[[PageOutline(1-3,"Table of Content")]] = Initial disk configuration = {{{ ## Hack to find memory card and have partion entries re-read # - No cards: # dd: /dev/da0: Device not configured # - Inactive card: # dd: /dev/da4: Operation not permitted # - Active card: # 0+0 records in # 0+0 records out # 0 bytes transferred in 0.000018 secs (0 bytes/sec) }}} build# ls /dev/da? | xargs -I %%DA%% -n 1 dd if=/dev/zero of=%%DA%% count=0 Hack to __really__ have all old partition information is detroyed: build# dd if=/dev/zero of=/dev/da4 bs=1m count=1 build# fdisk -I /dev/da4 build# echo "a: * * 4.2BSD" | bsdlabel -R -B -m i386 /dev/da4s1 /dev/stdin build# newfs /dev/da4s1a build# mount /dev/da4s1a /mnt = Disk population = build# mkdir -p /usr/data/8.0-RC2 build# cd /usr/data/8.0-RC2 build# mkdir kernels base manpages build# cd base; echo 'mget *' | ftp -i ftp://ftp.nl.freebsd.org/pub/FreeBSD/releases/i386/8.0-RC2/base/ build# cd kernels; echo 'mget *' | ftp -i ftp://ftp.nl.freebsd.org/pub/FreeBSD/releases/i386/8.0-RC2/kernels/ build# cd manpages; echo 'mget *' | ftp -i ftp://ftp.nl.freebsd.org/pub/FreeBSD/releases/i386/8.0-RC2/manpages/ More sophisticated approach (rsync not in base): build# rsync -vaz ftp.nl.freebsd.org::FreeBSD/releases/i386/8.0-RC2/kernels . build# setenv DESTDIR /mnt build# (cd base; cat base.?? | tar --unlink -xpzf - -C $DESTDIR) build# (cd kernels; sh install.sh generic) build# (cd manpages; sh install.sh) Activate right kernel: build# rm -r /mnt/boot/kernel/ ; mv /mnt/boot/GENERIC/ /mnt/boot/kernel = Disk configuration = Need resolving power at later stage inside chroot: build# cp /etc/resolv.conf /mnt/etc/ build# chroot /mnt Important: if you FAIL to chroot and continue you will now start destroying your build system Need rw on first boot for ssh keys and such: chroot# echo "/dev/ad0s1a / ufs rw,noatime 0 0" > /etc/fstab On Soekris net4801 v1.33 Flash is secondary: chroot# echo "/dev/ad1s1a / ufs rw,noatime 0 0" > /etc/fstab {{{ chroot# cat < /boot/loader.conf console=comconsole autoboot_delay=3 hw.ata.ata_dma=0 # Soekris boot failure EOF }}} Serial console boot only: chroot# echo "-h" > /boot.config Enable serial console: chroot# sed '/ttyu0/ s/off/on /' /etc/ttys > /etc/ttys.new && mv /etc/ttys.new /etc/ttys Cosmetic: disable all vidconsoles as a soekris embedded device does not have any: chroot# sed '/ttyv[0-7]/ s/on /off/g' /etc/ttys > /etc/ttys.new && mv /etc/ttys.new /etc/ttys == Accounting & access control == chroot# echo "sshd_enable=YES" >> /etc/rc.conf chroot# passwd rootAdministive user (admin for example) chroot# adduser -s /bin/csh -G wheel chroot# echo '%wheel ALL=(ALL) ALL' >> /usr/local/etc/sudoers == Networking == chroot# echo "hostname=riff.vanderzwet.net" >> /etc/rc.conf # Package installation using 7.2 kernel and 8.0-RC2 world is core dumping, postponing for later stage # Make any other optional changes before first boot chroot# vi /etc/rc.conf chroot# exit build# umount /mnt = Initial boot = Note: NOT READY YET: Insert card into embedded define and get yourself a prompt, using serial of ssh login. == Package install == === dnsmasq === dnsmasq used for local network dns and dhcp: node# pkg_add -r dnsmasq node# echo "dnsmasq_enable=YES" >> /etc/rc.conf {{{ node# cat < /usr/local/etc/dnsmasq.conf interface=sis0 dhcp-range=192.168.42.100,192.168.42.200 domain=vanderzwet.net EOF }}} === ntp === node# echo "ntpd_enable=YES" >> /etc/rc.conf {{{ node# cat < /etc/ntp.conf server 0.nl.pool.ntp.org server 1.nl.pool.ntp.org server 2.nl.pool.ntp.org driftfile /var/db/ntp.drift EOF }}} === motd === node# (sed '3,$ d' /etc/motd; echo "WWW: http://rickvanderzwet.nl" ) > /etc/motd.new; mv /etc/motd.new /etc/motd === Flash disk protection === node# echo "update_motd=NO" >> /etc/rc.conf node# echo "tmpmfs=YES" >> /etc/rc.conf Note: You could make /var completely read-only, but I hate the details like package management getting lost. Flash cards these days are cheap anyways Make read-only: node# echo "varmfs=YES" >> /etc/rc.conf node# sed '/1a/ s/rw/ro/' /etc/fstab > /etc/fstab.new; mv /etc/fstab.new /etc/fstab === various === node# pkg_add -r tinyproxy sudo vim-lite = Put into production = node# reboot