So, I’ve started listening to a couple of podcasts:

TWiT – This Week in Tech

Security Now

And the later one has rekindled my love for security and whatnot.  It’s definitely made me put back on my tinfoil hat.  Because of this, I wanted to set back up my GPG stuff for email and whatnot.  It’s super easy in Thunderbird, by installing the Enigmail plugin (just make sure you pick the right arch and OS).  However, since I use google’s hosted mail for my personal mail, I was in a bit of a pickle.  Luckly, somebody else out there had the same idea and wrote FireGPG that will allow you to sign, encrypt or decrypt and GPG signed stuff on the web (such as the body of an email from gmail)

Just thought I’d plug those plugins and the podcasts.

No comments

I’ve spent the past couple of days banging my head against the desk trying to get this to work out correctly.  And now it finally does.  Just as a note, I’ve tested that the general steps work.  I have not verified that i haven’t skipped a step.  So if anything’s missing let me know.

Disclaimer: This has only been tested with RHEL and nothing else, but there is no reason why it won’t work.  And if you don’t have a satellite you can use this with any old kickstart.  Assuming you have the tree setup correctly.  Please test your kickstart tree first.

Satellite prep

Create your kickstart as you normally would. Then, make sure the kickstart is accessiable via the following style URL:

http://satellite.example.com/kickstart/ks/view_label/<kickstart_label>

Replace <kickstart_label> with the name of label set on the satellite.  Remember this URL, you’ll need it later

view_label VS label

In the kickstart URL, you can use either view_label or label.  view_label will not register the box if there is not an activation key set inside the kickstart.  label generates a one time use activation key and registers the box to the satellite

Why use one over the other?

view_label is good if you are using an activation key, or if you have to install a box a bunch of times, and don’t want to have a bunch of extra profiles lingering around.label is good if you don’t want to have to set up an activation key, and a machine is only going to be kickstarted once.  If you are going to be using the disk image in a PXE like fasion, view_label is your best option.

Rolling the disk image (For usb-key)

Get the first disk of what ever you are trying to install from the kickstart. For this document, I will be using RHEL 5 U2 x86_64

NOTE: The arch and update must match or it will fail.

• Copy the images/diskboot.img file to /root/rhel5u2-64bit.img
• Mount the /root/rhel5u2-64bit.img file on the loopback (/mnt/)
• Edit the /mnt/syslinux.cfg file, and add/edit the following:

default custom
prompt 0
timeout 0
display boot.msg
label custom
kernel vmlinuz
append initrd=initrd.img ks=http://satellite.example.com/kickstart/ks/view_label/<kickstart_label> ksdevice=link noipv6

• Edit the /mnt/boot.msg to say what you want. I recommend removing the lines below ’splash.lss’ and replace with something like:

Your install of Red Hat Enterprise Linux Update 2 (x86_64) will start shortly.

• Unmount the diskboot.img file
• Then burn to a cd, or copy to a jumpdrive with the following command:

dd if=/root/rhel5u2-64bit.img of=/dev/sdc

NOTE: Replace /dev/sdc with the device name of your jumpdrive

Rolling the disk image (For cdrom)

Get the first disk of what ever you are trying to install from the kickstart. For this document, I
will be using RHEL 5 U2 x86_64

NOTE: The arch and update must match or it will fail.

• Copy the images/boot.iso file to /root/rhel5u2-64bit-boot.iso
• Mount the /root/rhel5u2-64bit-boot.iso file on the loopback (/mnt/)
• Make a directory in /tmp/ (/tmp/rhel5u2-64bit/)
• Copy /mnt/* to that directory
• Unmount the rhel5u2-64bit-boot.iso file
• Remove the rhel5u2-64bit-boot.iso file to reduce confusion
• Make the /tmp/rhel5u2-64bit/isolinux/isolinux.cfg writable by root
• Edit the /tmp/rhel5u2-64bit/isolinux/isolinux.cfg file, and add/edit the following:

default custom
prompt 0
timeout 0
display boot.msg
label custom
kernel vmlinuz

append initrd=initrd.img ks=http://satellite.example.com/kickstart/ks/view_label/<kickstart_label> ksdevice=link noipv6

• Edit the /tmp/rhel5u2-64bit/isolinux/boot.msg to say what you want. I recommend removing the lines below ’splash.lss’ and replace with something like:

Your install of Red Hat Enterprise Linux Update 2 (x86_64) will start shortly.

• Then make a bootable iso by running:

cd /tmp/
mkisofs -r -T -J \
-V “RHEL 5u2 x86_64 kickstart iso” \
-b isolinux/isolinux.bin -c isolinux/boot.cat \
-no-emul-boot -boot-load-size 4 -boot-info-table \
-v -o “/root/rhel5u2-64bit.iso” /tmp/rhel5u2-64bit/

• The burn the cd as a cd image

Boot

The insert the media into the machine and boot off of it.

No comments

So, I’m going to try and start this whole blogging thing one more time.  Yes I know this is the umpteenth time of doing this, but this time I’m not really going to be ranting about things, more like keeping notes on my work, and things I’ve worked on / discovered while doing so.  The next post should be about mkisofs and making a custom boot iso to kickstart a satellite.  I know, it’s so exciting.

No comments