Merge branch 'master' of arnebab@flubber:~wiki/wiki

3 files changed, 90 insertions, 5 deletions

diff --git a/hurd/running/debian/faq/sshd.mdwn b/hurd/running/debian/faq/sshd_only_works_for_root_logins.mdwn
index 4ae689bf..e98b5e03 100644
--- a/hurd/running/debian/faq/sshd.mdwn
+++ b/hurd/running/debian/faq/sshd_only_works_for_root_logins.mdwn
@@ -8,5 +8,7 @@ Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
 is included in the section entitled
 [[GNU_Free_Documentation_License|/fdl]]."]]"""]]
 
-You need to disable `PrivilegeSeparation` in `/etc/ssh/sshd_options`.  Also
-make sure you have `/dev/random`, see below.
+Privilege seperation does not work with Hurd currently.  You need to explicitely 
+set `PrivilegeSeparation` to `no` in `/etc/ssh/sshd_options`, just commenting out 
+the entry will not work as it is on by default.  Also make sure you have 
+`/dev/random`, see below.
diff --git a/microkernel/mach/gnumach/ports/xen.mdwn b/microkernel/mach/gnumach/ports/xen.mdwn
index 1c1cc40f..14a5c495 100644
--- a/microkernel/mach/gnumach/ports/xen.mdwn
+++ b/microkernel/mach/gnumach/ports/xen.mdwn
@@ -8,23 +8,60 @@ Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
 is included in the section entitled
 [[GNU_Free_Documentation_License|/fdl]]."]]"""]]
 
+## Xen dom0, PAE-disabled hypervisor
+
 /!\ Since GNU Mach doesn't handle PAE yet, you'll need a PAE-disabled hypervisor.
 
-/!\ You need an already installed GNU/Hurd system.
+On Debian Lenny, for example, you can install xen-hypervisor-3.2-1-i386-nonpae.
 
 This also means that you'll currently need a PAE-disabled `dom0`.
 [[Stefan_Siegl|stesie]] is providing a PAE-disabled Linux kernel image at
 <http://brokenpipe.de/GnuHurd/XEN/>.
 
-
 You can either get binaries at <http://youpibouh.thefreecat.org/hurd-xen/> or build them yourself.
 
 - Copy `gnumach-xen` and `hurd-modules` to your dom0 /boot.
 - Copy `hurd` into `/etc/xen`, edit it for fixing access to your hurd / and swap
-- Run `xm create -c hurd`, gnumach should get started.
+
+## GNU/Hurd system
+
+/!\ You need an already installed GNU/Hurd system.
+
+If you have a free partition, you can fdisk to type 0x83, create a filesystem using:
+
+    sudo mke2fs -b 4096 -I 128 -o hurd /dev/sda4 
+
+Replace /dev/sda4 with your partition. Install and use crosshurd to setup a GNU/Hurd system on this partition.
+
+## /etc/xen/hurd configuration
+
+Here is a sample /etc/xen/hurd configuration
+
+    kernel = "/boot/gnumach-xen"
+    memory = 256
+    disk = ['phy:sda4,hda,w']
+    extra = "root=device:hd0"
+    vif = [ '' ]
+    ramdisk = "/boot/hurd-modules"
+
+Suggestions about [[networking_configuration]] are available.
+
+If you need stable MAC addresses, use a syntax like `vif = [
+'mac=00:16:3e:XX:XX:XX, bridge=br0' ]`.
+
+## Running Hurd with Xen
+
+To run Hurd with Xen, use:
+
+    xm create -c hurd
+
+and gnumach should get started.
+
 - If `xm` complains about networking (`vif could not be connected`), it's Xen scripts' fault, see Xen documentation for how to configure the network.  The simplest way is network-bridge with fixed IPs (note that you need the bridge-utils package for this).  You can also just disable networking by commenting the vif line in the config.
 - If `xm` complains `Error: (2, 'Invalid kernel', 'xc_dom_compat_check: guest type xen-3.0-x86_32 not supported by xen kernel, sorry\n')`, you most probably have a PAE-enabled hypervisor, and you just need to install and boot non-PAE hypervisor and kernel.
 
+## Building from sources
+
 If you want to generate these images, first get the `gnumach-1-branch-Xen-branch` branch from gnumach CVS.
 Then look for "Ugly" in `kern/bootstrap.c`, how to generate `hurd-modules` is explained there, and you'll have to fix `EXT2FS_SIZE` and `LD_SO_SIZE` by hand.
 Then use
diff --git a/microkernel/mach/gnumach/ports/xen/networking_configuration.mdwn b/microkernel/mach/gnumach/ports/xen/networking_configuration.mdwn
new file mode 100644
index 00000000..15af862c
--- /dev/null
+++ b/microkernel/mach/gnumach/ports/xen/networking_configuration.mdwn
@@ -0,0 +1,46 @@
+[[meta copyright="Copyright © 2008 Free Software Foundation, Inc."]]
+
+[[meta license="""[[toggle id="license" text="GFDL 1.2+"]][[toggleable
+id="license" text="Permission is granted to copy, distribute and/or modify this
+document under the terms of the GNU Free Documentation License, Version 1.2 or
+any later version published by the Free Software Foundation; with no Invariant
+Sections, no Front-Cover Texts, and no Back-Cover Texts.  A copy of the license
+is included in the section entitled
+[[GNU_Free_Documentation_License|/fdl]]."]]"""]]
+
+The Xen dom0 infrastructure provides for a bridged networking setup using shell
+scripts to configure the bridging device properly and attach the domUs' virtual
+interfaces to the bridge.  However, we've [seen
+problems](http://lists.gnu.org/archive/html/bug-hurd/2008-08/msg00023.html)
+when using this approach, so to [solve these
+issues](http://lists.gnu.org/archive/html/bug-hurd/2008-09/msg00071.html),
+instead suggest the following configuration method (to achieve the same thing).
+
+This is for a Debian dom0.
+
+# */etc/network/interfaces*
+
+Comment out everything referencing your physical devices.  Add this:
+
+    auto br0
+    iface br0 inet dhcp
+    	bridge_ports regex (eth|vif).* noregex
+
+... or if you want to do the manual configuration dance:
+
+    auto br0
+    iface br0 inet static
+    	bridge_ports regex (eth|vif).* noregex
+    	address 192.168.10.60
+    	netmask 255.255.255.0
+    	[...]
+
+This needs a version of the `bridge-utils` package more recent than the current
+Debian stable one ([[debbug 405215]]).  (It's trivial to rebuild the `dpkg` of,
+e.g., the Debian testing one on Debian stable.)
+
+# */etc/xen/xend-config.sxp*
+
+Make sure that only `(network-script network-dummy)` and `(vif-script
+vif-bridge)` are activated and all other `(network-script network-WHATEVER)`,
+respective `(vif-script vif-WHATEVER)` are commented out.