Commit 4a73a5f1 authored by Kevin Atkinson's avatar Kevin Atkinson
Browse files

Add documentation for creating Fedora 8 image.

parent 1d3c98fb
#
# Stuff to do in order to make a fresh Fedora 8 testbed ready
#
# (updated from FC4-build.txt)
#
#
# NOTE: Not meant to be run as a script.
# SO DON'T!
# Copy and past into bash
#
##
##
# make ext2 fs on /dev/hda4 and then mount it. I recommend putting all
# working files on this partition so that they won't appear in the
# final image
mount /dev/hda4 /z
export testbed_src=/z/testbed
export etc_patches=${testbed_src}/doc/updating-RHL/Fedora8-etc-patches
export tz=MST7MDT
## Mount /share to make some things easier.
##
cd /
mkdir -p "/share"
mount -o hard,intr,udp "fs:/share" "/share"
## Disable kudzu at boot-time.
# XXX no need if the kudzu rpms are removed
#/sbin/chkconfig kudzu off
#
## Kill off CUPS.
/sbin/chkconfig cups off
## Enable ssh 1
##
patch /etc/ssh/sshd_config < $etc_patches/sshd_config.patch
## Install an appropriate /etc/inittab:
## - Run a getty in ttyS0
## - Do not run getty's for most virtual consoles (tty1, ...)
##
patch /etc/inittab < $etc_patches/inittab.patch
## Enable all wheel members to `sudo'.
##
patch /etc/sudoers < $etc_patches/sudoers.patch
## Log `ssh' logins to `users.emulab.net'.
##
patch /etc/rsyslog.conf < $etc_patches/rsyslog.conf.patch
# * /etc/localtime
# Copy the correct file over from /usr/share/zoneinfo
# XXX: should be necessary if correct timezone was selected at install time
#rm -f /etc/localtime
#install -o root -g root -m 644 "/usr/share/zoneinfo/${tz}" /etc/localtime
####
# Make the default locale "C"
patch /etc/sysconfig/i18n < $etc_patches/sysconfig-i18n.patch
## Add sbin to path for all users not just root
##
patch /etc/profile < $etc_patches/profile.patch
patch /etc/csh.login < $etc_patches/csh.login.patch
## Remove 000-delay.cron from cron.daily//weekly/monthly
##
## These files will cause problems for "prepare".
##
rm /etc/cron.daily/000-delay.cron /etc/cron.weekly/000-delay.cron \
/etc/cron.monthly/000-delay.cron
## Disable selinux
##
patch /etc/selinux/config < $etc_patches/selinux-config.patch
## Remove ccache
##
## It will cause gcc to hang since it tries to store the contents of the
## cache in the home directory (.cccahe). Which doesn't work over nfs
## on emulab for some reason.
rpm -e ccache
## Disable the firewall
##
## This will cause problems with some of emulab client software
##
chkconfig --list iptables
## Install tcsh
##
## Only bash is installed by default, however the c shell is needed by
## the program agent.
yum install tcsh
###############################################################################
## Install Keys
## emulab-keys.tar.gz created by running
## sh ${testbed_src}/doc/updating-RHL/tar-keys
## on an exiting node
# From other node make a tarball with
# root/.ssh/authorized_keys
# root/.ssh/authorized_keys2
# root/.cvsup/auth
# etc/ssh/ssh_host_dsa_key
# etc/ssh/ssh_host_dsa_key.pub
# etc/ssh/ssh_host_key
# etc/ssh/ssh_host_key.pub
# etc/ssh/ssh_host_rsa_key
# etc/ssh/ssh_host_rsa_key.pub
# etc/emulab/client.pem
# etc/emulab/emulab.pem
# Note: root password will get installed by prepare
###############################################################################
## Install "pubsub"
##
# download from cvs
## Install Boost.
## XXX no need, now standard rpm
## Install the Emulab client stuff.
##
#
# ...
mkdir testbed-obj
../testbed/configure --with-TBDEFS=../testbed/defs-default
make client
make client-install
###############################################################################
##
## Add/remove rpms.
##
# Done manually, compare your RPM list to Fedora8-rpm-list.txt using something
# like:
# cut -f1 < Fedora8-rpm-list.txt > Fedora8-rpm-names.txt
# rpm -qa --queryformat '%{NAME}\n' > mine.txt
# comm Fedora8-rpm-names.txt mine.txt
#
# You may also find Fedora8-rpm-list-install.txt usefull. It is the rpm list
# after the initial install
###############################################################################
##
## Optional: Install jove from source:
## ftp://ftp.cs.toronto.edu/cs/ftp/pub/hugh/jove-dev/
###############################################################################
##
## Update to latest version. Note this may also update the kernel.
##
yum update
###############################################################################
#
# NOW REBOOT TO MAKE SURE IT WORKS
#
###############################################################################
## Install rude/crude.
##
cd "${local_build_root}"
wget http://prdownloads.sourceforge.net/rude/rude-0.70.tar.gz
tar zxf rude-0.70.tar.gz
cd rude
./configure
gmake
gmake install
## Install `gated'.
## XXX --- compile w/o debugging?
##
#cd "${local_build_root}"
## wget http://ftp.rge.com/pub/networking/gated/gated-3-6.tar.gz
#wget http://www.funet.fi/pub/unix/tcpip/gated/gated-3-6.tar.gz
#tar zxf gated-3-6.tar.gz
#cd gated-public-3_6
#./configure
#gmake depend
#gmake
#gmake install
## Installs just `/usr/local/sbin/gated'.
# Version built from source doesn't work, install RHL7.3 RPM instead
rpm -i /share/redhat/7.3/RPMS/gated-3.6-14.i386.rpm
###############################################################################
## Install kernel
## ...
###############################################################################
When all done testing create a final image.
# Prep the image
yum clean all
find /var/cache/man -type f | xargs rm
# NOTE prepare now run automataically
# Create an image via the web interface.
--- csh.login~ 2007-05-23 09:55:03.000000000 -0600
+++ csh.login 2008-02-05 17:18:16.000000000 -0700
@@ -7,11 +7,7 @@
setenv PATH "${PATH}:/usr/X11R6/bin"
endif
else
- if ( $uid == 0 ) then
- setenv PATH "/sbin:/usr/sbin:/usr/local/sbin:/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin"
- else
- setenv PATH "/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin"
- endif
+ setenv PATH "/sbin:/usr/sbin:/usr/local/sbin:/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin"
endif
setenv HOSTNAME `/bin/hostname`
--- inittab~ 2008-02-01 13:46:14.000000000 -0700
+++ inittab 2008-02-05 16:58:42.000000000 -0700
@@ -42,13 +42,14 @@
# Run gettys in standard runlevels
-co:2345:respawn:/sbin/agetty ttyS0 115200 vt100-nav
+#co:2345:respawn:/sbin/agetty ttyS0 115200 vt100-nav
1:2345:respawn:/sbin/mingetty tty1
-2:2345:respawn:/sbin/mingetty tty2
-3:2345:respawn:/sbin/mingetty tty3
-4:2345:respawn:/sbin/mingetty tty4
-5:2345:respawn:/sbin/mingetty tty5
-6:2345:respawn:/sbin/mingetty tty6
+#2:2345:respawn:/sbin/mingetty tty2
+#3:2345:respawn:/sbin/mingetty tty3
+#4:2345:respawn:/sbin/mingetty tty4
+#5:2345:respawn:/sbin/mingetty tty5
+#6:2345:respawn:/sbin/mingetty tty6
+S0:2345:respawn:/sbin/agetty -L 115200 ttyS0 vt100
# Run xdm in runlevel 5
x:5:respawn:/etc/X11/prefdm -nodaemon
--- profile~ 2008-02-05 17:15:44.000000000 -0700
+++ profile 2008-02-05 17:17:05.000000000 -0700
@@ -20,11 +20,9 @@
fi
# Path manipulation
-if [ "$EUID" = "0" ]; then
- pathmunge /sbin
- pathmunge /usr/sbin
- pathmunge /usr/local/sbin
-fi
+pathmunge /sbin
+pathmunge /usr/sbin
+pathmunge /usr/local/sbin
# No core files by default
ulimit -S -c 0 > /dev/null 2>&1
--- rsyslog.conf.orig 2007-06-25 03:42:50.000000000 -0600
+++ rsyslog.conf 2008-02-05 17:11:32.000000000 -0700
@@ -2,6 +2,10 @@
# Logging much else clutters up the screen.
#kern.* /dev/console
+# For the testbed. Log ssh logins to ops.
+local5.err /dev/console
+auth.info @users
+
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
--- config~ 2008-01-30 09:20:40.000000000 -0700
+++ config 2008-02-12 20:50:43.000000000 -0700
@@ -4,7 +4,7 @@
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
-SELINUX=enforcing
+SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
--- /etc/ssh/sshd_config~ 2007-09-17 17:24:50.000000000 -0600
+++ /etc/ssh/sshd_config 2008-02-05 17:07:09.000000000 -0700
@@ -18,7 +18,7 @@
# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
-Protocol 2
+Protocol 2,1
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
--- /etc/sudoers.orig 2006-10-26 03:14:04.000000000 -0600
+++ /etc/sudoers 2008-02-06 22:36:10.000000000 -0700
@@ -8,7 +8,7 @@
## This file must be edited with the 'visudo' command.
## Host Aliases
-## Groups of machines. You may prefer to use hostnames (perhaps using
+## Groups of machines. You may prefer to use hostnames (perhap using
## wildcards for entire domains) or IP addresses instead.
# Host_Alias FILESERVERS = fs1, fs2
# Host_Alias MAILSERVERS = smtp, smtp2
@@ -24,28 +24,28 @@
## These are groups of related commands...
## Networking
-Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool
+#Cmnd_Alias NETWORKING = /sbin/route, /sbin/ifconfig, /bin/ping, /sbin/dhclient, /usr/bin/net, /sbin/iptables, /usr/bin/rfcomm, /usr/bin/wvdial, /sbin/iwconfig, /sbin/mii-tool
## Installation and management of software
-Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum
+#Cmnd_Alias SOFTWARE = /bin/rpm, /usr/bin/up2date, /usr/bin/yum
## Services
-Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig
+#Cmnd_Alias SERVICES = /sbin/service, /sbin/chkconfig
## Updating the locate database
-Cmnd_Alias LOCATE = /usr/sbin/updatedb
+#Cmnd_Alias LOCATE = /usr/sbin/updatedb
## Storage
-Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount
+#Cmnd_Alias STORAGE = /sbin/fdisk, /sbin/sfdisk, /sbin/parted, /sbin/partprobe, /bin/mount, /bin/umount
## Delegating permissions
-Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp
+#Cmnd_Alias DELEGATING = /usr/sbin/visudo, /bin/chown, /bin/chmod, /bin/chgrp
## Processes
-Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
+#Cmnd_Alias PROCESSES = /bin/nice, /bin/kill, /usr/bin/kill, /usr/bin/killall
## Drivers
-Cmnd_Alias DRIVERS = /sbin/modprobe
+#Cmnd_Alias DRIVERS = /sbin/modprobe
# Defaults specification
@@ -53,15 +53,15 @@
# Disable "ssh hostname sudo <cmd>", because it will show the password in clear.
# You have to run "ssh -t hostname sudo <cmd>".
#
-Defaults requiretty
+#Defaults requiretty
-Defaults env_reset
-Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
- LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \
- LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \
- LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \
- LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \
- _XKB_CHARSET XAUTHORITY"
+#Defaults env_reset
+#Defaults env_keep = "COLORS DISPLAY HOSTNAME HISTSIZE INPUTRC KDEDIR \
+# LS_COLORS MAIL PS1 PS2 QTDIR USERNAME \
+# LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION \
+# LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC \
+# LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS \
+# _XKB_CHARSET XAUTHORITY"
## Next comes the main part: which users can run what software on
## which machines (the sudoers file can be shared between multiple
@@ -83,7 +83,7 @@
# %wheel ALL=(ALL) ALL
## Same thing without a password
-# %wheel ALL=(ALL) NOPASSWD: ALL
+%root ALL=(ALL) NOPASSWD: ALL
## Allows members of the users group to mount and unmount the
## cdrom as root
--- /etc/sysconfig/i18n.orig 2008-01-30 09:24:26.000000000 -0700
+++ /etc/sysconfig/i18n 2008-02-05 17:14:29.000000000 -0700
@@ -1,2 +1,2 @@
-LANG="en_US.UTF-8"
+LANG="C"
SYSFONT="latarcyrheb-sun16"
ConsoleKit 0.2.3
ConsoleKit-libs 0.2.3
GConf2 2.20.1
MAKEDEV 3.23
NetworkManager 0.7.0
NetworkManager-glib 0.7.0
ORBit2 2.14.10
PolicyKit 0.6
PolicyKit-gnome 0.6
acl 2.2.39
acpid 1.0.6
alsa-lib 1.0.15
alsa-utils 1.0.15
anacron 2.3
apr 1.2.11
apr-util 1.2.10
aspell 0.60.5
aspell-en 6.0
at 3.1.10
atk 1.20.0
atmel-firmware 1.3
attr 2.4.38
audiofile 0.2.6
audit-libs 1.6.2
audit-libs-python 1.6.2
authconfig 5.3.18
authconfig-gtk 5.3.18
autoconf 2.61
autofs 5.0.2
automake 1.10
automake14 1.4p6
automake15 1.5
automake16 1.6.3
automake17 1.7.9
avahi 0.6.21
avahi-glib 0.6.21
b43-fwcutter 008
basesystem 8.1
bash 3.2
bc 1.06
bcm43xx-fwcutter 006
beecrypt 4.1.2
beecrypt-devel 4.1.2
bind-libs 9.5.0
bind-utils 9.5.0
binutils 2.17.50.0.18
binutils-devel 2.17.50.0.18
bison 2.3
bittorrent 4.4.0
bluez-gnome 0.14
bluez-libs 3.20
bluez-utils 3.20
boost 1.34.1
boost-devel 1.34.1
byacc 1.9.20050813
bzip2 1.0.4
bzip2-devel 1.0.4
bzip2-libs 1.0.4
cadaver 0.23.0
cairo 1.4.10
ccache 2.4
ccid 1.2.1
checkpolicy 2.0.4
chkconfig 1.3.36
comps-extras 13
coolkey 1.1.0
coolkey-devel 1.1.0
coreutils 6.9
cpio 2.9
cpp 4.1.2
cpuspeed 1.2.1
cracklib 2.8.10
cracklib-dicts 2.8.10
cracklib-python 2.8.10
crontabs 1.10
cryptsetup-luks 1.0.5
cscope 15.5
ctags 5.6
cups 1.3.3
cups-libs 1.3.3
curl 7.16.4
curl-devel 7.16.4
cvs 1.11.22
cyrus-sasl 2.1.22
cyrus-sasl-devel 2.1.22
cyrus-sasl-lib 2.1.22
cyrus-sasl-plain 2.1.22
db4 4.6.21
db4-cxx 4.6.21
db4-devel 4.6.21
dbus 1.1.2
dbus-devel 1.1.2
dbus-glib 0.73
dbus-libs 1.1.2
dbus-python 0.82.0
desktop-file-utils 0.13
device-mapper 1.02.22
device-mapper-libs 1.02.22
device-mapper-multipath 0.4.7
dhclient 3.0.6
dhcpv6-client 0.10
diffstat 1.43
diffutils 2.8.1
dmidecode 2.7
dmraid 1.0.0.rc14
dos2unix 3.1
dosfstools 2.11
doxygen 1.5.2
dump 0.4b41
e2fsprogs 1.40.2
e2fsprogs-devel 1.40.2
e2fsprogs-libs 1.40.2
ed 0.8
eject 2.1.5
elfutils 0.130
elfutils-libelf 0.130
elfutils-libelf-devel 0.130
elfutils-libs 0.130
elinks 0.11.3
esound-libs 0.2.38
ethtool 5
expat 2.0.1
expat-devel 2.0.1
fbset 2.1
fedora-gnome-theme 8.0.0
fedora-logos 8.0.2
fedora-release 8
fedora-release-notes 8.0.0
fetchmail 6.3.8
file 4.21
file-libs 4.21
filesystem 2.4.11
findutils 4.2.31
finger 0.17
firefox 2.0.0.8
firstboot 1.4.39
firstboot-tui 1.4.39
flex 2.5.33
fontconfig 2.4.2
freetype 2.3.5
frysk 0.0.1.2007.10.17
ftp 0.17
fuse 2.7.0
fuse-libs 2.7.0
gail 1.20.1
gamin 0.1.9
gamin-python 0.1.9
gawk 3.1.5
gcc 4.1.2
gcc-c++ 4.1.2
gcc-gfortran 4.1.2
gdb 6.6
gdbm 1.8.0
gdbm-devel 1.8.0
gettext 0.16.1
glib-java 0.2.6
glib2 2.14.2
glib2-devel 2.14.2
glibc 2.7
glibc-common 2.7
glibc-devel 2.7
glibc-headers 2.7
gmp 4.2.2
gmp-devel 4.2.2
gnome-keyring 2.20.1
gnome-mime-data 2.18.0
gnome-mount 0.7
gnome-python2 2.20.0
gnome-python2-bonobo 2.20.0
gnome-python2-canvas 2.20.0
gnome-python2-gconf 2.20.0
gnome-python2-gnomevfs 2.20.0
gnome-vfs2 2.20.0
gnome-vfs2-obexftp 0.4
gnupg 1.4.7
gnutls 1.6.3
gpm 1.20.1
gpm-devel 1.20.1
grep 2.5.1
groff 1.18.1.4
grub 0.97
gtk2 2.12.1
gzip 1.3.12
hal 0.5.10
hal-info 20071030
hal-libs 0.5.10
hdparm 7.7
hesiod 3.1.0
hesiod-devel 3.1.0
hicolor-icon-theme 0.10
hwdata 0.207
ifd-egate 0.05
imake 1.0.2
indent 2.2.9
info 4.11
initscripts 8.60
iproute 2.6.22
iptables 1.3.8
iptables-ipv6 1.3.8
iptstate 2.2.1
iputils 20070202
ipw2100-firmware 1.3
ipw2200-firmware 3.0
irda-utils 0.9.18
irqbalance 0.55
isdn4k-utils 3.2
iwl3945-firmware 2.14.1.5
iwl4965-firmware 4.44.1.18
java-1.5.0-gcj 1.5.0.0
java-1.7.0-icedtea 1.7.0.0
java-1.7.0-icedtea-plugin 1.7.0.0
java_cup 0.10
jpackage-utils 1.7.3
jwhois 4.0
kbd 1.12
kernel 2.6.23.1