Ronald Gibson

Q: can't unmount drive diskless netboot

After upgrade from 10.7 server to 10.9 server am unable to unmount internal drive with a diskless netboot. I you have multiple drives on system you can unmount all but 1 drive.

Mac mini, OS X Server, after upgrade from 10.7 server

Posted on Mar 28, 2014 10:37 AM

Close

Q: can't unmount drive diskless netboot

  • All replies
  • Helpful answers

  • by Warwick Teale,

    Warwick Teale Warwick Teale Nov 10, 2014 1:37 AM in response to Ronald Gibson
    Level 3 (588 points)
    Nov 10, 2014 1:37 AM in response to Ronald Gibson

    Hi Ron, I'm experiencing the same issues 10.9.5 server 3.2,2 .. did u manage to resolve it? If so any chance you can share your workaround? netboot diskless unmount

    Many Thanks

     

    warwick

    Hong Kong

  • by Warwick Teale,

    Warwick Teale Warwick Teale Nov 15, 2014 2:15 AM in response to Ronald Gibson
    Level 3 (588 points)
    Nov 15, 2014 2:15 AM in response to Ronald Gibson

    Hi Ron, I have resolved this issue where one often the direct attached file systems cannot be unmounted on a NETBOOT "diskless" startup. It took me several days to resolve that it's related the inability to have the correct permissions of the users netbootnnn to write/read the shadows files in /volumes/"volser"/Library/Netboot/Netbootclients0 /Netbootclients


    the test system are: OSX Server.app V3.2.2 and OSX10.9.5 NBI


    Here's the correct AFPmount for the shadow files in diskless mode for the NBI for one of my images. Currently I am using DISKWARRIOR.app to perform a maintenance all of direct file systems attached to our macmini-02 test system.


     

    Successful use of DISKLESS NetBoot shadow files over AFP

    Last login: Sat Nov 15 16:54:29 2014

    macmini-02:~ maint$ mount

    /dev/disk1s2 on / (hfs, local)

    devfs on /dev (devfs, local, nobrowse)

    //netboot100@10.0.2.201/NetBootClients0 on /private/var/netboot (afpfs, nobrowse)

    map -hosts on /net (autofs, nosuid, automounted, nobrowse)

    map auto_home on /home (autofs, automounted, nobrowse)

    /dev/disk0s5 on /Volumes/unused (hfs, local, journaled)

    /dev/disk0s4 on /Volumes/osx_10.10.0_msf_netboot (hfs, local, journaled)

    /dev/disk2 on /Volumes/Server02_HD 1 (hfs, local, read-only)

    /dev/disk3 on /Volumes/Server02_HD (hfs, local, read-only)

    macmini-02:~ maint$


    So check the following and report back. Its up to you if you want to try tis. It won't break anything that can't be restored easily. .

    • on your NBI system (the one you are using for System Image Utilliy.app  [SIU] real bootable source system and verify that the /etc/rc.netboot is correct. There are many forum mentions that the statements are correct with a "=' (equals sign) on the statements. Apparently the shell won't parse if its not. seems to be true. Simply duplicate it and save eh old one, used texteditor.app etc to add the "=" sign. You MAY use the NETBOOT_SHADOW:=-NETWORK_ONLY option however IF the netboot startup prangs it's extremly difficulty to debug as the machine is issued a STOP. I used this option and this means if the SHADOW file is not accessible or has insufficient permissions form the netbootxxx users, it will use  ONE of the file systems for the shadow file in /.com.apple.NetBootX/shadowfile (swapfile here too!). I repaired this /etc/rc.netboot .. .cat the file and you'll these statements and use SIU and  REIMAGE your NBI and replace it /Library/NetBoot/NetbootSPx:
      • NETBOOT_MOUNT=/var/netboot

        NETBOOT_SHADOW=${NETBOOT_SHADOW:=-NETWORK-}

        #NETBOOT_SHADOW=${NETBOOT_SHADOW:-NETWORK-}

        #NETBOOT_SHADOW=${NETBOOT_SHADOW:=-NETWORK_ONLY-}

    • Turn Off NETINSTALL and reset it the lot.
      • turn NETINSTALL off (use the slider switch)
      • set the storage options so NONE for every file system. We have 8 that we can use.. I set them all to NONE
      • on each file system above go in to Finder or shell and DELETE (rm) every instance of /library/netboot/NetBootClientsX (where x = 0 , ...n) - just delete the lot!
      • leave NetInstall of .. we need it off for step 3
    • use Server.app and File Sharing on server where NBI's are being serviced
      • remove any NETWORK SHARES definitions in File Sharing for NetBootSPx (where x = 0, 1 ..n) and NetBootClientsx (where x = 0, 1 ..n)
      • (these will be automatically added once NetInstall is restarted and storage settings made)
    • Turn On NetInstall service again and keep it simple.. make the IMAGE and DATA on same volume...
      • use Server.app and in Netimage, 'Edit store settings" (bottom left), select one volume and make the CLIENT DATA on the same volume as the images. Just for a test.
      • the net boot images will reappear in the list and....
      • select your Netboot image you rebuilt from step 1, and set the "make this image available for diskless booting" tick on
    • use Server.app and File Sharing and notice they new SHAREs have been added for both the NETBOOT images and the Netbootclients0
      • select each of these shares and ENSURE that SHARE OVER AFP is ticked (you can also tick Allow Guest users.... access)..
      • DONT rename the share point names.. it seems Netboot shadow file processing goes after specifically /NetBootClientsx..
    • In server.app use View Menu/Show System Accounts , and click on Users
      • and view Local Users  in list box
      • FILTER (bottom right)  only users Netboot1 and show the default Netboot100 to Netboot149 (50 users)
      • select the all with shift and click
      • click GEAR Wheel (sprocket) and select "Edit Access to Services" and tick FILE SHARING on. This will set all 50 to use FILE SHARING to permit access to AFP etc perhaps a reason that the diskless is not working for you
    • In server.app, check that these users have READ/WRITE access to the shadow file directory at /Library/Netboot/NetBootClients0 ... is necessary set yup a new group and add all these users netboot100 - netboot149 in tha group and add an ACE to /Library/Netboot/NetBootClients0 so they can READ  and WRITE to it.
    • NEboot you Image. I prefer to use a boot managed startup my using the OPTION key and specifically select the image
      • use th server .app to monitor the Logs/Netinstall and watch the setup.
      • also look at the logs/AFP Logs (and Error log) for any errors.
    • log into or on the client use the terminal and
      • issue the 'mount' command. If any of the file system,s point to /private/var/netboot then it is NOT diskless.
      • issue these two commands and check the details of what the client thinks its using for a netboot shadow file. Look at he output of these.
        • ipconfig getpacket en0
        • sudo ipconfig netbootpacket
      • look at the proposed mount of afp for the SHADOW MOUNT PATH (see below). Use this form the FINDER and attempt to mount it. Use the string because it has the password for the user in it. If it won't mount then there's your issue... simply fix the permissions and mount point share.!
          • macmini-02:unused maint$ sudo ipconfig netbootpacket

          • Password:

          • op = BOOTREPLY

          • htype = 1

          • flags = 0

          • hlen = 6

          • hops = 0

          • xid = 55182

          • secs = 0

          • ciaddr = 169.254.151.246

          • yiaddr = 0.0.0.0

          • siaddr = 10.0.2.201

          • giaddr = 0.0.0.0

          • chaddr = d4:9a:20:de:8d:50

          • sname = macmini-server.macseefoo.studio

          • file = /private/tftpboot/NetBoot/NetBootSP0/OSX_10.9.5_MSF_NBI.nbi/i386/booter

          • options:

          • Options count is 6

          • dhcp_message_type (uint8): ACK 0x5

          • server_identifier (ip): 10.0.2.201

          • vendor_class_identifier (string): AAPLBSDPC

          • root_path (string): nfs:10.0.2.201:/Library/NetBoot/NetBootSP0:OSX_10.9.5_MSF_NBI.nbi/NetBoot.dmg

          • vendor_specific (opaque):

          • 0000  01 01 02 08 04 02 00 0e  fa 82 0a 4e 65 74 42 6f  ...........NetBo

          • 0010  6f 74 30 30 31 80 38 61  66 70 3a 2f 2f 6e 65 74  ot001.8afp://net

          • 0020  62 6f 6f 74 31 30 30 3a  25 32 44 6d 25 32 37 45  boot100:%2Dm%27E

          • 0030  39 79 41 58 40 31 30 2e  30 2e 32 2e 32 30 31 2f  9yAX@10.0.2.201/

          • 0040  4e 65 74 42 6f 6f 74 43  6c 69 65 6e 74 73 30 81  NetBootClients0.

          • 0050  11 4e 65 74 42 6f 6f 74  30 30 31 2f 53 68 61 64  .NetBoot001/Shad

          • 0060  6f 77                                             ow             

          • end (none):

          • BSDP Options count is 5

          • message type: SELECT (0x2)

          • selected boot image: 0x2000efa

          • machine name: NetBoot001

          • shadow mount path: afp://netboot100:%2Dm%27E9yAX@10.0.2.201/NetBootClients0

          • shadow file path: NetBoot001/Shadow

          • macmini-02:unused maint$

             

             

             

    Sadly there is not much in the way of visible diagnostics. Try this out and post your results for others to see.

     

    Regards

    warwick

    Hong Kong