Host management
4.6 Installation of the operating system
The installation process is one of the most destructive things we can do to a computer. Everything on the disk will disappear during the installation process.
One should therefore have a plan for restoring the information if it should turn out that reinstallation was in error.
Today, installing a new machine is a simple affair. The operating system comes on some removable medium (like a CD or DVD) that is inserted into the player and booted. One then answers a few questions and the installation is done.
Operating systems are now large so they are split up into packages. One is expected to choose whether to install everything that is available or just certain packages. Most operating systems provide a package installation program which helps this process.
In order to answer the questions about installing a new host, information must be collected and some choices made:
• We must decide a name for each machine.
• We need an unused Internet address for each.
• We must decide how much virtual memory (swap) space to allocate.
• We need to know the local netmask and domain name.
• We need to know the local timezone.
We might need to know whether a Network Information Service (NIS) or Windows domain controller is used on the local network; if so, how to attach the new host to this service. When we have this information, we are ready to begin.
4.6.1 Solaris
Solaris can be installed in a number of ways. The simplest is from CD-ROM. At the boot prompt, we simply type
? boot cdrom
This starts a graphical user interface which leads one through the steps of the installation from disk partitioning to operating system installation. The procedure is well described in the accompanying documentation, indeed it is quite intuitive, so we needn’t belabor the point here. The installation procedure proceeds through the standard list of questions, in this order:
• Preferred language and keyboard type.
• Name of host.
• Net interfaces and IP addresses.
• Subscribe to NIS or NIS plus domain, or not.
• Subnet mask.
• Timezone.
• Choose upgrade or install from scratch.
Solaris installation addresses an important issue, namely that of customization and integration. As part of the installation procedure, Solaris provides a service called Jumpstart, which allows hosts to execute specialized scripts which cus-tomize the installation. In principle, the automation of hosts can be completely automated using Jumpstart. Customization is extremely important for integrating hosts into a local network. As we have seen, vendor standard models are almost never adequate in real networks. By making it possible to adapt the installation procedure to local requirements, Solaris makes a great contribution to automatic network configuration.
Installation from CD-ROM assumes that every host has a CD-ROM from which to install the operating system. This is not always the case, so operating systems also enable hosts with CD-ROM players to act as network servers for their CD-ROMs, thus allowing the operating system to be installed directly from the network.
4.6.2 GNU/Linux
Installing GNU/Linux is simply a case of inserting a CD-ROM and booting from it, then following the instructions. However, GNU/Linux is not one, but a family of operating systems. There are many distributions, maintained by different orga-nizations and they are installed in different ways. Usually one balances ease of installation with flexibility of choice.
What makes GNU/Linux installation unique amongst operating system instal-lations is the sheer size of the program base. Since every piece of free software is bundled, there are literally hundreds of packages to choose from. This presents GNU/Linux distributors with a dilemma. To make installation as simple as possi-ble, package maintainers make software self-installing with some kind of default configuration. This applies to user programs and to operating system services.
Here lies the problem: installing network services which we don’t intend to use presents a security risk to a host. A service which is installed is a way into the
system. A service which we are not even aware of could be a huge risk. If we install everything, then, we are faced with uncertainty in knowing what the operating system actually consists of, i.e. what we are getting ourselves into.
As with most operating systems, GNU/Linux installations assume that you are setting up a stand-alone PC which is yours to own and do with as you please.
Although GNU/Linux is a multiuser system, it is treated as a single-user system.
Little thought is given to the effect of installing services like news servers and web servers. The scripts which are bundled for adding user accounts also treat the host as a little microcosm, placing users in /home and software in/usr/local.
To make a network workstation out of GNU/Linux, we need to override many of its idiosyncrasies.
4.6.3 Windows
The installation of Windows4is similar to both of the above. One inserts a CD-ROM and boots. Here it is preferable to begin with an already partitioned hard-drive (the installation program is somewhat ambiguous with regard to partitions). On rebooting, we are asked whether we wish to install Windows anew, or repair an existing installation. This is rather like the GNU/Linux rescue disk. Next we choose the filesystem type for Windows to be installed on, either DOS or NTFS. There is clearly only one choice: installing on a DOS partition would be irresponsible with regard to security. Choose NTFS.
Windows reboots several times during the installation procedure, though this has improved somewhat in recent versions. The first time around, it converts its default DOS partition into NTFS and reboots again. Then the remainder of the installation proceeds with a graphical user interface. There are several installation models for Windows workstations, including regular, laptop, minimum and custom. Having chosen one of these, one is asked to enter a license key for the operating system. The installation procedure asks us whether we wish to use DHCP to configure the host with an IP address dynamically, or whether a static IP address will be set. After various other questions, the host reboots and we can log in as Administrator.
Windows service packs are patch releases which contain important upgrades.
These are refreshingly trivial to install on an already-running Windows system.
One simply inserts them into the CD-ROM drive and up pops the Explorer program with instructions and descriptions of contents. Clicking on the install link starts the upgrade. After a service pack upgrade, Windows reboots predictably and then we are done. Changes in configuration require one to reinstall service packs, however.
4.6.4 Dual boot
There are many advantages to having both Windows and GNU/Linux (plus any other operating systems you might like) on the same PC. This is now easily
4Since Windows 9x is largely history, and NT changes names (NT, 2000, XP, ...) faster than a speeding bullet, I have chosen to refer to ‘Windows’ meaning modern NT-based Windows, and largely ignore the older versions in this book.
achieved with the installation procedures provided by these two operating systems.
It means, however, that we need to be able to choose the operating system from a menu at boot time. The boot-manager GRUB that is now part of GNU/Linux distributions performs this tasks very well, so one scarcely needs to think about this issue anymore. Note, however, that it is highly advisable to install Windows before installing GNU/Linux, since the latter tends to have more respect for the former than vice versa! GNU/Linux can preserve an existing Windows partition, and even repartition the disk appropriately.
4.6.5 Configuring name service lookup
Name service lookup must be configured in order for a system to be able to look up hostnames and Internet addresses. On Windows systems, one configures a list of name servers by going to the menu for TCP/IP network configuration. On Unix hosts there are often graphical tools for doing this too. However, automation requires a non-interactive approach, for scalability, so we consider the low-level approach to this. The most important file in this connection is/etc/resolv.conf.
Ancient IRIX systems seem to have placed this file in /usr/etc/resolv.conf.
This old location is obsolete. Without the resolver configuration file, a host will often stop dead whilst trying, in vain, to look up Internet addresses. Hosts which use NIS or NIS plus might be able to look up local names; names can also be registered manually in/etc/hosts. The most important features of this file are the definition of the domain-name and a list of nameservers which can perform the address translation service. These nameservers must be listed as IP numerical addresses. The format of the file is as shown.
domain domain.country nameserver 192.0.2.10 nameserver 158.36.85.10 nameserver 129.241.1.99
Some prefer to use the search directive in place of the domain directive, since it is more general and allows several domains to be searched in special circumstances:
search domain.country nameserver 192.0.2.10 nameserver 192.0.2.85 nameserver 192.0.2.99
The default is to search the local domain, so these are equivalent unless several domains are to be searched. On the host which is itself a nameserver, the first nameserver should be listed as the loopback address, so as to avoid sending traffic out onto the network when none is required:
search domain.country nameserver 127.0.0.1 nameserver 192.0.2.10 nameserver 192.0.2.99
DNS has several competitor services. A trivial mapping of hostnames to IP addresses is performed by the/etc/hostsdatabase, and this file can be shared using NIS or NIS plus. Windows had the WINS service, though this is now dep-recated. Modern Unix-like systems allow us to choose the order in which these competing services are given priority when looking up hostname data. Unfortu-nately there is no standard way of configuring this. GNU/Linux and public domain resolver packages for old SunOS (resolv+) use a file called /etc/hosts.conf.
The format of this file is order hosts,bind,nis multi on
This example tells the lookup routines to look in the/etc/hostsfile first, then to query DNS/BIND and then finally to look at NIS. The resolver routines quit after the first match they find, they do not query all three databases every time. Solaris, and now also some GNU/Linux distributions, use a file called /etc/nsswitch.conf which is a general configuration for all database services, not just the hostname service.
# files,nis,nisplus,dns passwd: files
group: files hosts: files dns ipnodes: files dns networks: files protocols: files
rpc: files
ethers: files netmasks: files bootparams: files
Note that Solaris has ‘ipnodes’ which is used for name lookup in the new IPv6 compatible lookup routines. If DNS is not added here, Solaris does not find IPv6 addresses registered in DNS.
4.6.6 Diskless clients
Diskless workstations are, as per the name, workstations which have no disk at all. They are now rare, but with the increase of network speeds, they are being discussed again in new guises such as ‘thin clients’.
Diskless workstations know absolutely nothing other than the MAC address of their network interface (Ethernet address). In earlier times, when disks were expensive, diskless workstations were seen as a cheap option. Diskless clients require disk space on a server-host in order to function, i.e. some other host which does have a disk, needs to be a disk server for the diskless clients. Most vendors supply a script for creating diskless workstations. This script is run on the server-host.
When a diskless system is switched on for the first time, it has no files and knows nothing about itself except the Ethernet address on its network card. It proceeds by sending a RARP (reverse address resolution protocol) or BOOTP or DHCP request out onto the local subnet in the hope that a server (in.rarpd) will respond by telling it its Internet address. The server hosts must be running two services: rpc.bootparamd and tftpd, the trivial file transfer program. This is another reason for arguing against diskless clients: these services are rather insecure and could be a security risk for the server host. A call to the rpc.bootparamddaemon transfers data about where the diskless station can find a server, and what its swap-area and root directory are called in the file tree of this server. The root directory and swap file are mounted using the NFS. The diskless client loads its kernel from its root directory and thereafter everything proceeds as normal. Diskless workstations swap to files rather than partitions. The command mkfileis used to create a fixed-size file for swapping.
4.6.7 Dual-homed host
A host with two network interfaces, both of which are coupled to a network, is called a dual-homed host. Dual-homed hosts are important in buildingfirewalls for network security. A host with two network interfaces can be configured to automatically forward packets between the networks (act as a bridge) or to block such forwarding. The latter is normal in a firewall configuration, where it is left to proxy software to forward packets only after some form of inspection procedure. Most vendor operating systems will configure dual-network interfaces automatically, with forwarding switched off. Briefly here is a GNU/Linux setup for two network interfaces.
1. Compile a new kernel with support for both types of interface, unless both are of the same type.
2. Change the lilo configuration to detect both interfaces, if necessary, by adding:
append="ether=0,0,eth0 ether=0,0,eth1"
to/etc/lilo.conf.
3. The new interface can be assigned an IP address in the file /etc/init.d/
network.
One must then decide how the IP addresses are to be registered in the DNS service.
Will the host have the same name on both interfaces, or will it have a different name? Packet routing on dual-homed hosts has been discussed in ref. [272].
4.6.8 Cloning systems
We are almost never interested in installing every machine separately. A system administrator usually has to install ten, twenty or even a hundred machines at a
time. He or she would also like them to be as far as possible the same, so that users will always know what to expect. This might sound like a straightforward problem, but it is not. There are several approaches.
• A few Unix-like operating systems provide a solution to this using package templates so that the installation procedure becomes standardized.
• The hard disks of one machine can be physically copied and then the hostname and IP address can be edited afterwards.
• All software can be placed on one host and shared using NFS, or another shared filesystem.
Each of these approaches has its attractions. The NFS/shared filesystem approach is without doubt the least amount of work, since it involves installing the software only once, but it is also the slowest in operation for users.
As an example of the first, here is how Debian GNU/Linux tackles this problem using the Debian package system:
Install one system
dpkg --get-selections > file On the remaining machines type
dpkg --set-selections < file Run install packages program.
Alternatively, one can install a single package with:
dpkg -i package.deb
This method has now been superceded by an extremely elegant package system using theapt-getcommand. Installation of a package is completely transparent as to source and dependencies:
host# apt-get install bison Reading Package Lists... Done Building Dependency Tree... Done
The following NEW packages will be installed:
bison
0 packages upgraded, 1 newly installed, 0 to remove and 110 not upgraded.
Need to get 387kB of archives. After unpacking 669kB will be used.
Get:1 http://sunsite.uio.no stable/main bison 1:1.35-3 [387kB]
Fetched 387kB in 0s (644kB/s)
Selecting previously deselected package bison.
(Reading database ... 10771 files and directories currently installed.) Unpacking bison (from .../bison_1%3a1.35-3_i386.deb) ...
Setting up bison (1.35-3) ...
In RedHat Linux, a similar mechanism looks like this:
rpm -ivh package.rpm
Disks can be mirrored directly, using some kind of cloning program. For instance, the Unix tape archive program (tar) can be used to copy the entire direc-tory tree of one host. In order to make this work, we first have to perform a basic installation of the OS, with zero packages and then copy over all remaining files which constitutes the packages we require. In the case of the Debian system above, there is no advantage to doing this, since the package installation mechanism can do the same job more cleanly. For example, with a GNU/Linux distribution:
tar --exclude /proc --exclude /lib/libc.so.5.4.23 \ --exclude /etc/hostname --exclude /etc/hosts -c -v \ -f host-imprint.tar /
Note that several files must be excluded from the dump. The file/lib/libc.so.
5.4.23is the C library; if we try to write this file back from backup, the destination computer will crash immediately./etc/hostnameand/etc/hostscontains defi-nitions of the hostname of the destination computer, and must be left unchanged.
Once a minimal installation has been performed on the destination host, we can access the tar file and unpack it to install the image:
(cd / ; tar xfp /mnt/dump/my-machine.tar; lilo)
Afterwards, we have to install the boot sector, with thelilocommand. The cloning of Unix systems has been discussed in refs. [297, 339].
Note that Windows systems cannot be cloned without special software (e.g.
Norton Ghost or PowerQuest Drive Image). There are fundamental technical rea-sons for this. One is the fact that many host parameters are configured in the impenetrablesystem registry. Unless all of the hardware and software details of every host are the same, this will fail with an inconsistency. Another reason is that users are registered in a binary database with security IDs which can have different numerical values on each host. Finally domain registration cannot be cloned. A host must register manually with its domain server. Novell Zenworks contains a cloning solution that ties NDS objects to disk images.