Creating a custom Solaris 8 installation CD

It is possible to create a custom bootable Solaris 8 installation CD. For our company, I created a standard Solaris 8 CD that we distribute to other offices. This standard distribution automatically installs OpenSSH, DiskSuite, CISscan, and performs operating system hardening procedures.

Note: these steps were obtained from the Building a Bootable JumpStart Installation CD-ROM Sun BluePrint. I advise you to read this document in its entirety to fully understand the procedure below.

1. Create the "work area." We will make a directory called bicd, short for "bootable installation CD."
mkdir -p /bicd/s0

2. Populate the work area with the contents of Solaris 8 Software CD 1.
cd /cdrom/cdrom0/s0
find . -print | cpio -pudm /bicd/s0

/etc/init.d/volmgt stop
cd /bicd
for i in 1 2 3 4 5
do
dd if=/dev/dsk/c0t6d0s${i} of=sol2.8.s${i} bs=512
done

3. In order to free up space for custom packages and scripts on the custom installation CD, I removed /usr/openwin from the work area. This prevents us from using the GUI operating system installer, but it frees up approximately 58 MB for customization.

du -sk /bicd/s0/Solaris_8/Tools/Boot/usr/openwin
58608   /bicd/s0/Solaris_8/Tools/Boot/usr/openwin

rm -rf /bicd/s0/Solaris_8/Tools/Boot/usr/openwin

4. Customize the bootable installation CD. All customizations should be placed in /bicd/s0/Solaris_8/misc/.install_config; you may create additional subdirectories within this directory.

I began customization by removing all files in /bicd/s0/Solaris_8/misc/.install_config. You may want to examine these files for "profile" examples prior to removal, or you may choose to preserve the files.

rm /bicd/s0/Solaris_8/misc/.install_config/*

Here is what I have in my pkgs subdirectory:

ls -l
total 90630
-rw-r--r--   1 root     sys        35840 Dec 22  2003 ANDIrand-0.7-5.8-sparc-1.pkg
-r--r--r--   1 root     sys       889344 Dec 23  2003 CISscan
drwxr-xr-x   5 root     other        512 Jan 29  2004 SUNWlvma
drwxr-xr-x   5 root     other        512 Jan 29  2004 SUNWlvmg
drwxr-xr-x   4 root     other        512 Jan 29  2004 SUNWlvmr
drwxr-xr-x   5 root     other        512 Jan 29  2004 SUNWmdg
drwxr-xr-x   5 root     other        512 Jan 29  2004 SUNWmdnr
drwxr-xr-x   5 root     other        512 Jan 29  2004 SUNWmdnu
drwxr-xr-x   5 root     other        512 Jan 29  2004 SUNWmdr
drwxr-xr-x   5 root     other        512 Jan 29  2004 SUNWmdu
drwxr-xr-x   5 root     other        512 Jan 29  2004 SUNWmdx
-r--r--r--   1 root     sys          205 Feb 13  2004 admin
-rw-r--r--   1 root     sys        54375 Dec 23  2003 fix-modes.tar.Z
-rw-r--r--   1 root     sys      30914560 Dec 23  2003 libgcc-3.3-sol8-sparc-local
-rw-r--r--   1 root     sys      1569280 Dec 22  2003 openssh-3.7.1p2-sol8-sparc-local
-rw-r--r--   1 root     sys      10967040 Dec 22  2003 openssl-0.9.7c-sol8-sparc-local
-rw-r--r--   1 root     sys      1216512 Dec 23  2003 wget-1.8.2-sol8-sparc-local
-rw-r--r--   1 root     sys       657408 Dec 23  2003 zlib-1.1.4-sol8-sparc-local

Explanation:

SUNWlvma (DiskSuite)
SUNWlvmr (DiskSuite)
SUNWmdnr (DiskSuite)
SUNWmdr (DiskSuite)
SUNWmdx (DiskSuite)
SUNWlvmg (DiskSuite)
SUNWmdg (DiskSuite)
SUNWmdnu (DiskSuite)
SUNWmdu (DiskSuite)
ANDIrand-0.7-5.8-sparc-1.pkg (for OpenSSH)
openssl-0.9.7c-sol8-sparc-local (for OpenSSH)
libgcc-3.3-sol8-sparc-local (for OpenSSH)
openssh-3.7.1p2-sol8-sparc-local (for OpenSSH)
zlib-1.1.4-sol8-sparc-local (for OpenSSH)
wget-1.8.2-sol8-sparc-local (for Recommended Patch Cluster installation script)
CISscan (Center for Internet Security host-based security scanner)
fix-modes.tar.Z ("hardens" file-permissions)

In addition, I have a custom admin file for non-interactive package installation.

cat admin
#ident  "@(#)default    1.4     92/12/23 SMI"   /* SVr4.0  1.5.2.1      */
mail=
instance=unique
partial=ask
runlevel=ask
idepend=nocheck
rdepend=ask
space=ask
setuid=nocheck
conflict=ask
action=nocheck
basedir=default

Here is what I have in my scripts subdirectory:

ls -l
total 54
-rwxr--r--   1 root     sys         2043 Jan 12  2004 README
-rw-r--r--   1 root     sys         1188 Dec 26  2003 S97OpenSSHinstall
-rw-r--r--   1 root     sys         1804 Feb 13  2004 finish
-rw-r--r--   1 root     sys        10620 Jan 13  2004 harden
-r-xr-xr-x   1 root     sys         2139 Jan 12  2004 install_patch_cluster
-r-xr-xr-x   1 root     sys         5510 Mar  3  2004 mirror_boot_disk
-r-xr-xr-x   1 root     sys          336 Dec 22  2003 sshd

Here is what I have in my profiles subdirectory:

ls -l
total 24
-rw-r--r--  1 hutch hutch 353 Jan 29  2004 S2.8-18G.profile
-rw-r--r--  1 hutch hutch 289 Jan 29  2004 S2.8-1G.profile
-rw-r--r--  1 hutch hutch 289 Jan 29  2004 S2.8-2G.profile
-rw-r--r--  1 hutch hutch 303 Jan 29  2004 S2.8-4G.profile
-rw-r--r--  1 hutch hutch 352 Feb 13  2004 S2.8-9G.profile
-rw-r--r--  1 hutch hutch 354 Jan 29  2004 S2.8-large_rootdisk.profile

5. Create the rules file. Here is the rules file I used on my custom Solaris 8 installation CD:

cat rules
# Profiles for rootdisk sizes of 1GB, 2GB, 4GB, 9GB, 18GB, and larger (36+GB)
disksize rootdisk 1-1250 - profiles/S2.8-1G.profile scripts/finish
disksize rootdisk 1251-3250 - profiles/S2.8-2G.profile scripts/finish
disksize rootdisk 3251-8000 - profiles/S2.8-4G.profile scripts/finish
disksize rootdisk 8001-17000 - profiles/S2.8-9G.profile scripts/finish
disksize rootdisk 17001-34000 - profiles/S2.8-18G.profile scripts/finish
disksize rootdisk 34001-1000000 - profiles/S2.8-large_rootdisk.profile scripts/finish

6. Parse the rules file with the JumpStart check script on the Solaris 8 Software 1 CD; this creates the rules.ok file.

# /etc/init.d/volmgt start
# /cdrom/cdrom0/s0/Solaris_8/Misc/jumpstart_sample/check
Validating rules...
Validating profile profiles/S2.8-1G.profile...
Validating profile profiles/S2.8-2G.profile...
Validating profile profiles/S2.8-4G.profile...
Validating profile profiles/S2.8-9G.profile...
Validating profile profiles/S2.8-18G.profile...
Validating profile profiles/S2.8-large_rootdisk.profile...
The custom JumpStart configuration is ok.

7. Modify the /bicd/s0/Solaris_8/Tools/Boot/usr/sbin/install.d/profind script.

Change:

cdrom()
{
    # Factory JumpStart is only allowed with factory
    # stub images, indicated by the file /tmp/.preinstall
    #
    if [ -f /tmp/.preinstall ]; then
        mount -o ro -F lofs ${CD_CONFIG_DIR} ${SI_CONFIG_DIR} >/dev/null 2>&1

        if [ $? -eq 0 ]; then
            verify_config "defaults" "CDROM"
        fi
    fi
}

To:

cdrom()
{
        gettext " <<< using CD default >>>"; echo
        rmdir ${SI_CONFIG_DIR}
        ln -s /cdrom/.install_config ${SI_CONFIG_DIR}
        exit 0
}

8. Create the custom Solaris 8 ISO. The following script performs all the steps needed to create the ISO. mkisofs is found in the SUNWmkcd package.

#!/bin/sh

# Define variables
WORK_AREA=/bicd
SLICE_0_SECTORS=1056640
ISO=bicd2.8.iso

if [ ! -d $WORK_AREA ] ; then
   echo "$WORK_AREA does not exist."
   exit 1
fi

cd $WORK_AREA

mkisofs -R -d -L -l -o sol2.8.S0 s0 > /dev/null 2>&1
RECORDS_IN=`dd if=sol2.8.S0 of=new.sol2.8.s0 bs=512 skip=1 2>&1 | grep "records in" | awk -F+ '{print $1}'`

if [ "$RECORDS_IN" -gt "$SLICE_0_SECTORS" ] ; then
   echo "${WORK_AREA}/s0 cannot be larger than $SLICE_0_SECTORS sectors."
   exit 1
fi

PAD_SIZE=`echo "$SLICE_0_SECTORS - ($RECORDS_IN + 1)" | bc`

dd if=/dev/zero of=pad.s0 bs=512 count=$PAD_SIZE > /dev/null 2>&1

cat sol2.8.cdrom.vtoc new.sol2.8.s0 pad.s0 sol2.8.s1 sol2.8.s2 sol2.8.s3 sol2.8.s4 sol2.8.s5 > $ISO

9. Burn the ISO using your preferred method.

10. Boot your custom Solaris 8 installation CD-ROM. It is essential to pass the - install flags to reference the JumpStart files on your custom CD.

boot cdrom - install
-- or --
boot cdrom - install w

The latter instructs the installer not to use OpenWindows during operating system installation. Since /usr/openwin does not exist on the custom CD in this example, specifying the w will only prevent an error message; both options will use the curses-based installer.

Back to brandonhutchinson.com.
Last modified: 09/07/2004