We all know about the possibilities for installing Linux on a hard drive. Sometimes, however, this option isn't good enough. Say, for example, you simply want to give someone a Linux CD that he can use without installing anything. Another scenario would be if you work for a school and want to teach your students how to use Linux on a PC, the same PC that will be used later in the day for a Windows 2000 class. In this article, the scenario is an enterprise that wants its customers to complete an evaluation at the end of a course. The goal is to insert a CD in the CD-ROM drive, boot and be redirected to some Web site where the evaluation can be completed.

One might wonder why you should create your own Linux bootable CD when so many solutions are available for downloading on the Net. Before we start, let's look at some of the best bootable Linux CDs.

These all are viable options, but they are too much standardized and leave little room for flexibility. Therefore, you might decide to make your own bootable Linux CD. When you create your own CD, you can customize it and include only the things you need.

A good Linux bootable CD starts with a sound preparation. I took a new 20GB hard drive and installed Red Hat 9.0 on a 4GB partition. After that, I installed Red Hat 7.1 on a 2GB partition, and on the third, 650MB partition, I put a minimal installation of Red Hat 7.1. This 650MB partition has to be the master for the CD; once it is complete you simply burn it to a CD and you're ready. Of course, you can use any distribution you like. I wanted to work with Red Hat 7.1 because I am familiar with it. I installed Red Hat 9.0 as "working space", because I also wanted access to the most recent distribution, just in case.

If you are using a multi-Linux system, you have to make a boot menu to be able to boot them all. In LILO, you can do so by adding the following entries to lilo.conf:

boot=/dev/hda
map=/boot/map
install=/boot/boot.b
prompt
timeout=50
message=/boot/message
linear
image=/boot/vmlinuz-2.4.2-2
        label=completeRH71
        read-only
        root=/dev/hda6
image=/hda1/boot/vmlinuz-2.4.18-3
        label=RH73
        read-only
        root=/dev/hda1
image=/hda7/boot/vmlinuz
        label=cd-image
        read-only
        append=?root=/dev/hda7?

Once you complete the installation of the Linux images, it is very easy to modify the configuration of the CD. Try it out to see if it works; if it doesn't, you simply try again. Burn the CD only when you are satisfied with the configuration.

In creating a Linux distribution that can boot from a CD-ROM and doesn't need anything else, you are likely to encounter some challenges. The main problem is the root filesystem is read-only, but some files have to be created and/or modified. This stage concerns files in /dev, in /var and eventually in the user's home directory. The next challenge is to turn off everything you do not need, especially commands that try to create a file somewhere.

Regarding the files in /dev that need to be changed, since kernel 2.2 you can use devfs to access them. This kernel driver creates a virtual filesystem similar to the /proc filesystem in memory, where one file for each device your system needs is created. The /dev/ files exist in RAM only, so there's no problem in changing attributes of the devices. There is, however, a disadvantage: changes to /dev/, including symlinks for your mouse and CD-ROM, are lost. As a solution to this problem you can use the script rc.devfs, which comes with devfs. Any changes you make to /dev can be saved by using this script; simply type /etc/rc.d/rc.devfs save /etc/sysconfig , and your changes are recorded. In short, all you have to do is compile your kernel with devfs support and record changes you make to /dev using rc.devfs, and you are able to use and modify all necessary devices on the read-only filesystem.

For the files in directories including /var, /tmp and eventually the user's home directories, we need another solution. To make it possible to change and create files in these directories later on, you have to create them in an early stage of the boot process. You can do this by including some code at the beginning of rc.sysinit. In the example below, we use a special file called rc.iso for this step.

#rc.iso. Must be included at the beginning of rc.sysinit.
#
#create /var
echo Creating /var ?
mke2fs -q -I 1024 /dev/ram1 4096
mount /dev/ram1 /var -o defaults,rw
cp -a /lib/var /
#restore devfs settings, if any. Needs proc
mount -t proc /proc /proc
/etc/rc.d/rc.devfs restore /etc/sysconfig
umount /proc

In the listing, two different things happen. First, a RAM drive is created and mounted on /var. Next, any settings saved to rc.devfs are restored to /etc/sysconfig so you can use them the next time you boot your system.

When you've done that, you can go on to the next important step: disabling the read/write remounting of your root filesystem and all lines associated with it. Simply look for the command mount -n -o remount,rw / in /etc/rc.d/rc.sysinit. At the same time, you can disable all lines that perform a check of your filesystems, because it doesn't make sense to check check a read-only filesystem automatically when you are booting your system.

Before you go on and burn the first trial version of your own distribution, you have to make some arrangements to create a symbolic link to a /tmp directory and to an /etc/mtab directory. The latter one is needed so the system can work with mounted filesystems. In addition, you need to make a template for /var. All of these steps are in a script, included below. Be aware, however, that you need to do this from the complete Linux distribution to the distribution you are creating on the reserved partition. In the listing below, the Linux partition that serves as the model for the CD to be created later is mounted on the directory /mnt/hda7. You need to execute this script only once.

#!/bin/sh
# make arrangements for /tmp
# delete tmp on hda7 if it exists
rm -fR /mnt/hda7/tmp
# create a symbolic link for /tmp to /var/tmp which will be writable when the cd is used
ln -s var/tmp /mnt/hda7/tmp
###
# create /proc/mounts on the cd so that you can make a link
touch /mnt/hda7/proc/mounts
# remove mtab if it exists
rm /mnt/hda7/etc/mtab
# recreate mtab as a link to /proc/mounts on the cd
ln -s /proc/mounts /test/etc/mtab
###
# create a template for /var/lib in /lib
mv /mnt/hda7/var/lib /mnt/hda7/lib/var-lib
mv /mnt/hda7/var /mnt/hda7/lib
mkdir /mnt/hda7/var
ln -s /lib/var-lib /mnt/hda7/lib/var/lib
rm -fR /mnt/hda7/lib/var/catman
rm -fR /mnt/hda7/var/log/httpd
rm -f /mnt/hda7/lib/var/log/samba/*
# recreate all files in /var/log as new empty files
for I in `find /mnt/hda7/lib/var/log -type f`; do 
      cat /dev/null > $i;
done
rm `find /mnt/hda7/lib/var/lock -type f`
rm `find /mnt/hda7/lib/var/run -type f`

Take a moment here to test if everything works so far. Save any changes you made and reboot from the CD image partition of your hard drive. You probably will see a lot of errors on your next reboot, but don't worry about them. Think of them as the fine-tuning that needs to be done afterwards. For now, the only important thing is that you end up at a login prompt. You also may encounter some serious error messages that end in something like this:

touch: creating '/var/lock/subsys/xfs': No such file or directory ]
touch: creating '/var/lock/subsys/local': No such file or directory
mkdir: cannot create directory '/var/root': File exists
mkdir: cannot create directory '/var/temp': File exists
ln: '/var/temp/tmp': File exists
mkdir: cannot create directory '/var/log': File exists
INIT: Id "1" respawning too fast: disabled for 5 minutes
INIT: Id "9" respawning too fast: disabled for 5 minutes
INIT: no more processes left in this runlevel

If you receive something like this, you probably to activate the devfs filesystem. Be sure that you included the line /sbin/devfsd /dev at the beginning of rc.sysinit. If you didn't your devices won't behave the way they should, and you can't do anything with your system. You say you just checked that devfsd is started and you still have problems? Be sure your RAM drives are initialized. If they are, you should see the line /dev/ram1 on /var type ext2 (rw) when using mount. If you don't see any RAM device, make sure that support for RAM drives is available in your current kernel configuration.

If you have been successful to this point, it isn't a bad idea to burn it all to a CD. You never know what might happen later, so it is a good idea to be have something stable to fall back on if you can't see what you did later in the process. Here's the procedure in short:

When your first trial CD is working, it's time to do some cleaning. Basically, there are two locations where some major cleaning up of the boot process can be done. First, you have to take care of /etc/rc.d/rc.sysinit. In this file, which always is executed on system boot, a lot of things are taken care of and probably a lot of things can be skipped for your specific configuration. The most important things to look at all are the instances where files are created. Besides that, you can disable the lines where services are activated that you don't need. Think, for example, of services such as isapnp setup and probably many more.

Next, you have to clean the boot-up of your runlevel. Let's first do a quick refresher of how services are activated when entering a runlevel. On Red Hat, you find all the general scripts used to start services in /etc/rc.d/init.d. A script called smb, for instance, can be used to start Samba services. If you want this script to be executed when entering runlevel 3, you have to create a symbolic link that starts with S followed by a number to determine the exact moment when the script should be executed. By default, many of these links probably start services you don't need. You could encounter, amongst others, the link S60lpd in /etc/rc.d/rc3.d, which dictates that the line printer dæmon is started every time you enter runlevel 3. In order to clean the startup procedure of services you don't need, simply remove all of these links.

Returning to our initial example, say you want to use your Linux distribution for customers who have to complete an evaluation without providing a user name and password. By changing a simple line in /etc/inittab, you can log in your users automatically. You can use any account you like, because it is a read-only filesystem--you even could use root if you wanted. In order to log in to the system automatically, change

1:2345:respawn:/sbin/mingetty tty1

to

1:2345:respawn:/usr/bin/open -c 1 -w -- /bin/login -f username

Don't forget to remove the password for the user you are here. You probably don't want to oblige your users to fill in anything before they can start using your CD.

Before you can give the CD to an innocent user, you need to take one more step, making it possible to start the X Window System. It is rather easy to make this happen; simply give your default user a writable home directory. At an earlier stage you created a read/write accessible /var director, so this is a nice location in which to create the home directory. After that, X is happy to be able to create its temporary files, and everything works the way it should.

Diskless-HOWTO-3

Root Over NFS Clients & Server Howto

Linux Devfs FAQ

For Knoppix and the source code used for Knoppix automatic hardware detection, go to www.knoppix.org.

Sander van Vugt lives in the Netherlands. He works for Azlan Network Training (part of the Techdata Group) as a trainer and consultant, and he has written several books and articles about Linux.