<head></head><body bgcolor=""><table><tbody><tr><td colspan="2">I wrote this for CentOS, bujt it should work for FC5: <h2><a name="_Toc143327638">1.1 Configuring Headless Operation</a></h2> By configuring “headless” operating we will be able to manage the firewall via a cable plugged into the serial port of the firewall. This obviates the need to plug a keyboard and monitor into it to perform changes. Thus the term “headless”.<o:p></o:p> <h3 style=""><a name="_Toc143327639"></a><a name="_Toc142195170">1.1.1 Changes to /etc/inittab</a></h3> The /etc/inittab file contains settings that get applied to the Operating Systems at boot time. There are some changes that need to be made to these settings. In order to edit the /etc/inittab file type:<o:p></o:p> <o:p> </o:p> <div style="border: 1pt solid black; padding: 1pt 4pt; background: silver none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;"> <p class="MsoNormal" style="border: medium none ; padding: 0in; background: silver none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">vi /etc/inittab<o:p></o:p> </div> <o:p> </o:p> Typing this command will open the /etc/inittab file for editing.<o:p></o:p> <o:p> </o:p> As stated earlier the 18th line down is the run level line. Add the following line to the file:<o:p></o:p> <o:p> </o:p> S0:12345:respawn:/sbin/agetty 9600 linux<o:p></o:p> <o:p> </o:p> This line sets the Operating System to be able to send boot time information to the serial port in addition to the console.<o:p></o:p> <o:p> </o:p> After you have made these changes to the /etc/inittab file press the colon (: ) key and then type wq to quit vi and save the changes.<a name="_Toc142195171"><o:p></o:p></a> <o:p> </o:p> <h3><a name="_Toc143327640">1.1.2 Changes to /etc/securetty</a></h3> The /etc/securetty sets the controls for which TTY devices that the root account can log on via. In order for us to be able to log onto the serial console as root or to be able to su to root we must add a line to the file. In order to edit the /etc/secuertty file type:<o:p></o:p> <o:p> </o:p> <div style="border: 1pt solid black; padding: 1pt 4pt; background: silver none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;"> <p class="MsoNormal" style="border: medium none ; padding: 0in; background: silver none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">vi /etc/securetty<o:p></o:p> </div> <o:p> </o:p> Typing this command will open the /etc/secuertty file for editing.<o:p></o:p> <o:p> </o:p> Add the following line to the end of the file:<o:p></o:p> <o:p> </o:p> ttyS0<o:p></o:p> <o:p> </o:p> This line sets the Operating System to allow root to log on to the serial port in addition to the console.<o:p></o:p> <o:p> </o:p> After you have made these changes to the /etc/securetty file press the colon (: ) key and then type wq to quit vi and save the changes.<o:p></o:p> <o:p> </o:p> <h3 style=""><a name="_Toc143327641"></a><a name="_Toc142195172">1.1.3 Changes to the Boot Loader</a></h3> In order for boot-time messages to be sent to the console, including the boot loader information some changes must be made to the configuration file for it. The boot loader that CentOS uses is GRUB. As such, the configuration file is /etc/grub.conf.<o:p></o:p> <o:p> </o:p> The first change that we must make is to add some lines after the timeout line in the GRUB configuration file. In order to edit the /etc/grub.conf file type:<o:p></o:p> <o:p> </o:p> <div style="border: 1pt solid black; padding: 1pt 4pt; background: silver none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;"> <p class="MsoNormal" style="border: medium none ; padding: 0in; background: silver none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">vi /etc/grub.conf<o:p></o:p> </div> <o:p> </o:p> Typing this command will open the /etc/grub.conf file for editing.<o:p></o:p> <o:p> </o:p> Add the following two lines after the timeout line in the configuration file:<o:p></o:p> <o:p> </o:p> serial --unit=0 --speed=9600<o:p></o:p> terminal --timeout=5 serial console<o:p></o:p> Another change that we must make in the GRUB configuration file is to tell the kernel to send out all kernel-level messages to the serial port in addition to the console. That is done by adding the following line to the end of the kernel line:<o:p></o:p> <o:p> </o:p> console=tty1 console=ttyS0<o:p></o:p> <o:p> </o:p> After you have made these changes to the /etc/grub.conf file press the colon (: ) key and then type wq to quit vi and save the changes.<o:p></o:p> <o:p> </o:p> Once you have made these changes reboot the system by typing by typing:<o:p></o:p> <o:p> </o:p> <div style="border: 1pt solid black; padding: 1pt 4pt; background: silver none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;"> <p class="MsoNormal" style="border: medium none ; padding: 0in; background: silver none repeat scroll 0%; -moz-background-clip: -moz-initial; -moz-background-origin: -moz-initial; -moz-background-inline-policy: -moz-initial;">reboot<o:p></o:p> </div> <o:p> </o:p> The system will now reboot.<o:p></o:p> </td></tr><tr><td bgcolor="blue" width="5"> </td><td>Hi . I have an install of fc5 on a normal ata note book hard drive, in an Ibase FWA7304 (it only has a serial port on vga). I have managed to get it to work once then it broke and I cant get it to work again.. this is as far as it boots .... Booting 'Fedora Core (2.6.15-1.2054_FC5)' root (hd0,0) Filesystem type is ext2fs, partition type 0x83 kernel /vmlinuz-2.6.15-1.2054_FC5 ro root=LABEL=/ console=tty0 console=ttyS0,19 200n8 [Linux-bzImage, setup=0x1e00, size=0x16eb71] initrd /initrd-2.6.15-1.2054_FC5.img [Linux-initrd @ 0x1edff000, 0xe0f81 bytes] no matter how i reinstall the drive... I even used the hdd from my laptop with a full install of fc5 and it stops at exactly the same place ...... here are my configs /boot/grub/grub.conf default=0 #timeout=5 serial --unit=0 --speed=19200 --word=8 --parity=no --stop=1 terminal --timeout=10 serial console #splashimage=(hd0,0)/grub/splash.xpm.gz #hiddenmenu title Fedora Core (2.6.15-1.2054_FC5) root (hd0,0) kernel /vmlinuz-2.6.15-1.2054_FC5 ro root=LABEL=/ console=tty0 console=ttyS0,19200n8 initrd /initrd-2.6.15-1.2054_FC5.img /etc/inittab id:5:initdefault: # System initialization. si::sysinit:/etc/rc.d/rc.sysinit l0:0:wait:/etc/rc.d/rc 0 l1:1:wait:/etc/rc.d/rc 1 l2:2:wait:/etc/rc.d/rc 2 l3:3:wait:/etc/rc.d/rc 3 l4:4:wait:/etc/rc.d/rc 4 l5:5:wait:/etc/rc.d/rc 5 l6:6:wait:/etc/rc.d/rc 6 # Trap CTRL-ALT-DELETE ca::ctrlaltdel:/sbin/shutdown -t3 -r now # When our UPS tells us power has failed, assume we have a few minutes # of power left. Schedule a shutdown for 2 minutes from now. # This does, of course, assume you have powerd installed and your # UPS connected and working correctly. pf::powerfail:/sbin/shutdown -f -h +2 "Power Failure; System Shutting Down" # If power was restored before the shutdown kicked in, cancel it. pr:12345:powerokwait:/sbin/shutdown -c "Power Restored; Shutdown Cancelled" # Run gettys in standard runlevels 1:2345:respawn:/sbin/mingetty tty1 2:2345:respawn:/sbin/mingetty tty2 3:2345:respawn:/sbin/mingetty tty3 4:2345:respawn:/sbin/mingetty tty4 5:2345:respawn:/sbin/mingetty tty5 6:2345:respawn:/sbin/mingetty tty6 # Run xdm in runlevel 5 x:5:once:/etc/X11/prefdm -nodaemon s0:12345:respawn:/sbin/agetty ttyS0 19200 vt102 /etc/sysconfig/init # color => new RH6.0 bootup # verbose => old-style bootup # anything else => new style bootup without ANSI colors or positioning BOOTUP=serial # Turn on graphical boot GRAPHICAL=yes # column to start "[ OK ]" label in RES_COL=60 # terminal sequence to move to that column. You could change this # to something like "tput hpa ${RES_COL}" if your terminal supports it MOVE_TO_COL="echo -en \\033[${RES_COL}G" # terminal sequence to set color to a 'success' color (currently: green) SETCOLOR_SUCCESS="echo -en \\033[0;32m" # terminal sequence to set color to a 'failure' color (currently: red) SETCOLOR_FAILURE="echo -en \\033[0;31m" # terminal sequence to set color to a 'warning' color (currently: yellow) SETCOLOR_WARNING="echo -en \\033[0;33m" # terminal sequence to reset to the default color. SETCOLOR_NORMAL="echo -en \\033[0;39m" # default kernel loglevel on boot (syslog will reset this) LOGLEVEL=3 # Set to anything other than 'no' to allow hotkey interactive startup... PROMPT=yes /etc/sysconfig/kudzu # Set to anything other than 'no' to force a 'safe' probe on startup. # 'safe' probe disables: # - serial port probing # - DDC monitor probing # - PS/2 probing SAFE=yes /etc/securetty console ttyS0 vc/1 vc/2 vc/3 vc/4 vc/5 vc/6 vc/7 vc/8 vc/9 vc/10 vc/11 tty1 tty2 tty3 tty4 tty5 tty6 tty7 tty8 tty9 tty10 tty11 /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=disabled # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted So what have I missed ? I used the following howto... <a href="http://bluequartz.org/~oda/docs/serial/index.html">http://bluequartz.org/~oda/docs/serial/index.html</a> and <a href="http://taosecurity.blogspot.com/2004/06/fedora-core-2-based-soekris-system.html">http://taosecurity.blogspot.com/2004/06/fedora-core-2-based-soekris-system.html</a> Many Thanks in advance -- Gregory Machin <a href="mailto:gregory.machin@gmail.com">gregory.machin@gmail.com</a> <a href="http://www.linuxpro.co.za">www.linuxpro.co.za</a> </td></tr></tbody></table></body>