CD Customization
Applies to: Ubuntu 5.10
Is currently being updated to apply to: Ubuntu 6.06
The process of customizing or "remastering" Ubuntu install CDs is not especially complex, but it is a little tedious and finicky. This page documents all the problems you might find; if it doesn't, please edit it!=
The Ubuntu install CD (since Ubuntu 6.06, the 'alternative install' or 'server' CD) has three main parts: a bootloader (ISOLINUX on amd64/i386 systems, yaboot on powerpc) and its configuration, which start everything up; debian-installer (also known as d-i), which in this case is really a specialised miniature Ubuntu system; and a Debian-style repository structure, which is what takes up all that space on the disk in the directories "pool" and "dists". Building a new CD may involve modifications to all three parts.
Modify installer behaviour using a Preseed file
When the CD boots up, a Linux kernel is started and the installation tasks are initiated. The installer's default behaviour can be modified through the use of a "preseed" file, which feeds d-i answers to questions normally asked by debconf, or in other contexts. If you look closely at your install CD, you'll see that certain options (e.g. "server", "expert", "oem") already have preseed files assigned to them.
Suppose you are installing Ubuntu on a bunch of identical computers, and you already know the answers to certain questions (what country and time zone you're in, what keyboard you have, how the network should be configured, how you want to partition the hard disk, etc). You can "preseed" the answers to these questions in a very simple configuration file.
Changing isolinux.cfg to identify your preseed
We will create a preseed file called 'firewall.seed', which will live in the /preseed folder of the CD-ROM. We tell d-i where to find this file by modifying the bootloader configuration file, located in isolinux/isolinux.cfg, to pass appropriate parameters on the kernel command line. Add a new section labelled like this:
Ubuntu 5.10 and older:
LABEL firewall kernel /install/vmlinuz append preseed/file=/cdrom/preseed/firewall.seed preseed/locale=en_NZ kbd-chooser/method=us vga=normal initrd=/install/initrd.gz ramdisk_size=12288 root=/dev/rd/0 rw --
Ubuntu 6.06 and newer:
LABEL firewall menu label ^Firewall installation kernel /install/vmlinuz append preseed/file=/cdrom/preseed/firewall.seed debian-installer/locale=en_NZ kbd-chooser/method=us initrd=/install/initrd.gz ramdisk_size=16384 root=/dev/ram rw quiet --
If you want to set the default action to booting with your custom seed, change the DEFAULT line to read 'DEFAULT firewall'.
You must specify a locale and keyboard on the command line, as these questions are asked before the seed is loaded. You can also set DEBCONF_PRIORITY here to ensure you don't see any unnecessary debconf questions.
Writing the preseed file
A preseed file looks something like this (from the default ubuntu-server.seed on the 6.06 CD):
# Always install the server kernel. d-i base-installer/kernel/override-image string linux-server # Don't install usplash. d-i base-installer/kernel/linux/extra-packages-2.6 string # Desktop system not installed; don't waste time and disk space copying it. d-i archive-copier/desktop-task string ubuntu-standard d-i archive-copier/ship-task string # Only install the standard system and language packs. d-i pkgsel/install-pattern string ~t^ubuntu-standard$ d-i pkgsel/language-pack-patterns string # No language support packages. d-i pkgsel/install-language-support boolean false
(Note: the version of this file on some Breezy CD images was buggy: it set base-config/package-selection to "~tubuntu-standard" rather than "~t^ubuntu-standard$". Use the new format in preference; the old one will break with Ubuntu 6.06 and newer.)
First notice the format. There are 4 fields:
- identity of the program which will pick up this command
- name of the variable whose value will be passed
- variable type
- value of variable
attachment:IconsPage/important.png d-i expects there to be [:http://d-i.alioth.debian.org/manual/en.i386/apbs03.html:exactly one tab or space between variable type and variable value] (any other space is seen as being part of the value)
attachment:IconsPage/important.png The version of d-i used in 5.10 does not allow lines to be broken by the '\' character - this was introduced as of 6.06.
The easiest way to create a preseed file is to start with an example and modify it. There is a good [http://archive.ubuntu.com/ubuntu/dists/breezy/main/installer-i386/current/doc/manual/en/apcs01.html preseed example in the Breezy installation manual]. You could also check out [http://wiki.debian.org/DebianInstaller/Preseed Debian's wiki page on preseeding the installer] - 6.06 and higher use the Etch version of the Debian installer.
If you can't find the option you're looking for, try executing the following commands:
debconf-get-selections --installer > somefile.txt debconf-get-selections >> somefile.txt
This will output a list of all debconf options you've chosen throughout your install; you can pick options out of this and put them into your preseed file.
attachment:IconsPage/warning.png debconf-get-selections prints 2 spaces between variable type and variable value. For Breezy, you need to change this to one space before putting the line in a preseed file..
Installing extra packages in your preseed file
Ubuntu 5.10 and older:
Package installation is controlled by the directive in the preseed. To install nothing, you can leave the value blank; to instruct d-i to install extra packages, or a minimal set, set this to an aptitude pattern. (To learn about patterns, see the aptitude documentation -- install aptitude-doc and read /usr/share/doc/aptitude/html/index.html).
For instance, to install an SSH server along with the standard installation, use this line:
base-config base-config/package-selection string ~t^ubuntu-standard$|~n^openssh-server$
Ubuntu 6.06 and newer:
base-config has been removed from debian-installer, so you have to install packages using a different directive. Set preseed/early_command to run apt-install ''package1 package2''.
Installing language support
A different mechanism is used to install additional languages. Preseed the detailed locale question asked by the installer in expert mode. See the first column of /usr/share/i18n/SUPPORTED for the locale names you can use here. For example, to add support for Bengali and Tamil, use this line:
d-i localechooser/supported-locales multiselect bn_IN, ta_IN
Modify pool structure to include/delete packages
Probably the main reason to build your own install CDs is to modify which packages are installed; in particular you may want to add some packages to the CD. There are several ways to do this, none of which I understand fully. The easiest thing to do is to build a minimal repository structure containing only your own extra .debs, and merge these into the CD file hierarchy before rebuilding the iso image. The tricky parts here are: generate the Packages files that the Debian package management system expects to see when it encounters a repository; generate the top-level Release file the Debian package management system expects; and sign the release file with gpg. Here's what I did.
- . designate a file directory as your staging area; in that directory,
mkdir -p dists/breezy/extras/binary-i386 pool/extras/ isolinux preseed
Put your modified isolinux.cfg in isolinux/, and your preseed file in preseed/.
- . put all the extra debs you need on your cd into pool/extras/. You will also need to include a new version of ubuntu-keyring, which I'll explain about in a second.
- . in a text editor or some other way make a new file dists/breezy/extras/binary-i386/Release with the following content:
Archive: breezy Version: 5.10 Component: extras Origin: Ubuntu Label: Ubuntu Architecture: i386
- . merge your changes into the cd thusly:
mount your "clean" downloaded iso: mount /path/to/iso /some/mountpoint/ -o loop
b. copy all the files to a directory somewhere (you'll need a gigabyte or two off space); I use rsync: sudo rsync -azvb --delete --backup-dir=/yeowe/usr/cdbuilder/old/ $MOUNT $BUILD (where $MOUNT isthe mountpoint, $BUILD is the location of the extracted contents) c. if your new CD folder is likely to be too large, use the following script from inside pool/main to strip out all packages which are unwanted (that is, packages which aren't currently installed):
for j in * do cd $j for k in * do cd $k for l in *.deb do if [ $l != "*.deb" ] then n=$(dpkg -l $(echo $l | cut -f1 -d"_") 2> /dev/null| grep "^ii") if [ -z "$n" ] then rm $l fi fi done cd .. done cd .. done find -depth -type d -empty -exec rmdir {} \;d. This is important. In just a minute we will generate the packages file and the top-level release file using the apt-ftparchive tool. Then we will need to sign the release file using a gpg key. The install system will then check the signature against the public keys held in the package ubuntu-keyring. But your signature isn't in that keyring. So you need to make a new version of the ubuntu-keyring package. This is actually really easy, but it took me forever to do it right. So here's the necessary code:
apt-get source ubuntu-keyring cd ubuntu-keyring--2005.01.11/keyring gpg --import < ubuntu-archive-keyring.gpg gpg --list-keys "Your Name" gpg --export FBB75451 437D05B5 YOURKEYID > ubuntu-archive-keyring.gpg cd .. dpkg-buildpackage -rfakeroot -m"Your Name <your.email@your.host> -k"Your Name <your.email@your.host>" cp ubuntu-keyring*deb $BUILD/pool/extras/
NOTE: Copying the ubuntu-keyring (u)deb to the above location will not work correctly for Dapper CDs. I have tested it with flight4 and flight5 and the result of the above is that the installer cannot find the kernel as it cannot extract the correct GPG key (the one you signed the Release file with). In order for the procedure to work, you need to copy the generated ubuntu-keyring*deb files to $BUILD/pool/main/u/ubuntu-keyring instead.
- OK -- what we've done here is import the 2 Ubuntu keys into your main keyring, then exported them along with your own key into a replacement keyring. "YOURKEYID" should be replaced with the 8-digit hexadecimal code that gpg tells you when you do the --list-keys command above. And really, the best policy would be to do all that first, and copy a version into your $STAGE file structure so that you have it permanently available.
Note: If you do not have an existing gpg signing key, use the following code:
- {{{ gpg --gen-key }}}
Accept all defaults, select "No expiry", and enter an appropriate passphrase.
In order to use apt-ftparchive, we will need to provide it with some defaults. Create the files "apt-ftparchive-deb.conf, "apt-ftparchive-udeb.conf", and "apt-ftparchive-extras.conf" as follows (substitude $BUILD for the absolute path to your BUILD directory, and /path/to/indices to the location of the indices files, which you can download from http://archive.ubuntu.com/ubuntu/indices/ ):
apt-ftparchive-deb.conf: Dir { ArchiveDir "$BUILD"; }; TreeDefault { Directory "pool/"; }; BinDirectory "pool/main" { Packages "dists/breezy/main/binary-i386/Packages"; BinOverride "/path/to/indices/override.breezy.main"; ExtraOverride "path/to/indices/override.breezy.extra.main"; }; // Uncomment the lines below if you're customizing the Dapper release //BinDirectory "pool/restricted" { // Packages "dists/dapper/restricted/binary-i386/Packages"; // BinOverride "/path/to/indices/override.dapper.restricted"; //}; Default { Packages { Extensions ".deb"; Compress ". gzip"; }; }; Contents { Compress "gzip"; };apt-ftparchive-udeb.conf: Dir { ArchiveDir "$BUILD"; }; TreeDefault { Directory "pool/"; }; BinDirectory "pool/main" { Packages "dists/breezy/main/debian-installer/binary-i386/Packages"; BinOverride "/path/to/indices/override.breezy.main.debian-installer"; }; // Uncomment the lines below if you're customizing a Dapper release //BinDirectory "pool/restricted" { // Packages "dists/dapper/restricted/debian-installer/binary-i386/Packages"; // BinOverride "/path/to/indices/override.dapper.restricted.debian-installer"; //}; Default { Packages { Extensions ".udeb"; Compress ". gzip"; }; }; Contents { Compress "gzip"; };apt-ftparchive-extras.conf: Dir { ArchiveDir "$BUILD"; }; TreeDefault { Directory "pool/"; }; BinDirectory "pool/extras" { Packages "dists/breezy/extras/binary-i386/Packages"; }; Default { Packages { Extensions ".deb"; Compress ". gzip"; }; }; Contents { Compress "gzip"; };
- . Now use apt-ftparchive to make the Packages and Release files:
cd $BUILD sudo apt-ftparchive -c $APTCONF generate /path/to/apt-ftparchive-deb.conf sudo apt-ftparchive -c $APTCONF generate /path/to/apt-ftparchive-udeb.conf sudo apt-ftparchive -c $APTCONF generate /path/to/apt-ftparchive-extras.conf
NOTE: For Dapper custom CD (possibly for Breezy as well, but I haven't tested it and I assume the original author of this HOWTO tested the procedure) you need to issue one more command after the above:
sudo apt-ftparchive -c $APTCONF release $BUILD/dists/$DISTNAME | sudo tee $BUILD/dists/$DISTNAME/Release 2>&1 > /dev/null
where $DISTNAME should be replaced with breezy or dapper for the name of the release you are customizing.
- $APTCONF is a file somewhere that looks about like this:
{{{APT::FTPArchive::Release::Origin "Ubuntu"; APT::FTPArchive::Release::Label "Ubuntu"; APT::FTPArchive::Release::Suite "breezy"; APT::FTPArchive::Release::Version "5.10"; APT::FTPArchive::Release::Codename "breezy"; APT::FTPArchive::Release::Architectures "i386"; APT::FTPArchive::Release::Components "main restricted extras"; APT::FTPArchive::Release::Description "Ubuntu Breezy"; }}}
sign the Release file with gpg:
sudo gpg --default-key "MY GPG KEY ID" --output $BUILD/dists/breezy/Release.gpg -ba $BUILD/dists/breezy/Release
*. Regenerate the md5 checksums:
cd $BUILD find . -type f -print0 | xargs -0 md5sum > md5sum.txt
. Then we re-build the cd. NOTE: This procedure is specific to the Intel x86 (i386) and x86_64 (amd64) live CDs. Other architectures, such as PowerPC and IA64, will require different command line options.
$ sudo mkisofs -r -V "Custom Ubuntu Install CD" \ -cache-inodes \ -J -l -b isolinux/isolinux.bin \ -c isolinux/boot.cat -no-emul-boot \ -boot-load-size 4 -boot-info-table \ -o $IMAGE $BUILDOn PowerPC, download [http://people.ubuntu.com/~cjwatson/hfs.map], then use the following command:
$ sudo mkisofs -r -V "Custom Ubuntu Install CD" \ --netatalk -hfs -probe -map hfs.map \ -chrp-boot -iso-level 2 -part -no-desktop \ -hfs-bless $BUILD/install \ -hfs-volid Ubuntu/PowerPC_breezy \ -o $IMAGE $BUILDOn ia64:
$ sudo mkisofs -r -V 'Custom Ubuntu 5.10 install ia64' \ -o $IMAGE -no-emul-boot \ -J -b boot/boot.img -c boot/boot.catalog $BUILD$IMAGE is just the location of your iso image.- . finally, burn your cd using cdrecord:
sudo nice -18 cdrecord dev=ATA:1,1,0 speed=12 --blank=fast -v -gracetime=2 -tao $IMAGE
that will burn the image on the second cd drive; if your cd-burner is the first or only cd-drive, change dev argument to ATA:1,0,0. I strongly recommend using rewritable media -- I've burned a LOT of coasters on this project.
OK, that should do it!
Check out [:/Scripts:install CD customization scripts] that can be used to automate this process.