|
Size: 15907
Comment: Initial move from InstallCDCustomizationHowto
|
← Revision 93 as of 2020-01-28 16:26:26 ⇥
Size: 32310
Comment: Updated ISO links to reflect currently-supported releases
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 9: | Line 9: |
| = CD Customization = * '''Applies to:''' Ubuntu 5.10 * '''Does not apply to:''' Ubuntu 6.06 The process of customizing or "remastering" Ubuntu CDs is not especially complex, but it is a little tedious and finicky. My knowledge of the process is also imperfect so hopefully other people will modify this page as appropriate. The install CD has three main parts: a bootloader (ISOLINUX on amd64/i386 systems, yaboot on powerpc) and its configuration, which start everything up; debian-installer (d-i) which in this case is really a specialised miniature Ubuntu system; and a Debian-style repository structure, which is what takes up all that space on the disk in the directories "pool" and "dists". Building a new CD may involve modifications to all three parts. == Modify installer behaviour using a Preseed file == When the CD boots up, a Linux kernel is started and the installation tasks are initiated. The installer's default behaviour can be modified through the use of a "preseed" file, which feeds d-i answers to questions normally asked by debconf or in other contexts. If you look closely at your install CD, you'll see that certain options (e.g. "server", "expert", "oem") already have preseed files assigned to them. So, suppose you are installing breezy on a bunch of identical computers and you already know the answers to certain questions (what country and time zone you're in, what keyboard you have, how the network should be configured, how you want to partition the hard disk, etc. etc.). You can "preseed" the answers to these questions in a very simple configuration file. === Changing isolinux.cfg to identify your preseed === First, though, you need to tell d-i to look for your preseed file in the right place. The standard disk contains a directory /preseed; you should put your seed file there. You tell d-i where to find this file by modifying the bootloader config file, located in isolinux/isolinux.cfg, to pass appropriate parameters on the kernel command line. My file has the following lines in it: {{{ DEFAULT /install/vmlinuz APPEND preseed/file=/cdrom/preseed/learnexchange.seed kbd-chooser/method=us debian-installer/locale=en_CA vga=normal initrd=/install/initrd.gz ramdisk_size=16384 root=/dev/rd/0 DEBCONF_PRIORITY=critical debconf/priority=critical rw -- }}} DEFAULT is the kernel loaded when I just press "enter" at the boot prompt. APPEND contains the options passed to the kernel. preseed/file is the most important one; the next two identify my locale and keyboard as Canadian; DEBCONF_PRIORITY ensures I don't see any unnecessary debconf questions. Look carefully at your file and modify as you see fit. === Writing the preseed file === There are lots of example preseed files kicking around; here's one from the CD -- server.seed: {{{ # Don't install usplash. d-i base-installer/kernel/linux/extra-packages-2.6 string # Desktop system not installed; don't waste time and disk space copying it. d-i archive-copier/desktop-task string ubuntu-standard d-i archive-copier/ship-task string # Only install the standard system and language packs in the second stage. base-config base-config/package-selection string ~t^ubuntu-standard$ base-config base-config/language-pack-patterns string language-pack-$LL # No language support packages. base-config base-config/install-language-support boolean false }}} (Note that the version of this file on breezy CD images was buggy: it set base-config/package-selection to "~tubuntu-standard" rather than "~t^ubuntu-standard$". Use the new version in preference; the old one will break with Ubuntu 6.04.) First notice the format. There are 4 fields: |
= Introduction = ||<tablestyle="float:right; font-size: 0.9em; width:40%; background:#F1F1ED; margin: 0 0 1em 1em;" style="padding:0.5em;"><<TableOfContents(3)>>|| The process of customizing or "remastering" Ubuntu installation CDs is not especially complex, but it is a little tedious and finicky. The Ubuntu installation CD (since Ubuntu 6.06, the 'alternative install' or 'server' CD) has three main parts: a boot-loader (Isolinux on AMD64/x86 systems, yaboot on PowerPC) and its configuration (which starts everything up); debian-installer (also known as d-i, which in this case is really a specialized miniature Ubuntu system); and a Debian-style repository structure, which is what takes up disk space in the directories "pool" and "dists". Building a new CD may involve modifications to all three parts. This page shows a simple recipe for customizing the CD. It assumes that you copy the contents of the installation CD to `/opt/cd-image/` on your local system and create a couple of other dirs in `/opt/`. Modify as needed. {{attachment:IconsPage/note.png}} You might speed up the development cycle by using a virtual Ubuntu session, for example, using VirtualBox. You can then use the .ISO file to test rather than burning a CD. If you do, please note that you need to perform ALL operations described here on the GUEST system. Note that with VirtualBox, during an installation (Host key)-F4 will display the installation output and (Host key)-F1 will return you to the general status screen. Note that the host key is set to the right Ctrl key by default. {{attachment:IconsPage/note.png}} This guide is for the 'Alternative Install' or 'Server Install' CDs. There is a page referring to customization of the [[LiveCDCustomization | Desktop (Live) CD]], and another guide on [[LiveCDCustomizationFromScratch | how to create a Live CD without using an existing CD at all.]] Although the 'Server Install' images are supposed to fit on usual CD media, you may as well use DVD or BD (Blu-ray) media. In the following text, read "CD" as "CD, DVD, or BD". At least since release 12.04, the images also work from USB stick or other hard-disk-like storage devices. USB stick on amd64 UEFI works since 14.04. = Get the ISO = Below is a list of original images which you can use : ||'''Type'''||||'''Ubuntu 16.04 LTS'''||||'''Ubuntu 18.04 LTS'''||||'''Ubuntu 19.10'''|| ||Alternate||||n/a||||n/a||||n/a|| ||Server||||[[http://releases.ubuntu.com/16.04/ubuntu-16.04.6-server-i386.iso|i386]]|[[http://releases.ubuntu.com/16.04/ubuntu-16.04.6-server-amd64.iso|amd64]]||||[[http://cdimage.ubuntu.com/releases/18.04/release/ubuntu-18.04.3-server-amd64.iso|amd64]]||||[[http://cdimage.ubuntu.com/releases/19.10/release/ubuntu-19.10-server-amd64.iso|amd64]]|| As time goes by, some will vanish or be replaced. But [[http://releases.ubuntu.com/|releases.ubuntu.com]] will hopefully continue to show a list of available release directories with some `*server*.iso` images in them. = Copy the CD to your hard drive = Copy the entire installation CD to a directory on your hard drive. This guide will assume your CD image is in /opt/cd-image/, but you can put it wherever you like. It will take around 1GB of hard drive space. If you have an ISO file, you can mount it and copy files out of it without burning it to CD: {{{ mount -o loop /path/to/iso /some/mountpoint }}} Use "Gmount-iso" program for a GUI method of mounting iso files. You can also try "ISO Master" to access the iso file directly without mounting. You can use '''rsync''' to copy the CD: {{{ rsync -av /cdrom/ /opt/cd-image }}} or just {{{ mkdir -p /opt/cd-image cp -rT /cdrom /opt/cd-image }}} Note: the -p option for mkdir creates the leadin directories if they don't already exist. In this example, /opt is created if it doesn't already exist. Be sure to catch the folder ''.disk'' - if you try and copy /cdrom/*, it will ignore the .disk folder, as Bash expands the * to mean "everything it can see". If you use a filemanager program like Nautilus, be sure to launch it with "gksu nautilus" and mark "Show Hidden Files" from "View" menu or you miss some important files. After the copy is done, change file ownership from "root" if you don't plan to do the rest of the work with sudo. = Modify installer behaviour using a Preseed file = When the CD boots up, a Linux kernel is started and the installation tasks are initiated. The installer's default behavior can be modified through the use of a "preseed" file, which feeds d-i answers to questions normally asked by debconf, or in other contexts. If you look in the `preseed` folder in the install CD, you'll see that certain options (e.g. "server", "expert", "oem") already have preseed files assigned to them. The [[https://help.ubuntu.com/lts/installation-guide/amd64/apb.html|installation guide]] has a detailed appendix on preseeding. Suppose you are installing Ubuntu on a bunch of identical computers, and you already know the answers to certain questions (what country and time zone you're in, what keyboard you have, how the network should be configured, how you want to partition the hard disk, etc). You can "preseed" the answers to these questions in a very simple configuration file. There're several ways to setup the boot-loader configuration. == Changing isolinux.cfg to identify your preseed == We will create a preseed file called 'firewall.seed', which will live in the /preseed folder of the CD-ROM. We tell d-i where to find this file by modifying the boot-loader configuration file, located in isolinux/isolinux.cfg (or in 8.10 or later, isolinux/text.cfg), to pass appropriate parameters on the kernel command line. In /opt/cd-image/isolinux/isolinux.cfg, add a new section labeled like this: {{{ LABEL firewall menu label ^Firewall installation kernel /install/vmlinuz append preseed/file=/cdrom/preseed/firewall.seed debian-installer/locale=en_NZ console-setup/layoutcode=us initrd=/install/initrd.gz ramdisk_size=16384 root=/dev/ram rw quiet -- }}} If you want to set the default selected menu item to your custom seed, change the DEFAULT line to read 'DEFAULT firewall'. For totally automatic installation with a predefined language (in this example, Estonian), you need to add some more parameters: {{{ LABEL firewall menu label ^Firewall installation (Estonian) kernel /install/vmlinuz append file=/cdrom/preseed/firewall.seed debian-installer/locale=et_EE console-setup/layoutcode=et localechooser/translation/warn-light=true localechooser/translation/warn-severe=true initrd=/install/initrd.gz ramdisk_size=16384 root=/dev/ram rw quiet -- }}} To make the installer autochoose the default option and start installing after a timeout, add this line to isolinux/isolinux.cfg (in all versions). {{{ timeout 10 }}} {{attachment:IconsPage/note.png}} Timeout values are in tenths of a second, therefore a timeout value of 10 is equal to one second. You must specify a locale and keyboard on the command line, as these questions are asked before the seed is loaded. You can also set DEBCONF_PRIORITY here to ensure you don't see any unnecessary debconf questions. (On Ubuntu 6.06 and older, use `kbd-chooser/method=us` rather than `console-setup/layoutcode=us`.) == Changing grub.cfg to identify your preseed == We will create a preseed file called 'custom.seed', which will live in the /preseed folder of the CD-ROM. We tell d-i where to find this file by modifying the boot-loader configuration file, located in boot/grub/grub.cfg, to pass appropriate parameters on the kernel command line. In /opt/cd-image/boot/grub/grub.cfg, add a new section labeled like this: {{{ menuentry "Install Ubuntu Server custom" { set gfxpayload=keep linux /install/vmlinuz file=/cdrom/preseed/custom.seed debian-installer/locale=en_US console-setup/layoutcode=us quiet --- initrd /install/initrd.gz } }}} == Writing the preseed file == A preseed file has 4 fields per line: |
| Line 63: | Line 121: |
| Two important notes: currently, d-i expects there to be exactly one space between variable type and variable value; and the version of d-i used in breezy does not allow lines to be broken by the '\' character (newer versions do allow this). I recommend starting with someone else's preseed file and modifying it -- there's one available at [http://archive.ubuntu.com/ubuntu/dists/breezy/main/installer-i386/current/doc/manual/en/apcs01.html]. If you can't find what you're looking for, try executing the following commands: {{{ |
It looks something like this (from the default ubuntu-server.seed on the 16.04 CD): {{{ # Suggest LVM by default. d-i partman-auto/init_automatically_partition string some_device_lvm d-i partman-auto/init_automatically_partition seen false # Install the Ubuntu Server seed. tasksel tasksel/force-tasks string server # Only install basic language packs. Let tasksel ask about tasks. d-i pkgsel/language-pack-patterns string # No language support packages. d-i pkgsel/install-language-support boolean false # Only ask the UTC question if there are other operating systems installed. d-i clock-setup/utc-auto boolean true # Verbose output and no boot splash screen. d-i debian-installer/quiet boolean false d-i debian-installer/splash boolean false # Install the debconf oem-config frontend (if in OEM mode). d-i oem-config-udeb/frontend string debconf # Wait for two seconds in grub d-i grub-installer/timeout string 2 # Add the network and tasks oem-config steps by default. oem-config oem-config/steps multiselect language, timezone, keyboard, user, network, tasks }}} {{attachment:IconsPage/important.png}} d-i expects there to be [[http://d-i.alioth.debian.org/manual/en.i386/apbs03.html|exactly one tab or space between variable type and variable value]] (any other space is seen as being part of the value) The easiest way to create a preseed file is to start with an example and modify it: 1. The Ubuntu installation guide ([[https://help.ubuntu.com/16.04/installation-guide/amd64/apb.html|16.04]]) has examples of many common preseed directives. (Bear in mind that you may need to modify some to work on older versions.) 2. You could check out [[http://wiki.debian.org/DebianInstaller/Preseed|Debian's wiki page on preseeding the installer]] - 6.06 and higher are aligned with Etch and newer versions of the Debian installer, although there are some important differences that apply to preseeding. 3. If you can't find the option you're looking for you can generate a comprehensive preseed file based on your own install time choices by using `debconf-get-selections` `debconf-get-selections` usage: {{{ sudo apt-get install debconf-utils # It is part of the debconf-utils package. |
| Line 73: | Line 160: |
| This will output a list of all debconf options you've chosen throughout your install; the file will be pretty long and not really suitable for inclusion on an install disk. In particular, '''NOTE:''' debconf-get-selections prints '''2''' spaces between variable type and variable value. You'll need to change that before putting such a file on a disk. If you want to instruct d-i to install extra packages, or to install only a minimal set you need to change the "base-config/package-selection" directive in the preseed. This should be set to an aptitude pattern; see the aptitude documentation for more information on these. For instance, to install an SSH server along with the standard installation, use this line: {{{ base-config base-config/package-selection string ~t^ubuntu-standard$|~t^ubuntu-desktop$|~n^openssh-server$ }}} To install support for additional languages, a different mechanism is available, namely to preseed the detailed locale question asked by the installer in expert mode. See the first column of `/usr/share/i18n/SUPPORTED` for the locale names you can use here. For example, to add support for Bengali and Tamil, use this line: |
This will output a list of all debconf options you've chosen throughout your install; you can pick options out of this and put them into your preseed file. {{attachment:IconsPage/warning.png}} debconf-get-selections prints '''2''' spaces between variable type and variable value. You need to change this to one space before putting the line in a preseed file. === Installing extra packages in your preseed file === {{attachment:IconsPage/important.png}} base-config has been removed from debian-installer since Ubuntu 6.06. In Ubuntu 6.06 and older: {{{ d-i pkgsel/install-pattern string ~t^ubuntu-standard$|~n^openssh-server$ }}} In Ubuntu 8.04 and newer: (packages may be separated with commas and/or spaces and continued to another line with a back-slash): {{{ d-i pkgsel/include string gstreamer0.10-plugins-base \ gstreamer0.10-plugins-good \ gstreamer0.10-plugins-ugly \ gstreamer0.10-plugins-bad }}} {{attachment:IconsPage/warning.png}} The installer can not install packages which rely on services that would normally be running in an installed system, but which are not running in the environment of the Debian installer. One example of this would be packages which create or modify a database at installation time, and require a postgresql or mysql server to be running. In this case, you will need to use a postinst script, start the necessary database server in the /target chroot, and then call "apt-install" (if outside the chroot environment) or apt-get (inside the chroot). === Installing language support === A different mechanism is used to install additional languages. Preseed the detailed locale question asked by the installer in expert mode. See the first column of `/usr/share/i18n/SUPPORTED` for the locale names you can use here. For example, to add support for Bengali and Tamil, use this line: |
| Line 87: | Line 193: |
| == Modify pool structure to include/delete packages == Probably the main reason to build your own install CDs is to modify which packages are installed; in particular you may want to add some packages to the CD. There are several ways to do this, none of which I understand fully. The easiest thing to do is to build a minimal repository structure containing only your own extra .debs, and merge these into the CD file hierarchy before rebuilding the iso image. The tricky parts here are: generate the Packages files that the Debian package management system expects to see when it encounters a repository; generate the top-level Release file the Debian package management system expects; and sign the release file with gpg. Here's what I did. *. designate a file directory as your staging area; in that directory, {{{ mkdir -p dists/breezy/extras/binary-i386 pool/extras/ isolinux preseed }}} Put your modified isolinux.cfg in isolinux/, and your preseed file in preseed/. *. put all the extra debs you need on your cd into pool/extras/. You will also need to include a new version of ubuntu-keyring, which I'll explain about in a second. *. in a text editor or some other way make a new file dists/breezy/extras/binary-i386/Release with the following content: {{{ Archive: breezy Version: 5.10 Component: extras Origin: Ubuntu Label: Ubuntu Architecture: i386 }}} *. merge your changes into the cd thusly: a. mount your "clean" downloaded iso: {{{mount /path/to/iso /some/mountpoint/ -o loop}}} b. copy all the files to a directory somewhere (you'll need a gigabyte or two off space); I use rsync: {{{sudo rsync -azvb --delete --backup-dir=/yeowe/usr/cdbuilder/old/ $MOUNT $BUILD}}} (where $MOUNT isthe mountpoint, $BUILD is the location of the extracted contents) c. if your new CD folder is likely to be too large, use the following script from inside pool/main to strip out all packages which are unwanted (that is, packages which aren't currently installed): {{{ #!/bin/bash for j in * do cd $j for k in * do cd $k for l in *.deb do if [ $l != "*.deb" ] then n=$(dpkg -l $(echo $l | cut -f1 -d"_") 2> /dev/null| grep "^ii") if [ -z "$n" ] then rm $l fi fi done cd .. done cd .. done find -depth -type d -empty -exec rmdir {} \; }}} d. '''This is important'''. In just a minute we will generate the packages file and the top-level release file using the apt-ftparchive tool. Then we will need to sign the release file using a gpg key. The install system will then check the signature against the public keys held in the package ubuntu-keyring. But your signature isn't in that keyring. So you need to make a new version of the ubuntu-keyring package. This is actually really easy, but it took me forever to do it right. So here's the necessary code: {{{ |
=== Running a Final Script === You can run a script in the final part of the installation. The following example runs a script that has been copied onto the installation CD in the setup/install folder. This script runs in the target environment, thus can run scripts in any language (e.g. Python or Perl) that has been installed on the target system. {{{ d-i preseed/late_command string chroot /target bash /cdrom/setup/install/settings.sh }}} {{attachment:IconsPage/warning.png}} The above command may not work on 8.10 or later; to copy the script to the target and then execute it, try this: {{{ d-i preseed/late_command string cp /cdrom/finisher/finisher.sh /target/root/; chroot /target chmod +x /root/finisher.sh; chroot /target bash /root/finisher.sh }}} Generally, a script run from the seed file via late_command, cannot interact with the user. If you need to interact, there are generally three options: * Create a custom UDEB that interacts with debconf, and include it with the CD. * Create a 'firstrun' script that executes the first time the system boots, and disables itself on completion. * [[/AccessDebconfFromYourScript|Access debconf directly within your script]]. {{attachment:IconsPage/warning.png}} A preseed script run via late_command that attempts to run "chroot /target apt-get ..." (or similar) may run into problems (e.g. file descriptor 3 not found in the postinst stage of some packages, dash being one example). This is caused by your script inheriting environment variables from the already running installer. To solve this, clear the environment variables in your script before calling apt-get: {{{ unset DEBCONF_REDIR unset DEBCONF_FRONTEND unset DEBIAN_HAS_FRONTEND unset DEBIAN_FRONTEND }}} = Modify pool structure to include more packages = Probably the prime motivation to build your own install CDs is to modify which packages are installed; in particular you may want to add some packages to the CD. The easiest way to do this is to build an 'extras' repository structure, containing only your extra .debs, and merge these into the CD file hierarchy before rebuilding the .ISO image. This guide will step you through how to do this. This requires you to generate the Packages files that defines what files are in your repository; the Release file that indexes your Packages files, and the signed Release.gpg file, approving the repository as being official. == Create an "Extras" component == {{attachment:IconsPage/important.png}} The following example references Ubuntu 16.04 ("xenial"). Substitute your version where appropriate. Create directories for your new component (substituting your version where appropriate): {{{ cd /opt/cd-image mkdir -p pool/extras/ }}} Put all the extra .debs you want on your CD into `pool/extras`. On the [[/Scripts|scripts page]] there is a useful script that will strip out all of the packages from your CD image that are not currently installed. You will need to run `apt-ftparchive` (below) to generate the Packages file. == Generating a new ubuntu-keyring .deb to sign your CD == In order to sign the Release file, we need to use GPG. The install system will then check the signature against the public keys held in the package ubuntu-keyring. You do not have a private key that matches one of the ones in the shipped ubuntu-keyring, so we need to build a custom version of the ubuntu-keyring package. Install the `gnupg` package if you do not have it already. To create a signing key, enter `gpg --gen-key`. Accept the defaults, (for this use, it is probably OK to use "No expiry"). For your Real Name and E-mail address, you might like to use something like "XXX Signing Key" and "packages@xxx.example.org". Enter an appropriate passphrase. In another directory (I use `/opt/build/`), we will download the source for the ubuntu-keyring package, unpack it, add our own GPG key, and rebuild the package. These steps import the 2 Ubuntu public signing keys into your main keyring, then exports them, along with your own public signing key, into a replacement keyring. "YOURKEYID" should be replaced with the 8-digit hexadecimal code that gpg tells you when you do the --list-keys command. "Signing Key Name" is what you used in the previous step, when running `gpg --gen-key`. To clarify, below is an example 'gpg --list-keys' response. In this example, "YOURKEYID" immediately follows the '/' on the line beginning with 'pub' (which in this example is '437D05B5'.) {{{ gpg --list-keys pub 1024D/437D05B5 2006-09-08 uid XXX Signing Key <packages@xxx.example.org> sub 2048g/79164387 2006-09-08 }}} If you change the package's version number (e.g. using `dch`), then make sure that the version number you choose does not contain a "`-`" character: if it does, then you'll be converting the package away from the "native" format and you will have to do some extra steps. It's simpler to use a version number such as "`2012.05.19+custom1`", putting your preferred local part after the "`+`" character. Here is an example, which you will need to customize to suit your own setup: {{attachment:IconsPage/important.png}} The following example references Ubuntu 16.04 ("xenial"). Substitute your version where appropriate. {{{ cd /opt/build sudo apt-get install fakeroot # requires the fakeroot package which may not be installed on your system. |
| Line 147: | Line 270: |
| cd ubuntu-keyring--2005.01.11/keyring | cd ubuntu-keyring-2012.05.19/keyrings |
| Line 149: | Line 272: |
| gpg --list-keys "Your Name" gpg --export FBB75451 437D05B5 YOURKEYID > ubuntu-archive-keyring.gpg cd .. dpkg-buildpackage -rfakeroot -m"Your Name <your.email@your.host> -k"Your Name <your.email@your.host>" cp ubuntu-keyring*deb $BUILD/pool/extras/ }}} '''NOTE:''' Copying the ubuntu-keyring (u)deb to the above location will not work correctly for Dapper CDs. I have tested it with flight4 and flight5 and the result of the above is that the installer cannot find the kernel as it cannot extract the correct GPG key (the one you signed the Release file with). In order for the procedure to work, you need to copy the generated ubuntu-keyring*deb files to $BUILD/pool/main/u/ubuntu-keyring instead. OK -- what we've done here is import the 2 Ubuntu keys into your main keyring, then exported them along with your own key into a replacement keyring. "YOURKEYID" should be replaced with the 8-digit hexadecimal code that gpg tells you when you do the --list-keys command above. And really, the best policy would be to do all that first, and copy a version into your $STAGE file structure so that you have it permanently available. Note: If you do not have an existing gpg signing key, use the following code: {{{ gpg --gen-key }}} Accept all defaults, select "No expiry", and enter an appropriate passphrase. In order to use apt-ftparchive, we will need to provide it with some defaults. Create the files "apt-ftparchive-deb.conf, "apt-ftparchive-udeb.conf", and "apt-ftparchive-extras.conf" as follows (substitude $BUILD for the absolute path to your BUILD directory, and /path/to/indices to the location of the indices files, which you can download from http://archive.ubuntu.com/ubuntu/indices/ ): {{{ apt-ftparchive-deb.conf: |
gpg --list-keys "Signing Key Name" gpg --export FBB75451 437D05B5 C0B21F32 EFE21092 YOURKEYID > ubuntu-archive-keyring.gpg cd .. # you are now on ubuntu-keyring-2012.05.19 dpkg-buildpackage -rfakeroot -m"Your Name <your.email@your.host>" -kYOURKEYID cd .. # you are now on the directory where you started, in the example, /opt/build cp ubuntu-keyring*deb /opt/cd-image/pool/main/u/ubuntu-keyring }}} You will end up with a udeb file for the installer, and a .deb file for the system. Both files need to be copied into the '''main''' component of your CD, because the CD will not check the extras directory. == Generate a new filesystem.squashfs with the updated ubuntu-archive-keyring.gpg == To prevent the possible issue during installation, we need to regenerate filesystem.squashfs by updating the ubuntu-archive-keyring.gpg we just exported. There are three paths to being replaced: * $chroot/usr/share/keyrings/ubuntu-archive-keyring.gpg * $chroot/etc/apt/trusted.gpg * $chroot/var/lib/apt/keyrings/ubuntu-archive-keyring.gpg Furthermore, filesystem.size also needs to be updated: {{{ cd new-squashfs-root du -sx --block-size=1 ./ | cut -f1 > /opt/cd-image/install/filesystem.size }}} == Building the repository with apt-ftparchive == `apt-ftparchive` builds the `Packages` and `Packages.gz` files, needed by the installer. In order to use `apt-ftparchive` we will need to provide it with some configuration and some index files. {{attachment:IconsPage/important.png}} If you will be adding .deb files to pool/universe (eg. customizing xubuntu) you will also need to wget extra.universe and universe files. We will put the index files in `/opt/indices`: {{{ mkdir -p /opt/indices /opt/apt-ftparchive cd /opt/indices/ DIST=xenial for SUFFIX in extra.main main main.debian-installer restricted restricted.debian-installer; do wget http://archive.ubuntu.com/ubuntu/indices/override.$DIST.$SUFFIX done }}} Create the files `apt-ftparchive-deb.conf`, `apt-ftparchive-udeb.conf`, `apt-ftparchive-extras.conf`, and `release.conf` in a directory (`/opt/apt-ftparchive`), substituting `/opt/cd-image/` for the path to your CD image directory, and `/opt/indices/` for the location of the index files, if they differ. {{attachment:IconsPage/important.png}} The .conf files shown here are sufficient if you are ONLY making changes to .deb files under pool/main and pool/restricted. If you are adding security updates to a Xubuntu customized CD, though, you will be updating .deb files under pool/universe also, so you will need to add lines to `apt-ftparchive-deb.conf` for universe, similar to the lines shown for main. You will also need to run extraoverride.pl for universe as well as for main - see below. __/opt/apt-ftparchive/apt-ftparchive-deb.conf:__ {{{ |
| Line 173: | Line 320: |
| ArchiveDir "$BUILD"; | ArchiveDir "/opt/cd-image/"; |
| Line 181: | Line 328: |
| Packages "dists/breezy/main/binary-i386/Packages"; BinOverride "/path/to/indices/override.breezy.main"; ExtraOverride "path/to/indices/override.breezy.extra.main"; }; // Uncomment the lines below if you're customizing the Dapper release //BinDirectory "pool/restricted" { // Packages "dists/dapper/restricted/binary-i386/Packages"; // BinOverride "/path/to/indices/override.dapper.restricted"; //}; |
Packages "dists/xenial/main/binary-amd64/Packages"; BinOverride "/opt/indices/override.xenial.main"; ExtraOverride "/opt/indices/override.xenial.extra.main"; }; BinDirectory "pool/restricted" { Packages "dists/xenial/restricted/binary-amd64/Packages"; BinOverride "/opt/indices/override.xenial.restricted"; }; |
| Line 202: | Line 348: |
}}} {{{ apt-ftparchive-udeb.conf: |
}}} The !ExtraOverride component above is needed to add the `Task:` line to main packages, referenced from the preseed file with ~t<task name>. This is not supplied - but can be extracted from the existing main Packages file with the simple perl script below. {{{ \#!/usr/bin/env perl # extraoverride.pl # generate ExtraOverride file # use as follows :- # extraoverride.pl < /opt/cd-image/dists/xenial/main/binary-amd64/Packages >> /opt/indices/override.xenial.extra.main while (<>) { chomp; next if /^ /; if (/^$/ && defined($task)) { print "$package Task $task\n"; undef $package; undef $task; } ($key, $value) = split /: /, $_, 2; if ($key eq 'Package') { $package = $value; } if ($key eq 'Task') { $task = $value; } } }}} {{attachment:IconsPage/note.png}} If customizing Xubuntu, and adding new .deb files to pool/universe, run this script for the universe repository also. {{attachment:IconsPage/note.png}} The !ExtraOverride process can be optional to skip it. __/opt/apt-ftparchive/apt-ftparchive-udeb.conf:__ {{{ |
| Line 208: | Line 385: |
| ArchiveDir "$BUILD"; | ArchiveDir "/opt/cd-image/"; |
| Line 216: | Line 393: |
| Packages "dists/breezy/main/debian-installer/binary-i386/Packages"; BinOverride "/path/to/indices/override.breezy.main.debian-installer"; }; // Uncomment the lines below if you're customizing a Dapper release //BinDirectory "pool/restricted" { // Packages "dists/dapper/restricted/debian-installer/binary-i386/Packages"; // BinOverride "/path/to/indices/override.dapper.restricted.debian-installer"; //}; |
Packages "dists/xenial/main/debian-installer/binary-amd64/Packages"; BinOverride "/opt/indices/override.xenial.main.debian-installer"; }; BinDirectory "pool/restricted" { Packages "dists/xenial/restricted/debian-installer/binary-amd64/Packages"; BinOverride "/opt/indices/override.xenial.restricted.debian-installer"; }; |
| Line 236: | Line 412: |
| }}} | }}} __/opt/apt-ftparchive/apt-ftparchive-extras.conf:__ |
| Line 239: | Line 417: |
| apt-ftparchive-extras.conf: | |
| Line 241: | Line 418: |
| ArchiveDir "$BUILD"; | ArchiveDir "/opt/cd-image/"; |
| Line 249: | Line 426: |
| Packages "dists/breezy/extras/binary-i386/Packages"; | Packages "dists/xenial/extras/binary-amd64/Packages"; |
| Line 262: | Line 439: |
| }}} *. Now use apt-ftparchive to make the Packages and Release files: |
}}} {{attachment:IconsPage/important.png}} You need to build the Packages file in ''dists/xenial/extras/binary-amd64/Packages'' using ''dpkg-scanpackages''. See [[http://www.debian.org/doc/manuals/repository-howto/repository-howto|here]] for an explanation. {{attachment:IconsPage/important.png}} The following example of creating Packages references Ubuntu 16.04 ("xenial"). Substitute your version where appropriate. Use apt-ftparchive to finish above step. {{{ cd /opt/cd-image apt-ftparchive packages pool/extras > dists/stable/extras/binary-amd64/Packages gzip -c dists/stable/extras/binary-amd64/Packages | tee dists/stable/extras/binary-amd64/Packages.gz > /dev/null }}} __/opt/apt-ftparchive/release.conf__ This is the configuration file for apt-ftparchive. Change to suit your distribution version: |
| Line 268: | Line 458: |
| cd $BUILD sudo apt-ftparchive -c $APTCONF generate /path/to/apt-ftparchive-deb.conf sudo apt-ftparchive -c $APTCONF generate /path/to/apt-ftparchive-udeb.conf sudo apt-ftparchive -c $APTCONF generate /path/to/apt-ftparchive-extras.conf }}} '''NOTE:''' For Dapper custom CD (possibly for Breezy as well, but I haven't tested it and I assume the original author of this HOWTO tested the procedure) you need to issue one more command after the above: {{{ sudo apt-ftparchive -c $APTCONF release $BUILD/dists/$DISTNAME | sudo tee $BUILD/dists/$DISTNAME/Release 2>&1 > /dev/null }}} where '''$DISTNAME''' should be replaced with '''breezy''' or '''dapper''' for the name of the release you are customizing. $APTCONF is a file somewhere that looks about like this: {{{APT::FTPArchive::Release::Origin "Ubuntu"; |
APT::FTPArchive::Release::Origin "Ubuntu"; |
| Line 285: | Line 460: |
| APT::FTPArchive::Release::Suite "breezy"; APT::FTPArchive::Release::Version "5.10"; APT::FTPArchive::Release::Codename "breezy"; APT::FTPArchive::Release::Architectures "i386"; |
APT::FTPArchive::Release::Suite "xenial"; APT::FTPArchive::Release::Version "16.04"; APT::FTPArchive::Release::Codename "xenial"; APT::FTPArchive::Release::Architectures "amd64"; |
| Line 290: | Line 465: |
| APT::FTPArchive::Release::Description "Ubuntu Breezy"; }}} a. sign the Release file with gpg: {{{ sudo gpg --default-key "MY GPG KEY ID" --output $BUILD/dists/breezy/Release.gpg -ba $BUILD/dists/breezy/Release }}} *. Regenerate the md5 checksums: {{{ cd $BUILD |
APT::FTPArchive::Release::Description "Ubuntu 16.04 LTS"; }}} To build the repository, sign it, and update the MD5SUM file, you can use a script like this: {{{ BUILD=/opt/cd-image APTCONF=/opt/apt-ftparchive/release.conf DISTNAME=xenial pushd $BUILD apt-ftparchive -c $APTCONF generate /opt/apt-ftparchive/apt-ftparchive-deb.conf apt-ftparchive -c $APTCONF generate /opt/apt-ftparchive/apt-ftparchive-udeb.conf apt-ftparchive -c $APTCONF generate /opt/apt-ftparchive/apt-ftparchive-extras.conf apt-ftparchive -c $APTCONF release $BUILD/dists/$DISTNAME > $BUILD/dists/$DISTNAME/Release gpg --default-key "YOURKEYID" --output $BUILD/dists/$DISTNAME/Release.gpg -ba $BUILD/dists/$DISTNAME/Release |
| Line 300: | Line 483: |
| }}} *. Then we re-build the cd. '''NOTE: ''' This procedure is specific to the Intel x86 (i386) and x86_64 (amd64) live CDs. Other architectures, such as PowerPC and IA64, will require different command line options. {{{ $ sudo mkisofs -r -V "Custom Ubuntu Install CD" \ |
popd }}} "YOURKEYID" is the key id you put in your own compiled keyring package before. = Preparing the bootable medium = At this point, you have a directory which is ready to be collected into an .ISO file and then burnt to a CD or copied to a USB stick. == Building the ISO image == __x86 and AMD64__ {{{ IMAGE=custom.iso BUILD=/opt/cd-image/ mkisofs -r -V "Custom Ubuntu Install CD" \ |
| Line 311: | Line 508: |
| On PowerPC, download [http://people.ubuntu.com/~cjwatson/hfs.map], then use the following command: {{{ $ sudo mkisofs -r -V "Custom Ubuntu Install CD" \ |
__x86 and AMD64 with isohybrid__ The original `i386` and `amd64` ISOs have a Master Boot Record (MBR) which makes them bootable from USB stick via legacy BIOS firmware. {{{ # The MBR x86 machine code bytes from the original ISO are known to match # the isolinux.bin file inside that ISO. So copy them to a file in /tmp/. OLD_IMAGE=/path/to/iso MBR_FILE=/tmp/ubuntu_isohybrid_mbr.img dd if="$OLD_IMAGE" bs=1 count=446 of="$MBR_FILE" IMAGE=custom.iso BUILD=/opt/cd-image/ xorriso -as mkisofs -r -V "Custom Ubuntu Install CD" \ -cache-inodes -J -l \ -isohybrid-mbr "$MBR_FILE" \ -partition_offset 16 \ -c isolinux/boot.cat \ -b isolinux/isolinux.bin \ -no-emul-boot -boot-load-size 4 -boot-info-table \ -o "$IMAGE" \ "$BUILD" "$BUILD" rm "$MBR_FILE" }}} __AMD64 with isohybrid and UEFI__ Additionally to the MBR for legacy BIOS, the `amd64` ISOs since 14.04 can boot from CD and from USB stick via the modern UEFI firmware. Its entry point is marked for USB stick by the MBR partition entry 2, which points to the data content of file `/boot/grub/efi.img`. Together with UEFI bootability from CD this is achieved by the additional options from `-eltorito-alt-boot` to `-isohybrid-gpt-basdat`. {{{ OLD_IMAGE=/path/to/iso MBR_FILE=/tmp/ubuntu_isohybrid_mbr.img dd if="$OLD_IMAGE" bs=1 count=446 of="$MBR_FILE" IMAGE=custom.iso BUILD=/opt/cd-image/ xorriso -as mkisofs -r -V "Custom Ubuntu Install CD" \ -cache-inodes -J -l \ -isohybrid-mbr "$MBR_FILE" \ -c isolinux/boot.cat \ -b isolinux/isolinux.bin \ -no-emul-boot -boot-load-size 4 -boot-info-table \ -eltorito-alt-boot \ -e boot/grub/efi.img \ -no-emul-boot -isohybrid-gpt-basdat \ -o "$IMAGE" \ "$BUILD" rm "$MBR_FILE" }}} __Power PC__ Download [[http://people.ubuntu.com/~cjwatson/hfs.map|the HFS map]], then use the following command: {{{ IMAGE=custom.iso BUILD=/opt/cd-image/ mkisofs -r -V "Custom Ubuntu Install CD" \ |
| Line 316: | Line 572: |
| -hfs-volid Ubuntu/PowerPC_breezy \ | -hfs-volid Ubuntu/PowerPC_hardy \ |
| Line 320: | Line 576: |
| On ia64: {{{ $ sudo mkisofs -r -V 'Custom Ubuntu 5.10 install ia64' \ |
__ia64__ {{{ IMAGE=custom.iso BUILD=/opt/cd-image/ mkisofs -r -V 'Custom Ubuntu Install CD' \ |
| Line 328: | Line 588: |
| *. finally, burn your cd using cdrecord: {{{ sudo nice -18 cdrecord dev=ATA:1,1,0 speed=12 --blank=fast -v -gracetime=2 -tao $IMAGE }}} that will burn the image on the second cd drive; if your cd-burner is the first or only cd-drive, change dev argument to ATA``:1,0,0. I '''strongly''' recommend using rewritable media -- I've burned a LOT of coasters on this project. OK, that should do it! Check out [:/Scripts:install CD customization scripts] that can be used to automate this process. |
== Burning the image to CD, DVD, or Blu-ray == {{{ sudo xorriso -as cdrecord dev=/dev/sr0 blank=as_needed -v $IMAGE }}} The first optical drive of a contemporary GNU/Linux system has address `/dev/sr0`. If in doubt, run the following command to learn about the existing drives and their /dev file adresses. {{{ sudo xorriso -devices }}} If your drive or media are old, then you might burn a lot of coasters in experimenting with this process. Re-usable media can ease the pain: CD-RW, DVD-RW, DVD+RW, DVD-RAM, BD-RE. == Putting an isohybrid image onto USB stick == If the `x86 and AMD` image was made by `xorriso` with `isohybrid` options, or if the `x86 and AMD` image was postprocessed by SYSLINUX program `isohybrid`, then it will boot from USB stick or hard disk, too. Such an image is not to be unpacked and installed to the USB stick by a program like 'Rufus' or 'UNetbootin', but rather to be written plainly to the base device file of the USB stick. This implies that the partition table of the stick will be overwritten and thus all data on the stick will become unaccessible, if not overwritten. === Verify device address or make a backup === The main problem on a GNU/Linux system is that you need superuser power to overwrite the whole USB stick, and that this power suffices to also spoil the content of your hard disk. So first verify that the device file address really leads to the intended device (e.g. by reading a few megabytes and watching it blink). If the USB stick is supposed to be Linux device "/dev/sdh": {{{ sudo umount /dev/sdh* dd if=/dev/sdh of=/dev/null bs=1024 count=100000 }}} or by making a backup of its complete content in a compressed disk file: {{{ sudo umount /dev/sdh* dd if=/dev/sdh | gzip >"$HOME"/red_usb_stick.gz }}} (Your `/dev/sd` address will probably end by a lower letter than "h". But this paragraph is all about not to spoil `/dev/sda` and other hard disks by mistake.) === Write to USB stick === Once you are convinced that this is the right device file address, copy the ISO image onto the USB stick by: {{{ sudo dd if="$IMAGE" bs=1M of=/dev/sdh ; sync }}} === Eventually restore backup === To later restore the original content of the USB stick, take the same care to really use the correct address and then: {{{ dd if="$HOME"/red_usb_stick.gz | sudo gunzip >/dev/sdh }}} Of course, the Ubuntu ISO image will be overwritten by this restore run. = Testing = You can now boot off your CD or USB stick. Select the new menu item you created. If you've used preseeding to stop the CD asking questions, the installation could be totally automatic. = Troubleshooting = * If your CD fails to read, try re-burning it, possibly at a slower speed. * If you get a red d-i screen, check the error message (use Alt-F2, Alt-F3 etc to cycle through the terminals to read the log), and fix your CD appropriately. The log file is /var/log/syslog , check the last lines. = See also = * Check out some [[/Scripts|install CD customization scripts]] that can be used to automate this process. |
Introduction
The process of customizing or "remastering" Ubuntu installation CDs is not especially complex, but it is a little tedious and finicky.
The Ubuntu installation CD (since Ubuntu 6.06, the 'alternative install' or 'server' CD) has three main parts: a boot-loader (Isolinux on AMD64/x86 systems, yaboot on PowerPC) and its configuration (which starts everything up); debian-installer (also known as d-i, which in this case is really a specialized miniature Ubuntu system); and a Debian-style repository structure, which is what takes up disk space in the directories "pool" and "dists". Building a new CD may involve modifications to all three parts.
This page shows a simple recipe for customizing the CD. It assumes that you copy the contents of the installation CD to /opt/cd-image/ on your local system and create a couple of other dirs in /opt/. Modify as needed.
You might speed up the development cycle by using a virtual Ubuntu session, for example, using VirtualBox. You can then use the .ISO file to test rather than burning a CD. If you do, please note that you need to perform ALL operations described here on the GUEST system. Note that with VirtualBox, during an installation (Host key)-F4 will display the installation output and (Host key)-F1 will return you to the general status screen. Note that the host key is set to the right Ctrl key by default.
This guide is for the 'Alternative Install' or 'Server Install' CDs. There is a page referring to customization of the Desktop (Live) CD, and another guide on how to create a Live CD without using an existing CD at all.
Although the 'Server Install' images are supposed to fit on usual CD media, you may as well use DVD or BD (Blu-ray) media. In the following text, read "CD" as "CD, DVD, or BD".
At least since release 12.04, the images also work from USB stick or other hard-disk-like storage devices. USB stick on amd64 UEFI works since 14.04.
Get the ISO
Below is a list of original images which you can use :
Type |
Ubuntu 16.04 LTS |
Ubuntu 18.04 LTS |
Ubuntu 19.10 |
|||
Alternate |
n/a |
n/a |
n/a |
|||
Server |
||||||
As time goes by, some will vanish or be replaced. But releases.ubuntu.com will hopefully continue to show a list of available release directories with some *server*.iso images in them.
Copy the CD to your hard drive
Copy the entire installation CD to a directory on your hard drive. This guide will assume your CD image is in /opt/cd-image/, but you can put it wherever you like. It will take around 1GB of hard drive space.
If you have an ISO file, you can mount it and copy files out of it without burning it to CD:
mount -o loop /path/to/iso /some/mountpoint
Use "Gmount-iso" program for a GUI method of mounting iso files. You can also try "ISO Master" to access the iso file directly without mounting.
You can use rsync to copy the CD:
rsync -av /cdrom/ /opt/cd-image
or just
mkdir -p /opt/cd-image cp -rT /cdrom /opt/cd-image
Note: the -p option for mkdir creates the leadin directories if they don't already exist. In this example, /opt is created if it doesn't already exist.
Be sure to catch the folder .disk - if you try and copy /cdrom/*, it will ignore the .disk folder, as Bash expands the * to mean "everything it can see".
If you use a filemanager program like Nautilus, be sure to launch it with "gksu nautilus" and mark "Show Hidden Files" from "View" menu or you miss some important files. After the copy is done, change file ownership from "root" if you don't plan to do the rest of the work with sudo.
Modify installer behaviour using a Preseed file
When the CD boots up, a Linux kernel is started and the installation tasks are initiated. The installer's default behavior can be modified through the use of a "preseed" file, which feeds d-i answers to questions normally asked by debconf, or in other contexts. If you look in the preseed folder in the install CD, you'll see that certain options (e.g. "server", "expert", "oem") already have preseed files assigned to them. The installation guide has a detailed appendix on preseeding.
Suppose you are installing Ubuntu on a bunch of identical computers, and you already know the answers to certain questions (what country and time zone you're in, what keyboard you have, how the network should be configured, how you want to partition the hard disk, etc). You can "preseed" the answers to these questions in a very simple configuration file. There're several ways to setup the boot-loader configuration.
Changing isolinux.cfg to identify your preseed
We will create a preseed file called 'firewall.seed', which will live in the /preseed folder of the CD-ROM. We tell d-i where to find this file by modifying the boot-loader configuration file, located in isolinux/isolinux.cfg (or in 8.10 or later, isolinux/text.cfg), to pass appropriate parameters on the kernel command line. In /opt/cd-image/isolinux/isolinux.cfg, add a new section labeled like this:
LABEL firewall menu label ^Firewall installation kernel /install/vmlinuz append preseed/file=/cdrom/preseed/firewall.seed debian-installer/locale=en_NZ console-setup/layoutcode=us initrd=/install/initrd.gz ramdisk_size=16384 root=/dev/ram rw quiet --
If you want to set the default selected menu item to your custom seed, change the DEFAULT line to read 'DEFAULT firewall'.
For totally automatic installation with a predefined language (in this example, Estonian), you need to add some more parameters:
LABEL firewall menu label ^Firewall installation (Estonian) kernel /install/vmlinuz append file=/cdrom/preseed/firewall.seed debian-installer/locale=et_EE console-setup/layoutcode=et localechooser/translation/warn-light=true localechooser/translation/warn-severe=true initrd=/install/initrd.gz ramdisk_size=16384 root=/dev/ram rw quiet --
To make the installer autochoose the default option and start installing after a timeout, add this line to isolinux/isolinux.cfg (in all versions).
timeout 10
Timeout values are in tenths of a second, therefore a timeout value of 10 is equal to one second.
You must specify a locale and keyboard on the command line, as these questions are asked before the seed is loaded. You can also set DEBCONF_PRIORITY here to ensure you don't see any unnecessary debconf questions.
(On Ubuntu 6.06 and older, use kbd-chooser/method=us rather than console-setup/layoutcode=us.)
Changing grub.cfg to identify your preseed
We will create a preseed file called 'custom.seed', which will live in the /preseed folder of the CD-ROM. We tell d-i where to find this file by modifying the boot-loader configuration file, located in boot/grub/grub.cfg, to pass appropriate parameters on the kernel command line. In /opt/cd-image/boot/grub/grub.cfg, add a new section labeled like this:
menuentry "Install Ubuntu Server custom" {
set gfxpayload=keep
linux /install/vmlinuz file=/cdrom/preseed/custom.seed debian-installer/locale=en_US console-setup/layoutcode=us quiet ---
initrd /install/initrd.gz
}
Writing the preseed file
A preseed file has 4 fields per line:
- identity of the program which will pick up this command
- name of the variable whose value will be passed
- variable type
- value of variable
It looks something like this (from the default ubuntu-server.seed on the 16.04 CD):
# Suggest LVM by default. d-i partman-auto/init_automatically_partition string some_device_lvm d-i partman-auto/init_automatically_partition seen false # Install the Ubuntu Server seed. tasksel tasksel/force-tasks string server # Only install basic language packs. Let tasksel ask about tasks. d-i pkgsel/language-pack-patterns string # No language support packages. d-i pkgsel/install-language-support boolean false # Only ask the UTC question if there are other operating systems installed. d-i clock-setup/utc-auto boolean true # Verbose output and no boot splash screen. d-i debian-installer/quiet boolean false d-i debian-installer/splash boolean false # Install the debconf oem-config frontend (if in OEM mode). d-i oem-config-udeb/frontend string debconf # Wait for two seconds in grub d-i grub-installer/timeout string 2 # Add the network and tasks oem-config steps by default. oem-config oem-config/steps multiselect language, timezone, keyboard, user, network, tasks
d-i expects there to be exactly one tab or space between variable type and variable value (any other space is seen as being part of the value)
The easiest way to create a preseed file is to start with an example and modify it:
The Ubuntu installation guide (16.04) has examples of many common preseed directives. (Bear in mind that you may need to modify some to work on older versions.)
You could check out Debian's wiki page on preseeding the installer - 6.06 and higher are aligned with Etch and newer versions of the Debian installer, although there are some important differences that apply to preseeding.
If you can't find the option you're looking for you can generate a comprehensive preseed file based on your own install time choices by using debconf-get-selections
debconf-get-selections usage:
sudo apt-get install debconf-utils # It is part of the debconf-utils package. debconf-get-selections --installer > somefile.txt debconf-get-selections >> somefile.txt
This will output a list of all debconf options you've chosen throughout your install; you can pick options out of this and put them into your preseed file.
debconf-get-selections prints 2 spaces between variable type and variable value. You need to change this to one space before putting the line in a preseed file.
Installing extra packages in your preseed file
base-config has been removed from debian-installer since Ubuntu 6.06.
In Ubuntu 6.06 and older:
d-i pkgsel/install-pattern string ~t^ubuntu-standard$|~n^openssh-server$
In Ubuntu 8.04 and newer: (packages may be separated with commas and/or spaces and continued to another line with a back-slash):
d-i pkgsel/include string gstreamer0.10-plugins-base \ gstreamer0.10-plugins-good \ gstreamer0.10-plugins-ugly \ gstreamer0.10-plugins-bad
The installer can not install packages which rely on services that would normally be running in an installed system, but which are not running in the environment of the Debian installer. One example of this would be packages which create or modify a database at installation time, and require a postgresql or mysql server to be running. In this case, you will need to use a postinst script, start the necessary database server in the /target chroot, and then call "apt-install" (if outside the chroot environment) or apt-get (inside the chroot).
Installing language support
A different mechanism is used to install additional languages. Preseed the detailed locale question asked by the installer in expert mode. See the first column of /usr/share/i18n/SUPPORTED for the locale names you can use here. For example, to add support for Bengali and Tamil, use this line:
d-i localechooser/supported-locales multiselect bn_IN, ta_IN
Running a Final Script
You can run a script in the final part of the installation. The following example runs a script that has been copied onto the installation CD in the setup/install folder. This script runs in the target environment, thus can run scripts in any language (e.g. Python or Perl) that has been installed on the target system.
d-i preseed/late_command string chroot /target bash /cdrom/setup/install/settings.sh
The above command may not work on 8.10 or later; to copy the script to the target and then execute it, try this:
d-i preseed/late_command string cp /cdrom/finisher/finisher.sh /target/root/; chroot /target chmod +x /root/finisher.sh; chroot /target bash /root/finisher.sh
Generally, a script run from the seed file via late_command, cannot interact with the user. If you need to interact, there are generally three options:
- Create a custom UDEB that interacts with debconf, and include it with the CD.
- Create a 'firstrun' script that executes the first time the system boots, and disables itself on completion.
A preseed script run via late_command that attempts to run "chroot /target apt-get ..." (or similar) may run into problems (e.g. file descriptor 3 not found in the postinst stage of some packages, dash being one example). This is caused by your script inheriting environment variables from the already running installer. To solve this, clear the environment variables in your script before calling apt-get:
unset DEBCONF_REDIR unset DEBCONF_FRONTEND unset DEBIAN_HAS_FRONTEND unset DEBIAN_FRONTEND
Modify pool structure to include more packages
Probably the prime motivation to build your own install CDs is to modify which packages are installed; in particular you may want to add some packages to the CD.
The easiest way to do this is to build an 'extras' repository structure, containing only your extra .debs, and merge these into the CD file hierarchy before rebuilding the .ISO image. This guide will step you through how to do this.
This requires you to generate the Packages files that defines what files are in your repository; the Release file that indexes your Packages files, and the signed Release.gpg file, approving the repository as being official.
Create an "Extras" component
The following example references Ubuntu 16.04 ("xenial"). Substitute your version where appropriate.
Create directories for your new component (substituting your version where appropriate):
cd /opt/cd-image mkdir -p pool/extras/
Put all the extra .debs you want on your CD into pool/extras.
On the scripts page there is a useful script that will strip out all of the packages from your CD image that are not currently installed. You will need to run apt-ftparchive (below) to generate the Packages file.
Generating a new ubuntu-keyring .deb to sign your CD
In order to sign the Release file, we need to use GPG. The install system will then check the signature against the public keys held in the package ubuntu-keyring. You do not have a private key that matches one of the ones in the shipped ubuntu-keyring, so we need to build a custom version of the ubuntu-keyring package. Install the gnupg package if you do not have it already.
To create a signing key, enter gpg --gen-key. Accept the defaults, (for this use, it is probably OK to use "No expiry"). For your Real Name and E-mail address, you might like to use something like "XXX Signing Key" and "packages@xxx.example.org". Enter an appropriate passphrase.
In another directory (I use /opt/build/), we will download the source for the ubuntu-keyring package, unpack it, add our own GPG key, and rebuild the package. These steps import the 2 Ubuntu public signing keys into your main keyring, then exports them, along with your own public signing key, into a replacement keyring. "YOURKEYID" should be replaced with the 8-digit hexadecimal code that gpg tells you when you do the --list-keys command. "Signing Key Name" is what you used in the previous step, when running gpg --gen-key.
To clarify, below is an example 'gpg --list-keys' response. In this example, "YOURKEYID" immediately follows the '/' on the line beginning with 'pub' (which in this example is '437D05B5'.)
gpg --list-keys pub 1024D/437D05B5 2006-09-08 uid XXX Signing Key <packages@xxx.example.org> sub 2048g/79164387 2006-09-08
If you change the package's version number (e.g. using dch), then make sure that the version number you choose does not contain a "-" character: if it does, then you'll be converting the package away from the "native" format and you will have to do some extra steps. It's simpler to use a version number such as "2012.05.19+custom1", putting your preferred local part after the "+" character.
Here is an example, which you will need to customize to suit your own setup:
The following example references Ubuntu 16.04 ("xenial"). Substitute your version where appropriate.
cd /opt/build sudo apt-get install fakeroot # requires the fakeroot package which may not be installed on your system. apt-get source ubuntu-keyring cd ubuntu-keyring-2012.05.19/keyrings gpg --import < ubuntu-archive-keyring.gpg gpg --list-keys "Signing Key Name" gpg --export FBB75451 437D05B5 C0B21F32 EFE21092 YOURKEYID > ubuntu-archive-keyring.gpg cd .. # you are now on ubuntu-keyring-2012.05.19 dpkg-buildpackage -rfakeroot -m"Your Name <your.email@your.host>" -kYOURKEYID cd .. # you are now on the directory where you started, in the example, /opt/build cp ubuntu-keyring*deb /opt/cd-image/pool/main/u/ubuntu-keyring
You will end up with a udeb file for the installer, and a .deb file for the system. Both files need to be copied into the main component of your CD, because the CD will not check the extras directory.
Generate a new filesystem.squashfs with the updated ubuntu-archive-keyring.gpg
To prevent the possible issue during installation, we need to regenerate filesystem.squashfs by updating the ubuntu-archive-keyring.gpg we just exported. There are three paths to being replaced:
- $chroot/usr/share/keyrings/ubuntu-archive-keyring.gpg
- $chroot/etc/apt/trusted.gpg
- $chroot/var/lib/apt/keyrings/ubuntu-archive-keyring.gpg
Furthermore, filesystem.size also needs to be updated:
cd new-squashfs-root du -sx --block-size=1 ./ | cut -f1 > /opt/cd-image/install/filesystem.size
Building the repository with apt-ftparchive
apt-ftparchive builds the Packages and Packages.gz files, needed by the installer. In order to use apt-ftparchive we will need to provide it with some configuration and some index files.
If you will be adding .deb files to pool/universe (eg. customizing xubuntu) you will also need to wget extra.universe and universe files.
We will put the index files in /opt/indices:
mkdir -p /opt/indices /opt/apt-ftparchive cd /opt/indices/ DIST=xenial for SUFFIX in extra.main main main.debian-installer restricted restricted.debian-installer; do wget http://archive.ubuntu.com/ubuntu/indices/override.$DIST.$SUFFIX done
Create the files apt-ftparchive-deb.conf, apt-ftparchive-udeb.conf, apt-ftparchive-extras.conf, and release.conf in a directory (/opt/apt-ftparchive), substituting /opt/cd-image/ for the path to your CD image directory, and /opt/indices/ for the location of the index files, if they differ.
The .conf files shown here are sufficient if you are ONLY making changes to .deb files under pool/main and pool/restricted. If you are adding security updates to a Xubuntu customized CD, though, you will be updating .deb files under pool/universe also, so you will need to add lines to apt-ftparchive-deb.conf for universe, similar to the lines shown for main. You will also need to run extraoverride.pl for universe as well as for main - see below.
/opt/apt-ftparchive/apt-ftparchive-deb.conf:
Dir { ArchiveDir "/opt/cd-image/"; }; TreeDefault { Directory "pool/"; }; BinDirectory "pool/main" { Packages "dists/xenial/main/binary-amd64/Packages"; BinOverride "/opt/indices/override.xenial.main"; ExtraOverride "/opt/indices/override.xenial.extra.main"; }; BinDirectory "pool/restricted" { Packages "dists/xenial/restricted/binary-amd64/Packages"; BinOverride "/opt/indices/override.xenial.restricted"; }; Default { Packages { Extensions ".deb"; Compress ". gzip"; }; }; Contents { Compress "gzip"; };
The ExtraOverride component above is needed to add the Task: line to main packages, referenced from the preseed file with ~t<task name>. This is not supplied - but can be extracted from the existing main Packages file with the simple perl script below.
\#!/usr/bin/env perl # extraoverride.pl # generate ExtraOverride file # use as follows :- # extraoverride.pl < /opt/cd-image/dists/xenial/main/binary-amd64/Packages >> /opt/indices/override.xenial.extra.main while (<>) { chomp; next if /^ /; if (/^$/ && defined($task)) { print "$package Task $task\n"; undef $package; undef $task; } ($key, $value) = split /: /, $_, 2; if ($key eq 'Package') { $package = $value; } if ($key eq 'Task') { $task = $value; } }
If customizing Xubuntu, and adding new .deb files to pool/universe, run this script for the universe repository also.
The ExtraOverride process can be optional to skip it.
/opt/apt-ftparchive/apt-ftparchive-udeb.conf:
Dir { ArchiveDir "/opt/cd-image/"; }; TreeDefault { Directory "pool/"; }; BinDirectory "pool/main" { Packages "dists/xenial/main/debian-installer/binary-amd64/Packages"; BinOverride "/opt/indices/override.xenial.main.debian-installer"; }; BinDirectory "pool/restricted" { Packages "dists/xenial/restricted/debian-installer/binary-amd64/Packages"; BinOverride "/opt/indices/override.xenial.restricted.debian-installer"; }; Default { Packages { Extensions ".udeb"; Compress ". gzip"; }; }; Contents { Compress "gzip"; };
/opt/apt-ftparchive/apt-ftparchive-extras.conf:
Dir { ArchiveDir "/opt/cd-image/"; }; TreeDefault { Directory "pool/"; }; BinDirectory "pool/extras" { Packages "dists/xenial/extras/binary-amd64/Packages"; }; Default { Packages { Extensions ".deb"; Compress ". gzip"; }; }; Contents { Compress "gzip"; };
You need to build the Packages file in dists/xenial/extras/binary-amd64/Packages using dpkg-scanpackages. See here for an explanation.
The following example of creating Packages references Ubuntu 16.04 ("xenial"). Substitute your version where appropriate. Use apt-ftparchive to finish above step.
cd /opt/cd-image apt-ftparchive packages pool/extras > dists/stable/extras/binary-amd64/Packages gzip -c dists/stable/extras/binary-amd64/Packages | tee dists/stable/extras/binary-amd64/Packages.gz > /dev/null
/opt/apt-ftparchive/release.conf
This is the configuration file for apt-ftparchive. Change to suit your distribution version:
APT::FTPArchive::Release::Origin "Ubuntu"; APT::FTPArchive::Release::Label "Ubuntu"; APT::FTPArchive::Release::Suite "xenial"; APT::FTPArchive::Release::Version "16.04"; APT::FTPArchive::Release::Codename "xenial"; APT::FTPArchive::Release::Architectures "amd64"; APT::FTPArchive::Release::Components "main restricted extras"; APT::FTPArchive::Release::Description "Ubuntu 16.04 LTS";
To build the repository, sign it, and update the MD5SUM file, you can use a script like this:
BUILD=/opt/cd-image APTCONF=/opt/apt-ftparchive/release.conf DISTNAME=xenial pushd $BUILD apt-ftparchive -c $APTCONF generate /opt/apt-ftparchive/apt-ftparchive-deb.conf apt-ftparchive -c $APTCONF generate /opt/apt-ftparchive/apt-ftparchive-udeb.conf apt-ftparchive -c $APTCONF generate /opt/apt-ftparchive/apt-ftparchive-extras.conf apt-ftparchive -c $APTCONF release $BUILD/dists/$DISTNAME > $BUILD/dists/$DISTNAME/Release gpg --default-key "YOURKEYID" --output $BUILD/dists/$DISTNAME/Release.gpg -ba $BUILD/dists/$DISTNAME/Release find . -type f -print0 | xargs -0 md5sum > md5sum.txt popd
"YOURKEYID" is the key id you put in your own compiled keyring package before.
Preparing the bootable medium
At this point, you have a directory which is ready to be collected into an .ISO file and then burnt to a CD or copied to a USB stick.
Building the ISO image
x86 and AMD64
IMAGE=custom.iso
BUILD=/opt/cd-image/
mkisofs -r -V "Custom Ubuntu Install CD" \
-cache-inodes \
-J -l -b isolinux/isolinux.bin \
-c isolinux/boot.cat -no-emul-boot \
-boot-load-size 4 -boot-info-table \
-o $IMAGE $BUILDx86 and AMD64 with isohybrid
The original i386 and amd64 ISOs have a Master Boot Record (MBR) which makes them bootable from USB stick via legacy BIOS firmware.
# The MBR x86 machine code bytes from the original ISO are known to match
# the isolinux.bin file inside that ISO. So copy them to a file in /tmp/.
OLD_IMAGE=/path/to/iso
MBR_FILE=/tmp/ubuntu_isohybrid_mbr.img
dd if="$OLD_IMAGE" bs=1 count=446 of="$MBR_FILE"
IMAGE=custom.iso
BUILD=/opt/cd-image/
xorriso -as mkisofs -r -V "Custom Ubuntu Install CD" \
-cache-inodes -J -l \
-isohybrid-mbr "$MBR_FILE" \
-partition_offset 16 \
-c isolinux/boot.cat \
-b isolinux/isolinux.bin \
-no-emul-boot -boot-load-size 4 -boot-info-table \
-o "$IMAGE" \
"$BUILD"
"$BUILD"
rm "$MBR_FILE"AMD64 with isohybrid and UEFI
Additionally to the MBR for legacy BIOS, the amd64 ISOs since 14.04 can boot from CD and from USB stick via the modern UEFI firmware. Its entry point is marked for USB stick by the MBR partition entry 2, which points to the data content of file /boot/grub/efi.img. Together with UEFI bootability from CD this is achieved by the additional options from -eltorito-alt-boot to -isohybrid-gpt-basdat.
OLD_IMAGE=/path/to/iso
MBR_FILE=/tmp/ubuntu_isohybrid_mbr.img
dd if="$OLD_IMAGE" bs=1 count=446 of="$MBR_FILE"
IMAGE=custom.iso
BUILD=/opt/cd-image/
xorriso -as mkisofs -r -V "Custom Ubuntu Install CD" \
-cache-inodes -J -l \
-isohybrid-mbr "$MBR_FILE" \
-c isolinux/boot.cat \
-b isolinux/isolinux.bin \
-no-emul-boot -boot-load-size 4 -boot-info-table \
-eltorito-alt-boot \
-e boot/grub/efi.img \
-no-emul-boot -isohybrid-gpt-basdat \
-o "$IMAGE" \
"$BUILD"
rm "$MBR_FILE"Power PC
Download the HFS map, then use the following command:
IMAGE=custom.iso
BUILD=/opt/cd-image/
mkisofs -r -V "Custom Ubuntu Install CD" \
--netatalk -hfs -probe -map hfs.map \
-chrp-boot -iso-level 2 -part -no-desktop \
-hfs-bless $BUILD/install \
-hfs-volid Ubuntu/PowerPC_hardy \
-o $IMAGE $BUILDia64
IMAGE=custom.iso
BUILD=/opt/cd-image/
mkisofs -r -V 'Custom Ubuntu Install CD' \
-o $IMAGE -no-emul-boot \
-J -b boot/boot.img -c boot/boot.catalog $BUILD- $IMAGE is just the location of your iso image.
Burning the image to CD, DVD, or Blu-ray
sudo xorriso -as cdrecord dev=/dev/sr0 blank=as_needed -v $IMAGE
The first optical drive of a contemporary GNU/Linux system has address /dev/sr0. If in doubt, run the following command to learn about the existing drives and their /dev file adresses.
sudo xorriso -devices
If your drive or media are old, then you might burn a lot of coasters in experimenting with this process. Re-usable media can ease the pain: CD-RW, DVD-RW, DVD+RW, DVD-RAM, BD-RE.
Putting an isohybrid image onto USB stick
If the x86 and AMD image was made by xorriso with isohybrid options, or if the x86 and AMD image was postprocessed by SYSLINUX program isohybrid, then it will boot from USB stick or hard disk, too.
Such an image is not to be unpacked and installed to the USB stick by a program like 'Rufus' or 'UNetbootin', but rather to be written plainly to the base device file of the USB stick. This implies that the partition table of the stick will be overwritten and thus all data on the stick will become unaccessible, if not overwritten.
Verify device address or make a backup
The main problem on a GNU/Linux system is that you need superuser power to overwrite the whole USB stick, and that this power suffices to also spoil the content of your hard disk.
So first verify that the device file address really leads to the intended device (e.g. by reading a few megabytes and watching it blink). If the USB stick is supposed to be Linux device "/dev/sdh":
sudo umount /dev/sdh* dd if=/dev/sdh of=/dev/null bs=1024 count=100000
or by making a backup of its complete content in a compressed disk file:
sudo umount /dev/sdh* dd if=/dev/sdh | gzip >"$HOME"/red_usb_stick.gz
(Your /dev/sd address will probably end by a lower letter than "h". But this paragraph is all about not to spoil /dev/sda and other hard disks by mistake.)
Write to USB stick
Once you are convinced that this is the right device file address, copy the ISO image onto the USB stick by:
sudo dd if="$IMAGE" bs=1M of=/dev/sdh ; sync
Eventually restore backup
To later restore the original content of the USB stick, take the same care to really use the correct address and then:
dd if="$HOME"/red_usb_stick.gz | sudo gunzip >/dev/sdh
Of course, the Ubuntu ISO image will be overwritten by this restore run.
Testing
You can now boot off your CD or USB stick. Select the new menu item you created. If you've used preseeding to stop the CD asking questions, the installation could be totally automatic.
Troubleshooting
- If your CD fails to read, try re-burning it, possibly at a slower speed.
- If you get a red d-i screen, check the error message (use Alt-F2, Alt-F3 etc to cycle through the terminals to read the log), and fix your CD appropriately. The log file is /var/log/syslog , check the last lines.
See also
Check out some install CD customization scripts that can be used to automate this process.