DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 5th November 2008
milo974 milo974 is offline
Fdisk Soldier
 
Join Date: Jul 2008
Posts: 58
Thanked 0 Times in 0 Posts
Default customize install cd

hello, i ve OpenBSD 4.4 CD.
I want to customize install. i ve seen it is possible with an answer file : dot.profile and a custom package : site44.tgz. I ve read the faq at : 4.13-14
But i don't understand how to do that. If someone can help me.
Thank's !
Reply With Quote
  #2   (View Single Post)  
Old 5th November 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,695
Thanked 214 Times in 189 Posts
Default

It's easy.

You create a site*.tgz file that includes any or all local modifications you want to have in your systems.

There are only two skills required:
  1. Know what files you want to have in your custom installation(s)
  2. Know how to use the tar(1) program.
Example: You are using 4.4-stable. You wish to have a starting package set, and a starting set of userids for custom install In this example, the chosen packages are screen and tcsh, and all of the userids on the build machine should be included in all custom installations. Because these are not individualized per-install, this examples will use site44.tgz.

Step 1. Learn what files are included with each package:
$ pkg_info -L tcsh
$ pkg_info -L screen
Step 2. Create the site file. In this example, it includes /etc/passwd, /home, the specific files that make up these packages, and their entries from /var/db/pkg:
Code:
# tar czf /path/to/mystuff/site44.tgz /etc/passwd /home \
/usr/local/bin/screen \
/usr/local/info/screen.* \
/usr/local/man/man1/screen.1 \
/usr/local/share/examples/screen \
/usr/local/share/screen \
/usr/local/bin/tcsh \
/usr/local/man/man1/tcsh.1 \
/usr/local/share/nls/*/tcsh.cat \
/var/db/pkg/screen-4.0.3p1 \
/var/db/pkg/tcsh-6.15.00
Reply With Quote
  #3   (View Single Post)  
Old 6th November 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,148
Thanked 182 Times in 149 Posts
Default

Last year I used the following install.site script for a box called 'hercules'.
Code:
#!/bin/sh
. ./install.site.hercules 2>&1 | tee ./install.report
This way I have a log in the file 'install.report'.

Some snippets from the actual 'install.site.hercules' script which does the real work.
  • A modification of .profile:
    Code:
    #!/bin/sh
    echo  ------------------------------------------------
    echo "               Running $0 on hercules"
    echo  ------------------------------------------------
    
    # ----------------------------------------------------
    # -- KSH PROMPT 
    # --- /.profile is a hard link to /root/.profile so on
    
    PROFILES="/root/.profile /etc/skel/.profile"
    
    for file in $PROFILES ; do
        echo "$0: adding prompt to: $file"
        cat <<END >>$file
    
    # --- prompt
    # j65nko@zeno[/home/j65nko/] 
    #  \u   @ \h [    \w       ]
    
    PS1="\u@\h[\w]"
    export PS1
    
    export PAGER=less 
    
    END
    done
  • Disabling inetd:
    Code:
    # --- disable inetd
    FILE=/etc/rc.conf.local
    cat <<END  >>/etc/rc.conf.local
    inetd=NO
    END
  • Commenting out all lines from inetd.conf':
    Code:
    FILE=/etc/inetd.conf
    BACKUP=${FILE}.orig
    
    cp -p $FILE $BACKUP 
    sed -e 's/^[^#]/#/g' $BACKUP > $FILE
  • Apply an in-line patch of the sudoers file:
    Code:
    FILE=/etc/sudoers
    
    cat <<END_OF_PATCH | patch -b -p0 ${FILE}
    --- ORIG/sudoers        Wed Aug  8 13:45:04 2007
    +++ NEW/sudoers Wed Aug  8 13:54:56 2007
    @@ -17,7 +17,7 @@
     Defaults env_keep +="DESTDIR FETCH_CMD FLAVOR FTPMODE
    ATH PKG_TMPDIR RELEASEDIR SUBPACKAGE"
     
     # Uncomment to preserve the environment for users in 
    -#Defaults:%wheel !env_reset
    +Defaults:%wheel !env_reset
     
     # Runas alias specification
     
    @@ -26,7 +26,7 @@
     
     # Uncomment to allow people in group wheel to run all
     # and set environment variables.
    -# %wheel       ALL=(ALL) SETENV: ALL
    +%wheel ALL=(ALL) SETENV: ALL
     
     # Same thing without a password
     # %wheel       ALL=(ALL) NOPASSWD: SETENV: ALL
    END_OF_PATCH
    echo  --- patch script for: sudoers --- END
    I wrote a small script to generate this type of in-line patches
  • Patching ntpd.conf to sync to the local time server 192.168.222.10 :
    Code:
    FILE=/etc/ntpd.conf
    
    # --- patch it !
    cat <<END_OF_PATCH | patch -b -p0 ${FILE}
    --- ORIG/ntpd.conf      Thu Jun 28 06:24:00 2007
    +++ NEW/ntpd.conf       Thu Jun 28 06:24:50 2007
    @@ -5,8 +5,8 @@
     #listen on *
     
     # sync to a single server
    -#server ntp.example.org
    +server 192.168.222.10
     
     # use a random selection of 8 public stratum 2 servers
     # see http://twiki.ntp.org/bin/view/Servers/NTPPoolServers
    -servers pool.ntp.org
    +# servers pool.ntp.org
    END_OF_PATCH
  • Setting noatime and enable softupdates:
    Code:
    echo "softupdates on a"
    
    mv /etc/fstab /etc/fstab.orig
    cat /etc/fstab.orig | sed -e '/wd0a/  s/rw/rw,softdep,noatime/' >/etc/fstab
  • Add some packages:
    Code:
    # --- configure shared library cache with code stolen from "/etc/rc"
    
    if [ -f /sbin/ldconfig ]; then
            echo 'creating runtime link editor directory cache.'
            if [ -d /usr/local/lib ]; then
                    shlib_dirs="/usr/local/lib $shlib_dirs"
            fi
            if [ -d /usr/X11R6/lib ]; then
                    shlib_dirs="/usr/X11R6/lib $shlib_dirs"
            fi
            ldconfig $shlib_dirs
    fi
    
    # ---
    export PKG_PATH="ftp://mirror.hostfuss.com/pub/OpenBSD/snapshots/packages/amd64/"
    
    export PKG_CACHE=/home/packages
    mkdir -p ${PKG_CACHE}
    
    PACKAGES="fetchmail-6.3.8.tgz pine-4.64p4.tgz mutt-1.5.16p0.tgz ghostscript-8.54p1-a4-no_x11.tgz a2ps-4.13bp4-a4.tgz apsfilter-7.2.8p0.tgz irssi-0.8.11.tgz "
    
    echo Installing the following packages from $PKG_PATH
    echo $PACKAGES | tr ' ' '\n'
    echo -------------------------------------------------
    pkg_add -v $PACKAGES
    
    echo  ----------------------------------------------------------------------   
    echo "               $0 on hercules finished! "
    echo  ----------------------------------------------------------------------

CAVEAT: Please keep in mind that these snippets are tailored to OBSD 4.2 current of August 2007. So they are a year old and thus some of them will need to be modified to work on the just released 4.4.

I just show them here to give you some ideas
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #4   (View Single Post)  
Old 6th November 2008
milo974 milo974 is offline
Fdisk Soldier
 
Join Date: Jul 2008
Posts: 58
Thanked 0 Times in 0 Posts
Default

thank's!
But if i want to custom my openbsd 4.4 cd (to build a firewall), where i need to put my site44.tgz and .profile before burn??
what is the steps ?

Last edited by milo974; 6th November 2008 at 05:24 AM.
Reply With Quote
  #5   (View Single Post)  
Old 6th November 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,695
Thanked 214 Times in 189 Posts
Default

You seem completely confused, milo.
  1. J65's script does not use the site*.tgz install technique.
  2. His modifications of .profile, rc.conf.local, and other modifications are for his own configuration(s).
  3. He's just showing you another way to customize installations.

Regarding your question on where to place site44.tgz:

Typically, if you are doing multiple installs, a local http or ftp server is used to store all filesets, and one would just place the site44.tgz fileset in the same directory on the server. Generally, an admin in this situation uses either cd44.iso or PXE to boot the ramdisk kernel, then installs from the local server.

If you are installing on a machine that has no network connection, place the site44.tgz file with your other filesets on appropriate removeable media, such as a CD/DVD or USB stick.

If CD/DVD is used, the admin burns two discs: cd44.iso and a CD9660 disc containing all filesets, including site44.tgz. Once the ramdisk kernel has booted, the admin merely swaps discs before running the install script.
Reply With Quote
  #6   (View Single Post)  
Old 6th November 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,148
Thanked 182 Times in 149 Posts
Default

Jggimi, I do use the site*.tgz install technique.

The install.site script is inside the site*.tgz file. This site*.tgz file is unpacked at the end of the install. As a result the install.site script is located at the "/" directory, and thus the following quote from the OpenBSD FAQ/installation guide is applicable
Quote:
As the last step in the install/upgrade process, the scripts look in the root directory of the newly installed/upgraded system for install.site or upgrade.site, as appropriate to the current process, and runs this script in an environment chrooted to the installed/upgraded system's root. Remember, the upgrade is done from a booted file system, so your target file system is actually mounted on /mnt. However, because of the chroot, your script can be written as if it is running in the "normal" root of your file system. Since this script is run after all the files are installed, you have almost full functionality of your system (though, in single user mode) when your script runs.

Note that the install.site script would have to be in a siteXX.tgz file, while the upgrade.site script could be put in the root directory before the upgrade, or could be put in a siteXX.tgz file.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #7   (View Single Post)  
Old 6th November 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,148
Thanked 182 Times in 149 Posts
Default

Quote:
Originally Posted by milo974 View Post
where do i need to put my site44.tgz and .profile before burn??
what is the steps ?
The site44.tgz file should be in the same directory as the other install file sets like base44.tgz, etc44.tgz and man44.tgz.

The .profile can either be inside the site44.tgz file or you can modify it like I did in the install.site file, shown in my first post.

Before wasting too much time with burning CD's I would recommend to set up a local FTP server, put all installation filesets including your site44.tgz file on it and use that ftp server during your test installs.

While testing you even don't need a CD at all. Just use the bsd.rd install technique described in http://openbsd.org/faq/faq4.html#bsd.rd.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #8   (View Single Post)  
Old 7th November 2008
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 3,695
Thanked 214 Times in 189 Posts
Default

Ooops, sorry, J65. I had forgotten about the script execution feature.... thanks for straightening me out.
Reply With Quote
Reply

Tags
install.site, sitexx.tgz

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
OBSD 4.3 Customize site43 & install.site problems gamaliel OpenBSD Installation and Upgrading 7 3rd June 2008 03:25 PM


All times are GMT. The time now is 10:33 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick