From: grml User Date: Sat, 15 Sep 2007 13:58:16 +0000 (+0200) Subject: Initial configuration for FAI (work in progress) X-Git-Tag: 0.0.1~71 X-Git-Url: http://git.grml.org/?p=grml-live.git;a=commitdiff_plain;h=229a51dfda4d619c47fb4b0ff94d4d952f61e62a Initial configuration for FAI (work in progress) --- diff --git a/TODO b/TODO new file mode 100644 index 0000000..5c0aa81 --- /dev/null +++ b/TODO @@ -0,0 +1,6 @@ +TODO for grml-live +================== + +* make all references to "grml" (hostname, usersetup,...) configurable +* replace 192.168.... mirrors with something generic and make it configurable +* provide buildprocess for boot/isolinux stuff diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..cd3a5f2 --- /dev/null +++ b/debian/changelog @@ -0,0 +1,6 @@ +grml-live (0.1-1) unstable; urgency=low + + * Initial release. + + -- Michael Prokop Sat, 15 Sep 2007 15:35:34 +0200 + diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..7ed6ff8 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +5 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..f61bf73 --- /dev/null +++ b/debian/control @@ -0,0 +1,18 @@ +Source: grml-live +Section: grml +Priority: extra +Maintainer: Michael Prokop +Build-Depends: debhelper (>= 5), asciidoc, xsltproc, docbook-xsl +Standards-Version: 3.7.2 +Homepage: http://hg.grml.org/grml-live/ +XS-Vcs-hg: http://hg.grml.org/grml-live/ +XS-Vcs-Browser: http://hg.grml.org/grml-live/ + +Package: grml-live +Architecture: all +Depends: fai-client, fai-server +Suggests: fai-doc +Description: build system for creating a grml (based) live-cd + This package provides the build system for creating + a grml (based) live-cd. It is based on FAI (Fully Automatic + Installation). diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..aca79c2 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,32 @@ +This package was debianized by Michael Prokop on +Sat, 15 Sep 2007 15:35:34 +0200. + +It was downloaded from http://grml.org/ + +Upstream Author: Michael Prokop + +Copyright: + + Copyright 2007++ Michael Prokop + +License: + + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this package; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + +On Debian systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. + +The Debian packaging is (C) 2007, Michael Prokop and +is licensed under the GPL, see above. diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..69f95d3 --- /dev/null +++ b/debian/rules @@ -0,0 +1,64 @@ +#!/usr/bin/make -f +# -*- makefile -*- +# Sample debian/rules that uses debhelper. +# This file was originally written by Joey Hess and Craig Small. +# As a special exception, when this file is copied by dh-make into a +# dh-make output file, you may use that output file without restriction. +# This special exception was added by Craig Small in version 0.37 of dh-make. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +build: build-stamp + +build-stamp: + dh_testdir + cd docs && $(MAKE) && cd ../ + touch $@ + +clean: + dh_testdir + dh_testroot + rm -f build-stamp + + # Add here commands to clean up after the build process. + cd docs && $(MAKE) clean && cd ../ + + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs etc/grml/fai/live-initramfs + + # Add here commands to install the package into debian/grml-live. + cp -a etc debian/grml-live/ + install -m 755 initramfs/scripts/init-top/grml debian/grml-live/etc/grml/fai/live-initramfs/grml + +# Build architecture-independent files here. +binary-indep: build install +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot + dh_installchangelogs + dh_installdocs TODO docs/grml-live.html + dh_installexamples + dh_installman docs/grml-live.8 + dh_link + dh_strip + dh_compress + dh_fixperms + # make sure they are executable: + chmod 755 debian/grml-live/etc/grml/fai/config/hooks/* + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install diff --git a/docs/Makefile b/docs/Makefile new file mode 100644 index 0000000..e4b5a95 --- /dev/null +++ b/docs/Makefile @@ -0,0 +1,22 @@ +all: doc + +doc: doc_man doc_html + +doc_html: html-stamp + +html-stamp: grml-live.txt + asciidoc -b xhtml11 grml-live.txt + touch html-stamp + +doc_man: man-stamp + +man-stamp: grml-live.txt + asciidoc -d manpage -b docbook grml-live.txt + xsltproc /usr/share/xml/docbook/stylesheet/nwalsh/manpages/docbook.xsl grml-live.xml + touch man-stamp + +online: doc_html + scp grml-live.html grml:/var/www/grml/grml-live/index.html + +clean: + rm -rf grml-live.html grml-live.xml grml-live.8 html-stamp man-stamp diff --git a/docs/grml-live.txt b/docs/grml-live.txt new file mode 100644 index 0000000..3f14ba5 --- /dev/null +++ b/docs/grml-live.txt @@ -0,0 +1,29 @@ +grml-live(8) +============ + +Name +---- +grml-live - generate a grml (based) live-cd + +Synopsis +-------- +grml-live [ todo...] + +******************************************************************************* +Important! grml-live is under heavy construction and everything but ready yet. +******************************************************************************* + +Introduction +------------ + +grml-live provides the build system for creating a grml (based) live-cd. It is +based on link:http://www.informatik.uni-koeln.de/fai/[FAI] (Fully Automatic +Installation). + +Bugs +---- +Please report feedback, link:http://grml.org/bugs/[bugreports] and wishes link:http://grml.org/contact/[to us]! + +Authors +------- +Michael Prokop . diff --git a/etc/grml/fai/NFSROOT b/etc/grml/fai/NFSROOT new file mode 100644 index 0000000..568d3f0 --- /dev/null +++ b/etc/grml/fai/NFSROOT @@ -0,0 +1,36 @@ +# package list for creating the NFSROOT + +PACKAGES install +fai-nfsroot module-init-tools dhcp3-client ssh rdate lshw hwinfo portmap +bootpc rsync lftp rsh-client less dump reiserfsprogs ext2resize usbutils +hwinfo psmisc pciutils hdparm smartmontools parted mdadm lvm2 +dnsutils ntpdate dosfstools cvs jove xfsprogs xfsdump +sysutils dialog discover mdetect +console-tools console-common +expect iproute udev subversion +live-initramfs + +# needed for the simple examples +cfengine2 libapt-pkg-perl + +# you should not edit the lines below +# architecture dependend list of packages that are installed + +PACKAGES install I386 +grub lilo read-edid +linux-image-486 unionfs-modules-2.6-486 + +PACKAGES install AMD64 +grub lilo +linux-image-2.6-amd64 unionfs-modules-2.6-amd64 + +PACKAGES install IA64 +elilo gnu-efi efibootmgr + +PACKAGES install SPARC +silo sparc-utils + +PACKAGES install ALPHA +aboot + +#PACKAGES install powerpc diff --git a/etc/grml/fai/apt/sources.list b/etc/grml/fai/apt/sources.list new file mode 100644 index 0000000..dca1d99 --- /dev/null +++ b/etc/grml/fai/apt/sources.list @@ -0,0 +1,11 @@ +# These lines should work for many sites +# A more comprehensive example is at /usr/share/doc/fai-doc/examples/etc + +deb http://192.168.1.112/debian etch main contrib non-free +deb http://deb.grml.org/ grml-stable main +deb http://deb.grml.org/ grml-testing main +deb http://ftp.de.debian.org/debian etch main contrib non-free + +# deb http://www.informatik.uni-koeln.de/fai/download etch koeln +# deb http://ftp.debian.org/debian etch-proposed-updates main contrib non-free +# deb http://security.debian.org/debian-security etch/updates main contrib non-free diff --git a/etc/grml/fai/config/class/GRML.var b/etc/grml/fai/config/class/GRML.var new file mode 100644 index 0000000..5bb0c7a --- /dev/null +++ b/etc/grml/fai/config/class/GRML.var @@ -0,0 +1,21 @@ +# default values for installation. You can override them in your *.var files + +# allow installation of packages from unsigned repositories +FAI_ALLOW_UNSIGNED=1 + +CONSOLEFONT= +KEYMAP=us-latin1 + +# Set UTC=yes if your system clock is set to UTC (GMT), and UTC=no if not. +UTC=yes +TIMEZONE=Europe/Vienna + +# root password for the new installed linux system; md5 and crypt are possible +# pw is "fai" +ROOTPW='x' + +# MODULESLIST contains modules that will be loaded by the new system, +# not during installation these modules will be written to /etc/modules +# If you need a module during installation, add it to $kernelmodules +# in 20-hwdetect.source. But discover should do most of this job +# MODULESLIST="usbkbd ehci-hcd ohci-hcd uhci-hcd usbhid psmouse" diff --git a/etc/grml/fai/config/debconf/FAIBASE b/etc/grml/fai/config/debconf/FAIBASE new file mode 100644 index 0000000..6d2e9dd --- /dev/null +++ b/etc/grml/fai/config/debconf/FAIBASE @@ -0,0 +1,9 @@ +passwd passwd/shadow boolean true +exim4-config exim4/dc_eximconfig_configtype select local delivery only; not on a network +locales locales/default_environment_locale select en_US.UTF-8 +locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8 +xserver-xorg xserver-xorg/config/inputdevice/keyboard/model string pc105 +xserver-xorg xserver-xorg/autodetect_monitor boolean false +xserver-xorg xserver-xorg/autodetect_keyboard boolean true +xserver-xorg xserver-xorg/autodetect_mouse boolean true +xserver-xorg xserver-xorg/autodetect_video_card boolean true diff --git a/etc/grml/fai/config/debconf/FAISERVER b/etc/grml/fai/config/debconf/FAISERVER new file mode 100644 index 0000000..be6e8b4 --- /dev/null +++ b/etc/grml/fai/config/debconf/FAISERVER @@ -0,0 +1,2 @@ +# Should the server be started by inetd? +tftpd-hpa tftpd-hpa/use_inetd boolean false diff --git a/etc/grml/fai/config/debconf/GERMAN b/etc/grml/fai/config/debconf/GERMAN new file mode 100644 index 0000000..97ac8e9 --- /dev/null +++ b/etc/grml/fai/config/debconf/GERMAN @@ -0,0 +1,3 @@ +locales locales/default_environment_locale select de_DE.UTF-8 +locales locales/locales_to_be_generated multiselect de_DE.UTF-8 UTF-8 +xserver-xorg xserver-xorg/config/inputdevice/keyboard/layout string de diff --git a/etc/grml/fai/config/disk_config/FAIBASE b/etc/grml/fai/config/disk_config/FAIBASE new file mode 100644 index 0000000..55d752c --- /dev/null +++ b/etc/grml/fai/config/disk_config/FAIBASE @@ -0,0 +1,13 @@ +# generic disk configuration for one small disk +# disk size from 500Mb up to what you can buy today +# +# [mount options] [;extra options] + +disk_config disk1 +primary / 150-300 rw,errors=remount-ro ; -c -j ext3 +logical swap 40-500 rw +logical /var 90-1000 rw ; -m 5 -j ext3 +logical /tmp 50-1000 rw ; -m 0 -j ext3 +logical /usr 200-4000 rw ; -j ext3 +logical /home 50- rw,nosuid ; -m 1 -j ext3 +# logical /home preserve9 rw,nosuid ; -m 1 -j ext3 diff --git a/etc/grml/fai/config/disk_config/FAISERVER b/etc/grml/fai/config/disk_config/FAISERVER new file mode 100644 index 0000000..f2666d4 --- /dev/null +++ b/etc/grml/fai/config/disk_config/FAISERVER @@ -0,0 +1,13 @@ +# generic disk configuration for a fai isntall server +# +# [mount options] [;extra options] + +disk_config disk1 +primary / 150-300 rw,errors=remount-ro ; -c -j ext3 +logical swap 40-500 rw +logical /var 700-1000 rw ; -m 5 -j ext3 +logical /tmp 50-1000 rw ; -m 0 -j ext3 +logical /usr 500-4000 rw ; -j ext3 +logical /home 50-1000 rw,nosuid ; -m 1 -j ext3 +# logical /home preserve9 rw,nosuid ; -m 1 -j ext3 +logical /srv 300- rw ; -m 1 -j ext3 diff --git a/etc/grml/fai/config/files/boot/grub/menu.lst/GRUB b/etc/grml/fai/config/files/boot/grub/menu.lst/GRUB new file mode 100644 index 0000000..18ce0a2 --- /dev/null +++ b/etc/grml/fai/config/files/boot/grub/menu.lst/GRUB @@ -0,0 +1,43 @@ +# +timeout 5 +default 0 +color cyan/blue white/blue + +### BEGIN AUTOMAGIC KERNELS LIST +## lines between the AUTOMAGIC KERNELS LIST markers will be modified +## by the debian update-grub script except for the default optons below + +## DO NOT UNCOMMENT THEM, Just edit them to your needs + +## ## Start Default Options ## +## default kernel options +# kopt=root=#ROOT_PARTITION# ro + +## default grub root device +## e.g. groot=(hd0,0) +# groot=#GROOT# + +## should update-grub create alternative boot options +## e.g. alternative=true +## alternative=false +# alternative=true + +## should update-grub lock alternative boot options +## e.g. lockalternative=true +## lockalternative=false +# lockalternative=true + +## altoption boot targets option +## multiple altoptions lines are allowed +## e.g. altoptions=(extra menu suffix) extra boot options +## altoptions=(recovery mode) single +# altoptions=(recovery mode) single + +## add memtest86 if found +# memtest86=true + +## ## End Default Options ## + +### END DEBIAN AUTOMAGIC KERNELS LIST + + diff --git a/etc/grml/fai/config/files/boot/grub/menu.lst/postinst b/etc/grml/fai/config/files/boot/grub/menu.lst/postinst new file mode 100755 index 0000000..c688770 --- /dev/null +++ b/etc/grml/fai/config/files/boot/grub/menu.lst/postinst @@ -0,0 +1,20 @@ +#! /bin/bash + +error=0 ; trap "error=$((error|1))" ERR + +set -a + +# during softupdate use this file +[ -r $target/var/log/fai/disk_var.sh ] && . $target/var/log/fai/disk_var.sh + +# if class NOMBR is defined, write boot loader into root partition, not into mbr +ifclass NOMBR && BOOT_DEVICE=$BOOT_PARTITION + +grub-install --no-floppy --root-directory=$target $BOOT_DEVICE +GROOT=$(device2grub $BOOT_PARTITION) +perl -pi -e 's/#(\w+)#/$ENV{$1}/' $2 +$ROOTCMD /usr/sbin/update-grub +echo "Grub installed on $BOOT_DEVICE on $GROOT" + +exit $error + diff --git a/etc/grml/fai/config/files/etc/X11/XF86Config-4/DEMO b/etc/grml/fai/config/files/etc/X11/XF86Config-4/DEMO new file mode 100644 index 0000000..ed02b3b --- /dev/null +++ b/etc/grml/fai/config/files/etc/X11/XF86Config-4/DEMO @@ -0,0 +1,121 @@ +# XF86Config-4 (XFree86 X Window System server configuration file) +# +# This file was generated by dexconf, the Debian X Configuration tool, using +# values from the debconf database. +# +# Edit this file with caution, and see the XF86Config-4 manual page. +# (Type "man XF86Config-4" at the shell prompt.) +# +# This file is automatically updated on xserver-xfree86 package upgrades *only* +# if it has not been modified since the last upgrade of the xserver-xfree86 +# package. +# +# If you have edited this file but would like it to be automatically updated +# again, run the following commands as root: +# +# cp /etc/X11/XF86Config-4 /etc/X11/XF86Config-4.custom +# md5sum /etc/X11/XF86Config-4 > /var/lib/xfree86/XF86Config-4.md5sum +# dpkg-reconfigure xserver-xfree86 +Section "Files" + FontPath "unix/:7100" # local font server + # if the local font server has problems, we can fall back on these + FontPath "/usr/lib/X11/fonts/misc" + FontPath "/usr/lib/X11/fonts/cyrillic" + FontPath "/usr/lib/X11/fonts/100dpi/:unscaled" + FontPath "/usr/lib/X11/fonts/75dpi/:unscaled" + FontPath "/usr/lib/X11/fonts/Type1" + FontPath "/usr/lib/X11/fonts/CID" + FontPath "/usr/lib/X11/fonts/Speedo" + FontPath "/usr/lib/X11/fonts/100dpi" + FontPath "/usr/lib/X11/fonts/75dpi" +EndSection +Section "Module" + Load "GLcore" + Load "bitmap" + Load "dbe" + Load "ddc" + Load "dri" + Load "extmod" + Load "freetype" + Load "glx" + Load "int10" + Load "record" + Load "speedo" + Load "type1" + Load "vbe" +EndSection +Section "InputDevice" + Identifier "Generic Keyboard" + Driver "keyboard" + Option "CoreKeyboard" + Option "XkbRules" "xfree86" + Option "XkbModel" "pc105" + Option "XkbLayout" "us" +EndSection +Section "InputDevice" + Identifier "Configured Mouse" + Driver "mouse" + Option "CorePointer" + Option "Device" "/dev/psaux" + Option "Protocol" "PS/2" + Option "ZAxisMapping" "4 5" +EndSection + +Section "InputDevice" + Identifier "Generic Mouse" + Driver "mouse" + Option "SendCoreEvents" "true" + Option "Device" "/dev/input/mice" + Option "Protocol" "ImPS/2" + Option "ZAxisMapping" "4 5" +EndSection +Section "Device" + Identifier "Generic Video Card" + Driver "%%VIDEODRV%%" +EndSection +Section "Monitor" + Identifier "Generic Monitor" + HorizSync 30-110 + VertRefresh 50-160 + Option "DPMS" +EndSection +Section "Screen" + Identifier "Default Screen" + Device "Generic Video Card" + Monitor "Generic Monitor" + DefaultDepth 24 + SubSection "Display" + Depth 1 + Modes "1024x768" "800x600" "640x480" + EndSubSection + SubSection "Display" + Depth 4 + Modes "1024x768" "800x600" "640x480" + EndSubSection + SubSection "Display" + Depth 8 + Modes "1024x768" "800x600" "640x480" + EndSubSection + SubSection "Display" + Depth 15 + Modes "1024x768" "800x600" "640x480" + EndSubSection + SubSection "Display" + Depth 16 + Modes "1024x768" "800x600" "640x480" + EndSubSection + SubSection "Display" + Depth 24 + Modes "1024x768" "800x600" "640x480" + EndSubSection +EndSection +Section "ServerLayout" + Identifier "Default Layout" + Screen "Default Screen" + InputDevice "Generic Keyboard" + InputDevice "Configured Mouse" + InputDevice "Generic Mouse" +EndSection +Section "DRI" + Mode 0666 +EndSection diff --git a/etc/grml/fai/config/files/etc/apache2/conf.d/FAISERVER b/etc/grml/fai/config/files/etc/apache2/conf.d/FAISERVER new file mode 100644 index 0000000..a648620 --- /dev/null +++ b/etc/grml/fai/config/files/etc/apache2/conf.d/FAISERVER @@ -0,0 +1,24 @@ + + AllowOverride None + Options None + Order deny,allow + Deny from all + Allow from 192.168.1 + + + + AllowOverride None + Options None + Order deny,allow +# Deny from all + Allow from all + + + + AllowOverride None + Options None + Order deny,allow +# Deny from all + Allow from all + + diff --git a/etc/grml/fai/config/files/etc/apt-proxy/apt-proxy-v2.conf/FAISERVER b/etc/grml/fai/config/files/etc/apt-proxy/apt-proxy-v2.conf/FAISERVER new file mode 100644 index 0000000..73f9881 --- /dev/null +++ b/etc/grml/fai/config/files/etc/apt-proxy/apt-proxy-v2.conf/FAISERVER @@ -0,0 +1,151 @@ +[DEFAULT] +;; All times are in seconds, but you can add a suffix +;; for minutes(m), hours(h) or days(d) + +;; Server IP to listen on +;address = 192.168.0.254 + +;; Server port to listen on +port = 9999 + +;; Control files (Packages/Sources/Contents) refresh rate +;; +;; Minimum time between attempts to refresh a file +min_refresh_delay = 1h + +;; Minimum age of a file before attempting an update (NOT YET IMPLEMENTED) +;min_age = 23h + +;; Uncomment to make apt-proxy continue downloading even if all +;; clients disconnect. This is probably not a good idea on a +;; dial up line. +;; complete_clientless_downloads = 1 + +;; Debugging settings. +;; for all debug information use this: +;; debug = all:9 +debug = all:4 db:0 + +;; Debugging remote python console +;; Do not enable in an untrusted environment +;telnet_port = 9998 +;telnet_user = apt-proxy +;telnet_password = secret + +;; Network timeout when retrieving from backend servers +timeout = 15 + +;; Cache directory for apt-proxy +cache_dir = /var/cache/apt-proxy + +;; Use passive FTP? (default=on) +;passive_ftp = on + +;; Use HTTP proxy? +;http_proxy = host:port + +;; Enable HTTP pipelining within apt-proxy (for test purposes) +;disable_pipelining=0 + +;;-------------------------------------------------------------- +;; Cache housekeeping + +;; Time to perform periodic housekeeping: +;; - delete files that have not been accessed in max_age +;; - scan cache directories and update internal tables +cleanup_freq = 1d + +;; Maximum age of files before deletion from the cache (seconds) +max_age = 120d + +;; Maximum number of versions of a .deb to keep per distribution +max_versions = 3 + +;; Add HTTP backends dynamicaly if not already defined? (default=on) +;dynamic_backends = on + +;;--------------------------------------------------------------- +;;--------------------------------------------------------------- +;; Backend servers +;; +;; Place each server in its own [section] + +[debian] +;; The main Debian archive +;; You can override the default timeout like this: +;timeout = 30 + +;; Rsync server used to rsync the Packages file (NOT YET IMPLEMENTED) +;;rsyncpackages = rsync://ftp.de.debian.org/debian + +;; Backend servers, in order of preference +backends = + http://ftp.de.debian.org/debian + http://ftp2.de.debian.org/debian + http://ftp.us.debian.org/debian + ftp://ftp.uk.debian.org/debian + +[debian-amd64] +backends = + http://ftp.de.debian.org/debian-amd64/debian + http://debian.csail.mit.edu/debian-amd64/debian + http://ftp2.de.debian.org/debian-amd64/debian + http://mirror.pacific.net.au/linux/debian-amd64/debian + +[debian-non-US] +;; Debian debian-non-US archive +;timeout will be the global value +backends = + http://ftp.de.debian.org/debian-non-US + http://ftp.uk.debian.org/debian-non-US + ftp://ftp.uk.debian.org/debian + +[security] +;; Debian security archive +backends = + http://ftp2.de.debian.org/debian-security + ftp://security.debian.org/debian-security + +[ubuntu] +;; Ubuntu archive +backends = http://archive.ubuntu.com/ubuntu + +[ubuntu-security] +;; Ubuntu security updates +backends = http://security.ubuntu.com/ubuntu + +;[openoffice] +;; OpenOffice.org packages +;backends = +; http://ftp.freenet.de/pub/debian-openoffice +; http://ftp.sh.cvut.cz/MIRRORS/OpenOffice.deb +; http://borft.student.utwente.nl/debian + +;[apt-proxy] +;; Apt-proxy new versions +;backends = http://apt-proxy.sourceforge.net/apt-proxy + +;[backports.org] +;; backports.org +;backends = http://backports.org/debian + +;[blackdown] +;; Blackdown Java +;backends = http://ftp.gwdg.de/pub/languages/java/linux/debian + + +;[debian-people] +;; people.debian.org +;backends = http://people.debian.org + +;[emdebian] +;; The Emdebian project +;backends = http://emdebian.sourceforge.net/emdebian + +;[rsync] +;; An example using an rsync server. This is not recommended +;; unless http is not available, becuause rsync is only more +;; efficient for transferring uncompressed files and puts much +;; more overhead on the server. See the rsyncpacakges parameter +;; for a way of rsyncing just the Packages files. +;backends = rsync://ftp.uk.debian.org/debian diff --git a/etc/grml/fai/config/files/etc/default/tftpd-hpa/FAISERVER b/etc/grml/fai/config/files/etc/default/tftpd-hpa/FAISERVER new file mode 100644 index 0000000..f432436 --- /dev/null +++ b/etc/grml/fai/config/files/etc/default/tftpd-hpa/FAISERVER @@ -0,0 +1,3 @@ +#Defaults for tftpd-hpa +RUN_DAEMON="yes" +OPTIONS="-l -s /srv/tftp" diff --git a/etc/grml/fai/config/files/etc/dhcp3/dhcpd.conf/FAISERVER b/etc/grml/fai/config/files/etc/dhcp3/dhcpd.conf/FAISERVER new file mode 100644 index 0000000..ae5fc31 --- /dev/null +++ b/etc/grml/fai/config/files/etc/dhcp3/dhcpd.conf/FAISERVER @@ -0,0 +1,49 @@ +# dhcpd.conf for a fai install server +# replace faiserver with the name of your install server + +deny unknown-clients; +option dhcp-max-message-size 2048; +use-host-decl-names on; +#always-reply-rfc1048 on; + +subnet 192.168.1.0 netmask 255.255.255.0 { + option routers 192.168.1.250; + option domain-name "fai"; + option domain-name-servers 192.168.1.250; + option time-servers faiserver; + option ntp-servers faiserver; + server-name faiserver; + next-server faiserver; + filename "fai/pxelinux.0"; +} + +# generate more lines with: + +# perl -e 'for (1..25) {printf "host atom%02s {hardware ethernet XXX:$_;fixed-address atom%02s;}\n",$_,$_;}' + +# replace 1:2:3:4:5:XX with the hardware addresses of your clients +host atom01 {hardware ethernet 1:2:3:4:5:1;fixed-address atom01;} +host atom02 {hardware ethernet 1:2:3:4:5:2;fixed-address atom02;} +host atom03 {hardware ethernet 1:2:3:4:5:3;fixed-address atom03;} +host atom04 {hardware ethernet 1:2:3:4:5:4;fixed-address atom04;} +host atom05 {hardware ethernet 1:2:3:4:5:5;fixed-address atom05;} +host atom06 {hardware ethernet 1:2:3:4:5:6;fixed-address atom06;} +host atom07 {hardware ethernet 1:2:3:4:5:7;fixed-address atom07;} +host atom08 {hardware ethernet 1:2:3:4:5:8;fixed-address atom08;} +host atom09 {hardware ethernet 1:2:3:4:5:9;fixed-address atom09;} +host atom10 {hardware ethernet 1:2:3:4:5:10;fixed-address atom10;} +host atom11 {hardware ethernet 1:2:3:4:5:11;fixed-address atom11;} +host atom12 {hardware ethernet 1:2:3:4:5:12;fixed-address atom12;} +host atom13 {hardware ethernet 1:2:3:4:5:13;fixed-address atom13;} +host atom14 {hardware ethernet 1:2:3:4:5:14;fixed-address atom14;} +host atom15 {hardware ethernet 1:2:3:4:5:15;fixed-address atom15;} +host atom16 {hardware ethernet 1:2:3:4:5:16;fixed-address atom16;} +host atom17 {hardware ethernet 1:2:3:4:5:17;fixed-address atom17;} +host atom18 {hardware ethernet 1:2:3:4:5:18;fixed-address atom18;} +host atom19 {hardware ethernet 1:2:3:4:5:19;fixed-address atom19;} +host atom20 {hardware ethernet 1:2:3:4:5:20;fixed-address atom20;} +host atom21 {hardware ethernet 1:2:3:4:5:21;fixed-address atom21;} +host atom22 {hardware ethernet 1:2:3:4:5:22;fixed-address atom22;} +host atom23 {hardware ethernet 1:2:3:4:5:23;fixed-address atom23;} +host atom24 {hardware ethernet 1:2:3:4:5:24;fixed-address atom24;} +host atom25 {hardware ethernet 1:2:3:4:5:25;fixed-address atom25;} diff --git a/etc/grml/fai/config/files/etc/fai/apt/sources.list/FAISERVER b/etc/grml/fai/config/files/etc/fai/apt/sources.list/FAISERVER new file mode 100644 index 0000000..82e18e3 --- /dev/null +++ b/etc/grml/fai/config/files/etc/fai/apt/sources.list/FAISERVER @@ -0,0 +1,8 @@ +# via local partitial mirror (was mirror on fai-cd) +deb http://faiserver/debian etch main +#deb http://faiserver/debian etch/updates main +#deb http://faiserver/debian-security etch/updates main contrib non-free + +# via apt-proxy +deb http://faiserver:9999/debian etch main contrib non-free +deb http://faiserver:9999/security etch/updates main contrib non-free diff --git a/etc/grml/fai/config/files/etc/fai/fai.conf/FAISERVER b/etc/grml/fai/config/files/etc/fai/fai.conf/FAISERVER new file mode 100644 index 0000000..6760d92 --- /dev/null +++ b/etc/grml/fai/config/files/etc/fai/fai.conf/FAISERVER @@ -0,0 +1,35 @@ +# $Id: fai.conf 3770 2006-08-07 12:08:51Z lange $ + +# /etc/fai/fai.conf -- configuration for FAI (Fully Automatic Installation) + +# Access to Debian mirror via NFS mounted directory +# If FAI_DEBMIRROR is defined, install clients mount it to $MNTPOINT +#FAI_DEBMIRROR=yournfs debianmirror:/path/to/debianmirror + +# LOGUSER: an account on the install server which saves all log-files +# and which can change the kernel that is booted via network. +# Configure .rhosts for this account and PAM, so that root can log in +# from all install clients without password. This account should have +# write permissions for /srv/tftp/fai. For example, you can use write +# permissions for the group linuxadm. chgrp linuxadm /srv/tftp/fai;chmod +# g+w /srv/tftp/fai. If the variable is undefined, this feature is disabled. +# Define it, to enable it, eg. LOGUSER=fai +LOGUSER=fai + +# set protocol type for saving logs. Values: ssh, rsh, ftp +FAI_LOGPROTO=rsh + +# the configuration space on the install server +FAI_CONFIGDIR=/srv/fai/config + +# how to access the fai config space +# default if undefined here: nfs://`hostname`/$FAI_CONFIGDIR +#FAI_CONFIG_SRC=nfs://yourservername$FAI_CONFIGDIR + +# the following variables are read only for most users + +# mount point where the mirror will be mounted +MNTPOINT=/media/mirror + +# the local configuration directory on the install client +FAI=/var/lib/fai/config diff --git a/etc/grml/fai/config/files/etc/fai/make-fai-nfsroot.conf/FAISERVER b/etc/grml/fai/config/files/etc/fai/make-fai-nfsroot.conf/FAISERVER new file mode 100644 index 0000000..65e9aa5 --- /dev/null +++ b/etc/grml/fai/config/files/etc/fai/make-fai-nfsroot.conf/FAISERVER @@ -0,0 +1,24 @@ +# these variables are only used by make-fai-nfsroot(8) +# here you can use also variables defined in fai.conf + +# directory on the install server where the nfsroot for FAI is +# created, approx size: 250MB, also defined in bootptab or dhcp.conf +NFSROOT=/srv/fai/nfsroot + +# Add a line for mirrorhost and installserver when DNS is not available +# on the clients. This line(s) will be added to $nfsroot/etc/hosts. +NFSROOT_ETC_HOSTS="192.168.1.250 faiserver" + +FAI_DEBOOTSTRAP="etch http://faiserver/debian" + +# the encrypted (with md5 or crypt) root password on all install clients during +# installation process; used when log in via ssh; default pw is: fai +FAI_ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1' + +# location of a identity.pub file; this user can log to the install +# clients in as root without a password; only useful with FAI_FLAGS="sshd" +#SSH_IDENTITY=/home/admin/.ssh/identity.pub +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# following lines should be read only for most of you + +FAI_DEBOOTSTRAP_OPTS="--exclude=dhcp-client,info" diff --git a/etc/grml/fai/config/files/etc/fai/menu.lst/FAISERVER b/etc/grml/fai/config/files/etc/fai/menu.lst/FAISERVER new file mode 100644 index 0000000..3a2d232 --- /dev/null +++ b/etc/grml/fai/config/files/etc/fai/menu.lst/FAISERVER @@ -0,0 +1,50 @@ +# grub menu.lst for fai-cd + +# Boot automatically after some secs. +# timeout 15 + +color light-gray/black light-gray/red +default 6 + +title | +root (cd) +title | +title +------------------------------------------------------+ +root (cd) +title | FAI-CD (c) 2005, Thomas Lange, lange@debian.org | +root (cd) +title | _VERSIONSTRING_ | +root (cd) +title +------------------------------------------------------+ +root (cd) +title | +root (cd) +title | + +title Fully Automatic Installation - demohost (pw: installme) +password installme +#root (cd) +kernel /boot/vmlinuz root=/dev/ram0 init=/linuxrc FAI_FLAGS="verbose,createvt,syslogd" FAI_ACTION=install ip=192.168.1.250::::faiserver::off rw +initrd /boot/initrd.img + +title Fully Automatic Installation with GNOME (pw: installme) +password installme +root (cd) +kernel /boot/vmlinuz root=/dev/ram0 init=/linuxrc FAI_FLAGS="verbose,createvt,syslogd" FAI_ACTION=install ip=192.168.1.1::::gnomehost::off rw +initrd /boot/initrd.img + +title Fully Automatic Installation - faiserver (pw: installme) +password installme +#root (cd) +kernel /boot/vmlinuz root=/dev/ram0 init=/linuxrc FAI_FLAGS="verbose,createvt,syslogd" FAI_ACTION=install ip=192.168.1.250::192.168.1.254:255.255.255.0:faiserver::off rw +initrd /boot/initrd.img + +title FAI rescue system, no installation +root (cd) +kernel /boot/vmlinuz root=/dev/ram0 init=/linuxrc FAI_FLAGS="verbose,syslogd,createvt" FAI_ACTION=sysinfo ip=192.168.1.1::::demohost::off rw +initrd /boot/initrd.img + +#title Boot vmlinuz from hda1 +#root (hd0,0) +#kernel /vmlinuz root=/dev/hda1 +#initrd /initrd.img diff --git a/etc/grml/fai/config/files/etc/kernel-img.conf/DEFAULT b/etc/grml/fai/config/files/etc/kernel-img.conf/DEFAULT new file mode 100644 index 0000000..27999ba --- /dev/null +++ b/etc/grml/fai/config/files/etc/kernel-img.conf/DEFAULT @@ -0,0 +1,5 @@ +do_symlinks = Yes +do_initrd = Yes +silent_modules=yes +clobber_modules=yes +do_boot_enable=no diff --git a/etc/grml/fai/config/files/etc/motd/FAIBASE b/etc/grml/fai/config/files/etc/motd/FAIBASE new file mode 100644 index 0000000..9f8fed3 --- /dev/null +++ b/etc/grml/fai/config/files/etc/motd/FAIBASE @@ -0,0 +1,4 @@ + + +Plan your installation, and FAI installs your plan. + diff --git a/etc/grml/fai/config/files/etc/rc2.d/S99fai-setup/FAISERVER b/etc/grml/fai/config/files/etc/rc2.d/S99fai-setup/FAISERVER new file mode 100755 index 0000000..2d1568f --- /dev/null +++ b/etc/grml/fai/config/files/etc/rc2.d/S99fai-setup/FAISERVER @@ -0,0 +1,29 @@ +#! /bin/bash + +# setup script that is only run once at boot time + +echo "Creating the nfsroot for FAI." + +. /etc/fai/fai.conf + +if [ ! -d "$FAI_CONFIGDIR/class" ]; then + mkdir -p $FAI_CONFIGDIR + cp -a /usr/share/doc/fai-doc/examples/simple/* $FAI_CONFIGDIR +fi + +# setup network +dhclient eth0 # connection to the outside world (hopefully) +ifconfig eth0:1 192.168.1.250 # (fixed address of faiserver) +/etc/init.d/nscd restart +/etc/init.d/apache2 restart +/etc/init.d/apt-proxy restart + +fai-setup -v 2>&1 | tee /var/log/fai-setup.log + +# create default pxelinux boot configuration (boot from local disk) +fai-chboot -o default + +echo "Log files are saved to /var/log/fai-setup.log" + +# remove me +rm $0 diff --git a/etc/grml/fai/config/hooks/instsoft.FAIBASE b/etc/grml/fai/config/hooks/instsoft.FAIBASE new file mode 100755 index 0000000..123cbe5 --- /dev/null +++ b/etc/grml/fai/config/hooks/instsoft.FAIBASE @@ -0,0 +1,3 @@ +#! /bin/bash + +[ -s $target/etc/kernel-img.conf ] || fcopy -Bi /etc/kernel-img.conf diff --git a/etc/grml/fai/config/hooks/instsoft.GRML b/etc/grml/fai/config/hooks/instsoft.GRML new file mode 100755 index 0000000..0132f26 --- /dev/null +++ b/etc/grml/fai/config/hooks/instsoft.GRML @@ -0,0 +1,37 @@ +#!/bin/sh +# make sure we have file-rc available before +# package_config/GRML is being executed: +if [ -z "$target" ] ; then + echo "Fatal: $target unset for $0 - can not continue therefore." + exit 1 +fi + +# work around http://trac.lighttpd.net/trac/ticket/657: +echo "Acquire::http::Pipeline-Depth "0";" >> $target/etc/apt/apt.conf + +# install grml keys: +gpg --keyserver subkeys.pgp.net --recv-keys F61E2E7CECDEA787 +gpg --export F61E2E7CECDEA787 > $target/etc/apt/grml.key +chroot $target apt-key add /etc/apt/grml.key + +# finally install file-rc: +chroot $target apt-get update +chroot $target apt-get --download-only --assume-yes install file-rc +chroot $target /bin/sh -c "dpkg -i --force-all /var/cache/apt/archives/file-rc*.deb" +chroot $target apt-get -f install file-rc + +# we don't need the invoke-rc.d and update-rc.d diversion +# because otherwise use of file-rc with aptitude fails: +if [ -L "$target"/usr/sbin/invoke-rc.d ] ; then + rm -f "$target"/usr/sbin/invoke-rc.d + chroot $target dpkg-divert --package fai --rename --remove /usr/sbin/invoke-rc.d +fi +if [ -L "$target"/usr/sbin/update-rc.d ] ; then + dpkg --purge sysv-rc + chroot $target apt-get --assume-yes --reinstall install file-rc +fi + +# debug: +# chroot $target /bin/bash + +# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=3 diff --git a/etc/grml/fai/config/hooks/savelog.LAST.source b/etc/grml/fai/config/hooks/savelog.LAST.source new file mode 100755 index 0000000..789c08e --- /dev/null +++ b/etc/grml/fai/config/hooks/savelog.LAST.source @@ -0,0 +1,125 @@ +#! /bin/bash + +# parse all log files for error messages +# print errors and warnings found to error.log +# WARNING: This will only work with english error messages! + +errfile=$LOGDIR/error.log + +# Define grep patterns. Do not start or end with an empty line! +globalerrorpatterns="error +fail +warn +bad +no space +syntax +Couldn't stat +Cannot access +is bigger than the limit +did not exist +non existent +not found +couldn't +can't +E: Sorry, broken packages +operator expected +ambiguous redirect +No previous regular expression +No such +Device or resource busy +unknown option +[a-z]\+\.log:E: +No candidate version found +segfault +cannot create" + +globalignorepatterns="[a-z]\+\.log:# +libroxen-errormessage +liberror-perl +libgpg-error-dev +libgpg-error0 +^fstab.\+errors=remount +[RT]X packets: +WARNING: unexpected IO-APIC +warned about = ( ) +daemon.warn +kern.warn +rw,errors= +Expect some cache +no error +failmsg +RPC call returned error 101 +deverror.out +(floppy), sector 0 +mount version older than kernel +Can't locate module +Warning only 896MB will be used. +hostname: Host name lookup failure +I can't tell the difference. +warning, not much extra random data, consider using the -rand option +confC._FILE +Warning: 3 database(s) sources +were not found, (but were created) +removing exim +The home dir you specified already exists. +No Rule for /usr/lib/ispell/default.hash. +/usr/sbin/update-fonts-.\+: warning: absolute path +hostname: Unknown server error +EXT2-fs warning: checktime reached +RPC: sendmsg returned error 101 +can't print them to stdout. Define these classes +warning: downgrading +suppress emacs errors +echo Error: +Can't open dependencies file +documents in /usr/doc are no longer supported +if you have both a SCSI and an IDE CD-ROM +Warning: /proc/ide/hd?/settings interface is obsolete, and will be removed soon +Monitoring disabled +kernel-patch-badram +Error: only one processor found. +Error Recovery Strategy: +sector 0 does not have an +syslogin_perform_logout: logout() returned an error +grub is not in an XFS filesystem. +is harmless +not updating .\+ font directory data. +register_serial(): autoconfig failed +Fontconfig error: Cannot load default config file +asking for cache data failed +However, I can not read the target: +fai-kernels/modules.dep: No such file +Warning: The partition table looks like it was made +task_error=0 +^info: Trying to set +warning: /usr/lib/X11/fonts +gstreamer0.10-plugins-bad +can't read /etc/udev/rules.d/z25_persistent-net.rules +/cow': No such file or directory +cdrom: open failed." +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# Here you can define your own patterns. Put one pattern in a line, +# do not create empty lines. +myerrorpatterns="XXXXX" +myignorepatterns="XXXXX" +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# The main routine +errorpatterns="$globalerrorpatterns +$myerrorpatterns" +ignorepatterns="$globalignorepatterns +$myignorepatterns" + +cd $LOGDIR || exit 3 +if [ -s $errfile ]; then + echo "Errorfile already exists. Aborting." + exit +fi + +grep -i "$errorpatterns" *.log | grep -vi "$ignorepatterns" > $errfile + +if [ -s $errfile ]; then + echo "ERRORS found in log files. See $errfile." +else + echo "Congratulations! No errors found in log files." + export flag_reboot=1 +fi diff --git a/etc/grml/fai/config/package_config/DEFAULT b/etc/grml/fai/config/package_config/DEFAULT new file mode 100644 index 0000000..870ae83 --- /dev/null +++ b/etc/grml/fai/config/package_config/DEFAULT @@ -0,0 +1,20 @@ +PACKAGES aptitude I386 +linux-image-486 +memtest86+ + +PACKAGES aptitude CHROOT +linux-image-486- +inux-image-amd64- + +PACKAGES aptitude AMD64 +inux-image-amd64 +memtest86+ + +PACKAGES aptitude DHCPC +dhcp3-client + +PACKAGES aptitude GRUB +grub lilo- + +PACKAGES aptitude LILO +lilo grub- diff --git a/etc/grml/fai/config/package_config/DEMO b/etc/grml/fai/config/package_config/DEMO new file mode 100644 index 0000000..5cc07ac --- /dev/null +++ b/etc/grml/fai/config/package_config/DEMO @@ -0,0 +1,10 @@ +# some packages we need on a demo machine + +PACKAGES aptitude +fortune-mod fortunes +rstat-client #rstatd +rusers rusersd + +# only when also class XORG is defined +PACKAGES aptitude XORG +bb frozen-bubble xpenguins diff --git a/etc/grml/fai/config/package_config/FAIBASE b/etc/grml/fai/config/package_config/FAIBASE new file mode 100644 index 0000000..15446a3 --- /dev/null +++ b/etc/grml/fai/config/package_config/FAIBASE @@ -0,0 +1,24 @@ +PACKAGES aptitude +cfengine2 +cron +debconf-utils +discover +file +hdparm +jove +less +linuxlogo +nfs-common +nscd +rdate +rsync +rsh-client +openssh-client openssh-server +strace +sysutils +tcsh +time +eject +locales +console-common +pciutils usbutils diff --git a/etc/grml/fai/config/package_config/FAISERVER b/etc/grml/fai/config/package_config/FAISERVER new file mode 100644 index 0000000..7e3c337 --- /dev/null +++ b/etc/grml/fai/config/package_config/FAISERVER @@ -0,0 +1,12 @@ +PACKAGES aptitude-r +fai-kernels fai-quickstart + +dhcp3-server dhcp3-client tftpd-hpa +rsh-server wget syslinux +debmirror tcpdump +apache2 +apt-move mkisofs grub +apt-proxy lftp + +PACKAGES aptitude-r I386 +mknbi mkinitrd-cd diff --git a/etc/grml/fai/config/package_config/GERMAN b/etc/grml/fai/config/package_config/GERMAN new file mode 100644 index 0000000..4ff5951 --- /dev/null +++ b/etc/grml/fai/config/package_config/GERMAN @@ -0,0 +1,6 @@ +PACKAGES aptitude-r +german + +PACKAGES aptitude GNOME +mozilla-firefox-locale-de-de +thunderbird-locale-de diff --git a/etc/grml/fai/config/package_config/GNOME b/etc/grml/fai/config/package_config/GNOME new file mode 100644 index 0000000..60b46ac --- /dev/null +++ b/etc/grml/fai/config/package_config/GNOME @@ -0,0 +1,11 @@ +PACKAGES aptitude + +mozilla-browser- +gnome-desktop-environment +firefox +firefox-gnome-support +thunderbird +thunderbird-gnome-support +menu gdm +gnumeric +gnome-apt diff --git a/etc/grml/fai/config/package_config/GRML b/etc/grml/fai/config/package_config/GRML new file mode 100644 index 0000000..cf82cb7 --- /dev/null +++ b/etc/grml/fai/config/package_config/GRML @@ -0,0 +1,72 @@ +PACKAGES aptitude + +aumix alsa-utils +bzip2 +cfengine2 +console-common +cron +dctrl-tools +debconf-utils +deborphan +discover +eject +file +grml +grml2hd +grml2hd-utils +grml2usb +grml-autoconfig +grml-crypt +grml-debian-keyring +grml-debootstrap +grml-debugtools +grml-docs +grml-etc +grml-etc-core +grml-files +grml-hwinfo +grml-kerneladdons-2.6.22 linux-image-2.6.22-grml +grml-laptop +grml-mercurial-utils +grml-network +grml-policyrcd +grml-pylib +grml-rebuildfstab +grml-saveconfig +grml-scanpartitions +grml-scripts +grml-sectools +grml-shlib +grml-templates +grml-terminalserver +grml-usleep +grml-vpn +hdparm +htop +hwinfo +idesk +iptstate +less +linuxlogo +live-initramfs +locales +lvm2 +mdadm +multitail +nfs-common +nscd +openssh-client openssh-server +pciutils usbutils +postfix +powernowd +rdate +resolvconf +rsh-client +rsync +strace +syslog-ng +sysutils +tcsh +time +usbutils +wireless-tools wpasupplicant diff --git a/etc/grml/fai/config/package_config/GRML_FULL b/etc/grml/fai/config/package_config/GRML_FULL new file mode 100644 index 0000000..e2ba75f --- /dev/null +++ b/etc/grml/fai/config/package_config/GRML_FULL @@ -0,0 +1,3 @@ +PACKAGES aptitude + +vim vim-addon-manager vim-common vim-gtk vim-gui-common vim-latexsuite vim-python vim-ruby vim-runtime vim-scripts vim-vimoutliner diff --git a/etc/grml/fai/config/package_config/GRML_X b/etc/grml/fai/config/package_config/GRML_X new file mode 100644 index 0000000..00e0771 --- /dev/null +++ b/etc/grml/fai/config/package_config/GRML_X @@ -0,0 +1,14 @@ +PACKAGES aptitude + +grml-ddcxinfo +grml-desktop +grml-x +xserver-xorg-input-vmmouse +xterm xcursor-themes +xfonts-100dpi +xfonts-75dpi +xfonts-base +dillo +gkrellm +fluxbox +vim-gtk diff --git a/etc/grml/fai/config/package_config/XORG b/etc/grml/fai/config/package_config/XORG new file mode 100644 index 0000000..cfe06c0 --- /dev/null +++ b/etc/grml/fai/config/package_config/XORG @@ -0,0 +1,5 @@ +PACKAGES aptitude +xorg xserver-xorg-video-all xserver-xorg-input-all +ttf-freefont type1inst +xscreensaver +xscreensaver-gl diff --git a/etc/grml/fai/config/scripts/GRML/10-build-initramfs b/etc/grml/fai/config/scripts/GRML/10-build-initramfs new file mode 100755 index 0000000..1d5512e --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML/10-build-initramfs @@ -0,0 +1,7 @@ +#!/bin/sh +set -u +set -e + +FILE=$(ls -1 "$target"/boot/vmlinuz-* | sort -r | head -1) +KERNELVERSION=$(echo "${FILE##$target/boot/vmlinuz-}") +chroot $target update-initramfs -c -t -k $KERNELVERSION diff --git a/etc/grml/fai/config/scripts/GRML/20-sudo b/etc/grml/fai/config/scripts/GRML/20-sudo new file mode 100755 index 0000000..4bf8c76 --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML/20-sudo @@ -0,0 +1,36 @@ +#!/bin/sh +set -u +set -e + +cat > "$target"/etc/sudoers << EOF +# sudoers file. +# This file MUST be edited with the "visudo" command as root. +# See the man page for details on how to write a sudoers file. + +# Host alias specification + +# User alias specification + +# Cmnd alias specification + +# User privilege specification +root ALL=(ALL) ALL + +# WARNING: This allows the unprivileged grml user to start commands as root +# WARNING: This is totally insecure and (almost) makes grml a second root account. +# WARNING: Never allow external access to the grml user!!! +grml ALL=NOPASSWD: ALL + +# allow editing of files with editor: +# grml ALL=NOPASSWD: sudoedit + +# usage examples: +# grml ALL=NOPASSWD: /sbin/hdparm +# grml ALL=NOPASSWD: /usr/sbin/hwinfo +# Cmnd_Alias DEBIAN = /usr/bin/apt-get, /usr/bin/dpkg, /usr/bin/auto-apt, /usr/bin/apt-file +# grml ALL=NOPASSWD: DEBIAN +# chroot ALL=NOPASSWD: /usr/sbin/chroot, /bin/su - chroot +# chroot ALL=NOPASSWD: /usr/sbin/chroot, /bin/su - chroot + +secvpn ALL=NOPASSWD: /usr/sbin/secvpn, /usr/sbin/pppd +EOF diff --git a/etc/grml/fai/config/scripts/GRML/21-usersetup b/etc/grml/fai/config/scripts/GRML/21-usersetup new file mode 100755 index 0000000..bc53220 --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML/21-usersetup @@ -0,0 +1,12 @@ +#!/bin/sh +set -u +set -e + +chroot "$target" addgroup --gid 1000 grml +chroot "$target" useradd -d /home/grml -m -s /bin/zsh -g 1000 grml + +sed -i 's/^root::/root:*:/' "$target"/etc/shadow +sed -i 's/^grml::/grml:*:/' "$target"/etc/shadow + +chroot "$target" chsh -s /bin/zsh root +chroot "$target" chsh -s /bin/zsh grml diff --git a/etc/grml/fai/config/scripts/GRML/25-locales b/etc/grml/fai/config/scripts/GRML/25-locales new file mode 100755 index 0000000..79f2d25 --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML/25-locales @@ -0,0 +1,6 @@ +#!/bin/sh +set -u +set -e + +cp "$target"/etc/locale.gen.minimal "$target"/etc/locale.gen +chroot "$target" locale-gen diff --git a/etc/grml/fai/config/scripts/GRML/30-fstab b/etc/grml/fai/config/scripts/GRML/30-fstab new file mode 100755 index 0000000..7b91a92 --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML/30-fstab @@ -0,0 +1,28 @@ +#!/bin/sh +set -u +set -e + +cat > "$target"/etc/fstab << EOF +# /etc/fstab - static file system information +# +proc /proc proc rw,nosuid,nodev,noexec 0 0 +none /proc/bus/usb usbfs defaults,noauto 0 0 +sysfs /sys sysfs rw,nosuid,nodev,noexec 0 0 +devpts /dev/pts devpts noauto,mode=0622 0 0 +/dev/fd0 /mnt/floppy auto users,noauto,exec 0 0 +/dev/external /mnt/external auto users,noauto,exec,rw,uid=grml,gid=grml 0 0 +/dev/external1 /mnt/external1 auto users,noauto,exec,rw,uid=grml,gid=grml 0 0 +/dev/cdrom /mnt/cdrom auto users,noauto,exec,ro 0 0 +/dev/dvd /mnt/dvd auto users,noauto,exec,ro 0 0 +# some other examples: +# /dev/hda1 /Grml ext3 dev,suid,user,noauto 0 2 +# //1.2.3.4/pub /smb/pub smbfs defaults,user,noauto,uid=grml,gid=grml 0 0 +# linux:/pub /beer nfs defaults 0 0 +# tmpfs /tmp tmpfs size=300M 0 0 +# none /proc/bus/usb usbfs defaults,nodev,noexec,nosuid,noauto,devgid=1001,devmode=664 0 0 +# 192.168.1.101:/backups /mnt/nfs nfs defaults,users,wsize=8192,rsize=8192 0 0 +# +# Warning! Please do *not* change any lines below because they are auto-generated by rebuildfstab! +# If you want to disable rebuildfstab set CONFIG_FSTAB='no' in /etc/grml/autoconfig! +# See 'man grml-rebuildfstab' for more details about the following entries. +EOF diff --git a/etc/grml/fai/config/scripts/GRML/31-motd b/etc/grml/fai/config/scripts/GRML/31-motd new file mode 100755 index 0000000..705446c --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML/31-motd @@ -0,0 +1,5 @@ +#!/bin/sh +set -u +set -e + +chroot "$target" mv /etc/motd.dpkg-new /var/run/motd diff --git a/etc/grml/fai/config/scripts/GRML/33-aptsetup b/etc/grml/fai/config/scripts/GRML/33-aptsetup new file mode 100755 index 0000000..817c5ee --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML/33-aptsetup @@ -0,0 +1,25 @@ +#!/bin/sh +set -u +set -e + +rm -f "$target/etc/apt/sources.list" + +chroot "$target" ln -s /etc/apt/sources.list.grml /etc/apt/sources.list + +cat > "$target"/etc/apt/preferences << EOF +// main grml-repository: +Package: * +Pin: origin deb.grml.org +Pin-Priority: 996 + +// fallback grml-repository: +Package: * +Pin: origin grml.org +Pin-Priority: 995 + +// debian unstable pool (default): +Package: * +Pin: release a=unstable,o=Debian +Pin-Priority: 991 + +EOF diff --git a/etc/grml/fai/config/scripts/GRML/34-hosts b/etc/grml/fai/config/scripts/GRML/34-hosts new file mode 100755 index 0000000..63b1409 --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML/34-hosts @@ -0,0 +1,17 @@ +#!/bin/sh +set -u +set -e + +cat > "$target"/etc/hosts << EOF +127.0.0.1 grml localhost + +# The following lines are desirable for IPv6 capable hosts +# (added automatically by netbase upgrade) + +::1 ip6-localhost ip6-loopback grml +fe00::0 ip6-localnet +ff00::0 ip6-mcastprefix +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters +ff02::3 ip6-allhosts +EOF diff --git a/etc/grml/fai/config/scripts/GRML/35-network b/etc/grml/fai/config/scripts/GRML/35-network new file mode 100755 index 0000000..759634b --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML/35-network @@ -0,0 +1,11 @@ +#!/bin/sh +set -u +set -e + +cat >> "$target"/etc/network/interfaces << EOF +# The loopback interface +# automatically added when upgrading +auto lo +iface lo inet loopback +EOF + diff --git a/etc/grml/fai/config/scripts/GRML/90-update-alternatives b/etc/grml/fai/config/scripts/GRML/90-update-alternatives new file mode 100755 index 0000000..6100e77 --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML/90-update-alternatives @@ -0,0 +1,7 @@ +#!/bin/sh +set -u +set -e + +if [ -r "$target"/usr/bin/vim.basic ] ; then + chroot "$target" update-alternatives --set editor /usr/bin/vim.basic +fi diff --git a/etc/grml/fai/config/scripts/GRML/98-clean-chroot b/etc/grml/fai/config/scripts/GRML/98-clean-chroot new file mode 100755 index 0000000..17222f6 --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML/98-clean-chroot @@ -0,0 +1,7 @@ +#!/bin/sh +set -u +set -e + +cp /etc/fai/grml/grml_cleanup_chroot "$target/root/" +chroot "$target" /root/grml_cleanup_chroot +rm "$target/root/grml_cleanup_chroot" diff --git a/etc/grml/fai/config/scripts/GRML/99-finish-grml-build b/etc/grml/fai/config/scripts/GRML/99-finish-grml-build new file mode 100755 index 0000000..7c58255 --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML/99-finish-grml-build @@ -0,0 +1,5 @@ +#!/bin/sh +set -u +set -e + +touch "$target"/etc/grml_cd diff --git a/etc/grml/fai/config/scripts/GRML_X/32-xorg b/etc/grml/fai/config/scripts/GRML_X/32-xorg new file mode 100755 index 0000000..22227fa --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML_X/32-xorg @@ -0,0 +1,7 @@ +#!/bin/sh +set -u +set -e + +if [ -r "$target/etc/X11/xorg.conf" ] ; then + mv -f "$target"/etc/X11/xorg.conf "$target"/etc/X11/xorg.conf.debian +fi diff --git a/etc/grml/fai/config/scripts/GRML_X/90-update-alternatives b/etc/grml/fai/config/scripts/GRML_X/90-update-alternatives new file mode 100755 index 0000000..6a5fd56 --- /dev/null +++ b/etc/grml/fai/config/scripts/GRML_X/90-update-alternatives @@ -0,0 +1,11 @@ +#!/bin/sh +set -u +set -e + +if [ -r "$target"/usr/bin/xterm ] ; then + chroot "$target" update-alternatives --set x-terminal-emulator /usr/bin/xterm +fi + +if [ -r "$target"/etc/X11/cursors/whiteglass.theme ] ; then + chroot "$target" update-alternatives --set x-cursor-theme /etc/X11/cursors/whiteglass.theme +fi diff --git a/etc/grml/fai/fai.conf b/etc/grml/fai/fai.conf new file mode 100644 index 0000000..648c402 --- /dev/null +++ b/etc/grml/fai/fai.conf @@ -0,0 +1,36 @@ +# $Id: fai.conf 4294 2007-06-10 11:06:11Z lange $ + +# /etc/fai/fai.conf -- configuration for FAI (Fully Automatic Installation) + +# Access to Debian mirror via NFS mounted directory +# If FAI_DEBMIRROR is defined, install clients mount it to $MNTPOINT +#FAI_DEBMIRROR=yournfs debianmirror:/path/to/debianmirror + +# LOGUSER: an account on the install server which saves all log-files +# and which can change the kernel that is booted via network. +# Configure .rhosts for this account and PAM, so that root can log in +# from all install clients without password. This account should have +# write permissions for /srv/tftp/fai. For example, you can use write +# permissions for the group linuxadm. chgrp linuxadm /srv/tftp/fai;chmod +# g+w /srv/tftp/fai. If the variable is undefined, this feature is disabled. +# Define it, to enable it, eg. LOGUSER=fai +LOGUSER= + +# set protocol type for saving logs. Values: ssh, rsh, ftp +FAI_LOGPROTO=ssh + +# the configuration space on the install server +FAI_CONFIGDIR=/etc/grml/fai/config + +# how to access the fai config space +# default if undefined here: nfs://`hostname`/$FAI_CONFIGDIR +# supported URL-types: nfs, file, cvs, cvs+ssh, svn+file, svn+http,... +#FAI_CONFIG_SRC=nfs://yourservername$FAI_CONFIGDIR + +# the following variables are read only for most users + +# mount point where the mirror will be mounted +MNTPOINT=/media/mirror + +# the local configuration directory on the install client +FAI=/var/lib/fai/config diff --git a/etc/grml/fai/grml/grml_cleanup_chroot b/etc/grml/fai/grml/grml_cleanup_chroot new file mode 100755 index 0000000..04bb3bb --- /dev/null +++ b/etc/grml/fai/grml/grml_cleanup_chroot @@ -0,0 +1,507 @@ +#!/bin/bash +# Filename: grml.clean +# Purpose: clean up grml chroot +# Authors: (c) Michael Prokop +# Bug-Reports: see http://grml.org/bugs/ +# License: This file is copyright by Michael Prokop +# Latest change: Thu May 17 15:44:56 CEST 2007 [mika] +################################################################################ + +# misc stuff + umask 022 + . /etc/grml_colors || exit 5 + . /etc/grml/lsb-functions || exit 6 + +# /usr/share/doc/texlive-latex-recommended/latex/ +# /usr/share/doc/texlive-latex-base/latex/ +# /usr/share/doc/texlive-base-bin/pdftex/thanh/ +# /usr/share/doc/texlive-latex-base/latex/base/ +# /usr/share/doc/texlive-latex-base/latex/hyperref/ +# /usr/share/doc/texlive-latex-base/generic/babel/ +# /usr/share/doc/texlive-latex-recommended/latex/koma-script/ +# /usr/share/doc/texmf/pgf/pgfmanual.pdf.gz + +# variables + grep -q small /etc/grml_version && GRML_SMALL=yes || GRML_SMALL='' + [ -x /lib64 ] && GRML64=yes || GRML64='' + if [ -n "$GRML_SMALL" ] ; then + echo -n 'Are you sure you want to run GRML_SMALL stuff? [y|N] ' + read a + if [ "$a" == 'y' ] ; then + echo 'Continuing as requested.' + else + echo 'Exiting as requested.' + unset GRML_SMALL + exit 1 + fi + fi + +# detect kernel version, assume newest kernel version + KERNEL=$(ls -1 /lib/modules/ | sort -r -u | head -1) + +if [ -f /usr/share/fonts/X11/misc/artwiz-cursor.pcf.gz ] ; then + if dpkg-divert --list artwiz-cursor | grep -q /usr/share/fonts/X11/misc/cursor.pcf.gz ; then + eerror "Broken diversion of artwiz-cursor, see #341397" + exit 1 + fi +fi + +#if [ -r /usr/share/fonts/X11/misc/cursor.pcf.gz ] ; then +# einfo "Fixing the broken artwiz-cursor" +# ( cd /usr/share/fonts/X11/misc/ && \ +# dpkg-divert --remove /usr/share/fonts/X11/misc/cursor.pcf.gz && mkfontdir ) +# eend $? +#fi + +# start of main cleanup process... +if ! [ -r /boot/config-"$KERNEL" ] ; then + eerror "/boot/config-$KERNEL not available. \$KERNEL not set to correct value?" + eend 1 + exit 9 +fi + +einfo "Preparing grml-system: `cat /etc/grml_version`." ; eend 0 + +einfo "Setting up /etc/motd.tail" +echo "" > /etc/motd.tail ; eend 0 + +einfo "Do not forget to run the final check:" + eindent + einfo 'adjust grml-version: vim -X /etc/grml_version' + einfo 'is runlevel.conf ok: vimdiff -X /etc/runlevel.conf /etc/runlevel.conf.livecd' + einfo 'find old files: find /etc -name \*dpkg\*' + einfo "delete conffiles: dpkg --purge \`dpkg --list | grep '^rc' | awk '{print \$2}'\`" + einfo 'dangling symlinks: ls **/*(-@)' + eoutdent + +einfo "Setting up /etc/modules: " +cat>/etc/modules<> /etc/modules +grep '^[a-z]' /etc/grml/modules >> /etc/modules +eend 0 + +einfo "Setting up /etc/inittab" +if [ -z "$GRML_SMALL" ] ; then + cp /etc/inittab.grml /etc/inittab +else + cp /etc/inittab.small /etc/inittab +fi +eend 0 + +if [ -z "$GRML_SMALL" ] ; then + if [ -L /usr/include/linux ] ; then + einfo "/usr/include/linux is ok" ; eend 0 + elif [ -n "$GRML64" ] ; then + if [ -d /usr/src/linux-headers-"$KERNEL" ] ; then + einfo "grml64 detected, assuming /usr/src/linux-headers-$KERNEL is ok." ; eend 0 + else + eerror "/usr/src/linux-headers-$KERNEL not found, exiting." ; eend 1 + exit 10 + fi + elif [ -d /usr/src/linux-headers-"$KERNEL" ] ; then + eerror "/usr/include/linux is NOT a symlink to /usr/src/linux/include/linux/ - error" + eend 1 + exit 10 + else + ewarn "linux-headers-$KERNEL not installed." ; eend 0 + fi +fi + +einfo "Creating ~/.zshrc" + touch ~/.zshrc +eend $? + +if [ -r /usr/share/lintian/overrides/ion3 ] ; then + einfo "Stripping ion3-stuff" + cat /usr/share/lintian/overrides/ion3 | sed 's#.*./usr#/usr#' | \ + sed 's/.comment//' | xargs strip --strip-unneeded ; eend $? +else + ewarn "ion3 not installed" ; eend 0 +fi + +if [ -d /usr/lib/valgrind/x86-linux/ ] ; then + einfo "Stripping /usr/lib/valgrind/x86-linux/" + strip --strip-unneeded /usr/lib/valgrind/x86-linux/* + eend $? +else + ewarn "valgrind not installed" ; eend 0 +fi + +if [ -x /usr/sbin/localepurge ] ; then + einfo "Running localepurge" + localepurge ; eend $? +else + ewarn "localepurg not available" ; eend 0 +fi + +if [ -d /var/lib/backuppc/pc/localhost/ ] ; then + einfo "Cleaning /var/lib/backuppc/pc/localhost/" + rm -rf /var/lib/backuppc/pc/localhost/* ; eend $? +else + ewarn "backuppc not installed" ; eend 0 +fi + +# find /var -name \*.pid +einfo "Removing pid-files" + find /var/run -name \*.pid -exec rm {} \; +eend $? + +einfo "Unmounting proc, /dev/pts, /dev/capi" + umount /proc 2>/dev/null + umount /dev/pts 2>/dev/null + umount /dev/capi 2>/dev/null + umount -a 2>/dev/null +eend $? + +einfo "Removing initrd-images" + rm -f /boot/initrd.img-* +eend $? + +einfo "Removing /var/lib/apt/lists/*-stuff, dpkg-status-old and pkgcache.bin" + # for i in $(find /var/lib/apt/lists -type f \( -name \*Packages -o -name \*Sources \) 2>/dev/null); do :>"$i"; done + # for i in /var/lib/apt/lists/*_{Release,Packages,Sources}; do :>$i; touch -t 198103190000.00 $i; done + # sync-available 2>/dev/null + # apt-get check + rm -f /var/lib/apt/lists/*Packages + rm -f /var/lib/apt/lists/*Release + rm -f /var/lib/apt/lists/*Sources + rm -f /var/lib/apt/lists/*.gpg + rm -f /var/cache/apt-show-versions/* + # :> /var/cache/apt/pkgcache.bin + # :> /var/cache/apt/srcpkgcache.bin + rm -f /var/cache/debconf/templates.dat-old + rm -f /var/cache/apt/*.bin + apt-get check 2>/dev/null + dpkg --clear-avail + apt-cache gencaches 2>/dev/null + rm -f /var/lib/dpkg/status-old + rm -f /var/lib/dpkg/available-old +eend $? + +if [ -x /usr/bin/grep-dctrl ] ; then + einfo "Cleaning up /var/lib/dpkg/status" + grep-dctrl -v -F Status "purge ok not-installed" /var/lib/dpkg/status > status.new && \ + cp status.new /var/lib/dpkg/status && chmod 644 /var/lib/dpkg/status && \ + chown root:root /var/lib/dpkg/status && rm status.new && eend 0 || eend 1 +else + ewarn "Warning: /usr/bin/grep-dctrl not available." +fi + +einfo "Copying original runlevel.conf to /etc/runlevel.conf" + if ! [ -z $GRML_SMALL ] ; then + cp /etc/runlevel.conf.livecd.small /etc/runlevel.conf + else + cp /etc/runlevel.conf.livecd /etc/runlevel.conf + fi +eend $? + +einfo "Removing x-server-conffiles" + rm -f /etc/X11/xorg.conf /etc/X11/XF86Config-4 \ + /etc/X11/XF86Config /etc/XF86Config /etc/XF86Config-4 +eend $? + +einfo "Removing ssh-keys" + rm -f /etc/ssh/*key* +eend $? + +# remove only "temporary" or saved files in the given directories +nuke(){ + for i in `find "$@" -name \*.gz -o -name \*.bz2 -o -name \*.0 2>/dev/null`; do + rm -f "$i" + done +} + +# set all files in the given directories to a length of zero +zero(){ + for i in `find "$@" -type f -size +0 -not -name \*.ini 2>/dev/null`; do + :> "$i" + done +} + +#rmdir /mnt/cdrom?* /mnt/hd?* 2>/dev/null + +#for i in `find /usr/*/man -name \*.\[0-9ln\]` ; do +# [ -f "$i".gz -o -f "$i".bz2 ] && rm -f "$i" +#done + +if [ -d /var/spool/squid/ ] ; then + einfo "Cleaning /var/spool/squid/0*" + rm -rf /var/spool/squid/0* + eend $? +else + ewarn "update-ca-certificates not installed" ; eend 0 +fi + +# delete old dowloaded packages +einfo "Running apt-get clean" + apt-get clean +eend $? + +# remove files from packages which have been removed +# COLUMNS=200 dpkg --purge `dpkg -l | grep '^rc' | awk '{ print $2 }'` + +if [ -x /usr/bin/nvi ] ; then + if ! [ -d /var/tmp/vi.recover ] ; then + einfo "Creating nvi /var/tmp directory" + mkdir -p /var/tmp/vi.recover + chown root:root /var/tmp/vi.recover + chmod 1777 /var/tmp/vi.recover + eend $? + fi +else + ewarn "nvi not installed" ; eend 0 +fi + +if [ -x /sbin/depmod ] ; then + if [ -r /lib/modules/$KERNEL ] ; then + einfo "Updating modules.dep for kernel $KERNEL" + # depmod -a $KERNEL + depmod -ae -F /boot/System.map-"$KERNEL" "$KERNEL" + eend $? + fi +else + ewarn "depmod not installed" ; eend 0 +fi + +if [ -n "$NOONLINE" ] ; then + einfo "\$NOONLINE is set, skipping online tasks" ; eend 0 +else + +if [ -x /usr/bin/freshclam ] ; then + einfo "Updating clamav database via running freshclam" + /usr/bin/freshclam ; eend $? +else + ewarn "freshclam not installed" ; eend 0 +fi + +if [ -x /usr/bin/update-pciids ] ; then + einfo "Updating PCI- and USB-ids" + update-pciids + update-usbids +# ls -la /usr/share/misc/*.ids* +# ls -la /var/lib/usbutils/usb* + eend $? +else + ewarn "update-pciids/update-usbids not installed" ; eend 0 +fi + +if [ -x /usr/sbin/nessus-update-plugins ] ; then + einfo "Updating nessus-plugins" + nessus-update-plugins + eend $? +else + ewarn "nessus-update-plugins not installed" ; eend 0 +fi + +fi # end of $NOONLINE-check + +einfo "Cleaning and removing some misc files and directories" + rm -f /etc/sysconfig/* /etc/motd.dpkg-new /etc/auto.master.distrib.dpkg-new \ + /etc/samba/*.SID /etc/samba/*.tdb /dev/mouse* /dev/cdrom* /dev/cdwriter* \ + /var/run/*/* /var/run/* /var/log/ksymoops/* /var/lock/*/* /var/lock/* \ + /var/state/*/* /var/state/* /var/log/nessus/* \ + /halt /reboot /ash.static /etc/dhcpc/*.info /etc/dhcpc/resolv* \ + /etc/resolv.conf /etc/*passwd- /etc/*shadow- /etc/*group- \ + /var/spool/postfix/maildrop/* \ + /etc/lvm/.cache 2>/dev/null + rm -rf /tmp/* /var/tmp/* /var/tmp/.* /var/backups/* /.ssh /root/.ssh /home/*/.ssh \ + /home/grml/* /home/grml/.??* /var/lib/texmf/ls-R /var/spool/texmf/ls-R \ + /var/lib/mysql /var/log/lilo_log.* 2>/dev/null + nuke /var/log /var/cache + zero /var/local /var/log /var/spool \ + /var/lib/games /var/cache/man \ + /var/lib/nfs /var/lib/xkb \ + /var/mail/grml /var/account/pacct + mkdir -p /etc/sysconfig/network-scripts /etc/sysconfig/provider + # Recreate empty utmp and wtmp + :>/var/run/utmp + :>/var/run/wtmp +eend $? + +einfo "Setting up /etc/resolv.conf" + if [ -d /etc/dhcpc ] ; then + cat >/etc/dhcpc/resolv.conf </etc/resolv.conf </dev/null + eend $? +else + ewarn "update-ca-certificates not installed" ; eend 0 +fi + +# some stuff does not have to run every single time... +if [ -n "$FAST" ] ; then + einfo "\$FAST is set, skipping some tasks" ; eend 0 +else + +# regenerate module dependencies and ls.so.cache +if [ -x /sbin/ldconfig ] ; then + einfo "Updating ld.so.cache" + ldconfig + eend $? +else + ewarn "ldconfig not installed" ; eend 0 +fi + +#if [ -r /lib/modules/$KERNEL/ ] ; then +# einfo "Searching for modules not compiled against $KERNEL" +# ( cd /lib/modules/$KERNEL/ && modinfo **/*.ko | grep vermagic | grep -v $KERNEL ) +# eend 0 +#else +# eerror "/lib/modules/$KERNEL/ not found" ; eend 1 +#fi + +if [ -x /usr/bin/update-menus ] ; then + einfo "Updating windowmanager menus" + update-menus -v + eend $? +else + ewarn "update-menus not installed" ; eend 0 +fi + +if [ -x /usr/bin/mktexlsr ] ; then + einfo "Updating texhash" + mktexlsr + eend $? +else + ewarn "mktexlsr not installed" ; eend 0 +fi + +if [ -x /usr/bin/mandb ] ; then + einfo "Updating mandb" + mandb -c + man doesnotexist >/dev/null 2>&1 + eend $? +else + ewarn "mandb not installed" ; eend 0 +fi + +if [ -n "$GRML_SMALL" ] ; then + einfo "Cleaning up /etc/skel..." + rm -rf /etc/skel/.fluxbox + rm -rf /etc/skel/.gkrellm2 + rm -rf /etc/skel/.idesktop + rm -rf /etc/skel/.pekwm + eend $? + + einfo "Cleaning documentation directories..." + mv /usr/share/doc/grml-docs /tmp/ + rm -rf /usr/share/doc + mkdir /usr/share/doc + mv /tmp/grml-docs /usr/share/doc/grml-docs + rm -rf /usr/share/gtk-doc/ + rm -rf /usr/share/man/ + rm -rf /usr/man + rm -rf /usr/share/info + eend $? + + einfo "Creating /usr/share/info/..." + mkdir -p /usr/share/info/ + eend $? +fi + +if [ -d /var/lib/clamav/ ] ; then + einfo "Cleaning /var/lib/clamav/" + rm -f /var/lib/clamav/clamav-* ; eend $? + if [ -f /var/lib/clamav/daily.cvd ] ; then + ( mkdir -p /usr/share/doc/clamav-freshclam/examples/ && \ + cd /usr/share/doc/clamav-freshclam/examples/ && \ + ln -sf /var/lib/clamav/daily.cvd . && \ + ln -sf /var/lib/clamav/main.cvd . ) + fi +else + ewarn "clamav[-freshclam] not installed" ; eend 0 +fi + +if ! [ -r /etc/ld.so.nohwcap ] ; then + einfo "Creating /etc/ld.so.nohwcap" + touch /etc/ld.so.nohwcap +fi + +if [ -x /usr/bin/updatedb ] ; then + einfo "Updating locate-database" + mount -t proc none /proc + updatedb --prunepaths='/tmp /usr/tmp /var/tmp /grml /root /proc /sys' + umount /proc + eend $? +else + ewarn "updatedb not installed" ; eend 0 +fi + +fi # end of $FAST-check + +einfo "Unmounting all filesystems" + umount -a +eend $? + +################################################################################ +# MISC STUFF +# ~~~~~~~~~~ +# +# Security-audit: +# find / \! -type l -perm -2000 -ls > audit/sgid-files +# find / \! -type l -perm -0002 -ls > audit/world-writeable-files +# find / \! -type l -perm -4000 -ls > audit/suid-files +# find / ( -perm 4000 -o -perm -2000 \) -exec ls -ld {} \; +# find / -perm -0777 -type d -ls > audit/writeable-dirs +# find / -size +3000k > audit/big_files.new +# find /all_filesystems -name ".. " -print -xdev | cat -vet +# find / -name ".*" -print -xdev | cat -v > audit/hidden-files +# find / -name ".. " -print -xdev | cat -vet > audit/unusal-file-names +# +# list non-stripped files: +# file /usr/sbin/* | grep -v ', stripped' | grep -v 'perl' | grep -v 'Bourne' | grep -v 'python' | grep -v 'symbolic link' +# +# einfo "Removing unused architecture Kernel sources: " +# for i in `ls -1 /usr/src/linux/arch/ | grep -v i386`; do +# echo -n "$i "; rm -rf /usr/src/linux/arch/"$i" /usr/src/linux/include/asm-"$i" +# done +# eend $? +# +# Is software by grml-repos up2date? +# grep-dctrl --field Maintainer 'Michael Prokop' /var/lib/apt/lists/grml.org_repos_._* | grep Package | awk '{print $2}' | xargs echo +# +# runlevel.conf: +# for file in /etc/init.d/* ; do grep $file -q /etc/runlevel.conf.hdinstall || echo $file not found ; done +################################################################################ +# ISO +# ~~~ +# /usr/bin/mksquashfs /home/mika/grml/chroot/grml_uncompressed.large/* \ +# /home/mika/grml/chroot/grml_cd.large/GRML/GRML -noappend -sort /home/mika/grml/svn/grml/remastering/sort +# +# mkisofs -V "grml 0.8" -publisher 'Michael Prokop ' -l -r \ +# -J -no-emul-boot -boot-load-size 4 -boot-info-table -c boot/isolinux/boot.cat \ +# -b boot/isolinux/isolinux.bin -o /home/mika/grml/chroot/grml_0.8.iso . +# +# vim grml_cd.large/GRML/grml-version +# +# find . -type f -not -name md5sums -not -name boot.cat -exec md5sum {} \; > GRML/md5sums +################################################################################ +# +## END OF FILE ################################################################# diff --git a/etc/grml/fai/make-fai-nfsroot.conf b/etc/grml/fai/make-fai-nfsroot.conf new file mode 100644 index 0000000..e4a6e09 --- /dev/null +++ b/etc/grml/fai/make-fai-nfsroot.conf @@ -0,0 +1,28 @@ +# these variables are only used by make-fai-nfsroot(8) +# here you can use also variables defined in fai.conf + +# directory on the install server where the nfsroot for FAI is +# created, approx size: 250MB, also defined in bootptab or dhcp.conf +NFSROOT=/grml/fai/nfsroot + +# TFTP root directory +TFTPROOT=/srv/tftp/fai + +# Add a line for mirrorhost and installserver when DNS is not available +# on the clients. This line(s) will be added to $nfsroot/etc/hosts. +#NFSROOT_ETC_HOSTS="192.168.1.250 yourinstallserver" + +FAI_DEBOOTSTRAP="etch http://192.168.1.102/debian" +#FAI_DEBOOTSTRAP="etch http://ftp.de.debian.org/debian" + +# the encrypted (with md5 or crypt) root password on all install clients during +# installation process; used when log in via ssh; default pw is: fai +FAI_ROOTPW='$1$kBnWcO.E$djxB128U7dMkrltJHPf6d1' + +# location of a identity.pub file; this user can log to the install +# clients in as root without a password; only useful with FAI_FLAGS="sshd" +#SSH_IDENTITY=/home/admin/.ssh/identity.pub +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# following lines should be read only for most of you + +FAI_DEBOOTSTRAP_OPTS="--exclude=dhcp-client,info" diff --git a/etc/grml/fai/menu.lst b/etc/grml/fai/menu.lst new file mode 100644 index 0000000..38eada8 --- /dev/null +++ b/etc/grml/fai/menu.lst @@ -0,0 +1,44 @@ +# grub menu.lst for fai-cd + +# Boot automatically after some secs. +timeout 30 + +color light-gray/black light-gray/red +default 6 + +title | +root (cd) +title +------------------------------------------------------+ +root (cd) +title | FAI-CD (c) 2006, Thomas Lange, lange@debian.org | +root (cd) +title | _VERSIONSTRING_ | +root (cd) +title +------------------------------------------------------+ +root (cd) +title | +root (cd) +title | + +title boot from local disk +rootnoverify (hd0) +chainloader +1 + +title Fully Automatic Installation - demohost (pw: installme) +password installme +kernel /boot/vmlinuz boot=live FAI_FLAGS="verbose,createvt" FAI_ACTION=install ip=192.168.1.1:::::eth0:off hostname=demohost +initrd /boot/initrd.img + +title Fully Automatic Installation with GNOME (pw: installme) +password installme +kernel /boot/vmlinuz boot=live FAI_FLAGS="verbose,createvt" FAI_ACTION=install ip=192.168.1.1:::::eth0:off hostname=gnomehost +initrd /boot/initrd.img + +title Fully Automatic Installation - faiserver (pw: installme) +password installme +kernel /boot/vmlinuz boot=live FAI_FLAGS="verbose,createvt" FAI_ACTION=install ip=192.168.1.250::192.168.1.254:255.255.255.0::xxx:off hostname=faiserver +initrd /boot/initrd.img + +title FAI rescue system, no installation +kernel /boot/vmlinuz boot=live FAI_FLAGS="verbose,createvt" FAI_ACTION=sysinfo ip=192.168.1.1:::::eth0:off hostname=demohost +initrd /boot/initrd.img diff --git a/initramfs/live.conf b/initramfs/live.conf new file mode 100644 index 0000000..930ae22 --- /dev/null +++ b/initramfs/live.conf @@ -0,0 +1,51 @@ +# /etc/live.conf - configuration file for live-initramfs(7) + +# We have a Debian based system of course: +export BUILD_SYSTEM="Debian" + +# grml specific settings: +export USERNAME="grml" +export USERFULLNAME="grml user" +export HOSTNAME="grml" + +# unionfs or aufs? +export UNIONTYPE="aufs" +# we do not want to have a modified /etc/initab: +export NOAUTOLOGIN="Yes" +# grml does not require /fastboot: +export NOFASTBOOT="Yes" +# disable "mount failed for selinuxfs on /selinux" warning message: +export SELINUX_INIT="No" +# do not touch /etc/sudoers: +export NOSUDO="Yes" +# do not touch anything inside passwd/shadow/group/gshadow: +export NOUSER="Yes" +# do not generate xorg.conf via dexconf - let's use grml-x instead: +export NOXAUTOCONFIG="Yes" +# do not modify /etc/fstab: +export NOFSTAB="Yes" +# do not modify /etc/hosts: +export NOHOSTS="Yes" + +export NOACCESSIBILITY="Yes" +export NOAPPARMOR="Yes" +export NOAPTCDROM="Yes" +export NOCONSOLEKEYBOARD="Yes" +export NOFSTAB="Yes" +export NOKPERSONALIZER="Yes" +export NOKWALLET="Yes" +export NOLANGUAGESELECTOR="Yes" +export NOLOCALES="Yes" +export NONETWORKING="Yes" +export NOPERSISTENT="Yes" +export NOPOWERMANAGEMENT="Yes" +export NOPRESEED="Yes" +export NOPROGRAMCRASHES="Yes" +export NORESTRICTEDMANAGER="Yes" +export NOTIMEZONE="Yes" +export NOUPDATENOTIFIER="Yes" +export NOXAUTOLOGIN="Yes" +export NOXSCREENSAVER="Yes" +export NOGNOMEPANEL="Yes" + +# EOF diff --git a/initramfs/scripts/init-top/grml b/initramfs/scripts/init-top/grml new file mode 100755 index 0000000..43942ba --- /dev/null +++ b/initramfs/scripts/init-top/grml @@ -0,0 +1,134 @@ +#!/bin/sh + +# helper functions {{{ + +echo "debug: scripts/init-top/grml running" + +# get boot command line +CMDLINE="$(cat /proc/cmdline)" + +# Simple shell grep +stringinfile(){ + case "$(cat $2)" in *$1*) return 0;; esac + return 1 +} + +# same for strings +stringinstring(){ + case "$2" in *$1*) return 0;; esac + return 1 +} + +# Reread boot command line; echo last parameter's argument or return false. +getbootparam(){ + stringinstring " $1=" "$CMDLINE" || return 1 + result="${CMDLINE##*$1=}" + result="${result%%[ ]*}" + echo "$result" + return 0 +} + +# Check boot commandline for specified option +checkbootparam(){ + stringinstring " $1" "$CMDLINE" + return "$?" +} + +if checkbootparam "nocolor" ; then + echo "Disabling colors in bootsequence as requested on commandline." + # Reset fb color mode + RESET="]R" + # ANSI COLORS + # Erase to end of line + CRE=" " + # Clear and reset Screen + CLEAR="c" +else + # Reset fb color mode + RESET="]R" + # ANSI COLORS + # Erase to end of line + CRE=" " + # Clear and reset Screen + CLEAR="c" + # Normal color + NORMAL="" + # RED: Failure or error message + RED="" + # GREEN: Success message + GREEN="" + # YELLOW: Descriptions + YELLOW="" + # BLUE: System mesages + BLUE="" + # MAGENTA: Found devices or drivers + MAGENTA="" + # CYAN: Questions + CYAN="" + # BOLD WHITE: Hint + WHITE="" +fi + +log_grml_failure_msg () { + echo -n " ${RED}*${NORMAL} $@" +} + +# int log_grml_begin_message (char *message) +log_grml_begin_msg () { + echo -n " ${GREEN}*${NORMAL} $@" +} + +log_grml_warn_msg () { + echo -n " ${YELLOW}*${NORMAL} $@" +} + +# int log_grml_end_message (int exitstatus) +SUCCESS=" ${BLUE}[ ${GREEN}ok ${BLUE}]${NORMAL}" +FAILED=" ${NORMAL}[${RED}fail${NORMAL}]" + +# }}} + +# welcome splash {{{ + +DISTRI="$(getbootparam 'distri' 2>/dev/null)" +if [ -n "$DISTRI" ] ; then +SPLASH=" +${RED} $DISTRI + +${WHITE}based on grml.org. + +${NORMAL}" +else +SPLASH=" +${RED} ____ ____ __ __ _ +${RED} / ___| _ \| \/ | | +${RED} | | _| |_) | |\/| | | +${RED} | |_| | _ <| | | | |___ +${RED} \____|_| \_\_| |_|_____| + +${WHITE}grml.org - Linux for sysadmins and texttool users. +${NORMAL}" +fi + +echo "" +echo "${WHITE}Welcome to" +echo "$SPLASH" + +# don't output anything if running with bootsplash feature +if checkbootparam "splash" ; then + exec >/dev/null &1 +fi +# }}} + +# No kernel messages while probing modules: +if ! grep -qe debug -qe verbose /proc/cmdline 2>/dev/null ; then + [ -r /proc/sys/kernel/printk ] && echo "0" > /proc/sys/kernel/printk +fi + +if grep -q 'boot=live' /proc/cmdline 2>/dev/null ; then + log_grml_begin_msg "Finished early booting sequence." ; echo "$SUCCESS" + log_grml_begin_msg "Searching for GRML file, this might take a few seconds..." + echo +fi + +# vim: foldmethod=marker expandtab ai ft=sh