Commit 9e29b9bf authored by Mike Hibler's avatar Mike Hibler

More updates.

parent cd10c01f
...@@ -19,20 +19,29 @@ How to make a generic image from a Utah one: ...@@ -19,20 +19,29 @@ How to make a generic image from a Utah one:
the password hash to /etc/emulab/master.passwd. Make sure you change the password hash to /etc/emulab/master.passwd. Make sure you change
both the root and toor password hashes (in the /etc/emulab file). both the root and toor password hashes (in the /etc/emulab file).
2d. Remove root's known_hosts file. 2d. Remove root's known_hosts file and authorized_keys.
sudo rm -f /root/.ssh/known_hosts sudo sh -c 'rm /root/.ssh/*'
Note that we used to leave our boss' authorized_keys file in the image,
but now that file is automatically overwritten as part of node setup
so there is no point.
2e. Install generic kernels. 2e. Install generic kernels.
Build kernels from the various TESTBED-* configs and install them: Build kernels from the various TESTBED-* configs and install them.
For FBSD 4.x:
TESTBED-GENERIC -> /kernel.100HZ TESTBED-GENERIC -> /kernel.100HZ
TESTBED-LINKDELAY-GENERIC -> /kernel.1000HZ TESTBED-LINKDELAY-GENERIC -> /kernel.1000HZ
TESTBED-DELAY-GENERIC -> /kernel.10000HZ TESTBED-DELAY-GENERIC -> /kernel.10000HZ
TESTBED-JAIL-GENERIC -> /kernel.jail TESTBED-JAIL-GENERIC -> /kernel.jail
Make sure that all the proper aliases exist too:
Make sure that there are hard links too:
ln -f /kernel.1000HZ /kernel.linkdelay ln -f /kernel.1000HZ /kernel.linkdelay
ln -f /kernel.10000HZ /kernel.delay ln -f /kernel.10000HZ /kernel.delay
ln -f /kernel.100HZ /kernel cp -p /kernel.100HZ /kernel
For FBSD 5.x and higher:
TESTBED-GENERIC -> /boot/kernel
TESTBED-LINKDELAY-GENERIC -> /boot/kernel.linkdelay
TESTBED-DELAY-GENERIC -> /boot/kernel.delay
(there is no vnode/jail support on FBSD 5+).
2f. Shutdown to single user and run the prepare script. 2f. Shutdown to single user and run the prepare script.
I always first umount NFS directories: I always first umount NFS directories:
...@@ -68,8 +77,11 @@ How to make a generic image from a Utah one: ...@@ -68,8 +77,11 @@ How to make a generic image from a Utah one:
the password hash to /etc/emulab/shadow. Make sure you change the password hash to /etc/emulab/shadow. Make sure you change
both the root and toor password hashes (in the /etc/emulab file). both the root and toor password hashes (in the /etc/emulab file).
3d. Remove root's known_hosts file. 3d. Remove root's known_hosts file and authorized_keys.
sudo rm -f /root/.ssh/known_hosts sudo sh -c 'rm -f /root/.ssh/*'
Note that we used to leave our boss' authorized_keys file in the image,
but now that file is automatically overwritten as part of node setup
so there is no point.
3e. Install a generic kernel. 3e. Install a generic kernel.
We do not yet have such a thing for Linux. So we hope the We do not yet have such a thing for Linux. So we hope the
......
...@@ -125,13 +125,6 @@ full-featured system, you can run binaries from the disk image itself: ...@@ -125,13 +125,6 @@ full-featured system, you can run binaries from the disk image itself:
Now update the following files: Now update the following files:
* /mnt/root/.ssh/authorized_keys
NOTE: THE ROOT PUBKEY FOR UTAH'S EMULAB IS IN THIS FILE BY DEFAULT.
This means that we (Utah Emulab admins) can login, as root, to your nodes.
This is useful if you want our help debugging, but it might be in violation
of your local security policies. So remove it if you don't want it there!
* /mnt/etc/localtime * /mnt/etc/localtime
Copy the correct file over from /mnt/usr/share/zoneinfo. Note that these Copy the correct file over from /mnt/usr/share/zoneinfo. Note that these
...@@ -197,12 +190,6 @@ still mounted on /mnt, so we use another directory): ...@@ -197,12 +190,6 @@ still mounted on /mnt, so we use another directory):
Now you can update the necessary files as follows. Now you can update the necessary files as follows.
* /mnt2/root/.ssh/authorized_keys
Copy over from the FreeBSD partition:
cp -p /mnt/root/.ssh/authorized_keys /mnt2/root/.ssh/
* /mnt2/etc/shadow * /mnt2/etc/shadow
Using your favorite editor, copy in the password hash for root from Using your favorite editor, copy in the password hash for root from
...@@ -238,7 +225,7 @@ Now unmount the Linux filesystem: ...@@ -238,7 +225,7 @@ Now unmount the Linux filesystem:
and fsck it for good luck. Actually, not only good luck but also to reset and fsck it for good luck. Actually, not only good luck but also to reset
the time stamp that forces a periodic fsck: the time stamp that forces a periodic fsck:
e2fsck /dev/${DSK}s2 e2fsck -f -y /dev/${DSK}s2
D. Saving the customized image D. Saving the customized image
...@@ -373,4 +360,4 @@ Dealing with SCSI disks (or RAID). ...@@ -373,4 +360,4 @@ Dealing with SCSI disks (or RAID).
If you don't have a Linux machine to do this with, contact us. If you don't have a Linux machine to do this with, contact us.
[ This file is a copy of doc/customize-image.txt in the Emulab source tree. ] [ This file is a copy of doc/customize-image.txt in the Emulab source tree. ]
[ Last updated 05/10/05 ] [ Last updated 03/13/07 ]
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment