Creating a Complete Distribution on CD
We all know about the possibilities for installing Linux on a hard drive. Sometimes, however, this option isn't good enough. Say, for example, you simply want to give someone a Linux CD that he can use without installing anything. Another scenario would be if you work for a school and want to teach your students how to use Linux on a PC, the same PC that will be used later in the day for a Windows 2000 class. In this article, the scenario is an enterprise that wants its customers to complete an evaluation at the end of a course. The goal is to insert a CD in the CD-ROM drive, boot and be redirected to some Web site where the evaluation can be completed.
One might wonder why you should create your own Linux bootable CD when so many solutions are available for downloading on the Net. Before we start, let's look at some of the best bootable Linux CDs.
Minilinux on CD. One of the easiest ways to create your own Linux bootable CD is to take the image of a Minilinux diskette and burn it on a disk. This is a nice solution if you don't like floppy disks, but in truth, this isn't really a complete Linux bootable CD. It's simply a floppy copied to a CD. For this reason we don't choose this solution; it isn't flexible enough.
SuSE Live Evaluation. Starting with SuSE version 7.3, this Linux distributor has created a Live Evaluation CD. This is a complete Linux distribution on a disk; simply insert it in the drive and boot it up to see a complete running Linux. There are, however, some drawbacks, the major one being some files have to be copied to your hard drive before you can use it.
Knoppix. Knoppix is a solution that looks a lot like the SuSE Live Evaluation. It is a nice solution based on Debian Linux, and it includes everything you need. The only drawback is you do need a DHCP server to activate the network card with a fixed IP address.
These all are viable options, but they are too much standardized and leave little room for flexibility. Therefore, you might decide to make your own bootable Linux CD. When you create your own CD, you can customize it and include only the things you need.
A good Linux bootable CD starts with a sound preparation. I took a new 20GB hard drive and installed Red Hat 9.0 on a 4GB partition. After that, I installed Red Hat 7.1 on a 2GB partition, and on the third, 650MB partition, I put a minimal installation of Red Hat 7.1. This 650MB partition has to be the master for the CD; once it is complete you simply burn it to a CD and you're ready. Of course, you can use any distribution you like. I wanted to work with Red Hat 7.1 because I am familiar with it. I installed Red Hat 9.0 as "working space", because I also wanted access to the most recent distribution, just in case.
If you are using a multi-Linux system, you have to make a boot menu to be able to boot them all. In LILO, you can do so by adding the following entries to lilo.conf:
boot=/dev/hda map=/boot/map install=/boot/boot.b prompt timeout=50 message=/boot/message linear image=/boot/vmlinuz-2.4.2-2 label=completeRH71 read-only root=/dev/hda6 image=/hda1/boot/vmlinuz-2.4.18-3 label=RH73 read-only root=/dev/hda1 image=/hda7/boot/vmlinuz label=cd-image read-only append=?root=/dev/hda7?
Once you complete the installation of the Linux images, it is very easy to modify the configuration of the CD. Try it out to see if it works; if it doesn't, you simply try again. Burn the CD only when you are satisfied with the configuration.
In creating a Linux distribution that can boot from a CD-ROM and doesn't need anything else, you are likely to encounter some challenges. The main problem is the root filesystem is read-only, but some files have to be created and/or modified. This stage concerns files in /dev, in /var and eventually in the user's home directory. The next challenge is to turn off everything you do not need, especially commands that try to create a file somewhere.
Regarding the files in /dev that need to be changed, since kernel 2.2 you can use devfs to access them. This kernel driver creates a virtual filesystem similar to the /proc filesystem in memory, where one file for each device your system needs is created. The /dev/ files exist in RAM only, so there's no problem in changing attributes of the devices. There is, however, a disadvantage: changes to /dev/, including symlinks for your mouse and CD-ROM, are lost. As a solution to this problem you can use the script rc.devfs, which comes with devfs. Any changes you make to /dev can be saved by using this script; simply type /etc/rc.d/rc.devfs save /etc/sysconfig , and your changes are recorded. In short, all you have to do is compile your kernel with devfs support and record changes you make to /dev using rc.devfs, and you are able to use and modify all necessary devices on the read-only filesystem.
For the files in directories including /var, /tmp and eventually the user's home directories, we need another solution. To make it possible to change and create files in these directories later on, you have to create them in an early stage of the boot process. You can do this by including some code at the beginning of rc.sysinit. In the example below, we use a special file called rc.iso for this step.
#rc.iso. Must be included at the beginning of rc.sysinit. # #create /var echo Creating /var ? mke2fs -q -I 1024 /dev/ram1 4096 mount /dev/ram1 /var -o defaults,rw cp -a /lib/var / #restore devfs settings, if any. Needs proc mount -t proc /proc /proc /etc/rc.d/rc.devfs restore /etc/sysconfig umount /proc
In the listing, two different things happen. First, a RAM drive is created and mounted on /var. Next, any settings saved to rc.devfs are restored to /etc/sysconfig so you can use them the next time you boot your system.
When you've done that, you can go on to the next important step: disabling the read/write remounting of your root filesystem and all lines associated with it. Simply look for the command mount -n -o remount,rw / in /etc/rc.d/rc.sysinit. At the same time, you can disable all lines that perform a check of your filesystems, because it doesn't make sense to check check a read-only filesystem automatically when you are booting your system.
Before you go on and burn the first trial version of your own distribution, you have to make some arrangements to create a symbolic link to a /tmp directory and to an /etc/mtab directory. The latter one is needed so the system can work with mounted filesystems. In addition, you need to make a template for /var. All of these steps are in a script, included below. Be aware, however, that you need to do this from the complete Linux distribution to the distribution you are creating on the reserved partition. In the listing below, the Linux partition that serves as the model for the CD to be created later is mounted on the directory /mnt/hda7. You need to execute this script only once.
#!/bin/sh # make arrangements for /tmp # delete tmp on hda7 if it exists rm -fR /mnt/hda7/tmp # create a symbolic link for /tmp to /var/tmp which will be writable when the cd is used ln -s var/tmp /mnt/hda7/tmp ### # create /proc/mounts on the cd so that you can make a link touch /mnt/hda7/proc/mounts # remove mtab if it exists rm /mnt/hda7/etc/mtab # recreate mtab as a link to /proc/mounts on the cd ln -s /proc/mounts /test/etc/mtab ### # create a template for /var/lib in /lib mv /mnt/hda7/var/lib /mnt/hda7/lib/var-lib mv /mnt/hda7/var /mnt/hda7/lib mkdir /mnt/hda7/var ln -s /lib/var-lib /mnt/hda7/lib/var/lib rm -fR /mnt/hda7/lib/var/catman rm -fR /mnt/hda7/var/log/httpd rm -f /mnt/hda7/lib/var/log/samba/* # recreate all files in /var/log as new empty files for I in `find /mnt/hda7/lib/var/log -type f`; do cat /dev/null > $i; done rm `find /mnt/hda7/lib/var/lock -type f` rm `find /mnt/hda7/lib/var/run -type f`
Take a moment here to test if everything works so far. Save any changes you made and reboot from the CD image partition of your hard drive. You probably will see a lot of errors on your next reboot, but don't worry about them. Think of them as the fine-tuning that needs to be done afterwards. For now, the only important thing is that you end up at a login prompt. You also may encounter some serious error messages that end in something like this:
touch: creating '/var/lock/subsys/xfs': No such file or directory ] touch: creating '/var/lock/subsys/local': No such file or directory mkdir: cannot create directory '/var/root': File exists mkdir: cannot create directory '/var/temp': File exists ln: '/var/temp/tmp': File exists mkdir: cannot create directory '/var/log': File exists INIT: Id "1" respawning too fast: disabled for 5 minutes INIT: Id "9" respawning too fast: disabled for 5 minutes INIT: no more processes left in this runlevel
If you receive something like this, you probably to activate the devfs filesystem. Be sure that you included the line /sbin/devfsd /dev at the beginning of rc.sysinit. If you didn't your devices won't behave the way they should, and you can't do anything with your system. You say you just checked that devfsd is started and you still have problems? Be sure your RAM drives are initialized. If they are, you should see the line /dev/ram1 on /var type ext2 (rw) when using mount. If you don't see any RAM device, make sure that support for RAM drives is available in your current kernel configuration.
If you have been successful to this point, it isn't a bad idea to burn it all to a CD. You never know what might happen later, so it is a good idea to be have something stable to fall back on if you can't see what you did later in the process. Here's the procedure in short:
Get boot.img form a Red Hat installation CD.
Mount boot.img through loopback by typing
mount boot.img /somedir -o loop -t vfat
Remove everything from the mounted boot.img file except for ldlinux.sys and syslinux.cfg.
Copy the kernel image from your test partition to boot.img.
Edit syslinux.cfg so it contains the following, in which bzImage should refer to the kernel image file you use and /dev/cdrom should refer to the device file of your CD-ROM device.
default Linux label Linux kernel bzImage append root=/dev/hdc
Umount boot.img with umount /somedir.
Copy boot.img to the partition that is the master for the CD.
Change directories to the location where you want to store the image, and make sure you have enough free space.
Create the image with
mkisofs -R -b boot.img -c boot.catalog -o mydistro.iso /
Write the image to a CD.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- The Death of RoboVM
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- Server Hardening
- The Humble Hacker?
- April 2016 Issue of Linux Journal
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- The US Government and Open-Source Software
- ACI Worldwide's UP Retail Payments
- Open-Source Project Secretly Funded by CIA
- Varnish Software's Hitch
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide