Do you find yourself installing multiple systems, all containing the same operating system and applications? As an IT instructor, I'm constantly installing systems for my next class or trying to fix the ramifications of a misconfiguration from a previous class.
As any system administrator can attest to, ghosting or hard drive-cloning software can be a real godsend. Backups are one thing; they retain your data. However, an image is a true timesaver it's a copy of the operating system itself, along with any installed software and all of your configurations and customizations.
I haven't always had the luxury of a commercial ghosting utility at hand. As you can well imagine, I've tried every homegrown and open source ghosting solution available. I started with various invocations of dd, gzip, ssh, and dump, but kept running across the same fundamental problem: it was easy enough to create an image, but inconvenient to deploy that image to a fresh hard drive. It was doable in the labs that used removable drives, but, otherwise, I had to open up a system, cable in the drive to be deployed, copy the image, and recable the drive into its own system.
Forget the wear and tear on the equipment; that solution wasn't working out to be much of a timesaver! What I really needed was a floppy that contained enough intelligence to go out on the network and retrieve and restore an image. I tried several open source applications and found that Ghost For Unix, g4u, best fit the bill.
2.12.1 Creating the Ghost Disk
You're about two minutes away from creating a bootable g4u floppy. Simply download g4u-1.12fs from http://theatomicmoose.ca/g4u/ and copy it to a floppy:
# cat g4u-1.12fs > /dev/fd0
Your only other requirement is a system with a drive capable of holding your images. It can be any operating system, as long as it has an installed FTP server. If it's a FreeBSD system, you can configure an FTP server through /stand/sysinstall. Choose Configure from the menu, then Networking. Use your spacebar to choose Anon FTP.
Choose Yes to the configuration message and accept the defaults by tabbing to OK. The welcome message is optional. Exit sysinstall once you're finished.
You'll then need to remove the remark (#) in front of the FTP line in /etc/inetd.conf, so it looks like this:
ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l
If inetd is already running, inform it of the configuration change using killall -1 inetd. Otherwise, start inetd by simply typing inetd. To ensure the service is running:
# sockstat | grep 21 root inetd 22433 4 tcp4 *:21 *:*
In this listing, the local system is listening for requests on port 21, and there aren't any current connections listed in the remote address section (*:*).
g4u requires a username and a password before it will create or retrieve an image. The default account is install, but you can specify another user account when you use g4u. To create the install account on a FreeBSD FTP server:
# pw useradd install -m -s /bin/csh
Then, use passwd install to give this account a password you will remember.
2.12.2 Creating an Image
Before you create an image, fully configure a test system. For example, in my security lab, I usually install the latest release of FreeBSD, add my customized /etc/motd and shell prompt, configure X, and install and configure the applications students will use during their labs.
It's a good idea to know ahead of time how large the hard drive is on the test system and how it has been partitioned. There are several ways to find out on a FreeBSD system, depending upon how good you are at math. One way is to go back into /stand/sysinstall and choose Configure then Fdisk. The first long line will give the size of the entire hard drive:
Disk name: ad0 DISK Geometry: 19885 cyls/16 heads/63 sectors = 20044080 sectors (9787MB)
Press q to exit this screen. If you then type fdisk at the command line, you'll see the size of your partitions:
# fdisk <snip> The data for partition 1 is: sysid 165 (0xa5), (FreeBSD/NetBSD/386BSD) start 63, size 4095441 (1999 Meg), flag 80 (active) <snip> The data for partition 2 is: <UNUSED> The data for partition 3 is: <UNUSED> The data for partition 4 is: <UNUSED>
This particular system has a 9787 MB hard drive that has one 1999 MB partition containing FreeBSD.
Once you're satisfied with your system, insert the floppy and reboot.
g4u will probe for hardware and configure the NIC using DHCP. Once it's finished, you'll be presented with this screen:
Welcome to g4u Harddisk Image Cloning V1.12! * To upload disk-image to FTP, type: uploaddisk serverIP [image] [disk] * To upload partition to FTP, type: uploadpart serverIP [image] [disk+part] * To install harddisk from FTP, type: slurpdisk serverIP [image] [disk] * To install partition from FTP, type: slurppart serverIP [image] [disk+part] * To copy disks locally, type: copydisk disk0 disk1 [disk] defaults to wd0 for first IDE disk, [disk+part] defaults to wd0d for the whole first IDE disk. Use wd1 for second IDE disk, sd0 for first SCSI disk, etc. Default image for slurpdisk is 'rwd0d.gz'. Run 'dmesg' to see boot messages, 'disks' for recognized disks, 'parts <disk>' for list of (BSD-type!) partitions on disk '<disk>" (wd0, ...), run any other commands without args to see usage message.
Creating the image is as simple as invoking uploaddisk with the IP address of the FTP server. If you wish, include a useful name for the image; in this example, I'll call the image securitylab.gz:
# uploaddisk 192.168.2.95 securitylab.gz ( cat $tmpfile ; dd progress=1 if=/dev/rwd0d bs=1m | gzip -9 ) | ftp -n tmpfile: open 192.168.2.95 user install bin put - securitylab.gz bye 5 4 3 2 1 working... Connected to 192.168.2.95. 220 genisis FTP server (Version 6.00LS) ready. 331 Password required for install. Password: type_password_here 230 User install logged in. Remote system type is UNIX. Using binary mode to transfer files. 200 Type set to I. remote: securitylab.gz 227 Entering Passive Mode (192,168,2,95,192,1) 150 Opening BINARY mode data connection for 'securitylab.gz'. ...................
This will take a while. How long depends upon the size of the drive and the speed of your network. When it is finished, you'll see a summary:
9787+1 records in 9787+1 records out 10262568960 bytes transferred in 6033.533 secs (1700921 bytes/sec) 226 Transfer complete. 3936397936 bytes sent in 1:40:29 (637.58 KB/s) 221 Goodbye. #
You can also check out the size of the image on the FTP server:
% du -h ~install/securitylab.gz 3.7G /home/install/securitylab.gz
That's not too bad. It took just over an hour and a half to compress that 9 GB drive to a 3.7 GB image. The g4u web site also has some hints for further reducing the size of the image or increasing the speed of the transfer.
It's also possible to create an image of each particular filesystem, but I find it easier just to image a fairly small drive. This is because an image of the entire drive includes the master boot record (MBR) or the desired partitioning scheme.
2.12.3 Deploying the Image
When you wish to install the image, use the floppy to boot the system to receive the image. Once you receive the prompt, specify the name of the image and the IP address of the FTP server:
# slurpdisk 192.168.2.95 securitylab.gz
It doesn't matter what was previously on that drive. Since the MBR is recreated, the new drive will just contain the imaged data. Once the deployment is finished, simply reboot the system without the floppy.
2.12.4 See Also