OpenBSD Journal

Stupid Install Tricks: siteXY and install.site

Contributed by merdely on from the laziness dept.

The ability to customize the OpenBSD installation through siteXY.tgz install sets has been available for years, I just haven't given it much thought until now. I have several "build" machines that I often upgrade to the latest snapshot to work on. Every once in a while, I like to do a fresh, clean install. Each time, I have to manually tweak 50 different minor settings to get my working environment back to normal.

To simplify the process, I recently looked at using siteXY.tgz.

Using the information in the FAQ, I put together a site42-build.tgz ("build" being the name of the box I'm installing and "42" refers to the OpenBSD version I'm installing) that contained: /etc/ssh/ssh_host* files, /etc/mk.conf, /etc/rc.local, /etc/profile, directories for NFS mount points and an install.site script.

For generic site-specific install sets, name the tarball "siteXY.tgz". For host-specific install sets, name the tarball "siteXY-$(hostname -s).tgz" (taking the hostname entered during installation). Both sets will be displayed (when copied to your local FTP mirror) with the other install sets during installation and the host-specific set will be pre-selected.

My install.site script (which goes in the root of the siteXY tarball) appends /etc/fstab with NFS mount entries, creates my user account, installs necessary packages, appends /etc/sudoers giving wheel access. The install.site script is only a shell script (make it executable), so what can be done with it is virtually limited by your imagination. Here is my script:

## Add ccd configuration for alpha
if [ `cat /etc/myname` = "pw500.my.domain" ]; then
echo "==> Configuring ccd for /usr/obj"
cat << __CCD >> /etc/ccd.conf
ccd0    32      none    /dev/sd1a /dev/sd2a
__CCD
cat << __FSTABCCD >> /etc/fstab
/dev/ccd0a /usr/obj ffs rw,softdep,nodev,nosuid,noatime,softdep 1 2
__FSTABCCD
fi

## Add NFS mounts to fstab
echo "==> Adding NFS mounts to fstab"
cat << __FSTAB >> /etc/fstab
nfsserv:/cvs /cvs nfs rw,-b,-i 0 0
nfsserv:/home/mike /home/mike nfs rw,-b,-i 0 0
nfsserv:/home/software /home/software nfs ro,-b,-i 0 0
nfsserv:/usr/ports /usr/ports nfs rw,-b,-i 0 0
__FSTAB

## Install NUT if not buildsnap
if [ `cat /etc/myname` != "buildsnap.my.domain" ]; then
  echo "==> Installing nut"
  PKG_PATH=ftp://ftpserv/pub/OpenBSD/snapshots/packages/`arch -s`/ \
    /usr/sbin/pkg_add -x nut > /dev/null
  [ $? != 0 ] && echo Error: nut could not be installed.
fi

## Add wheel to sudoers
echo "==> Setting up /etc/sudoers"
cat << __SUDO >> /etc/sudoers
Defaults:%wheel !env_reset
%wheel  ALL=(ALL) NOPASSWD: SETENV: ALL
__SUDO

## Add mike user account, group and home directory (which is NFS mounted)
echo "==> Adding 'mike' user"
groupadd -g 10000 cvs
groupadd -g 1000 mike
useradd -g mike -u 1000 -L staff -s /bin/ksh -c 'Michael Erdely' \
  -p 'MYENCRYPTEDPASSHERE' \
  -G wheel,wsrc,cvs -d /home/mike mike

The install.site (or upgrade.site) script runs at the very end of the installation (or upgrade) process. Then, you're immediately prompted with the "Congratulations" message.

Be sure to read the FAQ entry for more information and submit your Stupid User Tricks.

(Comments are closed)


Comments
  1. By Didier (158.64.153.150) dwiroth@gmail.com on http://www.wiroth.net

    Hello,
    Nice article, it is an interesting feature!
    Is it possible to have a look at your install.site script, or do you think you could post it here?

    It would be nice to have a good sample of the install.site script.

    Kind regards,
    Didier

    Comments
    1. By Mike Erdely (merdely) on http://erdelynet.com/

      > Nice article, it is an interesting feature!

      Thanks.

      > Is it possible to have a look at your install.site script, or do you
      > think you could post it here?

      I've added it to the article.

  2. By sicute (125.163.14.108) son_jaya@yahoo.com on sicute.blogspot.com

    look up sonixwall cd , they use siteXY too , but how to make it working and smooth please detail for futher use.

  3. By Anonymous Coward (198.175.14.194) on

    using sudo with NOPASSWD is about the same as giving these individual accounts root access themselves...

    Comments
    1. By Mike Erdely (merdely) on http://erdelynet.com/

      > using sudo with NOPASSWD is about the same as giving these individual
      > accounts root access themselves...

      You're absolutely right and should only be done in controlled circumstances. In this scenario, these boxes are my "build" boxes. All they do is build ports, etc. And, I'm the only user on the box.

    2. By Anonymous Coward (24.37.242.64) on

      > using sudo with NOPASSWD is about the same as giving these individual accounts root access themselves...

      $ sudo su -
      # _



  4. By Robert de Bock (134.146.0.28) robert@meinit.nl on http://meinit.nl/

    This is not a stupid trick, it's very useful!

    Would there be a way to automate all parts of the installation, so disk partitioning, selecting what sets will be installed, and answering all other questions that are asked for during the installation? (The goal would be to have an automated installation procedure.)

    Regards,

    Robert de Bock.

    Comments
    1. By patryck (patryck) on

      [offtopic]

      Hi Robert, yesterday someone tried to call you on my phone, as i'm the new owner of your old simcard.. Make it stop!!1~

      ;)

      [/offtopic]

      site.tgz is a nice feature, glad to see someone making use of it!

      > This is not a stupid trick, it's very useful!
      >
      > Would there be a way to automate all parts of the installation, so disk partitioning, selecting what sets will be installed, and answering all other questions that are asked for during the installation? (The goal would be to have an automated installation procedure.)
      >
      > Regards,
      >
      > Robert de Bock.

    2. Comments
      1. By Ludo Smissaert (81.18.169.171) on

        > http://people.cs.uchicago.edu/~brendan/howtos/openbsd_install/

        Very nice article. It's very helpful. Thanks a lot, Brendan,

        Ludo

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]