xpimage-notes.txt 51.7 KB
Newer Older
1
# Directions for setting up an XP image from scratch.
2 3
# These are raw notes and commands to paste into a shell.
# Mostly Bash shell commands for Windows, some tcsh commands for Boss or Ops.
4 5
# Some (most?) of it could be scriptified with some work. 

6 7
# Notice that this file has spaces instead of tabs at the beginning of lines.
# A tab in either Bash or tcsh causes it to display all of the possible command completions!
8 9 10 11
# Here's a little Emacs keyboard macro to ease the copy-and-paste business:
    ; Copy a command line, leaving off the whitespace on the beginning of the line.
    (fset 'copy-command-line [?\M-m ?\C-  ?\C-e ?\C-f C-insert])
    (global-set-key "\^C\^E" 'copy-command-line)
12

13 14
# By convention, optional "informational" commands are indented a couple of spaces more.
## Debugging and problem-solving stuff is double-# commented.
15 16

alias v 'ls -lsF'               # "Verbose" listing
17 18
setenv en emulab.net
alias rootpc 'sudo ssh pc\!^.$en \!:2*'
19 20
alias rootrd 'rd  -K -g 1280x1024 -u root pc\!^.$en &'

21 22
# In Bash,
alias v='ls -lsF'
23

24
    . Start with a clean XP image, as it comes from the CD.
25

26 27 28 29 30 31 32
      - How to do the Windows XP installation and make a WINXP-BASE image:

        . Swap in a firewalled experiment with a FBSD-STD image.
        . Do "node_admin on" so PXE throws it into the FBSD MFS.
        . Hook up a console, reboot and modify the boot order to boot from the Windows XP CD.

        . Do the Windows installation, adding whatever drivers are needed.
Russ Fish's avatar
Russ Fish committed
33
          - 8 gig is a good size for the XP NTFS partition, of which 4-5 will be user space.
34 35 36 37
            (They can always allocate more later with Disk Manager.)
          - You'll save some work later if you make the first admin user account named "root".

        . Set the usual password for root in Control Panel / User Accounts.
Russ Fish's avatar
Russ Fish committed
38
            It asks whether to make the root files private.  I've been saying "no".
39 40 41 42 43
          - While you're there, click "Change the way users log on or off" and make
            sure "Use Fast User Switching" is turned on.

        . Make sure you turn on Remote Desktop logins under Control Panel / System / Remote (!)

Russ Fish's avatar
Russ Fish committed
44
        . Go into Control Panel / Power Options / Hibernate, and make sure it's disabled.
45 46
          This will give you extra gigs of disk space on C: equal to your RAM size .
          Also set Power Options / Power Schemes to "Always On".
47 48 49 50 51 52

        . Set the workgroup name to EMULAB in Control Panel/System/Computer Name/Change...
          No need to reboot yet if you have more to do.

        . On reboot, restore the boot order so PXE goes back into the FBSD MFS, and make an image.
          (See imagezip commands below.)  
Russ Fish's avatar
Russ Fish committed
53
          Make sure the Operational Mode is MINIMAL in the Image Descriptor, rather than NORMALv2!
54 55

      - Make a firewalled experiment using the WINXP-BASE image above, log in as "root".
56

57 58 59 60 61 62 63 64 65 66
         . The experiment should be behind a firewall, to avoid contamination.

            # Firewall while making Windows images.
            set fw [new Firewall $ns]
            $fw set-type ipfw2-vlan
            $fw set-style basic

            # Allow Cygwin setup and Windows Update to work.
            $fw add-rule "allow tcp from any to any 80,443 in via vlan0 setup keep-state"

67 68
         . Note that it takes a couple of minutes after booting for the RDP service to start,
           so don't worry if you can't log in at first.
69

70 71 72 73 74 75 76 77 78 79 80
      - Set the Windows "w32time" NTP client to connect to the Emulab NTP host.
        Runs as a service, periodically contacts the time server.
          # ntp1 is a DNS alias for Ops.
          # Do this in a Windows CMD shell, since you don't have Cygwin shells yet.
          net time /querysntp
          # Need to restart w32time before it sees the setsntp configuration. (?)
          net stop w32time
          net time /setsntp:ntp1
          net time /querysntp
          net start w32time
          # May take a minute to take effect.
81 82
             
      - Disable the Messenger Service to keep annoying pop-ups away.
83 84 85
            cygrunsrv -VQ  Messenger
          sc config Messenger start= disabled
          sc stop Messenger
86 87

      - Disable the SSDP Discovery Service and Universal Plug and Play Device Host.
88 89 90 91 92 93 94 95 96 97 98 99
        This closes port 5000 to attacks.  Also disable the Remote Registry service.
            cygrunsrv -VQ  SSDPSRV
            cygrunsrv -VQ  upnphost
            cygrunsrv -VQ  RemoteRegistry

          sc config SSDPSRV start= disabled
          sc config upnphost start= disabled
          sc config RemoteRegistry start= disabled

          sc stop SSDPSRV
          sc stop upnphost
          sc stop RemoteRegistry
100

Russ Fish's avatar
Russ Fish committed
101 102 103 104 105 106
      - Go into Control Panel/Administrative Tools (it's under Performance and
        Maintenance in the new Control Panel interface.)

        . Right-click Start/"Explore All Users" and drag a copy of the Computer
          Management shortcut from Administrative Tools into the All Users/Desktop
          folder.
107

Russ Fish's avatar
Russ Fish committed
108 109 110
      - If you haven't already made a "root" account, go into Computer Management/
        System Tools/Local Users and Groups/Users, put it in the Administrators group.
        . Also make it a member of the Users groups.
111 112 113 114 115 116

      - Start IE, make "blank" the home page. Click Tools/Internet Options/Home page/Use Blank.

      - Show My Computer.  (Desktop Properties/Desktop/Customize Desktop...)
        Turn off "Run Desktop Cleanup Wizard every 60 days".

117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133
      - Create C:/Temp, C:/Software/Cygwin
          # [Windows cmd prompt, there's no Cygwin shell yet...]
          mkdir C:\Temp
          mkdir C:\Software\Cygwin

      - Install Cygwin
        . (Try copying /etc/setup/* from an existing image to script the selection work.)
           # There's no scp to copy them with, so use Windows SMB File Sharing to get it
           # from \\fs\share\windows\cygwin-etc-setup.)
             mkdir C:\cygwin
           # Hm.  Still didn't come up with the added packages selected.
           # When C:\Software\Cygwin/http... is copied, it thinks everything is already installed.
           # Removing the /etc/setup/installed.db file seems not to help.
           # Nothing relevant to install in HKLM/SOFTWARE/Cygnus Solutions/Cygwin, either...

        . Download setup from www.cygwin.com/setup.exe to C:/Software/Cygwin.
          Once you have a Cygwin, you can update the setup.exe by:
134 135 136
           # [On ops.]
           set pc=109
           scp /share/windows/cygwin-setup.exe $pc":"/tmp/setup.exe
137 138 139

        . Run Cygwin setup.exe .
            # After Cygwin in installed, ensure that upgrading SSH won't hang.
140
            net stop sshd
141 142 143
            C:/Software/Cygwin/setup.exe &
        . Install dir is C:\cygwin, package dir is C:\Software\Cygwin .
        . Download site mirror is http://mirrors.xmission.com .
144 145
        . Click [View] to "Not Installed" (alphabetical.)  
          Click on the Skip in the "New" column to add a binary version of:
Russ Fish's avatar
Russ Fish committed
146
            agetty, bison, cvs, cygrunsrv, ed, file, flex, gcc, gdb, inetutils, 
Russ Fish's avatar
Russ Fish committed
147
            make, minires-devel, more, nano, openssh (with src), openssl-devel, 
148
            patch, perl, perl-libwin32, python, rpm, rsync, 
Russ Fish's avatar
Russ Fish committed
149
            shutdown, tcsh, vim, wget, zip .
150
          Click in the "src" column for openssh, so patches can be applied.
151
        . At the end, don't "Create an icon on the Desktop", do "Add icon to Start Menu".
152 153 154 155 156 157 158 159

        . Add ;C:\cygwin\bin to the end of the System PATH in 
          Control Panel/System/Advanced/Environment Variables.

        . Start up a Cygwin shell and fix the shell properties:
            Options QuickEdit Mode on, Layout/screen buffer height 3000, window height 55.
            Check "Modify shortcut that started this window".
          - Might as well fix the Start/Programs/Accessories/Command Prompt properties, too.
Russ Fish's avatar
Russ Fish committed
160 161 162 163 164 165 166
          - Create c:\cygin\cygwin-tcsh.bat as a copy of c:\cygin\cygwin.bat with
            "bash --login -i" changed to "tcsh -l".
               ### Now we can use Cygwin (Bash) shell commands...  ###
               alias v='ls -lsF'
               cd C:/cygwin
               sed 's/bash --login -i/tcsh -l/' < cygwin.bat > cygwin-tcsh.bat
               chmod +x cygwin-tcsh.bat
167
          - Copy the bash shortcut to the All Users/Desktop.  
168
          - Copy it to a tcsh icon as well, changing the Target to c:\cygin\cygwin-tcsh.bat .
169
          - Copy the tcsh icon into All Users/Start Menu/Programs/Cygwin.
Russ Fish's avatar
Russ Fish committed
170 171
               cd C:/Documents\ and\ Settings/All\ Users
               cp -p Desktop/Cygwin\ TCSH\ Shell.lnk Start\ Menu/Programs/Cygwin
172 173 174 175 176 177

        . Set up local homedirs under /home as a symlink.  ~root is already there.
            cd /tmp
            mv /home{,.orig}
            ln -s /cygdrive/c/Documents\ and\ Settings/ /home

Russ Fish's avatar
Russ Fish committed
178 179 180
        . The Windows hosts file should already be symlinked into the Cygwin /etc.
            ls -l /etc/hosts
              ln -s /cygdrive/c/WINDOWS/system32/drivers/etc/hosts /etc/hosts
181 182

        . Create a proper group file.  Make wheel an alias for Administrators.
183 184
            mkgroup -l | \
              awk '/^Administrators:/{print "wheel" substr($0, index($0,":"))} \
185
                   {print}' > /etc/group.new
186 187 188 189 190 191
            diff /etc/group{,.new}
            cp -p /etc/group{,.prev}
            mv /etc/group{.new,}

        . Update the passwd file after creating new accounts.  Make root uid 0 with /home/root.
            mkpasswd -l | awk -F: 'BEGIN{ OFS=":" } \
192 193 194 195
               { if ($1=="root") $3="0"; \
                 else if ($1=="sshd") $NF="/bin/false"; \
                      else sub("/home/", "/users/"); \
                 print }' > /etc/passwd.new
196 197 198
            diff /etc/passwd{,.new}
            cp -p /etc/passwd{,.prev}
            cp -p /etc/passwd{.new,}
199
            chown root /etc/{passwd,group}*
200

Russ Fish's avatar
Russ Fish committed
201 202
            ### Note: the root UID changed from 1003 to 0.  ###
            ### Restart your Bash shell to get the new one before going on!  ###
203

Russ Fish's avatar
Russ Fish committed
204 205 206 207 208 209 210 211 212 213
        . Set up the syslog daemon.  (See usr/share/doc/Cygwin/inetutils-1.3.2.README)
            # Make sure /etc isn't owned by SYSTEM, which will prevent making syslogd.conf .
            chown root /etc
            syslogd-config -y
            # Start the daemon.  It starts automatically at reboot.
            net start syslogd
              # Test.
              logger "Test syslogd."
              tail /var/log/messages

214
        . Set up sshd.  
215
          - Edit /bin/ssh-host-config to add a -i argument to the "cygrunsrv -I sshd" lines.
216
                grep cygrunsrv /bin/ssh-host-config | grep -e -I
217 218 219 220 221
              ed /bin/ssh-host-config
              /cygrunsrv -I sshd/s//& -i/p
              /cygrunsrv -I sshd/s//& -i/p
              w
              q
222
          - Then stop sshd and remove its entry (if previously installed), run ssh-host-config:
223
            (You must be logged in as root over RDP, not ssh when you do this!)
Russ Fish's avatar
Russ Fish committed
224 225 226
                cygrunsrv -VQ sshd
              cygrunsrv -E sshd
              cygrunsrv -R sshd
227 228

              # May need to do some unmounts before running ssh-host-config.
229
              # (It does a mount, and there's a hard-wired limit of 31 mount table entries.)
230 231 232 233
              mount | wc -l
                ## mount: /ssh-host-config.3048: Too many mount entries
                for s in /users/s*; do umount $s; done

Russ Fish's avatar
Russ Fish committed
234
              # Should be NO ssh processes running, not even ssh-agent!
235 236
              ps -Welf | grep ssh

237 238 239
              # Make sure /etc is writable by root.
                v -d /etc
              chown root /etc
240

241
              ssh-host-config -y -c "ntsec tty"
242 243 244
              # or run ssh-host-config without args and answer the following interactive questions:
              # Select privilege separation = yes, sshd user = yes, install as service = yes, 
              # CYGWIN=ntsec tty
245

246
                v /etc/ssh*_config
247 248 249
              chown SYSTEM /etc/ssh*_config
              chmod 644 /etc/ssh*_config

250 251 252 253
          - Check for -i flag: look for Interactive = 0x00000001 (1)
              regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/sshd/Parameters

          - Edit /etc/sshd_config
254
            . Add AuthorizedKeysFile paths under /sshkeys/%u .
255 256 257
                  grep AuthorizedKeysFile /etc/sshd_config
                # Make it writable to edit, then change it back.
                chmod g+w /etc/sshd_config
Russ Fish's avatar
Tweaks.  
Russ Fish committed
258
                ed /etc/sshd_config
259 260
/AuthorizedKeysFile
a
261
AuthorizedKeysFile /sshkeys/%u/authorized_keys
262
AuthorizedKeysFile2 /sshkeys/%u/authorized_keys2
263 264 265
.
w
q
266
                chmod g-w /etc/sshd_config
267 268
                # Get a running sshd to read the config file with SIGHUP.
                kill -HUP `cat /var/run/sshd.pid`
269

270
            . LogLevel defaults to INFO, can be set to VERBOSE, DEBUG1, etc.
Russ Fish's avatar
Russ Fish committed
271 272 273
              With the syslogd service running, debug events are logged to /var/log/messages .
              [Otherwise, they show up under Event Viewer / Application / sshd,
               with one line per event (ugh.)  Refresh to see new events with F5.]
274
              ## sshd service debugging.
275 276 277
                ls -l /etc/sshd_config
                # Check.
                grep LogLevel /etc/sshd_config
278
                # Make it writable to edit, then change it back.
279
                chmod g+w /etc/sshd_config
280 281
                ed /etc/sshd_config
/#LogLevel/a
282
LogLevel DEBUG2
283 284 285
.
w
q
286 287 288 289
                chmod g-w /etc/sshd_config
                # Get a running sshd to read the config file with SIGHUP.
                kill -HUP `cat /var/run/sshd.pid`

290 291
          - Check /var/empty to avoid this error:
              /var/empty must be owned by root and not group or world-writable.
Russ Fish's avatar
Russ Fish committed
292
            # Actually, it must be owned by SYSTEM.
293 294 295 296
              v -d /var/empty
            chown SYSTEM /var/empty
            chmod go-w /var/empty

297
          - You can avoid patching and rebuilding sshd.exe if there's one saved.
Russ Fish's avatar
Russ Fish committed
298 299 300 301
              # Currently 4.1p1-2 .
              cygcheck.exe -c openssh
              # Either explore to \\fs\share, giving *your* login name and Windows password,
              # or use the "net use" command to provide it.  Then UNC paths work.
302
              v //fs/share/windows/sshd.exe
Russ Fish's avatar
Russ Fish committed
303 304
              v /usr/sbin/sshd.exe

305 306 307
              mv /usr/sbin/sshd.exe{,.orig}
              cp -p //fs/share/windows/sshd.exe /usr/sbin/sshd.exe

308 309
          - Start sshd.
              cygrunsrv -S sshd
310
              tail /var/log/messages
311 312

          - Set up for root ssh access from Boss.
Russ Fish's avatar
Russ Fish committed
313
                v -d /home/root
314 315 316
              chown root.wheel /home/root
              chmod 755 /home/root
              passwd root
317 318
daFluxGroup
daFluxGroup
319 320 321
              mkdir ~root/.ssh
              chown root.wheel ~root/.ssh
              # [On boss.]
322
              set pc=201
323
              set ssh_args='-o "StrictHostKeyChecking no" -o "UserKnownHostsFile /dev/null"'
324 325
              # This password isn't used for anything else, and doesn't need to be
              # very secure because all users are in the Administrators group on the node.
326
              eval sudo ssh "$ssh_args" root@pc$pc id
327
daFluxGroup
328
              eval sudo scp "$ssh_args" ~root/.ssh/{id_dsa,identity}.pub root@pc$pc":".ssh
329
daFluxGroup
330
              eval sudo ssh "$ssh_args" root@pc$pc
331
daFluxGroup
332 333 334 335 336 337 338 339 340 341 342 343
                # [On the target.]
                id
                cd ~root/.ssh
                cat {id_dsa,identity}.pub > authorized_keys
                chmod 644 *
                ls -ld /home /home/root /home/root/.ssh /home/root/.ssh/auth*
                mkdir -p /sshkeys/root
                v -d /sshkeys
                chmod 777 /sshkeys
                chmod 700 /sshkeys/root
                cp -p /home/root/.ssh/authorized_keys /sshkeys/root
                ls -lR /sshkeys/root
344 345
              exit

346 347 348 349
              # [Check back on Boss.]
              eval sudo ssh "$ssh_args" pc$pc id
              # The following will likely complain due to nonstandard host keys.
              rootpc $pc id
350 351 352 353

          - Install the standard host keys, dated Jun 21  2001.
            ls -l /etc/ssh*
            # [On boss.]
354 355
              set pc=201
              set ssh_args='-o "StrictHostKeyChecking no" -o "UserKnownHostsFile /dev/null"'
356
            eval sudo scp -rp "$ssh_args" /proj/testbed/fish/elab-host-keys root@pc$pc":"
357 358
            # Get the standard ssl certificates while we're at it.
            eval sudo scp -rp "$ssh_args" /proj/testbed/fish/elab-ssl-certs root@pc$pc":"
359 360

            eval sudo ssh "$ssh_args" root@pc$pc
361
            # [As root on the target.]
362 363 364 365 366 367 368 369 370 371 372 373 374 375
              ls -l ~/elab-host-keys
              ls -l /etc/ssh*key*
              ls -l /etc/orig-ssh-keys

              mkdir /etc/orig-ssh-keys
              chown root /etc/ssh*key*
              cp -p /etc/ssh*key* /etc/orig-ssh-keys
              chown SYSTEM /etc/orig-ssh-keys/*
              ls -l /etc/orig-ssh-keys

              cp -p ~/elab-host-keys/* /etc
              chown SYSTEM /etc/ssh*key*
              ls -l /etc/ssh*key*

376
              mkdir /etc/emulab
377 378 379
              ls -l ~/elab-ssl-certs/* /etc/emulab/*.pem
              cp -p ~/elab-ssl-certs/* /etc/emulab

380
            # The following should no longer complain due to nonstandard host keys.
381
            # [On Boss.] 
382
            rootpc $pc id
383 384

      - Install tools: WinZip and Emacs.
385 386 387 388 389
            # [On boss:]
            sudo scp -rp /share/windows/emacs-21.3-fullbin-i386.tar.gz root@pc$pc":"/tmp
            sudo scp -rp /share/windows/winzip90.exe root@pc$pc":"/tmp

            # Log in as root via RDP.
390 391
            rootrd $pc
            # [On the node, as root.]
392
            # Graphical installer.  Start with WinZip Classic, custom setup, no desktop icon.
393 394 395 396 397
            /tmp/winzip90.exe

            cd C:
            # Don't worry about a plethora of "Cannot change ownership" warnings.
            tar xfz /tmp/emacs-21.3-fullbin-i386.tar.gz
398
            # Graphical; click OK to set up the registry, start menu, etc.
399
            C:/emacs-21.3/bin/addpm.exe
Russ Fish's avatar
Russ Fish committed
400

401
            # Then copy the Emacs shortcut to the All Users/Desktop folder.
402 403 404 405
            allusers=/cygdrive/c/Documents\ and\ Settings/All\ Users
            chown root "$allusers"/Desktop
            cp "$allusers"/{Start\ Menu/Programs/Gnu\ Emacs,Desktop}/Emacs.lnk
            chown SYSTEM "$allusers"/Desktop
406 407 408 409

            # Make "emacs" be the NTEmacs runemacs starter, with "emacs-exe" for a compiler.
            ln -s /cygdrive/c/emacs-21.3/bin/runemacs.exe /usr/local/bin/emacs
            ln -s /cygdrive/c/emacs-21.3/bin/emacs.exe /usr/local/bin/emacs-exe
410 411

      - Get other stuff that "make client" depends on.
412

413 414 415 416 417 418
                ## Collect the include files for mysql and the Boost Graph Library.
                cd /usr/local/include
                tar cfz /share/windows/mysql-include.tgz mysql
                tar cfz /share/windows/boost-include.tgz boost
            # [On Boss.]
            sudo scp -rp /share/windows/{mysql,boost}-include.tgz root@pc$pc":"/tmp
419
            sudo scp -rp /share/windows/{WSName,addusers,usrtogrp,setx,devcon}.exe root@pc$pc":"/tmp
420 421 422 423 424 425 426
            # [On the target.]
            mkdir /usr/local/include
            cd /usr/local/include
            tar xfz /tmp/mysql-include.tgz
            tar xfz /tmp/boost-include.tgz

            # Build Elvin libs with GCC for testbed client programs.  
427
            # [On Boss.]
428
            sudo scp -p /usr/testbed/www/distributions/*elvin*-4.0.3.tar.gz root@pc$pc":"/tmp
429
            # [On the node.]
430 431 432 433 434 435 436 437 438
            # Need a path without embedded spaces for the make actions to work.
            mkdir C:/elvin
            cd C:/elvin
            # Don't worry about a plethora of "Cannot change ownership" warnings.
            tar xfz /tmp/libelvin-4.0.3.tar.gz
            tar xfz /tmp/elvind-4.0.3.tar.gz

            cd C:/elvin/libelvin-4.0.3
              # configure: error: Elvin requires that doubles be IEEE 754 compliant
439 440 441 442 443 444 445 446
              # Edit configure, line 3547, add exit(0); to patch around it.
              ed configure
3546p
a
exit(0);
.
w
q
447
            ./configure >& configure.trace 
Russ Fish's avatar
Russ Fish committed
448 449
            # Ends with "creating src/include/elvin/config.h"
            tail configure.trace
450

Russ Fish's avatar
Russ Fish committed
451 452
            # Comment this out in c:/elvin/libelvin-4.0.3/src/lib/i18n.c :
                      #elif defined(HAVE_WINBASE_H)
453
                              FreeLibrary(cat);
454 455 456 457 458 459
            ed c:/elvin/libelvin-4.0.3/src/lib/i18n.c
            /HAVE_WINBASE/p
            .,.+1s|^|//|p
            w
            q

460
            make >& make.log1
Russ Fish's avatar
Russ Fish committed
461
            tail make.log1
462
            make install >& install.log1
Russ Fish's avatar
Russ Fish committed
463
            tail install.log1
464 465
              make clean

Russ Fish's avatar
Russ Fish committed
466
# [ SKIP
467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503
            # Build Elvin for Windows on Coke, and tar it up for later installation.
            scp -p bos:"/usr/testbed/www/distributions/*elvin*-4.0.3.tar.gz" /tmp
            mkdir C:/elvin
            cd C:/elvin
            tar xfz /tmp/libelvin-4.0.3.tar.gz
            tar xfz /tmp/elvind-4.0.3.tar.gz
            # Rename lib dir for makefiles in elvind.
            mv libelvin-4.0.3 elvin4

            cd C:/elvin/elvin4
            nmake /k /f Makefile.win >& lib-make.winlog1
            mkdir -p C:/Program\ Files/elvin4/{bin,lib,doc}
            cp -p win32/bin/*.exe C:/Program\ Files/elvin4/bin
            cp -p win32/lib/{,*/}*.{dll,lib} C:/Program\ Files/elvin4/lib
            mkdir C:/Program\ Files/elvin4/include
            cp -p src/include/elvin/*.h C:/Program\ Files/elvin4/include

            cd C:/elvin/elvind-4.0.3        
            nmake /k /f Makefile.win >& program-make.winlog1
            cp -p *.exe *.pem C:/Program\ Files/elvin4/bin
            cp -p [A-Z][A-Z]* C:/Program\ Files/elvin4/doc
              scp -p ../*/*.winlog* ops:/proj/testbed/fish/elvin
            scp -p ops:/proj/testbed/fish/elvin-config /cygdrive/c/Program\ Files/elvin4/bin

            # Install dll's in the system so the server can be run.
            v C:/Program\ Files/elvin4/lib
            chmod -R g-w C:/Program\ Files/elvin4
            chmod a+x C:/Program\ Files/elvin4/lib/*
            cp -p C:/Program\ Files/elvin4/lib/* $nts

            elvin="C:/Program Files/elvin4/bin/elvinsvc.exe"
              v "$elvin"
            "$elvin" --help
            # Application Error - The application failed to initialize properly (0xc0000022).

            tar cfz /tmp/elvin4-windows.tar.gz -C /cygdrive/c Program\ Files/elvin4
            scp -p /tmp/elvin4-windows.tar.gz ops:/share/windows
Russ Fish's avatar
Russ Fish committed
504
# SKIP ]
505 506 507 508 509 510 511 512 513 514

            # Install the Windows Elvin, built on Coke above.
            # [On Boss.]
            sudo scp -p /share/windows/elvin4-windows.tar.gz root@pc$pc":"/tmp
            sudo scp -p /share/windows/elvind.conf.windows root@pc$pc":"/tmp/elvind.conf

            # [On the experiment node as root (Bash shell):]
            rootpc $pc
              cd C:
                ls -ld Program\ Files/elvin*
515
              # Don't worry about a plethora of "Cannot change ownership" warnings.
516 517 518 519 520 521 522 523 524 525
              tar xvfz /tmp/elvin4-windows.tar.gz
              chown -R root Program\ Files/elvin4
              cp -p C:/Program\ Files/elvin4/lib/* C:/WINDOWS/system32
              cp -p C:/Program\ Files/elvin4/lib/* /usr/local/lib
                diff /usr/local/etc/elvind_ssl.pem C:/Program\ Files/elvin4/bin/elvind_ssl.pem
              cp -p C:/Program\ Files/elvin4/bin/elvind_ssl.pem /usr/local/etc/elvind_ssl.pem

              elvind="C:/Program Files/elvin4"
              elvin="$elvind/bin/elvinsvc.exe"
                ls -l "$elvind/bin"
526 527
              chmod -R g-w "$elvind"
                ## Graphical help message.
528 529 530 531 532 533 534
                "$elvin" --help &
              # Install as a service.
              "$elvin" -r
              # Install a config file and set the path for the server.
                diff /usr/local/etc/elvind.conf /tmp/elvind.conf
              cp /tmp/elvind.conf /usr/local/etc/elvind.conf
                ls -l /usr/local/etc/elvind.conf
535
              # Do once to register the config file.
536 537
              "$elvin" -c `cygpath -w /usr/local/etc/elvind.conf`
                  ## Testing: start elvinsvc from the Services Manager now.
538
                  net start elvinsvc.exe
539
              # Make elvinsvc automatic in services manager, or use these commands:
540
                regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/elvinsvc.exe
541 542 543
              # (4 is Disabled, 3 is Manual, 2 is Automatic, 1 is only used for System services.)
              regtool -v set /HKLM/SYSTEM/CurrentControlSet/Services/elvinsvc.exe/Start 2

Russ Fish's avatar
Russ Fish committed
544
# [ SKIP
545 546 547 548 549
              ## Use any Windows experiment with a Program object in it for testing.
              pid=testbed eid=Windows-1
                pid=testbed eid=Windows-1b
                pid=testbed eid=Windows-1c
              $BINDIR/evproxy -s event-server -e $pid/$eid
550 551
              
              ## program-agent debugging.
552 553 554 555 556 557 558 559 560 561 562 563
                ps -Welf | grep program-agent
                $rc/rc.progagent shutdown
              $rc/rc.progagent boot
                ## Debugging.
                tail $LOGDIR/progagent.debug
                program-agent -d -e $pid/$eid -s localhost -c /var/emulab/boot/progagents
                # [On ops.]
                tevc -e testbed/Windows-1c now prog0 start \
                    COMMAND="bash -c 'date; hostname' > /tmp/host.txt"
                # [On the node.]
                tail /tmp/host.txt
                cat /local/logs/prog0.status
564
              
565 566 567 568
                ## C:\cygwin\bin\tcsh.exe (2504): *** couldn't create window, Win32 error 5
                ## See http://comments.gmane.org/gmane.os.cygwin.patches/2559
                ## This is at cygwin-1.5.17-1-winsup/cygwin/window.cc:wininfo::winthread():96
                ## Try starting rc.progagent as a separate service with -i for a desktop.
569
                
570 571
                  ## Started up and stopped immediately.  Needs something else in rc.bootsetup.
                  --dep elvinsvc.exe \
572
                
573 574 575
                  ## Depend on EmulabStartup (rc.bootsetup), which depends on the elvin service,
                  ## and also starts evproxy.  But it stops rather than staying running...
                  --dep EmulabStartup \
576
                
577 578 579 580
                ## Make it manual, and explicitly start it after rc.bootsetup in EmulabStartup.
                ## Works, but stays in "starting" state, err in bootsetup.log:
                ##  cygrunsrv: Error starting a service: QueryServiceStatus:  Win32 error 1053:
                ##  The service did not respond to the start or control request in a timely fashion.
Russ Fish's avatar
Russ Fish committed
581
# SKIP ]
582 583

              # For setuid() to work, Root must have these rights: Create a token object; Replace a
584 585 586 587 588 589 590 591
              # process level token; and Increase Quota rights.
              # http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-switch,
              # http://msdn.microsoft.com/library/en-us/secauthz/security/authorization_constants.asp
              editrights -u root -l
              editrights -u root -a SeCreateTokenPrivilege -l
              editrights -u root -a SeAssignPrimaryTokenPrivilege -l
              editrights -u root -a SeIncreaseQuotaPrivilege -l

Russ Fish's avatar
Russ Fish committed
592
              # Set up to run the program-agent service.
593
                cygrunsrv -R ProgAgent
594
              progagent=/usr/local/etc/emulab/rc/rc.progagent
595
              cygrunsrv -I ProgAgent -d "Emulab Program Agent" -i -p /cygdrive/c/cygwin/bin/bash \
596
                  --type manual \
597
                  -a "--norc --noprofile -c '$progagent >& /var/log/program-agent.log'"
598
                regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/ProgAgent/Parameters
599
                cygrunsrv -VQ ProgAgent
Russ Fish's avatar
Russ Fish committed
600 601 602 603
                  ## This won't work until you build the Emulab programs, including program-agent, below.
                  cygrunsrv -S ProgAgent
                  cygrunsrv -E ProgAgent
                # Log files.
604 605 606 607
                  tail /var/log/{program-agent,ProgAgent}.log
                touch /var/log/{program-agent,ProgAgent}.log
                chmod 777 /var/log/{program-agent,ProgAgent}.log

Russ Fish's avatar
Russ Fish committed
608
# [ SKIP
609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629
                # Little problem: "Must be root to run this script!"
                # Add this: 
                  # This runs as a separate Local System service on XP.  Change to root.
                  if (WINDOWS()) { $EUID = $UID = 0; }

                # Testing on ops.
                tevc -e testbed/bsd-1 now prog0 start
                tevc -e testbed/bsd-1 now prog0 start COMMAND='hostname >>& /users/fish/test.out'

                tevc -e testbed/Windows-1 now prog0 start COMMAND='hostname>>&/users/fish/test.out'
                  v /users/fish/test.out
                  tail /users/fish/test.out
                tevc -e testbed/Windows-1 now prog0 run COMMAND='touch /tmp/foo'
                tevc -e testbed/Windows-1 now prog0 run COMMAND='id'
                tevc -e testbed/Windows-1 now prog0 run COMMAND='ls -l /users/fish'
                tevc -e testbed/Windows-1 now prog0 run COMMAND='ls -l /proj/testbed/fish'

                # [On the node.]
                cat /local/logs/prog0.status
                cat /local/logs/prog0.err
                cat /local/logs/prog0.out
Russ Fish's avatar
Russ Fish committed
630
# SKIP ]
631 632 633

      - Get the testbed client code via CVS, build, and install it.
            rootpc $pc
634
            # [As root, on the node.]
635 636 637 638
            login_name=fish ws_name=kzin domain=flux.utah.edu
            ws_login=$login_name@$ws_name.$domain
            cvs_login=$login_name@cvs.$domain

639 640 641 642 643 644 645
            # Start an agent and go to your workstation to get your ssh keys for the cvs server.
            eval `ssh-agent -s`
              ssh-add -l
            ssh -A $ws_login
              ssh-add -l
            kdsa
            exit
646 647 648

            ssh $cvs_login id
              ssh -v $cvs_login id
Russ Fish's avatar
Russ Fish committed
649
            export CVSROOT=$cvs_login:/usr/flux/CVS CVS_RSH=ssh
650 651 652

              mkdir ~/flux
            cd ~/flux
653 654
              # First time only
              mkdir CVS; touch CVS/Entries; echo . > CVS/Repository
655
            # Any time the testbed tree needs to be re-created.  (Takes a while.)
656
            cvs -Q co testbed
657 658 659
              # Updates After that.
              cat CVS/Entries
                cvs -n -q update testbed
660
              cvs -q update -d testbed
661

Russ Fish's avatar
Russ Fish committed
662
            # Install some dotfiles for Root.
663 664 665
            cp -p testbed/tmcd/cygwinxp/cygwin.root.bashrc ~root/.bashrc
            cp -p testbed/tmcd/cygwinxp/cygwin.root.bash_profile ~root/.bash_profile
            cp -p testbed/tmcd/cygwinxp/cygwin.root.emacs ~root/.emacs
666
            # No HOME envar is set for root's desktop, so Emacs defaults it to C:/ .
667 668
            cp -p ~root/.emacs C:/.emacs

Russ Fish's avatar
Russ Fish committed
669
            # Install site-lisp files for Emacs.
670 671
              v -t testbed/tmcd/cygwinxp/site-lisp
              v -t c:/emacs-21.3/site-lisp
672 673 674 675 676 677
            cp -rp testbed/tmcd/cygwinxp/site-lisp/* c:/emacs-21.3/site-lisp
            ls -l c:/emacs-21.3/site-lisp

            # Need a resolv.conf before tmcc will work.
              cat /etc/resolv.conf
            cp -p ~/flux/testbed/tmcd/cygwinxp/resolv.conf /etc/resolv.conf
678 679

            # The Elvin and program-agent man pages get installed in man8.
680 681
            mkdir /usr/local/man/man8
              
682
            # Get the downloaded binary programs into the source tree for install.
683 684
              ls -l ~/flux/testbed/tmcd/cygwinxp/*.exe
            # [On boss:]
685
            sudo scp -rp /share/windows/{WSName,addusers,usrtogrp,setx,devcon}.exe root@pc$pc":"/tmp
686
            # [Back on the client:]
687
            cp -p /tmp/{WSName,addusers,usrtogrp,setx,devcon}.exe ~/flux/testbed/tmcd/cygwinxp
688

689
            # Finally ready to do the Emulab makes!
690 691
            mkdir ~/flux/obj-real
            cd ~/flux/obj-real
692 693

            # Configure takes a while...
694 695 696
              v configure.trace*
              mv configure.trace{,.1}
            ../testbed/configure --enable-windows --enable-windowsclient >& configure.trace
Russ Fish's avatar
Russ Fish committed
697 698 699
            # Should end with "creating config.h".
            tail configure.trace
              tail -f configure.trace
700 701 702

            # The first make fails with "Cannot change ownership" warnings unpacking tg2.0 .
            make client-install >& make.log1
Russ Fish's avatar
Russ Fish committed
703
            tail make.log1
704 705 706 707 708 709 710
            # No worries.  Patch it explicitly, since the patch action gets skipped.
            (cd ~/flux/testbed/event/trafgen; patch -p0 < tg.patch)

            # If this is an update, evproxy is run by rc.bootsetup and nothing stops it.
            # The install of evproxy in the make will fail unless we stop it first.
            ps -Welf | grep evproxy
              kill `ps -Welf | grep evproxy | awk '{print $2}'`
711 712 713 714
            # Ditto emulab-syncd and slothd.
            $rc/rc.syncserver shutdown
            $rc/rc.slothd stop

715
            make client-install >& make.log2
Russ Fish's avatar
Russ Fish committed
716 717
            tail make.log2
              tail -f make.log2
718 719

                # Only needed if there are problems...
720
                  v -t make.log*
721
                make client-install >& make.log3
722 723
                make client-install >& make.log4
                make client-install >& make.log5
724 725 726 727
                make client-install >& make.log6
                make client-install >& make.log7
                make client-install >& make.log8
                make client-install >& make.log9
728 729

      . Patch the /etc/profile file to use /home dirs if the /users mounts are down.
730
        ## Note their comment:
731 732 733 734 735
        # IF THIS FILE IS MODIFIED IT WILL NOT BE UPDATED BY THE CYGWIN
        # SETUP PROGRAM.  IT BECOMES YOUR RESPONSIBILITY.
        #
        # The latest version as installed by the Cygwin Setup program can
        # always be found at /etc/defaults/etc/profile
Russ Fish's avatar
Russ Fish committed
736
            # If you need to check in a new version back in CVS land...
737
            (cd ~/flux; cvs update testbed/tmcd/cygwinxp/profile)
738
          diff /etc/defaults/etc/profile ~/flux/testbed/tmcd/cygwinxp
739 740 741
            # If the diffs are right, just copy the Emulab one.
            cp ~/flux/testbed/tmcd/cygwinxp/profile /etc
          # Otherwise, edit the file.
742 743
            diff /etc/defaults/etc/profile /etc/profile
            cp /etc/defaults/etc/profile /etc
744 745 746 747 748 749 750 751 752 753 754 755
          ed /etc/profile
  /^# If the home directory doesn't exist, create it./,/^if \[ ! -d "\${HOME}" \]; then/p
/^# If the home directory doesn't exist, create it./,/^if \[ ! -d "\${HOME}" \]; then/c
### Use a local dir under sshd if the mount failed.
if [ ! -d "$HOME" ]; then
        HOME=/home/$USER
fi
# If the home directory doesn't exist, create it.
if [ ]; then
###if [ ! -d "${HOME}" ]; then
.
  .-10,.+5p
756 757
  w
  q
758

759 760 761 762
      . Need an NTP client, or at least the semblence of one.
            cat /etc/ntp.drift
          echo 0.000 > /etc/ntp.drift

763
      . Set up the tbshutdown script to run as a service, to get a shutdown signal.
764 765
            editrights -u root -l
          editrights -u root -a SeServiceLogonRight -l
Russ Fish's avatar
Russ Fish committed
766
          # Don't forget to set the root password to the following, if you haven't done it yet.
767
          rootpwd='daFluxGroup'
768
          # EmulabShutdown is started manually later on from rc.cygwinxp .
769
          echo "$rootpwd"
770 771 772 773
            cygrunsrv -R EmulabShutdown
          cygrunsrv -I EmulabShutdown -u root -w "$rootpwd" -p /cygdrive/c/cygwin/bin/bash \
              --shutdown --type manual \
              -a "--norc --noprofile -c '/usr/local/etc/emulab/tbshutdown'"
774
          cygrunsrv -VQ EmulabShutdown
775

776
          # If you see the following, try running rc.accounts or rc.bootsetup below to 
777
          # clear it up.  Haven't figured this out yet...
778 779 780
          ##cygrunsrv: Error installing a service: CreateService:  Win32 error 1057:
          ##The account name is invalid or does not exist, or the password is invalid 
          ##for the account name specified.
781

Russ Fish's avatar
Russ Fish committed
782
          # Log files
783 784 785
          touch /var/log/EmulabShutdown.log
          chmod 666 /var/log/EmulabShutdown.log
          regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/EmulabShutdown/Parameters
786
            # Manual start-up for testing.
787
            cygrunsrv -S EmulabShutdown
788 789

      . See if rc.bootsetup works.
Russ Fish's avatar
Russ Fish committed
790 791 792 793
          # Don't allow the sshd shell a shell login login in rc.accounts.
            grep '\^sshd:' /var/emulab/boot/usershells
          echo '/^sshd:/s|/bin/bash$|/bin/false|' >> /var/emulab/boot/usershells

794 795 796
          ##Running os dependent initialization script rc.cygwin
          ##chmod: cannot access `/var/log/EmulabStartup.log': No such file or directory
          ##chmod: cannot access `/etc/emulab/iscygwin': No such file or directory
797 798
          touch /var/log/EmulabStartup.log
          chmod 666 /var/log/EmulabStartup.log
Russ Fish's avatar
Russ Fish committed
799 800 801 802 803 804 805

          # May need to make /sshkeys, if it hasn't been done above.
          v -d /sshkeys
            mkdir /sshkeys
            chmod 777 /sshkeys

              ## May need to read .bashrc installed above if you haven't set up the path yet.
806
              . ~/.bashrc
807
            tmcc nodeid
808
              ## If you have problems, you may be missing /etc/resolv.conf .
809 810 811 812
              tmcc -d nodeid
                    nodeid 
                    /usr/local/etc/emulab/tmcc.bin  -d nodeid 
                    Connection to TMCD refused. Waiting ...
Russ Fish's avatar
Russ Fish committed
813 814
            ## You can test rc.cygwin separately.  It should reboot, the first time, 
            ## when it changes the node ID.
815
            $rc/rc.cygwin
816

Russ Fish's avatar
Russ Fish committed
817 818 819
            ## You can try the boot-time script to see that all is well.
            ## If you run this, and the node name hasn't been changed yet, it will reboot.
            $rc/rc.bootsetup
820

821 822
      . Set up the boot script to run as a service.

823
          # Start up after DHCP and Elvin, run ProgAgent afterwards.
824 825
              cygrunsrv -R EmulabStartup 
          rootpwd='daFluxGroup'
826 827 828 829 830 831 832 833
          cygwinrc=/usr/local/etc/emulab/rc/rc.cygwin
          bootsetup=/usr/local/etc/emulab/rc/rc.bootsetup
          progagent="cygrunsrv -S ProgAgent"
          bootlog=/var/log/bootsetup.log
          cygrunsrv -I EmulabStartup -u root -w $rootpwd --dep DHCP --dep elvinsvc.exe \
            -p /cygdrive/c/cygwin/bin/bash \
            -a "--norc --noprofile -c '( $cygwinrc; $bootsetup; $progagent ) >& $bootlog'"
          cygrunsrv -VQ EmulabStartup 
834

Russ Fish's avatar
Russ Fish committed
835
            ## If you run this, and the node name hasn't been changed yet, it will reboot.
836 837 838 839 840 841 842 843 844 845 846 847
            cygrunsrv -S EmulabStartup 
            cygrunsrv --help
          regtool -v list /HKLM/SYSTEM/CurrentControlSet/Services/EmulabStartup/Parameters
          sc query EmulabStartup

      . Make a $HOME envar for everybody, so Emacs works on startup from the desktop.
        - Set a user environment variable: HOME = /users/%USERNAME%
        - Stored in HKCU/Environment, which is HKU/*/Environment based on the user SIDs.
        - The user registry key (folder) is created at first login, doesn't exist before that.
          Run setx after that at login time to set the HOME environment variable value.
                # Check.
                regtool get /HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Run/SetHOME
848
          # Use a literal Windows command rather than a script.
849 850
          regtool -s set /HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Run/SetHOME \
            'cmd /C "if not %USERNAME% == root if not %USERNAME% == Administrator setx HOME //fs/%USERNAME%"'
851 852 853
                # Undo.
                regtool unset /HKLM/SOFTWARE/Microsoft/Windows/CurrentVersion/Run/SetHOME
          # Check that setx.exe is in system32.
854 855
          v C:/WINDOWS/system32/setx.exe

Russ Fish's avatar
Russ Fish committed
856
# [ SKIP if patched sshd.exe installed above.
857
      . Patch sshd so that shares (including /users homedirs) work with public-key logins.
Russ Fish's avatar
Russ Fish committed
858
        Also touches a file when client input is received, so slothd will know.
859 860

        - RDP into a node as root and shut down all ssh processes before update.
861
          (Otherwise, installation of an openssh update can hang mysteriously.)
862 863 864
            net stop sshd
            ps -Welf | grep ssh

865 866 867 868 869 870 871
        - Go through Cygwin setup and make sure everything is updated.  
              cygcheck -c openssh
              /cygdrive/c/software/cygwin/setup.exe &
              cygcheck -c openssh
          . View "Partial" will show what it wants to download and install.
          . Also select src for openssh, which goes under /usr/src .
          . When base dll's are updated, it will tell you to reboot.  Do it.
872

873
        - Install the source patches.  (Go get CVSROOT and agent keys set above first.)
874 875 876
            (cd ~/flux; cvs update testbed/tmcd/cygwinxp)
              (cd ~/flux; cvs co testbed/tmcd/cygwinxp)
          cd /usr/src/openssh*
877
            v -t *.[ch] | head -30
Russ Fish's avatar
Russ Fish committed
878 879

          # Enable no-password ssh logins which can access shared homedirs.
880 881 882
          cp -p uidswap.c{,.orig}
            patch -p1 --dry-run < ~/flux/testbed/tmcd/cygwinxp/uidswap.c.patch
          patch -p1 -b < ~/flux/testbed/tmcd/cygwinxp/uidswap.c.patch
883
            diff uidswap.c{.orig,}
884

Russ Fish's avatar
Russ Fish committed
885
          # Enable slothd to know of the last SSH client input time.
886 887
          for f in channels.{h,c} serverloop.c; do cp -p $f{,.orig}; done
            v *.orig
Russ Fish's avatar
Russ Fish committed
888 889 890
            patch -p1 --dry-run < ~/flux/testbed/tmcd/cygwinxp/sshd-client-input-time.patch
          patch -p1 -b < ~/flux/testbed/tmcd/cygwinxp/sshd-client-input-time.patch

891 892 893 894 895 896 897 898 899 900 901
        - Configure.  Takes a while.
            # These are the options that contrib/cygwin/README specifies:
            prefix=/usr sbindir=/usr/sbin datadir=$prefix/share
            ./configure > configure.trace 2>&1 \
                --prefix=/usr \
                --sysconfdir=/etc \
                --libexecdir=${sbindir} \
                --localstatedir=/var \
                --datadir=${prefix}/share \
                --mandir=${datadir}/man \
                --infodir=${datadir}/info
902 903
              tail configure.trace
                tail -f configure.trace
904 905 906

        - Just make and install sshd.exe, assuming everything else is up-to-date.
            make sshd.exe > make.log.1 2>&1
907 908
              tail make.log.1
                tail -f make.log.1
909 910 911 912 913 914

            # Make sure sshd is closed down while installing.
            ps -Welf | grep sshd
            net stop sshd
            /usr/bin/install -c -m 0755 -s sshd /usr/sbin/sshd.exe
            net start sshd
Russ Fish's avatar
Russ Fish committed
915
# SKIP ]
916

917
      . Make a load average log for slothd, averaged over a 1 minute period.
Russ Fish's avatar
Russ Fish committed
918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937

        - /proc/loadavg is hard-wired to "0.00 0.00 0.00" on Cygwin now.

        - All attempts to script this setup to reproduce it on another computer have
          failed so far, including using its own "Save/Restore Settings" and
          transplanting the registry subtree.

       - Click into Computer Management / Performance Logs and Alerts / Counter Logs.
          Right-click "New Log Settings..." in the logs pane, 
            Name: "ldavg", OK.

          General tab, 
            Counters list, "Add Counters...",
              check "Use local computer counters",
              click "Add" to add % total processor (the default),
              click "Close".
            Sample data every: Interval: "60" seconds.

          Log Files tab, 
            Log file type: "Text File (Comma delimited)", 
938 939 940 941
            Uncheck "End file names with" so the result goes into ldavg.csv .
            Configure... 
              Location: "C:\cygwin\var\run",
              Log file size: "Limit of: 1 MB", OK.
Russ Fish's avatar
Russ Fish committed
942 943 944 945

          Schedule tab, 
            Start Log: Click "At" (which defaults to the current time, as well as the future.) 
            Stop Log: Click "When the 1-MB log file is full.",
946
              When a log file closes: "Start a new log file".
Russ Fish's avatar
Russ Fish committed
947

948
          Check all three tabs, click OK.
Russ Fish's avatar
Russ Fish committed
949

950 951
          # ldavg should start out red (stopped) and then turn green (started) if you
          # refresh with F5.  It will start again after reboot.
Russ Fish's avatar
Russ Fish committed
952 953
          # You can turn it off and on with the right-click menu on "ldavg" in the logs pane.  
            tail -f /var/run/ldavg.csv
954 955
          # The first one is always 99.999, etc.

956 957 958 959 960
      . Disable TCP/IP address autoconfiguration, so unswitched interfaces like the sixth NICs
        on the pc3000's don't get Microsoft class B network 169.254 addresses assigned.
          svcs=/HKLM/SYSTEM/CurrentControlSet/Services tcpp=$svcs/Tcpip/Parameters
          regtool set -i $tcpp/IPAutoconfigurationEnabled 0

Russ Fish's avatar
Russ Fish committed
961 962
      . Reboot to make sure it all works right.  Note that prepare clears out the source
        trees, so don't do it until you've booted once and know that everything else works.
963 964
          prepare
          /sbin/reboot
Russ Fish's avatar
Russ Fish committed
965

966

967 968 969
================================================================
Making images

970 971 972 973 974 975 976 977 978 979 980 981 982 983
    . Windows Update
      - This might be needed after each Microsoft "Patch Tuesday" (second tues of the month.)
      - Start up Internet Explorer and go to:
        . http://update.microsoft.com
           - The first time, just installs/updates the updater and asks to reboot.
           - I just choose the EXPRESS update, installing all high-priority updates.
           - Don't turn on Automatic Updates.

           - After rebooting, check again if there's more to install.

             To install SP2, you must have access to a console screen, because the
             Windows Firewall defaults to block both SSH and RDP.  Disable it.

             . You may need to free disk space to install SP2, or allocate a partition.
Russ Fish's avatar
Russ Fish committed
984 985
                   du -sm C:/WINDOWS/ServicePackFiles/i386
                 rm -rf C:/WINDOWS/ServicePackFiles/i386
986 987 988 989 990 991
                   du -sm C:/WINDOWS/SoftwareDistribution/Download
                 rm -rf C:/WINDOWS/SoftwareDistribution/Download/*

      - Could be a good time to update Cygwin as well.  
        . Beware of stepping on the sshd.exe patches.

992
     . Uninstall the experimental net devices in Computer Management/Device Manager.
993
       (This was from our attempts to make a pc850/pc600 image.  Is it needed?)
994
         # Check which one is the control net interface.
995 996 997
         ipconfig /all
       Select a non-control net interface, hit delete, enter.
       Takes about 15 seconds per interface.
998

999
     . Run prepare to clear out experiment-specific state.
1000 1001
        rootpc $pc
          # Ignore complaints about all of the C:/Documents and Settings directories
1002
          # that were never created because the users didn't log in...
1003
          prepare
1004

1005
          exit
1006

1007 1008
    . Add an entry at the beginning of xpimage-log.txt, and create the image
      descriptor if it's not an existing image.
1009

1010 1011
    . Capture the image with imagezip.  
      You can specify the PC from which to grab the image when you create an image-id.
1012
      Do it in red-dot mode so you can set the Reboot Waittime to 240 seconds.
1013 1014 1015
      When updating existing images, I do it by hand in two stages, as below.
    
        # [On boss.]
1016 1017 1018 1019
        set pc=61 img=SP1 image=SP1_2005-08-22
        set pc=72 img=SP0 image=SP0_2005-08-22
        set pc=109 img=UPDATE image=UPDATE_2005-08-22

Russ Fish's avatar
Russ Fish committed
1020 1021 1022 1023 1024 1025
        set pc=210 img=BASE-pc3000 image=BASE-pc3000_2005-08-31
        set pc=201 img=SP0-pc3000 image=SP0-pc3000_2005-09-01
        set pc=201 img=SP1-pc3000 image=SP1-pc3000_2005-09-01
        set pc=242 img=SP2-pc3000 image=SP2-pc3000_2005-09-01
        set pc=242 img=UPDATE-pc3000 image=UPDATE-pc3000_2005-09-01

1026 1027
        df -m /proj/testbed/images /usr/testbed/images
          # Verify SSH working.
1028 1029
          rootpc $pc id

1030
        # Boot into the MFS.  The serial console will show you when it's open for business.
Russ Fish's avatar
Russ Fish committed
1031
        echo $pc $image