Soto Systems LLC

Without the help from the sites above this document would not be possible. Thank you so much Gunkies.org and Stephen’s Machine Room Youtube Channel!

Copyright

Copyright 2023  Berkeley Software Distribution (BSD)

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the above copyright notice,
 this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice,
 this list of conditions and the following disclaimer
 in the documentation and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its contributors
 may be used to endorse or promote products derived from this software without
 specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Compile SIMH

The default SIMH package for Debian 10 amd64 does not work. Install dependencies, download, then compile the SIMH VAX780 emulator from source.

# apt-get install gcc libpcap-dev libvdeplug-dev libpcre3-dev libedit-dev
libsdl2-dev libpng-dev libsdl2-ttf-dev
# DIR=/usr/src/simh
# mkdir $DIR ; cd $DIR
# wget https://github.com/simh/simh/archive/master.zip
# unzip master.zip ; cd simh-master
# make vax780 | tee make.txt
# cp -a BIN/vax780 /bin/

Verify that the simulated network is detected and can attach:

root@pc1:~# vax780

VAX 11/780 simulator V4.0-0 Current        git commit id: 37bc857b
sim> set xu enabled
sim> show xu
XU      address=2013F948-2013F94F, vector=50, BR5, MAC=08:00:2B:E1:BF:9C
        type=DELUA, throttle=disabled
        not attached

sim> q
q
Goodbye

Prepare the OS Binaries

Download the OS binaries from The UNIX Heritage Society tuhs.org:

$ DIR=~/4.3BSD/install
$ mkdir -p $DIR ; cd $DIR
$ wget --no-parent -r https://www.tuhs.org/Archive/Distributions/UCB/4.3BSD/
$ mv www.tuhs.org/Archive/Distributions/UCB/4.3BSD/* .
$ rm -rf www.tuhs.org *index.html*

Extract the compressed binary sets:

$ gunzip -d *.gz

Copy the perl script in https://gunkies.org/wiki/Mkdisttap.pl#4.2_.26_4.3_BSD and save it to mkdisttap.pl, then modify the header. This script will create the tape tarball of the OS binaries:

$ vi mkdisttap.pl

#!/usr/bin/perl -w
use warnings;
use strict;

Concatenate the tape tarball and move it to the install root directory; also copy the miniroot file:

$ chmod 0755 mkdisttap.pl
$ ./mkdisttap.pl > 43.tap

Create the boot file. Copy and paste the contents of the boot file from https://gunkies.org/wiki/Boot42, including the begin/end part, onto a file called boot42.uue, then uudecode it.

$ uudecode boot42.uue
$ ls -lh boot42*
-rwx------ 1 aaa aaa 6.5K Jul 11 13:29 boot42
-rw-r--r-- 1 aaa aaa 9.0K Jul 11 13:29 boot42.uue

Copy the tarball, the miniroot and the boot file to the root installation directory:

$ cp 43.tap miniroot boot42 ..
$ cd ..

Create the SIMH installation config file. Here we are attaching the miniroot to a simulated “rq” disk drive, attaching the tape tarball to a simulated “ts” tape drive, and simulating a boot loader (usually a kernel formatted onto a floppy disk), in order to load and run the boot file. The rq.dsk virtual disk file will be automatically created:

$ cat > install.ini << EOF
set rq0 ra81
at rq0 miniroot
set rq1 ra81
at rq1 rq.dsk
set rq2 dis
set rq3 dis
set rp dis
set lpt dis
set rl dis
set tq dis
set tu dis
att ts 43.tap
set tti 7b
set tto 7b
load -o boot42 0
d r10 9
d r11 0
run 2
EOF

Inspecting the Dumps

Let’s pause for a moment and inspect the miniroot, which is a formatted blockfile; typically used to mount a temporary root system, in order to rescue or install binaries onto another disk. The rootdump is also a tape file dump of a root system. They are both used to install the binaries. Let’s inspect what’s inside these files:

$ file miniroot
miniroot: Unix Fast File system [v1] (little-endian), last mounted on /mnt,
last written at Sat Jun  7 19:39:50 1986, clean flag 0, number of blocks 4096,
number of data blocks 3815, number of cylinder groups 1, block size 4096,
fragment size 512, minimum percentage of free blocks 10, rotational delay
4ms, disk rotational speed 60rps, TIME optimization

$ mkdir tmp

$ sudo mount miniroot tmp/

$ ls -lh tmp/
total 452K
drwxrwxr-x 2 root root  512 Jun  7  1986 a
drwxrwxr-x 2 root root  512 Jun  7  1986 bin
-rwxrwxr-x 1 root root  27K Jun  7  1986 boot
drwxrwxr-x 2 root root 2.0K Jun  7  1986 dev
drwxrwxr-x 2 root root  512 Jun  7  1986 etc
drwxr-xr-x 2 root root 4.0K Jun  7  1986 lost+found
-r--r--r-- 1 root root  11K Jun  7  1986 pcs750.bin
drwxrwxr-x 5 root root  512 Jun  7  1986 sys
drwxrwxr-x 2 root root  512 Jun  7  1986 tmp
drwxrwxr-x 3 root root  512 Jun  7  1986 usr
-rwxr-xr-x 1 root root 398K Jun  7  1986 vmunix
-rwxrwxr-x 1 root root  641 Jun  7  1986 xtr

$ sudo umount tmp

Inspect what inside the rootdump file:

$ file rootdump
rootdump: new-fs dump file (little endian), This dump Sat Jun  7 20:32:01 1986, Previous dump Thu Jan  1 00:00:00 1970, Volume 1, Level zero, type: tape header,

$ sudo apt-get install dump

$ restore -i -f rootdump -T .
restore > ls
.:
.cshrc      bin/        drtest      lib/        sys
.login      boot        etc/        lost+found/ tmp/
.profile    copy        format      mnt/        usr/
a/          dev/        genvmunix   pcs750.bin  vmunix 

restore > q

Install the OS

Run the first boot with the miniroot as a virtual drive. Use the install configuration file from above. The miniroot is essentially the first disk rq0, and rq1 is the second disk, which will become the main disk after the install. Here we are booting into single-user mode with miniroot as the rootfs:

$ vax780 install.ini

VAX 11/780 simulator V4.0-0 Current        git commit id: 37bc857b
./install.ini-2> at rq0 miniroot
%SIM-INFO: RQ0: Amount of data in use in disk container 'miniroot' cannot be determined, skipping autosizing
./install.ini-4> at rq1 rq.dsk
%SIM-INFO: RQ1: Creating new file: rq.dsk
./install.ini-12> att ts 43.tap
%SIM-INFO: TS: Tape Image '43.tap' scanned as SIMH format
loading ra(0,0)boot
Boot
: ra(0,0)vmunix
279844+80872+100324 start 0x12f8
4.3 BSD UNIX #1: Fri Jun  6 19:55:29 PDT 1986
    karels@monet.Berkeley.EDU:/usr/src/sys/GENERIC
real mem  = 8388608
SYSPTSIZE limits number of buffers to 140
avail mem = 7187456
using 140 buffers containing 524288 bytes of memory
mcr0 at tr1
mcr1 at tr2
uba0 at tr3
hk0 at uba0 csr 177440 vec 210, ipl 15
rk0 at hk0 slave 0
rk1 at hk0 slave 1
rk2 at hk0 slave 2
rk3 at hk0 slave 3
uda0 at uba0 csr 172150 vec 774, ipl 15
ra0 at uda0 slave 0
ra1 at uda0 slave 1
zs0 at uba0 csr 172520 vec 224, ipl 15
ts0 at zs0 slave 0
dz0 at uba0 csr 160100 vec 300, ipl 15
dz1 at uba0 csr 160110 vec 310, ipl 15
dz2 at uba0 csr 160120 vec 320, ipl 15
dz3 at uba0 csr 160130 vec 330, ipl 15
Changing root device to ra0a
WARNING: clock gained 33 days -- CHECK AND RESET THE DATE!
erase ^?, kill ^U, intr ^C
#

Make the virtual hard disk device ra1 for the second disk rq1. The first disk rq0 is already mounted by the miniroot:

# cd /dev
# ./MAKEDEV ra1

./MAKEDEV: chgrp: not found
./MAKEDEV: chmod: not found

Extract the tape onto the new second disk, with the xtr command:

# cd /
# disk=ra1 type=ra81 tape=ts xtr

Build root file system
Warning: 538 sector(s) in last cylinder unallocated
/dev/rra1a:     15884 sectors in 23 cylinders of 14 tracks, 51 sectors
        8.1Mb in 2 cyl groups (16 c/g, 5.85Mb/g, 1856 i/g)
super-block backups (for fsck -b#) at:
 32, 11520,
Check the file system
** /dev/rra1a
** Last Mounted on
** Phase 1 - Check Blocks and Sizes
** Phase 2 - Check Pathnames
** Phase 3 - Check Connectivity
** Phase 4 - Check Reference Counts
** Phase 5 - Check Cyl groups
2 files, 9 used, 7420 free (20 frags, 925 blocks, 0.3% fragmentation)
Rewind tape
Restore the dump image of the root
Warning: ./lost+found: File exists
** /dev/rra1a
** Last Mounted on /a
** Phase 1 - Check Blocks and Sizes
** Phase 2 - Check Pathnames
** Phase 3 - Check Connectivity
** Phase 4 - Check Reference Counts
** Phase 5 - Check Cyl groups
317 files, 4199 used, 3230 free (6 frags, 403 blocks, 0.1% fragmentation)
Root filesystem extracted

If this is an 8650 or 8600, update the console rl02
If this is a 780 or 785, update the floppy
If this is a 730, update the cassette

Syncronize all file then halt the emulator:

# sync
# sync
# sync

Ctrl-E.
simh> q

Notice the new virtual disk filled with the binaries:

$ ls -lh rq.dsk
-rw-r--r-- 1 aaa aaa 436M Jul 11 13:42 rq.dsk

$ file rq.dsk
rq.dsk: Unix Fast File system [v1] (little-endian), last mounted on /a, last written at Fri Jul 11 13:42:02 1986, clean flag 0, number of blocks 7942, number of data blocks 7429, number of cylinder groups 2, block size 8192, fragment size 1024, minimum percentage of free blocks 10, rotational delay 4ms, disk rotational speed 60rps, TIME optimization

Let’s inspect the new virtual disk;

$ mkdir tmp

$ sudo mount rq.dsk tmp/
mount: /home/ramses/4.3BSD/tmp: WARNING: device write-protected, mounted read-only.

$ ls -lh tmp/
total 956K
drwxrwxr-x 2 root uucp  512 Jun 24  1985 a
drwxr-xr-x 2 root uucp 1.0K Jun  6  1986 bin
-rw-r--r-- 1 root uucp  27K Jun  6  1986 boot
-rwxrwxr-x 1 root uucp  24K Jun  6  1986 copy
drwxrwxr-x 2 root uucp 2.0K Apr 10  1986 dev
-rwxrwxr-x 1 root root  16K Jun  6  1986 drtest
drwxrwxr-x 2 root uucp 2.5K Jun  7  1986 etc
-rwxrwxr-x 1 root uucp  21K Jun  6  1986 format
-rwxr-xr-x 2 root uucp 398K Jun  6  1986 genvmunix
drwxr-xr-x 2 root uucp  512 Jun  5  1986 lib
drwxr-xr-x 2 root root 8.0K Feb  2  1986 lost+found
drwxrwxr-x 2 root uucp  512 Jun 24  1985 mnt
-r--r--r-- 1 root uucp  11K Jun  6  1986 pcs750.bin
-rw-r--r-- 1 root root  21K Jul 11  1986 restoresymtable
lrwxr-xr-x 1 root root   11 Jul 11  1986 sys -> usr/src/sys
drwxrwxrwt 2 root root  512 Jun  7  1986 tmp
drwxrwxrwx 2 root root  512 Jun  8  1982 usr
-rwxr-xr-x 2 root uucp 398K Jun  6  1986 vmunix

The two kernels included are the same:

$ md5sum tmp/genvmunix tmp/vmunix
fd6ddba6150691a0fcac650a69c6db0b  genvmunix
fd6ddba6150691a0fcac650a69c6db0b  vmunix

$ sudo umount tmp

The install.ini configuration file is no longer needed. Create the new boot.ini configuration file and boot from it. Here we are configuring the boot to swap and simulate the first virtual disk as the file rq.dsk instead of the previous file miniroot. The rq.dsk already contains a restored root directory. However, the tarball for the /usr/ binaries still needs to be dumped from tape to disk. The dump of 43.tap will add more files that are needed, since the miniroot only contains the minimal amount of utilities in order to restore a file system:

$ cat > boot.ini <<EOF
set rq0 ra81
att rq0 rq.dsk
set rq1 dis
set rq2 dis
set rq3 dis
set rp dis
set lpt dis
set rl dis
set tq dis
set tu dis
att ts 43.tap
set tti 7b
set tto 7b
load -o boot42 0
d r10 9
d r11 0
run 2
EOF

Boot into single user mode:

$ vax780 boot.ini 

VAX 11/780 simulator V4.0-0 Current        git commit id: 37bc857b
./boot.ini-11> att ts 43.tap
%SIM-INFO: TS: Tape Image '43.tap' scanned as SIMH format
loading ra(0,0)boot
Boot
: ra(0,0)vmunix
279844+80872+100324 start 0x12f8
4.3 BSD UNIX #1: Fri Jun  6 19:55:29 PDT 1986
    karels@monet.Berkeley.EDU:/usr/src/sys/GENERIC
real mem  = 8388608
SYSPTSIZE limits number of buffers to 140
avail mem = 7187456
using 140 buffers containing 524288 bytes of memory
mcr0 at tr1
mcr1 at tr2
uba0 at tr3
hk0 at uba0 csr 177440 vec 210, ipl 15
rk0 at hk0 slave 0
rk1 at hk0 slave 1
rk2 at hk0 slave 2
rk3 at hk0 slave 3
uda0 at uba0 csr 172150 vec 774, ipl 15
ra0 at uda0 slave 0
zs0 at uba0 csr 172520 vec 224, ipl 15
ts0 at zs0 slave 0
dz0 at uba0 csr 160100 vec 300, ipl 15
dz1 at uba0 csr 160110 vec 310, ipl 15
dz2 at uba0 csr 160120 vec 320, ipl 15
dz3 at uba0 csr 160130 vec 330, ipl 15
Changing root device to ra0a
Automatic reboot in progress...
Fri Jul 11 07:32:17 PDT 1986
Can't open checklist file: /etc/fstab
Automatic reboot failed... help!
erase ^?, kill ^U, intr ^C
#

Create the tape device files.

# cd /dev
# sh ./MAKEDEV ts0;sync
# cd /

Notice the newfiles created in /dev/:

brw-rw-rw-  1 root       6,   0 Jul 11 07:43 mt0
brw-rw-rw-  1 root       6,  12 Jul 11 07:43 mt12
brw-rw-rw-  1 root       6,   4 Jul 11 07:43 mt4
brw-rw-rw-  1 root       6,   8 Jul 11 07:43 mt8
brw-rw-rw-  1 root       6,   4 Jul 11 07:43 nmt0
brw-rw-rw-  1 root       6,  12 Jul 11 07:43 nmt8
crw-rw-rw-  1 root      16,   4 Jul 11 07:43 nrmt0
crw-rw-rw-  1 root      16,  12 Jul 11 07:43 nrmt8
crw-rw-rw-  1 root      16,   0 Jul 11 07:43 rmt0
crw-rw-rw-  1 root      16,  12 Jul 11 07:43 rmt12
crw-rw-rw-  1 root      16,   4 Jul 11 07:43 rmt4
crw-rw-rw-  1 root      16,   8 Jul 11 07:43 rmt8

Prep the new partition slice for /usr/:

# disk=ra
# name=ra0h;type=ra81
# newfs $name $type
Warning: 680 sector(s) in last cylinder unallocated
/dev/rra0h:     291346 sectors in 409 cylinders of 14 tracks, 51 sectors
        149.2Mb in 26 cyl groups (16 c/g, 5.85Mb/g, 2048 i/g)
super-block backups (for fsck -b#) at:
 32, 11520, 23008, 34496, 45984, 57472, 68960, 80448, 91936, 103424,
 114912, 126400, 137888, 149376, 160864, 172352, 182816, 194304, 205792, 217280,
 228768, 240256, 251744, 263232, 274720, 286208,

Restore from tape the /usr/sys/ directory. Here the virtual tape device 43.tap will be rewinded, then fast forwarded to the third file, which is the srcsys.tar tarball, as described in the file FORMAT. It will then change to the previous directory, then fast forward the tape and restore the usr.tar tarball file to /usr/. Next, symbolically links /sys/ to /usr/sys/. Last check the newly formated disk:

# mount /dev/$name /usr
# cd /usr
# mkdir sys
# cd sys
# ls
# mt rew
# mt fsf 3
# tar xpbf 20 /dev/rmt12
# ls
# cd ..
# mt fsf
# tar xpbf 20 /dev/rmt12
# ls
# cd /
# chmod 755 / /usr /usr/sys
# rm -rf sys
# ln -s /usr/sys sys
# umount /dev/$name

# fsck /dev/r$name

** /dev/rra0h
** Last Mounted on /usr
** Phase 1 - Check Blocks and Sizes
** Phase 2 - Check Pathnames
** Phase 3 - Check Connectivity
** Phase 4 - Check Reference Counts
** Phase 5 - Check Cyl groups
4645 files, 35630 used, 102954 free (162 frags, 12849 blocks, 0.1% fragmentation)

Configure the fstab, format the /home/ slice, boot into multi-user mode:

# cd /etc
# cp fstab.ra81 fstab
# newfs ra0g ra81
# sync
# reboot
syncing disks... done

Reboot request failed, PC: 8002B03A (MOVL 8004F628,R0)
sim> q
Goodbye

Boot into multi-user mode and login as root:

$ vax780 boot.ini 

VAX 11/780 simulator V4.0-0 Current        git commit id: 37bc857b
./boot.ini-11> att ts 43.tap
%SIM-INFO: TS: Tape Image '43.tap' scanned as SIMH format
loading ra(0,0)boot
Boot
: ra(0,0)vmunix
279844+80872+100324 start 0x12f8
4.3 BSD UNIX #1: Fri Jun  6 19:55:29 PDT 1986
    karels@monet.Berkeley.EDU:/usr/src/sys/GENERIC
real mem  = 8388608
SYSPTSIZE limits number of buffers to 140
avail mem = 7187456
using 140 buffers containing 524288 bytes of memory
mcr0 at tr1
mcr1 at tr2
uba0 at tr3
hk0 at uba0 csr 177440 vec 210, ipl 15
rk0 at hk0 slave 0
rk1 at hk0 slave 1
rk2 at hk0 slave 2
rk3 at hk0 slave 3
uda0 at uba0 csr 172150 vec 774, ipl 15
ra0 at uda0 slave 0
zs0 at uba0 csr 172520 vec 224, ipl 15
ts0 at zs0 slave 0
dz0 at uba0 csr 160100 vec 300, ipl 15
dz1 at uba0 csr 160110 vec 310, ipl 15
dz2 at uba0 csr 160120 vec 320, ipl 15
dz3 at uba0 csr 160130 vec 330, ipl 15
Changing root device to ra0a
Automatic reboot in progress...
Fri Jul 11 08:30:51 PDT 1986
/dev/ra0a: 330 files, 4200 used, 3229 free (5 frags, 403 blocks, 0.1% fragmentation)
/dev/rra0h: 4645 files, 35630 used, 102954 free (162 frags, 12849 blocks, 0.1% fragmentation)
/dev/rra0g: 2 files, 9 used, 245216 free (16 frags, 30650 blocks, 0.0% fragmentation)
Fri Jul 11 08:30:52 PDT 1986
checking quotas: done.
starting system logger
checking for core dump... /a/crash: No such file or directory

starting local daemons: namedJul 11 08:30:52 myname savecore: /a/crash: No such file or directory
Jul 11 08:30:52 myname named[53]: /etc/named.boot: No such file or directory
 sendmail.
preserving editor files
clearing /tmp
standard daemons: update cron accounting.
starting network daemons: rwhod inetd printer.
Fri Jul 11 08:30:52 PDT 1986
Jul 11 08:30:54 myname getty: /dev/tty00: No such file or directory
Jul 11 08:30:54 myname getty: /dev/tty07: No such file or directory
Jul 11 08:30:54 myname getty: /dev/tty06: No such file or directory
Jul 11 08:30:54 myname getty: /dev/tty05: No such file or directory
Jul 11 08:30:54 myname getty: /dev/tty04: No such file or directory
Jul 11 08:30:54 myname getty: /dev/tty03: No such file or directory
Jul 11 08:30:54 myname getty: /dev/tty02: No such file or directory
Jul 11 08:30:54 myname getty: /dev/tty01: No such file or directory

4.3 BSD UNIX (myname.my.domain) (console)

login:

Configure Native Networking

This is where this web page differs from other web pages which emphasize to telnet via the serial interface DZ, listening on telnet port 8888. Here we are setting up native networking by using virtual interfaces both on the guest and the host. The OS will process normal TCP/IP connections in a standard network setup, like any other virtual or physical system.

Edit boot.ini as follows. Notice the “xu” lines and the “idle” line in order to reduce CPU load on the host. Make sure these are inserted before the “load” line. Here we attach xu to eth0, and display the MAC address, during the boot. Also disable the dz serial interface and tape (not needed for now):

$ cat boot.ini

set rq0 ra81
att rq0 rq.dsk
set rq1 dis
set rq2 dis
set rq3 dis
set rp dis
set lpt dis
set rl dis
set tq dis
set tu dis
set dz disable
set ts disable
set xu enabled
attach xu tap:tap0
show xu
set tti 7b
set tto 7b
set cpu idle=32v
load -o boot42 0
d r10 9
d r11 0
run 2

NOTE: With a tap virtual interface you will be able to ping to connect with the host, unlike instructions elsewhere:

Sample bridge and tap virtual interfaces:

# apt-get install bridge-utils uml-utilities

$ cat /etc/network/interfaces
#source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
iface eth0 inet manual

auto br0
iface br0 inet static
	address 192.168.1.3
	network 192.168.1.0
	netmask 255.255.255.0
	broadcast 192.168.1.255
	gateway 192.168.1.1
	bridge_ports eth0
	bridge_fd 9
	bridge_hello 2
	bridge_maxage 12
	bridge_stp off

	pre-up ip tuntap add dev tap0 mode tap user root
	pre-up ip link set tap0 up
	bridge_ports all tap0
	bridge_maxwait 0
	post-down ip link set tap0 down
	post-down ip tuntap del dev tap0 mode tap

Status of the interfaces:

$ ifconfig
br0: flags=4163  mtu 1500
        inet 192.168.1.3  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 fe80::7076:dfff:fe6e:73c  prefixlen 64  scopeid 0x20

        ether 72:76:df:6e:07:3c  txqueuelen 1000  (Ethernet)
        RX packets 1015455  bytes 976912642 (931.6 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 498177  bytes 14568761612 (13.5 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4163  mtu 1500
        ether 98:90:96:e4:60:b5  txqueuelen 1000  (Ethernet)
        RX packets 1082532  bytes 1012525211 (965.6 MiB)
        RX errors 0  dropped 8  overruns 0  frame 0
        TX packets 10333930  bytes 15259284714 (14.2 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 20  memory 0xf7d00000-f7d20000  

tap0: flags=4099  mtu 1500
        ether 72:76:df:6e:07:3c  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

$ ip route sshow
default via 192.168.1.1 dev br0 onlink
192.168.1.0/24 dev br0 proto kernel scope link src 192.168.1.3

Start the guest and then configure networking. You should notice the VAX "xu" interface and BSD "de0" interface being detected during boot. The virtual devices run best when running the simulator with root privileges. This time run the session as root, by creating a boot.sh script; in order not to forget to run as root:

$ cat > boot.sh << EOF
#!/bin/bash
sudo vax780 boot.ini
EOF

$ chmod 0755 boot.sh

Run the simulation with native networking. Notice the detection and attachment between the virtual interfaces. Afterward, test with telnet and ftp connections:

$ ./boot.sh

VAX 11/780 simulator V4.0-0 Current        git commit id: 37bc857b
./boot.ini-14> attach xu tap:tap0
%SIM-INFO: Eth: opened OS device tap0
XU      address=2013F948-2013F94F, vector=50, BR5, MAC=08:00:2B:83:01:14
        type=DELUA, throttle=disabled
        attached to tap:tap0
loading ra(0,0)boot
Boot
: ra(0,0)vmunix
279844+80872+100324 start 0x12f8
4.3 BSD UNIX #1: Fri Jun  6 19:55:29 PDT 1986
    karels@monet.Berkeley.EDU:/usr/src/sys/GENERIC
real mem  = 8388608
SYSPTSIZE limits number of buffers to 140
avail mem = 7187456
using 140 buffers containing 524288 bytes of memory
mcr0 at tr1
mcr1 at tr2
uba0 at tr3
hk0 at uba0 csr 177440 vec 210, ipl 15
rk0 at hk0 slave 0
rk1 at hk0 slave 1
rk2 at hk0 slave 2
rk3 at hk0 slave 3
uda0 at uba0 csr 172150 vec 774, ipl 15
ra0 at uda0 slave 0
de0 at uba0 csr 174510 vec 120, ipl 15
de0: hardware address 08:00:2b:83:01:14
Changing root device to ra0a
Automatic reboot in progress...
Sun Jul 13 18:28:53 PDT 1986
/dev/ra0a: 538 files, 4247 used, 3182 free (22 frags, 395 blocks, 0.3% fragmentation)
/dev/rra0h: 4657 files, 35870 used, 102714 free (170 frags, 12818 blocks, 0.1% fragmentation)
/dev/rra0g: 3 files, 10 used, 245215 free (15 frags, 30650 blocks, 0.0% fragmentation)
Sun Jul 13 18:28:54 PDT 1986
checking quotas: done.
preserving editor files
clearing /tmp
standard daemons: update cron accounting.
starting network daemons: rwhod inetd.
Sun Jul 13 18:28:55 PDT 1986

4.3 BSD UNIX (43bsd) (console)

login:

Create the pseudo terminal "pty" devices, in order to connect via telnet.

# cd /dev
# chmod 0755 MAKEDEV
# ./MAKEDEV pty0
# ./MAKEDEV pty1
# ./MAKEDEV pty2
# sync

There is no DHCP client, so manually configure the interface with a static IP address:

# ifconfig de0
# ifconfig lo0 inet 127.0.0.1 up
# ifconfig de0 inet 192.168.1.103 up
# route add default 192.168.1.1 1

# cat > /etc/resolv.conf <<EOF
nameserver 209.18.47.62
nameserver 209.18.47.61
nameserver 8.8.8.8
nameserver 4.4.4.4
nameserver 192.168.1.1
domain example.com
search example.com
EOF

# ping www.google.com
PING www.google.com: 56 data bytes
64 bytes from 142.250.217.164: icmp_seq=0. time=39. ms
64 bytes from 142.250.217.164: icmp_seq=1. time=30. ms
^C

Test telnet and ftp from another PC.

NOTE: You cannot login as root via telnet. Simply try to establish a telnet connection then Ctrl-D to terminate the telnet connection; and "bye" to end the ftp connection. Here we are only testing if the networking works. We will fully login via telnet later on.

Create a new "admin" superuser in order to login via telnet, and then run "su" to change to the root account:

# cd /etc
# cp passwd passwd.bak
# vipw

admin::3000:31:Administrator:/usr/guest/admin:/bin/sh

Do not leave any space or return after the last character, or you'll get an error.

Change the admin password; create the admin home directory; make the admin user member of the wheel group, in order to be able to 'su' as root:

# passwd admin
(make it "welcome")

# mkdir -p /usr/guest/admin
# chown admin.wheel /usr/guest/admin
# chmod 0750 /usr/guest/admin

# vi /etc/group
wheel:*:0:root,admin

Now try to telnet, ftp and su, as user admin.

NOTE: If listing files makes the ftp session freeze, then try running "passive", for passive mode.

To permanently keep the static IP address after a reboot, add the ifconfig stanza above to the end of file /etc/rc, but before the "exit 0" line; and make that file executable. Also add localhost and your IP and hostname to /etc/hosts file. Rename the host by adding it to /etc/rc also as "hostname 43bsd".

Telnet via Serial Interface

This is the method used in Gunkies and other references; login via telnet while using the VAX780 serial interface; as if one is connecting through a serial dumb terminal. However, with this method FTP will not be possible. Follow the logic:

# cd /dev
# ./MAKEDEV dz0
# halt

$ vi boot.ini

...
set dz enable
set dz lines=8
att dz 8888
set dz 7b
load -o boot42 0
...

$ ./boot.sh
...

$ netstat -tulpn | grep 8888
tcp6       0      0 :::8888                 :::*                    LISTEN      9036/vax780     

$ telnet 43bsd 8888

RSH and RCP Login

RSH and RCP allow remote shell login and remote file copy, without having to log in. This is very insecure because all authentication is sent and received in clear text. Hence, the reason why today we use SCP and SSH, as in "Secure" encryption, it's in the prefix of the command name. However, for practical purposes we will enable the old password-less rsh and rcp commands. In this way we'll be able to login quickly and also copy files back and forth. It is much faster than telnet and ftp.

Verify that the inetd.conf remote daemon configurations are enabled, and not commented out:

$ cat /etc/inetd.conf

shell   stream  tcp     nowait  root    /etc/rshd       rshd
login   stream  tcp     nowait  root    /etc/rlogind    rlogind
exec    stream  tcp     nowait  root    /etc/rexecd     rexecd

Install the utilities in your Debian client. The actual commands will become symbolic links to /usr/bin/netkit-{rsh,rcp}:

# apt-get install rsh-client

Both source and target hosts must have the same username during the interaction, or it will not work.

Create the password-less source config file on the source client (your workstation). Make sure you are logged in as the user admin:

$ cat ~/.rhosts
192.168.1.103 admin

Create the target config file ( on your BSD server). This will contain the IP address of the client PC that wants to connect:

43bsd# cat /etc/hosts.equiv
192.168.1.3

You should be able to open a remote shell via RSH without asking for a password:

$ grep 43bsd /etc/hosts
192.168.1.103 43bsd.example.com 43bsd

$ rsh 43bsd
Last login: Mon Jul 14 08:44:42 from 192.168.1.3
4.3 BSD UNIX #1: Fri Jun  6 19:55:29 PDT 1986
$

Furthermore, also run file copies with RCP, back and forth, without authentication:

$ rcp 43bsd:/tmp/junk.txt .
$ ls junk.txt
junk.txt

$ rcp junk2.txt 43bsd:/tmp/

You can also run remote commands, and have the output displayed locally:

$ rsh 43bsd head /etc/rc
HOME=/; export HOME
PATH=/bin:/usr/bin
if [ -r /fastboot ]
then
	rm -f /fastboot
	echo Fast boot ... skipping disk checks >/dev/console
elif [ $1x = autobootx ]
then
	echo Automatic reboot in progress... >/dev/console
	date >/dev/console

Dump remote text files to local stout:

$ rsh 43bsd cat /etc/ttys > ttys

$ head ttys
#
# name	getty			type		status		comments
#
console	"/etc/getty Console-1200" unknown	on secure
#tty00	"/etc/getty std.9600"	unknown		on secure
#tty01	"/etc/getty std.9600"	unknown		on secure
#tty02	"/etc/getty std.9600"	unknown		on secure
#tty03	"/etc/getty std.9600"	unknown		on secure
#tty04	"/etc/getty std.9600"	unknown		on secure
#tty05	"/etc/getty std.9600"	unknown		on secure

NOTE: If you want to cat file in /etc/ make sure your account is member of the group wheel.

Copy files password-less using LFTP:

Put local file /tmp/aaa.txt:

$ lftp 43bsd -e "cd /tmp/ ; put aaa.txt ; bye"

Get remote file /tmp/bbb.txt:

$ lftp 43bsd -e "cd /tmp/ ; get bbb.txt ; bye"

Troubleshoot

Q: How do I eliminate the "tty" boot errors?

Jul 11 09:39:25 myname getty: /dev/tty01: No such file or directory
Jul 11 09:39:25 myname getty: /dev/tty07: No such file or directory
Jul 11 09:39:25 myname getty: /dev/tty06: No such file or directory
Jul 11 09:39:25 myname getty: /dev/tty05: No such file or directory
Jul 11 09:39:25 myname getty: /dev/tty04: No such file or directory
Jul 11 09:39:25 myname getty: /dev/tty03: No such file or directory
Jul 11 09:39:25 myname getty: /dev/tty02: No such file or directory

A: That's because the file /etc/ttys is specifying them. Comment them out. We are not using serial line connections anyway.

# grep tty0 /etc/ttys
tty00   "/etc/getty std.9600"   unknown         on secure
tty01   "/etc/getty std.9600"   unknown         on secure
tty02   "/etc/getty std.9600"   unknown         on secure
tty03   "/etc/getty std.9600"   unknown         on secure
tty04   "/etc/getty std.9600"   unknown         on secure
tty05   "/etc/getty std.9600"   unknown         on secure
tty06   "/etc/getty std.9600"   unknown         on secure
tty07   "/etc/getty std.9600"   unknown         on secure

# cd /dev
# sed 's/^tty0/#tty0/g' ttys > ttys.new
# chmod 0644 ttys.new
# mv ttys ttys.bak ; # mv ttys.new ttys
# sync
# halt

Q: How do I telnet and ftp as root?

A: Change the root password, then delete root from file /etc/ftpusers.

Q: Why is the k key in vi not going up, and printing more lines?

A:
I have not been able to figure this out.
I use cat to write a small file, or sed to change text linearly.
Also :set noedcompatible does not help.
Alternative: Change the file remotely then copy via ftp.
Alternative: Compile emacs, jove; found in the new.tar set.

Q: How can I disable everything except telnet and ftp?

A: Comment out the unwanted services in /etc/inetd.conf. Basically everything except ftp and telnet; leave the internal commands as is.

ftp     stream  tcp     nowait  root    /etc/ftpd       ftpd
telnet  stream  tcp     nowait  root    /etc/telnetd    telnetd
#shell   stream  tcp     nowait  root    /etc/rshd       rshd
#login   stream  tcp     nowait  root    /etc/rlogind    rlogind
#exec    stream  tcp     nowait  root    /etc/rexecd     rexecd
# Run as user "uucp" if you don't want uucpd's wtmp entries.
#uucp   stream  tcp     nowait  root    /etc/uucpd      uucpd
#finger  stream  tcp     nowait  nobody  /etc/fingerd    fingerd
#tftp   dgram   udp     wait    nobody  /etc/tftpd      tftpd
#comsat  dgram   udp     wait    root    /etc/comsat     comsat
#talk    dgram   udp     wait    root    /etc/talkd      talkd
#ntalk   dgram   udp     wait    root    /etc/ntalkd     ntalkd
echo    stream  tcp     nowait  root    internal
discard stream  tcp     nowait  root    internal
chargen stream  tcp     nowait  root    internal
daytime stream  tcp     nowait  root    internal
time    stream  tcp     nowait  root    internal
echo    dgram   udp     wait    root    internal
discard dgram   udp     wait    root    internal
chargen dgram   udp     wait    root    internal
daytime dgram   udp     wait    root    internal
time    dgram   udp     wait    root    internal

A: Additionally, also comment the sendmail lines in /etc/rc.local, if you will not be using mail.

Remote nmap shows which insecure ports are opened:

# nmap -O 192.168.1.103
Nmap scan report for 192.168.1.103
Host is up (0.015s latency).
Not shown: 987 closed ports
PORT    STATE SERVICE
7/tcp   open  echo
9/tcp   open  discard
13/tcp  open  daytime
19/tcp  open  chargen
21/tcp  open  ftp
23/tcp  open  telnet
25/tcp  open  smtp
37/tcp  open  time
79/tcp  open  finger
512/tcp open  exec
513/tcp open  login
514/tcp open  shell
515/tcp open  printer
...