xpimage-notes.txt 51.3 KB
Newer Older
1
# Directions for setting up an XP image from scratch.
2
3
# These are raw notes and commands to paste into a shell.
# Mostly Bash shell commands for Windows, some tcsh commands for Boss or Ops.
4
5
# Some (most?) of it could be scriptified with some work. 

6
7
# Notice that this file has spaces instead of tabs at the beginning of lines.
# A tab in either Bash or tcsh causes it to display all of the possible command completions!
8
9
10
11
# Here's a little Emacs keyboard macro to ease the copy-and-paste business:
    ; Copy a command line, leaving off the whitespace on the beginning of the line.
    (fset 'copy-command-line [?\M-m ?\C-  ?\C-e ?\C-f C-insert])
    (global-set-key "\^C\^E" 'copy-command-line)
12

13
14
# By convention, optional "informational" commands are indented a couple of spaces more.
## Debugging and problem-solving stuff is double-# commented.
15
16

alias v 'ls -lsF'               # "Verbose" listing
17
18
setenv en emulab.net
alias rootpc 'sudo ssh pc\!^.$en \!:2*'
19
20
alias rootrd 'rd  -K -g 1280x1024 -u root pc\!^.$en &'

21
22
# In Bash,
alias v='ls -lsF'
23

24
    . Start with a clean XP image, as it comes from the CD.
25

26
27
28
29
30
31
32
      - How to do the Windows XP installation and make a WINXP-BASE image:

        . Swap in a firewalled experiment with a FBSD-STD image.
        . Do "node_admin on" so PXE throws it into the FBSD MFS.
        . Hook up a console, reboot and modify the boot order to boot from the Windows XP CD.

        . Do the Windows installation, adding whatever drivers are needed.
Russ Fish's avatar
Russ Fish committed
33
          - 8 gig is a good size for the XP NTFS partition, of which 4-5 will be user space.
34
35
36
37
            (They can always allocate more later with Disk Manager.)
          - You'll save some work later if you make the first admin user account named "root".

        . Set the usual password for root in Control Panel / User Accounts.
Russ Fish's avatar
Russ Fish committed
38
            It asks whether to make the root files private.  I've been saying "no".
39
40
41
42
43
          - While you're there, click "Change the way users log on or off" and make
            sure "Use Fast User Switching" is turned on.

        . Make sure you turn on Remote Desktop logins under Control Panel / System / Remote (!)

Russ Fish's avatar
Russ Fish committed
44
45
        . Go into Control Panel / Power Options / Hibernate, and make sure it's disabled.
          This will gives you extra gigs of disk space on C: equal to your RAM size .
46
47
48
49
50
51

        . Set the workgroup name to EMULAB in Control Panel/System/Computer Name/Change...
          No need to reboot yet if you have more to do.

        . On reboot, restore the boot order so PXE goes back into the FBSD MFS, and make an image.
          (See imagezip commands below.)  
Russ Fish's avatar
Russ Fish committed
52
          Make sure the Operational Mode is MINIMAL in the Image Descriptor, rather than NORMALv2!
53
54

      - Make a firewalled experiment using the WINXP-BASE image above, log in as "root".
55

56
57
58
59
60
61
62
63
64
65
         . The experiment should be behind a firewall, to avoid contamination.

            # Firewall while making Windows images.
            set fw [new Firewall $ns]
            $fw set-type ipfw2-vlan
            $fw set-style basic

            # Allow Cygwin setup and Windows Update to work.
            $fw add-rule "allow tcp from any to any 80,443 in via vlan0 setup keep-state"

66
67
         . Note that it takes a couple of minutes after booting for the RDP service to start,
           so don't worry if you can't log in at first.
68

69
70
71
72
73
74
75
76
77
78
79
      - Set the Windows "w32time" NTP client to connect to the Emulab NTP host.
        Runs as a service, periodically contacts the time server.
          # ntp1 is a DNS alias for Ops.
          # Do this in a Windows CMD shell, since you don't have Cygwin shells yet.
          net time /querysntp
          # Need to restart w32time before it sees the setsntp configuration. (?)
          net stop w32time
          net time /setsntp:ntp1
          net time /querysntp
          net start w32time
          # May take a minute to take effect.
80
81
             
      - Disable the Messenger Service to keep annoying pop-ups away.
82
83
84
            cygrunsrv -VQ  Messenger
          sc config Messenger start= disabled
          sc stop Messenger
85
86

      - Disable the SSDP Discovery Service and Universal Plug and Play Device Host.
87
88
89
90
91
92
93
94
95
96
97
98
        This closes port 5000 to attacks.  Also disable the Remote Registry service.
            cygrunsrv -VQ  SSDPSRV
            cygrunsrv -VQ  upnphost
            cygrunsrv -VQ  RemoteRegistry

          sc config SSDPSRV start= disabled
          sc config upnphost start= disabled
          sc config RemoteRegistry start= disabled

          sc stop SSDPSRV
          sc stop upnphost
          sc stop RemoteRegistry
99

Russ Fish's avatar
Russ Fish committed
100
101
102
103
104
105
      - Go into Control Panel/Administrative Tools (it's under Performance and
        Maintenance in the new Control Panel interface.)

        . Right-click Start/"Explore All Users" and drag a copy of the Computer
          Management shortcut from Administrative Tools into the All Users/Desktop
          folder.
106

Russ Fish's avatar
Russ Fish committed
107
108
109
      - If you haven't already made a "root" account, go into Computer Management/
        System Tools/Local Users and Groups/Users, put it in the Administrators group.
        . Also make it a member of the Users groups.
110
111
112
113
114
115

      - Start IE, make "blank" the home page. Click Tools/Internet Options/Home page/Use Blank.

      - Show My Computer.  (Desktop Properties/Desktop/Customize Desktop...)
        Turn off "Run Desktop Cleanup Wizard every 60 days".

116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
      - Create C:/Temp, C:/Software/Cygwin
          # [Windows cmd prompt, there's no Cygwin shell yet...]
          mkdir C:\Temp
          mkdir C:\Software\Cygwin

      - Install Cygwin
        . (Try copying /etc/setup/* from an existing image to script the selection work.)
           # There's no scp to copy them with, so use Windows SMB File Sharing to get it
           # from \\fs\share\windows\cygwin-etc-setup.)
             mkdir C:\cygwin
           # Hm.  Still didn't come up with the added packages selected.
           # When C:\Software\Cygwin/http... is copied, it thinks everything is already installed.
           # Removing the /etc/setup/installed.db file seems not to help.
           # Nothing relevant to install in HKLM/SOFTWARE/Cygnus Solutions/Cygwin, either...

        . Download setup from www.cygwin.com/setup.exe to C:/Software/Cygwin.
          Once you have a Cygwin, you can update the setup.exe by:
133
134
135
           # [On ops.]
           set pc=109
           scp /share/windows/cygwin-setup.exe $pc":"/tmp/setup.exe
136
137
138

        . Run Cygwin setup.exe .
            # After Cygwin in installed, ensure that upgrading SSH won't hang.
139
            net stop sshd
140
141
142
            C:/Software/Cygwin/setup.exe &
        . Install dir is C:\cygwin, package dir is C:\Software\Cygwin .
        . Download site mirror is http://mirrors.xmission.com .
143
144
        . Click [View] to "Not Installed" (alphabetical.)  
          Click on the Skip in the "New" column to add a binary version of:
Russ Fish's avatar
Russ Fish committed
145
            agetty, bison, cvs, cygrunsrv, ed, file, flex, gcc, gdb, inetutils, 
Russ Fish's avatar
Russ Fish committed
146
            make, minires-devel, more, nano, openssh (with src), openssl-devel, 
147
            patch, perl, perl-libwin32, python, rpm, rsync, 
Russ Fish's avatar
Russ Fish committed
148
            shutdown, tcsh, vim, wget, zip .
149
          Click in the "src" column for openssh, so patches can be applied.
150
        . At the end, don't "Create an icon on the Desktop", do "Add icon to Start Menu".
151
152
153
154
155
156
157
158

        . Add ;C:\cygwin\bin to the end of the System PATH in 
          Control Panel/System/Advanced/Environment Variables.

        . Start up a Cygwin shell and fix the shell properties:
            Options QuickEdit Mode on, Layout/screen buffer height 3000, window height 55.
            Check "Modify shortcut that started this window".
          - Might as well fix the Start/Programs/Accessories/Command Prompt properties, too.
Russ Fish's avatar
Russ Fish committed
159
160
161
162
163
164
165
          - Create c:\cygin\cygwin-tcsh.bat as a copy of c:\cygin\cygwin.bat with
            "bash --login -i" changed to "tcsh -l".
               ### Now we can use Cygwin (Bash) shell commands...  ###
               alias v='ls -lsF'
               cd C:/cygwin
               sed 's/bash --login -i/tcsh -l/' < cygwin.bat > cygwin-tcsh.bat
               chmod +x cygwin-tcsh.bat
166
          - Copy the bash shortcut to the All Users/Desktop.  
167
          - Copy it to a tcsh icon as well, changing the Target to c:\cygin\cygwin-tcsh.bat .
168
          - Copy the tcsh icon into All Users/Start Menu/Programs/Cygwin.
Russ Fish's avatar
Russ Fish committed
169
170
               cd C:/Documents\ and\ Settings/All\ Users
               cp -p Desktop/Cygwin\ TCSH\ Shell.lnk Start\ Menu/Programs/Cygwin
171
172
173
174
175
176

        . Set up local homedirs under /home as a symlink.  ~root is already there.
            cd /tmp
            mv /home{,.orig}
            ln -s /cygdrive/c/Documents\ and\ Settings/ /home

Russ Fish's avatar
Russ Fish committed
177
178
179
        . The Windows hosts file should already be symlinked into the Cygwin /etc.
            ls -l /etc/hosts
              ln -s /cygdrive/c/WINDOWS/system32/drivers/etc/hosts /etc/hosts
180
181

        . Create a proper group file.  Make wheel an alias for Administrators.
182
183
            mkgroup -l | \
              awk '/^Administrators:/{print "wheel" substr($0, index($0,":"))} \
184
                   {print}' > /etc/group.new
185
186
187
188
189
190
            diff /etc/group{,.new}
            cp -p /etc/group{,.prev}
            mv /etc/group{.new,}

        . Update the passwd file after creating new accounts.  Make root uid 0 with /home/root.
            mkpasswd -l | awk -F: 'BEGIN{ OFS=":" } \
191
192
193
194
               { if ($1=="root") $3="0"; \
                 else if ($1=="sshd") $NF="/bin/false"; \
                      else sub("/home/", "/users/"); \
                 print }' > /etc/passwd.new
195
196
197
            diff /etc/passwd{,.new}
            cp -p /etc/passwd{,.prev}
            cp -p /etc/passwd{.new,}
198
            chown root /etc/{passwd,group}*
199

Russ Fish's avatar
Russ Fish committed
200
201
            ### Note: the root UID changed from 1003 to 0.  ###
            ### Restart your Bash shell to get the new one before going on!  ###
202

Russ Fish's avatar
Russ Fish committed
203
204
205
206
207
208
209
210
211
212
        . Set up the syslog daemon.  (See usr/share/doc/Cygwin/inetutils-1.3.2.README)
            # Make sure /etc isn't owned by SYSTEM, which will prevent making syslogd.conf .
            chown root /etc
            syslogd-config -y
            # Start the daemon.  It starts automatically at reboot.
            net start syslogd
              # Test.
              logger "Test syslogd."
              tail /var/log/messages

213
        . Set up sshd.  
214
          - Edit /bin/ssh-host-config to add a -i argument to the "cygrunsrv -I sshd" lines.
215
                grep cygrunsrv /bin/ssh-host-config | grep -e -I
216
217
218
219
220
              ed /bin/ssh-host-config
              /cygrunsrv -I sshd/s//& -i/p
              /cygrunsrv -I sshd/s//& -i/p
              w
              q
221
          - Then stop sshd and remove its entry (if previously installed), run ssh-host-config:
222
            (You must be logged in as root over RDP, not ssh when you do this!)
Russ Fish's avatar
Russ Fish committed
223
224
225
                cygrunsrv -VQ sshd
              cygrunsrv -E sshd
              cygrunsrv -R sshd
226
227

              # May need to do some unmounts before running ssh-host-config.
228
              # (It does a mount, and there's a hard-wired limit of 31 mount table entries.)
229
230
231
232
              mount | wc -l
                ## mount: /ssh-host-config.3048: Too many mount entries
                for s in /users/s*; do umount $s; done

Russ Fish's avatar
Russ Fish committed
233
              # Should be NO ssh processes running, not even ssh-agent!
234
235
              ps -Welf | grep ssh

236
237
238
              # Make sure /etc is writable by root.
                v -d /etc
              chown root /etc
239

240
              ssh-host-config -y -c "ntsec tty"
241
242
243
              # or run ssh-host-config without args and answer the following interactive questions:
              # Select privilege separation = yes, sshd user = yes, install as service = yes, 
              # CYGWIN=ntsec tty
244

245
                v /etc/ssh*_config
246
247
248
              chown SYSTEM /etc/ssh*_config
              chmod 644 /etc/ssh*_config

249
250
251
252
          - Check for -i flag: look for Interactive = 0x00000001 (1)
              regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/sshd/Parameters

          - Edit /etc/sshd_config
253
            . Add AuthorizedKeysFile paths under /sshkeys/%u .
254
255
256
                  grep AuthorizedKeysFile /etc/sshd_config
                # Make it writable to edit, then change it back.
                chmod g+w /etc/sshd_config
Russ Fish's avatar
Tweaks.    
Russ Fish committed
257
                ed /etc/sshd_config
258
259
/AuthorizedKeysFile
a
260
AuthorizedKeysFile /sshkeys/%u/authorized_keys
261
AuthorizedKeysFile2 /sshkeys/%u/authorized_keys2
262
263
264
.
w
q
265
                chmod g-w /etc/sshd_config
266
267
                # Get a running sshd to read the config file with SIGHUP.
                kill -HUP `cat /var/run/sshd.pid`
268

269
            . LogLevel defaults to INFO, can be set to VERBOSE, DEBUG1, etc.
Russ Fish's avatar
Russ Fish committed
270
271
272
              With the syslogd service running, debug events are logged to /var/log/messages .
              [Otherwise, they show up under Event Viewer / Application / sshd,
               with one line per event (ugh.)  Refresh to see new events with F5.]
273
              ## sshd service debugging.
274
275
276
                ls -l /etc/sshd_config
                # Check.
                grep LogLevel /etc/sshd_config
277
                # Make it writable to edit, then change it back.
278
                chmod g+w /etc/sshd_config
279
280
                ed /etc/sshd_config
/#LogLevel/a
281
LogLevel DEBUG2
282
283
284
.
w
q
285
286
287
288
                chmod g-w /etc/sshd_config
                # Get a running sshd to read the config file with SIGHUP.
                kill -HUP `cat /var/run/sshd.pid`

289
290
          - Check /var/empty to avoid this error:
              /var/empty must be owned by root and not group or world-writable.
Russ Fish's avatar
Russ Fish committed
291
            # Actually, it must be owned by SYSTEM.
292
293
294
295
              v -d /var/empty
            chown SYSTEM /var/empty
            chmod go-w /var/empty

296
          - You can avoid patching and rebuilding sshd.exe if there's one saved.
Russ Fish's avatar
Russ Fish committed
297
298
299
300
              # Currently 4.1p1-2 .
              cygcheck.exe -c openssh
              # Either explore to \\fs\share, giving *your* login name and Windows password,
              # or use the "net use" command to provide it.  Then UNC paths work.
301
              v //fs/share/windows/sshd.exe
Russ Fish's avatar
Russ Fish committed
302
303
              v /usr/sbin/sshd.exe

304
305
306
              mv /usr/sbin/sshd.exe{,.orig}
              cp -p //fs/share/windows/sshd.exe /usr/sbin/sshd.exe

307
308
          - Start sshd.
              cygrunsrv -S sshd
309
              tail /var/log/messages
310
311

          - Set up for root ssh access from Boss.
Russ Fish's avatar
Russ Fish committed
312
                v -d /home/root
313
314
315
              chown root.wheel /home/root
              chmod 755 /home/root
              passwd root
316
317
daFluxGroup
daFluxGroup
318
319
320
              mkdir ~root/.ssh
              chown root.wheel ~root/.ssh
              # [On boss.]
321
              set pc=201
322
              set ssh_args='-o "StrictHostKeyChecking no" -o "UserKnownHostsFile /dev/null"'
323
324
              # This password isn't used for anything else, and doesn't need to be
              # very secure because all users are in the Administrators group on the node.
325
              eval sudo ssh "$ssh_args" root@pc$pc id
326
daFluxGroup
327
              eval sudo scp "$ssh_args" ~root/.ssh/{id_dsa,identity}.pub root@pc$pc":".ssh
328
daFluxGroup
329
              eval sudo ssh "$ssh_args" root@pc$pc
330
daFluxGroup
331
332
333
334
335
336
337
338
339
340
341
342
                # [On the target.]
                id
                cd ~root/.ssh
                cat {id_dsa,identity}.pub > authorized_keys
                chmod 644 *
                ls -ld /home /home/root /home/root/.ssh /home/root/.ssh/auth*
                mkdir -p /sshkeys/root
                v -d /sshkeys
                chmod 777 /sshkeys
                chmod 700 /sshkeys/root
                cp -p /home/root/.ssh/authorized_keys /sshkeys/root
                ls -lR /sshkeys/root
343
344
              exit

345
346
347
348
              # [Check back on Boss.]
              eval sudo ssh "$ssh_args" pc$pc id
              # The following will likely complain due to nonstandard host keys.
              rootpc $pc id
349
350
351
352

          - Install the standard host keys, dated Jun 21  2001.
            ls -l /etc/ssh*
            # [On boss.]
353
354
              set pc=201
              set ssh_args='-o "StrictHostKeyChecking no" -o "UserKnownHostsFile /dev/null"'
355
            eval sudo scp -rp "$ssh_args" /proj/testbed/fish/elab-host-keys root@pc$pc":"
356
357
            # Get the standard ssl certificates while we're at it.
            eval sudo scp -rp "$ssh_args" /proj/testbed/fish/elab-ssl-certs root@pc$pc":"
358
359

            eval sudo ssh "$ssh_args" root@pc$pc
360
            # [As root on the target.]
361
362
363
364
365
366
367
368
369
370
371
372
373
374
              ls -l ~/elab-host-keys
              ls -l /etc/ssh*key*
              ls -l /etc/orig-ssh-keys

              mkdir /etc/orig-ssh-keys
              chown root /etc/ssh*key*
              cp -p /etc/ssh*key* /etc/orig-ssh-keys
              chown SYSTEM /etc/orig-ssh-keys/*
              ls -l /etc/orig-ssh-keys

              cp -p ~/elab-host-keys/* /etc
              chown SYSTEM /etc/ssh*key*
              ls -l /etc/ssh*key*

375
              mkdir /etc/emulab
376
377
378
              ls -l ~/elab-ssl-certs/* /etc/emulab/*.pem
              cp -p ~/elab-ssl-certs/* /etc/emulab

379
            # The following should no longer complain due to nonstandard host keys.
380
            # [On Boss.] 
381
            rootpc $pc id
382
383

      - Install tools: WinZip and Emacs.
384
385
386
387
388
            # [On boss:]
            sudo scp -rp /share/windows/emacs-21.3-fullbin-i386.tar.gz root@pc$pc":"/tmp
            sudo scp -rp /share/windows/winzip90.exe root@pc$pc":"/tmp

            # Log in as root via RDP.
389
390
            rootrd $pc
            # [On the node, as root.]
391
            # Graphical installer.  Start with WinZip Classic, custom setup, no desktop icon.
392
393
394
395
396
            /tmp/winzip90.exe

            cd C:
            # Don't worry about a plethora of "Cannot change ownership" warnings.
            tar xfz /tmp/emacs-21.3-fullbin-i386.tar.gz
397
            # Graphical; click OK to set up the registry, start menu, etc.
398
            C:/emacs-21.3/bin/addpm.exe
Russ Fish's avatar
Russ Fish committed
399

400
            # Then copy the Emacs shortcut to the All Users/Desktop folder.
401
402
403
404
            allusers=/cygdrive/c/Documents\ and\ Settings/All\ Users
            chown root "$allusers"/Desktop
            cp "$allusers"/{Start\ Menu/Programs/Gnu\ Emacs,Desktop}/Emacs.lnk
            chown SYSTEM "$allusers"/Desktop
405
406
407
408

            # Make "emacs" be the NTEmacs runemacs starter, with "emacs-exe" for a compiler.
            ln -s /cygdrive/c/emacs-21.3/bin/runemacs.exe /usr/local/bin/emacs
            ln -s /cygdrive/c/emacs-21.3/bin/emacs.exe /usr/local/bin/emacs-exe
409
410

      - Get other stuff that "make client" depends on.
411

412
413
414
415
416
417
418
419
420
421
422
423
424
425
                ## Collect the include files for mysql and the Boost Graph Library.
                cd /usr/local/include
                tar cfz /share/windows/mysql-include.tgz mysql
                tar cfz /share/windows/boost-include.tgz boost
            # [On Boss.]
            sudo scp -rp /share/windows/{mysql,boost}-include.tgz root@pc$pc":"/tmp
            sudo scp -rp /share/windows/{WSName,addusers,usrtogrp,setx}.exe root@pc$pc":"/tmp
            # [On the target.]
            mkdir /usr/local/include
            cd /usr/local/include
            tar xfz /tmp/mysql-include.tgz
            tar xfz /tmp/boost-include.tgz

            # Build Elvin libs with GCC for testbed client programs.  
426
            # [On Boss.]
427
            sudo scp -p /usr/testbed/www/distributions/*elvin*-4.0.3.tar.gz root@pc$pc":"/tmp
428
            # [On the node.]
429
430
431
432
433
434
435
436
437
            # Need a path without embedded spaces for the make actions to work.
            mkdir C:/elvin
            cd C:/elvin
            # Don't worry about a plethora of "Cannot change ownership" warnings.
            tar xfz /tmp/libelvin-4.0.3.tar.gz
            tar xfz /tmp/elvind-4.0.3.tar.gz

            cd C:/elvin/libelvin-4.0.3
              # configure: error: Elvin requires that doubles be IEEE 754 compliant
438
439
440
441
442
443
444
445
              # Edit configure, line 3547, add exit(0); to patch around it.
              ed configure
3546p
a
exit(0);
.
w
q
446
            ./configure >& configure.trace 
Russ Fish's avatar
Russ Fish committed
447
448
            # Ends with "creating src/include/elvin/config.h"
            tail configure.trace
449

Russ Fish's avatar
Russ Fish committed
450
451
            # Comment this out in c:/elvin/libelvin-4.0.3/src/lib/i18n.c :
                      #elif defined(HAVE_WINBASE_H)
452
                              FreeLibrary(cat);
453
454
455
456
457
458
            ed c:/elvin/libelvin-4.0.3/src/lib/i18n.c
            /HAVE_WINBASE/p
            .,.+1s|^|//|p
            w
            q

459
            make >& make.log1
Russ Fish's avatar
Russ Fish committed
460
            tail make.log1
461
            make install >& install.log1
Russ Fish's avatar
Russ Fish committed
462
            tail install.log1
463
464
              make clean

Russ Fish's avatar
Russ Fish committed
465
# [ SKIP
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
            # Build Elvin for Windows on Coke, and tar it up for later installation.
            scp -p bos:"/usr/testbed/www/distributions/*elvin*-4.0.3.tar.gz" /tmp
            mkdir C:/elvin
            cd C:/elvin
            tar xfz /tmp/libelvin-4.0.3.tar.gz
            tar xfz /tmp/elvind-4.0.3.tar.gz
            # Rename lib dir for makefiles in elvind.
            mv libelvin-4.0.3 elvin4

            cd C:/elvin/elvin4
            nmake /k /f Makefile.win >& lib-make.winlog1
            mkdir -p C:/Program\ Files/elvin4/{bin,lib,doc}
            cp -p win32/bin/*.exe C:/Program\ Files/elvin4/bin
            cp -p win32/lib/{,*/}*.{dll,lib} C:/Program\ Files/elvin4/lib
            mkdir C:/Program\ Files/elvin4/include
            cp -p src/include/elvin/*.h C:/Program\ Files/elvin4/include

            cd C:/elvin/elvind-4.0.3        
            nmake /k /f Makefile.win >& program-make.winlog1
            cp -p *.exe *.pem C:/Program\ Files/elvin4/bin
            cp -p [A-Z][A-Z]* C:/Program\ Files/elvin4/doc
              scp -p ../*/*.winlog* ops:/proj/testbed/fish/elvin
            scp -p ops:/proj/testbed/fish/elvin-config /cygdrive/c/Program\ Files/elvin4/bin

            # Install dll's in the system so the server can be run.
            v C:/Program\ Files/elvin4/lib
            chmod -R g-w C:/Program\ Files/elvin4
            chmod a+x C:/Program\ Files/elvin4/lib/*
            cp -p C:/Program\ Files/elvin4/lib/* $nts

            elvin="C:/Program Files/elvin4/bin/elvinsvc.exe"
              v "$elvin"
            "$elvin" --help
            # Application Error - The application failed to initialize properly (0xc0000022).

            tar cfz /tmp/elvin4-windows.tar.gz -C /cygdrive/c Program\ Files/elvin4
            scp -p /tmp/elvin4-windows.tar.gz ops:/share/windows
Russ Fish's avatar
Russ Fish committed
503
# SKIP ]
504
505
506
507
508
509
510
511
512
513

            # Install the Windows Elvin, built on Coke above.
            # [On Boss.]
            sudo scp -p /share/windows/elvin4-windows.tar.gz root@pc$pc":"/tmp
            sudo scp -p /share/windows/elvind.conf.windows root@pc$pc":"/tmp/elvind.conf

            # [On the experiment node as root (Bash shell):]
            rootpc $pc
              cd C:
                ls -ld Program\ Files/elvin*
514
              # Don't worry about a plethora of "Cannot change ownership" warnings.
515
516
517
518
519
520
521
522
523
524
              tar xvfz /tmp/elvin4-windows.tar.gz
              chown -R root Program\ Files/elvin4
              cp -p C:/Program\ Files/elvin4/lib/* C:/WINDOWS/system32
              cp -p C:/Program\ Files/elvin4/lib/* /usr/local/lib
                diff /usr/local/etc/elvind_ssl.pem C:/Program\ Files/elvin4/bin/elvind_ssl.pem
              cp -p C:/Program\ Files/elvin4/bin/elvind_ssl.pem /usr/local/etc/elvind_ssl.pem

              elvind="C:/Program Files/elvin4"
              elvin="$elvind/bin/elvinsvc.exe"
                ls -l "$elvind/bin"
525
526
              chmod -R g-w "$elvind"
                ## Graphical help message.
527
528
529
530
531
532
533
                "$elvin" --help &
              # Install as a service.
              "$elvin" -r
              # Install a config file and set the path for the server.
                diff /usr/local/etc/elvind.conf /tmp/elvind.conf
              cp /tmp/elvind.conf /usr/local/etc/elvind.conf
                ls -l /usr/local/etc/elvind.conf
534
              # Do once to register the config file.
535
536
              "$elvin" -c `cygpath -w /usr/local/etc/elvind.conf`
                  ## Testing: start elvinsvc from the Services Manager now.
537
                  net start elvinsvc.exe
538
              # Make elvinsvc automatic in services manager, or use these commands:
539
                regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/elvinsvc.exe
540
541
542
              # (4 is Disabled, 3 is Manual, 2 is Automatic, 1 is only used for System services.)
              regtool -v set /HKLM/SYSTEM/CurrentControlSet/Services/elvinsvc.exe/Start 2

Russ Fish's avatar
Russ Fish committed
543
# [ SKIP
544
545
546
547
548
              ## Use any Windows experiment with a Program object in it for testing.
              pid=testbed eid=Windows-1
                pid=testbed eid=Windows-1b
                pid=testbed eid=Windows-1c
              $BINDIR/evproxy -s event-server -e $pid/$eid
549
550
              
              ## program-agent debugging.
551
552
553
554
555
556
557
558
559
560
561
562
                ps -Welf | grep program-agent
                $rc/rc.progagent shutdown
              $rc/rc.progagent boot
                ## Debugging.
                tail $LOGDIR/progagent.debug
                program-agent -d -e $pid/$eid -s localhost -c /var/emulab/boot/progagents
                # [On ops.]
                tevc -e testbed/Windows-1c now prog0 start \
                    COMMAND="bash -c 'date; hostname' > /tmp/host.txt"
                # [On the node.]
                tail /tmp/host.txt
                cat /local/logs/prog0.status
563
              
564
565
566
567
                ## C:\cygwin\bin\tcsh.exe (2504): *** couldn't create window, Win32 error 5
                ## See http://comments.gmane.org/gmane.os.cygwin.patches/2559
                ## This is at cygwin-1.5.17-1-winsup/cygwin/window.cc:wininfo::winthread():96
                ## Try starting rc.progagent as a separate service with -i for a desktop.
568
                
569
570
                  ## Started up and stopped immediately.  Needs something else in rc.bootsetup.
                  --dep elvinsvc.exe \
571
                
572
573
574
                  ## Depend on EmulabStartup (rc.bootsetup), which depends on the elvin service,
                  ## and also starts evproxy.  But it stops rather than staying running...
                  --dep EmulabStartup \
575
                
576
577
578
579
                ## Make it manual, and explicitly start it after rc.bootsetup in EmulabStartup.
                ## Works, but stays in "starting" state, err in bootsetup.log:
                ##  cygrunsrv: Error starting a service: QueryServiceStatus:  Win32 error 1053:
                ##  The service did not respond to the start or control request in a timely fashion.
Russ Fish's avatar
Russ Fish committed
580
# SKIP ]
581
582

              # For setuid() to work, Root must have these rights: Create a token object; Replace a
583
584
585
586
587
588
589
590
              # process level token; and Increase Quota rights.
              # http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-switch,
              # http://msdn.microsoft.com/library/en-us/secauthz/security/authorization_constants.asp
              editrights -u root -l
              editrights -u root -a SeCreateTokenPrivilege -l
              editrights -u root -a SeAssignPrimaryTokenPrivilege -l
              editrights -u root -a SeIncreaseQuotaPrivilege -l

Russ Fish's avatar
Russ Fish committed
591
              # Set up to run the program-agent service.
592
                cygrunsrv -R ProgAgent
593
              progagent=/usr/local/etc/emulab/rc/rc.progagent
594
              cygrunsrv -I ProgAgent -d "Emulab Program Agent" -i -p /cygdrive/c/cygwin/bin/bash \
595
                  --type manual \
596
                  -a "--norc --noprofile -c '$progagent >& /var/log/program-agent.log'"
597
                regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/ProgAgent/Parameters
598
                cygrunsrv -VQ ProgAgent
Russ Fish's avatar
Russ Fish committed
599
600
601
602
                  ## This won't work until you build the Emulab programs, including program-agent, below.
                  cygrunsrv -S ProgAgent
                  cygrunsrv -E ProgAgent
                # Log files.
603
604
605
606
                  tail /var/log/{program-agent,ProgAgent}.log
                touch /var/log/{program-agent,ProgAgent}.log
                chmod 777 /var/log/{program-agent,ProgAgent}.log

Russ Fish's avatar
Russ Fish committed
607
# [ SKIP
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
                # Little problem: "Must be root to run this script!"
                # Add this: 
                  # This runs as a separate Local System service on XP.  Change to root.
                  if (WINDOWS()) { $EUID = $UID = 0; }

                # Testing on ops.
                tevc -e testbed/bsd-1 now prog0 start
                tevc -e testbed/bsd-1 now prog0 start COMMAND='hostname >>& /users/fish/test.out'

                tevc -e testbed/Windows-1 now prog0 start COMMAND='hostname>>&/users/fish/test.out'
                  v /users/fish/test.out
                  tail /users/fish/test.out
                tevc -e testbed/Windows-1 now prog0 run COMMAND='touch /tmp/foo'
                tevc -e testbed/Windows-1 now prog0 run COMMAND='id'
                tevc -e testbed/Windows-1 now prog0 run COMMAND='ls -l /users/fish'
                tevc -e testbed/Windows-1 now prog0 run COMMAND='ls -l /proj/testbed/fish'

                # [On the node.]
                cat /local/logs/prog0.status
                cat /local/logs/prog0.err
                cat /local/logs/prog0.out
Russ Fish's avatar
Russ Fish committed
629
# SKIP ]
630
631
632

      - Get the testbed client code via CVS, build, and install it.
            rootpc $pc
633
            # [As root, on the node.]
634
635
636
637
            login_name=fish ws_name=kzin domain=flux.utah.edu
            ws_login=$login_name@$ws_name.$domain
            cvs_login=$login_name@cvs.$domain

638
639
640
641
642
643
644
            # Start an agent and go to your workstation to get your ssh keys for the cvs server.
            eval `ssh-agent -s`
              ssh-add -l
            ssh -A $ws_login
              ssh-add -l
            kdsa
            exit
645
646
647

            ssh $cvs_login id
              ssh -v $cvs_login id
Russ Fish's avatar
Russ Fish committed
648
            export CVSROOT=$cvs_login:/usr/flux/CVS CVS_RSH=ssh
649
650
651

              mkdir ~/flux
            cd ~/flux
652
653
              # First time only
              mkdir CVS; touch CVS/Entries; echo . > CVS/Repository
654
            # Any time the testbed tree needs to be re-created.  (Takes a while.)
655
            cvs -Q co testbed
656
657
658
              # Updates After that.
              cat CVS/Entries
                cvs -n -q update testbed
659
              cvs -q update -d testbed
660

Russ Fish's avatar
Russ Fish committed
661
            # Install some dotfiles for Root.
662
663
664
            cp -p testbed/tmcd/cygwinxp/cygwin.root.bashrc ~root/.bashrc
            cp -p testbed/tmcd/cygwinxp/cygwin.root.bash_profile ~root/.bash_profile
            cp -p testbed/tmcd/cygwinxp/cygwin.root.emacs ~root/.emacs
665
            # No HOME envar is set for root's desktop, so Emacs defaults it to C:/ .
666
667
            cp -p ~root/.emacs C:/.emacs

Russ Fish's avatar
Russ Fish committed
668
            # Install site-lisp files for Emacs.
669
670
              v -t testbed/tmcd/cygwinxp/site-lisp
              v -t c:/emacs-21.3/site-lisp
671
672
673
674
675
676
            cp -rp testbed/tmcd/cygwinxp/site-lisp/* c:/emacs-21.3/site-lisp
            ls -l c:/emacs-21.3/site-lisp

            # Need a resolv.conf before tmcc will work.
              cat /etc/resolv.conf
            cp -p ~/flux/testbed/tmcd/cygwinxp/resolv.conf /etc/resolv.conf
677
678

            # The Elvin and program-agent man pages get installed in man8.
679
680
            mkdir /usr/local/man/man8
              
681
            # Get the downloaded binary programs into the source tree for install.
682
683
684
685
686
687
              ls -l ~/flux/testbed/tmcd/cygwinxp/*.exe
            # [On boss:]
            sudo scp -rp /share/windows/{WSName,addusers,usrtogrp,setx}.exe root@pc$pc":"/tmp
            # [Back on the client:]
            cp -p /tmp/{WSName,addusers,usrtogrp,setx}.exe ~/flux/testbed/tmcd/cygwinxp

688
            # Finally ready to do the Emulab makes!
689
690
            mkdir ~/flux/obj-real
            cd ~/flux/obj-real
691
692

            # Configure takes a while...
693
694
695
              v configure.trace*
              mv configure.trace{,.1}
            ../testbed/configure --enable-windows --enable-windowsclient >& configure.trace
Russ Fish's avatar
Russ Fish committed
696
697
698
            # Should end with "creating config.h".
            tail configure.trace
              tail -f configure.trace
699
700
701

            # The first make fails with "Cannot change ownership" warnings unpacking tg2.0 .
            make client-install >& make.log1
Russ Fish's avatar
Russ Fish committed
702
            tail make.log1
703
704
705
706
707
708
709
            # No worries.  Patch it explicitly, since the patch action gets skipped.
            (cd ~/flux/testbed/event/trafgen; patch -p0 < tg.patch)

            # If this is an update, evproxy is run by rc.bootsetup and nothing stops it.
            # The install of evproxy in the make will fail unless we stop it first.
            ps -Welf | grep evproxy
              kill `ps -Welf | grep evproxy | awk '{print $2}'`
710
711
712
713
            # Ditto emulab-syncd and slothd.
            $rc/rc.syncserver shutdown
            $rc/rc.slothd stop

714
            make client-install >& make.log2
Russ Fish's avatar
Russ Fish committed
715
716
            tail make.log2
              tail -f make.log2
717
718

                # Only needed if there are problems...
719
                  v -t make.log*
720
                make client-install >& make.log3
721
722
                make client-install >& make.log4
                make client-install >& make.log5
723
724
725
726
                make client-install >& make.log6
                make client-install >& make.log7
                make client-install >& make.log8
                make client-install >& make.log9
727
728

      . Patch the /etc/profile file to use /home dirs if the /users mounts are down.
729
        ## Note their comment:
730
731
732
733
734
        # IF THIS FILE IS MODIFIED IT WILL NOT BE UPDATED BY THE CYGWIN
        # SETUP PROGRAM.  IT BECOMES YOUR RESPONSIBILITY.
        #
        # The latest version as installed by the Cygwin Setup program can
        # always be found at /etc/defaults/etc/profile
Russ Fish's avatar
Russ Fish committed
735
            # If you need to check in a new version back in CVS land...
736
            (cd ~/flux; cvs update testbed/tmcd/cygwinxp/profile)
737
          diff /etc/defaults/etc/profile ~/flux/testbed/tmcd/cygwinxp
738
739
740
            # If the diffs are right, just copy the Emulab one.
            cp ~/flux/testbed/tmcd/cygwinxp/profile /etc
          # Otherwise, edit the file.
741
742
            diff /etc/defaults/etc/profile /etc/profile
            cp /etc/defaults/etc/profile /etc
743
744
745
746
747
748
749
750
751
752
753
754
          ed /etc/profile
  /^# If the home directory doesn't exist, create it./,/^if \[ ! -d "\${HOME}" \]; then/p
/^# If the home directory doesn't exist, create it./,/^if \[ ! -d "\${HOME}" \]; then/c
### Use a local dir under sshd if the mount failed.
if [ ! -d "$HOME" ]; then
        HOME=/home/$USER
fi
# If the home directory doesn't exist, create it.
if [ ]; then
###if [ ! -d "${HOME}" ]; then
.
  .-10,.+5p
755
756
  w
  q
757

758
759
760
761
      . Need an NTP client, or at least the semblence of one.
            cat /etc/ntp.drift
          echo 0.000 > /etc/ntp.drift

762
      . Set up the tbshutdown script to run as a service, to get a shutdown signal.
763
764
            editrights -u root -l
          editrights -u root -a SeServiceLogonRight -l
Russ Fish's avatar
Russ Fish committed
765
          # Don't forget to set the root password to the following, if you haven't done it yet.
766
          rootpwd='daFluxGroup'
767
          # EmulabShutdown is started manually later on from rc.cygwinxp .
768
          echo "$rootpwd"
769
770
771
772
            cygrunsrv -R EmulabShutdown
          cygrunsrv -I EmulabShutdown -u root -w "$rootpwd" -p /cygdrive/c/cygwin/bin/bash \
              --shutdown --type manual \
              -a "--norc --noprofile -c '/usr/local/etc/emulab/tbshutdown'"
773
          cygrunsrv -VQ EmulabShutdown
774

775
          # If you see the following, try running rc.accounts or rc.bootsetup below to 
776
          # clear it up.  Haven't figured this out yet...
777
778
779
          ##cygrunsrv: Error installing a service: CreateService:  Win32 error 1057:
          ##The account name is invalid or does not exist, or the password is invalid 
          ##for the account name specified.
780

Russ Fish's avatar
Russ Fish committed
781
          # Log files
782
783
784
          touch /var/log/EmulabShutdown.log
          chmod 666 /var/log/EmulabShutdown.log
          regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/EmulabShutdown/Parameters
785
            # Manual start-up for testing.
786
            cygrunsrv -S EmulabShutdown
787
788

      . See if rc.bootsetup works.
Russ Fish's avatar
Russ Fish committed
789
790
791
792
          # Don't allow the sshd shell a shell login login in rc.accounts.
            grep '\^sshd:' /var/emulab/boot/usershells
          echo '/^sshd:/s|/bin/bash$|/bin/false|' >> /var/emulab/boot/usershells

793
794
795
          ##Running os dependent initialization script rc.cygwin
          ##chmod: cannot access `/var/log/EmulabStartup.log': No such file or directory
          ##chmod: cannot access `/etc/emulab/iscygwin': No such file or directory
796
797
          touch /var/log/EmulabStartup.log
          chmod 666 /var/log/EmulabStartup.log
Russ Fish's avatar
Russ Fish committed
798
799
800
801
802
803
804

          # May need to make /sshkeys, if it hasn't been done above.
          v -d /sshkeys
            mkdir /sshkeys
            chmod 777 /sshkeys

              ## May need to read .bashrc installed above if you haven't set up the path yet.
805
              . ~/.bashrc
806
            tmcc nodeid
807
              ## If you have problems, you may be missing /etc/resolv.conf .
808
809
810
811
              tmcc -d nodeid
                    nodeid 
                    /usr/local/etc/emulab/tmcc.bin  -d nodeid 
                    Connection to TMCD refused. Waiting ...
Russ Fish's avatar
Russ Fish committed
812
813
            ## You can test rc.cygwin separately.  It should reboot, the first time, 
            ## when it changes the node ID.
814
            $rc/rc.cygwin
815

Russ Fish's avatar
Russ Fish committed
816
817
818
            ## You can try the boot-time script to see that all is well.
            ## If you run this, and the node name hasn't been changed yet, it will reboot.
            $rc/rc.bootsetup
819

820
821
      . Set up the boot script to run as a service.

822
          # Start up after DHCP and Elvin, run ProgAgent afterwards.
823
824
              cygrunsrv -R EmulabStartup 
          rootpwd='daFluxGroup'
825
826
827
828
829
830
831
832
          cygwinrc=/usr/local/etc/emulab/rc/rc.cygwin
          bootsetup=/usr/local/etc/emulab/rc/rc.bootsetup
          progagent="cygrunsrv -S ProgAgent"
          bootlog=/var/log/bootsetup.log
          cygrunsrv -I EmulabStartup -u root -w $rootpwd --dep DHCP --dep elvinsvc.exe \
            -p /cygdrive/c/cygwin/bin/bash \
            -a "--norc --noprofile -c '( $cygwinrc; $bootsetup; $progagent ) >& $bootlog'"
          cygrunsrv -VQ EmulabStartup 
833

Russ Fish's avatar
Russ Fish committed
834
            ## If you run this, and the node name hasn't been changed yet, it will reboot.
835
836
837
838
839
840
841
842
843
844
845
846
            cygrunsrv -S EmulabStartup 
            cygrunsrv --help
          regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/EmulabStartup/Parameters
          sc query EmulabStartup

      . Make a $HOME envar for everybody, so Emacs works on startup from the desktop.
        - Set a user environment variable: HOME = /users/%USERNAME%
        - Stored in HKCU/Environment, which is HKU/*/Environment based on the user SIDs.
        - The user registry key (folder) is created at first login, doesn't exist before that.
          Run setx after that at login time to set the HOME environment variable value.
                # Check.
                regtool get /HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Run/SetHOME
847
          # Use a literal Windows command rather than a script.
848
849
          regtool -s set /HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Run/SetHOME \
            'cmd /C "if not %USERNAME% == root if not %USERNAME% == Administrator setx HOME //fs/%USERNAME%"'
850
851
852
                # Undo.
                regtool unset /HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Run/SetHOME
          # Check that setx.exe is in system32.
853
854
          v C:/WINDOWS/system32/setx.exe

Russ Fish's avatar
Russ Fish committed
855
# [ SKIP if patched sshd.exe installed above.
856
      . Patch sshd so that shares (including /users homedirs) work with public-key logins.
Russ Fish's avatar
Russ Fish committed
857
        Also touches a file when client input is received, so slothd will know.
858
859

        - RDP into a node as root and shut down all ssh processes before update.
860
          (Otherwise, installation of an openssh update can hang mysteriously.)
861
862
863
            net stop sshd
            ps -Welf | grep ssh

864
865
866
867
868
869
870
        - Go through Cygwin setup and make sure everything is updated.  
              cygcheck -c openssh
              /cygdrive/c/software/cygwin/setup.exe &
              cygcheck -c openssh
          . View "Partial" will show what it wants to download and install.
          . Also select src for openssh, which goes under /usr/src .
          . When base dll's are updated, it will tell you to reboot.  Do it.
871

872
        - Install the source patches.  (Go get CVSROOT and agent keys set above first.)
873
874
875
            (cd ~/flux; cvs update testbed/tmcd/cygwinxp)
              (cd ~/flux; cvs co testbed/tmcd/cygwinxp)
          cd /usr/src/openssh*
876
            v -t *.[ch] | head -30
Russ Fish's avatar
Russ Fish committed
877
878

          # Enable no-password ssh logins which can access shared homedirs.
879
880
881
          cp -p uidswap.c{,.orig}
            patch -p1 --dry-run < ~/flux/testbed/tmcd/cygwinxp/uidswap.c.patch
          patch -p1 -b < ~/flux/testbed/tmcd/cygwinxp/uidswap.c.patch
882
            diff uidswap.c{.orig,}
883

Russ Fish's avatar
Russ Fish committed
884
          # Enable slothd to know of the last SSH client input time.
885
886
          for f in channels.{h,c} serverloop.c; do cp -p $f{,.orig}; done
            v *.orig
Russ Fish's avatar
Russ Fish committed
887
888
889
            patch -p1 --dry-run < ~/flux/testbed/tmcd/cygwinxp/sshd-client-input-time.patch
          patch -p1 -b < ~/flux/testbed/tmcd/cygwinxp/sshd-client-input-time.patch

890
891
892
893
894
895
896
897
898
899
900
        - Configure.  Takes a while.
            # These are the options that contrib/cygwin/README specifies:
            prefix=/usr sbindir=/usr/sbin datadir=$prefix/share
            ./configure > configure.trace 2>&1 \
                --prefix=/usr \
                --sysconfdir=/etc \
                --libexecdir=${sbindir} \
                --localstatedir=/var \
                --datadir=${prefix}/share \
                --mandir=${datadir}/man \
                --infodir=${datadir}/info
901
902
              tail configure.trace
                tail -f configure.trace
903
904
905

        - Just make and install sshd.exe, assuming everything else is up-to-date.
            make sshd.exe > make.log.1 2>&1
906
907
              tail make.log.1
                tail -f make.log.1
908
909
910
911
912
913

            # Make sure sshd is closed down while installing.
            ps -Welf | grep sshd
            net stop sshd
            /usr/bin/install -c -m 0755 -s sshd /usr/sbin/sshd.exe
            net start sshd
Russ Fish's avatar
Russ Fish committed
914
# SKIP ]
915

916
      . Make a load average log for slothd, averaged over a 1 minute period.
Russ Fish's avatar
Russ Fish committed
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936

        - /proc/loadavg is hard-wired to "0.00 0.00 0.00" on Cygwin now.

        - All attempts to script this setup to reproduce it on another computer have
          failed so far, including using its own "Save/Restore Settings" and
          transplanting the registry subtree.

       - Click into Computer Management / Performance Logs and Alerts / Counter Logs.
          Right-click "New Log Settings..." in the logs pane, 
            Name: "ldavg", OK.

          General tab, 
            Counters list, "Add Counters...",
              check "Use local computer counters",
              click "Add" to add % total processor (the default),
              click "Close".
            Sample data every: Interval: "60" seconds.

          Log Files tab, 
            Log file type: "Text File (Comma delimited)", 
937
938
939
940
            Uncheck "End file names with" so the result goes into ldavg.csv .
            Configure... 
              Location: "C:\cygwin\var\run",
              Log file size: "Limit of: 1 MB", OK.
Russ Fish's avatar
Russ Fish committed
941
942
943
944

          Schedule tab, 
            Start Log: Click "At" (which defaults to the current time, as well as the future.) 
            Stop Log: Click "When the 1-MB log file is full.",
945
              When a log file closes: "Start a new log file".
Russ Fish's avatar
Russ Fish committed
946

947
          Check all three tabs, click OK.
Russ Fish's avatar
Russ Fish committed
948

949
950
          # ldavg should start out red (stopped) and then turn green (started) if you
          # refresh with F5.  It will start again after reboot.
Russ Fish's avatar
Russ Fish committed
951
952
          # You can turn it off and on with the right-click menu on "ldavg" in the logs pane.  
            tail -f /var/run/ldavg.csv
953
954
          # The first one is always 99.999, etc.

Russ Fish's avatar
Russ Fish committed
955
956
      . Reboot to make sure it all works right.  Note that prepare clears out the source
        trees, so don't do it until you've booted once and know that everything else works.
957
958
          prepare
          /sbin/reboot
Russ Fish's avatar
Russ Fish committed
959

960

961
962
963
================================================================
Making images

964
965
966
967
968
969
970
971
972
973
974
975
976
977
    . Windows Update
      - This might be needed after each Microsoft "Patch Tuesday" (second tues of the month.)
      - Start up Internet Explorer and go to:
        . http://update.microsoft.com
           - The first time, just installs/updates the updater and asks to reboot.
           - I just choose the EXPRESS update, installing all high-priority updates.
           - Don't turn on Automatic Updates.

           - After rebooting, check again if there's more to install.

             To install SP2, you must have access to a console screen, because the
             Windows Firewall defaults to block both SSH and RDP.  Disable it.

             . You may need to free disk space to install SP2, or allocate a partition.
Russ Fish's avatar
Russ Fish committed
978
979
                   du -sm C:/WINDOWS/ServicePackFiles/i386
                 rm -rf C:/WINDOWS/ServicePackFiles/i386
980
981
982
983
984
985
                   du -sm C:/WINDOWS/SoftwareDistribution/Download
                 rm -rf C:/WINDOWS/SoftwareDistribution/Download/*

      - Could be a good time to update Cygwin as well.  
        . Beware of stepping on the sshd.exe patches.

986
     . Uninstall the experimental net devices in Computer Management/Device Manager.
987
       (This was from our attempts to make a pc850/pc600 image.  Is it needed?)
988
         # Check which one is the control net interface.
989
990
991
         ipconfig /all
       Select a non-control net interface, hit delete, enter.
       Takes about 15 seconds per interface.
992

993
     . Run prepare to clear out experiment-specific state.
994
995
        rootpc $pc
          # Ignore complaints about all of the C:/Documents and Settings directories
996
          # that were never created because the users didn't log in...
997
          prepare
998

999
          exit
1000

For faster browsing, not all history is shown. View entire blame