[summary]: jumpstart finish script

From: Paveza, Gary <gary.paveza_at_AIG.COM> Date: Thu Apr 07 2005 - 14:55:20 EDT · This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:45 EST

I made three changes to the pkgadd.  I added the -n for non-interactive,
changed -d ${MNT} package to -d ${MNT}/package, and added all to the end of
the line.

I had done the -d change originally, so I think the problem was either the
-n or the all.  Either way, it now works.  I'm getting an "exec failed.
errno=2, but it appears to have installed correctly.  I haven't been able to
determine what this error is.

I'm including my finish script below since a few people asked me to let them
know how I ended up.  It's not complete yet as I am still working out the
patching and the JASS (just hadn't gotten to those items yet - doing it
now).

In the interest of being honest and open, one lesson I learned was that when
testing this installation, it really wasn't necessary to use the SUNWXCall
package :)  While this is our standard for final installation, during
testing, the SUNWXreq was all that was needed - and it sure sped up testing
:)

Thanks to everyone who had suggestions and helped me through this.  

#!/bin/sh
#
# @(#) Finish script for Jumpstarting Solaris 9
# @(#) $Revision 1.0
# @(#) Author: Gary Paveza
# @(#) Created 2005/04/05
# @(#) Last Modified: 2005/04/05

BASE=/a
MNT=${BASE}/mnt
ADMIN_FILE=${BASE}/tmp/admin

# Mount remote filesystem containing packages and patches
mkdir ${MNT} >/dev/null 2>&1
mount -f nfs server:/jumpstart/Solaris9_config ${MNT} >/dev/null 2>&1
if [ $? != 0 ]
then
   echo "Filesystem not mounted"      
   exit 1
fi

# Create admin script for package installation
cat >${ADMIN_FILE} <<DONT_ASK
mail=root
instance=overwrite
partial=nocheck
runlevel=nocheck
idepend=nocheck
rdepend=nocheck
space=ask
setuid=nocheck
conflict=nocheck
action=nocheck
basedir=default
DONT_ASK

# Install software
echo " "
echo "Installing chkrootkit"
echo " "
pkgadd -n -a ${ADMIN_FILE} -R ${BASE} -d
${MNT}/chkrootkit-0.44-sol9-sparc-local all
echo " "
echo "Installing libpcap"
pkgadd -n -a ${ADMIN_FILE} -R ${BASE} -d
${MNT}/libpcap-0.8.3-sol9-sparc-local all
echo " "
echo "Installing lsof"
pkgadd -n -a ${ADMIN_FILE} -R ${BASE} -d ${MNT}/lsof-4.68-sol9-sparc-local
all
echo " "
echo "Installing tcpdump"
pkgadd -n -a ${ADMIN_FILE} -R ${BASE} -d
${MNT}/tcpdump-3.8.3-sol9-sparc-local all
echo " "
echo "Installing top"
pkgadd -n -a ${ADMIN_FILE} -R ${BASE} -d ${MNT}/top-3.5-sol9-sparc-local all
echo " " 
echo "Installing traceroute"
pkgadd -n -a ${ADMIN_FILE} -R ${BASE} -d
${MNT}/traceroute-1.4a12-sol9-sparc-local all
echo " " 
echo "Installing OpenSSH"
pkgadd -n -a ${ADMIN_FILE} -R ${BASE} -d ${MNT}/OpenSSH-pkg-5.8 all

# Create a /script directory
echo "Creating /scripts directory"
mkdir ${BASE}/scripts
chown root:other ${BASE}/scripts
chmod 755 ${BASE}/scripts

# Create a /patches directory
echo "Creating /patches directory"
mkdir ${BASE}/patches
chown root:other ${BASE}/patches
chmod 700 ${BASE}/patches

# Copy standard files to script directory
echo "Copying add_command_bridge.ksh script"
cp ${MNT}/add_command_bridge.ksh ${BASE}/scripts
chown root:other ${BASE}/scripts/add_command_bridge.ksh
chmod 700 ${BASE}/scripts/add_command_bridge.ksh

echo "Copying user_add.ksh script"
cp ${MNT}/user_add.ksh ${BASE}/scripts
chown root:other ${BASE}/scripts/user_add.ksh
chmod 700 ${BASE}/scripts/user_add.ksh

echo "Copying dailydiskspace.sh file"
cp ${MNT}/dailydiskspace.sh ${BASE}/scripts
chown root:other ${BASE}/scripts/dailydiskspace.sh
chmod 700 ${BASE}/scripts/dailydiskspace.sh

echo "Copying transfer_script.ksh file"
cp ${MNT}/transfer_script.ksh ${BASE}/scripts
chown root:other ${BASE}/scripts/transfer_script.ksh
chmod 700 ${BASE}/scripts/transfer_script.ksh

echo "Copying diskspace_check.pl file"
cp ${MNT}/diskspace_check.pl ${BASE}/scripts
chown root:other ${BASE}/scripts/diskspace_check.pl
chmod 700 ${BASE}/scripts/diskspace_check.pl

echo "Copying set_root_pw script"
cp ${MNT}/set_root_pw ${BASE}/scripts
chown root:other ${BASE}/scripts/set_root_pw
chmod 700 ${BASE}/scripts/set_root_pw

# Configure SSH
cp ${MNT}/sshd_config ${BASE}/opt/OpenSSH/etc
chown root:root ${BASE}/opt/OpenSSH/etc
chmod 644 ${BASE}/opt/OpenSSH/etc

# Harden server
echo "Copying aig-jass.tar"
cp ${MNT}/aig-jass.tar ${BASE}/
echo "Untarring aig-jass.tar"
tar -xvf ${BASE}/aig-jass.tar
echo "Applying hardening"
cd ${BASE}/opt/jass-0.3.1
./jass-execute -d secure.driver > ${BASE}/opt/jass-0.3.1/jass-execute.log
2>&1
cd

# Copy patches
echo "Copying 9_Recommended.zip file"
cp ${MNT}/9_Recommended.zip ${BASE}/patches
chown root:other ${BASE}/patches/9_Recommended.zip
chmod 700 ${BASE}/patches/9_Recommended.zip
unzip ${BASE}/patches/9_Recommended.zip > ${BASE}/patches/9_Recommended.log
2>&1
echo "Installing Recommended patch bundle"
for patch in `cat ${BASE}/9_Recommended/patch_order`
do
   cd ${BASE}/9_Recommended/$patch
#   echo yes | patchadd -u -d -R ${BASE} .
    echo "Will install patch $patch to ${BASE}"
done

# Setup root's environment
echo "Setting up root's HOME (/root)"
mkdir ${BASE}/root
chmod 700 ${BASE}/root
chown root:root ${BASE}/root
cp ${MNT}/root.profile ${BASE}/root/.profile
chown root:root ${BASE}/root/.profile
chmod 400 ${BASE}/root/.profile
cp ${MNT}/root.profile-EIS ${BASE}/root/.profile-EIS
chown root:root ${BASE}/root/.profile-EIS
chmod 400 ${BASE}/root/.profile-EIS
cp ${BASE}/etc/passwd ${BASE}/etc/passwd.old
sed s!Super-User:/:!Super-User:/root:! ${BASE}/etc/passwd >
${BASE}/etc/passwd.sed
cp ${BASE}/etc/passwd.sed ${BASE}/etc/passwd

# Set root's password
${BASE}/scripts/set_root_pw

---------------------------------------------------------
Gary Paveza, Jr.
Senior Systems Administrator -CSA
(302) 252-4831 - phone

-----Original Message-----
From: sunmanagers-bounces@sunmanagers.org
[mailto:sunmanagers-bounces@sunmanagers.org] On Behalf Of Paveza, Gary
Sent: Wednesday, April 06, 2005 2:24 PM
To: 'sunmanagers@sunmanagers.org'
Subject: jumpstart finish script

I'm trying to use a finish script to install some packages via jumpstart
(Solaris 9).

I have the following in my finish script:

#!/bin/sh
BASE=/a
MNT=${BASE}/mnt
ADMIN_FILE=${BASE}/tmp/admin

# Mount remote filesystem containing packages and patches
echo "Mounting /jumpstart/Solaris9_config to ${MNT}"
mkdir ${MNT} >/dev/null 2>&1
mount -f nfs <server>:/jumpstart/Solaris9_config ${MNT} >/dev/null 2>&1 
if [ $? != 0 ] then
   echo "Filesystem not mounted"      
   exit 1
fi

echo "Starting creation of admin script"

# Create admin script for package installation
cat >${ADMIN_FILE} <<DONT_ASK
mail=root
instance=overwrite
partial=nocheck
runlevel=nocheck
idepend=nocheck
rdepend=nocheck
space=ask
setuid=nocheck
conflict=nocheck
action=nocheck
basedir=default
DONT_ASK

echo " "
echo "Admin script created :"  
echo " "

cat ${ADMIN_FILE}

echo " "
echo "Beginning package add"
echo " "

echo " "
echo "Command to add package"
echo " "
echo pkgadd -a ${ADMIN_FILE} -R ${BASE} -d ${MNT}
${MNT}/chkrootkit-0.44-sol9-sparc-local
echo " "
echo "Admin_file"
echo " "
ls -la ${ADMIN_FILE}
echo " "
echo "Package file"
echo " "
ls -la ${MNT}/chkrootkit-0.44-sol9-sparc-local

# Install software
echo " "
echo "Installing chkrootkit"
echo " "
pkgadd -a ${ADMIN_FILE} -R ${BASE} -d ${MNT}
${MNT}/chkrootkit-0.44-sol9-sparc-local

Everything seems to work okay, until it gets to the pkgadd line (last line).
Then it just hangs.  Any ideas?  The script finds the admin file and can do
an ls -la on the package file just fine.
---------------------------------------------------------
Gary Paveza, Jr.
Senior Systems Administrator -CSA
(302) 252-4831 - phone
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers