appliance, I don't have one in /usr/local/bin.)

shelluser@netsus:/var/appliance$ sudo ./configurefornetboot 
++ ip addr show to 0.0.0.0/0 scope global
++ awk '/[[:space:]]inet / { print gensub("/.*","","g",$2) }'
+ ip=10.48.88.69
++ awk -v dec=10.48.88.69 'BEGIN{n=split(dec,d,".");for(i=1;i<=n;i++) printf ":%02X",d[i];print ""}'
+ ipdec=:0A:30:58:45
++ cat /etc/dhcpd.conf
++ sed 's/option vendor-encapsulated-options 01:01:01:04:02:FF:FF:07:04://g'
++ grep 'option vendor-encapsulated-options 01:01:01:04:02:FF:FF:07:04'
++ sed 's/ //g'
++ sed 's/ //g'
++ cut -c1-11
+ imageid=0:00:00:00:
++ cat /etc/dhcpd.conf
++ grep '01:01:02:08:04:.*.:80'
++ awk -F40 '{print $1}'
++ sed 's/(.*)./1/'
++ tr -d ' '
++ sed 's/option vendor-encapsulated-options 01:01:02:08:04:.*.:80:.*:61:66:70:75:73:65:72:3A://g'
+ curafp=6E:65:77:34:61:66:70:75:73:65:72
++ cat /etc/dhcpd.conf
++ grep '01:01:02:08:04:.*.:80'
++ sed 's/option vendor-encapsulated-options 01:01:02:08:04:.*.:80:.*:61:66:70:75:73:65:72:3A://g'
++ wc -c
++ awk -F40 '{print $1}'
++ sed s/://g
++ tr -d ' '
+ afppw=23
++ expr 23 / 2
+ afppwlen=11
++ echo 10.48.88.69
++ sed 's/(.*)./1/'
++ sed s/0A://g
++ tr '
' :
++ xxd -c 1 -ps -u
+ iphex=31:30:2E:34:38:2E:38:38:2E:36:39
++ echo 31:30:2E:34:38:2E:38:38:2E:36:39
++ wc -c
++ sed s/://g
+ num=23
++ expr 23 / 2
+ num=11
++ expr 11 + 23
+ num=34
++ expr 34 + 11
+ num=45
++ awk -v dec=45 'BEGIN { n=split(dec,d,"."); for(i=1;i<=n;i++) printf ":%02X",d[i]; print "" }'
+ lengthhex=:2D
+ sed -i 's/01:01:02:08:04:0:00:00:00::80:.*/01:01:02:08:04:0:00:00:00::80:2D:61:66:70:3A:2F:2F:61:66:70:75:73:65:72:3A:6E:65:77:34:61:66:70:75:73:65:72:40:31:30:2E:34:38:2E:38:38:2E:36:39:2F:4E:65:74:42:6F:6F:74:81:11:4E:65:74:42:6F:6F:74:30:30:31:2F:53:68:61:64:6F:77;/g' /etc/dhcpd.conf
+ sed -i 's/7, 12) = 08:04:0:00:00:00::03:04.*)/7, 12) = 08:04:0:00:00:00::03:04:0A:30:58:45)/g' /etc/dhcpd.conf
+ sed -i 's/7, 12) = 03:04.*:08:04:0:00:00:00:)/7, 12) = 03:04:0A:30:58:45:08:04:0:00:00:00:)/g' /etc/dhcpd.conf
+ sed -i 's/next-server.*;/next-server 10.48.88.69;/g' /etc/dhcpd.conf
+ sed -i 's/http://.*/NetBoot/NetBootSP0//http://10.48.88.69/NetBoot/NetBootSP0//g' /etc/dhcpd.conf
+ killall dhcpd
dhcpd: no process found
+ /usr/local/sbin/dhcpd
Internet Systems Consortium DHCP Server 4.2.4-P1
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
/etc/dhcpd.conf line 13: expecting hexadecimal number.
      option vendor-encapsulated-options 01:01:01:04:02:FF:FF:07:04:0:00:00:00:08:0
^
/etc/dhcpd.conf line 16: right brace expected.
if 
 ^
Configuration file errors encountered -- exiting

If you did not get this software from ftp.isc.org, please
get the latest from ftp.isc.org and install that before
requesting help.

If you did get this software from ftp.isc.org and have not
yet read the README, please read it before requesting help.
If you intend to request help from the dhcp-server@isc.org
mailing list, please read the section on the README about
submitting bug reports and requests for help.

Please do not under any circumstances send requests for
help directly to the authors of this software - please
send them to the appropriate mailing list as described in
the README file.

exiting.

I'm thinking of trying version 3.0.2 if I can find the .ova...