續上篇
(16) 建立Netboot Image所在目錄
# mkdir /fc28
(17)先裝fedora-release systemd passwd rootfiles sudo dracut dracut-network nfs-utils vim-minimal dnf等十個基本套件:
# dnf -y --releasever=28 --installroot=/fc28 install fedora-release systemd passwd rootfiles sudo dracut dracut-network nfs-utils vim-minimal dnf
註:dracut是一種事件驅動的 initramfs infrastructure,dracut指令會自裝妥的linux系統拷取必要的檔案與工具來產生initramfs。
(18-1) 不採hostonly,以利initramfs可支援多種硬體驅動程式:
# echo 'hostonly=no' > /fc28/etc/dracut.conf.d/hostonly.conf
(18-2) 設定支援nfs
# echo 'add_dracutmodules+=" network nfs "' > /fc28/etc/dracut.conf.d/netboot.conf
(18-3)再裝kernel組件
# dnf -y --installroot=/fc28 install kernel
(18-4)設定不要自動更新kernel組件
# echo 'exclude=kernel-*' >> /fc28/etc/dnf/dnf.conf
(19)
# echo 'exclude=kernel-*' >> /fc28/etc/dnf/dnf.conf # MY_CLIENT_HOSTNAME=sice-client1.home.idv.tw # echo $MY_CLIENT_HOSTNAME > /fc28/etc/hostname # echo 'kernel.printk = 0 4 1 7' > /fc28/etc/sysctl.d/00-printk.conf # echo 'liveuser:x:1000:1000::/home/liveuser:/bin/bash' >> /fc28/etc/passwd # echo 'liveuser::::::::' >> /fc28/etc/shadow # echo 'liveuser:x:1000:' >> /fc28/etc/group # echo 'liveuser:!::' >> /fc28/etc/gshadow # echo 'liveuser ALL=(ALL) NOPASSWD: ALL' > /fc28/etc/sudoers.d/liveuser
(20)# dnf install -y --installroot=/fc28 authselect oddjob-mkhomedir
(21)
# echo 'dirs /home' > /fc28/etc/rwtab.d/home
# chroot /fc28 authselect select sssd with-mkhomedir --force Backup stored at /var/lib/authselect/backups/2019-01-24-07-33-49.LpqSvR Profile "sssd" was selected. The following nsswitch maps are overwritten by the profile: - passwd - group - netgroup - automount - services
Make sure that SSSD service is configured and enabled. See SSSD documentation for more information. - with-mkhomedir is selected, make sure pam_oddjob_mkhomedir module is present and oddjobd service is enabled - systemctl enable oddjobd.service - systemctl start oddjobd.service
# chroot /fc28 systemctl enable oddjobd.service Created symlink /etc/systemd/system/multi-user.target.wants/oddjobd.service → /usr/lib/systemd/system/oddjobd.service.
註:chroot指令用以改變所指定命令或程序的根目錄
(22)# sed -i 's/^READONLY=no$/READONLY=yes/' /fc28/etc/sysconfig/readonly-root
(23)# cat /fc28/etc/sysconfig/readonly-root # Set to 'yes' to mount the system filesystems read-only. # NOTE: It's necessary to append 'ro' to mount options of '/' mount point in # /etc/fstab as well, otherwise the READONLY option will not work. READONLY=yes # Set to 'yes' to mount various temporary state as either tmpfs # or on the block device labelled RW_LABEL. Implied by READONLY TEMPORARY_STATE=no # Place to put a tmpfs for temporary scratch writable space RW_MOUNT=/var/lib/stateless/writable # Label on local filesystem which can be used for temporary scratch space RW_LABEL=stateless-rw # Options to use for temporary mount RW_OPTIONS= # Label for partition with persistent data STATE_LABEL=stateless-state # Where to mount to the persistent data STATE_MOUNT=/var/lib/stateless/state # Options to use for persistent mount STATE_OPTIONS= # NFS server to use for persistent data? CLIENTSTATE= # Use slave bind-mounts SLAVE_MOUNTS=yes
(24-1)# sed -i 's/^#Storage=auto$/Storage=volatile/' /fc28/etc/systemd/journald.conf (24-2)# cat /fc28/etc/systemd/journald.conf # This file is part of systemd. # # systemd is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published by # the Free Software Foundation; either version 2.1 of the License, or # (at your option) any later version. # # Entries in this file show the compile time defaults. # You can change settings by editing this file. # Defaults can be restored by simply deleting this file. # # See journald.conf(5) for details.
[Journal] Storage=volatile #Compress=yes #Seal=yes #SplitMode=uid #SyncIntervalSec=5m #RateLimitIntervalSec=30s #RateLimitBurst=1000 #SystemMaxUse= #SystemKeepFree= #SystemMaxFileSize= #SystemMaxFiles=100 #RuntimeMaxUse= #RuntimeKeepFree= #RuntimeMaxFileSize= #RuntimeMaxFiles=100 #MaxRetentionSec= #MaxFileSec=1month #ForwardToSyslog=no #ForwardToKMsg=no #ForwardToConsole=no #ForwardToWall=yes #TTYPath=/dev/console #MaxLevelStore=debug #MaxLevelSyslog=debug #MaxLevelKMsg=notice #MaxLevelConsole=info #MaxLevelWall=emerg #LineMax=48K #ReadKMsg=yes
(25)# cat << END > /fc28/etc/resolv.conf > nameserver 192.168.1.1 > nameserver 163.25.20.1 > END
(26)
# echo 'dirs /var/lib/gssproxy' > /fc28/etc/rwtab.d/gssproxy # cat << END > /fc28/etc/rwtab.d/systemd > dirs /var/lib/systemd/catalog > dirs /var/lib/systemd/coredump > END
(27)
# mkdir /export/fc28 # echo '/fc28 /export/fc28 none bind 0 0' >> /etc/fstab # mount /export/fc28 # echo "/export/fc28 -ro,sec=sys,no_root_squash 192.168.1.0/24" > /etc/exports.d/fc28.exports # exportfs -vr exporting 192.168.1.0/24:/export/fc28 exporting 192.168.1.0/24:/export
(28)比一下:
# ls /fc28 bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
# ls /export/fc28 bin boot dev etc home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
# ls / bin boot dev etc export fc28 home lib lib64 media mnt opt proc root run sbin srv sys tmp usr var
|