xpimage-notes.txt 51.3 KB
Newer Older
1
# Directions for setting up an XP image from scratch.
2 3
# These are raw notes and commands to paste into a shell.
# Mostly Bash shell commands for Windows, some tcsh commands for Boss or Ops.
4 5
# Some (most?) of it could be scriptified with some work. 

6 7
# Notice that this file has spaces instead of tabs at the beginning of lines.
# A tab in either Bash or tcsh causes it to display all of the possible command completions!
8 9 10 11
# Here's a little Emacs keyboard macro to ease the copy-and-paste business:
    ; Copy a command line, leaving off the whitespace on the beginning of the line.
    (fset 'copy-command-line [?\M-m ?\C-  ?\C-e ?\C-f C-insert])
    (global-set-key "\^C\^E" 'copy-command-line)
12

13 14
# By convention, optional "informational" commands are indented a couple of spaces more.
## Debugging and problem-solving stuff is double-# commented.
15 16

alias v 'ls -lsF'               # "Verbose" listing
17 18
setenv en emulab.net
alias rootpc 'sudo ssh pc\!^.$en \!:2*'
19 20
alias rootrd 'rd  -K -g 1280x1024 -u root pc\!^.$en &'

21 22
# In Bash,
alias v='ls -lsF'
23

24
    . Start with a clean XP image, as it comes from the CD.
25

26 27 28 29 30 31 32
      - How to do the Windows XP installation and make a WINXP-BASE image:

        . Swap in a firewalled experiment with a FBSD-STD image.
        . Do "node_admin on" so PXE throws it into the FBSD MFS.
        . Hook up a console, reboot and modify the boot order to boot from the Windows XP CD.

        . Do the Windows installation, adding whatever drivers are needed.
Russ Fish's avatar
Russ Fish committed
33
          - 8 gig is a good size for the XP NTFS partition, of which 4-5 will be user space.
34 35 36 37
            (They can always allocate more later with Disk Manager.)
          - You'll save some work later if you make the first admin user account named "root".

        . Set the usual password for root in Control Panel / User Accounts.
Russ Fish's avatar
Russ Fish committed
38
            It asks whether to make the root files private.  I've been saying "no".
39 40 41 42 43
          - While you're there, click "Change the way users log on or off" and make
            sure "Use Fast User Switching" is turned on.

        . Make sure you turn on Remote Desktop logins under Control Panel / System / Remote (!)

Russ Fish's avatar
Russ Fish committed
44 45
        . Go into Control Panel / Power Options / Hibernate, and make sure it's disabled.
          This will gives you extra gigs of disk space on C: equal to your RAM size .
46 47 48 49 50 51

        . Set the workgroup name to EMULAB in Control Panel/System/Computer Name/Change...
          No need to reboot yet if you have more to do.

        . On reboot, restore the boot order so PXE goes back into the FBSD MFS, and make an image.
          (See imagezip commands below.)  
Russ Fish's avatar
Russ Fish committed
52
          Make sure the Operational Mode is MINIMAL in the Image Descriptor, rather than NORMALv2!
53 54

      - Make a firewalled experiment using the WINXP-BASE image above, log in as "root".
55

56 57 58 59 60 61 62 63 64 65
         . The experiment should be behind a firewall, to avoid contamination.

            # Firewall while making Windows images.
            set fw [new Firewall $ns]
            $fw set-type ipfw2-vlan
            $fw set-style basic

            # Allow Cygwin setup and Windows Update to work.
            $fw add-rule "allow tcp from any to any 80,443 in via vlan0 setup keep-state"

66 67
         . Note that it takes a couple of minutes after booting for the RDP service to start,
           so don't worry if you can't log in at first.
68

69 70 71 72 73 74 75 76 77 78 79
      - Set the Windows "w32time" NTP client to connect to the Emulab NTP host.
        Runs as a service, periodically contacts the time server.
          # ntp1 is a DNS alias for Ops.
          # Do this in a Windows CMD shell, since you don't have Cygwin shells yet.
          net time /querysntp
          # Need to restart w32time before it sees the setsntp configuration. (?)
          net stop w32time
          net time /setsntp:ntp1
          net time /querysntp
          net start w32time
          # May take a minute to take effect.
80 81
             
      - Disable the Messenger Service to keep annoying pop-ups away.
82 83 84
            cygrunsrv -VQ  Messenger
          sc config Messenger start= disabled
          sc stop Messenger
85 86

      - Disable the SSDP Discovery Service and Universal Plug and Play Device Host.
87 88 89 90 91 92 93 94 95 96 97 98
        This closes port 5000 to attacks.  Also disable the Remote Registry service.
            cygrunsrv -VQ  SSDPSRV
            cygrunsrv -VQ  upnphost
            cygrunsrv -VQ  RemoteRegistry

          sc config SSDPSRV start= disabled
          sc config upnphost start= disabled
          sc config RemoteRegistry start= disabled

          sc stop SSDPSRV
          sc stop upnphost
          sc stop RemoteRegistry
99

Russ Fish's avatar
Russ Fish committed
100 101 102 103 104 105
      - Go into Control Panel/Administrative Tools (it's under Performance and
        Maintenance in the new Control Panel interface.)

        . Right-click Start/"Explore All Users" and drag a copy of the Computer
          Management shortcut from Administrative Tools into the All Users/Desktop
          folder.
106

Russ Fish's avatar
Russ Fish committed
107 108 109
      - If you haven't already made a "root" account, go into Computer Management/
        System Tools/Local Users and Groups/Users, put it in the Administrators group.
        . Also make it a member of the Users groups.
110 111 112 113 114 115

      - Start IE, make "blank" the home page. Click Tools/Internet Options/Home page/Use Blank.

      - Show My Computer.  (Desktop Properties/Desktop/Customize Desktop...)
        Turn off "Run Desktop Cleanup Wizard every 60 days".

116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132
      - Create C:/Temp, C:/Software/Cygwin
          # [Windows cmd prompt, there's no Cygwin shell yet...]
          mkdir C:\Temp
          mkdir C:\Software\Cygwin

      - Install Cygwin
        . (Try copying /etc/setup/* from an existing image to script the selection work.)
           # There's no scp to copy them with, so use Windows SMB File Sharing to get it
           # from \\fs\share\windows\cygwin-etc-setup.)
             mkdir C:\cygwin
           # Hm.  Still didn't come up with the added packages selected.
           # When C:\Software\Cygwin/http... is copied, it thinks everything is already installed.
           # Removing the /etc/setup/installed.db file seems not to help.
           # Nothing relevant to install in HKLM/SOFTWARE/Cygnus Solutions/Cygwin, either...

        . Download setup from www.cygwin.com/setup.exe to C:/Software/Cygwin.
          Once you have a Cygwin, you can update the setup.exe by:
133 134 135
           # [On ops.]
           set pc=109
           scp /share/windows/cygwin-setup.exe $pc":"/tmp/setup.exe
136 137 138

        . Run Cygwin setup.exe .
            # After Cygwin in installed, ensure that upgrading SSH won't hang.
139
            net stop sshd
140 141 142
            C:/Software/Cygwin/setup.exe &
        . Install dir is C:\cygwin, package dir is C:\Software\Cygwin .
        . Download site mirror is http://mirrors.xmission.com .
143 144
        . Click [View] to "Not Installed" (alphabetical.)  
          Click on the Skip in the "New" column to add a binary version of:
Russ Fish's avatar
Russ Fish committed
145
            agetty, bison, cvs, cygrunsrv, ed, file, flex, gcc, gdb, inetutils, 
Russ Fish's avatar
Russ Fish committed
146
            make, minires-devel, more, nano, openssh (with src), openssl-devel, 
147
            patch, perl, perl-libwin32, python, rpm, rsync, 
Russ Fish's avatar
Russ Fish committed
148
            shutdown, tcsh, vim, wget, zip .
149
          Click in the "src" column for openssh, so patches can be applied.
150
        . At the end, don't "Create an icon on the Desktop", do "Add icon to Start Menu".
151 152 153 154 155 156 157 158

        . Add ;C:\cygwin\bin to the end of the System PATH in 
          Control Panel/System/Advanced/Environment Variables.

        . Start up a Cygwin shell and fix the shell properties:
            Options QuickEdit Mode on, Layout/screen buffer height 3000, window height 55.
            Check "Modify shortcut that started this window".
          - Might as well fix the Start/Programs/Accessories/Command Prompt properties, too.
Russ Fish's avatar
Russ Fish committed
159 160 161 162 163 164 165
          - Create c:\cygin\cygwin-tcsh.bat as a copy of c:\cygin\cygwin.bat with
            "bash --login -i" changed to "tcsh -l".
               ### Now we can use Cygwin (Bash) shell commands...  ###
               alias v='ls -lsF'
               cd C:/cygwin
               sed 's/bash --login -i/tcsh -l/' < cygwin.bat > cygwin-tcsh.bat
               chmod +x cygwin-tcsh.bat
166
          - Copy the bash shortcut to the All Users/Desktop.  
167
          - Copy it to a tcsh icon as well, changing the Target to c:\cygin\cygwin-tcsh.bat .
168
          - Copy the tcsh icon into All Users/Start Menu/Programs/Cygwin.
Russ Fish's avatar
Russ Fish committed
169 170
               cd C:/Documents\ and\ Settings/All\ Users
               cp -p Desktop/Cygwin\ TCSH\ Shell.lnk Start\ Menu/Programs/Cygwin
171 172 173 174 175 176

        . Set up local homedirs under /home as a symlink.  ~root is already there.
            cd /tmp
            mv /home{,.orig}
            ln -s /cygdrive/c/Documents\ and\ Settings/ /home

Russ Fish's avatar
Russ Fish committed
177 178 179
        . The Windows hosts file should already be symlinked into the Cygwin /etc.
            ls -l /etc/hosts
              ln -s /cygdrive/c/WINDOWS/system32/drivers/etc/hosts /etc/hosts
180 181

        . Create a proper group file.  Make wheel an alias for Administrators.
182 183
            mkgroup -l | \
              awk '/^Administrators:/{print "wheel" substr($0, index($0,":"))} \
184
                   {print}' > /etc/group.new
185 186 187 188 189 190
            diff /etc/group{,.new}
            cp -p /etc/group{,.prev}
            mv /etc/group{.new,}

        . Update the passwd file after creating new accounts.  Make root uid 0 with /home/root.
            mkpasswd -l | awk -F: 'BEGIN{ OFS=":" } \
191 192 193 194
               { if ($1=="root") $3="0"; \
                 else if ($1=="sshd") $NF="/bin/false"; \
                      else sub("/home/", "/users/"); \
                 print }' > /etc/passwd.new
195 196 197
            diff /etc/passwd{,.new}
            cp -p /etc/passwd{,.prev}
            cp -p /etc/passwd{.new,}
198
            chown root /etc/{passwd,group}*
199

Russ Fish's avatar
Russ Fish committed
200 201
            ### Note: the root UID changed from 1003 to 0.  ###
            ### Restart your Bash shell to get the new one before going on!  ###
202

Russ Fish's avatar
Russ Fish committed
203 204 205 206 207 208 209 210 211 212
        . Set up the syslog daemon.  (See usr/share/doc/Cygwin/inetutils-1.3.2.README)
            # Make sure /etc isn't owned by SYSTEM, which will prevent making syslogd.conf .
            chown root /etc
            syslogd-config -y
            # Start the daemon.  It starts automatically at reboot.
            net start syslogd
              # Test.
              logger "Test syslogd."
              tail /var/log/messages

213
        . Set up sshd.  
214
          - Edit /bin/ssh-host-config to add a -i argument to the "cygrunsrv -I sshd" lines.
215
                grep cygrunsrv /bin/ssh-host-config | grep -e -I
216 217 218 219 220
              ed /bin/ssh-host-config
              /cygrunsrv -I sshd/s//& -i/p
              /cygrunsrv -I sshd/s//& -i/p
              w
              q
221
          - Then stop sshd and remove its entry (if previously installed), run ssh-host-config:
222
            (You must be logged in as root over RDP, not ssh when you do this!)
Russ Fish's avatar
Russ Fish committed
223 224 225
                cygrunsrv -VQ sshd
              cygrunsrv -E sshd
              cygrunsrv -R sshd
226 227

              # May need to do some unmounts before running ssh-host-config.
228
              # (It does a mount, and there's a hard-wired limit of 31 mount table entries.)
229 230 231 232
              mount | wc -l
                ## mount: /ssh-host-config.3048: Too many mount entries
                for s in /users/s*; do umount $s; done

Russ Fish's avatar
Russ Fish committed
233
              # Should be NO ssh processes running, not even ssh-agent!
234 235
              ps -Welf | grep ssh

236 237 238
              # Make sure /etc is writable by root.
                v -d /etc
              chown root /etc
239

240
              ssh-host-config -y -c "ntsec tty"
241 242 243
              # or run ssh-host-config without args and answer the following interactive questions:
              # Select privilege separation = yes, sshd user = yes, install as service = yes, 
              # CYGWIN=ntsec tty
244

245
                v /etc/ssh*_config
246 247 248
              chown SYSTEM /etc/ssh*_config
              chmod 644 /etc/ssh*_config

249 250 251 252
          - Check for -i flag: look for Interactive = 0x00000001 (1)
              regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/sshd/Parameters

          - Edit /etc/sshd_config
253
            . Add AuthorizedKeysFile paths under /sshkeys/%u .
254 255 256
                  grep AuthorizedKeysFile /etc/sshd_config
                # Make it writable to edit, then change it back.
                chmod g+w /etc/sshd_config
Russ Fish's avatar
Tweaks.  
Russ Fish committed
257
                ed /etc/sshd_config
258 259
/AuthorizedKeysFile
a
260
AuthorizedKeysFile /sshkeys/%u/authorized_keys
261
AuthorizedKeysFile2 /sshkeys/%u/authorized_keys2
262 263 264
.
w
q
265
                chmod g-w /etc/sshd_config
266 267
                # Get a running sshd to read the config file with SIGHUP.
                kill -HUP `cat /var/run/sshd.pid`
268

269
            . LogLevel defaults to INFO, can be set to VERBOSE, DEBUG1, etc.
Russ Fish's avatar
Russ Fish committed
270 271 272
              With the syslogd service running, debug events are logged to /var/log/messages .
              [Otherwise, they show up under Event Viewer / Application / sshd,
               with one line per event (ugh.)  Refresh to see new events with F5.]
273
              ## sshd service debugging.
274 275 276
                ls -l /etc/sshd_config
                # Check.
                grep LogLevel /etc/sshd_config
277
                # Make it writable to edit, then change it back.
278
                chmod g+w /etc/sshd_config
279 280
                ed /etc/sshd_config
/#LogLevel/a
281
LogLevel DEBUG2
282 283 284
.
w
q
285 286 287 288
                chmod g-w /etc/sshd_config
                # Get a running sshd to read the config file with SIGHUP.
                kill -HUP `cat /var/run/sshd.pid`

289 290
          - Check /var/empty to avoid this error:
              /var/empty must be owned by root and not group or world-writable.
Russ Fish's avatar
Russ Fish committed
291
            # Actually, it must be owned by SYSTEM.
292 293 294 295
              v -d /var/empty
            chown SYSTEM /var/empty
            chmod go-w /var/empty

296
          - You can avoid patching and rebuilding sshd.exe if there's one saved.
Russ Fish's avatar
Russ Fish committed
297 298 299 300
              # Currently 4.1p1-2 .
              cygcheck.exe -c openssh
              # Either explore to \\fs\share, giving *your* login name and Windows password,
              # or use the "net use" command to provide it.  Then UNC paths work.
301
              v //fs/share/windows/sshd.exe
Russ Fish's avatar
Russ Fish committed
302 303
              v /usr/sbin/sshd.exe

304 305 306
              mv /usr/sbin/sshd.exe{,.orig}
              cp -p //fs/share/windows/sshd.exe /usr/sbin/sshd.exe

307 308
          - Start sshd.
              cygrunsrv -S sshd
309
              tail /var/log/messages
310 311

          - Set up for root ssh access from Boss.
Russ Fish's avatar
Russ Fish committed
312
                v -d /home/root
313 314 315
              chown root.wheel /home/root
              chmod 755 /home/root
              passwd root
316 317
daFluxGroup
daFluxGroup
318 319 320
              mkdir ~root/.ssh
              chown root.wheel ~root/.ssh
              # [On boss.]
321
              set pc=201
322
              set ssh_args='-o "StrictHostKeyChecking no" -o "UserKnownHostsFile /dev/null"'
323 324
              # This password isn't used for anything else, and doesn't need to be
              # very secure because all users are in the Administrators group on the node.
325
              eval sudo ssh "$ssh_args" root@pc$pc id
326
daFluxGroup
327
              eval sudo scp "$ssh_args" ~root/.ssh/{id_dsa,identity}.pub root@pc$pc":".ssh
328
daFluxGroup
329
              eval sudo ssh "$ssh_args" root@pc$pc
330
daFluxGroup
331 332 333 334 335 336 337 338 339 340 341 342
                # [On the target.]
                id
                cd ~root/.ssh
                cat {id_dsa,identity}.pub > authorized_keys
                chmod 644 *
                ls -ld /home /home/root /home/root/.ssh /home/root/.ssh/auth*
                mkdir -p /sshkeys/root
                v -d /sshkeys
                chmod 777 /sshkeys
                chmod 700 /sshkeys/root
                cp -p /home/root/.ssh/authorized_keys /sshkeys/root
                ls -lR /sshkeys/root
343 344
              exit

345 346 347 348
              # [Check back on Boss.]
              eval sudo ssh "$ssh_args" pc$pc id
              # The following will likely complain due to nonstandard host keys.
              rootpc $pc id
349 350 351 352

          - Install the standard host keys, dated Jun 21  2001.
            ls -l /etc/ssh*
            # [On boss.]
353 354
              set pc=201
              set ssh_args='-o "StrictHostKeyChecking no" -o "UserKnownHostsFile /dev/null"'
355
            eval sudo scp -rp "$ssh_args" /proj/testbed/fish/elab-host-keys root@pc$pc":"
356 357
            # Get the standard ssl certificates while we're at it.
            eval sudo scp -rp "$ssh_args" /proj/testbed/fish/elab-ssl-certs root@pc$pc":"
358 359

            eval sudo ssh "$ssh_args" root@pc$pc
360
            # [As root on the target.]
361 362 363 364 365 366 367 368 369 370 371 372 373 374
              ls -l ~/elab-host-keys
              ls -l /etc/ssh*key*
              ls -l /etc/orig-ssh-keys

              mkdir /etc/orig-ssh-keys
              chown root /etc/ssh*key*
              cp -p /etc/ssh*key* /etc/orig-ssh-keys
              chown SYSTEM /etc/orig-ssh-keys/*
              ls -l /etc/orig-ssh-keys

              cp -p ~/elab-host-keys/* /etc
              chown SYSTEM /etc/ssh*key*
              ls -l /etc/ssh*key*

375
              mkdir /etc/emulab
376 377 378
              ls -l ~/elab-ssl-certs/* /etc/emulab/*.pem
              cp -p ~/elab-ssl-certs/* /etc/emulab

379
            # The following should no longer complain due to nonstandard host keys.
380
            # [On Boss.] 
381
            rootpc $pc id
382 383

      - Install tools: WinZip and Emacs.
384 385 386 387 388
            # [On boss:]
            sudo scp -rp /share/windows/emacs-21.3-fullbin-i386.tar.gz root@pc$pc":"/tmp
            sudo scp -rp /share/windows/winzip90.exe root@pc$pc":"/tmp

            # Log in as root via RDP.
389 390
            rootrd $pc
            # [On the node, as root.]
391
            # Graphical installer.  Start with WinZip Classic, custom setup, no desktop icon.
392 393 394 395 396
            /tmp/winzip90.exe

            cd C:
            # Don't worry about a plethora of "Cannot change ownership" warnings.
            tar xfz /tmp/emacs-21.3-fullbin-i386.tar.gz
397
            # Graphical; click OK to set up the registry, start menu, etc.
398
            C:/emacs-21.3/bin/addpm.exe
Russ Fish's avatar
Russ Fish committed
399

400
            # Then copy the Emacs shortcut to the All Users/Desktop folder.
401 402 403 404
            allusers=/cygdrive/c/Documents\ and\ Settings/All\ Users
            chown root "$allusers"/Desktop
            cp "$allusers"/{Start\ Menu/Programs/Gnu\ Emacs,Desktop}/Emacs.lnk
            chown SYSTEM "$allusers"/Desktop
405 406 407 408

            # Make "emacs" be the NTEmacs runemacs starter, with "emacs-exe" for a compiler.
            ln -s /cygdrive/c/emacs-21.3/bin/runemacs.exe /usr/local/bin/emacs
            ln -s /cygdrive/c/emacs-21.3/bin/emacs.exe /usr/local/bin/emacs-exe
409 410

      - Get other stuff that "make client" depends on.
411

412 413 414 415 416 417 418 419 420 421 422 423 424 425
                ## Collect the include files for mysql and the Boost Graph Library.
                cd /usr/local/include
                tar cfz /share/windows/mysql-include.tgz mysql
                tar cfz /share/windows/boost-include.tgz boost
            # [On Boss.]
            sudo scp -rp /share/windows/{mysql,boost}-include.tgz root@pc$pc":"/tmp
            sudo scp -rp /share/windows/{WSName,addusers,usrtogrp,setx}.exe root@pc$pc":"/tmp
            # [On the target.]
            mkdir /usr/local/include
            cd /usr/local/include
            tar xfz /tmp/mysql-include.tgz
            tar xfz /tmp/boost-include.tgz

            # Build Elvin libs with GCC for testbed client programs.  
426
            # [On Boss.]
427
            sudo scp -p /usr/testbed/www/distributions/*elvin*-4.0.3.tar.gz root@pc$pc":"/tmp
428
            # [On the node.]
429 430 431 432 433 434 435 436 437
            # Need a path without embedded spaces for the make actions to work.
            mkdir C:/elvin
            cd C:/elvin
            # Don't worry about a plethora of "Cannot change ownership" warnings.
            tar xfz /tmp/libelvin-4.0.3.tar.gz
            tar xfz /tmp/elvind-4.0.3.tar.gz

            cd C:/elvin/libelvin-4.0.3
              # configure: error: Elvin requires that doubles be IEEE 754 compliant
438 439 440 441 442 443 444 445
              # Edit configure, line 3547, add exit(0); to patch around it.
              ed configure
3546p
a
exit(0);
.
w
q
446
            ./configure >& configure.trace 
Russ Fish's avatar
Russ Fish committed
447 448
            # Ends with "creating src/include/elvin/config.h"
            tail configure.trace
449

Russ Fish's avatar
Russ Fish committed
450 451
            # Comment this out in c:/elvin/libelvin-4.0.3/src/lib/i18n.c :
                      #elif defined(HAVE_WINBASE_H)
452
                              FreeLibrary(cat);
453 454 455 456 457 458
            ed c:/elvin/libelvin-4.0.3/src/lib/i18n.c
            /HAVE_WINBASE/p
            .,.+1s|^|//|p
            w
            q

459
            make >& make.log1
Russ Fish's avatar
Russ Fish committed
460
            tail make.log1
461
            make install >& install.log1
Russ Fish's avatar
Russ Fish committed
462
            tail install.log1
463 464
              make clean

Russ Fish's avatar
Russ Fish committed
465
# [ SKIP
466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502
            # Build Elvin for Windows on Coke, and tar it up for later installation.
            scp -p bos:"/usr/testbed/www/distributions/*elvin*-4.0.3.tar.gz" /tmp
            mkdir C:/elvin
            cd C:/elvin
            tar xfz /tmp/libelvin-4.0.3.tar.gz
            tar xfz /tmp/elvind-4.0.3.tar.gz
            # Rename lib dir for makefiles in elvind.
            mv libelvin-4.0.3 elvin4

            cd C:/elvin/elvin4
            nmake /k /f Makefile.win >& lib-make.winlog1
            mkdir -p C:/Program\ Files/elvin4/{bin,lib,doc}
            cp -p win32/bin/*.exe C:/Program\ Files/elvin4/bin
            cp -p win32/lib/{,*/}*.{dll,lib} C:/Program\ Files/elvin4/lib
            mkdir C:/Program\ Files/elvin4/include
            cp -p src/include/elvin/*.h C:/Program\ Files/elvin4/include

            cd C:/elvin/elvind-4.0.3        
            nmake /k /f Makefile.win >& program-make.winlog1
            cp -p *.exe *.pem C:/Program\ Files/elvin4/bin
            cp -p [A-Z][A-Z]* C:/Program\ Files/elvin4/doc
              scp -p ../*/*.winlog* ops:/proj/testbed/fish/elvin
            scp -p ops:/proj/testbed/fish/elvin-config /cygdrive/c/Program\ Files/elvin4/bin

            # Install dll's in the system so the server can be run.
            v C:/Program\ Files/elvin4/lib
            chmod -R g-w C:/Program\ Files/elvin4
            chmod a+x C:/Program\ Files/elvin4/lib/*
            cp -p C:/Program\ Files/elvin4/lib/* $nts

            elvin="C:/Program Files/elvin4/bin/elvinsvc.exe"
              v "$elvin"
            "$elvin" --help
            # Application Error - The application failed to initialize properly (0xc0000022).

            tar cfz /tmp/elvin4-windows.tar.gz -C /cygdrive/c Program\ Files/elvin4
            scp -p /tmp/elvin4-windows.tar.gz ops:/share/windows
Russ Fish's avatar
Russ Fish committed
503
# SKIP ]
504 505 506 507 508 509 510 511 512 513

            # Install the Windows Elvin, built on Coke above.
            # [On Boss.]
            sudo scp -p /share/windows/elvin4-windows.tar.gz root@pc$pc":"/tmp
            sudo scp -p /share/windows/elvind.conf.windows root@pc$pc":"/tmp/elvind.conf

            # [On the experiment node as root (Bash shell):]
            rootpc $pc
              cd C:
                ls -ld Program\ Files/elvin*
514
              # Don't worry about a plethora of "Cannot change ownership" warnings.
515 516 517 518 519 520 521 522 523 524
              tar xvfz /tmp/elvin4-windows.tar.gz
              chown -R root Program\ Files/elvin4
              cp -p C:/Program\ Files/elvin4/lib/* C:/WINDOWS/system32
              cp -p C:/Program\ Files/elvin4/lib/* /usr/local/lib
                diff /usr/local/etc/elvind_ssl.pem C:/Program\ Files/elvin4/bin/elvind_ssl.pem
              cp -p C:/Program\ Files/elvin4/bin/elvind_ssl.pem /usr/local/etc/elvind_ssl.pem

              elvind="C:/Program Files/elvin4"
              elvin="$elvind/bin/elvinsvc.exe"
                ls -l "$elvind/bin"
525 526
              chmod -R g-w "$elvind"
                ## Graphical help message.
527 528 529 530 531 532 533
                "$elvin" --help &
              # Install as a service.
              "$elvin" -r
              # Install a config file and set the path for the server.
                diff /usr/local/etc/elvind.conf /tmp/elvind.conf
              cp /tmp/elvind.conf /usr/local/etc/elvind.conf
                ls -l /usr/local/etc/elvind.conf
534
              # Do once to register the config file.
535 536
              "$elvin" -c `cygpath -w /usr/local/etc/elvind.conf`
                  ## Testing: start elvinsvc from the Services Manager now.
537
                  net start elvinsvc.exe
538
              # Make elvinsvc automatic in services manager, or use these commands:
539
                regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/elvinsvc.exe
540 541 542
              # (4 is Disabled, 3 is Manual, 2 is Automatic, 1 is only used for System services.)
              regtool -v set /HKLM/SYSTEM/CurrentControlSet/Services/elvinsvc.exe/Start 2

Russ Fish's avatar
Russ Fish committed
543
# [ SKIP
544 545 546 547 548
              ## Use any Windows experiment with a Program object in it for testing.
              pid=testbed eid=Windows-1
                pid=testbed eid=Windows-1b
                pid=testbed eid=Windows-1c
              $BINDIR/evproxy -s event-server -e $pid/$eid
549 550
              
              ## program-agent debugging.
551 552 553 554 555 556 557 558 559 560 561 562
                ps -Welf | grep program-agent
                $rc/rc.progagent shutdown
              $rc/rc.progagent boot
                ## Debugging.
                tail $LOGDIR/progagent.debug
                program-agent -d -e $pid/$eid -s localhost -c /var/emulab/boot/progagents
                # [On ops.]
                tevc -e testbed/Windows-1c now prog0 start \
                    COMMAND="bash -c 'date; hostname' > /tmp/host.txt"
                # [On the node.]
                tail /tmp/host.txt
                cat /local/logs/prog0.status
563
              
564 565 566 567
                ## C:\cygwin\bin\tcsh.exe (2504): *** couldn't create window, Win32 error 5
                ## See http://comments.gmane.org/gmane.os.cygwin.patches/2559
                ## This is at cygwin-1.5.17-1-winsup/cygwin/window.cc:wininfo::winthread():96
                ## Try starting rc.progagent as a separate service with -i for a desktop.
568
                
569 570
                  ## Started up and stopped immediately.  Needs something else in rc.bootsetup.
                  --dep elvinsvc.exe \
571
                
572 573 574
                  ## Depend on EmulabStartup (rc.bootsetup), which depends on the elvin service,
                  ## and also starts evproxy.  But it stops rather than staying running...
                  --dep EmulabStartup \
575
                
576 577 578 579
                ## Make it manual, and explicitly start it after rc.bootsetup in EmulabStartup.
                ## Works, but stays in "starting" state, err in bootsetup.log:
                ##  cygrunsrv: Error starting a service: QueryServiceStatus:  Win32 error 1053:
                ##  The service did not respond to the start or control request in a timely fashion.
Russ Fish's avatar
Russ Fish committed
580
# SKIP ]
581 582

              # For setuid() to work, Root must have these rights: Create a token object; Replace a
583 584 585 586 587 588 589 590
              # process level token; and Increase Quota rights.
              # http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-switch,
              # http://msdn.microsoft.com/library/en-us/secauthz/security/authorization_constants.asp
              editrights -u root -l
              editrights -u root -a SeCreateTokenPrivilege -l
              editrights -u root -a SeAssignPrimaryTokenPrivilege -l
              editrights -u root -a SeIncreaseQuotaPrivilege -l

Russ Fish's avatar
Russ Fish committed
591
              # Set up to run the program-agent service.
592
                cygrunsrv -R ProgAgent
593
              progagent=/usr/local/etc/emulab/rc/rc.progagent
594
              cygrunsrv -I ProgAgent -d "Emulab Program Agent" -i -p /cygdrive/c/cygwin/bin/bash \
595
                  --type manual \
596
                  -a "--norc --noprofile -c '$progagent >& /var/log/program-agent.log'"
597
                regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/ProgAgent/Parameters
598
                cygrunsrv -VQ ProgAgent
Russ Fish's avatar
Russ Fish committed
599 600 601 602
                  ## This won't work until you build the Emulab programs, including program-agent, below.
                  cygrunsrv -S ProgAgent
                  cygrunsrv -E ProgAgent
                # Log files.
603 604 605 606
                  tail /var/log/{program-agent,ProgAgent}.log
                touch /var/log/{program-agent,ProgAgent}.log
                chmod 777 /var/log/{program-agent,ProgAgent}.log

Russ Fish's avatar
Russ Fish committed
607
# [ SKIP
608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628
                # Little problem: "Must be root to run this script!"
                # Add this: 
                  # This runs as a separate Local System service on XP.  Change to root.
                  if (WINDOWS()) { $EUID = $UID = 0; }

                # Testing on ops.
                tevc -e testbed/bsd-1 now prog0 start
                tevc -e testbed/bsd-1 now prog0 start COMMAND='hostname >>& /users/fish/test.out'

                tevc -e testbed/Windows-1 now prog0 start COMMAND='hostname>>&/users/fish/test.out'
                  v /users/fish/test.out
                  tail /users/fish/test.out
                tevc -e testbed/Windows-1 now prog0 run COMMAND='touch /tmp/foo'
                tevc -e testbed/Windows-1 now prog0 run COMMAND='id'
                tevc -e testbed/Windows-1 now prog0 run COMMAND='ls -l /users/fish'
                tevc -e testbed/Windows-1 now prog0 run COMMAND='ls -l /proj/testbed/fish'

                # [On the node.]
                cat /local/logs/prog0.status
                cat /local/logs/prog0.err
                cat /local/logs/prog0.out
Russ Fish's avatar
Russ Fish committed
629
# SKIP ]
630 631 632

      - Get the testbed client code via CVS, build, and install it.
            rootpc $pc
633
            # [As root, on the node.]
634 635 636 637
            login_name=fish ws_name=kzin domain=flux.utah.edu
            ws_login=$login_name@$ws_name.$domain
            cvs_login=$login_name@cvs.$domain

638 639 640 641 642 643 644
            # Start an agent and go to your workstation to get your ssh keys for the cvs server.
            eval `ssh-agent -s`
              ssh-add -l
            ssh -A $ws_login
              ssh-add -l
            kdsa
            exit
645 646 647

            ssh $cvs_login id
              ssh -v $cvs_login id
Russ Fish's avatar
Russ Fish committed
648
            export CVSROOT=$cvs_login:/usr/flux/CVS CVS_RSH=ssh
649 650 651

              mkdir ~/flux
            cd ~/flux
652 653
              # First time only
              mkdir CVS; touch CVS/Entries; echo . > CVS/Repository
654
            # Any time the testbed tree needs to be re-created.  (Takes a while.)
655
            cvs -Q co testbed
656 657 658
              # Updates After that.
              cat CVS/Entries
                cvs -n -q update testbed
659
              cvs -q update -d testbed
660

Russ Fish's avatar
Russ Fish committed
661
            # Install some dotfiles for Root.
662 663 664
            cp -p testbed/tmcd/cygwinxp/cygwin.root.bashrc ~root/.bashrc
            cp -p testbed/tmcd/cygwinxp/cygwin.root.bash_profile ~root/.bash_profile
            cp -p testbed/tmcd/cygwinxp/cygwin.root.emacs ~root/.emacs
665
            # No HOME envar is set for root's desktop, so Emacs defaults it to C:/ .
666 667
            cp -p ~root/.emacs C:/.emacs

Russ Fish's avatar
Russ Fish committed
668
            # Install site-lisp files for Emacs.
669 670
              v -t testbed/tmcd/cygwinxp/site-lisp
              v -t c:/emacs-21.3/site-lisp
671 672 673 674 675 676
            cp -rp testbed/tmcd/cygwinxp/site-lisp/* c:/emacs-21.3/site-lisp
            ls -l c:/emacs-21.3/site-lisp

            # Need a resolv.conf before tmcc will work.
              cat /etc/resolv.conf
            cp -p ~/flux/testbed/tmcd/cygwinxp/resolv.conf /etc/resolv.conf
677 678

            # The Elvin and program-agent man pages get installed in man8.
679 680
            mkdir /usr/local/man/man8
              
681
            # Get the downloaded binary programs into the source tree for install.
682 683 684 685 686 687
              ls -l ~/flux/testbed/tmcd/cygwinxp/*.exe
            # [On boss:]
            sudo scp -rp /share/windows/{WSName,addusers,usrtogrp,setx}.exe root@pc$pc":"/tmp
            # [Back on the client:]
            cp -p /tmp/{WSName,addusers,usrtogrp,setx}.exe ~/flux/testbed/tmcd/cygwinxp

688
            # Finally ready to do the Emulab makes!
689 690
            mkdir ~/flux/obj-real
            cd ~/flux/obj-real
691 692

            # Configure takes a while...
693 694 695
              v configure.trace*
              mv configure.trace{,.1}
            ../testbed/configure --enable-windows --enable-windowsclient >& configure.trace
Russ Fish's avatar
Russ Fish committed
696 697 698
            # Should end with "creating config.h".
            tail configure.trace
              tail -f configure.trace
699 700 701

            # The first make fails with "Cannot change ownership" warnings unpacking tg2.0 .
            make client-install >& make.log1
Russ Fish's avatar
Russ Fish committed
702
            tail make.log1
703 704 705 706 707 708 709
            # No worries.  Patch it explicitly, since the patch action gets skipped.
            (cd ~/flux/testbed/event/trafgen; patch -p0 < tg.patch)

            # If this is an update, evproxy is run by rc.bootsetup and nothing stops it.
            # The install of evproxy in the make will fail unless we stop it first.
            ps -Welf | grep evproxy
              kill `ps -Welf | grep evproxy | awk '{print $2}'`
710 711 712 713
            # Ditto emulab-syncd and slothd.
            $rc/rc.syncserver shutdown
            $rc/rc.slothd stop

714
            make client-install >& make.log2
Russ Fish's avatar
Russ Fish committed
715 716
            tail make.log2
              tail -f make.log2
717 718

                # Only needed if there are problems...
719
                  v -t make.log*
720
                make client-install >& make.log3
721 722
                make client-install >& make.log4
                make client-install >& make.log5
723 724 725 726
                make client-install >& make.log6
                make client-install >& make.log7
                make client-install >& make.log8
                make client-install >& make.log9
727 728

      . Patch the /etc/profile file to use /home dirs if the /users mounts are down.
729
        ## Note their comment:
730 731 732 733 734
        # IF THIS FILE IS MODIFIED IT WILL NOT BE UPDATED BY THE CYGWIN
        # SETUP PROGRAM.  IT BECOMES YOUR RESPONSIBILITY.
        #
        # The latest version as installed by the Cygwin Setup program can
        # always be found at /etc/defaults/etc/profile
Russ Fish's avatar
Russ Fish committed
735
            # If you need to check in a new version back in CVS land...
736
            (cd ~/flux; cvs update testbed/tmcd/cygwinxp/profile)
737
          diff /etc/defaults/etc/profile ~/flux/testbed/tmcd/cygwinxp
738 739 740
            # If the diffs are right, just copy the Emulab one.
            cp ~/flux/testbed/tmcd/cygwinxp/profile /etc
          # Otherwise, edit the file.
741 742
            diff /etc/defaults/etc/profile /etc/profile
            cp /etc/defaults/etc/profile /etc
743 744 745 746 747 748 749 750 751 752 753 754
          ed /etc/profile
  /^# If the home directory doesn't exist, create it./,/^if \[ ! -d "\${HOME}" \]; then/p
/^# If the home directory doesn't exist, create it./,/^if \[ ! -d "\${HOME}" \]; then/c
### Use a local dir under sshd if the mount failed.
if [ ! -d "$HOME" ]; then
        HOME=/home/$USER
fi
# If the home directory doesn't exist, create it.
if [ ]; then
###if [ ! -d "${HOME}" ]; then
.
  .-10,.+5p
755 756
  w
  q
757

758 759 760 761
      . Need an NTP client, or at least the semblence of one.
            cat /etc/ntp.drift
          echo 0.000 > /etc/ntp.drift

762
      . Set up the tbshutdown script to run as a service, to get a shutdown signal.
763 764
            editrights -u root -l
          editrights -u root -a SeServiceLogonRight -l
Russ Fish's avatar
Russ Fish committed
765
          # Don't forget to set the root password to the following, if you haven't done it yet.
766
          rootpwd='daFluxGroup'
767
          # EmulabShutdown is started manually later on from rc.cygwinxp .
768
          echo "$rootpwd"
769 770 771 772
            cygrunsrv -R EmulabShutdown
          cygrunsrv -I EmulabShutdown -u root -w "$rootpwd" -p /cygdrive/c/cygwin/bin/bash \
              --shutdown --type manual \
              -a "--norc --noprofile -c '/usr/local/etc/emulab/tbshutdown'"
773
          cygrunsrv -VQ EmulabShutdown
774

775
          # If you see the following, try running rc.accounts or rc.bootsetup below to 
776
          # clear it up.  Haven't figured this out yet...
777 778 779
          ##cygrunsrv: Error installing a service: CreateService:  Win32 error 1057:
          ##The account name is invalid or does not exist, or the password is invalid 
          ##for the account name specified.
780

Russ Fish's avatar
Russ Fish committed
781
          # Log files
782 783 784
          touch /var/log/EmulabShutdown.log
          chmod 666 /var/log/EmulabShutdown.log
          regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/EmulabShutdown/Parameters
785
            # Manual start-up for testing.
786
            cygrunsrv -S EmulabShutdown
787 788

      . See if rc.bootsetup works.
Russ Fish's avatar
Russ Fish committed
789 790 791 792
          # Don't allow the sshd shell a shell login login in rc.accounts.
            grep '\^sshd:' /var/emulab/boot/usershells
          echo '/^sshd:/s|/bin/bash$|/bin/false|' >> /var/emulab/boot/usershells

793 794 795
          ##Running os dependent initialization script rc.cygwin
          ##chmod: cannot access `/var/log/EmulabStartup.log': No such file or directory
          ##chmod: cannot access `/etc/emulab/iscygwin': No such file or directory
796 797
          touch /var/log/EmulabStartup.log
          chmod 666 /var/log/EmulabStartup.log
Russ Fish's avatar
Russ Fish committed
798 799 800 801 802 803 804

          # May need to make /sshkeys, if it hasn't been done above.
          v -d /sshkeys
            mkdir /sshkeys
            chmod 777 /sshkeys

              ## May need to read .bashrc installed above if you haven't set up the path yet.
805
              . ~/.bashrc
806
            tmcc nodeid
807
              ## If you have problems, you may be missing /etc/resolv.conf .
808 809 810 811
              tmcc -d nodeid
                    nodeid 
                    /usr/local/etc/emulab/tmcc.bin  -d nodeid 
                    Connection to TMCD refused. Waiting ...
Russ Fish's avatar
Russ Fish committed
812 813
            ## You can test rc.cygwin separately.  It should reboot, the first time, 
            ## when it changes the node ID.
814
            $rc/rc.cygwin
815

Russ Fish's avatar
Russ Fish committed
816 817 818
            ## You can try the boot-time script to see that all is well.
            ## If you run this, and the node name hasn't been changed yet, it will reboot.
            $rc/rc.bootsetup
819

820 821
      . Set up the boot script to run as a service.

822
          # Start up after DHCP and Elvin, run ProgAgent afterwards.
823 824
              cygrunsrv -R EmulabStartup 
          rootpwd='daFluxGroup'
825 826 827 828 829 830 831 832
          cygwinrc=/usr/local/etc/emulab/rc/rc.cygwin
          bootsetup=/usr/local/etc/emulab/rc/rc.bootsetup
          progagent="cygrunsrv -S ProgAgent"
          bootlog=/var/log/bootsetup.log
          cygrunsrv -I EmulabStartup -u root -w $rootpwd --dep DHCP --dep elvinsvc.exe \
            -p /cygdrive/c/cygwin/bin/bash \
            -a "--norc --noprofile -c '( $cygwinrc; $bootsetup; $progagent ) >& $bootlog'"
          cygrunsrv -VQ EmulabStartup 
833

Russ Fish's avatar
Russ Fish committed
834
            ## If you run this, and the node name hasn't been changed yet, it will reboot.
835 836 837 838 839 840 841 842 843 844 845 846
            cygrunsrv -S EmulabStartup 
            cygrunsrv --help
          regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/EmulabStartup/Parameters
          sc query EmulabStartup

      . Make a $HOME envar for everybody, so Emacs works on startup from the desktop.
        - Set a user environment variable: HOME = /users/%USERNAME%
        - Stored in HKCU/Environment, which is HKU/*/Environment based on the user SIDs.
        - The user registry key (folder) is created at first login, doesn't exist before that.
          Run setx after that at login time to set the HOME environment variable value.
                # Check.
                regtool get /HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Run/SetHOME
847
          # Use a literal Windows command rather than a script.
848 849
          regtool -s set /HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Run/SetHOME \
            'cmd /C "if not %USERNAME% == root if not %USERNAME% == Administrator setx HOME //fs/%USERNAME%"'
850 851 852
                # Undo.
                regtool unset /HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Run/SetHOME
          # Check that setx.exe is in system32.
853 854
          v C:/WINDOWS/system32/setx.exe

Russ Fish's avatar
Russ Fish committed
855
# [ SKIP if patched sshd.exe installed above.
856
      . Patch sshd so that shares (including /users homedirs) work with public-key logins.
Russ Fish's avatar
Russ Fish committed
857
        Also touches a file when client input is received, so slothd will know.
858 859

        - RDP into a node as root and shut down all ssh processes before update.
860
          (Otherwise, installation of an openssh update can hang mysteriously.)
861 862 863
            net stop sshd
            ps -Welf | grep ssh

864 865 866 867 868 869 870
        - Go through Cygwin setup and make sure everything is updated.  
              cygcheck -c openssh
              /cygdrive/c/software/cygwin/setup.exe &
              cygcheck -c openssh
          . View "Partial" will show what it wants to download and install.
          . Also select src for openssh, which goes under /usr/src .
          . When base dll's are updated, it will tell you to reboot.  Do it.
871

872
        - Install the source patches.  (Go get CVSROOT and agent keys set above first.)
873 874 875
            (cd ~/flux; cvs update testbed/tmcd/cygwinxp)
              (cd ~/flux; cvs co testbed/tmcd/cygwinxp)
          cd /usr/src/openssh*
876
            v -t *.[ch] | head -30
Russ Fish's avatar
Russ Fish committed
877 878

          # Enable no-password ssh logins which can access shared homedirs.
879 880 881
          cp -p uidswap.c{,.orig}
            patch -p1 --dry-run < ~/flux/testbed/tmcd/cygwinxp/uidswap.c.patch
          patch -p1 -b < ~/flux/testbed/tmcd/cygwinxp/uidswap.c.patch
882
            diff uidswap.c{.orig,}
883

Russ Fish's avatar
Russ Fish committed
884
          # Enable slothd to know of the last SSH client input time.
885 886
          for f in channels.{h,c} serverloop.c; do cp -p $f{,.orig}; done
            v *.orig
Russ Fish's avatar
Russ Fish committed
887 888 889
            patch -p1 --dry-run < ~/flux/testbed/tmcd/cygwinxp/sshd-client-input-time.patch
          patch -p1 -b < ~/flux/testbed/tmcd/cygwinxp/sshd-client-input-time.patch

890 891 892 893 894 895 896 897 898 899 900
        - Configure.  Takes a while.
            # These are the options that contrib/cygwin/README specifies:
            prefix=/usr sbindir=/usr/sbin datadir=$prefix/share
            ./configure > configure.trace 2>&1 \
                --prefix=/usr \
                --sysconfdir=/etc \
                --libexecdir=${sbindir} \
                --localstatedir=/var \
                --datadir=${prefix}/share \
                --mandir=${datadir}/man \
                --infodir=${datadir}/info
901 902
              tail configure.trace
                tail -f configure.trace
903 904 905

        - Just make and install sshd.exe, assuming everything else is up-to-date.
            make sshd.exe > make.log.1 2>&1
906 907
              tail make.log.1
                tail -f make.log.1
908 909 910 911 912 913

            # Make sure sshd is closed down while installing.
            ps -Welf | grep sshd
            net stop sshd
            /usr/bin/install -c -m 0755 -s sshd /usr/sbin/sshd.exe
            net start sshd
Russ Fish's avatar
Russ Fish committed
914
# SKIP ]
915

916
      . Make a load average log for slothd, averaged over a 1 minute period.
Russ Fish's avatar
Russ Fish committed
917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936

        - /proc/loadavg is hard-wired to "0.00 0.00 0.00" on Cygwin now.

        - All attempts to script this setup to reproduce it on another computer have
          failed so far, including using its own "Save/Restore Settings" and
          transplanting the registry subtree.

       - Click into Computer Management / Performance Logs and Alerts / Counter Logs.
          Right-click "New Log Settings..." in the logs pane, 
            Name: "ldavg", OK.

          General tab, 
            Counters list, "Add Counters...",
              check "Use local computer counters",
              click "Add" to add % total processor (the default),
              click "Close".
            Sample data every: Interval: "60" seconds.

          Log Files tab, 
            Log file type: "Text File (Comma delimited)", 
937 938 939 940
            Uncheck "End file names with" so the result goes into ldavg.csv .
            Configure... 
              Location: "C:\cygwin\var\run",
              Log file size: "Limit of: 1 MB", OK.
Russ Fish's avatar
Russ Fish committed
941 942 943 944

          Schedule tab, 
            Start Log: Click "At" (which defaults to the current time, as well as the future.) 
            Stop Log: Click "When the 1-MB log file is full.",
945
              When a log file closes: "Start a new log file".
Russ Fish's avatar
Russ Fish committed
946

947
          Check all three tabs, click OK.
Russ Fish's avatar
Russ Fish committed
948

949 950
          # ldavg should start out red (stopped) and then turn green (started) if you
          # refresh with F5.  It will start again after reboot.
Russ Fish's avatar
Russ Fish committed
951 952
          # You can turn it off and on with the right-click menu on "ldavg" in the logs pane.  
            tail -f /var/run/ldavg.csv
953 954
          # The first one is always 99.999, etc.

Russ Fish's avatar
Russ Fish committed
955 956
      . Reboot to make sure it all works right.  Note that prepare clears out the source
        trees, so don't do it until you've booted once and know that everything else works.
957 958
          prepare
          /sbin/reboot
Russ Fish's avatar
Russ Fish committed
959

960

961 962 963
================================================================
Making images

964 965 966 967 968 969 970 971 972 973 974 975 976 977
    . Windows Update
      - This might be needed after each Microsoft "Patch Tuesday" (second tues of the month.)
      - Start up Internet Explorer and go to:
        . http://update.microsoft.com
           - The first time, just installs/updates the updater and asks to reboot.
           - I just choose the EXPRESS update, installing all high-priority updates.
           - Don't turn on Automatic Updates.

           - After rebooting, check again if there's more to install.

             To install SP2, you must have access to a console screen, because the
             Windows Firewall defaults to block both SSH and RDP.  Disable it.

             . You may need to free disk space to install SP2, or allocate a partition.
Russ Fish's avatar
Russ Fish committed
978 979
                   du -sm C:/WINDOWS/ServicePackFiles/i386
                 rm -rf C:/WINDOWS/ServicePackFiles/i386
980 981 982 983 984 985
                   du -sm C:/WINDOWS/SoftwareDistribution/Download
                 rm -rf C:/WINDOWS/SoftwareDistribution/Download/*

      - Could be a good time to update Cygwin as well.  
        . Beware of stepping on the sshd.exe patches.

986
     . Uninstall the experimental net devices in Computer Management/Device Manager.
987
       (This was from our attempts to make a pc850/pc600 image.  Is it needed?)
988
         # Check which one is the control net interface.
989 990 991
         ipconfig /all
       Select a non-control net interface, hit delete, enter.
       Takes about 15 seconds per interface.
992

993
     . Run prepare to clear out experiment-specific state.
994 995
        rootpc $pc
          # Ignore complaints about all of the C:/Documents and Settings directories
996
          # that were never created because the users didn't log in...
997
          prepare
998

999
          exit
1000

1001 1002
    . Add an entry at the beginning of xpimage-log.txt, and create the image
      descriptor if it's not an existing image.
1003

1004 1005
    . Capture the image with imagezip.  
      You can specify the PC from which to grab the image when you create an image-id.
1006
      Do it in red-dot mode so you can set the Reboot Waittime to 240 seconds.
1007 1008 1009
      When updating existing images, I do it by hand in two stages, as below.
    
        # [On boss.]
1010 1011 1012 1013
        set pc=61 img=SP1 image=SP1_2005-08-22
        set pc=72 img=SP0 image=SP0_2005-08-22
        set pc=109 img=UPDATE image=UPDATE_2005-08-22

Russ Fish's avatar
Russ Fish committed
1014 1015 1016 1017 1018 1019
        set pc=210 img=BASE-pc3000 image=BASE-pc3000_2005-08-31
        set pc=201 img=SP0-pc3000 image=SP0-pc3000_2005-09-01
        set pc=201 img=SP1-pc3000 image=SP1-pc3000_2005-09-01
        set pc=242 img=SP2-pc3000 image=SP2-pc3000_2005-09-01
        set pc=242 img=UPDATE-pc3000 image=UPDATE-pc3000_2005-09-01

1020 1021
        df -m /proj/testbed/images /usr/testbed/images
          # Verify SSH working.
1022 1023
          rootpc $pc id

1024
        # Boot into the MFS.  The serial console will show you when it's open for business.
Russ Fish's avatar
Russ Fish committed
1025
        echo $pc $image
1026
        wap node_admin on pc$pc &
1027
              # Should not be necessary if ssh from root@boss to the node is working.
1028
              rootpc $pc /sbin/reboot
Russ Fish's avatar
Russ Fish committed
1029 1030 1031 1032 1033 1034 1035
          ## You may see:
              shutdown: Couldn't reboot: Error 53 The network path was not found.
          ## Try this command:
            rootpc $pc 'tsshutdn 1 /REBOOT /DELAY:1'
          ## Or you can shutdown/restart it from the task manager under RDP,
          ## or just wait a while and Emulab will cycle power to force a reboot.
        # Wait until the node is in the MFS, based on the serial console.
1036 1037 1038

        # Make WINXP-TMP on /proj, then move it to /usr/testbed/images with the right name.
        rootpc $pc
1039 1040