# mk-basefile, create basefiles for some distributions
#
-# Thomas Lange, Uni Koeln, 2011-2021
+# Thomas Lange, Uni Koeln, 2011-2024
# based on the Makefile implementation of Michael Goetze
#
# Usage example: mk-basefile -J STRETCH64
# This will create a STRETCH64.tar.xz basefile.
-# Supported distributions (each i386/amd64):
+# Supported distributions (i386/amd64):
# Debian GNU/Linux
-# Ubuntu 14.04/16.04
+# Ubuntu 14.04/16.04/20.04/22.04
+# AlmaLinux 9
+# Rocky Linux 8/9
# CentOS 5/6/7/8
# Scientific Linux Cern 5/6
#
EXCLUDE_BULLSEYE=
EXCLUDE_BOOKWORM=
EXCLUDE_TRIXIE=
+EXCLUDE_FORKY=
EXCLUDE_SID=
EXCLUDE_TRUSTY=dhcp3-client,dhcp3-common,info
EXCLUDE_XENIAL=udhcpc,dibbler-client,info
EXCLUDE_BIONIC=udhcpc,dibbler-client,info
EXCLUDE_FOCAL=udhcpc,dibbler-client,info
+EXCLUDE_JAMMY=udhcpc,dibbler-client,info
+EXCLUDE_NOBLE=udhcpc,dibbler-client,info
# here you can add packages, that are needed very early
INCLUDE_DEBIAN=
chroot $xtmp apt-get clean
rm -f $xtmp/etc/hostname $xtmp/etc/resolv.conf \
$xtmp/var/lib/apt/lists/*_* $xtmp/usr/bin/qemu-*-static \
- $xtmp/etc/udev/rules.d/70-persistent-net.rules
+ $xtmp/etc/udev/rules.d/70-persistent-net.rules \
+ $xtmp/var/lib/dbus/machine-id
> $xtmp/etc/machine-id
}
}
+rpmdist() {
+
+ local arch=$1
+ local vers=$2
+ local dist=$3
+ local domain=$(domainname)
+
+ check
+ setarch $arch
+ $l32 rinse --directory $xtmp --distribution $dist-$vers --arch $arch --before-post-install $xtmp/post
+ domainname $domain # workaround for #613377
+ cleanup-rinse
+ tarit
+}
+
+
+alma() {
+ rpmdist $1 $2 alma
+}
+
+rocky() {
+ rpmdist $1 $2 rocky
+}
+
centos() {
local arch=$1
echo "Available:
+ ALMA9_64
+ ROCKY8_64
+ ROCKY9_64
CENTOS5_32 CENTOS5_64
CENTOS6_32 CENTOS6_64
CENTOS7_32 CENTOS7_64
XENIAL32 XENIAL64
BIONIC64
FOCAL64
+ JAMMY64
+ NOBLE64
SQUEEZE32 SQUEEZE64
WHEEZY32 WHEEZY64
JESSIE32 JESSIE64
BULLSEYE32 BULLSEYE64
BOOKWORM32 BOOKWORM64
TRIXIE32 TRIXIE64
+ FORKY32 FORKY64
SID32 SID64
"
}
cat <<EOF
mk-basefile, create minimal base files for a Linux distritubtion
- Copyright (C) 2011-2020 by Thomas Lange
+ Copyright (C) 2011-2023 by Thomas Lange
Usage: mk-basefile [OPTION] ... DISTRIBUTION
-s Show list of supported linux distributions
-f ARCH Build for foreign architecture ARCH.
-d DIR Use DIR for creating the temporary subtree structure.
- -z Use gzip for compressing the tar file.
+ -z Use zstd for compressing the tar file.
-J Use xz for compressing the tar file.
-k Keep the temporary subtree structure, do not remove it.
-h Print help.
a) echo "$0: Warning. -a is ignored, because xtattrs, acls and selinux are always added." ;;
d) export TMPDIR=$OPTARG ;;
f) export ARCH=$OPTARG ;;
- z) zip="gzip -9"; ext=tar.gz ;;
+ z) zip="zstd -9"; ext=tar.zst ;;
J) zip="xz -8" ext=tar.xz ;;
k) cleanup=0 ;;
h) usage ;;
CENTOS7_32) centos i386 7 ;;
CENTOS7_64) centos amd64 7 ;;
CENTOS8_64) centos amd64 8 ;;
+ ROCKY8_64) rocky amd64 8 ;;
+ ROCKY9_64) rocky amd64 9 ;;
+ ALMA9_64) alma amd64 9 ;;
SLC5_32) slc i386 5 ;;
SLC5_64) slc amd64 5 ;;
SLC6_32) slc i386 6 ;;
SLC6_64) slc amd64 6 ;;
SLC7_64) slc amd64 7 ;;
- TRUSTY*|XENIAL*|BIONIC*|FOCAL*)
+ TRUSTY*|XENIAL*|BIONIC*|FOCAL*|JAMMY*|NOBLE*)
debgeneric $target $MIRROR_UBUNTU ;;
- SQUEEZE*|WHEEZY*|JESSIE*|STRETCH*|BUSTER*|BULLSEYE*|BOOKWORM*|TRIXIE*|SID*)
+ SQUEEZE*|WHEEZY*|JESSIE*|STRETCH*|BUSTER*|BULLSEYE*|BOOKWORM*|TRIXIE*|FORKY*|SID*)
debgeneric $target $MIRROR_DEBIAN $ARCH;;
*) echo "Unknown distribution. Aborting."
prtdists
exit 0
fi
-# Echo architecture and OS name in uppercase. Do NOT remove these two lines.
-uname -s | tr '[:lower:]' '[:upper:]'
+# Echo architecture
command -v dpkg >&/dev/null && dpkg --print-architecture | tr a-z A-Z
# determin if we are a DHCP client or not
#! /bin/bash
-# (c) Thomas Lange, 2002-2013, lange@informatik.uni-koeln.de
+# (c) Thomas Lange, 2002-2013, lange@cs.uni-koeln.de
# NOTE: Files named *.sh will be evaluated, but their output ignored.
echo 0 > /proc/sys/kernel/printk
-#kernelmodules=
-# here, you can load modules depending on the kernel version
-case $(uname -r) in
- 2.6*) kernelmodules="$kernelmodules mptspi dm-mod md-mod aes dm-crypt" ;;
- [3456]*) kernelmodules="$kernelmodules mptspi dm-mod md-mod aes dm-crypt" ;;
-esac
+# example how to load modules depending on the kernel version
+#case $(uname -r) in
+# 2.6*) kernelmodules="$kernelmodules mptspi dm-mod md-mod aes dm-crypt" ;;
+# [3456]*) kernelmodules="$kernelmodules mptspi dm-mod md-mod aes dm-crypt" ;;
+#esac
for mod in $kernelmodules; do
[ X$verbose = X1 ] && echo Loading kernel module $mod
# parse *.profile and build a curses menu, so the user can select a profile
#
-# (c) 2015 by Thomas Lange, lange@informatik.uni-koeln.de
+# (c) 2015 by Thomas Lange, lange@cs.uni-koeln.de
# Universitaet zu Koeln
if [ X$FAI_ACTION = Xinstall -o X$FAI_ACTION = Xdirinstall -o X$FAI_ACTION = X ]; then
[ "$flag_menu" ] || return 0
out=$(tty)
+# save stdout and redirect stdout to tty
+exec 4>&1 > $out
tempfile=$(mktemp)
tempfile2=$(mktemp)
trap "rm -f $tempfile $tempfile2" EXIT INT QUIT
dialog --clear --item-help --title "FAI - Fully Automatic Installation" --help-button \
--default-item "$default" \
--menu "\nSelect your FAI profile\n\nThe profile will define a list of classes,\nwhich are used by FAI.\n\n\n"\
- 15 70 0 "${par[@]}" 2> $tempfile 1> $out
-
+ 15 70 0 "${par[@]}" 2> $tempfile
_retval=$?
case $_retval in
0)
echo "No profile selected."
break ;;
2)
- dialog --title "Description of all profiles" --textbox $tempfile2 0 0 1> $out;;
+ dialog --title "Description of all profiles" --textbox $tempfile2 0 0 ;;
esac
done
unset par ardesc arshort arlong arclasses list tempfile tempfile2 _parsed _retval line
+
+exec 1>&4 # restore stdout
[ "$flag_menu" ] || return 0
out=$(tty)
+# save stdout and redirect stdout to tty
+exec 4>&1 > $out
red=$(mktemp)
echo 'screen_color = (CYAN,RED,ON)' > $red
DIALOGRC=$red dialog --colors --clear --aspect 6 --title "FAI - Fully Automatic Installation" --trim \
- --msgbox "\n\n If you continue, \n all your data on the disk \n \n|\Zr\Z1 WILL BE DESTROYED \Z0\Zn|\n\n" 0 0 1>$out
+ --msgbox "\n\n If you continue, \n all your data on the disk \n \n|\Zr\Z1 WILL BE DESTROYED \Z0\Zn|\n\n" 0 0
# stop on any error, or if ESC was hit
if [ $? -ne 0 ]; then
rm $red
unset red
+exec 1>&4 # restore stdout
gnomehost)
echo "FAIBASE DEBIAN DEMO XORG GNOME";;
ubuntuhost)
- echo "FAIBASE DEBIAN DEMO UBUNTU FOCAL FOCAL64 XORG";;
- centos)
- echo "FAIBASE CENTOS" # you may want to add class XORG here
- ifclass AMD64 && echo CENTOS8_64
- ;;
- slchost)
- # Scientific Linux Cern, is very similar to CentOS. SLC should alsways use the class CENTOS
- echo "FAIBASE CENTOS SLC" # you may want to add class XORG here
- ifclass I386 && echo SLC7_32
- ifclass AMD64 && echo SLC7_64
+ echo "FAIBASE DEBIAN DEMO UBUNTU JAMMY JAMMY64 XORG";;
+ rocky)
+ echo "FAIBASE ROCKY" # you may want to add class XORG here
+ ifclass AMD64 && echo ROCKY9_64
;;
*)
echo "FAIBASE DEBIAN DEMO" ;;
#! /bin/bash
-ifclass -o CENTOS SLC && exit 0
-
ifclass -o GRUB_PC GRUB_EFI && exit 0
if [ -d /sys/firmware/efi ]; then
exit 0
fi
-for c in LVM FAISERVER FAIBASE; do
+for c in CLOUD LVM FAISERVER FAIBASE; do
if ifclass $c; then
echo ${c}_EFI
break
-release=bullseye
+release=bookworm
apt_cdn=http://deb.debian.org
security_cdn=http://security.debian.org
# if you want to use the faiserver as APT proxy
#APTPROXY=http://faiserver:3142
+
+
+# The linux-image package has different names for Debian and Ubuntu
+if ifclass UBUNTU; then
+ kernelname=linux-image-generic
+elif ifclass I386; then
+ kernelname=linux-image-686-pae
+elif ifclass AMD64; then
+ kernelname=linux-image-amd64
+fi
+
+if [ -z "kernelname" ]; then
+ _arch=$(dpkg --print-architecture 2>/dev/null)
+ case $_arch in
+ i386)
+ kernelname=linux-image-686-pae ;;
+ *)
+ kernelname=linux-image-$_arch
+ esac
+ unset _arch
+fi
# set parameter for install_packages(8)
MAXPACKAGES=800
+# Account on the FAI server for saving log files and calling fai-chboot.
+# Remove the hash character in the next line to activate this feature
+#LOGUSER=fai
+
# a user account will be created
username=demo
USERPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1'
# set a default
-FAI_DEBOOTSTRAP="bullseye http://deb.debian.org/debian"
+FAI_DEBOOTSTRAP="bookworm http://deb.debian.org/debian"
ubuntumirror=http://archive.ubuntu.com
-ubuntudist=focal
+ubuntudist=jammy
downloaded from the internet.
Classes: INSTALL FAIBASE DEBIAN DEMO XORG GNOME
-Name: CentOS 8
-Description: CentOS 8 with Xfce desktop
-Short: A normal Xfce desktop, running CentOS 8
-Long: We use the Debian nfsroot for installing the CentOS 8 OS.
+Name: Rocky Linux
+Description: Rocky Linux 9 with Xfce desktop
+Short: A normal Xfce desktop, running Rocky Linux 9
+Long: We use the Debian nfsroot for installing the Rocky Linux 9 OS.
You should have a fast network connection, because most packages are
downloaded from the internet.
-Classes: INSTALL FAIBASE CENTOS CENTOS8_64 XORG
+Classes: INSTALL FAIBASE ROCKY ROCKY9_64 XORG
Name: Ubuntu
-Description: Ubuntu 20.04 LTS desktop installation
+Description: Ubuntu 22.04 LTS desktop installation
Short: Unity desktop
Long: We use the Debian nfsroot for installing the Ubuntu OS.
You should have a fast network connection, because most packages are
downloaded from the internet.
-Classes: INSTALL FAIBASE DEMO DEBIAN UBUNTU FOCAL FOCAL64 XORG
+Classes: INSTALL FAIBASE DEMO DEBIAN UBUNTU JAMMY JAMMY64 XORG
Name: Inventory
Description: Show hardware info
#
# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
+# you may want to add "-O ^metadata_csum_seed" to createopts if the target
+# system is older than bullseye. See #866603, #1031415, #1031416 for more info.
+
disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid
primary / 2G-50G ext4 rw,noatime,errors=remount-ro
# example of new config file for setup-storage
#
-# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
+# p=<partlabel> <mountpoint> <size> <fs type> <mount options> <misc options>
+
+# you may want to add "-O ^metadata_csum_seed" to createopts if the target
+# system is older than bullseye. See #866603, #1031415, #1031416 for more info.
disk_config disk1 disklabel:gpt bootable:1 fstabkey:uuid
-primary /boot/efi 512M vfat rw
-primary / 2G-50G ext4 rw,noatime,errors=remount-ro
-primary swap 200-10G swap sw
-primary /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1" tuneopts="-c 0 -i 0"
+p=efi /boot/efi 512M vfat rw
+p=root / 2G-50G ext4 rw,noatime,errors=remount-ro
+p= swap 200-10G swap sw
+p=home /home 100- ext4 rw,noatime,nosuid,nodev createopts="-L home -m 1" tuneopts="-c 0 -i 0"
# config file for an FAI install server
#
-# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
+# p=<partlabel> <mountpoint> <size> <fs type> <mount options> <misc options>
disk_config disk1 disklabel:gpt fstabkey:uuid
-primary /boot/efi 512M vfat rw
-primary / 2G-15G ext4 rw,noatime,errors=remount-ro
-primary swap 200-1000 swap sw
-primary /tmp 100-1000 ext4 rw,noatime,nosuid,nodev createopts="-m 0" tuneopts="-c 0 -i 0"
-primary /home 100-40% ext4 rw,noatime,nosuid,nodev createopts="-m 1" tuneopts="-c 0 -i 0"
-primary /srv 1G-50% ext4 rw,noatime createopts="-m 1" tuneopts="-c 0 -i 0"
+p=efi /boot/efi 512M vfat rw
+p=system / 2G-15G ext4 rw,noatime,errors=remount-ro
+p=swap swap 200-1000 swap sw
+p= /tmp 100-1000 ext4 rw,noatime,nosuid,nodev createopts="-m 0" tuneopts="-c 0 -i 0"
+p=home /home 100-40% ext4 rw,noatime,nosuid,nodev createopts="-m 1" tuneopts="-c 0 -i 0"
+p=data /srv 1G-50% ext4 rw,noatime createopts="-m 1" tuneopts="-c 0 -i 0"
disk_config disk1 fstabkey:uuid align-at:1M
-primary /boot 200 ext2 rw,noatime
-primary - 4G- - -
+primary /boot 500 ext4 rw,noatime
+primary - 4G- - -
disk_config lvm
-# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
+# p=<partlabel> <mountpoint> <size> <fs type> <mount options> <misc options>
# entire disk with LVM, separate /home
disk_config disk1 disklabel:gpt fstabkey:uuid align-at:1M
-primary /boot/efi 512M vfat rw
-primary /boot 200 ext2 rw,noatime
-primary - 4G- - -
+p=efi /boot/efi 512M vfat rw
+p=boot /boot 500 ext4 rw,noatime
+p=system - 4G- - -
disk_config lvm
# For a detailed description see nfsroot.conf(5)
# "<suite> <mirror>" for debootstrap
-FAI_DEBOOTSTRAP="bullseye http://deb.debian.org/debian"
+FAI_DEBOOTSTRAP="bookworm http://deb.debian.org/debian"
FAI_ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1'
NFSROOT=/srv/fai/nfsroot
dpkg-reconfigure -fnoninteractive openssh-server
fi
sleep 8
-[ -x /etc/init.d/nscd ] && invoke-rc.d nscd restart
echo "================================="
echo "Setting up the FAI install server"
ainsl /etc/fai/fai.conf "^LOGUSER=fai"
# make index, then import the packages from the CD mirror
+/etc/init.d/apt-cacher-ng restart
apt-get update >/dev/null
+echo "Importing local packages to apt cache"
curl -fs 'http://127.0.0.1:3142/acng-report.html?doImport=Start+Import&calcSize=cs&asNeeded=an#bottom' >/dev/null
+echo "Creating FAI Server setup"
# setup the FAI server, including creating the nfsroot, use my own proxy
export APTPROXY="http://127.0.0.1:3142"
echo "=================================================="
echo -e "${RED}ERROR${NORMAL}: Setting up the FAI install server ${RED}FAILED${NORMAL}!"
echo "Read /var/log/fai/fai-setup.log for more debugging"
+ echo "Setup script is now moved to /var/tmp/$0"
echo "=================================================="
echo ""
+ cp -p $0 /var/tmp
sleep 10
+ rm -f $0
exit 99
fi
fai-chboot -o default
# create a template for booting the installation
-fai-chboot -Iv -f verbose,sshd,createvt,menu -u nfs://faiserver/srv/fai/config bullseye.tmpl
+fai-chboot -Iv -f verbose,sshd,createvt,menu -u nfs://faiserver/srv/fai/config bookworm.tmpl
# Since we do not know the MAC address, our DHCP cannot provide the hostname.
# Therefore we do explicitly set the hostname
fai-monitor > /var/log/fai/fai-monitor.log &
# move me away
-mv $0 /var/tmp
+cp -p $0 /var/tmp
# create new rc.local for next reboot
echo '#! /bin/bash' > /etc/rc.local
# hook for installing a file system image (tar file)
# this works for Ubuntu 14.04
#
-# Copyright (C) 2015 Thomas Lange, lange@informatik.uni-koeln.de
+# Copyright (C) 2015 Thomas Lange, lange@cs.uni-koeln.de
# I use this tar command to create the image of an already running and configured machine
fi
if [ -f $target/etc/centos-release ]; then
rm $target/etc/grub2/device.map
- $FAI/scripts/CENTOS/40-install-grub
- $FAI/scripts/CENTOS/30-mkinitrd
+ $FAI/scripts/ROCKY/40-install-grub
+ $FAI/scripts/ROCKY/30-mkinitrd
$ROOTCMD fixfiles onboot # this fixes the SELinux security contexts during the first boot
fi
$ROOTCMD apt-get -y install locales > /dev/null
fi
fi
+
+# use zstd for dracut initrd
+ainsl -av /etc/dracut.conf.d/11-debian.conf "compress=zstd"
data block query control method not found
subprocess.py.\+RuntimeWarning: line buffering
Resource conflict.\+ found
+os-prober will not be executed
+/sys/bus/usb/devices/\*:\*/bInterface
update-rc.d: warning: start and stop actions are no longer supported"
# add pattern on some conditions
echo "ERRORS found in log files. See $errfile" >&2
else
echo "Congratulations! No errors found in log files."
+# export flag_reboot=1 # if you want to reboot if no errors are found
fi
fi
echo force-unsafe-io > $target/etc/dpkg/dpkg.cfg.d/unsafe-io
-
-# you may want to add i386 arch to amd64 hosts
-# if ifclass AMD64; then
-# $ROOTCMD dpkg --add-architecture i386
-# fi
PACKAGES install-norec
-apt-transport-https # is only needed for stretch
+#cryptsetup-initramfs # needed if you use an encrypted partition
+bash-completion
debconf-utils
file
+zstd
less
linuxlogo
rsync
time
procinfo
nullmailer
-eject
+sudo
locales
console-setup kbd
pciutils usbutils
firmware-bnx2 firmware-bnx2x firmware-realtek
firmware-linux-nonfree
# a list of firmware for wifi/wireless
-atmel-firmware firmware-atheros firmware-brcm80211
-firmware-iwlwifi firmware-libertas firmware-ralink firmware-zd1211
+firmware-misc-nonfree
+atmel-firmware firmware-ath9k-htc firmware-brcm80211
+firmware-iwlwifi firmware-libertas firmware-zd1211
firmware-brcm80211 firmware-ti-connectivity
firmware-netronome firmware-netxen firmware-realtek
firmware-cavium
# firmware-ipw2x00 # needs a debconf question
-PACKAGES install I386
-linux-image-686-pae
+# needed for a live ISO
+PACKAGES install-norec LIVEISO
+dracut dracut-live dracut-squash grub-pc grub-efi-amd64-bin
+
+PACKAGES install-norec I386 AMD64
memtest86+
-PACKAGES install CHROOT
+PACKAGES install-norec CHROOT
linux-image-686-pae-
linux-image-amd64-
-PACKAGES install AMD64
-linux-image-amd64
+PACKAGES install-norec AMD64
+${kernelname} # see class/DEBIAN.var
memtest86+
-PACKAGES install ARM64
+PACKAGES install-norec ARM64
+${kernelname} # see class/DEBIAN.var
grub-efi-arm64
-linux-image-arm64
-PACKAGES install GRUB_PC
+PACKAGES install-norec GRUB_PC
grub-pc
-PACKAGES install GRUB_EFI
-grub-efi
+PACKAGES install-norec GRUB_EFI
+grub-efi dosfstools
PACKAGES install LVM
lvm2
fai-quickstart
debmirror tcpdump
-xorriso grub-pc
+xorriso
lftp curl
netselect
syslinux-common pxelinux
apt-cacher-ng
-nscd psmisc
+psmisc
bind9 dnsutils
iptables-persistent
zile
-PACKAGES install-norec
+# enable following two lines to get full GNOME desktop
+#PACKAGES install
+#task-gnome-desktop
+
+# stripped down version of GNOME without libreoffice
+# upgrade to full desktop using: # apt install task-gnome-desktop
+PACKAGES install-norec
firefox-esr
#thunderbird
menu gdm3
traceroute
ucf
xz-utils
-
-PACKAGES install-norec STRETCH BUSTER
-python
-python-minimal
-
-PACKAGES install-norec BULLSEYE
python3
python3-minimal
-PACKAGES install I386
-linux-image-generic
-memtest86+
-
-PACKAGES install CHROOT
-linux-image-generic-
-
-PACKAGES install AMD64
-linux-image-generic
-memtest86+
-
-PACKAGES install GRUB_PC
-grub-pc
+# the kernel is now defined in DEBIAN
PACKAGES install
ubuntu-minimal
ubuntu-server
+PACKAGES install XORG
+ubuntu-server-
+ubuntu-standard
+ubuntu-desktop
+
PACKAGES install GERMAN
language-pack-gnome-de
+
+PACKAGES install CHROOT
+# a chroot does not need a kernel.
+# See class/DEBIAN.var for the exact package name
+${kernelname}-
+# enable following two lines to get full XFCE desktop
+#PACKAGES install
+#task-xfce-desktop
+
+# stripped down version of xfce4 without libreoffice
+# upgrade to full desktop using: # apt install task-xfce-desktop
PACKAGES install-norec
xfce4 # base system
xfce4-goodies # additional tools
+xfce4-power-manager
+light-locker
lightdm
+synaptic
firefox-esr
network-manager-gnome
#! /bin/bash
-fcopy /etc/init.d/expand-root
-if [ -f $target/files/etc/init.d/expand-root ]; then
- $ROOTCMD insserv --default expand-root
-fi
-
-sed -i "s/PermitRootLogin yes/PermitRootLogin without-password/" $target/etc/ssh/sshd_config
+fai-sed "s/PermitRootLogin yes/PermitRootLogin without-password/" /etc/ssh/sshd_config
ainsl /etc/ssh/sshd_config 'ClientAliveInterval 120'
ainsl -a /etc/modprobe.d/blacklist.conf 'blacklist pcspkr'
ainsl -a /etc/modprobe.d/blacklist.conf 'blacklist floppy'
+cleanup_base
+
rm -f $target/etc/resolv.conf \
$target/etc/udev/rules.d/70-persistent-net.rules \
- $target/lib/udev/write_net_rules \
- $target/etc/mailname \
- $target/var/lib/dbus/machine-id
-
-> $target/etc/machine-id
-
-shred --remove $target/etc/ssh/ssh_host_*
+ $target/lib/udev/write_net_rules
# FIXME: DHCP RFC3442 is used incorrect in Azure
if [ -f $target/etc/dhcp/dhclient.conf ]; then
- sed -ie 's,rfc3442-classless-static-routes,disabled-\0,' $target/etc/dhcp/dhclient.conf
+ fai-sed 's,rfc3442-classless-static-routes,disabled-\0,' /etc/dhcp/dhclient.conf
fi
newnicnames() {
- # determine predictable network names only for stretch and above
local name
[ $do_init_tasks -eq 0 ] && return
printf "0.0 0 0.0\n0\nUTC\n" > $target/etc/adjtime
fi
if [ "$UTC" = "yes" ]; then
- sed -i -e 's:^LOCAL$:UTC:' $target/etc/adjtime
+ fai-sed 's:^LOCAL$:UTC:' /etc/adjtime
else
- sed -i -e 's:^UTC$:LOCAL:' $target/etc/adjtime
+ fai-sed 's:^UTC$:LOCAL:' /etc/adjtime
fi
# enable linuxlogo
if [ -f $target/etc/inittab ]; then
- sed -i -e 's#/sbin/getty 38400#/sbin/getty -f /etc/issue.linuxlogo 38400#' ${target}/etc/inittab
+ fai-sed 's#/sbin/getty 38400#/sbin/getty -f /etc/issue.linuxlogo 38400#' /etc/inittab
elif [ -f $target/lib/systemd/system/getty@.service ]; then
- sed -i -e 's#sbin/agetty --noclear#sbin/agetty -f /etc/issue.linuxlogo --noclear#' $target/lib/systemd/system/getty@.service
+ fai-sed 's#sbin/agetty --noclear#sbin/agetty -f /etc/issue.linuxlogo --noclear#' /lib/systemd/system/getty@.service
fi
# make sure a machine-id exists
$ROOTCMD systemd-machine-id-setup
fi
-ln -fs /proc/mounts $target/etc/mtab
+fai-link /etc/mtab ../proc/self/mounts
-rm -f $target/etc/dpkg/dpkg.cfg.d/fai $target/etc/dpkg/dpkg.cfg.d/unsafe-io
+rm -f $target/etc/dpkg/dpkg.cfg.d/unsafe-io
if [ -d /etc/fai ]; then
if ! fcopy -Mv /etc/fai/fai.conf; then
# add additional user account
if [ -n "$username" ]; then
if ! $ROOTCMD getent passwd $username ; then
- $ROOTCMD adduser --disabled-login --gecos "$username user" $username
+ $ROOTCMD adduser --disabled-password --gecos "$username user" $username
$ROOTCMD usermod -p "$USERPW" $username
userdir=$($ROOTCMD getent passwd "$username" | cut -d: -f6 )
$ROOTCMD mkdir -p $xfdir
$ROOTCMD cp /etc/xdg/xfce4/panel/default.xml $xfdir/xfce4-panel.xml
# group name is the same as user name
- $ROOTCMD chown -R $username.$username $userdir/.config
+ $ROOTCMD chown -R $username:$username $userdir/.config
fi
fi
echo $TIMEZONE > $target/etc/timezone
if [ -L $target/etc/localtime ]; then
- ln -sf /usr/share/zoneinfo/${TIMEZONE} $target/etc/localtime
+ fai-link /etc/localtime /usr/share/zoneinfo/${TIMEZONE}
else
cp -f /usr/share/zoneinfo/${TIMEZONE} $target/etc/localtime
fi
# add entries for 10 hosts called client 01 .. 10
perl -e 'for (1..10) {printf "192.168.33.%s client%02s\n",101+$_,$_;}' >> $target/etc/hosts
- sed -i -e '/# ReuseConnections: 1/d' $target/etc/apt-cacher-ng/acng.conf
- ainsl -v /etc/apt-cacher-ng/acng.conf "ReuseConnections: 0"
+ fai-sed '/# ReuseConnections: 1/d' /etc/apt-cacher-ng/acng.conf
+ ainsl -v /etc/apt-cacher-ng/acng.conf "ReuseConnections: 1"
+ ainsl -v /etc/apt-cacher-ng/acng.conf "PipelineDepth: 80"
+ ainsl -v /etc/apt-cacher-ng/acng.conf "DlMaxRetries: 6"
# copy base file for faster building of nfsroot
if [ -f /var/tmp/base.tar.xz ]; then
if [ -d /media/mirror/pool ]; then
mkdir $target/var/cache/apt-cacher-ng/_import
cp -p /media/mirror/pool/*/*/*/*.deb $target/var/cache/apt-cacher-ng/_import
- $ROOTCMD chown -R apt-cacher-ng.apt-cacher-ng /var/cache/apt-cacher-ng/_import
+ $ROOTCMD chown -R apt-cacher-ng:apt-cacher-ng /var/cache/apt-cacher-ng/_import
fi
# copy basefiles from CD to config space
# installation into the removable media paths as well as the standard
# debian path.
+# do only execute for Debian and similar distros
+if ! ifclass DEBIAN ; then
+ exit 0
+fi
+
set -a
# do not set up grub during dirinstall
BOOT_DEVICE=$( lvs --noheadings -o devices $BOOT_DEVICE | sed -e 's/^*\([^(]*\)(.*$/\1/' )
fi
+opts="--no-floppy --target=x86_64-efi --modules=part_gpt"
+
# Check if RAID is used for the boot device
if [[ $BOOT_DEVICE =~ '/dev/md' ]]; then
raiddev=${BOOT_DEVICE#/dev/}
# install grub on all members of RAID
for device in $(LC_ALL=C perl -ne 'if(/^'$raiddev'\s.+raid\d+\s(.+)/){ $_=$1; s/\d+\[\d+\]//g; print }' /proc/mdstat); do
echo Install grub on /dev/$device
- $ROOTCMD grub-install --no-floppy --force-extra-removable "/dev/$device"
+ $ROOTCMD grub-install $opts --force-extra-removable "/dev/$device"
done
elif [[ $BOOT_DEVICE =~ '/dev/loop' ]]; then
# do not update vmram when using a loop device
- $ROOTCMD grub-install --no-floppy --force-extra-removable --modules=part_gpt --no-nvram $BOOT_DEVICE
+ $ROOTCMD grub-install $opts --force-extra-removable --no-nvram $BOOT_DEVICE
if [ $? -eq 0 ]; then
echo "Grub installed on hostdisk $BOOT_DEVICE"
fi
else
- $ROOTCMD grub-install --no-floppy --modules=part_gpt "$GROOT"
+ $ROOTCMD grub-install $opts "$GROOT"
if [ $? -eq 0 ]; then
echo "Grub installed on $BOOT_DEVICE = $GROOT"
fi
fi
$ROOTCMD update-grub
+if [[ $BOOT_DEVICE =~ '/dev/loop' ]]; then
+ :
+else
+ efibootmgr -v
+fi
exit $error
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
+# do only execute for Debian and similar distros
+if ! ifclass DEBIAN ; then
+ exit 0
+fi
+
set -a
# do not set up grub during dirinstall
# disable os-prober because of #802717
ainsl /etc/default/grub 'GRUB_DISABLE_OS_PROBER=true'
+# efivars may still be mounted from the host system during fai-diskimage
+if [ -d $target/sys/firmware/efi/efivars ]; then
+ umount $target/sys/firmware/efi/efivars
+fi
+
# skip the rest, if not an initial installation
if [ $FAI_ACTION != "install" ]; then
$ROOTCMD update-grub
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
+# remove crypt password from format.log
+if [ -f $LOGDIR/format.log ]; then
+ perl -i -pane "s/Executing: yes '.+?' \| cryptsetup/Executing: yes 'XXXXXXXXXXXXX' | cryptsetup/" $LOGDIR/format.log
+fi
+
if [ "$FAI_ACTION" = "dirinstall" -o $do_init_tasks -eq 0 ] ; then
:
else
fi
fi
+ if [ -f $target/etc/crypttab ] && [ ! -f $target/sbin/cryptsetup ]; then
+ echo ERROR: Encrypted devices used, but the crypsetup package was not installed.
+ echo ERROR: You want to add cryptsetup-initramfs or dracut to some package_config file.
+ fi
+
usedm=$(dmsetup ls 2>/dev/null | egrep -v '^live-rw|^live-base|^No devices found' | wc -l)
if [ $usedm -ne 0 ]; then
if [ ! -d $target/etc/lvm ]; then
return
fi
- dists="jessie stretch buster bullseye bookworm trixie focal bionic xenial trusty"
+ dists="jessie stretch buster bullseye bookworm trixie forky noble jammy focal bionic xenial trusty"
for d in $dists; do
if grep -iq $d $target/etc/os-release; then
release=$d
# if installation was done from CD, replace useless sources.list
setrel
-if [ -f $target/etc/apt/sources.list -a -n "$release" ]; then
- grep -q 'file generated by fai-cd' $target/etc/apt/sources.list && cat <<EOF > $target/etc/apt/sources.list
-deb $apt_cdn/debian $release main contrib non-free
-deb $security_cdn/debian-security ${secsuite} main contrib non-free
+if [ -f $target/etc/apt/sources.list ] && [ -n "$release" ]; then
+ if grep -q 'file generated by fai-cd' $target/etc/apt/sources.list; then
+ echo "Create new sources.list for $release"
+ cat <<EOF > $target/etc/apt/sources.list
+deb $apt_cdn/debian $release main contrib non-free non-free-firmware
+deb $security_cdn/debian-security ${secsuite} main contrib non-free non-free-firmware
#deb [trusted=yes] http://fai-project.org/download $release koeln
EOF
+ fi
# if the package fai-server was installed, enable the project's repository
if dpkg-query --admindir=$target/var/lib/dpkg -W fai-server >/dev/null 2>&1; then
- sed -i -e '/fai-project.org/s/^#//' $target/etc/apt/sources.list
+ fai-sed '/fai-project.org/s/^#//' /etc/apt/sources.list
fi
fi
+# install default sources.list for Debian based distributions
+if [ -d $target/etc/apt ] && [ ! -f $target/etc/apt/sources.list ]; then
+ fcopy -Svc DEBIAN_DEFAULT /etc/apt/sources.list
+fi
+
+# older releases do not have the non-free-firmware section
+if [ -n "$release" ] && [[ "buster bullseye" =~ "$release" ]]; then
+ sed -i -e 's/non-free-firmware//g' $target/etc/apt/sources.list
+fi
+
# for ARM architecture, we may need the kernel and initrd to boot or flash the device
if ifclass ARM64; then
cp -pv $target/boot/vmlinuz* $target/boot/initrd* $FAI_RUNDIR
# Subroutines for automatic tests
#
-# Copyright (C) 2009 Thomas Lange, lange@informatik.uni-koeln.de
+# Copyright (C) 2009 Thomas Lange, lange@cs.uni-koeln.de
# Based on the first version by Sebastian Hetze, 08/2008
package FAITEST;
iankelling.org / git / automated-distro-installer / commitdiff