Linux Production Guide-general Linux technology-Linux programming and kernel information. For more information, see the following section.
Summary This document focuses on the steps used to create a Linux release.
By Coolee
1. Overall Project Analysis The purpose of making a Linux release is to quickly and correctly establish the Linux system environment in the system. The main task of making a Linux release is to determine the retention of various software, because the RPM (RedHat Package Manager) Package provides excellent management capabilities for it, therefore, the latest mature RedHat 7.1 (Linux Kernel Version 2.4.2-12) Linux release program is used as the blueprint, RPM package is used as the basic unit for formulation, and requirements are used as the principle for selection, obtain the Linux system that suits your needs.
As a result, the project naturally takes the analysis of the RedHat Linux CD installation system as the starting point, on the basis of understanding its structure and behavior, in the package level (structure) and code level (behavior) modify and create a test environment so that modifications can be standardized in a timely manner.
2. Project Implementation Details by step
2.1 Analysis on the Linux CD installation system
● Structure
In the installation CD, the main directory structure and files are roughly as follows:
Images/This directory contains the image file (File suffix img) for creating the boot disk ),
Boot. img is the image file that directs the system when the installation media is CD-ROM
Bootnet. img is the image file that directs the system when the installation media is FTP or NFS.
Driver. img is an image file consisting of driver modules of some special devices. If the current kernel does not support these devices, it provides a way to access them.
The boot. img image file contains the following files:
Boot. img
| ---- Vmlinuz Linux Kernel
| ---- Ldlinux. sys boot Linux System File
| ---- Syslinux. cfg Linux kernel boot parameter configuration file
| ---- Initrd. img memory Virtual File System Image File
| ---- * Various prompt information files during the. msg file boot
Initrd. img is a Linux ext2 file system, which consists of the following:
The executable file/sbin/loader is used to determine the validity of the installation media and execute the installation program.
It is actually boot. img is executed when the system is started. After parsing, the Linux kernel is established in the memory and syslinux is configured according to the configuration file. cfg loads the Virtual File System to form a complete Linux System, providing the necessary operating System environment for subsequent work. Boot. the file system type of the img image is msdos, And the initrd. the file system type of the img image must be ext2 of the Linux system. Therefore, the parsing operations for these images are different. For details, see Appendix.
RedHat/This directory is the core directory released by RedHat Linux. The main directory structure is here, where
RPMS/contains the main part of the RedHat Linux release, that is, to organize binary executable files, configuration files, and documents in the Linux system in the form of RPM packages, form a relatively independent software package (File suffix rpm) that can complete certain functions ). This directory integrates these software packages to form a RedHat Linux release.
Base/contains all the files used to describe the organizational structure and Installation Behavior During the installation process. comps, hdlist, and hdlist2 are files describing the organizational structure of RPM packages.
Comps this file organizes each RPM package into several groups, namely, components, according to certain principles. In this way, you do not have to make a trade-off for each package during the installation process. The comps file is in simple text format and its structure is as follows:
4 indicates the version number of the RPM package. The current version is 4. 1 base {}
Base is the component name ,{...} Contains the RPM package in this component.
Name List, 1 indicates that the installation is selected by default, that is, the default installation.
0? Hide IDS sensor {
Snort
Libpcap
}
The IDS sensor group contains the snort and lipcap RPM packages. 0 indicates
This group is not selected by default during installation, that is, it is not installed by default, and it is pointed out by-hide
This group is not displayed on the user interface.
Hdlist and hdlist2 files maintain the ing process from RPM package name to real package file name, for example, from snort RPM package name to real package file name snort-1.8.1-1.1.2.i386.rpm ing. These two files are generated by special programs and cannot be viewed in a simple way. For specific generation methods, see Appendix D.
Stage2.img, hdstg1.img, hdstg2.img, netstg1.img, and netstg2.img are image files describing the installation behavior.
Stage2.img is the installer image file when the installation media is CD-ROM
Hdstg1.img is the installer image file when the installation media is HardDisk.
Hdstg2.img is the installer image file when the installation media is HardDisk.
Netstg1.img is the installer image file when the installation medium is FTP or NFS.
Netstg2.img is the installer image file when the installation medium is FTP or NFS.
As shown above, the main part of the stage2.img image file is the installation program anaconda. Its main execution body is anaconda under/usr/bin, A large number of routine calls are distributed under/usr/lib/anaconda, while the resource files to be used during installation are distributed under/usr/share/anaconda. For the parsing method of stage2.img, see Appendix B.
● Behavior
The RedHat 7.1 installer is named anaconda. As mentioned above, when the boot. after the boot media represented by img is guided by the system, a complete Linux system (including the Linux kernel and a memory Virtual File System) is established in the memory ), then execute the loader command in the file system, execute the installer from the appropriate medium (for example: the installation media is a CD-ROM, parse stage2.img on the CD-ROM, and execute the installation program), that is, execute anaconda to complete the installation task of the Linux system.
The use of RedHat 7.1 installation program source code SRPM package form: anaconda-7.1-5.src.rpm to obtain anaconda source code, after the solution package in/usr/src/redhat/SOURCES/anaconda-7.1 formed the source code tree.
Anaconda-7.1
| -------------------/Bootdisk
Boot Disk directory
| -----------------/Docs
Document directory
| -----------------/Help
Installation process help system directory
| -----------------/Installclasses
Installation category directory
| -------------------/Iw
Install the response directory for each step
| -------------------/Loader
Installer directory
| -------------------/Pixmap
Graphical Resource Directory
| -----------------/Utils
Tool directory
| ------------------- *. Py
Various Python script files
The analysis is as follows:
The anaconda installer is mainly written in Python. It is an explanatory and object-oriented scripting language. The source file suffix is. py, which can also generate executable bytecode with the suffix. pyc or. pyo. Where:
In the installclasses/subdirectory, each file defines the installation type that you can select during the installation process. Generally, the four files workstation. py, server. py, laptop. py and custom. to describe the workstation installation type, server Installation type, laptop (laptop) installation type, and custom installation type. In each script file, the installation steps, partition policies, and packages are selected based on the characteristics of the installation type.
Each file in the iw/subdirectory defines the response functions of each step to Next (Next) and Prev (previous) when the graphical interface is installed.
The source code directory of loader/installer, which is written in C language.
Pixmap/graphical Resource Directory, including all bitmaps and icons used during installation.
Utils/installer utility directory.
Anaconda is the main execution file of the installation program. It establishes the runtime environment of the Python language, provides the entry points of the program, and integrates various subsystems in a module manner.
Gui. py defines various window classes used by the graphical interface of the installer, including MessageWindow, ProgressWindow, WaitWindow, ExeceptWindow, and InstallInterface, InstallControlWindow, and InstallControlState classes that control the window and gui behavior. In short, control the gui.
Todo. py defines various behavioral functions of the installer. It is a set of functions that actually perform various operations on the GUI.
Harddrive. py defines how the system locates the CD image of the installer and runs the program when the installation media is hard disk.
The source code compilation of the installer consists of make and make install. After completion, the following directory structure is formed under the/usr/src/RedHat Directory:
The directory structure is basically the same as that of stage2.img.
2.2 establish a debugging environment:
● Modify the source program
After analyzing the basic components of the installation program, you need to establish a corresponding debugging environment. The purpose of this environment is to easily confirm the modified installer and the reduced RPM package at any time. Obviously, you can use CD-ROM or local hard disk as the debugging media, the following table compares the differences between the two:
CDROM Hard Disk
Corresponding installation interface GUI menu interface
Hdstg1.img and hdstg2.img in the corresponding image file stage2.img *. iso
Advantages: graphical interface, direct use of the image file stage2.img with changes, short debugging cycle, High Efficiency
Disadvantages: Each modification requires a dial, and the debugging efficiency is low. The menu interface is required to provide the CD image file *. iso for each debugging, reducing the efficiency.
When both of them have their own advantages and disadvantages, consider a compromise. That is, to ensure the debugging efficiency, the hard disk is used as the debugging media, but stage2.img is selected for the corresponding image file, in this way, the efficiency can be maximized, and the debugging interface adopts a graphical method. When using this solution, you must modify the source code to achieve the expected results.
From the analysis of the installation system, we can see that the/sbin/loader program in initrd. img is responsible for judging the effectiveness of the installation media and executing the installation program. Therefore, you must first modify its source code file loader. c. Find out which disk image files are read by default during hard disk installation *. iso function setupIsoImages, and comment out the search for image files in the hard disk directory *. iso-related operations. Lines 582 to Line590 contain sprintf and if () {} loop statements to avoid opening subdirectories, add mountLoopback ("/tmp/hdimage/RedHat/base/stage2.img", "/mnt/runtime", "loop0 "); for the purpose of using stage2.img directly, comment out the code starting from errno = 0, and go through the entire while loop to closedir (dir ), however, keep umount ("/tmp/hdimage"); comment out if (! Net) return NULL; a sentence. The above operation aims to prevent the program from reading the CD image file *. iso. Comment out if (! The two statements of the FL_TESTING (flags) {And} condition judgment allow the program to undoubtedly execute the installation program on the hard disk. So far, loader. c has been modified.
At the same time, you also need to modify some Python script-related files to ensure support for stage2.img files. For more information, see harddrive. in The py class HardDriveInstallMethod, comment out all the content in the mountMedia (self, cdNum) function and add the Pass statement to invalidate this function. In the same way, the umountMedia function is processed, mountDirectory and umountDirectory functions. For the sake of security, comment out the above function calls in other functions. # Go ahead… in the class Constructor (initialization... Add the self. tree = "/tmp/hdimage/" statement before the statement, and comment out all the subsequent statements. In this way, we still need to ensure that the discarded iso image is switched to stage2.img for control. In addition, it is best to comment out Line1781 to Line1783 in todo. py and call self. method. systemMounted to ensure that no error occurs. Then make and make install, re-compile the program, make the modification take effect, and copy the new loader from the compiled target directory to boot. initrd. the corresponding directory in img and overwrite the old loader file. To speed up startup, modify the syslinux. cfg file in boot. img, remove the startup prompt, latency, and other Linux Startup options, and modify the syslinux. cfg file. See Appendix F.
Finally, make boot. img into the boot disk. For the method, see appendix G.
● Create a directory for debugging in the hard disk media
Create a directory and related files in the Linux partition of the hard disk, such as the DEBUG directory of the RedHat installation CD directory structure, as shown below:
| ----/Images
| ------ Boot. img
|
| ----/RedHat
| ----/Base
| ------ Comps, hdlist, hdlist2, stage2.img
|
| ----/RPMS
| ---- *. Rpm
The reason for establishing this directory structure and related files is that their names and structures have been determined in the form of code in the installer. The modifications to boot. img and stage2.img are described above. Modifications to comps, hdlist, and hdlist2 are required in the subsequent cropping process.
Now, the debugging environment has been established. Now you can use a boot disk to boot the system and test the correctness of the installer and RPM package on the specified hard disk.
2.3 simplified Installation Steps
Before tailoring the RPM package, you must simplify the original installation steps and remove some items that are roughly irrelevant to system requirements so that the installer can focus on configuring the main parameters of the Sensor, ignore configurations such as the keyboard, mouse, and multi-country language. The details are as follows:
The original installation steps include:
1. Select the installation Language
2. keyboard Configuration
3. Mouse Configuration
4. welcome information
5. Select the installation type (including installation or upgrade, and workstation, server, laptop, and m)
6. Select the partitioning method (automatic partitioning, manual partitioning, professional partitioning)
7. Select the preceding part or all partitions for formatting.
8. Lilo Operating System Pilot Configuration
9. Nic and Network Configuration
10. Firewall Configuration
11. Language Configuration
12. Time Zone Configuration
13. Account Configuration
14. Authentication Configuration
15. Select a package group and a single RPM package
16. Packet independence check
17. X-Window configuration
18. Confirm before installation
19. Installation Process
20. Create a boot disk
21. Confirm Installation
Many of these installation steps do not need to exist after the RPM package group is determined and the debugging is complete. Therefore, remove steps, 17 and 20th installation steps. The default setting values are used for all the settings to be removed. For example, the solution for partitioning and formatting is adopted in step 1, and the solution for storing Lilo on MBR is adopted in step 2, set default boot to Linux and so on. Modify Step 1 to remove all four of the four existing types in the upgrade type and installation type and add the IDS sensor type. The installation steps after the modification are as follows:
1. Select the installation type (the existing one is IDS sensor)
2. Select the partitioning method (automatic partitioning, manual partitioning, professional partitioning)
3. Nic and Network Configuration
4. Time Zone Configuration
5. Account Configuration
6. Select a package group and a single RPM package
7. Installation Process
8. Confirm Installation
Therefore, you must modify the Python script language.
● At the beginning of the installation process, you must first disable the installation language selection, keyboard configuration, mouse configuration, and welcome information. In anaconda, Line491 if lang is displayed before determining whether the language is valid: add the following four sentences:
[Aidcode] instClass. addToSkipList ("language"); instClass. addToSkipList ("keyboard"); instClass. addToSkipList ("mouse"); instClass. addToSkipList ("welcome"); [/aidcode]
And in the gui. in the run function of class InstallInterface in py, comment out Line371 to Line371, that is, in the commonSteps structure, except for retaining (InstallPathWindow, "installtype"), comment out, "language"), (KeyboardWindow, "keyboard"), (MouseWindow, "mouse") and (WelcomeWindow, "welcome ")
● Streamline the installation type. Remove upgrateonly in the installclasses directory. py, workstation. py, server. py, laptop. py and custom. py removes all four specified types from the upgrade and installation types, and adds the IDS sensor type to the directory. for more information about the py file, see Appendix E.
In addition, you need to modify the iw/installpath_gui.py script file so that the Install and Upgrate icons and options are not displayed on the GUI, and only the IDS Sensor project is displayed. Specifically, the Line223, Line 227, Line 233, and Line 234 codes are commented out, that is, the last part of the getScreen function in class InstallPathWindow is not displayed.
● Remove other unnecessary steps to modify the iw/installpath_gui.py script file. Comment out the structure self in the class InstallPathWindow initialization function _ init. (FormatWindow, "format"), (FirewallWindow, "firewall"), (LanguageSupportWindow, "languagesupport"), (AuthWindow, "authentication"), (UnresolvedDependenciesWindow, "dependencies"), (XConfigWindow, "xconfig"), (BootdiskWindow, "bootdisk"), that is, steps 7, 10, 11, 14, 16, 17, and 20th are removed.
After completing the three steps, make and make install to re-compile the program for the modification to take effect, Copy these files to the relevant location in stage2.img, and replace the old files. This simplifies the installation process.
2.4 RPM package tailoring
The RPM package is cropped according to this requirement. The overall analysis of the project has been explained. The purpose is to quickly and correctly establish a Linux system environment running Snort in the system frontend Sensor. Therefore, you only need to keep the basic Linux system and the environment required to run snort.
The RPM package of the basic Linux system is described in detail in the base part of the comps file, so it is used as the blueprint to remove all the components except the base, remove the following unnecessary RPM packages from the base:
[Aidcode] apmd ash autoconfig dhcpolycrystalline ed eject TPD gettext gpm extends mailcap mailx man mktemp mouseconfig ncurses openldap popt procmail pump raidtool readline runtime-logos kernel-release rootfiles sendmail syslinux utemper words [/aidcode]
Add IDS Sensor component to the comps file and add necessary RPM packages in this group. For example, snort-1.8.1 requires snort, libpcap, mysql, openssl, openssl-clients, RPM packages, such as perl, are retained to facilitate debugging, and some RPM packages for operation and diagnosis, such as tcpdump, iputils, and zip. For comps completed, see appendix C.
In addition, in the/RPM directory, delete the non-retained RPM files (File suffix. RPM) based on the names of all the rpm packages confirmed above ). In this case, the comps file in/base and the RPM file in/rpm have been cut, you can use genhdlist to generate hdlist and hdlist2 files, genhdlist in the source code of the anaconda-7.1 utils directory. For details about the generation method, see Appendix D.
3. Existing Problems and future goals
The production of NetCop Linux is based on the RPM package as the cropping unit. Therefore, there must be a major defect, that is, there is no internal solution to the RPM package, you cannot remove a large number of unnecessary files in the RPM package and make modifications to the kernel and script files. Therefore, the next step is to open each candidate RPM package one by one and modify or discard each file in the package as needed so that a Linux release that is truly suitable for sensor can be made, undoubtedly, the workload is huge.
1. First, create the mount point after image file Resolution ):
[Aidcode] mkdir/mnt/stage2 [/aidcode]
2. Write a shell script for parsing and Restoration:
The parsing script is named up2.
[Aidcode] #! /Bin/sh mount-o loop stage2.img/mnt/stage2 [/aidcode]
The restore script is named down2.
[Aidcode] #! /Bin/sh umount/mnt/stage2 [/aidcode]
Appendix C comps file list
[Aidcode] 4 1 Base {MAKEDEV SysVinit anacron at random bash bdflush unzip chkconfig console-tools cpio cracklib-dicts crontabs cyrus-sasl openssl db1 db2 db3 dev has diffutils has file filesystem fileutils has gawk glib glibc-common grep gzip hdparm hotplug lilo info inits kernel kbdconfig kernel krb5-libs without libstdc ++ using logrotate losetup without mkbootdisk without modutils mount net-tools newt without pam without utils popt procps psmisc pwdb quota rpm sed setserial setup setuptool sh-utils shadow-utils slang slocate tar termcap textutils time timeconfig tmpwatch util-linux vim-common vim-minimal vixie-cron which zlib} 1 -- hide IDS Sensor {iptables iputils libpcap mysql openssh-clients openssl perl rdate snort tcpdump traceroute unzip zip} [/aidcode]
Appendix D generate hdlist and hdlist2
If the RPM package is included in the/tmp/cdimage/RedHat/RPMS directory, [aidcode] genhdlist/tmp/cdimage/[/aidcode]
Generate hdlist and hdlist2 files in the directory/tmp/cdimage/RedHat/base /.
Appendix E sensor. py file list
[Aidcode] from installclass import BaseInstallClass from translate import * from installclass import FSEDIT_CLEAR_ALL import OS import iutil class InstallClass (BaseInstallClass): name = N _ ("IDS Sensor ") pixmap = "sensor.png" sortPriority = 10 def _ init _ (self, expert): BaseInstallClass. _ init _ (self) self. setGroups (["IDS Sensor"]) self. addToSkipList ("lilo") self. addNewPartition ('/boot', (48,-1, 0), (None,-1, 0), (0, 0) self. addNewPartition ('/', (256,-1, 0), (None,-1, 0), () self. addNewPartition ('/usr', (512,-1, 1), (None,-1, 0), (0, 0) self. addNewPartition ('/var', (256,-1, 0), (None,-1, 0), (0, 0) self. addNewPartition ('/home', (512,-1, 1), (None,-1, 0), (0, 0) self. setClearParts (FSEDIT_CLEAR_ALL, warningText = N _ ("Automatic partitioning will erase all data on your hard" "drive to make room for your Linux installation. ") # self. addNewPartition ('SWAp ', (64,256, 1), (None,-1, 0), (2.4) # kernel requires more swap, so base amount we try to get # on amount of memory (minswap, maxswap) = iutil. swapSuggestion () self. addNewPartition ('SWAp ', (minswap, maxswap, 1), (None,-1, 0), (0, 0) [/aidcode]
Appendix F syslinux. cfg file list
[Aidcode] label linux kernel vmlinuz append initrd = initrd. img lang = us devfs = nomount vga = 788 [/aidcode]
Appendix G boot. img how to create a boot disk
[Aidcode] cat boot. img>/dev/fd0 [/aidcode]
Or
[Aidcode] dd if = boot. img of =/dev/fd0 bs = 1440 [/aidcode]
Appendix H How to Create a Linux CD image
The mkisofs command is used to create a CD image in Linux. For details, if the content of the CD is included in the/tmp/cdimage/directory, run
[Aidcode] mkisofs? V? R? T? J? V "NetCop Linux "? B images/boot. img-o/tmp/NetCopLinux. iso [/aidcode]
You can create a CD image file named NetCopLinux. iso in the/tmp directory. It uses/tmp/cdimage/images/boot. img as the CD boot file.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
