Cover V12, I01

Article
Figure 1
Listing 1
Listing 2
Listing 3
Listing 4

jan2003.tar

Bootprofile for Linux

Rajeev Kumar

When I switch my Linux laptop between home and office networking environments, I often need to reconfigure the laptop with different IP address, X display settings, DNS, DHCP, NIS settings, etc. To address this problem, I began by singling out which configuration files had to be changed and writing simple shell scripts for the onsite and homenet (offsite) networked environments. The scripts would run before I shut down my laptop to define the next boot mode (offsite or onsite). This was easy for me, but when we started deploying laptops for common users, I started searching for better tools.

Some tools, such as Mobile IP from Sun Microsystems: 

http://playground.sun.com/pub/mobile-ip
or Dynamic Hut Mobile IP: 

http://www.cs.hut.fi/Research/Dynamics/index.html
are either in the early stages of development or are centered around just changing the IP address. I wanted a way to change IP addresses as well as many configuration files based on the selected networked environment.

"Bootprofile for Linux" achieves this task by manipulating configuration files at very early stage of the Linux boot process -- before even configuring the IP address of the machine. The bootprofile tool is written in Perl and is ideal for roaming Linux laptops and for desktops/servers that need to be booted in changing networked environments.

How Does It Work?

Currently, bootprofile has been tested on Red Hat 6.x and Red Hat 7.x, but the idea is simple enough to also apply to other Linux distributions. Bootprofile runs as root early in the Linux boot process. Be extremely careful before changing critical bootscripts and applying bootprofile to your system. Standard disclaimers apply.

I modified the boot script (in Red Hat /etc/rc.d/rc.sysinit) such that it would mount the root file system in read/write mode in the first few steps. This is a very critical and risky step. (Normally, Red Hat rc.sysinit script mounts the root file system in read/write mode late in the boot process.) Just after mounting the root file system in read/write mode, bootprofile (/sbin/bootprofile) presents a user dialog box (see Figure 1) with which to select the desired bootprofile (set up earlier as a part of configuration). Based on user selection, it takes action for a particular bootprofile (e.g., running commands, copying configuration files, etc.). After that, it boots up the machine for the selected bootprofile. There will be a separate configuration file (<profilename>.profile) for each networked profile defined under bootprofile. See Listing 1 for sample "homenet.profile" configuration file for "homenet" profile.

There are five major sections defined in bootprofile configuration file(s), as follows:

[ch kconfig] -- Runs the /sbin/chkconfig command to activate/deactivate services registered under chkconfig. See the chkconfig(1) man page on how to register any new service under chkconfig.

[fil es] -- Copies (overwrite) files from source to target defined in this section.

[links] -- Creates symbolic links based on defined target symlink here.

[remove] -- Removes any mentioned file, directory, or link.

[scripts] -- Runs your scripts defined under this section. This is a very powerful section where you can define your own scripts to run at an early stage of the Linux boot.

When bootprofile is executed at boot time based on the configuration shown in Listing 1, it takes the actions shown in Listing 2. After that, it runs the remaining boot process based on changes made by bootprofile. So, in Listing 2 bootprofile is shutting down NIS, sendmail, etc., changing files like /etc/fstab, IP address file, linking /usr/local to desired directory designed for offsite (i.e., /usr/local.offsite), removing a few bootscripts, and finally running the user-defined script /root/myscript.

Prerequisites

1. Perl binary located in /usr/bin/perl. If you have another location for Perl, it is recommended to copy (not link) at least the Perl binary to this location. Bootprofile uses a simple Perl interpreter; it doesn't require any Perl module. If you have /usr as a separate partition, it may not be mounted at a very early stage of the boot process. In such cases, put Perl in /bin/perl (and modify the bootprofile script for your Perl path). The idea is that Perl must be available on the (root) file system at a very early stage of the boot process.

2. The Linux dialog(1) command must be present on your Linux distribution by default. Run: 

dialog --msgbox  "Hello World" 20 60
and if it shows a dialog box, that's a good sign. dialog(1) may not be installed by default, so you can find it on your Linux CD or download it from: 

http://www.rpmfind.net
for your Linux distribution.

3. chkconfig(1) -- Red Hat and Mandrake use this program (/sbin/chkconfig) to switch off/on services from various run levels. It is good to have this.

4. You need to modify the initial boot script (/etc/rc.d/rc.sysinit in Red Hat) and be sure you mount the root (and other system partition) file system at a very early stage and put in /sbin/bootprofile just after that. For a few tested systems (Red Hat/Mandrake) the bootprofile distribution includes edited rc.sysinit under contrib/ directory.

Installation and Configuration

1. Download the latest version of bootprofile from the "bootprofile" home page: 

http://www.rajeevnet.com/linux/bootprofile/index.html
This mainly includes the bootprofile Perl script. The contrib section includes rc.sysinit for tested platforms, the bootprofile template directory, and documentation. Untar it and copy the bootprofile Perl script as /sbin/bootprofile.

2. Back up your current /etc/rc.d/rc.sysinit as /etc/rc.d/rc.sysinit.orig. Replace this with the downloaded version or manually edit the file /etc/rc.d/rc.sysinit, such that you mount root filesystem as read/write at a very early stage of the Linux boot. The first time, it is wise to comment out the bootprofile line. Reboot the system and be sure you didn't break your boot process. This is a very important and risky step, so be careful!

3. Create bootprofile configuration file /etc/sysconfig/bootprofile with the following parameters. This will switch off/on the bootprofile system. 

BOOTPROFILE="ON"
TIMEOUT="0"
4. Now create a directory for each <profilename> as per the template included in the bootprofile distribution under contrib/. Also create a configuration file for each <profilename> as <profilename>.profile, (the .profile extension is mandatory here). For example, if you want to create <profilename> as "homenet", do the following steps: 

#cd /etc/bootprofile
#mkdir -p /etc/bootprofile/homenet
#touch /etc/bootprofile/onsite/homenet.profile  ;Extension must be .profile.
5. Put the following five section lines in the "<profilename>.profile" file. Add actions for each section based on your requirement for this network profile: 

[chkconfig]
[files]
[links]
[remove]
[scripts]
Copy all the configuration files mentioned in the [files] section under the directory /etc/bootprofile/homenet for the homenet profile. In a similar way, you can create many profiles and modify all these config files appropriately. Listing 3 shows a directory tree structure for two networked profiles named "homenet" and "onsite" under bootprofile. See Listing 4 for the detailed explanation of each section.

6. After creating bootprofile, test (dry run) the profile(s) and be sure the commands shown as an output were desired commands for bootprofile. This won't change anything on the system: 

#/sbin/bootprofile --test
Select desired profile and hit OK. You should see something similar to the output shown in Listing 2. Be sure these are desired actions for you in the corresponding bootprofile.

7. Once you are satisfied with the bootprofile setup, it is time to run bootprofile in execute mode. This will actually change files and configuration on running systems based on the bootprofile. It is best to keep a backup copy of the current configuration files you are overwriting, especially files defined in the [files] section: 

#/sbin/bootprofile --execute
.
8. Reboot the system and check whether the next reboot brings you the new profile. If the reboot was okay, then it is time to uncomment the bootprofile entry in rc.sysinit script.

9. Uncomment the bootprofile entry (/sbin/bootprofile --execute) in the /etc/rc.d/rc.sysinit script. Reboot the system and be sure everything is okay. You can now create as many networked profiles as desired with the above steps.

10. Every time you create any directory (/etc/bootprofile/<newprofilename>) and create a profile filename (/etc/bootprofile/ \
<newprofilename>/<newprofilename>.profile), bootprofile will automatically pick up that profile the next time.

Limitations

1. Whenever "bootprofile --execute" is run, changes made by that instance are permanent. So be sure any change done in one networked profile (<profilename>.profile) has a corresponding entry in all other networked profiles you create under bootprofile. For example, suppose you have two boot profiles: onsite and homenet. <homenet> has ypbind turned off. So if you go into <homenet> profile, it will turn off ypbind service. After that, if you go into the <onsite> profile at the next reboot, ypbind will remain turned off unless you added an action to specifically turn on ypbind in the <onsite> bootprofile.

2. Currently, bootprofile may not work with Linux systems that have separate filesystems for /usr, /var, /etc. Bootprofile assumes that Linux system files are installed on a single partition (i.e., root filesystem).

3. This will work with Red Hat and Red Hat-like Linux systems.

Conclusion

Bootprofile for Linux is a very simple but beneficial feature for Linux machines, especially for roaming laptops. The current implementation of bootprofile is an easy and quick solution that works well for changing networked environments. Automating configuration with bootprofile is preferable to manually changing files, which generally requires root access and single user mode access.

The bootprofile Web site contains the following warning, which makes a useful ending for this article: "This software runs as root at a very early stage of Linux boot. Improper use of this software may cause boot problems or other possible damage to your system. Use this software at your own risk..." Be sure to experiment with bootprofile on a test system before implementing it in a production capacity.

Rajeev Kumar is currently working as Senior Systems & Security Administrator for Fluent Inc. He has more than six years of UNIX/Linux and systems security experience. He maintains the Web site www.rajeevnet.com, where he publishes freeware code and systems/security documents. Rajeev can be reached by email at: rajeev@rajeevnet.com or rxk@fluent.com.

 
© 2005 CMP Media LLC. All Rights Reserved.
www.sysadminmag.com