MagOS in industrial application
In carrying out this work, the task was set of minimizing the time for servicing the network from a large number of Linux machines.
1. Basic description of basic principles
1.1. MagOS application.
1.2. Technology.
1.3. The choice of basic distribution.
2. Network structure.
2.1. Magos-server.
3. Configure the bootloader.
3.1. Bootloader strings
3.2. Options that have been used.
3.3. Options that can be used.
3.4. Features network boot.
4. The order of system initialization.
4.1. The structure of the basecfg.ini configuration file by default.
4.2. The structure of the system directory.
4.3. Implementation.
5. MagOS server.
5.1. General information.
5.2. Network settings.
5.3. Configure services.
5.4. Repository of programs.
5.5. Additional server data
5.6. Monitoring
6. Custom modules.
6.1. General principles for creating custom modules.
6.2. How many modules do.
6.3. Modules for special purposes.
6.4. Restrictions for modules.
6.5. Instructions for the creation of modules.
6.6. System update module.
6.7. Office software installation module.
6.8. Module with utilities and servers.
6.9. System Settings Module.
7. Scripts.
7.1. Add-ons for magos-patches.
7.2. OS installation script.
7.3. Inclusion scripts in AD.
7.4. System management (/ root / bin).
7.5. Additional scripts that fix the work of the magos programs and the operating system.
8. Instructions for technicians.
MagOS is a specific build of a distribution kit selected from an extensive list. Live distributions of Magea, Mandriva, Rosa, Ubuntu, Debian, Fedora, AltLinux, etc. can be used as the basis for building the build. The specific elements of MagOS are a modified kernel (to support AUFS), a specially created initrd (using UIRD) and an additional set of scripts designed to manage MagOS.
MagOS allows you to create a full-fledged operating system based on the Live builds of various distributions (builds designed for booting from CDs, DVDs). The specific use of MagOS provides a whole range of additional benefits of this approach:
')
Very simple restoration of the system to its original state. It can be compared with the technology of working with equipment, when the introduction of a special command allows you to reset all user-made settings and bring the system to its original state. Here, the same effect is achieved by the destruction of data in the sections in which user data is stored. Thus, this option of installing the distribution becomes simply indispensable when used in the educational process. To the above, you need to add the ability to install the distribution on a flash drive, which allows the student or student to use it not only in the classroom, but also at home.
The second most important advantage of the distribution is the ability to pre-configure the system. It is achieved by including all the necessary configuration files with parameters in the immutable part of the distribution, the so-called modules. Using this technology, we minimize the number of administrator actions after installing the system on a user's computer. This opportunity can be used not only for the organization of computer classes, but also among industrial enterprises, reducing to the possible minimum labor costs for installation and configuration when working with a large number of users' computers.
The third advantage is the ease of installation and updating of such an operating system assembly, which is reduced to partitioning the disk, creating file systems, copying a set of files to a computer and installing a bootloader. In industrial applications, all specified operations can be performed automatically when the corresponding script is run. Updating an installed distribution package also comes down to copying files, which can be done automatically, for example, when you turn off your computer.
The separate advantages include the possibility of network download distribution, including from the Internet.
The unrealized capabilities of MagOS include the inability to store user data on a secure distributed file system. The implementation of such a distributed file system will ensure full reentrancy of users.
Some background information about MagOS can be obtained from the article: MagOS Linux (September release) .
A modification of the Linux kernel included in MagOS is to enable the patch with the AUFS file system. AUFS allows you to connect external file systems to the file system using the loopback interface, collecting the resulting file system like a layer cake. Intermediate layers of such a resulting file system are connected, most often, in RO mode (read only), and the uppermost layer, as a rule, is connected in RW mode (read-write) and projected onto a disk file system, which can be placed as in RAM , on a physical disk, in a disk image, and stored during a shutdown operation in a special module that is connected using the SquashFS file system.
The SquashFS file system allows you to perform compression using a block algorithm, preserving all file system attributes. In MagOS, it is used to create loadable modules with images of layers of the AUFS file system. The block compression algorithm allows you to not unpack the entire module files, if necessary, to extract data from them.
In MagOS, an initrd disk image used to boot Linux on most distributions is used to organize the system. There are scripts that create a "layered" file system distribution, processing configuration files, etc.
The data required for setting up the system is transmitted through the kernel parameters of the operating system, which are written in the grub4dos / grub2 / syslinux bootloader, and using the special configuration file MagOS.ini. Where and what parameters are transferred is described in the documentation. Parameters related to the general configuration of the operating system are transferred using kernel parameters. They are organized into a system of parameters Unified Init Ram Disk (uird).
The description of the parameters is given on the project website: UIRD . Used distribution Magos multi .
In industrial applications, you cannot do without a server that contains a distribution kit and supports HTTP (for remote download), TFTP (remote boot by PXE), SSH (for file management) and RSYNC (for installing and updating the OS on users' computers). The server can be implemented on any distribution, including MagOS. In my case, a virtual container based on the CentOS 6 distribution was used.
To manage the system, the necessary options and scripts that process them were added to MagOS.
The choice of the distribution kit on the basis of which the network is built is always a complex and ambiguous task. Choosing one or another distribution kit has to take into account many factors, including many local problems. We had the following factors: very unproductive users' computers, although they were acquired quite recently, they saved money on computers, therefore, in a typical machine, at which the user sits only 2 Gigabytes of RAM and a dual-core Celeron with not very high clock speeds. Such a typical configuration of a user's computer imposes restrictions on the choice of a desktop manager, in particular, using KDE is no longer possible without losing the possibility of comfortable user experience.
Secondly, this is a problem of unqualified personnel, the main function of which is, by no means, computer work. It is necessary to remember about the long-term habit of one single operating system, with which people have had to work for many years - Windows XP, whose support has been discontinued, which is why the problem of replacing the OS in users' workstations has been a problem.
Exploring the possibility of adapting the appearance of the desktop to the appearance of the good old XP, we decided to stop at Cinnamon. Despite the fact that the development has not yet been released, in the standard configuration this desktop works quite stable and quite easily adapts to the appearance of XP by installing the appropriate theme. An additional factor influencing the OS choice was the βwishβ of the State structures to see computers with a domestic operating system at workplaces. So the whole choice, in our case, came down to the choice between the Rosa OS and the Alt Linux OS.
Despite considerable experience with Rosa, comparing AltLinux and Rosa distributions was not in favor of Rosa. First of all, due to the lack of Cinnamon in LiveDVD, and secondly, due to the decline in the quality of the distribution in recent times.
Thus, the development of AltLinux was chosen as the basis for creating the assembly - one of the assemblies of the P7 starter kit, containing the Cinnamon desktop. The positive side of this choice is the minimum composition of the set, which allows you to expand it at your discretion.
In the enterprise network there is a virtualization server on which the Magos-server was deployed. The server performs several functions.
First, it serves as a remote boot server. Remote download is implemented using TFTP and allows you to download MagOS in the same configuration that is used to work on workstations. Using this boot, you can test the hardware, install the operating system on a workstation, and perform many other tasks. In addition, using the remote boot server, Clonezilla and Memtest images are downloaded.
Remote loading of the workstation under MagOS control is performed via the HTTP protocol, for which Lighttpd is installed on the server, whose DocumentRoot points to the MagOS repository.
The distribution kit is installed on the workstation and the workstations are updated using the RSYNC protocol. Therefore, rsyncd is installed on the server.
The server is controlled by the SSH protocol. According to the same protocol, on the server, changes of program modules are being prepared, prepared on a test computer.
This computer is equipped with 4Gb of memory, because there were problems with the creation of modules with less memory.
Deployed AD based on Windows 2008 SP2 and all computers on the network are included in AD. No exception and computers running Linux.
Due to the multiplicity of the kernel parameters, the prefix of the parameters 'uird' (Unified Init Ram Disk) was introduced to highlight the MagOS parameters.
uird.ro - MagOS Parameter. Specifies a filter for modules that are mounted in RO mode. As such, the modules themselves are MagOS and LiveDVD AltLinux itself.
uird.from - MagOS parameter. List of sources on which the modules for the system are located. This is an indication of the path for loading modules and the distribution itself.
uird.load - MagOS Parameter. Filter for modules that need to be connected at boot time.
root - Kernel parameter. Specify the root file system.
rw - enable read / write mode.
findswap - MagOS Parameter. Forces the system to automatically connect Swap. If the system has a Linux Swap partition, then it connects. Otherwise, the Windows swap file is searched.
vga - Kernel parameter. Enable graphics mode.
quiet - Kernel parameter, indicates the need to create a dmesg log.
plymouth.enable - Kernel parameter. Manages the graphical display and logging at the time of loading the operating system.
uird.home - MagOS Parameter. Specifies the source of user home directories. Due to an error in the existing version of MagOS, a full path specification is required, including the indication of the device.
uird.changes - MagOS Parameter. Specifies the source on which persistent changes to the root file system will be stored.
users - Kernel parameter.
It is possible to use encryption for data stored on the hard disk. In this case, instead of saving data to partitions, you should use saving to disk images. Images should take the following form:
uird.copy2ram [+] = - filter for modules that are copied to RAM. It can be used to speed up work in the presence of a significant amount of RAM.
uird.copy2cache [+] = - filter for modules that are copied to the cache.
uird.cache [+] = - sources to which the modules should be synchronized.
It is possible to use CASH instead of synchronizing MagOS files with the server when the computer is turned off. The disadvantages of the method include the fact that the exchange with the server is performed via HTTP, which in itself significantly reduces speed. The second disadvantage is that there is a difficulty in splitting the update objects - the MagOS.ini file, the boot partition and the OS partition itself. It should be noted that the layer-cache cache level and the corresponding uird.cache parameter used to synchronize remote repositories to local or private (INTRANET) repositories, as well as to update the system, should be set as follows:
Here, each source is assigned its own directory.
uird.netfsopt [+] = - additional options for mounting network file systems: sshfs, nfs, curlftpfs, cifs.
Using the specified file systems, you can later connect network file systems with user data partitions.
uird.noload [+] = - filter for modules that need to be skipped during loading
You can selectively disable certain modules for individual computers or networks.
uird.homes [+] = - sources that store user home directories (combined by AUFS).
In essence, here you enter the layer-homes user's home directories and the corresponding parameter: uird.homes:
All user directories from various sources are cascaded-combined by AUFS and mounted on / home. The first source is of higher priority, then, in the order of listing, priority is reduced. If the source is set by the parameter uird.home =, then the source is mounted in / home. Thus, there is the possibility of a multiple connection of the home folder with the imposition of different file systems. Can be used for network placement of users' home folders.
Types of sources:
It is possible to use machine-dependent resources for changes, which is necessary to ensure user reentrancy.
The following parameters are used for network booting:
These are the same parameters, but you should pay attention to the indication of the parameter uird.from:
Here you can see the full http url of the server from which the OS is being loaded. The base layer-base level and the corresponding parameter uird.from can be set as follows:
If uird.basecfg is not set, then /uird_configs/basecfg.ini is used inside the initrd.
The implementation is based on a set of dracut initialization scripts (base, busybox modules) and uird scripts (livekitlib + uird-init):
In our case, the magos-server is deployed as an openvz container. The implementation is not critical.
Centos v6 operating system. The following resources are allocated for a virtual container: CPU - 2, RAM - 512Mb, swap - 1Gb, virtual disk size 40Gb.
The repository consists of two parts: a worker with the name magos and a test with the name testing. The working repository is designed to install and update software for user workstations. Preliminary testing of the installed software is performed on the testing repository. The boot menu allows you to load the operating system from both the working repository and the test one.
Only relevant files and directories are shown in the program repository structure.
magos
testing
Since writing to the repository is carried out with the system user rights, you must create groups responsible for writing to the appropriate repository:
Set permissions on all repository directories:
Set repository owner groups:
Set SGID to repository directories:
The scripts were created for current use and do not pretend to the "boxing" of use, therefore, when applying them, please be careful!
The update-txt.sh script, which runs daily according to a schedule, writes the update.txt file containing the current date to the modules directory. After synchronizing the data to the user's computer, it makes it easy to check when the computer was last updated. This is a necessary moment for tracking computers that do not overload for a long time (the user does not turn off the computer).
The testig2magos_kern.sh, testig2magos_mod.sh and testig2magos_all.sh scripts are designed to update the working repository from the testing repository and are executed only in manual mode.
testig2magos_kern.sh - updates only system modules and the kernel directory.
testig2magos_mod.sh - updates only user modules.
testig2magos_all.sh - performs a full update including the kernel, iso and modules folders.
None of the scripts are updating the MagOS.ini file!
Changes to this file are made only manually.
When creating modules in MagOS, you have to take into account one important feature related to the creation of users and groups. When a module is created, the modified passwd, group, shadow, etc. files are saved in it But, in order for the next generated module to be βseenβ by the epm2xzm script, you need the module name to match the βNN-β pattern. If the names of the modules do not match this pattern, then each subsequent module being created, just like the first, will be created on the basis of only the basic MagOS modules. Most of all, this will hit the authentication files: programs that create system users and are installed in different modules receive the same UID and GID, and passwd files created in different modules are overwritten by subsequent layers. As a result, the programs installed in the underlying modules turn out to be inoperable.
There are two ways to eliminate this problem: group programs that create system accounts within one module or specify module names according to the template above.
The scripts creating modules are written in such a way that their own name is used as the name of the module. A script named 99-u30-example.sh will create a module called 99-u30-example.xzm.
, . . , MagOS AltLinux , aufs . , , . Β«99-Β», , Β«99?-Β» , .
: , . , Β«99-u10-updateΒ». , . . :
.
( 127), . , , . , . . , .
, , , . , -, , . , Libreoffice , 3 . , .
, 3, 4 .
:
, :
. , . , iso . , .
, . , , .
, . office, , 3 .
.
, , / . , . .
. . . Β« Β».
, timezone, , MagOS, (cp /usr/share/zoneinfo/Asia/Krasnoyarsk $NAME/etc/localtime).
- AltLinux, , local (cp /etc/nsswitch.conf $NAME/etc/nsswitch.conf sed -is/'^hosts: files mdns4_minimal \[NOTFOUND=return\]*'/'hosts: files dns mdns4_minimal \[NOTFOUND=return\] myhostname fallback'/ $NAME/etc/nsswitch.conf).
zabbix_agentd, , .
fusioninventory-agent, , GLPI .
, .
etc/ :
sudo ( ssh).
:
:
autoimports fusioninventory-agent.
italc.
autologin .
.
skel , .
, .
Italc , . , default.
, . , : . , Β« Β» , .
MagOS, MagOS. , , MagOS-patches, .
/usr/lib/magos/rc.halt/05-update.sh . MagOS.ini :
: AUTOUPDATE , . UPDATE β , .
SRCUPDATE β , . IP-, DNS .
.
:
/usr/lib/magos/rc.preinit.d/21-ntp, NTP . AltLinux, .
, , .
/usr/share/magos/install/magosinstall.sh . . magos-server .
, , , 30Gb, swap β 6 Gb, , Changes Home. , , , .
, .
ADS . AltLinux, , . . , , TCL . , .
hostname=MagOS. , , AD. : AD.
: MagOS.ini, /etc/sysconfig/magos. MagOS, /etc/sysconfig/magos.
, realm $domain $realm. , β¦
, . MagOS , Changes.
ADS : winbind AD, . , β . AD, . , AD . «».
, winbind AD. systemd, winbind , winbind . , , 1 β 2 . , , , .
β AD, magos-patches , MagOS.ini β , . /etc/skel . , winbind-restart. .
, , , .
MagOS AltLinux .
- , . , MagOS.ini.
/root/bin/updatemagos.sh. .
/root/bin/mnt.sh β .
loadupdate saveupdate MagOS .
, . β ssh . hostalt-create.sh , , MagOS AltLinux. , Β«-aΒ». , .
, . , sudo .
, , AltLinux alttlinux.
magos-server.
, libexec , , , , , .
, . β , Unix ACL, . . Posix .
/update/conf/devel.conf.
Here:
DISTTYPE β magos-server.
DISTNAME β .
ARCH β .
.
UPDETESRV β . SERVER β URL magos-server.
USER β magos-server, . .
:
, , , epm2xzm.
c .
: , , .bak. , . .old. .
modules . .
MagOS /tmp /var/tmp tmpfs. Unit systemd /tmp tmpfs, . /etc/systemd/system/local-fs.target.wants:
Unit var-tmp.mount . MagOS VARTMPFS /var/tmp β /tmp. CUPS , unit .
Unit /var/tmp tmpfs.
Alt Linux MagOS:
. This is normal. , mydomain:
Where:
hostname β . .
username β mydomain.local.
password β mydomain.local.
:
.
. . .
: , .
1. Basic description of basic principles
1.1. MagOS application.
1.2. Technology.
1.3. The choice of basic distribution.
2. Network structure.
2.1. Magos-server.
3. Configure the bootloader.
3.1. Bootloader strings
3.2. Options that have been used.
3.3. Options that can be used.
3.4. Features network boot.
4. The order of system initialization.
4.1. The structure of the basecfg.ini configuration file by default.
4.2. The structure of the system directory.
4.3. Implementation.
5. MagOS server.
5.1. General information.
5.2. Network settings.
5.3. Configure services.
5.4. Repository of programs.
5.5. Additional server data
5.6. Monitoring
6. Custom modules.
6.1. General principles for creating custom modules.
6.2. How many modules do.
6.3. Modules for special purposes.
6.4. Restrictions for modules.
6.5. Instructions for the creation of modules.
6.6. System update module.
6.7. Office software installation module.
6.8. Module with utilities and servers.
6.9. System Settings Module.
7. Scripts.
7.1. Add-ons for magos-patches.
7.2. OS installation script.
7.3. Inclusion scripts in AD.
7.4. System management (/ root / bin).
7.5. Additional scripts that fix the work of the magos programs and the operating system.
8. Instructions for technicians.
Basic description of the basic principles
MagOS Application
MagOS is a specific build of a distribution kit selected from an extensive list. Live distributions of Magea, Mandriva, Rosa, Ubuntu, Debian, Fedora, AltLinux, etc. can be used as the basis for building the build. The specific elements of MagOS are a modified kernel (to support AUFS), a specially created initrd (using UIRD) and an additional set of scripts designed to manage MagOS.
MagOS allows you to create a full-fledged operating system based on the Live builds of various distributions (builds designed for booting from CDs, DVDs). The specific use of MagOS provides a whole range of additional benefits of this approach:
')
Very simple restoration of the system to its original state. It can be compared with the technology of working with equipment, when the introduction of a special command allows you to reset all user-made settings and bring the system to its original state. Here, the same effect is achieved by the destruction of data in the sections in which user data is stored. Thus, this option of installing the distribution becomes simply indispensable when used in the educational process. To the above, you need to add the ability to install the distribution on a flash drive, which allows the student or student to use it not only in the classroom, but also at home.
The second most important advantage of the distribution is the ability to pre-configure the system. It is achieved by including all the necessary configuration files with parameters in the immutable part of the distribution, the so-called modules. Using this technology, we minimize the number of administrator actions after installing the system on a user's computer. This opportunity can be used not only for the organization of computer classes, but also among industrial enterprises, reducing to the possible minimum labor costs for installation and configuration when working with a large number of users' computers.
The third advantage is the ease of installation and updating of such an operating system assembly, which is reduced to partitioning the disk, creating file systems, copying a set of files to a computer and installing a bootloader. In industrial applications, all specified operations can be performed automatically when the corresponding script is run. Updating an installed distribution package also comes down to copying files, which can be done automatically, for example, when you turn off your computer.
The separate advantages include the possibility of network download distribution, including from the Internet.
The unrealized capabilities of MagOS include the inability to store user data on a secure distributed file system. The implementation of such a distributed file system will ensure full reentrancy of users.
Some background information about MagOS can be obtained from the article: MagOS Linux (September release) .
Technology
A modification of the Linux kernel included in MagOS is to enable the patch with the AUFS file system. AUFS allows you to connect external file systems to the file system using the loopback interface, collecting the resulting file system like a layer cake. Intermediate layers of such a resulting file system are connected, most often, in RO mode (read only), and the uppermost layer, as a rule, is connected in RW mode (read-write) and projected onto a disk file system, which can be placed as in RAM , on a physical disk, in a disk image, and stored during a shutdown operation in a special module that is connected using the SquashFS file system.
The SquashFS file system allows you to perform compression using a block algorithm, preserving all file system attributes. In MagOS, it is used to create loadable modules with images of layers of the AUFS file system. The block compression algorithm allows you to not unpack the entire module files, if necessary, to extract data from them.
In MagOS, an initrd disk image used to boot Linux on most distributions is used to organize the system. There are scripts that create a "layered" file system distribution, processing configuration files, etc.
The data required for setting up the system is transmitted through the kernel parameters of the operating system, which are written in the grub4dos / grub2 / syslinux bootloader, and using the special configuration file MagOS.ini. Where and what parameters are transferred is described in the documentation. Parameters related to the general configuration of the operating system are transferred using kernel parameters. They are organized into a system of parameters Unified Init Ram Disk (uird).
The description of the parameters is given on the project website: UIRD . Used distribution Magos multi .
In industrial applications, you cannot do without a server that contains a distribution kit and supports HTTP (for remote download), TFTP (remote boot by PXE), SSH (for file management) and RSYNC (for installing and updating the OS on users' computers). The server can be implemented on any distribution, including MagOS. In my case, a virtual container based on the CentOS 6 distribution was used.
To manage the system, the necessary options and scripts that process them were added to MagOS.
Choosing a base distribution
The choice of the distribution kit on the basis of which the network is built is always a complex and ambiguous task. Choosing one or another distribution kit has to take into account many factors, including many local problems. We had the following factors: very unproductive users' computers, although they were acquired quite recently, they saved money on computers, therefore, in a typical machine, at which the user sits only 2 Gigabytes of RAM and a dual-core Celeron with not very high clock speeds. Such a typical configuration of a user's computer imposes restrictions on the choice of a desktop manager, in particular, using KDE is no longer possible without losing the possibility of comfortable user experience.
Secondly, this is a problem of unqualified personnel, the main function of which is, by no means, computer work. It is necessary to remember about the long-term habit of one single operating system, with which people have had to work for many years - Windows XP, whose support has been discontinued, which is why the problem of replacing the OS in users' workstations has been a problem.
Exploring the possibility of adapting the appearance of the desktop to the appearance of the good old XP, we decided to stop at Cinnamon. Despite the fact that the development has not yet been released, in the standard configuration this desktop works quite stable and quite easily adapts to the appearance of XP by installing the appropriate theme. An additional factor influencing the OS choice was the βwishβ of the State structures to see computers with a domestic operating system at workplaces. So the whole choice, in our case, came down to the choice between the Rosa OS and the Alt Linux OS.
Despite considerable experience with Rosa, comparing AltLinux and Rosa distributions was not in favor of Rosa. First of all, due to the lack of Cinnamon in LiveDVD, and secondly, due to the decline in the quality of the distribution in recent times.
Thus, the development of AltLinux was chosen as the basis for creating the assembly - one of the assemblies of the P7 starter kit, containing the Cinnamon desktop. The positive side of this choice is the minimum composition of the set, which allows you to expand it at your discretion.
Network structure
Magos-server
In the enterprise network there is a virtualization server on which the Magos-server was deployed. The server performs several functions.
First, it serves as a remote boot server. Remote download is implemented using TFTP and allows you to download MagOS in the same configuration that is used to work on workstations. Using this boot, you can test the hardware, install the operating system on a workstation, and perform many other tasks. In addition, using the remote boot server, Clonezilla and Memtest images are downloaded.
Remote loading of the workstation under MagOS control is performed via the HTTP protocol, for which Lighttpd is installed on the server, whose DocumentRoot points to the MagOS repository.
The distribution kit is installed on the workstation and the workstations are updated using the RSYNC protocol. Therefore, rsyncd is installed on the server.
The server is controlled by the SSH protocol. According to the same protocol, on the server, changes of program modules are being prepared, prepared on a test computer.
This computer is equipped with 4Gb of memory, because there were problems with the creation of modules with less memory.
Network integration
Deployed AD based on Windows 2008 SP2 and all computers on the network are included in AD. No exception and computers running Linux.
Bootloader configuration
Bootloader strings
title AltLinux i586 cinamon save #find --set-root --ignore-floppies --ignore-cd /MagOS/MagOS.sgn kernel /AltLinux/kernel/i586/vmlinuz uird.ro=*.xzm,*/live uird.from=/AltLinux/iso/altlinux-p7-cinnamon-latest-i586.iso;/AltLinux/modules/i586/ uird.load=* root=uird rw findswap vga=788 quiet plymouth.enable=0 uird.home=/dev/sda3/AltLinux-Data/homes/ uird.changes=/dev/sda3/AltLinux-Data/changes/ users initrd /AltLinux/kernel/i586/uird.soft.cpio.xz /AltLinux/kernel/i586/uird.magos.cpio.xz Options that have been used
Due to the multiplicity of the kernel parameters, the prefix of the parameters 'uird' (Unified Init Ram Disk) was introduced to highlight the MagOS parameters.
uird.ro=*.xzm,*/live uird.ro - MagOS Parameter. Specifies a filter for modules that are mounted in RO mode. As such, the modules themselves are MagOS and LiveDVD AltLinux itself.
uird.from=/AltLinux/iso/altlinux-p7-cinnamon-latest-i586.iso;/AltLinux/modules/i586/ uird.from - MagOS parameter. List of sources on which the modules for the system are located. This is an indication of the path for loading modules and the distribution itself.
uird.load=* uird.load - MagOS Parameter. Filter for modules that need to be connected at boot time.
root=uird root - Kernel parameter. Specify the root file system.
rw rw - enable read / write mode.
findswap findswap - MagOS Parameter. Forces the system to automatically connect Swap. If the system has a Linux Swap partition, then it connects. Otherwise, the Windows swap file is searched.
vga=788 vga - Kernel parameter. Enable graphics mode.
quiet quiet - Kernel parameter, indicates the need to create a dmesg log.
plymouth.enable=0 plymouth.enable - Kernel parameter. Manages the graphical display and logging at the time of loading the operating system.
uird.home=/dev/sda3/AltLinux-Data/homes/ uird.home - MagOS Parameter. Specifies the source of user home directories. Due to an error in the existing version of MagOS, a full path specification is required, including the indication of the device.
uird.changes=/dev/sda3/AltLinux-Data/changes/ uird.changes - MagOS Parameter. Specifies the source on which persistent changes to the root file system will be stored.
users users - Kernel parameter.
Options that can be used
It is possible to use encryption for data stored on the hard disk. In this case, instead of saving data to partitions, you should use saving to disk images. Images should take the following form:
*.RWM.ENC - RW *.ROM.ENC - RO uird.copy2ram [+] = - filter for modules that are copied to RAM. It can be used to speed up work in the presence of a significant amount of RAM.
uird.copy2cache [+] = - filter for modules that are copied to the cache.
uird.cache [+] = - sources to which the modules should be synchronized.
It is possible to use CASH instead of synchronizing MagOS files with the server when the computer is turned off. The disadvantages of the method include the fact that the exchange with the server is performed via HTTP, which in itself significantly reduces speed. The second disadvantage is that there is a difficulty in splitting the update objects - the MagOS.ini file, the boot partition and the OS partition itself. It should be noted that the layer-cache cache level and the corresponding uird.cache parameter used to synchronize remote repositories to local or private (INTRANET) repositories, as well as to update the system, should be set as follows:
uird.cache=/MagOS/cache;/MagOS-Data/cache;/MagOS-Data/netlive Here, each source is assigned its own directory.
uird.netfsopt [+] = - additional options for mounting network file systems: sshfs, nfs, curlftpfs, cifs.
Using the specified file systems, you can later connect network file systems with user data partitions.
uird.noload [+] = - filter for modules that need to be skipped during loading
You can selectively disable certain modules for individual computers or networks.
uird.homes [+] = - sources that store user home directories (combined by AUFS).
In essence, here you enter the layer-homes user's home directories and the corresponding parameter: uird.homes:
uird.homes=/MagOS-Data/homes;/MagOS-Data/home.img;nfs://magos.sibsau.ru/homes/n/e/myuser All user directories from various sources are cascaded-combined by AUFS and mounted on / home. The first source is of higher priority, then, in the order of listing, priority is reduced. If the source is set by the parameter uird.home =, then the source is mounted in / home. Thus, there is the possibility of a multiple connection of the home folder with the imposition of different file systems. Can be used for network placement of users' home folders.
Types of sources:
/path/dir - directory on any available media;/dev/[..]/path/dir - directory on the specified media;file-dvd.iso, file.img - disk image (ISO, block device image);server/path⦠server/path⦠- source available via HTTP (using httpfs);ssh://server/path/⦠- source available via SSH (using sshfs);server/path⦠server/path⦠- source available via FTP (using curlftpfs);nfs://server/path/⦠- source accessible via NFS;cifs://server/path/⦠- source available via CIFS;uird.machines= - the source where machine-dependent persistent changes are stored.It is possible to use machine-dependent resources for changes, which is necessary to ensure user reentrancy.
Network boot features
The following parameters are used for network booting:
kernel images/vmlinuz uird.ro=*.xzm,*/live uird.from=http://magos-server.mydomain.local/magos/AltLinux/iso/alt linux-p7-cinnamon-latest-i586.iso;http://magos-server.mydomain.local/magos/AltLinux/modules/i586/ uird.load=* root=uird rw findswap vga=788 quiet plymouth.enable=0 users These are the same parameters, but you should pay attention to the indication of the parameter uird.from:
uird.from=http://magos-server.mydomain.local/magos/AltLinux/iso/altlinux-p7-cinnamon-latest-i586.iso;http://magos-server.mydomain.local/magos/AltLinux/modules/i586/ Here you can see the full http url of the server from which the OS is being loaded. The base layer-base level and the corresponding parameter uird.from can be set as follows:
uird.from=/MagOS;/MagOS-Data;MagOS.iso;http://magos.sibsau.ru/repository/netlive/2014.64/MagOS System Initialization Order
- The configuration file is searched for by the path specified in the uird.basecfg parameter.
- Parameters are set from the configuration file that are not yet set in the kernel parameters.
- Base-level sources are mounted in the order specified in the parameter uird.from.
- The cache level sources are mounted in the order specified in the uird.cache parameter.
- There is a mount of homes-level sources in the order specified in the parameter uird.homes.
- The connection to the highest level of AUFS of the source of persistent changes specified in the uird.changes parameter occurs.
- The base-level is synchronized to the cache-level, taking into account the uird.copy2cache parameter, as well as the matching sublevels. If the cache-level sublevels are less than the base-level, then the remaining sublevels are synchronized into RAM.
βββ layer-base ==> βββ layer-cache β βββ 0 --> β βββ 0 β βββ 1 --> β βββ 1 β βββ ... --> β βββ ... β βββ ... --> β RAM - Synchronization of base and cache levels in RAM is performed, taking into account the uird.copy2ram parameter.
- Modules are searched in RAM, cache-level, base-level and connected to the upper level of AUFS or copied to the root (taking into account the filters specified in the parameters uird.load, uird.noload, uird.ro, uird.rw, uird. cp).
- The cascade integration of homes-level sources and their connection to / home / is carried out
- Runs rc.preinit scripts.
The structure of the default basecfg.ini configuration file
uird.config=MagOS.ini uird.ramsize=70% uird.ro=*.xzm;*.rom;*.rom.enc;*.pfs;*.sfs uird.rw=*.rwm;*.rwm.enc uird.cp=*.xzm.cp,*/rootcopy uird.load=/base/,/modules/,rootcopy uird.noload= uird.from=/MagOS;/MagOS-Data uird.changes=/MagOS-Data/changes uird.cache=/MagOS-Data/cache uird.machines=/MagOS-Data/machines uird.home=/MagOS-Data/homes If uird.basecfg is not set, then /uird_configs/basecfg.ini is used inside the initrd.
System directory structure
/memory/ βββ bundles - β βββ 00-kernel.xzm β βββ 01-firmware.xzm β βββ 10-core.xzm β βββ 80-eepm-1.5.2.xzm β βββ ... - .. βββ changes - β βββ etc β βββ home β βββ memory β βββ run β βββ var β βββ ... - .. βββ data - β βββ cache - β βββ homes - homes β βββ machines - () β βββ from - βββ layer-base - β βββ 0 - β βββ 1 - ( uird.from=) β βββ ... - .. βββ layer-cache - β βββ 0 - β βββ 1 - ( uird.cache=) β βββ ... - .. βββ layer-homes - homes β βββ 0 - β βββ 1 - ( uird.homes=) β βββ ... - .. βββ cmdline - βββ MagOS.ini.gz - Implementation
The implementation is based on a set of dracut initialization scripts (base, busybox modules) and uird scripts (livekitlib + uird-init):
- cmdline-hook: parse-root-uird.sh (checks the root parameter = uird);
- mount-hook: mount-uird.sh (executes the uird-init script);
- livekitlib - contains a library of initialization system functions;
- uird-init - sequentially executes a set of functions from livekitlib and performs cascade-block mounting of system modules into a single root AUFS in the directory specified in the dracut $ NEWROOT variable.
MagOS server
General information
In our case, the magos-server is deployed as an openvz container. The implementation is not critical.
- It serves as a remote boot server. Remote boot is implemented using TFTP / PXE and allows you to load MagOS in the same configuration that is used to work on workstations. Using this boot, you can test the hardware, install the operating system on a workstation, and perform many other tasks.
- Remote loading of the workstation under MagOS control is carried out via the HTTP protocol, for which Lighttpd is installed on the server, the documentroot of which points to the MagOS repository.
- The distribution kit is installed on the workstation and the workstations are updated using the rsync protocol. Therefore, rsyncd is installed on the server.
- The server is controlled by the ssh protocol. According to the same protocol, on the server, changes of program modules are being prepared, prepared on a test computer.
Server implementation
Centos v6 operating system. The following resources are allocated for a virtual container: CPU - 2, RAM - 512Mb, swap - 1Gb, virtual disk size 40Gb.
Network settings
Setup in ifcfg-eth0
DEVICE=eth0 IPADDR=192.168.1.xxx NETMASK=255.255.255.0 NETWORK=192.168.1.0 GATEWAY=192.168.1.1 DNS1=192.168.1.xxx BROADCAST=192.168.1.255 TYPE=Ethernet ONBOOT=yes NM_CONTROLLED=yes BOOTPROTO=static Network Services (netstat -tunlp)
# netstat -tunlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:873 0.0.0.0:* LISTEN 494/xinetd tcp 0 0 192.168.1.xxx:80 0.0.0.0:* LISTEN 551/lighttpd tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 484/sshd udp 0 0 0.0.0.0:69 0.0.0.0:* 494/xinetd Configure Services
Lighthttpd
Run:
chkconfig --list lighttpd lighttpd 0:off 1:off 2:on 3:on 4:off 5:on 6:off Configuration file lighttpd.conf
var.log_root = "/var/log/lighttpd" var.server_root = "/var/www" var.state_dir = "/var/run" var.home_dir = "/var/lib/lighttpd" var.conf_dir = "/etc/lighttpd" var.vhosts_dir = server_root + "/vhosts" var.cache_dir = "/var/cache/lighttpd" var.socket_dir = home_dir + "/sockets" include "modules.conf" server.port = 80 server.use-ipv6 = "disable" server.bind = "192.168.1.xxx" server.username = "lighttpd" server.groupname = "lighttpd" server.document-root = server_root + "/" server.pid-file = state_dir + "/lighttpd.pid" server.errorlog = log_root + "/error.log" include "conf.d/access_log.conf" include "conf.d/debug.conf" server.event-handler = "linux-sysepoll" server.network-backend = "linux-sendfile" server.stat-cache-engine = "simple" server.max-connections = 1024 index-file.names += ( "index.xhtml", "index.html", "index.htm", "default.htm", "index.php" ) url.access-deny = ( "~", ".inc" ) $HTTP["url"] =~ "\.pdf$" { server.range-requests = "disable" } static-file.exclude-extensions = ( ".php", ".pl", ".fcgi", ".scgi" ) include "conf.d/mime.conf" include "conf.d/dirlisting.conf" server.follow-symlink = "enable" server.upload-dirs = ( "/var/tmp" ) Vhosts.d / magos.conf configuration file
$HTTP["host"] == "magos-server.mydomain.local" { var.server_name = "magos-server.mydomain.local" server.name = server_name include "conf.d/trigger_b4_dl.conf" server.document-root = vhosts_dir + "/magos/" accesslog.filename = log_root + "/" + server_name "/access.log" } Conf.d / dirlisting.conf configuration file
dir-listing.activate = "enable" dir-listing.hide-dotfiles = "disable" dir-listing.exclude = ( "~$" ) dir-listing.encoding = "UTF-8" dir-listing.hide-header-file = "disable" dir-listing.show-header = "disable" dir-listing.hide-readme-file = "disable" dir-listing.show-readme = "disable" Tftpd
Run (/etc/xinetd.d/tftp :)
service tftp { socket_type = dgram protocol = udp wait = yes user = root server = /usr/sbin/in.tftpd server_args = -s /var/lib/tftpboot disable = no per_source = 11 cps = 100 2 flags = IPv4 } Configuration file /var/lib/tftpboot/pxelinux.cfg/default
default menu.c32 prompt 0 timeout 300 ONTIMEOUT local MENU TITLE PXE Menu # β HD LABEL Boot from hard disk localboot 0x80 LABEL AltLinux-net MENU LABEL AltLinux-net kernel images/vmlinuz uird.ro=*.xzm,*/live uird.from=http://magos-server.mydomain.local/magos/AltLinux x/iso/altlinux-p7-cinnamon-latest-i586.iso;http://magos-server.mydomain.local/magos/AltLinux/modules/i586/ ui rd.load=* root=uird rw findswap vga=788 quiet plymouth.enable=0 users append initrd=images/uird.magos.cpio.xz LABEL AltLinux-net testing MENU LABEL AltLinux-net testing kernel images/vmlinuz uird.ro=*.xzm,*/live uird.from=http://magos-server.mydomain.local/testing/AltLinux /iso/altlinux-p7-cinnamon-latest-i586.iso;http://magos-server.mydomain.local/testing/AltLinux/modules/i586 / uird.load=* root=uird rw findswap vga=788 quiet plymouth.enable=0 users append initrd=images/uird.magos.cpio.xz The repository consists of two parts: a worker with the name magos and a test with the name testing. The working repository is designed to install and update software for user workstations. Preliminary testing of the installed software is performed on the testing repository. The boot menu allows you to load the operating system from both the working repository and the test one.
Rsync
Run (/etc/xinetd.d/rsync):
service rsync { disable = no flags = IPv4 socket_type = stream wait = no user = root server = /usr/bin/rsync server_args = --daemon log_on_failure += USERID } Configuration file /etc/rsyncd.conf
use chroot = yes max connections = 100 syslog facility = local5 pid file = /var/run/rsyncd.pid [magos] path = /var/www/magos comment = whole MagOS boot [testing] path = /var/www/testing comment = whole MagOS boot sshd
Run:
# chkconfig βlist sshd sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off Configuration file / etc / ssh / sshd_config
Protocol 2 SyslogFacility AUTHPRIV PasswordAuthentication yes ChallengeResponseAuthentication no GSSAPIAuthentication yes GSSAPICleanupCredentials yes UsePAM yes AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE AcceptEnv XMODIFIERS X11Forwarding no Subsystem sftp /usr/libexec/openssh/sftp-server Software repository
Only relevant files and directories are shown in the program repository structure.
magos
βββAltLinux β βββiso β β βββaltlinux-p7-cinnamon-latest-i586.iso β βββkernel β β βββi586 β β βββuird.magos.cpio.xz β β βββuird.soft.cpio.xz β β βββvmlinuz β βββmodules β βββi586 β βββ00-kernel.xzm β βββ01-firmware.xzm β βββ03-1-nvidia-current.xzm β βββ03-2-nvidia304.xzm β βββ03-9-fglrx.xzm β βββ80-eepm-1.5.2.xzm β βββ80-uird.soft.xzm β βββ90-magos-patches.xzm β βββ99-squashfs-tools.32.xzm β βββ99-u10-update.xzm β βββ99-u40-office4.xzm β βββ99-u50-utils.xzm β βββ99-u99-default.xzm β βββMagOS.ini β βββupdate.txt βββAltLinux-Data β βββcache β βββchanges β βββhomes β βββmachines β βββMagOS-Data.sgn β βββmodules β βββoptional β βββrootcopy βββboot βββgrub4dos β βββinstall.lin β βββinstall.win β βββlocal β βββmenu.lst βββsyslinux βββtools testing
βββAltLinux β βββiso β β βββaltlinux-p7-cinnamon-latest-i586.iso β βββkernel β β βββi586 β β βββuird.magos.cpio.xz β β βββuird.soft.cpio.xz β β βββvmlinuz β βββmodules β βββi586 β βββ00-kernel.xzm β βββ01-firmware.xzm β βββ03-1-nvidia-current.xzm β βββ03-2-nvidia304.xzm β βββ03-9-fglrx.xzm β βββ80-eepm-1.5.2.xzm β βββ80-uird.soft.xzm β βββ90-magos-patches.xzm β βββ99-squashfs-tools.32.xzm β βββ99-u10-update.xzm β βββ99-u40-office4.xzm β βββ99-u50-utils.xzm β βββ99-u99-default.xzm β βββMagOS.ini β βββupdate.txt βββAltLinux-Data β βββcache β βββchanges β βββhomes β βββmachines β βββMagOS-Data.sgn β βββmodules β βββoptional β βββrootcopy βββboot β βββgrub4dos β β βββinstall.lin β β βββinstall.win β β βββlocal β β βββmenu.lst β βββsyslinux β βββtools βββupdate.tar.gz Since writing to the repository is carried out with the system user rights, you must create groups responsible for writing to the appropriate repository:
# groupadd magos # groupadd testing Set permissions on all repository directories:
# cd /var/www # find magos -type f -exec chmod 664 {} + # find magos -type d -exec chmod 775 {} + # find testing -type f -exec chmod 664 {} + # find testing -type d -exec chmod 775 {} + Set repository owner groups:
# chown -R :magos magos # chown -R :testing testing Set SGID to repository directories:
# chmod g+s magos # chmod g+s testing Additional server data
yum.repos.d CentOS-Base.repo CentOS-Debuginfo.repo CentOS-fasttrack.repo CentOS-Media.repo CentOS-Vault.repo epel.repo epel-testing.repo vz.repo Management scripts
The scripts were created for current use and do not pretend to the "boxing" of use, therefore, when applying them, please be careful!
Monitoring
The update-txt.sh script, which runs daily according to a schedule, writes the update.txt file containing the current date to the modules directory. After synchronizing the data to the user's computer, it makes it easy to check when the computer was last updated. This is a necessary moment for tracking computers that do not overload for a long time (the user does not turn off the computer).
Script /etc/cron.daily/update-txt.sh
#!/bin/sh echo "magos $(date)" > /var/www/magos/AltLinux/modules/i586/update.txt echo "testing $(date)" > /var/www/testing/AltLinux/modules/i586/update.txt Update
The testig2magos_kern.sh, testig2magos_mod.sh and testig2magos_all.sh scripts are designed to update the working repository from the testing repository and are executed only in manual mode.
testig2magos_kern.sh - updates only system modules and the kernel directory.
testig2magos_mod.sh - updates only user modules.
testig2magos_all.sh - performs a full update including the kernel, iso and modules folders.
None of the scripts are updating the MagOS.ini file!
Changes to this file are made only manually.
Script /root/bin/testig2magos_kern.sh
#!/bin/bash # MagOS magos # testing MAGOS="/var/www/magos" TESTING="/var/www/testing" MAGOSGROUP="magos" echo "!!! UPDATE KERNEL AND MAGOS MODULES TO magos REPOSITORY FROM testing REPOSITORY" echo " =====" echo echo "Pres Rnter to continue, or Ctrl+C to abort..." read junk clear cp -ruv $TESTING/AltLinux/kernel/i586/*.xzm $MAGOS/AltLinux/kernel/i586/ cp -ruv $TESTING/AltLinux/modules/i586/[0-9]?-*.xzm $MAGOS/AltLinux/modules/i586/ find $MAGOS -type f -exec chmod 664 {} + find $MAGOS -type d -exec chmod 775 {} + chown -R :$MAGOSGROUP $MAGOS/* echo "UPDATE KERNEL AND MAGOS MODULES FROM magos REPOSITORY IT IS EXECUTED" Script /root/bin/testig2magos_mod.sh
#!/bin/bash # MagOS magos # testing MAGOS="/var/www/magos" TESTING="/var/www/testing" MAGOSGROUP="magos" echo "!!! UPDATE MODULES TO magos REPOSITORY FROM testing REPOSITORY" echo " =====" echo echo "Pres Rnter to continue, or Ctrl+C to abort..." read junk clear cp -ruv $TESTING/AltLinux/modules/i586/[0-9]??-*.xzm $MAGOS/AltLinux/modules/i586/ find $MAGOS -type f -exec chmod 664 {} + find $MAGOS -type d -exec chmod 775 {} + chown -R :$MAGOSGROUP $MAGOS/* echo "UPDATE MODULES FROM magos REPOSITORY IT IS EXECUTED" Script /root/bin/testig2magos_all.sh
#!/bin/bash # magos # testing, iso MAGOS="/var/www/magos" TESTING="/var/www/testing" MAGOSGROUP="magos" echo "!!! UPDATE ALL MAGOS REPOSITORY magos FROM testing REPOSITORY" echo " =====" echo echo "Pres Rnter to continue, or Ctrl+C to abort..." read junk clear cp -ruv $TESTING/AltLinux/iso/ $MAGOS/AltLinux/iso/ cp -ruv $TESTING/AltLinux/kernel/i586/*.xzm $MAGOS/AltLinux/kernel/i586/ cp -ruv $TESTING/AltLinux/modules/i586/*.xzm $MAGOS/AltLinux/modules/i586/ find $MAGOS -type f -exec chmod 664 {} + find $MAGOS -type d -exec chmod 775 {} + chown -R :$MAGOSGROUP $MAGOS/* echo "UPDATE magos REPOSITORY IT IS EXECUTED" Custom modules
General principles for creating custom modules
What you need to know
When creating modules in MagOS, you have to take into account one important feature related to the creation of users and groups. When a module is created, the modified passwd, group, shadow, etc. files are saved in it But, in order for the next generated module to be βseenβ by the epm2xzm script, you need the module name to match the βNN-β pattern. If the names of the modules do not match this pattern, then each subsequent module being created, just like the first, will be created on the basis of only the basic MagOS modules. Most of all, this will hit the authentication files: programs that create system users and are installed in different modules receive the same UID and GID, and passwd files created in different modules are overwritten by subsequent layers. As a result, the programs installed in the underlying modules turn out to be inoperable.
There are two ways to eliminate this problem: group programs that create system accounts within one module or specify module names according to the template above.
The scripts creating modules are written in such a way that their own name is used as the name of the module. A script named 99-u30-example.sh will create a module called 99-u30-example.xzm.
How many modules do
, . . , MagOS AltLinux , aufs . , , . Β«99-Β», , Β«99?-Β» , .
: , . , Β«99-u10-updateΒ». , . . :
- .
- , (passwd, group ..)
.
( 127), . , , . , . . , .
, , , . , -, , . , Libreoffice , 3 . , .
, 3, 4 .
:
- /root/bin/loadupdate.sh.
- : /etc/sysconfig/MagOS /mnt/livemedia/MagOS.ini AUTOUPDATE=No.
- , .bak ( ).
- . magos-server.
- , , .
- 3-5 .
, :
- clean.
- .
- , acc . .
- , .
- .
- .
- . . . .. . .
- .
. , . , iso . , .
99-u10-update.sh
#!/bin/sh . conf/devel.conf NAME=`echo $0 | sed 's/\.\///'| sed 's/\..*//'` . lib/mv.sh $NAME epm2xzm $NAME upgrade $NAME.xzm rm -rf $NAME mkdir $NAME xzm2dir $NAME.xzm $NAME . lib/delhlam.sh $NAME dir2xzm $NAME $NAME.xzm . lib/update.sh $NAME , . , , .
99-u10-office4.sh
#!/bin/sh . conf/devel.conf NAME=`echo $0 | sed 's/\.\///'| sed 's/\..*//'` . lib/mv.sh $NAME epm2xzm $NAME -i 'java-1.7.0-openjdk LibreOffice4-langpack-ru LibreOffice4-integrated file-roller LibreOffice4 LibreOffice4-gnome foomatic-db lsof foo2zjs foo2zjs-apps foo2zjs-fwdownloader mozilla-plugin-adobe-flash mozilla-plugin-mozplugger mozilla-plugin-totem totem-plugins fonts-ttf-ms' rm -rf $NAME mkdir $NAME xzm2dir $NAME.xzm $NAME rm -rf $NAME/etc/urpmi $NAME/etc/.java . lib/delhlam.sh $NAME dir2xzm $NAME $NAME.xzm . lib/update.sh $NAME , . office, , 3 .
.
, , / . , . .
. . . Β« Β».
99-u20-utils.sh
#!/bin/sh . conf/devel.conf NAME=`echo $0 | sed 's/\.\///'| sed 's/\..*//'` . lib/mv.sh $NAME epm2xzm $NAME -i 'samba samba-winbind alterator-auth cups-windows samba-client ntpdate ntp-utils zabbix-agent zabbix-agent-sudo perl-FusionInventory-Agent perl-FusionInventory-Agent-scripts perl-Task-FusionInventory perl-Pod-Text-Ansi alterator-fbi alterator-net-iptables italc2-client installer-feature-init-italc rsync tcpdump nmap netcat telnet sane sane-server xsane xsane-gimp2 sane-frontends yagf cuneiform cuneiform-data fonts-otf-gdouros-akkadian aspell-ru-lebedev aspell-ru-rk iperf whois rdesktop xfreerdp remmina-plugins sshpass pssh' rm -rf $NAME mkdir $NAME xzm2dir $NAME.xzm $NAME cp /usr/share/zoneinfo/Asia/Krasnoyarsk $NAME/etc/localtime cp /etc/nsswitch.conf $NAME/etc/nsswitch.conf sed -is/'^hosts: files mdns4_minimal \[NOTFOUND=return\]*'/'hosts: files dns mdns4_minimal \[NOTFOUND=return\] myhostname fallback'/ $NAME/etc/nsswitch.conf sed -is/'^# PidFile=\/var'/'PidFile=\/var'/ $NAME/etc/zabbix/zabbix_agentd.conf sed -is/'^# EnableRemoteCommands=0'/'EnableRemoteCommands=1'/ $NAME/etc/zabbix/zabbix_agentd.conf sed -is/'^LogFileSize='/'# LogFileSize='/ $NAME/etc/zabbix/zabbix_agentd.conf sed -is/'127.0.0.1'/'192.168.0.XXX'/ $NAME/etc/zabbix/zabbix_agentd.conf sed -is/'^# LogRemoteCommands=0'/'LogRemoteCommands=1'/ $NAME/etc/zabbix/zabbix_agentd.conf sed -is/'^Hostname='/'# Hostname='/ $NAME/etc/zabbix/zabbix_agentd.conf sed -is/'^# Timeout=3'/'Timeout=30'/ $NAME/etc/zabbix/zabbix_agentd.conf mkdir $NAME/etc/fusioninventory echo "server = http://glpi.kompany.local/glpi/plugins/fusioninventory/" > $NAME/etc/fusioninventory/agent.cfg echo "delaytime = 3600" >> $NAME/etc/fusioninventory/agent.cfg echo "timeout = 180" >> $NAME/etc/fusioninventory/agent.cfg echo "logger = File" >> $NAME/etc/fusioninventory/agent.cfg echo "logfile = /var/log/fusioninventory.log" >> $NAME/etc/fusioninventory/agent.cfg echo "logfacility = LOG_USER" >> $NAME/etc/fusioninventory/agent.cfg echo "debug = 3" >> $NAME/etc/fusioninventory/agent.cfg mkdir $NAME/etc/cron.daily echo "#!/bin/sh" > $NAME/etc/cron.daily/fusioninventory-agent echo "" >> $NAME/etc/cron.daily/fusioninventory-agent echo "/usr/bin/fusioninventory-agent --conf-file=/etc/fusioninventory/agent.cfg" >> $NAME/etc/cron.daily/fusioninventory-agent chmod +x $NAME/etc/cron.daily/fusioninventory-agent . lib/delhlam.sh $NAME dir2xzm $NAME $NAME.xzm . lib/update.sh $NAME , timezone, , MagOS, (cp /usr/share/zoneinfo/Asia/Krasnoyarsk $NAME/etc/localtime).
- AltLinux, , local (cp /etc/nsswitch.conf $NAME/etc/nsswitch.conf sed -is/'^hosts: files mdns4_minimal \[NOTFOUND=return\]*'/'hosts: files dns mdns4_minimal \[NOTFOUND=return\] myhostname fallback'/ $NAME/etc/nsswitch.conf).
zabbix_agentd, , .
fusioninventory-agent, , GLPI .
, .
99-u99-default.sh
#!/bin/sh . conf/devel.conf NAME=`echo $0 | sed 's/\.\///'| sed 's/\..*//'` . lib/mv.sh $NAME dir2xzm $NAME $NAME.xzm . lib/update.sh $NAME etc/ :
sudoers
-r-------- 1 root root 730 Aug 20 15:42 ./sudoers sudo ( ssh).
X11
./X11: total 8 drwxr-xr-x 2 root root 4096 Aug 21 12:42 xinit drwxr-xr-x 2 root root 4096 Aug 21 12:42 xorg.conf.d :
etc/X11/xinit/Xkbmap
option grp:alt_shift_toggle -variant , -layout us,ru -model pc104 :
etc/X11/xorg.conf.d/00-keyboard.conf
# Read and parsed by systemd-localed. It's probably wise not to edit this file # manually too freely. Section "InputClass" Identifier "system-keyboard" MatchIsKeyboard "on" Option "XkbLayout" "us,ru" EndSection ./apt
total 8 drwxr-xr-x 2 root root 4096 Jun 9 09:45 sources.list.d drwxr-xr-x 2 root root 4096 Jun 9 09:42 vendors.list.d autoimports fusioninventory-agent.
etc/apt/sources.list.d/autoimports-p7.list
rpm [cronbuild] ftp://ftp.altlinux.ru/pub/distributions/ALTLinux/autoimports/Sisyphus/ noarch autoimports /etc/apt/vendors.list.d/autoimports-p7.list simple-key "cronbuild" { Fingerprint "DE73F3444C163CCD751AC483B584C633278EB305"; Name "Cronbuild Service <cronbuild@altlinux.org>"; } simple-key "cronport" { Fingerprint "F3DBF34AB0CC0CE638DF7D509F61FBE7E2C322D8"; Name "Cronport Service <cronport@altlinux.org>"; } ./italc
total 4 drwxr-xr-x 3 root root 4096 Jul 17 18:19 keys italc.
./lightdm
total 12 -rw-r--r-- 1 root root 909 Jun 8 13:03 lightdm-gtk-greeter.conf -rw-r--r-- 1 root root 4536 Jun 8 13:18 lightdm.conf autologin .
etc/lightdm/lightdm-gtk-greeter.conf
[greeter] logo=/usr/share/design/current/icons/large/altlinux.png background=/usr/share/design/current/backgrounds/default.png icon-theme-name=gnome show-language-selector=false show-indicators=a11y;power etc/lightdm/lightdm.conf
[LightDM] minimum-vt=7 user-authority-in-system-dir=true log-directory=/var/log/lightdm run-directory=/var/run/lightdm cache-directory=/var/cache/lightdm xsessions-directory=/etc/lightdm/sessions [SeatDefaults] xserver-command=/usr/bin/X greeter-hide-users=true session-wrapper=/etc/X11/Xsession [XDMCPServer] [VNCServer] ./net
total 8 drwxr-xr-x 3 root root 4096 Jul 16 12:35 ifaces -rw-r--r-- 1 root root 1987 Jul 16 12:44 sysctl.conf .
./pam.d
total 4 -rw-r----- 1 root root 237 Aug 24 11:28 reboot etc/pam.d/reboot
auth required pam_nologin.so auth sufficient pam_rootok.so auth sufficient pam_console.so #auth required pam_deny.so auth required pam_permit.so account required pam_permit.so password required pam_deny.so ./skel
total 16 drwxr-xr-x 8 root root 4096 Jun 8 16:17 drwxr-xr-x 2 root root 4096 Jun 8 16:17 drwxr-xr-x 2 root root 4096 Jun 8 16:17 drwxr-xr-x 2 root root 4096 Jun 8 16:17 skel , .
./sysconfig:
total 8 -rw-rβrβ 1 root root 75 Jun 8 13:11 i18n etc/sysconfig/i18n
SYSFONT=UniCyr_8x16 LANG=ru_RU.utf8 ./systemd
total 8 drwxr-xr-x 5 root root 4096 Aug 20 18:52 system drwxr-xr-x 2 root root 4096 Aug 20 18:51 user , .
./xdg
total 4 drwxr-xr-x 2 root root 4096 Jul 17 17:59 iTALC Solutions Italc , . , default.
/etc/xdg/iTALC Solutions/iTALC.conf
[Authentication] KeyAuthenticationEnabled=1 LogonAuthenticationEnabled=0 LogonGroups="italc-admins,italc-supporters,italc-teachers,italc-students" PermissionRequiredWithKeyAuthentication=0 PermissionRequiredWithLogonAuthentication=0 PrivateKeyBaseDir=$GLOBALAPPDATA/keys/private PublicKeyBaseDir=$GLOBALAPPDATA/keys/public SameUserConfirmationDisabled=0 [DemoServer] Backend=0 Multithreaded=1 [Logging] LimittedLogFileSize=0 LogFileDirectory=$TEMP LogFileSizeLimit=-1 LogLevel=4 LogToStdErr=1 LogToWindowsEventLog=0 [Network] CoreServerPort=11100 DemoServerPort=11400 FirewallExceptionEnabled=1 HttpServerEnabled=0 HttpServerPort=5800 [Paths] GlobalConfiguration=$APPDATA/GlobalConfig.xml PersonalConfiguration=$APPDATA/PersonalConfig.xml SnapshotDirectory=$APPDATA/Snapshots [Service] Arguments= Autostart=1 HideTrayIcon=0 LockWithDesktopSwitching=1 [VNC] CaptureLayeredWindows=1 LowAccuracy=1 PollFullScreen=1 , . , : . , Β« Β» , .
magos-patches
MagOS, MagOS. , , MagOS-patches, .
/usr/lib/magos/rc.halt/05-update.sh . MagOS.ini :
/usr/lib/magos/rc.halt/05-update.sh
# : Yes, No AUTOUPDATE=Yes # : boot - UPDATE=AltLinux,boot # rsync SRCUPDATE=192.168.1.XXX/magos : AUTOUPDATE , . UPDATE β , .
SRCUPDATE β , . IP-, DNS .
.
:
/usr/lib/magos/rc.halt/05-update.sh
#!/bin/bash # Initial script for MagOS-Linux Live operating system # This script are launching before starting init from linux-live script. # Current dir always must be set to root (/) # All system path must be relative, except initrd dirs export PATH=.:/:/usr/sbin:/usr/bin:/sbin:/bin ENABLED=yes . /mnt/live/liblinuxlive [ -f /etc/sysconfig/MagOS ] && . /etc/sysconfig/MagOS #. etc/sysconfig/MagOS [ "$ENABLED" != "yes" ] && exit 0 [ "$AUTOUPDATE" != "Yes" or "$AUTOUPDATE" != "yes" ] && exit 0 [ -z "$UPDATE" -a -z "$SRCUPDATE" ] && exit 0 [ -z "$(grep changes /memory/cmdline)" ] && exit 0 [ -n "$(grep 'from=http:' /memory/cmdline)" ] && exit 0 if ! [ -z "$UPDATE" ] ;then for dirs in $(echo $UPDATE | tr ',;' ' ') ;do rsync -azr --delete --exclude=MagOS.ini rsync://$SRCUPDATE/$dirs/ /mnt/livemedia/$dirs/ done fi /usr/lib/magos/rc.preinit.d/21-ntp, NTP . AltLinux, .
/usr/lib/magos/rc.preinit.d/21-ntp
#!/bin/bash # Initial script for MagOS-Linux Live operating system # This script are launching before starting init from linux-live script. # Current dir always must be set to root (/) # All system path must be relative, except initrd dirs export PATH=.:/:/usr/sbin:/usr/bin:/sbin:/bin ENABLED=yes [ "$ENABLED" != "yes" ] && exit 0 DEBUGMODE=no . /liblinuxlive 2>/dev/null || . /mnt/live/liblinuxlive . /livekitlib 2>/dev/null debug_mode "$0" "$@" . etc/sysconfig/MagOS if ! [ -z "$NTPSERVERS" ] ;then sed -is/'^server'/'#server'/ etc/ntp.conf sed -is/'^server'/'#server'/ etc/ntpd.conf for a in $(echo $NTPSERVERS | tr ',;' ' ') ;do sed -i '/^driftfile/ s/^/server '"$a"\\n/ etc/ntp.conf grep -q "restrict $a" etc/ntp.conf || echo "restrict $a noquerry notrap" >> etc/ntp.conf sed -is/'^#listen on 127.0.0.1'/'listen on 127.0.0.1'/ etc/ntpd.conf echo "server $a" >> etc/ntpd.conf done fi , , .
/usr/share/magos/install/magosinstall.sh . . magos-server .
/usr/share/magos/install/magosinstall.sh
#!/bin/bash # #Usage: # $1 - source catalog: magos testing # Default is magos SRC="magos" . /etc/sysconfig/MagOS SRCINI=$(echo $SRCUPDATE | cut -d "/" -f 2) if ! [ -z "$SRCINI" ];then SRC=$SRCINI fi if ! [ -z "$1" ] ;then SRC=$1 fi echo "-------------------------------------------------------" echo "INSTALL MagOS Altlinux FROM HARD DISK from $SRC !!!" echo " =========" echo echo "Press Enter to continue, or Ctrl+C to abort..." read junk clear swapoff -a echo "=======================================================" echo "Create parition table." parted -s /dev/sda mklabel msdos parted -s /dev/sda mkpart primary ext3 1 30000 parted -s /dev/sda mkpart primary linux-swap 30000 36000 parted -s /dev/sda mkpart primary ext3 36000 100% parted -s /dev/sda toggle 1 boot echo "-------------------------------------------------------" echo "=======================================================" echo "Make file systems on /dev/sda1." mkfs.ext3 -L system /dev/sda1 echo "Make file systems on /dev/sda2." mkswap /dev/sda2 echo "Make file systems on /dev/sda3." mkfs.ext3 -L data /dev/sda3 echo "-------------------------------------------------------" echo "=======================================================" mkdir /media/system && mount /dev/sda1 /media/system mkdir /media/data && mount /dev/sda3 /media/data echo "Syncing instalation data." for dirs in $(echo $UPDATE | tr ',;' ' ') ;do srv=$(echo $SRCUPDATE | cut -d '/' -f 1) if [ "$dirs" != "boot" ] ;then mkdir /media/system/$dirs rsync -azr --delete rsync://$srv/$SRC/$dirs/ /media/system/$dirs/ mkdir /media/data/$dirs-Data rsync -azr --delete rsync://$srv/$SRC/$dirs-Data/ /media/data/$dirs-Data/ else mkdir /media/system/$dirs rsync -azr --delete rsync://$srv/$SRC/$dirs/ /media/system/$dirs/ fi done rm -rf /media/system/lost+found /media/data/lost+found cd /media/system/boot/ bash ./Install_MagOS.bat $(sync) umount /dev/sda1 && rmdir /media/system umount /dev/sda3 && rmdir /media/data echo "-------------------------------------------------------" echo "Instalation is OK." echo "please reboot computer." , , , 30Gb, swap β 6 Gb, , Changes Home. , , , .
, .
AD
ADS . AltLinux, , . . , , TCL . , .
hostname=MagOS. , , AD. : AD.
: MagOS.ini, /etc/sysconfig/magos. MagOS, /etc/sysconfig/magos.
/usr/share/magos/ad_join/ad_join.pl
#!/usr/bin/perl -w # MagOS-linux.ru # Author M.Fiskov use strict; #use Glib qw/TRUE FALSE/; #use Gtk3 '-init'; my $hostname=''; my $username=''; my $password=''; my $domain='mydomain'; my $realm='mydomain.local'; for (my $i=0;$i<=$#ARGV;$i++){ $_=$ARGV[$i]; (/^--help$/) && do {&usage(); exit 0}; (/^--hostname=/) && do { ($hostname=$ARGV[$i])=~s/^--hostname=//; }; (/^-h$/) && do {$hostname=$ARGV[$i+1];$i++;}; (/^--password=/) && do { ($password=$ARGV[$i]) =~s/^--password=//; }; (/^-p$/) && do {$password=$ARGV[$i+1];$i++;}; (/^--username=/) && do { ($username=$ARGV[$i]) =~s/^--username=//; }; (/^-u$/) && do {$username=$ARGV[$i+1];$i++;}; } if (open (F1,"</etc/altlinux-release") ) { close F1; &addname($hostname) && system("system-auth write ad $realm $hostname $domain $username $password") && system("systemctl restart nm b") && system("systemctl restart winbind") && system("systemctl restart smb"); &wins(); &winbind(); }else{ &addname($hostname) && system("net join -U \"".$username.'%'.$password."\"") && system("systemctl restart nmb") && system("systemct l restart winbind") && system("systemctl restart smb"); &wins(); &winbind(); }; #system("/sbin/reboot"); exit; sub usage(){ print "Join this computer from MagOS to Active Directory Service (ADS) -h or --hostname= Computer name -u or --username= ADS administrator user name -p or --password= ADS administrator password --help This usage " } sub wins(){ my @wins=split("\"",`/usr/bin/wbinfo -P`); system ("sed -i '/wins server = /d' /etc/samba/smb.conf"); my $wsed=sprintf("sed -i \'/\\[global\\]/ s/\$/\\nwins server = ".$wins[1]."\'/ /etc/samba/smb.conf"); system ($wsed); my $wgroup=sprintf("net groupmap add ntgroup=\" \" unixgroup=wheel rid=512 type=d"); system ($wgroup); $wgroup=sprintf("net groupmap add ntgroup=\" \" unixgroup=wheel rid=513 type=d"); system ($wgroup); $wgroup=sprintf("net groupmap add ntgroup=\" \" unixgroup=wheel rid=514 type=d"); system ($wgroup); } sub addname (){ my ($hostname)=@_; system ("sed -i '/netbios name =/d' /etc/samba/smb.conf"); my $ssed=sprintf("sed -i \'/\\[global\\]/ s/\$/\\n netbios name = ".$hostname."\'/ /etc/samba/smb.conf"); system ($ssed); system ("sed -i '/HOSTNAME/d' /etc/sysconfig/MagOS"); $ssed=sprintf("echo \"HOSTNAME=$hostname\" >>/etc/sysconfig/MagOS"); system ($ssed); system("hostnamectl set-hostname $hostname"); return 1; } sub winbind(){ system ("sed -is/'server string ='/';server string ='/ /etc/samba/smb.conf"); system ("sed -i '/idmap backend = /d' /etc/samba/smb.conf"); my $wsed=sprintf("sed -i \'/\\[global\\]/ s/\$/\\nidmap config $domain : backend = ad\'/ /etc/samba/smb.conf"); system ($wsed); system ("sed -i '/winbind cache time /d' /etc/samba/smb.conf"); $wsed=sprintf("sed -i \'/\\[global\\]/ s/\$/\\nwinbind cache time = 1440\'/ /etc/samba/smb.conf"); system ($wsed); } , realm $domain $realm. , β¦
/usr/share/magos/ad_join/ad_join_x.pl
#!/usr/bin/perl -w # MagOS-linux.ru # Author M.Zaripov # No testing use strict; use Glib qw/TRUE FALSE/; use Gtk3 '-init'; #standard window creation, placement, and signal connecting my $window = Gtk3::Window->new('toplevel'); $window->signal_connect('delete_event' => sub { Gtk3->main_quit; }); $window->set_border_width(5); $window->set_position('center_always'); #this vbox will geturn the bulk of the gui my $vbox = &ret_vbox(); #add and show the vbox $window->add($vbox); $window->show(); #our main event-loop Gtk3->main(); sub ret_vbox { my $vbox = Gtk3::VBox->new(FALSE,5); $vbox->pack_start ("Gtk3::Label"->new (" Please input password to join into domain "), 0, 0, 0); # create table with 2 entries my $table1 = Gtk3::Table->new (5, 2, FALSE); my $t1l0 = Gtk3::Label->new_with_mnemonic("Domain: "); $t1l0->set_alignment (0, 0); $table1->attach_defaults ($t1l0, 0, 1, 0, 1); my $t1e0 = Gtk3::Entry->new(); $table1->attach_defaults ($t1e0, 1, 2, 0, 1); my $t1l0 = Gtk3::Label->new_with_mnemonic("workgroup: "); $t1l0->set_alignment (0, 0); $table1->attach_defaults ($t1l0, 0, 1, 1, 2); my $t1e1 = Gtk3::Entry->new(); $table1->attach_defaults ($t1e0, 1, 2, 1, 2); my $t1l0 = Gtk3::Label->new_with_mnemonic("computer name: "); $t1l0->set_alignment (0, 0); $table1->attach_defaults ($t1l0, 0, 1, 2, 3); my $t1e2 = Gtk3::Entry->new(); $table1->attach_defaults ($t1e0, 1, 2, 2, 3); my $t1l1 = Gtk3::Label->new_with_mnemonic("Domain Admin User Name: "); $t1l1->set_alignment (0, 0); $table1->attach_defaults ($t1l1, 0, 1, 3, 4); my $t1e3 = Gtk3::Entry->new(); $table1->attach_defaults ($t1e1, 1, 2, 3, 4); my $t1l2 = Gtk3::Label->new_with_mnemonic("Domain Admin Password: "); $t1l2->set_alignment (0, 0); $table1->attach_defaults ($t1l2, 0, 1, 4, 5); my $t1e4 = Gtk3::Entry->new(); $t1e2->set_visibility (FALSE); $table1->attach_defaults ($t1e2, 1, 2, 4, 5); $vbox->pack_start($table1, 0, 0 ,0); #$vbox->pack_end(Gtk3::HSeparator->new(),0, 0 ,0); # create table with 2 buttons my $table2 = Gtk3::Table->new (1, 2, FALSE); my $t2b1 = Gtk3::Button->new ('Join'); $table2->attach_defaults ($t2b1, 0, 1, 0, 1); my $t2b2 = Gtk3::Button->new ('Cancel'); $table2->attach_defaults ($t2b2, 1, 2, 0, 1); $t2b2->signal_connect (clicked => sub { Gtk3->main_quit; }); if (open (F1,"</etc/altlinux-release") ) { close F1; $t2b1->signal_connect (clicked => sub { &addname($t1e2->get_text()) || system("system-auth write ad ".$t1e0->get_text().'%'.$t1e0->get_text()." ".#domain $t1e2->get_text().'%'.$t1e2->get_text()." ".# hostname $t1e1->get_text().'%'.$t1e1->get_text()." ".# workgroup $t1e3->get_text().'%'.$t1e3->get_text()." ".# username $t1e4->get_text().'%'.$t1e4->get_text()."\"") # password || system("systemctl restart nmb") || system("systemctl restart winbind") || system("systemctl restart smb") || exit (1); }); }else{ $t2b1->signal_connect (clicked => sub { &addname($t1e2->get_text()) #hostname || system("net join -U \"". $t1e3->get_text().'%'. # username $t1e4->get_text()."\"") # password || system("systemctl restart nmb") || system("systemctl restart winbind") || system("systemctl restart smb") || exit (1); }); } $vbox->pack_start($table2, 0, 0 ,0); $vbox->show_all(); return $vbox; } sub addname (){ my ($hostname)=@_; system ("sed -i '/netbios name =/d' /etc/samba/smb.conf"); my $ssed=sprintf("sed -i \'/\\[global\\]/ s/\$/\\n netbios name = ".$hostname."\'/ /etc/samba/smb.conf"); system ($ssed); system ("sed -i '/HOSTNAME/d' /etc/sysconfig/MagOS"); $ssed=sprintf("echo \"HOSTNAME=$hostname\" >>/etc/sysconfig/MagOS"); system ($ssed); system("hostnamectl set-hostname $hostname"); return 1; } , . MagOS , Changes.
AD
ADS : winbind AD, . , β . AD, . , AD . «».
, winbind AD. systemd, winbind , winbind . , , 1 β 2 . , , , .
β AD, magos-patches , MagOS.ini β , . /etc/skel . , winbind-restart. .
, , , .
/usr/sbin/winbind-restart
#!/bin/bash export PATH=.:/:/usr/sbin:/usr/bin:/sbin:/bin while [ "$(wbinfo --online-status | grep -i mydomain | cut -d ":" -f 2)" != " online" ] do $(sleep 1) done $(systemctl restart winbind) . etc/sysconfig/MagOS # update home folders from domain users if [ "$UPDATEHOME" = "yes" ] ;then DOMAIN=$(wbinfo --own-domain) if [ -d home/$DOMAIN ] ;then for LISTUSER in $(ls -1 home/$DOMAIN/); do $(cp -rHun etc/skel/.[a-zA-Z0-9]* home/$DOMAIN/$LISTUSER/) $(chown -R $LISTUSER:\ home/$DOMAIN/$LISTUSER/) done fi fi /etc/systemd/user/winbindrestart.service
[Unit] Description=Samba Winbind Daemon restart from mydomain After=winbind.target [Service] Type=oneshot RemainAfterExit=yes ExecStart=/usr/sbin/winbind-restart [Install] WantedBy=multi-user.target (/root/bin)
MagOS AltLinux .
- , . , MagOS.ini.
/root/bin/updatemagos.sh. .
/root/bin/updatemagos.sh
#!/bin/bash echo "Update MagOS from Hard Disk to this computer!!!" echo echo "Press Enter to continue, or Ctrl+C to abort..." read junk clear export PATH=.:/:/usr/sbin:/usr/bin:/sbin:/bin SRC=192.168.1.XXX/magos DEFAULT="AltLinux,boot" . /mnt/live/liblinuxlive [ -f /etc/sysconfig/MagOS ] && . /etc/sysconfig/MagOS [ -z "$UPDATE" -a -z "$SRCUPDATE" ] && UPDATE=$(echo "$DEFAULT") && SRCUPDATE="$SRC" if ! [ -z "$UPDATE" ] ;then for dirs in $(echo $UPDATE | tr ',;' ' ') ;do rsync -azr --delete rsync://$SRCUPDATE/$dirs/ /mnt/livemedia/$dirs/ done fi reboot /root/bin/updateini.sh
#!/bin/bash # This script getting file MagOS.ini from magos server to this computer SRCI="magos-server/magos" SRC="magos" srv="magos-server" . /etc/sysconfig/MagOS export PATH=.:/:/usr/sbin:/usr/bin:/sbin:/bin echo "Update MagOS.ini from Hard Disk!!!" [ -z "$SRCUPDATE" ] && SRCUPDATE="$SRCI" SRCINI=$(echo $SRCUPDATE | cut -d "/" -f 2) [ -n "$SRCUPDATE" ] && srv=$(echo $SRCUPDATE | cut -d '/' -f 1) if ! [ -z "$SRCINI" ];then SRC=$SRCINI fi if ! [ -z "$1" ] ;then SRC=$1 fi rsync -az rsync://$srv/$SRC/AltLinux/modules/i586/MagOS.ini /mnt/livemedia/AltLinux/modules/i586/MagOS.ini /root/bin/mnt.sh β .
/root/bin/mnt.sh
#!/bin/sh # mount data disk from /srv mount /dev/sda3 /srv #groupadd -g 501 magos #groupadd -g 502 testing loadupdate saveupdate MagOS .
/root/bin/saveupdate.sh
#!/bin/bash # # This script save update folder from this computer to magos server # Fiskov MM export PATH=.:/:/usr/sbin:/usr/bin:/sbin:/bin ENABLED=yes [ "$ENABLED" != "yes" ] && exit 0 . /usr/lib/magos/scripts/liblinuxlive . /etc/sysconfig/MagOS . /mnt/livemedia/update/conf/devel.conf PWD=$(echo $(pwd)) cd /mnt/livemedia/update mkdir /root/tmp/update cp -r /mnt/livemedia/update/{*.sh,lib,conf} /root/tmp/update/ for files in $(echo $(ls 9*.sh| cut -d '.' -f 1)) ;do cp /mnt/livemedia/$DISTNAME/modules/$ARCH/$files.xzm /root/tmp/update/ done cd /root/tmp tar -czf /mnt/livemedia/update.tar.gz ./update cd /mnt/livemedia/ scp /mnt/livemedia/update.tar.gz $USER@$SERVER:/var/www/$DISTTYPE/ rm -rf /root/tmp/update cd $PWD /root/bin/loadupdate.sh
#!/bin/bash # # This script load update folder from magos server to this computer # export PATH=.:/:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/magos/scripts ENABLED=yes [ "$ENABLED" != "yes" ] && exit 0 PWD=$(echo $(pwd)) . /etc/sysconfig/MagOS rsync -az rsync://$SRCUPDATE/update.tar.gz /mnt/livemedia/update.tar.gz cd /mnt/livemedia/ tar -xzf update.tar.gz cd /mnt/livemedia/update for files in $(echo $(ls 9*.sh| cut -d '.' -f 1)) ;do mkdir $files xzm2dir $files.xzm $files done cd $PWD , . β ssh . hostalt-create.sh , , MagOS AltLinux. , Β«-aΒ». , .
, . , sudo .
, , AltLinux alttlinux.
/root/bin/hostalt-create.sh
#!/bin/sh # create list from hostalt file from programm pssh $(nmap 192.168.1.0/24 -p T:8080 2>&1 | grep "mydomain" | grep '\-a' | cut -d " " -f 5 >> /tmp/hostalt1) $(sort -u /tmp/hostalt1 > hostalt) /root/bin/parallelssh.sh
#!/bin/sh # parallelssh.sh sudo /root/bin/updateini.sh <password> echo "parallelssh.sh <\"command\"> <password>" echo "parallelssh.sh sudo \"/root/bin/updateini.sh\" <password>" echo [ -z "$2" ] && exit sshpass -p $2 pssh -x "-o StrictHostKeyChecking=no" -h hostalt -l altlinux -A -i $1 2>&1 > /tmp/ssherr.txt cat /tmp/ssherr.txt magos-server.
, libexec , , , , , .
, . β , Unix ACL, . . Posix .
/update/conf/devel.conf.
DISTTYPE="testing" DISTNAME="AltLinux" ARCH="i586" UPDETESRV=yes SERVER=192.168.0.3 USER=altlinux Here:
DISTTYPE β magos-server.
DISTNAME β .
ARCH β .
.
UPDETESRV β . SERVER β URL magos-server.
USER β magos-server, . .
:
/update/99-u50-example.sh
#!/bin/sh . conf/devel.conf NAME=`echo $0 | sed 's/\.\///'| sed 's/\..*//'` . lib/mv.sh $NAME epm2xzm $NAME -i 'ntpdata samba' rm -rf $NAME mkdir $NAME xzm2dir $NAME.xzm $NAME #------------------------------------------- # cp /usr/share/zoneinfo/Asia/Krasnoyarsk $NAME/etc/localtime cp /etc/nsswitch.conf $NAME/etc/nsswitch.conf sed -is/'^hosts: files mdns4_minimal \[NOTFOUND=return\]*'/'hosts: files dns mdns4_minimal \[NOTFOUND=return\] myhostname f #-------------------------------------------- . lib/delhlam.sh $NAME dir2xzm $NAME $NAME.xzm . lib/update.sh $NAME , , , epm2xzm.
/update/lib/delhlam.sh
#!/bin/sh NAME=$1 rm -rf $NAME/etc/urpmi $NAME/var/cach/ldconfig $NAME/var/cach/ldconfig/ $NAME/var/cache/ldconfig/ $NAME/var/lib/apt $NAME/var/log/rpmpk gs rm -f $NAME/etc/ld.so.cache $NAME/etc/resolv.conf rm -f $NAME/etc/xinetd.conf $NAME/etc/group- $NAME/etc/gshadow- $NAME/etc/passwd- c .
: , , .bak. , . .old. .
/update/lib/mv.sh
#!/bin/sh NAME=$1 . conf/devel.conf if [ $NAME != "99-u99-default" ] ;then $(sh /usr/lib/magos/scripts/deactivate $NAME.xzm) fi if [ -f /mnt/livemedia/$DISTNAME/modules/$ARCH/$NAME.xzm.bak ] && [ -f /mnt/livemedia/$DISTNAME/modules/$ARCH/$NAME.xzm ] ;then $(mv -nf /mnt/livemedia/$DISTNAME/modules/$ARCH/$NAME.xzm $NAME.xzm.old) fi modules . .
/update/lib/update.sh
#!/bin/bash NAME=$1 . conf/devel.conf if [ ! -f /mnt/livemedia/$DISTNAME/modules/$ARCH/$NAME.xzm.bak ] ;then $(mv /mnt/livemedia/$DISTNAME/modules/$ARCH/$NAME.xzm /mnt/livemedia/$DISTNAME/modules/$ARCH/$NAME.xzm.bak) fi $(mv $NAME.xzm /mnt/livemedia/$DISTNAME/modules/$ARCH/$NAME.xzm) $(chmod 664 /mnt/livemedia/$DISTNAME/modules/$ARCH/$NAME.xzm) $(chown :root /mnt/livemedia/$DISTNAME/modules/$ARCH/$NAME.xzm) if [ $NAME != "99-u99-default" ] ;then $(sh /usr/lib/magos/scripts/activate $NAME.xzm) else $(sh /usr/lib/magos/scripts/deactivate $NAME.xzm) $(sh /usr/lib/magos/scripts/activate $NAME.xzm) fi [ "$UPDETESRV" != "yes" ] && exit 0 $(scp /mnt/livemedia/$DISTNAME/modules/$ARCH/$NAME.xzm $USER@$SERVER:~/$DISTTYPE/$DISTNAME/modules/$ARCH/) , magos
MagOS /tmp /var/tmp tmpfs. Unit systemd /tmp tmpfs, . /etc/systemd/system/local-fs.target.wants:
tmp.mount -> /lib/systemd/system/tmp.mount var-tmp.mount -> ../var-tmp.mount Unit var-tmp.mount . MagOS VARTMPFS /var/tmp β /tmp. CUPS , unit .
/etc/systemd/system/var-tmp.mount
[Unit] Description=Temporary Directory Documentation=man:hier(7) Documentation=http://www.freedesktop.org/wiki/Software/systemd/APIFileSystems DefaultDependencies=no Conflicts=umount.target Before=local-fs.target umount.target [Mount] What=tmpfs Where=/var/tmp Type=tmpfs Options=mode=1777,strictatime Unit /var/tmp tmpfs.
/etc/systemd/system/ntp-units.d/ntpd.service
[Unit] Description=Network Time Service After=syslog.target network.target [Service] EnvironmentFile=/etc/sysconfig/ntpd ExecStart=/usr/sbin/ntpd -d $NTPD_ARGS [Install] WantedBy=multi-user.target Alt Linux MagOS:
- bios .
- AltLinux.
- Β«altlinuxΒ» .
- , . !
- .
- :
$ su - Password: . This is normal. , mydomain:
- :
# /usr/share/magos/install/magosinstall.sh - Β«EnterΒ». , ^C.
- . , .
- altlinux.
- .
- , .
- :
# /usr/share/magos/ad_join/ad_join.pl -h <hostname> -u <username> -p <password> Where:
hostname β . .
username β mydomain.local.
password β mydomain.local.
:
Joined ' ' to dns domain 'mydomain.local' .
- :
# wbinfo -u
, . .
. - .
- .
- , , , Β«_Β» . .
Β« Β». . - .
- bios .
. . .
: , .
Source: https://habr.com/ru/post/270337/
All Articles