tirsdag 25. januar 2011

Basic linux setup

First things first: basic linux installation. From scratch.

Linux kernel 2.6.37

  • there is no need for every driver available as a module, what I need is xen-support, basic drivers and some networking. As a baseline, a minimum set of driver compiled in should be sufficient. However, quite a few network-modules would be "nice to have" (tunneling, ipsec, vlan, bonding etc) but not needed for booting, and some of these needs to be modules to be able to provide load-time parameters.
  • there is also no need for an initial ram-disk, this will be a small, simple setup with one ext2-partition, and the few drivers needed for boot will be linked into the kernel
I have set up a 4GB logical volume in dom0 for the installation. (Normally I would use iSCSI, but the firewall must be able to boot without any other networking present. Infact, the iSCSI-server expects to get an IP-address from the firewall with DHCP)

BusyBox 1.18.1

I will use BusyBox for basic unix utilities. This has probably been compiled with far more functionality than what is currently needed, but it would be a bother to re-compile just to get that one extra utility. Currently I have included:
  • init and related utilities
  • basic file-utils and text-utils
  • every network-util
  • some filesystem-tools
The boot-sequence is very simple:
  • init starts all daemons through inittab
  • init also starts /etc/init.d/rcS which mounts filesystems and set up networking
Putting it all together

Basic directory structure:

  • /etc
  • /etc/init.d
  • /bin
  • /sbin
  • /usr
  • /usr/bin
  • /usr/sbin
  • /usr/lib
  • /lib
  • /var
  • /lib64
  • /proc
  • /dev
  • /tmp
I added the following files to /etc:
  • fstab
  • group
  • init.d/rcS
  • inittab
  • passwd
  • shadow
  • nsswitch.conf
  • resolv.conf
contents of inittab: 
::sysinit:/etc/init.d/rcS
::respawn:/sbin/getty -L hvc0 9600 linux
::restart:/sbin/init
::ctrlaltdel:/sbin/reboot
::shutdown:umount -a -r

contents of rcS:

#!/bin/sh

fsck /dev/root
mount -t proc proc /proc
mount -o remount,rw /
#mount -a

hostname firewall2
ip address add dev eth0 local 192.168.32.10/24
ip link set dev eth0 up
ip route add to default via 192.168.32.1
(since everything is mounted in the rc-script, fstab is really not needed)

I put busybox in /bin and ran:

/bin/busybox --install -s
this created symlinks to all busybox commands in /bin, /sbin, /usr/bin and /usr/sbin.

Finally, I copied these libraries from an Ubuntu-installation:

/lib/libm.so.6
/lib/libc.so.6
/lib/libcrypt.so.1
/lib/libdl.so.2
/lib/libnsl.so.1
/lib/libresolv.so.2
/lib/libutil.so.1
/lib/libz.so.1
/lib/libnss_files-2.11.1.so
/lib/libnss_dns-2.11.1.so
/lib64/ld-linux-x86-64.so.2

The kernel itself is not on the guest filesystem, it is started by xen in dom0.

kl.
Etiketter: ,

Ingen kommentarer:

Legg inn en kommentar

Abonner på: Legg inn kommentarer (Atom)