Monday, January 14, 2008

Extended Begin and Finish Script Examples For Solaris JumpStart

Today, I'm extending on what I wrote about in yesterday's post on creating Derived Profiles for JumpStart using simple Unix shell scripting techniques. If you don't feel like going back and reading over all that now, I'll start out by summarizing and sparing you the possibly-irrelevant-to-your-situation details ;)

Begin and Finish scripts are simple shell scripts used to perform any additional customization to your JumpStart installation process that you deem necessary. As I noted yesterday, a lot of this has now been "supplied" for you if you use Solaris' JASS or SST setups. However, these core scripting concepts are still at the heart of those utilities (and I use that word in its primary sense: The setups are utile :).

Begin scripts serve as pre-installation scripts. They won't affect the custom look and feel of your newly installed client, but can be used to perform critical safety routines, such as backing up the hard drive to tape, before beginning the install and creating Derived Profiles, as per the post mentioned above.

Finish scripts are generally more complex, as they're mosty used to customize your newly installed system (everything from installing packages and patches to creating a company standard subdirectory structure).

Some rules and characteristics that apply to both Begin and Finish scripts are:

1. They should be written in either /bin/sh, /sbin/sh, /bin/ksh or any other common shell.

2. All commands should be given as absolutes, unless the commands are shell primitives.

3. FINISH SCRIPTS ONLY: Remember that the new filesystem is mounted on /a before the post-installation reboot and on / afterward. When copying files over you will need to write the command as such:

cp /usr/bin/someprog /a/usr/bin/

in order to copy someprog from the install server's /usr/bin directory to the install client's /usr/bin directory.

4. BEGIN SCRIPTS ONLY: Remember that the existing filesystem is mounted on /tmp before the installation begins. When copying or listing files from the existing filesystem you need to the type the command like:

ls /tmp/usr/bin/someprog

to list the someprog file in the existing filesystem's /usr/bin directory.

5. Standard comments (lines beginning with the pound (#) character) may be included and announcements may be echoed without adversely affecting the outcome of the script.

6. These scripts should be owned by root and have 644 permissions.

7. The output from the scripts will be written to /var/sadm/system/logs/finish.log or /var/sadm/system/logs/begin.log on the install client.

Below, I've included both a detailed Begin and Finish script that have actually been used successfully. They employ Unix shell scripting techniques and moderate complexity only to demonstrate how much freedom you have when creating these kinds of scripts. The Begin script is kept simple since we went into more detail on that previously. They're commented liberally to avoid the annoyance (for both you and me) of beating you over the head with the same things, twice in a row, to get the meaning across :)

Also note that the instances in the scripts, where we insert control characters, are not typed literally as they appear. For more about how to represent actual control character sequences in a script, check out this post from the past.

Best Wishes,


Creative Commons License


These works are licensed under a
Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License


1. Example Begin Script:

#!/bin/sh

#
# begin - do a preinstallation backup
# generic run - unused slices aborted and
# skipped by ufsdump.
#
# 2008 - Mike Golvach - eggi@comcast.net
#
# Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License
#

TAPE=/tmp/dev/rmt/0mn DISK=/tmp/dev/dsk
mt -t $TAPE rewind
ufsdump 0f $TAPE $DISK/c0t3d0s0
ufsdump 0f $TAPE $DISK/c0t3d0s1
ufsdump 0f $TAPE $DISK/c0t3d0s3
ufsdump 0f $TAPE $DISK/c0t3d0s4
ufsdump 0f $TAPE $DISK/c0t3d0s5
ufsdump 0f $TAPE $DISK/c0t3d0s6
ufsdump 0f $TAPE $DISK/c0t3d0s7
mt -t $TAPE rewind


2. Example finish script:

#!/sbin/sh

#
# finish - custom installation parameters script
#
# 2008 - Mike Golvach - eggi@comcast.net
#
# Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License
#

################################################
# Setup root environment
################################################

echo "Setting up root environment"
echo ""
cat > /a/.profile << END
stty erase ^H
stty intr ^C
TERM=vt100
PATH=/usr/sbin:/usr/bin:/usr/local/bin:/usr/ccs/bin:/usr/ucb
MANPATH=/usr/man:/usr/local/man
LD_LIBRARY_PATH=/usr/lib:/usr/local/lib
export TERM PATH MANPATH LD_LIBRARY_PATH
END

################################################
# Setup crons
################################################

echo "Installing root crontab"
echo ""
cp ${SI_CONFIG_DIR}/jclient_root_dir/root /a/usr/spool/cron/crontabs/root

################################################
# Copy over precustomized etc dir files
################################################

echo "Copying over precustomized etc dir files"
echo ""
for x in `ls ${SI_CONFIG_DIR}/jclient_etc_dir`
do
cp -R ${SI_CONFIG_DIR}/jclient_etc_dir/$x /a/etc/
done

################################################
# Ensure sendmail points to custom built v8
################################################

echo "Ensuring sendmail points to custom built v8"
echo ""
rm -f /a/etc/mail/sendmail.cf
rm -f /a/etc/sendmail.cf
ln -s mail/sendmail.v8 /a/etc/sendmail.cf
ln -s sendmail.v8 /a/etc/mail/sendmail.cf
rm -f /a/usr/lib/sendmail
cp ${SI_CONFIG_DIR}/jclient_etc_dir/usrlibsendmail /a/usr/lib/sendmail
chown root:bin /a/usr/lib/sendmail
chmod 4551 /a/usr/lib/sendmail

################################################
# Create local dirs and ship over files
################################################

echo "Creating local dirs and shipping over files"
echo ""
mkdir /a/usr1/local
ln -s /usr1/local /a/usr/local
cd /a/usr1/local
for x in `ls ${SI_CONFIG_DIR}/jclient_local_dir`
do
echo "Disting $x"
cp ${SI_CONFIG_DIR}/jclient_local_dir/$x /a/usr1/local/$x
echo "Uncompressing $x"
uncompress /a/usr1/local/$x
new_x=`echo $x|cut -d'.' -f1,2`
echo "Untarring $new_x"
tar xf /a/usr1/local/$new_x
echo "Removing $new_x"
echo ""
rm -f /a/usr1/local/$new_x
done

################################################
# Take care of some admin packages we need.
################################################

echo "Loading up monitoring and admin software"
echo ""
cd /a/u
for x in `ls ${SI_CONFIG_DIR}/jclient_sys_dir`
do
echo "Disting $x"
cp ${SI_CONFIG_DIR}/jclient_sys_dir/$x /a/u/$x
echo "Uncompressing $x"
uncompress /a/u/$x
new_x=`echo $x|cut -d'.' -f1,2`
echo "Untarring $new_x"
tar xf /a/u/$new_x
echo "Removing $new_x"
echo ""
rm -f /a/u/$new_x
done

################################################
# Set up a few user accounts
################################################

echo "Setting up initial user accounts"
echo ""
for x in `echo username1 username2 sysadmin`
do
echo "$x..."
echo ""
mkdir /a/u/$x
cat > /a/u/$x/.profile <<- END
stty erase ^H
stty intr ^C
set -o vi
TERM=vt100
PATH=/usr/sbin:/usr/bin:/usr/local/bin:/usr/ccs/bin:/usr/ucb
MANPATH=/usr/man:/usr/local/man
LD_LIBRARY_PATH=/usr/lib:/usr/local/lib
export TERM PATH MANPATH LD_LIBRARY_PATH
END
done
cat ${SI_CONFIG_DIR}/jclient_users_dir/PWDFILE >>/a/etc/passwd
cat ${SI_CONFIG_DIR}/jclient_users_dir/SHADFILE >>/a/etc/shadow

################################################
# Verify root password is set
################################################

PASSWD=ez89iik4rj77d
cp /a/etc/shadow /a/etc/shadow.orig
nawk -F: '{
if ( $1 == "root" )
printf"%s:%s:%s:%s:%s:%s:%s:%s:%s\n",$1,passwd,$3,$4,$5,$6,$7,$8,$9
else
printf"%s:%s:%s:%s:%s:%s:%s:%s:%s\n",$1,$2,$3,$4,$5,$6,$7,$8,$9
}' passwd="$PASSWD" /a/etc/shadow.orig > /a/etc/shadow
perm=`grep '^/etc/shadow e' /a/var/sadm/install/contents | (read f1 f2 f3 f4 f5 ; echo $f4)`
chmod $perm /a/etc/shadow
rm -f /a/etc/shadow.orig
sed -e 's/0 # root/1 # root/' ${SI_SYS_STATE} > /tmp/state.$$
mv /tmp/state.$$ ${SI_SYS_STATE}
echo "All set!"


, Mike