UKOUG Technology Conference

UKOUG Technology Conference
UKOUG Technology Conference 2018 Call for Papers

Friday, February 06, 2015

Oracle Solaris 11 Derived Manifest and modifying the boot system

This is a follow on from last last blog entry "Oracle Solaris 11 Derived Manifest with Automated Installation", where I mentioned that I could not examine the disk partitions of the new system since the aiuser does not have permission to run fdisk.

Quote: "The derived manifest script can run commands to read system attributes. AI runs the script as role aiuser. The aiuser role has all the privileges of a non-privileged user plus the following additional privileges: solaris.network.autoconf.read, solaris.smf.read.* 

The aiuser role is non-privileged except that it can read more information from the system than other non-privileged users. The aiuser role cannot change the system."


This is a problem for me since I want to install Solaris on desktop systems which has windows on and may even have Linux installed on the same disk. So, I need a script which examines the disk and then create the Solaris partition in the right location.

This is can easily be found out buy running the "fdisk" command which will show the type of partitions on the disk (7=IFS: NTFS, 191=Solars2)

# fdisk -W - /dev/rdsk/c1t0d0p0
* /dev/rdsk/c1t0d0p0 default fdisk table
.....
* Id    Act  Bhead  Bsect  Bcyl    Ehead  Esect  Ecyl    Rsect      Numsect
  7     0    32     33     0       254    63     1023    2048       314572800
  191   128  254    63     1023    254    63     1023    314584830  125821080      
So, to get round this I need to give the aiuser permission to run the fdisk command, so I need to alter the solaris boot system which is download as part of the network boot. Solutions:
  • Add aiuser to /etc/sudoers - Unable to alter initial boot kernel "kernel/amd64/unix"
  • Add more permissions to aiuser - Unable to find the right permission to give them disk access, also not sure how to alter the kernel/amd64/unix
  • Alter the permission of "/usr/sbin/fdisk" - Solution provided. After the above kernel is boot into it mounts solaris.zlib (/usr) and "solarismisc.zlib"
    • extract "solaris.zlib"
    • chmod a+s fdisk
    • re-build miniboot "solaris.zlib"

Extract "solaris.zlib"

These are the commands I used to extract the kernel, alter the parts I need and then recreate it.
# mount -F hsfs /etc/netboot/solaris11_2_3_4_0-i386/solaris.zlib /mnt
# cd /mnt
# find . -depth -print | cpio -pdm /var/tmp/solaris.zlib
# umount /mnt
# chmod a+s /var/tmp/solaris.zlib/sbin/fdisk
# mkisofs -o /tmp/solaris.zlib -quiet -N -l -R -U -allow-multidot -no-iso-translate -cache-inodes -d -D -V "compress" /var/tmp/solaris.zlib
# cd /etc/netboot/solaris11_2_3_4_0-i386/
# cp -ip solaris.zlib solaris.zlib_orig
# cp /tmp/solaris.zlib /etc/netboot/solaris11_2_3_4_0-i386/solaris.zlib

Then it is just a mater of modifying the derived manifest script to include the fdisk code: .i.e. This section would slot into my previous version.
if [[ $SI_DISKSIZE_1 -gt "256000" ]] ; then
    typeset -i PARTN_SIZE=61440
    mydisk=$SI_DISKNAME_1"p0"
    count=0
    create=0
    for part in $(fdisk -W - $mydisk| egrep "^  [1-9]"| awk ' { print $1 } ')
    do
        count=$((count + 1))
        if [ $part = "191" ]; then
                # Solaris Partition exists so will overwrite
                create=$count
        else
                # Keep existing partitions
                /usr/bin/aimanifest add \
                        /auto_install/ai_instance/target/disk[disk_name@name=\"$SI_DISKNAME_1\"]/partition@name $count
                /usr/bin/aimanifest set \
                        /auto_install/ai_instance/target/disk/disk_name@name_type ctd
                /usr/bin/aimanifest set \
                        /auto_install/ai_instance/target/disk/partition[@name=$count]@action preserve
        fi
    done
    # Check if any partitions found 
    if [ $count = "0" ]; then
        print -u2 "fdisk could not be run or no existing partitions"
        exit $SCRIPT_FAILURE
    fi
    # If no Solaris partition found then create 
    if [ $create = "0" ]; then
                # count equals current partition so we want next partition to be Solaris
                create=$((count + 1))
    fi
    /usr/bin/aimanifest add \
                        /auto_install/ai_instance/target/disk[disk_name@name=\"$SI_DISKNAME_1\"]/partition@name $create
    /usr/bin/aimanifest add \
                        /auto_install/ai_instance/target/disk/partition[@name=$create]/size@val \
                        ${PARTN_SIZE}mb
    /usr/bin/aimanifest set \
                        /auto_install/ai_instance/target/disk/partition[@name=$create]@action create
else
    print -u2 "System has too smaller disk. $SI_DISKSIZE_1"
    exit $SCRIPT_FAILURE
fi

No comments: