View Single Post
  #5   (View Single Post)  
Old 18th February 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,128
Default

Quote:
Originally Posted by Oko View Post
...... I really need to have install.site preform couple additional things.

1. Appending and replacing bunch of files at /etc/ as pf.conf, rc.conf.local, group, dhcpd.conf, sudoers, resolv.conf, sysctl.conf, printcap as well as foomatic directory populated by PPDs for printers.
Appending to existing files is a typical task for the 'install.site' script. You also can patch files within 'install.site' as this example dating back from 2007 shows:

Code:
echo --- patch script for: sysctl.conf --- BEGIN
# ---  edit the following line if needed
FILE=./sysctl.conf
FILE=/etc/sysctl.conf

# --- patch it !
cat <<END_OF_PATCH | patch -b -p0 ${FILE}
--- ORIG/sysctl.conf    Wed Aug  8 14:19:57 2007
+++ NEW/sysctl.conf     Wed Aug  8 14:59:26 2007
@@ -4,7 +4,7 @@
 # boot time.  See sysctl(3) and sysctl(8) for more information on
 # the many available variables.
 #
-#net.inet.ip.forwarding=1      # 1=Permit forwarding (routing) of IPv4 packets
+net.inet.ip.forwarding=1       # 1=Permit forwarding (routing) of IPv4 packets
 #net.inet.ip.mforwarding=1     # 1=Permit forwarding (routing) of IPv4 multicast packets
 #net.inet.ip.multipath=1       # 1=Enable IP multipath routing
 #net.inet6.ip6.forwarding=1    # 1=Permit forwarding (routing) of IPv6 packets
END_OF_PATCH
echo  --- patch script for: sysctl.conf --- END
This kind of script snippet I generate with the script I described at http://www.daemonforums.org/showthread.php?t=4257

To replace complete files, you create a 'shadow' file system, populate this file sytem with whatever you want to overwrite the original ones.
Code:
# pwd
/root/SITEXX

# ls -lR FILES
drwxr-xr-x  2 root  wheel  512 Feb 14 06:53 etc
drwx------  2 root  wheel  512 Feb 14 06:57 root

FILES/etc:
-rw-------  1 root  wheel  18 Feb 14 06:53 pf.conf

FILES/root:
-rw-r-----  1 root  wheel  1590 Mar  8  2010 PKGenv
-rw-r-----  1 root  wheel   244 Mar 14  2010 _boot-bsd.rd
-rw-r-----  1 root  wheel   764 Jan 31  2010 _serialconsole
-rw-r-----  1 root  wheel  1126 Jan 27  2010 format_fstab
Now a customizable Makefile will tar up this shadow filesystem:
Code:
# make sitexx

WARNING: No  install.site !!!

tar cvzf site49.tgz -C FILES .
.
./etc
./etc/pf.conf
./root
./root/format_fstab
./root/_serialconsole
./root/_boot-bsd.rd
./root/PKGenv
The "-C FILES" option makes that the files in the tarball have the suitable path to overwrite the existing files.
Normally it will also add an 'install.site' script. Because in this case it did not exist, a warning is issued.
Quote:
2. I also need to upload scanner firmware into
/usr/local/share/sane/snapscan
Put the firmware file in the corresponding shadow file directory to be tarred up with all other files.

Besides the 'siteXX.tgz' file, the OpenBSD installer also automagically untars a file called 'siteXX-HOSTNAME.tgz' for host/box specific files.

A sibling directory of the above mentioned directory FILES is FILES.plato
Code:
 # ls -lR FILES.plato
    
drwxr-xr-x  3 root  wheel  512 Feb 17 08:05 etc
-rw-r--r--  1 root  wheel   28 Feb 17 03:07 plato.txt

FILES.plato/etc:
-rw-------  1 root  wheel  1758 Feb 24  2010 pf.conf
drwxr-xr-x  2 root  wheel   512 Feb 17 08:04 skel

FILES.plato/etc/skel:
-rw--r--r--  1 root  wheel  118 Feb 17 08:04 .exrc
You now create the site49-plato.tgz file with:
Code:
# make sitebox
tar cvzf site49-plato.tgz -C FILES.plato .
.
./plato.txt
./etc
./etc/pf.conf
./etc/skel
./etc/skel/.exrc
Just like 'rc.conf.local' and 'rc.local' have the overrides for 'rc.conf', and 'rc', in a similar way 'site49-plato.tgz' overrides/overwrites 'site49.tgz'.

Quote:
3. The permissions for printers, scanners and USBs have to be adjusted so that users can use them
Another typical task for the 'install.site' script.

Quote:
4. Packages should install and configure automatically.
I use a shell script template for the 'pkg_add'.
Code:
# ---
export PKG_PATH="=pkg_path="

export PKG_CACHE=/home/packages
mkdir -p ${PKG_CACHE}

PACKAGES="=packages="

echo Installing the following packages from $PKG_PATH
echo $PACKAGES | tr ' ' '\n'
echo -------------------------------------------------
pkg_add -v $PACKAGES
echo ===End of 'pkg_add'===
The Makefile uses sed(1) to replace the placeholders =pkg_path= and =packages= with the real values.
These values are defined as Makefile variables, initialized with the contents of files. The 'patched' result is then appended to 'install.site'.

BTW I only install simple packages with not too many dependencies in the install.site.
No gnome, kde or even firefox. I do that when the system is being rebooted for the first time. Remember that during install time you have a rather limited environment.

Quote:
5. dotfiles should install automatically per user.
If the box or host 'plato' only has a single user, copy the .dotfile into the FILES.plato /etc/skel for inclusion in site49-plato.tgz.

Or use a simple shell snippet like '_exrc.root' for 'install.site':
Code:
#---------------------------------------- 
FILE=/root/.exrc
#FILE=$( basename ${FILE} )

echo Creating ${FILE}

cat <<END > ${FILE}
set showmode
set verbose
set ruler
set number
set autoindent
set prompt
set showmatch
set shiftwidth=4
set windowname
END
The install.site script is the result of throwing together a bunch of small tiny shell scripts:
Code:
# --- script building blocks ---

COMMON= \
        _ksh-prompt \
        _disable-inetd \
        _comment-inetd.conf \
        _user-j65nko-snap \
        _rootmail-to-j65nko \
        _sshpubkey-j65nko \
        _sshd-inet-noroot \
        _ssh_config-inet-protocol2 \
        _sudo-wheel \
        _PKGenv-i386

# -- individual blocks : parts.${BOX}

parts.apollo= \
        _ntp-server-192.168.222.10 \
        _start-ntpd \
        _softupdates_adefghi

parts.althusser= \
        _ntp-server-192.168.222.10 \
        _start-ntpd \
        _softupdates_a

# -- AMD64 board  
parts.hercules= \
        _ntp-server-192.168.222.10 \
        _enable_lpd \
        _softupdates_a \
        _PKGenv-amd64
The complet install.site is then defined with :
Code:
SCRIPT  =    ${COMMON} ${parts.${BOX}} sh.pkg
The BOX variable holds the hostname (initialized from a file unsurprisingliy called 'BOX') and 'sh.pkg' is the patched shell script snippet doing the pkg_add.

Now the makefile only has to do a :
Code:
cat ${SRIPT} >install.site
And voila, there is your customized post-installation script.

It is neither difficult nor complicated
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote