Benutzer Diskussion:Matthias Jakobi: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Zeile 34: | Zeile 34: | ||
=== Load Geli === | === Load Geli === | ||
Fixit> kldload geom_eli | Fixit> kldload geom_eli | ||
Version vom 2. Februar 2012, 20:37 Uhr
Beobachtungsseiten
- Server
- Diskussion:Server
- Server/Bacula
- Server/Dokumentation
- Diskussion:Server/Dokumentation
- Server/Hauptsystem
- Server/mailman
- Jail/SRS1 Plone 4
- Jail/SRS3 Samba
- Jail/SRS4 Plone (old)
- Jail/SRS5 Wikis
- Jail/SRS6 Umfragen
- Jail/SRS8 Test
- Jail/SRS13 Awesome Jail
- Jail/SRS21 Mail
- Website
- Diskussion:Website
- Notfallmanagment
- Datensicherung
- Bereich Administration Rechentechnik/zu erledigende Dinge
- Bereich Administration Website/zu erledigende Dinge
- Bereich Administration Wiki/zu erledigende Dinge
- PyConDE
- Doktorandenstammtisch
- FreeBSD/ThinkPad
weitere Admins
Laptop
Load Geli
Fixit> kldload geom_eli
Create Keys
Fixit> mkdir -p /boot/keys Fixit> dd if=/dev/random of=/boot/keys/ada0p3.key bs=1M count=1
Encrypt
Fixit> geli init -K /boot/keys/ada0p3.key -s 4096 -l 256 /dev/ada0p3
Attach
Fixit> geli attach -k /root/keys/ada0p3.key /dev/ada0p3
Festplatte
Fixit> gpart create -s GPT ada0 Fixit> gpart add -s 64K -t freebsd-boot ada0 Fixit> gpart add -s 1G -t freebsd-ufs ada0 Fixit> gpart add -s 55G -t freebsd-zfs ada0 Fixit> gpart set -a active -1 ad0 Fixit> gpart bootcode -b /dist/boot/pmbr -p /dist/boot/gptzfsboot -i 1 ad0 Fixit> newfs -O2 /dev/ad0p2
- aktuelle Festplatten Einteilung
-ad0 GPT |-1 freebsd-boot 64K |-2 freebsd-ufs 1G /boot |-3 freebsd-zfs 55G / (crypto)
Crypto
Fixit> ln -s /dist/boot/kernel /boot/kernel Fixit> ln -s /dist/lib /lib Fixit> kldload geom_eli Fixit> mkdir -p /root/keys Fixit> dd if=/dev/random of=/root/keys/ad0.key bs=128k count=1 Fixit> geli init -K /root/keys/ad0.key -s 4096 -l 256 /dev/ad0p4 Fixit> geli attach -k /root/keys/ad0.key /dev/ad0p4
ZFS
Fixit> kldload zfs Fixit> mkdir /boot/zfs Fixit> zpool create tank /dev/ad0p3 Fixit> zpool create home /dev/ad0p4.eli Fixit> zpool set bootfs=tank tank Fixit> mkdir /tank/bootdir Fixit> mount /dev/ad0p2 /tank/bootdir Fixit# zfs set checksum=fletcher4 zroot Fixit# zfs create -o compression=on -o exec=on -o setuid=off zroot/tmp Fixit# chmod 1777 /zroot/tmp Fixit# zfs create zroot/usr Fixit# zfs create zroot/usr/home Fixit# cd /zroot ; ln -s /usr/home home Fixit# zfs create -o compression=lzjb -o setuid=off zroot/usr/ports Fixit# zfs create -o compression=off -o exec=off -o setuid=off zroot/usr/ports/distfiles Fixit# zfs create -o compression=off -o exec=off -o setuid=off zroot/usr/ports/packages Fixit# zfs create -o compression=lzjb -o exec=off -o setuid=off zroot/usr/src Fixit# zfs create zroot/var Fixit# zfs create -o compression=lzjb -o exec=off -o setuid=off zroot/var/crash Fixit# zfs create -o exec=off -o setuid=off zroot/var/db Fixit# zfs create -o compression=lzjb -o exec=on -o setuid=off zroot/var/db/pkg Fixit# zfs create -o exec=off -o setuid=off zroot/var/empty Fixit# zfs create -o compression=lzjb -o exec=off -o setuid=off zroot/var/log Fixit# zfs create -o compression=gzip -o exec=off -o setuid=off zroot/var/mail Fixit# zfs create -o exec=off -o setuid=off zroot/var/run Fixit# zfs create -o compression=lzjb -o exec=on -o setuid=off zroot/var/tmp Fixit# chmod 1777 /zroot/var/tmp
Install FreeBSD
Fixit> zfs set mountpoint=/tank/usr/home home Fixit# cd /dist/8.2-* Fixit# export DESTDIR=/zroot Fixit# for dir in base catpages dict doc games info lib32 manpages ports; \ do (cd $dir ; ./install.sh) ; done
- lib32 oder proflibs
Fixit# cd src ; ./install.sh all Fixit# cd ../kernels ; ./install.sh generic Fixit# cd /zroot/boot ; cp -Rlp GENERIC/* /zroot/boot/kernel/
Fixit# zfs set readonly=on zroot/var/empty
post install
Fixit# chroot /zroot
- rc.conf
zfs_enable="YES" hostname="beastie.mydomain.local" ifconfig_re0="DHCP"
- loader.conf
zfs_load="YES" vfs.root.mountfrom="zfs:zroot" geom_eli_load="YES" geli_ad0p4_keyfile0_load="YES" geli_ad0p4_keyfile0_type="ad0p4:geli_keyfile0" geli_ad0p4_keyfile0_name="/boot/key/ad0.key"
- fstab
# Device Mountpoint FStype Options Dump Pass# /dev/ad0s2 /bootdir ufs rw 0 0
Fixit> passwd Fixit> tzsetup Fixit> cd /etc/mail Fixit> make aliases Fixit> umount /dev Fixit> exit Fixit# cp /boot/zfs/zpool.cache /zroot/boot/zfs/zpool.cache Fixit> mkdir /tank/boot/key Fixtit> cp /boot/key/* /tank/boot/key
Finish install
Fixit# cd /zroot Fixit# mv boot bootdir/ Fixit# ln -s bootdir/boot /zroot/boot Fixit# chflags -h sunlink /zroot/boot
Fixit# export LD_LIBRARY_PATH=/mnt2/lib
Fixit# umount /zroot/bootdir Fixit# zfs unmount -a
Fixit# zfs set mountpoint=legacy zroot Fixit# zfs set mountpoint=/tmp zroot/tmp Fixit# zfs set mountpoint=/usr zroot/usr Fixit# zfs set mountpoint=/var zroot/var Fixit# zfs set mountpoint=/usr/home home