Difference between revisions of "FreeBSD/LiveCD"

From Secure Computing Wiki
Jump to: navigation, search
(Created page with '== 32bit within 64bit land == <pre>14:31 < ecrist> if I chroot to a 32-bit env on a 64-bit host, it wants to install 64-bit packages, can I change that somehow? 14:33 < jpaetzel>...')
 
m (Configuration / Installing Packages)
 
(18 intermediate revisions by 3 users not shown)
Line 1: Line 1:
== 32bit within 64bit land ==
+
This document will describe how to get a rudimentary Live CD built on your own system from a working/running FreeBSD install.
<pre>14:31 < ecrist> if I chroot to a 32-bit env on a 64-bit host, it wants to install 64-bit packages, can I change that somehow?
+
 
14:33 < jpaetzel> yeah
+
== Getting Started ==
14:33 < jpaetzel> if you do man uname
+
To begin, start by building world and the proper kernel for your live CD.  You can build a live CD on a 64-bit box for 32-bit fairly easily.  The process is described briefly  here.
14:34 < jpaetzel> There are some env vars you can set to fool things into thinking it's 32 bit
+
 
14:35 < jpaetzel> # setenv MACHINE i386
+
Building world and kernel for a live CD is no different than building it for a running system.  During the install process, we want to specify a new location, which will be our live CD.  You do this with the DESTDIR variable, given to make.
14:35 < jpaetzel> # setenv UNAME_p i386
+
 
14:35 < jpaetzel> # setenv UNAME_m i386
+
<pre># cd /usr/src
 +
# make buildworld DESTDIR=/path/to/livecd
 +
# make installworld DESTDIR=/path/to/livecd
 +
# make buildkernel DESTDIR=/path/to/livecd
 +
# make installkernel DESTDIR=/path/to/livecd
 +
# make distribution DESTDIR=/path/to/livecd</pre>
 +
 
 +
If you're building a 64-bit live CD on a 32-bit box, or something else, add TARGET_ARCH and TARGET variables to your build/install.  Here's an example of a 32-bit build being done on a 64-bit system:
 +
<pre># make buildworld TARGET_ARCH=i386 TARGET=i386 DESTDIR=/path/to/livecd
 +
# make installworld TARGET_ARCH=i386 TARGET=i386 DESTDIR=/path/to/livecd
 +
# make buildkernel TARGET_ARCH=i386 TARGET=i386 DESTDIR=/path/to/livecd
 +
# make installkernel TARGET_ARCH=i386 TARGET=i386 DESTDIR=/path/to/livecd
 +
# make distribution TARGET_ARCH=i368 TARGET=i386 DESTDIR=/path/to/livecd
 
</pre>
 
</pre>
 +
 +
== Configuration / Installing Packages ==
 +
Once these operations are complete, you will have a 'working' system in /path/to/livecd (make sure the directory exists before putting files there!)  Now, you can chroot to this directory and install a ports tree, add packages, etc.  Again, if you're building a 32-bit live CD on a 64-bit system, or something similar, you need to do a couple things first.
 +
 +
Setup a working devfs in your chroot:
 +
<pre># mount -t devfs devfs /path/to/livecd/dev
 +
# chroot /path/to/livecd</pre>
 +
 +
As above, if you're cross-compiling, you need to set a couple environment variables.  Once inside your chroot, set the following environment variables:
 +
<pre>MACHINE i386
 +
UNAME_p i386
 +
UNAME_m i386</pre>
 +
 +
You should now be able to pkg_add or build any ports you need for your live CD.  In our example, we're using this live CD to restore backups via rsync from a remote server.
 +
 +
The following tasks were completed for our example:
 +
# Install rsync (pkg_add -rv rsync)
 +
# run /etc/rc.d/sshd onestart to create ssh host keys (so they're static on our live cd)
 +
# set a password for the root user
 +
# enabled root ssh in sshd_config
 +
# added a script to /usr/local/etc/rc.d/ to search for and run dhclient on all interfaces
 +
# create a memory disk and union mount it over /etc so resolv.conf can be written by dhclient.
 +
# create a file /etc/issue if you want a banner displayed prior to login.
 +
 +
== Nitty-Gritty ==
 +
=== /etc/fstab ===
 +
<pre>/dev/acd0 / cd9660 ro 0 0
 +
md /mnt/etc mfs rw,-s32m,-S 2 0
 +
md /mnt/root mfs rw,-s32m,-S 2 0
 +
/mnt/etc /etc unionfs rw 0 0
 +
/mnt/root /root unionfs rw 0 0</pre>
 +
 +
=== /usr/local/etc/rc.d/network.sh ===
 +
<pre>#!/bin/sh
 +
 +
echo "Configuring network interfaces for DHCP..."
 +
echo ""
 +
#ifconfig | grep flags | cut -f 1 -d : | grep -vE 'carp|lo|bridge|tun|tap' | xargs -D 1 -I III dhclient III
 +
rawint=`ifconfig | grep flags | cut -f 1 -d : | grep -vE 'carp|lo|bridge|tun|tap'`
 +
 +
for int in $rawint
 +
do
 +
if [ ! `ifconfig $int | grep "no carrier"` ]; then
 +
dhclient $int
 +
fi
 +
done</pre>
 +
 +
=== /etc/rc.conf ===
 +
<pre>## LiveCD Options
 +
update_motd="NO"
 +
syslogd_enable="NO"
 +
sendmail_enable="NONE"
 +
cleanvar_enable="NO"
 +
hostid_enable="NO"
 +
ip6addrctl_enable="NO"
 +
moused_nondefault_enable="NO"
 +
sendmail_submit_enable="NO"
 +
sendmail_outbound_enable="NO"
 +
sendmail_msp_queue_enable="NO"
 +
cron_enable="NO"
 +
crashinfo_enable="NO"
 +
virecover_enable="NO"
 +
newsyslog_enable="NO"
 +
mixer_enable="NO"
 +
root_rw_mount="NO"
 +
hostname="CLX_LIVECD"
 +
 +
## LiveCD Daemons
 +
sshd_enable="YES"</pre>
 +
 +
== Create ISO ==
 +
Once the image is built, we create an ISO using mkisofs, which can be had from /usr/ports/sysutils/cdrtools.  The following command will create an ISO with the proper options:
 +
<pre># mkisofs -no-emul-boot -R -b boot/cdboot -J -publisher "ClaimLynx, Inc." -V FreeBSD-LiveCD -o ~/clx2.iso path/to/dir/</pre>
 +
 +
== Test ==
 +
I test my ISOs using VirtualBox.  You're also welcome to burn them to a CD-R/W and try booting from it.
 +
 +
== Paring Down ==
 +
If you need a smaller ISO than the one we have here (about 440MB), you can remove the following things from your /path/to/livecd:
 +
* /usr/ports
 +
* /var/db/portsnap
 +
 +
== Resources ==
 +
=== Links ===
 +
* [http://wiki.freebsd.org/AvgLiveCD http://wiki.freebsd.org/AvgLiveCD]
 +
* [http://bsdimp.blogspot.com/2006/09/cross-building-freebsd.html Cross Compiling on FreeBSD]
 +
 +
=== Man Pages ===
 +
* mdmfs
 +
 +
=== Thanks ===
 +
* Josh Paetzel (most of this article)
 +
[[Category: FreeBSD]] [[Category: LiveCD]] [[Category: OS]]

Latest revision as of 17:02, 16 December 2011

This document will describe how to get a rudimentary Live CD built on your own system from a working/running FreeBSD install.

Getting Started

To begin, start by building world and the proper kernel for your live CD. You can build a live CD on a 64-bit box for 32-bit fairly easily. The process is described briefly here.

Building world and kernel for a live CD is no different than building it for a running system. During the install process, we want to specify a new location, which will be our live CD. You do this with the DESTDIR variable, given to make.

# cd /usr/src
# make buildworld DESTDIR=/path/to/livecd
# make installworld DESTDIR=/path/to/livecd
# make buildkernel DESTDIR=/path/to/livecd
# make installkernel DESTDIR=/path/to/livecd
# make distribution DESTDIR=/path/to/livecd

If you're building a 64-bit live CD on a 32-bit box, or something else, add TARGET_ARCH and TARGET variables to your build/install. Here's an example of a 32-bit build being done on a 64-bit system:

# make buildworld TARGET_ARCH=i386 TARGET=i386 DESTDIR=/path/to/livecd
# make installworld TARGET_ARCH=i386 TARGET=i386 DESTDIR=/path/to/livecd
# make buildkernel TARGET_ARCH=i386 TARGET=i386 DESTDIR=/path/to/livecd
# make installkernel TARGET_ARCH=i386 TARGET=i386 DESTDIR=/path/to/livecd
# make distribution TARGET_ARCH=i368 TARGET=i386 DESTDIR=/path/to/livecd

Configuration / Installing Packages

Once these operations are complete, you will have a 'working' system in /path/to/livecd (make sure the directory exists before putting files there!) Now, you can chroot to this directory and install a ports tree, add packages, etc. Again, if you're building a 32-bit live CD on a 64-bit system, or something similar, you need to do a couple things first.

Setup a working devfs in your chroot:

# mount -t devfs devfs /path/to/livecd/dev
# chroot /path/to/livecd

As above, if you're cross-compiling, you need to set a couple environment variables. Once inside your chroot, set the following environment variables:

MACHINE i386
UNAME_p i386
UNAME_m i386

You should now be able to pkg_add or build any ports you need for your live CD. In our example, we're using this live CD to restore backups via rsync from a remote server.

The following tasks were completed for our example:

  1. Install rsync (pkg_add -rv rsync)
  2. run /etc/rc.d/sshd onestart to create ssh host keys (so they're static on our live cd)
  3. set a password for the root user
  4. enabled root ssh in sshd_config
  5. added a script to /usr/local/etc/rc.d/ to search for and run dhclient on all interfaces
  6. create a memory disk and union mount it over /etc so resolv.conf can be written by dhclient.
  7. create a file /etc/issue if you want a banner displayed prior to login.

Nitty-Gritty

/etc/fstab

/dev/acd0	/		cd9660	ro		0	0
md		/mnt/etc		mfs	rw,-s32m,-S	2	0
md		/mnt/root	mfs	rw,-s32m,-S	2	0
/mnt/etc		/etc		unionfs	rw		0	0
/mnt/root	/root		unionfs	rw		0	0

/usr/local/etc/rc.d/network.sh

#!/bin/sh

echo "Configuring network interfaces for DHCP..."
echo ""
#ifconfig | grep flags | cut -f 1 -d : | grep -vE 'carp|lo|bridge|tun|tap' | xargs -D 1 -I III dhclient III
rawint=`ifconfig | grep flags | cut -f 1 -d : | grep -vE 'carp|lo|bridge|tun|tap'`

for int in $rawint
do
	if [ ! `ifconfig $int | grep "no carrier"` ]; then
		dhclient $int
	fi
done

/etc/rc.conf

## LiveCD Options
update_motd="NO"
syslogd_enable="NO"
sendmail_enable="NONE"
cleanvar_enable="NO"
hostid_enable="NO"
ip6addrctl_enable="NO"
moused_nondefault_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
cron_enable="NO"
crashinfo_enable="NO"
virecover_enable="NO"
newsyslog_enable="NO"
mixer_enable="NO"
root_rw_mount="NO"
hostname="CLX_LIVECD"

## LiveCD Daemons
sshd_enable="YES"

Create ISO

Once the image is built, we create an ISO using mkisofs, which can be had from /usr/ports/sysutils/cdrtools. The following command will create an ISO with the proper options:

# mkisofs -no-emul-boot -R -b boot/cdboot -J -publisher "ClaimLynx, Inc." -V FreeBSD-LiveCD -o ~/clx2.iso path/to/dir/

Test

I test my ISOs using VirtualBox. You're also welcome to burn them to a CD-R/W and try booting from it.

Paring Down

If you need a smaller ISO than the one we have here (about 440MB), you can remove the following things from your /path/to/livecd:

  • /usr/ports
  • /var/db/portsnap

Resources

Links

Man Pages

  • mdmfs

Thanks

  • Josh Paetzel (most of this article)