http://www.phys.ethz.ch/~franklin/Projects/dphys2/INSTALL copyright ETH Zuerich Physics Departement, use under either BSD or GPL license author Neil Franklin, last modification 2004.10.14 To install/config/use dphys2 do the following: Install on Admin System ======================= 1. Download and unpack the distribution archive file from: http://www.phys.ethz.ch/~franklin/Projects/dphys2/dphys2.tar.gz or http://www.phys.ethz.ch/~franklin/Projects/dphys2-.tar.gz where last milestone/release is =20040219 into your preferred compile/work directory. Note1: this directory must be root writable (not an root-squash NFS mount) Note2: this must be on a filesystem with at least 50MB free space 70MB more if you are going to compile an own kernel / resc disk 10MB each more if you are making CD or netboot I presently use this command sequence for this: cd /usr/local/tar rm -f dphys2.tar.gz wget http://www.phys.ethz.ch/~franklin/Projects/dphys2/dphys2.tar.gz cd /usr/local/src rm -rf dphys2 tar zxpf ../tar/dphys2.tar.gz cd dphys2 or: 1. Download the .deb package file from: http://www.phys.ethz.ch/~franklin/Projects/dphys-pkgtools_-1_all.deb where last milestone/release is =20041014.160051 and install it with dpkg --install dphys-pkgtools_-1_all.deb Configuration of Installer ========================== 2. *PERMISSIONS* Switch to being root which is needed for generating the disk images, else loop mounts will not work, and they will get screwed up file owners on them anyway 3. In the dphys2 directory edit the configuration file dphys2 This one file tells dphys2 all it needs to know about your site and subnet specific details (the rest should default to sensible stuff): - which Debian mirror you are using (CONF_DEBSERVER) - which kernel style you want, 2.2 (if Debian standard = 2.2.20) or 2.4 (if Debian bf24 = 2.4.18) (CONF_KERNEL_24) - layout of keyboard, filename without .kmap.gz ending, relative to /usr/share/keymaps/ (CONF_KEYBD) - select what disk to install on: either what HD to install on (CONF_DISK) or leave this empty to auto-select (hda if it exists, else uses sda) - select what swap system (file or partition) is wanted, and if that is partition the amount wanted (CONF_SWAP_SIZE). - what network card drivers you want to include (CONF_MODULESNET) - network configuration: - if your have DHCP: do nothing - else you want static conf: comment out CONF_DHCP=yes line, set your domain specific network stuff, domain name (CONF_DOMAIN) and DNS servers (CONF_NAMESERVER1 to CONF_NAMESERVER4) [comment out not wanted ones] and subnet specific network stuff (CONF_NETMASK, CONF_NETWORK, CONF_GATEWAY, CONF_BROADCAST) - desired passwords (CONF_PASSWORD_LILO, CONF_PASSWORD_ROOT) - your time zone info, directoryname and filename relative to /usr/share/zoneinfo/ (CONF_TIMEZONE_AREA, CONF_TIMEZONE_PLACE) - your preference on what packages to use (CONF_USE_CONTRIB, CONF_USE_NON_FREE, CONF_USE_PROPOSED) - your Debian mirrors for non-US and security packages, if you want any (CONF_DEBSERVER_NON_US, CONF_DEBSERVER_SECURITY) - if you want to make an bootable CD: your CD burner details (CONF_INST_CD) - if you want to make an PXE boot: your bootserver details (CONF_INST_PXE) 4. If you want to make an own kernel, select in dphys2: - your kernel archive (CONF_KERNEL_OWN) - your kernel config, if not taken from Debian (CONF_KERNEL_CONFIG) - where to place the generated rescue and drivers.tgz (CONF_INST_SERVER, CONF_USER and CONF_INST_BASE) - where to find them by the machines being installed (CONF_OWNSERVER) Your kernel config is NOT ALLOWED to have in it: - devfs (CONFIG_DEVFS_FS), as old style /dev/* names are used and needed Your kernel config MUST HAVE the following COMPILED IN (= not as modules): - floppy device (CONFIG_BLK_DEV_FD), for reading 2nd/root floppy (only needed if you are going to make boot floppies, not for CD or PXE) - loopback devide (CONFIG_BLK_DEV_LOOP), for extracting kernel from rescue - RAM disk device (CONFIG_BLK_DEV_RAM), for root filesystem while install - initrd support (CONFIG_BLK_DEV_INITRD), for loading root filesys (only needed if you are going to make an boot CD) - FAT filesystem (CONFIG_FAT_FS + CONFIG_MSDOS_FS), for extracting kernel 5. If you want to automagically run an own script at the end of the first install stage (or have this script install scripts to run in second stage): - uncomment and possibly set the filename (CONF_ENDFIRSTRUN_SCRIPT) See the sample endfirstrun script for what can be done here. It may add an further script to be run in the second stage, setting up an installer for packages and configs we here regard as indispensable. 6. *SECURITY* Ensure that the dphys2 config file is protected and remains so. Else you will compromise your LILO (if used) and root (is used) passwords: chmod 600 dphys2 7. *HARDWARE* Get yourself 2 formatted but empty floppy disks, or an CD-R/RW, or nothing if you are going to netboot. 8. Generate your custom rescue floppy (and its fitting drivers.tgz), or download an standard Debian rescue floppy with: dphs2rescue -dgu # generate/upload rescue image and drivers archive dphs2rescue -i # install (write) rescue image to first floppy # (leave away if making boot CD) 9. Generate the modified root floppy image (possibly using above drivers.tgz) by typing: dphs2root -dgu # generate/upload root image dphs2root -i # install (write) root image to second floppy # (leave away if making boot CD) 10. If you want to make an boot CD: generate the rescue+root iso image with: dphs2cd -dg # generate cd iso image (no upload available) dphs2cd -i # burn the image to the CD 11. If you want to netboot, extract the kernel and root filesystem image with: dphs2pxe -dg # extract boot files dphs2pxe -i # install (upload) the files to TFTP boot server 12. *GOTCHA* If you have not chosen DHCP, you will need to repeat the steps "edit configuration" and "generate root" for each subnet. So you will requires n+1 floppies if you have n subnets. Write on each root floppy which subnet it is for. Confusing them costs an crash-while-install and re-install and such time loss is annoying :-). 13. *FACULTATIVE*: Clean up work directory, and reclaim your space with: dphs2rescue -r # remove files generated by dphs2rescue dphs2root -r # remove files generated by dphs2root dphs2cd -r # remove files generated by dphs2cd dphs2pxe -r # remove files generated by dphs2pxe Actual Installing on each Target ================================ 14. *TARGET* Go to your target system, and boot it from the rescue floppy, load the kernel without any options, and wait for it to demand an root floppy. For CD boot it from from the CD, no need for separate root. 15. Insert the modified root floppy , press enter, and wait for it to be read in, and the dphys2 banner to be displayed. 16. Eject the root floppy, so that the host can auto-reboot from HD later on. 17. Enter your desired hostname. 18. If you are not using DHCP: Enter your desired IP address. 19. *AUTOMATIC* At end of first stage install (in a few minutes time), the host will automatically reboot into 2nd stage of install and continue with that, until it is finished (in a few more minutes time). 20. You can now log in with root and your password (there is no normal user), and have an fully installed Debian woody base system in front of you. Have fun with apt-get. 21. Only the steps "target" to "login" need to be repeated for each host. This is why hostname (and without DHCP IP address) are typed in, to not have to repeat all the floppy generating stuff before. Thats all folks! Facultative stuff after Install =============================== This section describes what we do after the base install, to also automate the rest of an complete install and the operation/update of our systems. You may be interested in also doing it this way. Central to this is the CONF_ENDFIRSTRUN_SCRIPT variable in dphys2, and the included endfirstrun[1] script, which it installs and runs. This script inserts an additional script into Debians base-config scripts, that runs in the second install stage (after the reboot), right at the end (instead of user logging in and running commands on the finished base system). [1] http://www.phys.ethz.ch/~franklin/Projects/dphys2/endfirstrun This additional script automatically: - installs oinetd, so the package server can authentificate if root (our installer) or some user is demanding packages from it. It also checks for registered MAC adresses, so it can trust the oidentd. - adds our local packages server to /etc/apt/sources.list now that it will let us access it - installs our local package dphys-local-admin to configure dphys-admin - installs the package dphys-admin[2], which using its script dphys-admin, installs all the packages we want to have, including dphys-local-* packages which contain all our site configuration files /admin/ [2] http://www.phys.ethz.ch/~franklin/Projects/dphys-admin/ Our entire software list and site configuration has been reengineered and stored in form of quite a few own dphys-* packages[3] and dphys-admin package list files (one site-wide, and 2 pre/post ones host-specific). This gives us near fully automatic system administration, just add file+NIS/LDAP servers with user files/accounts, and of course config packages. [3] in http://debian.ethz.ch/pub/debian-local/dists/woody/local/ public available ones in main, restricted access ones in non-free The packages are stored here on our local packages server, also added to /etc/apt/source.list by endfirstrun. The "main" section is used here by policy for "packages anyone can download from us", while "non-free" is used for "packages restricted to our hosts (containing ssh or license keys or commercial software)", which are only given out to our MAC addresses, and only to root user (as checked with oidentd). We use makesourcepackage[4] to make the packages and makelocalsite[5] to manage the package site, from the dphys-pkgtools[6] package to build the package site. [4] http://www.phys.ethz.ch/~franklin/Projects/dphys-pkgtools/makesourcepackage [5] http://www.phys.ethz.ch/~franklin/Projects/dphys-pkgtools/makelocalsite [6] http://www.phys.ethz.ch/~franklin/Projects/dphys-pkgtools/ Presently only workstations are installed with dphys2. But one could easily also reengineer our servers (except the package server :-)) software and configs into packages, included by the servers host-specific package lists.