« Automatic Zone Installation Part 2
Better Scripts #1 »

Automatic Zone Configuration

The last two entries has been about automatic zone installation, part 1 and part 2. With the provided script you can create as many zones as your platform can allow. But usually the story doesn’t end there. In 99.9% of the cases you want to customize the zone even more. In many cases you want to do exactly the same customizations for each zone, e.g add a non-root user and so forth.

The easiest way to do this is to create a script that will be executed and the end of the first boot. As you may know Solaris 10 is using SMF (Service Management Facility) for starting services but they also support the legacy rc.d directories. SMF is very powerful but sometimes it is way faster and easier to use the rc.d directory.

First lets write a simple script that stops the automounter (so that we can use /home for our own purposes), adds a user called dba to the new zone and creates the home directory with sane permissions.


#!/bin/ksh

#
# if the /.first_boot file doesn't exist we won't run this script
#
if [ ! -f /.first_boot ]; then
exit 0
fi

#
# disable automounter
#
/usr/sbin/svcadm disable autofs

#
# add the user and group
#
/usr/sbin/groupadd dba
/usr/sbin/useradd -g dba -s /bin/bash -d /home/dba dba

#
# create home directories
#
mkdir /home/dba
chown dba:dba /home/dba
chmod 0700 /home/dba

#
# remove the /.first_boot file so we won't start again
#
rm -f /.first_boot

If you look at the first few lines of the script you will notice it looks for a file called .first_boot. This is used as a marker so that we will only execute this script once.

In this example you have followed my two previous posts so you will have a zone installed under /zones/testzone. Copy this script and save it as a file called first_boot.sh somewhere in your global zone. Now you need to copy it to the startup directory of your new zone.

# cp first_boot.sh /zones/testzone/root/etc/rc3.d/S99first_boot.sh
# chmod 0755 /zones/testzone/root/etc/rc3.d/S99first_boot.sh
This will copy the script into the rc3.d startup folder and it will be executed last. In addition you need to remember to set the execute bit for the script. Now we need to create the startup marker file.

# touch /zones/testzone/root/.first_boot
Now if you reboot your zone using either reboot directly from the zone or use the zoneadm commands like this

# zoneadm -z testzone halt
# zoneadm -z testzone boot
If you login afterwards you can see your next user and group. The account is locked and you need to set a password to be able to use it. There are ways to script that as well but I leave that outside this article.

The obvious thing now of course is to modify my zone install script so that it copy this startup file to a newly created zone. Then when you login the first time all your settings are in place.

[?]
Do you need system administration assistance? If you like what you are reading please consider subscribing to the RSS feed. If you have feedback or if you find the article useful please leave a comment below.

This entry was posted on Thursday, May 24th, 2007 at 3:04 pm and is filed under OpenSolaris, Scripts, Solaris, Zones. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply