Benutzer Diskussion:Matthias Jakobi

Aus Wiki StuRa HTW Dresden
Zur Navigation springen Zur Suche springen

Beobachtungsseiten

weitere Admins

Benutzer:JohannesSchneemann

Laptop

Load Geli

Fixit> kldload geom_eli

Create Keys

Fixit> mkdir -p /boot/keys
Fixit> dd if=/dev/random of=/boot/keys/ada0p3.key bs=1M count=1

Encrypt

Fixit> geli init -K /boot/keys/ada0p3.key -s 4096 -l 256 /dev/ada0p3

Attach

Fixit> geli attach -k /root/keys/ada0p3.key /dev/ada0p3

Festplatte

Fixit> gpart create -s GPT ada0
Fixit> gpart add -s 64K -t freebsd-boot ada0
Fixit> gpart add -s 1G -t freebsd-ufs ada0
Fixit> gpart add -s 55G -t freebsd-zfs ada0
Fixit> gpart set -a active -1 ad0
Fixit> gpart bootcode -b /dist/boot/pmbr -p /dist/boot/gptzfsboot -i 1 ad0
Fixit> newfs -O2 /dev/ad0p2
  • aktuelle Festplatten Einteilung
-ad0 GPT
    |-1 freebsd-boot 64K
    |-2 freebsd-ufs 1G /boot
    |-3 freebsd-zfs 55G / (crypto)

Crypto

Fixit> ln -s /dist/boot/kernel /boot/kernel
Fixit> ln -s /dist/lib /lib
Fixit> kldload geom_eli
Fixit> mkdir -p /root/keys
Fixit> dd if=/dev/random of=/root/keys/ad0.key bs=128k count=1
Fixit> geli init -K /root/keys/ad0.key -s 4096 -l 256 /dev/ad0p4
Fixit> geli attach -k /root/keys/ad0.key /dev/ad0p4

ZFS

Fixit> kldload zfs
Fixit> mkdir /boot/zfs
Fixit> zpool create tank /dev/ad0p3
Fixit> zpool create home /dev/ad0p4.eli
Fixit> zpool set bootfs=tank tank
Fixit> mkdir /tank/bootdir
Fixit> mount /dev/ad0p2 /tank/bootdir
Fixit# zfs set checksum=fletcher4                                      zroot

Fixit# zfs create -o compression=on    -o exec=on      -o setuid=off   zroot/tmp
Fixit# chmod 1777 /zroot/tmp

Fixit# zfs create                                                      zroot/usr
Fixit# zfs create                                                      zroot/usr/home
Fixit# cd /zroot ; ln -s /usr/home home

Fixit# zfs create -o compression=lzjb                  -o setuid=off   zroot/usr/ports
Fixit# zfs create -o compression=off   -o exec=off     -o setuid=off   zroot/usr/ports/distfiles
Fixit# zfs create -o compression=off   -o exec=off     -o setuid=off   zroot/usr/ports/packages
Fixit# zfs create -o compression=lzjb  -o exec=off     -o setuid=off   zroot/usr/src

Fixit# zfs create                                                      zroot/var
Fixit# zfs create -o compression=lzjb  -o exec=off     -o setuid=off   zroot/var/crash
Fixit# zfs create                      -o exec=off     -o setuid=off   zroot/var/db
Fixit# zfs create -o compression=lzjb  -o exec=on      -o setuid=off   zroot/var/db/pkg
Fixit# zfs create                      -o exec=off     -o setuid=off   zroot/var/empty
Fixit# zfs create -o compression=lzjb  -o exec=off     -o setuid=off   zroot/var/log
Fixit# zfs create -o compression=gzip  -o exec=off     -o setuid=off   zroot/var/mail
Fixit# zfs create                      -o exec=off     -o setuid=off   zroot/var/run
Fixit# zfs create -o compression=lzjb  -o exec=on      -o setuid=off   zroot/var/tmp
Fixit# chmod 1777 /zroot/var/tmp

Install FreeBSD

Fixit> zfs set mountpoint=/tank/usr/home home
Fixit# cd /dist/8.2-*
Fixit# export DESTDIR=/zroot
Fixit# for dir in base catpages dict doc games info lib32 manpages ports; \
         do (cd $dir ; ./install.sh) ; done
  • lib32 oder proflibs
Fixit# cd src ; ./install.sh all
Fixit# cd ../kernels ; ./install.sh generic
Fixit# cd /zroot/boot ; cp -Rlp GENERIC/* /zroot/boot/kernel/
Fixit# zfs set readonly=on zroot/var/empty

post install

Fixit# chroot /zroot
  • rc.conf
zfs_enable="YES"
hostname="beastie.mydomain.local"
ifconfig_re0="DHCP"
  • loader.conf
zfs_load="YES"
vfs.root.mountfrom="zfs:zroot"
geom_eli_load="YES"
geli_ad0p4_keyfile0_load="YES"
geli_ad0p4_keyfile0_type="ad0p4:geli_keyfile0"
geli_ad0p4_keyfile0_name="/boot/key/ad0.key"
  • fstab
# Device                       Mountpoint              FStype  Options         Dump    Pass#
/dev/ad0s2                    /bootdir                ufs     rw              0       0


Fixit> passwd
Fixit> tzsetup
Fixit> cd /etc/mail
Fixit> make aliases
Fixit> umount /dev
Fixit> exit
Fixit# cp /boot/zfs/zpool.cache /zroot/boot/zfs/zpool.cache
Fixit> mkdir /tank/boot/key
Fixtit> cp /boot/key/* /tank/boot/key

Finish install

Fixit# cd /zroot
Fixit# mv boot bootdir/
Fixit# ln -s bootdir/boot /zroot/boot
Fixit# chflags -h sunlink /zroot/boot
Fixit# export LD_LIBRARY_PATH=/mnt2/lib 
Fixit# umount /zroot/bootdir
Fixit# zfs unmount -a
Fixit# zfs set mountpoint=legacy zroot
Fixit# zfs set mountpoint=/tmp zroot/tmp
Fixit# zfs set mountpoint=/usr zroot/usr
Fixit# zfs set mountpoint=/var zroot/var
Fixit# zfs set mountpoint=/usr/home home