Apollo Workstations - INSTALL example

ESTABLISHING THE INITIAL REGISTRY

Just after you complete the SR10.4 install and while you are still "root" and have not yet disconnected from the network in which your target machine and O/S source are are both available do the following:

1) create a directory on the target machine called "/failsafe"

2) copy the following into the failsafe directory:
chmod
chgrp
chown
edacl
rgy_create  (from AA/bin directory)
rgyd        (from /etc directory)

3) set sticky bit so these processes run as root:
wd //target/failsafe
edacl -setuid on ?* -nq

4) copy the local registry data from the DN5500 over to the target
wd //dn5500/sys/registry
cpf rgy_local //target/sys/registry/= -sacl

5) create a stub file to start the local broker
crf //target/sys/node_data/etc/daemons/llbd

6) shut down target, disconnnect from network, reboot, and login
as root using same password as was on DN5500

If you can't get logged in as "root" then try some other valid
login or "user" with a blank password.  You may need to use
the "failsafe" tools to change file permissions.

7) If you get logged in OK, do the following in a /com/sh:
 csr -a /etc
 netsvc -n
 dlf /sys/node_data/glb.?*
 /etc/ncs/glbd -create -first -family dds
 /failsafe/rgy_create
 /etc/rgyd
 crf /etc/daemons/glbd
 crf /etc/daemons/rgyd
 netsvc -a

8) Now wait one or two minutes and check the process status
list to make sure that "rpcd" (formerly llbd), "glbd", and "rgyd.1.3"
are running.  If this works, then type "login" in a /com/sh and
make sure you can login as "root" password is "-apollo-".  When
done type "logout" in this shell.

9) Sanity check, run "rgy_admin" to make sure the processes
are alive, as master registry is known, and can be talked to:
 /etc/rgy_admin
 > lrep -st
 > quit

10) Next, log out and log back in with root/-apollo-

11) Finally, log out, shut down, and reboot.  You should see the
bootup sequence start "llbd", "glbd", and "rgyd".

12) Try to login, and pay attention as to whether you get the warning
about not being able to talk to a registry.  Check your process
list for "rpcd" (or "llbd" on older O/S), "glbd", and "rgyd.1.3".  If
all of these are running you have probably succeeded.

It is your choice whether to leave the "/failsafe" directory around.
I think of it as a safety net in case I have to go hack some files
that require root privelage if I lose the ability to login as root.
Of course it's a tremendous security hole but most of use just
have these machines sitting at home now.

send comments to: hunkler@goodnet.com