Skip to main content
Skip table of contents

Rolling out Initial Settings with IGEL OSC

If you would like to roll out initial settings with your IGEL OS Creator (OSC) installation, you can do it through:

  • modifying the OSC ISO file
    Use this method to store initial settings and licenses on the ISO.

  • modifying the Master Image
    Use this method if you already have a master image at hand and you want to add initial settings, licenses, ca-certs to it, so that they get rolled out after the first boot.

Modification of an OSC ISO for Rolling out Settings

Overview 

Overview of the process for initial settings and license rollout:

  1. Extract your ISO.

  2. Create initial-settings directory in the extracted ISO.

  3. Copy or create a setup.ini with the settings you want to the initial-settings directory. 

Do not add passwords.

  1. Copy or create a ca-certs directory with certificates to the initial-settings directory you want to add to the installed system.

  2. Copy or create a wfs-template directory in the initial-settings directory with files and directories you want to add to the /wfs directory of the installed system.

  3. If you have license files, simply copy them to the initial-settings. All *.lic files in the / directory of the first partition will get copied to the /license/dsa/licenses directory.

 

The filesize of the licenses is limited to 1MiB.

  1. Repack the ISO again.

  • You can gzip, bzip2 or xz the setup.ini file; it will get extracted if no setup.ini is present (if setup.ini is also present the packed file will be ignored).

  • You can gzip the license file also.

  • The setup.ini and the *.lic files which are not packed will go through dos2unix to ensure a UNIX file format.

Detailed Description with Examples

You will need xorriso to do the below which is not part of the IGEL OS so you will need to use a other Linux system to do this.

  1. Extract ISO content.

    This can be done with xorriso -osirrox on -indev <iso file> -extract <target dir> <target name>. In the example we use: /isofiles/osc11.05.100.iso for <iso file> , and . as <target dir> , and osc-data as <target name> which leads to following command line:

    CODE 
    xorriso -osirrox on -indev /isofiles/osc11.05.100.iso -extract . osc-data
xorriso 1.4.8 : RockRidge filesystem manipulator, libburnia project.

Copying of file objects from ISO image to disk filesystem is: Enabled
xorriso : NOTE : Loading ISO image tree from LBA 0
xorriso : UPDATE : 414 nodes read in 1 seconds
xorriso : NOTE : Detected El-Torito boot information which currently is set to be discarded
Drive current: -indev '/isofiles/osc11.05.100.iso'
Media current: stdio file, overwriteable
Media status : is written , is appendable
Boot record  : El Torito , MBR isohybrid cyl-align-off GPT
Media summary: 1 session, 1458176 data blocks, 2848m data, 45.4g free
Volume id    : 'IGEL_OSC_TO'
xorriso : UPDATE : 356 files restored ( 777.9m) in 1 seconds , 588.9xD
xorriso : UPDATE : 377 files restored (1641.6m) in 2 seconds , 653.9xD
xorriso : UPDATE : 391 files restored (2578.4m) in 3 seconds , 709.2xD
xorriso : UPDATE : 414 files restored (2846.4m) in 3 seconds = 653.2xD
Extracted from ISO image: file ''='/tmp/osc-data'

    The complete ISO will get extracted to the osc-data directory.

  2. Create initial-settings directory in the extracted ISO data.

    Above we extracted the data to /tmp/osc-data , so we need to create the directory in this directory:

    CODE 
    mkdir /tmp/osc-data/initial-settings

  3. Copy your files and directories to the initial-settings directory.

    In our example we use /tmp/osc-data/initial-settings as target directory. If, for example, you have the following you want to add to the ISO:

    • a setup.ini,

    • a ca-certs file SSL+VPN+CA.crt,

    • license files 782DAFC836185589DD6212375DC33C22.lic D5F47E9338C3A46A0D0F785B9F6A6926.lic

    • a Wallpaper wallpaper.jpg,

      you can do the following:

      CODE 
      mkdir -p /tmp/osc-data/initial-settings/ca-certs
mkdir -p /tmp/osc-data/initial-settings/wfs-templates
cp setup.ini /tmp/osc-data/initial-settings/
cp 782DAFC836185589DD6212375DC33C22.lic D5F47E9338C3A46A0D0F785B9F6A6926.lic /tmp/osc-data/initial-settings/
cp SSL+VPN+CA.crt /tmp/osc-data/initial-settings/ca-certs/
cp wallpaper.jpg /tmp/osc-data/initial-settings/wfs-templates

      The licenses files will get copied to the license partition. The setup.ini and wallpaper.jpg will be copied to /wfs/ and the contents of the ca-certs directory will be copied to /wfs/ca-certs.

  4. Repack the ISO again.

    1. First, check if the original ISO was a legacy version or not.

      For this, execute xorriso -indev <iso file> -find / -name boot 2>&1 and search for the line with Boot record. If there is a GPT in this line, the ISO is not a legacy ISO.

      Example:

      CODE 
      xorriso -indev /isofiles/osc11.05.100.iso -find / -name boot 2>&1 | grep -E "^Boot record.*GPT"
Boot record  : El Torito , MBR isohybrid cyl-align-off GPT

    2. Repack the non-legacy ISO with xorriso and with these additional parameters:

      xorriso -as mkisofs -rock -omit-version-number -disable-deep-relocation -volid IGEL_OSC_TO -b boot/isolinux/isolinux.bin -c boot/isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -eltorito-alt-boot -e igel_efi.img -no-emul-boot -isohybrid-mbr "<extracted iso dir>/boot/isolinux/isohdpfx.bin" -isohybrid-gpt-basdat -o "<target iso file>" "<extracted iso dir>".

      Example:

      CODE 
      xorriso -as mkisofs -rock -omit-version-number -disable-deep-relocation -volid IGEL_OSC_TO -b boot/isolinux/isolinux.bin -c boot/isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -eltorito-alt-boot -e igel_efi.img -no-emul-boot -isohybrid-mbr "/tmp/osc-data/boot/isolinux/isohdpfx.bin" -isohybrid-gpt-basdat -o "osc11.05.100.iso" "/tmp/osc-data"
xorriso 1.4.8 : RockRidge filesystem manipulator, libburnia project.

Drive current: -outdev 'stdio:osc11.05.100.iso'
Media current: stdio file, overwriteable
Media status : is blank
Media summary: 0 sessions, 0 data blocks, 0 data, 43.7g free
Added to ISO image: directory '/'='/tmp/osc-data'
xorriso : UPDATE : 414 files added in 1 seconds
xorriso : UPDATE : 414 files added in 1 seconds
xorriso : NOTE : Copying to System Area: 432 bytes from file '/tmp/osc-data/boot/isolinux/isohdpfx.bin'
xorriso : WARNING : Boot image load size exceeds 65535 blocks of 512 bytes. Will record 0 in El Torito to extend ESP to end-of-medium.
libisofs: NOTE : Automatically adjusted MBR geometry to 1024/178/32
libisofs: NOTE : Aligned image size to cylinder size by 432 blocks
xorriso : UPDATE :  2.19% done
xorriso : UPDATE :  29.31% done
xorriso : UPDATE :  60.27% done, estimate finish Wed Feb 24 12:50:05 2021
xorriso : UPDATE :  91.42% done
ISO image produced: 1458176 sectors
Written to medium : 1458176 sectors at LBA 0
Writing to 'stdio:osc11.05.100.iso' completed successfully.

    3. Repack the legacy ISO with xorriso and with these additional parameters:

      xorriso -as mkisofs -rock -omit-version-number -disable-deep-relocation -volid IGEL_OSC_TO -b boot/isolinux/isolinux.bin -c boot/isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -no-emul-boot -isohybrid-mbr "<extracted iso dir>/boot/isolinux/isohdpfx.bin" -isohybrid-gpt-basdat -o "<target iso file>" "<extracted iso dir>".

      Example:

      CODE 
      xorriso -as mkisofs -rock -omit-version-number -disable-deep-relocation -volid IGEL_OSC_TO -b boot/isolinux/isolinux.bin -c boot/isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table -no-emul-boot -isohybrid-mbr "/tmp/osc-data/boot/isolinux/isohdpfx.bin" -isohybrid-gpt-basdat -o "osc11.05.100.iso" "/tmp/osc-data"
xorriso 1.4.8 : RockRidge filesystem manipulator, libburnia project.

Drive current: -outdev 'stdio:osc11.05.100.iso'
Media current: stdio file, overwriteable
Media status : is blank
Media summary: 0 sessions, 0 data blocks, 0 data, 43.7g free
Added to ISO image: directory '/'='/tmp/osc-data'
xorriso : UPDATE : 414 files added in 1 seconds
xorriso : UPDATE : 414 files added in 1 seconds
xorriso : NOTE : Copying to System Area: 432 bytes from file '/tmp/osc-data/boot/isolinux/isohdpfx.bin'
libisofs: NOTE : Automatically adjusted MBR geometry to 1024/178/32
libisofs: NOTE : Aligned image size to cylinder size by 432 blocks
xorriso : UPDATE :  2.19% done
xorriso : UPDATE :  29.31% done
xorriso : UPDATE :  60.27% done, estimate finish Wed Feb 24 12:50:05 2021
xorriso : UPDATE :  91.42% done
ISO image produced: 1458176 sectors
Written to medium : 1458176 sectors at LBA 0
Writing to 'stdio:osc11.05.100.iso' completed successfully.

Modification of a Master Image for Rolling out Settings after First Boot

Overview

  1. Check if the first partition is a VFAT marked partition and make sure that there are 4 partitions present.

Only the Master Images with 4 partitions support the rollout of initial settings.

  1. Format the first partition with VFAT.

  2. Mount the first partition.

  3. Copy or create a setup.ini with the settings you want to the mounted partition.

Do not add passwords.

  1. Copy or create a ca-certs directory with certificates to the mounted partition you want to add to the master image.

  2. Copy or create a wfs-template directory on the mounted partition with files and directories you want to add to the /wfs directory of the installed system.

Only possible with OS version 11.05.100 and newer.

  1. If you have license files, copy them to the first partition. All *.lic files in the / directory of the first partition will get copied to the /license/dsa/licenses directory. 

The filesize of the licenses is limited to 1MiB.

  1. Umount the first partition.

  • You can gzip, bzip2 or xz the setup.ini file; it will get extracted if no setup.ini is present (if setup.ini is also present the packed file will be ignored).

  • You can gzip the license file also

  • The setup.ini and the *.lic files which are not packed will go through dos2unix to ensure a UNIX file format

Detailed Description with Examples

The easiest way is to write the master image to a device and do the changes on the device directly. Keep in mind if you boot once from the device this will not be a master image anymore.

Be very careful with choosing the correct <device> in the example steps below as this can harm your running system.

  1. Check if the device contains 4 partitions and the first is usable for initial settings rollout.

    For example, use fdisk -l <device> to check the partitions from an IGEL system. If <device> is replaced with /dev/sda then the output should look like the below, which means, there are 4 partitions present and the first one is a FAT32 so this Master Image is capable of rolling out initial settings.

    CODE 
    fdisk -l /dev/sda
Disk /dev/sda: 4 GiB, 4294967296 bytes, 8388608 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0x144ad2c2

Device     Boot  Start     End Sectors Size Id Type
/dev/sda1         2048   22527   20480  10M  b W95 FAT32
/dev/sda2  *     22528   83967   61440  30M ef EFI (FAT-12/16/32)
/dev/sda3        83968  145407   61440  30M ef EFI (FAT-12/16/32)
/dev/sda4       145408 8382463 8237056   4G 83 Linux

  2. Try to mount the first partition.

    For example, with mount <device>1 <target dir> from an IGEL system. If <device> is replaced with /dev/sda and <target dir> with /mnt (you must create the empty directory with mkdir -p /mnt first) then there should be no error message.

    If there is an error message like below, then the first partition is not formatted or it is not the correct one.

    CODE 
    mount /dev/sda1 /mnt
mount: /mnt: wrong fs type, bad option, bad superblock on /dev/sda1, missing codepage or helper program, or other error.

    In case of an error message:

    1. Check the fdisk output again.

    2. If the mount failed but fdisk output shows 4 partitions and the first is marked as FAT32, format the first partition as VFAT with mkfs.vfat <device>1 from an IGEL system. If <device> is replaced with /dev/sda this should look like:

      CODE 
      mkfs.vfat /dev/sda1
mkfs.fat 4.1 (2017-01-24)

    3. If there are no error messages the partition should now be mountable, so call mount <device>1 <target dir> again. If <device> is replaced with /dev/sda and <target dir> with /mnt you should get no error or warning message at all:

      CODE 
      mount /dev/sda1 /mnt

  3. Copy your files and directories to the <target> directory.

    In this case <target> will be replaced with /mnt.
    If, for example, you have the following you want to add to the master image:

    • a setup.ini,

    • a ca-certs file SSL+VPN+CA.crt,

    • license files 782DAFC836185589DD6212375DC33C22.lic D5F47E9338C3A46A0D0F785B9F6A6926.lic,

    • and a wallpaper wallpaper.jpg,

      you can do the following:

      CODE 
      mkdir -p /mnt/ca-certs
mkdir -p /mnt/wfs-templates
cp setup.ini /mnt/
cp 782DAFC836185589DD6212375DC33C22.lic D5F47E9338C3A46A0D0F785B9F6A6926.lic /mnt/
cp SSL+VPN+CA.crt /mnt/ca-certs/
cp wallpaper.jpg /mnt/wfs-templates

      As a result, the licenses files will get copied to the license partition. The setup.ini and wallpaper.jpg will be copied to /wfs/ and the contents of the ca-certs directory will be copied to /wfs/ca-certs.

  4. Umount everything again with umount <target dir>.

    Example:

    CODE 
    umount /mnt


    There should be no error message after executing the command.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close