Command Line Tutorial

From radmind

Revision as of 14:20, 27 November 2006 by Mcneal (Talk | contribs)
Jump to: navigation, search

This document describes how to install, configure and use the radmind client and server tools to maintain a small lab of machines running Mac OS X. The methodology described can also be applied to using radmind on other platforms.

Contents

Client – Creating a Base Load

Prior to installing and using the radmind tools, you need to create a model machine that will be used to create the base load. A base load contains the operating system and other common files that every client will have. This might include the fully updated operating system, applications and any configurations to the system you want standardized. Once this machine is ready, you can install the radmind tools. It is a good idea to remove all removable media and unmount all network drives before performing the following steps.

  1. Download and install the radmind tools from http://rsug.itd.umich.edu/software/radmind/
    The installer adds:
    • The radmind tools into /usr/local/bin/
      • fsdiff - compares file system to transcripts
      • lcreate - uploads a creatable transcript and its corresponding files to a radmind server
      • ktcheck - verifies and downloads a client’s command file and transcripts
      • lapply - modifies a client’s file system to match an appliable transcript
    • The radmind man pages into /usr/local/share/man
    • /var/radmind/client/command.K - an example command file used in this tutorial. (The command file is a list of transcripts that collectively describe a client’s load set.)
    • /var/radmind/client/negative.T - a default negative transcript. (A transcript contains a list of file system objects e.g. directories, files, etc.)
  2. Since the radmind tools are run from the command line, you will need to run them with the Terminal application.
  3. The radmind tools need access to the entire file system, so they must be run as root. In the Terminal application, type: 
     [client:~] user% sudo -s

     Enter your password when prompted.  You must be an administrator of the machine to run this command. The –s option causes sudo to start a root shell, so at this point you have access to every file on your computer.

    

  4.  Using fsdiff with the –C option, you are going to make a createable transcript for the file system.  A creatable transcript is one that can be used to create a load, in our case, the base load. 

     
     [client:~] root# fsdiff -C -c sha1 –o /var/radmind/client/base.T /

     fsdiff reads the command file, /var/radmind/client/command.K by default, to get a list of transcripts and their individual type, either positive or negative.  If a transcript is indicated as positive in the command file, fsdiff checks all attributes of each file system object (i.e. file, directory, link, etc) listed in that transcript.  If a transcript is indicated as negative, fsdiff checks only some of the attributes depending on the type of file system object listed.  For example, if a directory is listed in a negative transcript, fsdiff will check its UID, GID and permissions, but will not read the directory itself. 

     The radmind package installs an example command file with only one entry for the negative transcript negative.T, which is also installed by the package. 

     fsdiff then reads the entire file system starting at / (the “root” of the file system) and compares the local file system against the transcripts listed in the command file.  fsdiff will write any difference between the transcripts and the local file system to the file, base.T. 

     The –c sha1 option tells fsdiff to calculate the sha1 checksum for all files.  A file’s checksums in conjunction with its size can be used to verify that the file has not been modified.  Without checksums, fsdiff will only use a file’s modification time and size to determine if a file’s contents has changed. 

    

  5.  Open base.T with your favorite UNIX editor ( pico is used in this tutorial ): 

     
     [client:~] root# pico /var/radmind/client/base.T

     Taking a look at base.T, you will notice that it is rather large.  That is because it contains an entry for just about every file system object on your machine.  The only file system objects not listed are located in directories listed in negative.T.   When fsdiff encounters a directory listed in a negative transcript, it will check the directory’s attributes, but will not enter the directory itself.  The contents of such directories are not managed by radmind. 

    

  6.  Looking further at base.T you might notice that some files have been included in the transcript that one would not want to have in a base load.  For instance, all of the files in /private/tmp are listed.  Since these files are temporary, there is no need to include them in the base load. 

    To eliminate these files from base.T, you can add /private/tmp to the negative transcript and repeat the previous step.  Adding /private/tmp/ to the negative transcript will cause fsdiff to check the directory’s mode, uid and gid but the directory itself will not be read. 

     Use fsdiff with the –1 option to get the transcript line for /private/tmp. 

     
    [client:~] root# fsdiff -1 -c sha1 /private/tmp
    

     
    d /private/tmp                          1777     0     0
    

     Copy the transcript line to the clipboard.

    

  7.  Paste the transcript line into /var/radmind/client/negative.T. 

     
     [client:~] root# pico /var/radmind/client/negative.T

     Transcripts are sorted in depth first order, which means subdirectories have precedence over files in the same directory.  This means that "/" has special precedence.  For example, /etc/passwd would be listed before before /etc.old even though "." comes before "/" alphabetically. 

     With this in mind, insert the transcript line for /private/tmp into negative.T.  When sorting transcripts, you should use the second argument of the transcript line for sorting.  The first argument indicates the type of file system object and does not affect sort order. 

     If you get the sorting wrong, fsdiff will give you an error with the offending line number. 

    

  8.  Remake the creatable transcript for the system 

     
     [client:~] root# fsdiff -C -c sha1 –o /var/radmind/client/base.T /

    Taking a look at this new base.T, you will notice that there are no listings for file system objects in /private/tmp. 

    Every time you modify your negative transcript, you should recreate your base load.  This way, any modifications to the negative transcript will be reflected in your base load.

    



 Server – Installation and Configuration


The Radmind client can connect to a Radmind server running on any supported platform.  These directions describe how to install the server on a Macintosh running Mac OS X.  Mac OS X server is not required to run Radmind.



  1.  Download and install the radmind tools from http://rsug.itd.umich.edu/software/radmind.

     To install the server tools you will need to perform a customized install.  During the install process, click the "Customize" button, select the three server packages and press install. In addition to those items mentioned in the previous section, the installer adds: 

    

    •  lcksum - verifies a transcript's checksums and file sizes 

    •  /Library/StartupItems/RadmindServer - radmind server startup script 

    •  /usr/local/sbin/radmind - the radmind server 

    

  2.  Since the radmind tools are run from the command line, you will need to run with the Terminal application. 

  3.  The radmind server is installed as root, so to configure and start the server you must have root access.  In the Terminal application, type: 

     
     [server:~] user% sudo -s

    Enter your password when prompted.  At this point you have access to every file on your computer, so be careful what you do. 

    

  4.  The Radmind server uses /var/radmind/config to determine which clients can connect to the server.  Each line contains a client’s DNS name or IP address and the client’s command file separated by any amount of white space.  Lines that are blank or begin with '#' are ignored. '*' is a  wildcard and will match any string.

     A number range can be given by "<MIN-MAX>" where MIN is the lower bound and MAX is the upper bound. '\' can be used to escape any character.

    The following example defines four known clients, each using one of three different command files.  Also, any client that ends with ".lab.umich.edu" will get lab.K  as its config file and clients in the IP range 212.12.243.1 through 212.12.243.50 will get solaris8.K as their config file.

     #Client command file

     amber.umich.edu apple.K 

     josh.umich.ede apple.K

     ben.umich.edu apple-test.K 

     oreo.umich.edu solaris8.K 

     *.lab.umich.edu lab.K 

     212.12.243.<1-50> solaris8.K</pre>

    

     Create the config file and add a line for your client.  For now, use apple.K as its command file.

     
    [server:~] root# pico /var/radmind/config
    

    

  5.  Create an empty command file.

     
     [server:~] root# touch /var/radmind/command/apple.K

    

  6.  Start the radmind server: 

     
     [server:~] root# /usr/local/sbin/radmind

    



 On future reboots, the RadmindServer startup script will start the server if /var/radmind/config exists.





 Client – Storing the Base Load to the Radmind Server


 Server - Verifying the Loads and Create the Command File


 Client – Testing the Load Set


 Loading Other Clients


 Adding New Software - Creating an Overload


 Verifying the Overload and Adding It To A Command File


 Test the Graphics Load Set


 Merging Overloads





Retrieved from "http://webservices.itcs.umich.edu/mediawiki/radmind/index.php/Command_Line_Tutorial"

						
			

		

	

		

		

	
	

		
Personal tools