Friday, May 26, 2017

Autoinstall ... too "auto"?

Autoinstall(8) and its ability to automate the trivial but time
consuming task of typing info like keyboard layout and network setup -
not to mention encrypted passwords and ssh keys! - by supplying the
information in a response file, is great. Add the ability to supply a
template for disklabel and it is absolutely wonderful.

However, there appears to be a fly in the ointment: If you want to
deviate from the "one disk, one disklabel"-dogma, like when needing a
partially encrypted installation, you're out of luck!

I'm in need of rolling out machines with a close to FDE configuration.
"Close to" meaning a single physical disk where everything is encrypted
except for a root partition. (Please don't ask why. I have good reasons
and run a lot of machines with a setup like this. I would simply like to
automate the cumbersome installation process.)

I do a PXE boot and select (S)hell to prepare the disk after bsd.rd has
fired up:

# disklabel -E sd0 (phsyical disk)
a a (specifying a 1G partion)
a p (specifying a 249G for softraid crypto)
w
q

# bioctl -c C -l /dev/sd0p softraid0
entering passphrase x 2

# cd /dev; sh ./MAKEDEV sd1

Then I start autoinstall:

# autoinstall

So far so good. At this point autoinstall will recognize the root disk
[sd0] and the additional encrypted volume [sd1].

Available disks are sd0, sd1.

In the response file I have:

Which disk is the root disk = sd0

But, from here on things start to go wrong.

If I'm not supplying a template for disklabel, the installer will assume
I want to use the whole disk and will autopartition it, removing the
crypto partition (p) in the process. But, if I DO supply a template for
disklabel, the installer will ALSO remove the crypto partion. It may
fail with:

disklabel: ioctl DIOCWDINFO: Open partition would move or shrink

Guess I'm out of luck and will have to revert to manual install.

From what I'm able to infer, autoinstall (and perhaps the manuel
installer as well) would benefit from being able to recognize something
like:

Use (A)uto layout, (E)dit auto layout, (K)eep existing layout or
^^^^^^^^^^^^^^^^^^^^^^^^
create (C)ustom layout = K

That way, one could manually setup disks and initiate any RAID
configuration before starting autoinstall - leaning back and watch it
complete the job?

Erling

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)