Este apéndice explica los detalles de preconfigurar respuesas a preguntas en &d-i; para poder así automatizar una instalación. Los fragmentos de configuración que se utilizan en este apéndice están también disponibles como un fichero de preconfiguración de ejemplo en &urlset-example-preseed;. La preconfiguración ofrece un mecanismo para responder a preguntas sin tener que introducir manualmente las respuestas mientras se ejecuta la instalación. Esto hace posible que se automatizen la mayoría de las instalaciones e incluso ofrece funcionalidades que no están disponibles durante una instalación normal. Es posible responder a las preguntas que se realizan durante la primera fase de la instalación (antes del reinicio al nuevo sistema) y también a preguntas en la segunda fase utilizando la preconfiguración. Se pueden utilizar tres métodos de preconfiguración: initrd, file (fichero, n. del t.) y network (red, n. del t.). La preconfiguración a través de initrd funciona en cualquier método de instalación y permite preconfigurar más cosas, pero es la que más preparación requiere. Los metodos de preconfiguración con fichero o vía red pueden utilizarse en distintos métodos de instalación. No se pueden preconfigurar las primeras preguntas de la instalación tanto en el caso de la precofinguración a través fichero o vía red dado que sólo se cargan una vez se han preguntado. La siguiente tabla muestra los métodos de preconfiguración que pueden utilizarse con los distintos métodos de instalación. Método de instalacióninitrd filenetwork CD/DVD sí sí no netboot sí no sí hd-media (incluyendo memorias usb) sí sí no basado en disquete (controladores de cd) sí sí no basado en disquete (controladores de red) sí no sí genérico/cinta sí no sí Una diferencia importante entre los métodos de preconfiguración es el punto en el que se carga y procesa el fichero de preconfiguracio. Para la preconfiguración a través del initrd ésto se produce justo al comienzo de la instalación, antes de hacer siquiera la primera pregunta. Para la preconfiguración con fichero ésto se hace después de que el CD o la imagen de CD se haya cargado. Para la preconfiguración de red ésto se hace sólo después de que se haya configurado la red. En términos prácticos esto significa que en la preconfiguración por fichero y vía red ya se habrá tenido que responder a las preguntas sobre idioma, país y seleccio de teclado. Además, para la preconfiguración vía red, se habrán respondido todas las preguntas relacionadas con la configuración de red. Algunas preguntas que sólo se muestra en prioridad media o baja (como el primer intento de detección automática de hardware) también se habrán respondido en este caso. Obviamente, cualquier pregunta que se haya procesado antes de cargar el fichero de preconfiguración no puede preconfigurarse. Puede encontrar una forma para evitar que se omitan estas preguntas con . Aunque la mayoría de las preguntas que utiliza &d-i; pueden preconfigurarse con este mecanismo hay algunas excepciones importantes. Tiene que (re)particionar el disco completo o utilizar el espacio en disco libre disponible, no puede usar particiones existentes. Tampoco puede aún utilizar la preconfiguración para configurar RAID ó LVM. Una opcio muy poderosa y flexible que ofrecen las herramientas de preconfiguración es la capacidad de ejecutar órdenes o guiones en puntos específicos de la instalación. Tiene más detalles en . preseed/early_command: se procesa tan pronto como se haya cargado el fichero de preconfiguración. preseed/late_command: se procesa justo antes del reinicio del equipo al final de la primera fase de la instalación pero antes de que se desmonte el sistema de ficheros /target. base-config/early_command: se procesa en la segunda fase de la instalación cuando se arranca base-config base-config/late_command: se procesa al final de la ejecución de base-config, justo antes de mostrar el indicador de acceso al sistema. Es posible utilizar la preconfiguración para cambiar las respuestas por omisión a una pregunta, pero haciendo que esta pregunta se realice. Para hacer ésto debe definirse la marca seen (visto, n. del t.) a false una vez se ha fijado un valor para la plantilla. d-i foo/bar string value d-i foo/bar seen false Por supuesto, en primer lugar ha de crear primero el fichero de preconfiguracio y ponerlo en la localización donde pretende utilizarlo. La creación del fichero de preconfiguración se describe más adelante en este apéndice. Colocar el fichero en la ubicación correcta es algo relativamente sencillo para la preconfiguración vía red o si quiere leer el fichero de un disquete o una memoria usb. Si desea incluir el fichero en un CD o DVD tendrá que rehacer la imagen ISO. La inclusión del fichero de preconfiguración en el initrd queda fuera del alcance de este documento, consulte la documentación de desarrolladores de &d-i; si está interesado. An example preseed file that you can use as basis for your preseed file is available from &urlset-example-preseed;. This file is based on the configuration fragments included in this appendix. If you are using initrd preseeding, you only have to make sure a file named preseed.cfg is included in the root directory of the initrd. The installer will automatically check if this file is present and load it. For the other preseeding methods you need to tell the installer what file to use when you boot it. This is done by passing the kernel a boot parameter, either manually at boot time or by editing the bootloader configuration file (e.g. syslinux.cfg) and adding the parameter to the end of the append line(s) for the kernel. If you do specify the preseed file in the bootloader configuration, you might change the configuration so you don't need to hit enter to boot the installer. For syslinux this means setting the timeout to 1 in syslinux.cfg. To make sure the installer gets the right preseed file, you can optionally specify a checksum for the file. Currently this needs to be a md5sum, and if specified it must match the preseed file or the installer will refuse to use it. Boot parameters to specify: - if you're netbooting: preseed/url=http://host/path/to/preseed.cfg preseed/url/checksum=5da499872becccfeda2c4872f9171c3d - if you're booting a remastered CD: preseed/file=/cdrom/preseed.cfg preseed/file/checksum=5da499872becccfeda2c4872f9171c3d - if you're installing from USB media (put the preseed file in the toplevel directory of the USB stick): preseed/file=/hd-media/preseed.cfg preseed/file/checksum=5da499872becccfeda2c4872f9171c3d While you're at it, you may want to add a boot parameter debconf/priority=critical. This will avoid most questions even if the preseeding below misses some. Some parts of the installation process cannot be automated using some forms of preseeding because the questions are asked before the preseed file is loaded. For example, if the preseed file is downloaded over the network, the network setup must be done first. One reason to use initrd preseeding is that it allows preseeding of even these early steps of the installation process. If a preseed file cannot be used to preseed some steps, the install can still be fully automated, since you can pass preseed values to the kernel on the command line. Just pass path/to/var=value for any of the preseed variables listed in the examples. The 2.4 kernel accepts a maximum of 8 command line options and 8 environment options (including any options added by default for the installer). If these numbers are exceeded, 2.4 kernels will drop any excess options and 2.6 kernels will panic. For kernel 2.6.9 and later, you can use 32 command line options and 32 environment options. For most installations some of the default options in your bootloader configuration file, like 'vga=normal', may be safely removed which may allow you to add more options for preseeding. It may not always be possible to specify values with spaces for boot parameters, even if you delimit them with quotes. The preconfiguration file is in the format used by the debconf-set-selections command. File format Only single space allowed between template type and value Relation with /var/lib/(c)debconf/templates Types of templates and how to provide values for them Most values need to be in English or codes Using a manual installation as base Finding other possible values To check if the format of your preseed file is valid before performing an install, you can use the command debconf-set-selections -c preseed.cfg. The configuration fragments used in this appendix are also available as an example preseed file from &urlset-example-preseed;. Note that this example is based on an installation for the Intel x86 architecture. If you are installing a different architecture, some of the examples (like keyboard selection and bootloader installation) may not be relevant and will need to be replaced by debconf settings appropriate for your architecture. Setting localization values will only work if you are using initrd preseeding. With all other methods the preseed file will only be loaded after these questions have been asked. The locale can be used to specify both language and country. To specify the locale as a boot parameter, use debian-installer/locale=en_US. # Locale sets language and country. d-i debian-installer/locale string en_US Keyboard configuration consists of selecting a keyboard architecture and a keymap. In most cases the correct keyboard architecture is selected by default, so there's normally no need to preseed it. The keymap must be valid for the selected keyboard architecture. # Keyboard selection. #d-i console-tools/archs select at d-i console-keymaps-at/keymap select us # Example for a different keyboard architecture #d-i console-keymaps-usb/keymap select mac-usb-us To skip keyboard configuration preseed console-tools/archs with skip-config. This will result in the kernel keymap remaining active. The changes in the input layer for 2.6 kernels have made the keyboard architecture virtually obsolete. For 2.6 kernels normally a PC (at) keymap should be selected. Of course, preseeding the network configuration won't work if you're loading your preseed file from the network. But it's great when you're booting from CD or USB stick. If you are loading preseed files from the network, you can pass network config parameters in using kernel boot parameters. # netcfg will choose an interface that has link if possible. This makes it # skip displaying a list if there is more than one interface. d-i netcfg/choose_interface select auto # If you have a slow dhcp server and the installer times out waiting for # it, this might be useful. #d-i netcfg/dhcp_timeout string 60 # If you prefer to configure the network manually, here's how: #d-i netcfg/disable_dhcp boolean true #d-i netcfg/get_nameservers string 192.168.1.1 #d-i netcfg/get_ipaddress string 192.168.1.42 #d-i netcfg/get_netmask string 255.255.255.0 #d-i netcfg/get_gateway string 192.168.1.1 #d-i netcfg/confirm_static boolean true # Any hostname and domain names assigned from dhcp take precedence over # values set here. However, setting the values still prevents the questions # from being shown, even if values come from dhcp. d-i netcfg/get_hostname string unassigned-hostname d-i netcfg/get_domain string unassigned-domain # Disable that annoying WEP key dialog. d-i netcfg/wireless_wep string # The wacky dhcp hostname that some ISPs use as a password of sorts. #d-i netcfg/dhcp_hostname string radish Depending on the installation method you use, a mirror may used both to download additional components of the installer, the base system and to set up the /etc/apt/sources.list for the installed system. The parameter mirror/suite determines the suite for the installed system. The parameter mirror/udeb/suite determines the suite for additional components for the installer. It is only useful to set this if components are actually downloaded over the network and should match the suite that was used to build the initrd for the installation method used for the installation. By default the value for mirror/udeb/suite is the same as mirror/suite. d-i mirror/country string enter information manually d-i mirror/http/hostname string http.us.debian.org d-i mirror/http/directory string /debian d-i mirror/http/proxy string # Suite to install. #d-i mirror/suite string testing # Suite to use for loading installer components (optional). #d-i mirror/udeb/suite string testing Using preseeding to partition the harddisk is very much limited to what is supported by partman-auto. You can choose to either partition existing free space on a disk or a whole disk. The layout of the disk can be determined by using a predefined recipe, a custom recipe from a recipe file or a recipe included in the preseed file. It is currently not possible to partition multiple disks using preseeding nor to set up RAID or LVM. The identification of disks is dependent on the order in which their drivers are loaded. If there are multiple disks in the system, make very sure the correct one will be selected before using preseeding. # If the system has free space you can choose to only partition that space. #d-i partman-auto/init_automatically_partition \ # select Use the largest continuous free space # Alternatively, you can specify a disk to partition. The device name can # be given in either devfs or traditional non-devfs format. # For example, to use the first disk devfs knows of: d-i partman-auto/disk string /dev/discs/disc0/disc # You can choose from any of the predefined partitioning recipes: d-i partman-auto/choose_recipe \ select All files in one partition (recommended for new users) #d-i partman-auto/choose_recipe \ # select Separate /home partition #d-i partman-auto/choose_recipe \ # select Separate /home, /usr, /var, and /tmp partitions # Or provide a recipe of your own... # The recipe format is documented in the file devel/partman-auto-recipe.txt. # If you have a way to get a recipe file into the d-i environment, you can # just point at it. #d-i partman-auto/expert_recipe_file string /hd-media/recipe # If not, you can put an entire recipe the preseed file in one (logical) # line. This example creates a small /boot partition, suitable swap, and # uses the rest of the space for the root partition: #d-i partman-auto/expert_recipe string \ # boot-root :: \ # 40 50 100 ext3 \ # $primary{ } $bootable{ } \ # method{ format } format{ } \ # use_filesystem{ } filesystem{ ext3 } \ # mountpoint{ /boot } \ # . \ # 500 10000 1000000000 ext3 \ # method{ format } format{ } \ # use_filesystem{ } filesystem{ ext3 } \ # mountpoint{ / } \ # . \ # 64 512 300% linux-swap \ # method{ swap } format{ } \ # . # This makes partman automatically partition without confirmation. d-i partman/confirm_write_new_label boolean true d-i partman/choose_partition \ select Finish partitioning and write changes to disk d-i partman/confirm boolean true # Controls whether or not the hardware clock is set to UTC. d-i clock-setup/utc boolean true # You may set this to any valid setting for $TZ; see the contents of # /usr/share/zoneinfo/ for valid values. d-i time/zone string US/Eastern Setup of the /etc/apt/sources.list and basic configuration options is fully automated based on your installation method and answers to earlier questions. Only the two variables below are relevant for preseeding. # You can choose to install non-free and contrib software. #d-i apt-setup/non-free boolean true #d-i apt-setup/contrib boolean true The password for the root account and name and password for a first regular user's account can be preseeded. For the passwords you can use either clear text values or MD5 hashes. Be aware that preseeding passwords is not completely secure as everyone with access to the preseed file will have the knowledge of these passwords. Using MD5 hashes is considered slightly better in terms of security but it might also give a false sense of security as access to a MD5 hash allows for brute force attacks. # Root password, either in clear text #passwd passwd/root-password password r00tme #passwd passwd/root-password-again password r00tme # or encrypted using an MD5 hash. #passwd passwd/root-password-crypted password [MD5 hash] # Skip creation of a normal user account. #passwd passwd/make-user boolean false # Alternatively, create a normal user account. #passwd passwd/user-fullname string Debian User #passwd passwd/username string debian # Normal user's password, either in clear text #passwd passwd/user-password password insecure #passwd passwd/user-password-again password insecure # or encrypted using an MD5 hash. #passwd passwd/user-password-crypted password [MD5 hash] The passwd/root-password-crypted and passwd/user-password-crypted variables can also be preseeded with ! as their value. In that case, the corresponding account is disabled. This may be convenient for the root account, provided of course that an alternate method is setup to allow administrative activities or root login (for instance by using SSH key authentication or sudo). An MD5 hash for a password can be generated using the following command. $ echo "r00tme" | mkpasswd -s -H MD5 # Grub is the default boot loader (for x86). If you want lilo installed # instead, uncomment this: #d-i grub-installer/skip boolean true # This is fairly safe to set, it makes grub install automatically to the MBR # if no other operating system is detected on the machine. d-i grub-installer/only_debian boolean true # This one makes grub-installer install to the MBR if if finds some other OS # too, which is less safe as it might not be able to boot that other OS. d-i grub-installer/with_other_os boolean true # Alternatively, if you want to install to a location other than the mbr, # uncomment and edit these lines: #d-i grub-installer/bootdev string (hd0,0) #d-i grub-installer/only_debian boolean false #d-i grub-installer/with_other_os boolean false # Avoid that last message about the install being complete. d-i prebaseconfig/reboot_in_progress note # This will prevent the installer from ejecting the CD during the reboot, # which is useful in some situations. #d-i cdrom-detect/eject boolean false # Avoid the introductory message. base-config base-config/intro note # Avoid the final message. base-config base-config/login note # If you installed a display manager, but don't want to start it immediately # after base-config finishes. #base-config base-config/start-display-manager boolean false # Some versions of the installer can report back on what you've installed. # The default is not to report back, but sending reports helps the project # determine what software is most popular and include it on CDs. #popularity-contest popularity-contest/participate boolean false You can choose to install any combination of tasks that are available. Available tasks as of this writing include: Standard system Desktop environment Web server Print server DNS server File server Mail server SQL database Laptop manual package selection The last of these will run aptitude. You can also choose to install no tasks, and force the installation of a set of packages in some other way. We recommend always including the Standard system task. tasksel tasksel/first multiselect Standard system, Desktop environment #tasksel tasksel/first multiselect Standard system, Web server During a normal install, exim asks only a few questions. Here's how to avoid even those. More complicated preseeding is possible. exim4-config exim4/dc_eximconfig_configtype \ select no configuration at this time exim4-config exim4/no_config boolean true exim4-config exim4/no_config boolean true exim4-config exim4/dc_postmaster string Preseeding Debian's X config is possible, but you probably need to know some details about the video hardware of the machine, since Debian's X configurator does not do fully automatic configuration of everything. # X can detect the right driver for some cards, but if you're preseeding, # you override whatever it chooses. Still, vesa will work most places. #xserver-xfree86 xserver-xfree86/config/device/driver select vesa # A caveat with mouse autodetection is that if it fails, X will retry it # over and over. So if it's preseeded to be done, there is a possibility of # an infinite loop if the mouse is not autodetected. #xserver-xfree86 xserver-xfree86/autodetect_mouse boolean true # Monitor autodetection is recommended. xserver-xfree86 xserver-xfree86/autodetect_monitor boolean true # Uncomment if you have an LCD display. #xserver-xfree86 xserver-xfree86/config/monitor/lcd boolean true # X has three configuration paths for the monitor. Here's how to preseed # the "medium" path, which is always available. The "simple" path may not # be available, and the "advanced" path asks too many questions. xserver-xfree86 xserver-xfree86/config/monitor/selection-method \ select medium xserver-xfree86 xserver-xfree86/config/monitor/mode-list \ select 1024x768 @ 60 Hz # Depending on what software you choose to install, or if things go wrong # during the installation process, it's possible that other questions may # be asked. You can preseed those too, of course. To get a list of every # possible question that could be asked during an install, do an # installation, and then run these commands: # debconf-get-selections --installer > file # debconf-get-selections >> file # d-i preseeding is inherently not secure. Nothing in the installer checks # for attempts at buffer overflows or other exploits of the values of a # preseed file like this one. Only use preseed files from trusted # locations! To drive that home, and because it's generally useful, here's # a way to run any shell command you'd like inside the installer, # automatically. # This first command is run as early as possible, just after # preseeding is read. #d-i preseed/early_command string anna-install some-udeb # This command is run just before the install finishes, but when there is # still a usable /target directory. #d-i preseed/late_command string echo foo > /target/etc/bar # This command is run just as base-config is starting up. #base-config base-config/early_command string echo hi mom # This command is run after base-config is done, just before the login: # prompt. This is a good way to install a set of packages you want, or to # tweak the configuration of the system. #base-config base-config/late_command \ # string apt-get install zsh; chsh -s /bin/zsh It is possible to include other preseed files from a preseed file. Any settings in those files will override pre-existing settings from files loaded earlier. This makes it possible to put, for example, general networking settings for your location in one file and more specific settings for certain configurations in other files. # More that one file can be listed, separated by spaces; all will be # loaded. The included files can have preseed/include directives of their # own as well. Note that if the filenames are relative, they are taken from # the same directory as the preseed file that includes them. #d-i preseed/include string x.cfg # The installer can optionally verify checksums of preseed files before # using them. Currently only md5sums are supported, list the md5sums # in the same order as the list of files to include. #d-i preseed/include/checksum string 5da499872becccfeda2c4872f9171c3d # More flexibly, this runs a shell command and if it outputs the names of # preseed files, includes those files. #d-i preseed/include_command \ # string echo if [ "`hostname`" = bob ]; then echo bob.cfg; fi