Turns out that UNIX/Linux has a command named ’script’ which takes care of this for you.  I did a quick check and found that it’s part of the install on FreeBSD, Mac OS X and Ubuntu Linux.  It’s probably on nearly any *nix, but those are just the ones that I checked.  Running it is real hard.

The output is all logged into the file foo.txt. So that’s neat and all, but what if I sudo to root?

Now, I to see what was recorded, I cat foo.txt.

Perfect! It recorded everything I did. Or is it perfect? In my case, not exactly. You may notice that I have a fancy command prompt. It’s got pretty colors and everything. It seems that complicates things a bit. When I open the file with vi, the problem becomes more apparent.

Notice that after I sudo to root, the command prompt is simplified and the text file suddenly becomes more legible. All the stuff that I have going on in my bashrc file makes reading the text file a bit more complicated. Obviously simplifying my command prompt will make this go away.

Any how, its a pretty cool way to document what you are doing and what happened when while you were doing it. Definitely something I will be using a lot more when I’m writing documentation

Technorati Tags: documentation, FreeBSD, script, unix

This document contains basic instructions on building a system using FreeBSD 7.0. This covers security standards, configuration options, networking configuration, etc. The information used in this example probably doesn’t match your environment or hardware exactly. Verify your network, hardware and other internal system build standards before using the information contained here. Use this document at your own risk.

This document assumes technical knowledge of FreeBSD, especially in regards to kernel configuration (which is highly dependant on server hardware, application usage, and expected functionality.)

Before You Begin

Make sure that you have the following items completed and available for the installation:

1. FreeBSD 7.0-RELEASE disc
2. Hardware has been updated with the correct configuration for its type (see hardware preparation documentation specific for the platform and model.)
3. Obtained server name and IP addresses

Operating System Installation

1. Boot from FreeBSD 7.0-RELEASE installation media. Accept the Boot Loader default when it is loaded.
2. Country Selection – United States
3. Choose “Custom” under the Main Installation Screen
   1. Select “Partition”
      1. Select free space and choose “A” to use the entire disk. You will need to allocate disk differently if you have particular storage requirements, such as direct attached storage.
      2. Set the partition as bootable with “S”
      3. Select “Q” to finish
4. When prompted on the Boot Manager Screen, select “Standard”
5. Select “Label” to begin assigning and labeling disk slices
   1. The following is an example. I tend to make /var, /home and /opt separate slices so that if something fills that volume up, it doesn’t cause problems with the rest of the system. Customize this as you need to.
   2. As an example, use the following partition scheme:
      • swap – 512 MB
      • / – 1024 MB
      • /usr – 8192 MB (This can be more if needed, but I use 8192MB as a minimum)
      • /var – 1024 MB (Running a large MySQL database will require an increase here)
      • /tmp – 512 MB
      • /home – 4096 MB
      • /opt – What ever is left. I generally push large databases, applications or other data here so it doesn’t interfere with normal system operations.
   3. Hit “Q” to finish
6. Choose “Distributions” under the Main Installation Screen
   1. Select only the following distributions:
      • Minimal
      • Custom
      • base
      • kernels
      • dict
      • doc
      • info
      • man
      • catman
      • proflibs
      • src – ALL
      • ports
      • local
   2. Back out to the Main Installation Screen
7. Select “Media”
   1. Choose “CD-ROM”
8. Select “Commit” to finalize these settings
   1. Verify the settings by choosing “Yes”
   2. The operating system will now be installed from CD-ROM
9. After installation, when prompted to set last options, choose “Yes”
   1. Set root password
   2. Set the time zone. I use the Pacific time zone in the US as an example here.
      1. Select “No” when asked to set the clock to UTC
      2. Select America – North and South
      3. United States
      4. Pacific Time – Confirm abbreviation of the time zone
10. Configure “Networking”
    1. Enable sshd
    2. Select “Interfaces”
       1. Select interface you wish to configure
       2. Do not enable Ipv6 (unless you need it)
       3. Do not enable DHCP (unless you need it)
       4. Enter hostname
       5. Enter domain name
       6. Enter Gateway – Appropriate gateway for the network you are on
       7. Enter DNS server(s)
       8. Enter IP address and subnet mask
       9. Select Yes to bring up the interface
       10. Exit back up out of Interfaces
    3. Configure “Startup”
       1. Unselect “quotas”
11. Select “Exit” twice, followed by “Exit Install”, then “Yes”
12. The server will be automatically rebooted, finishing the installation

Operating System Configuration

1. Log into the server as root
2. vi /etc/rc.conf and ensure the following options are set:
   • check_quotas=”NO”
   • defaultrouter=”x.x.x.x”
   • hostname=”hostname”
   • ifconfig_=”x.x.x.x netmask x.x.x.x”
   • xntpd_enable=”YES”
   • xntpd_program=”ntpd”
   • xntpd_flags=”-c /etc/ntpd.conf -p /var/run/ntpd.pid”

Note: Instances of “x.x.x.x” should be replaced with the proper IP address or network mask

3. vi /etc/resolv.conf and ensure the following lines are set:
   • domain domain.com
   • nameserver x.x.x.x
   • nameserver x.x.x.x
   • search search.com domains.com
4. Configure NTP
   1. ntpdate local.time.server
   2. vi /etc/ntpd.conf, erase all contents (if any) and insert the following:
      • server server 0.north-america.pool.ntp.org
      • server server 1.north-america.pool.ntp.org
      • server server 2.north-america.pool.ntp.org
      • driftfile /etc/ntpd/drift
      • multicastclient
      • broadcastdelay 0.008
      • restrict X.X.X.X mask X.X.X.X nomodify notrap
5. Configure the message of the day (MOTD) to something appropriate
6. run “chpass”
   1. Change “Charlie &” to read “HOSTNAME &”
7. Disable unneeded terminals
   1. vi /etc/ttys
   2. Comment out (or delete) everything in the Virtual Terminal section except the following ttyvs:
      • ttyv0
      • ttyv1
      • ttyv2
   3. Save and quit vi
   4. killall -HUP init
8. Install basic packages
   1. pkg_add -r bash
   2. Install cvsup-without-gui
   3. pkg_add -r sudo
   4. pkg_add -r portupgrade
9. Configure cvsUp
   1. vi /etc/cvsupfile and enter the following:
      • *default tag=RELENGE_6_3
      • *default host=cvsup12.freebsd.org
      • *default prefix=/usr
      • *default base=/var/db
      • *default release=cvs delete use-rel-suffix compress
      • src-all
      • ports-all
      • docs-all
   2. Save and quit
10. Run CVSup
    1. /usr/local/bin/cvsup /etc/cvsupfile
    2. This will take a fair amount of time; leave the install and go do something else for awhile
11. Update your world
    1. cd /usr/src
    2. Check to see if the obj subdirectory exists; remove it (and all of its contents) if it does
    3. make buildworld
    4. This will take even longer than the cvsup; find something better to do then watch the pretty text scrolling by
    5. cp /usr/src/sys/i386/conf/SMP /usr/src/sys/i386/conf/MYCUSTOMKERNEL
    6. If you want to be able to connect to shares on Windows systems, edit MYCUSTOMKERNEL and add the following options:
       • options SMBFS
       • options LIBMCHAIN
       • options LIBICONV
       • options NETSMB
       • options NETSMBCRYPTO
    7. cd /usr/src – (just to make sure we are still in the right place)
    8. make buildkernel KERNCONF= MYCUSTOMKERNEL
    9. This will also take a while, but not nearly as long as buildworld. Once it finishes compiling, we next type
    10. make installkernel KERNCONF= MYCUSTOMKERNEL
    11. make installworld
    12. Once this completes it is time to reboot into our newly updated OS.
    13. init 6
    14. Once the box comes back online, log in as root again and merge our config files
    15. mergemaster
    16. This will install new files and walk you through the process of merging changes into existing files. My general rule of thumb is to install all files that I have not modified
12. run portsnap and upgrade packages as needed with portupgrade.
13. Configure portupgrade and verify that all ports are up to date:
    1. portsdb -Uu
    2. portversion
14. Configure users
    1. adduser – follow the prompts
    2. visudo
       • Add the user create a user alias and add your new user to the alias.
       • copy the line for root privileges, paste below and change to your user alias
15. Configure aliases
    1. vi /etc/aliases and change
       • root: sysadmin@somedomain.com
    2. Write and quit
    3. newaliases
16. init 6 ; manually cycle server power
17. Make sure everything starts up properly on boot
18. Done

This document contains basic instructions on building a system using FreeBSD 6.3. This covers security standards, configuration options, networking configuration, etc. The information used in this example probably doesn’t match your environment or hardware exactly. Verify your network, hardware and other internal system build standards before using the information contained here. Use this document at your own risk.

This document assumes technical knowledge of FreeBSD, especially in regards to kernel configuration (which is highly dependant on server hardware, application usage, and expected functionality.)

Before You Begin

Make sure that you have the following items completed and available for the installation:

1. FreeBSD 6.3-RELEASE disc
2. Hardware has been updated with the correct configuration for its type (see hardware preparation documentation specific for the platform and model.)
3. Obtained server name and IP addresses

Operating System Installation

1. Boot from FreeBSD 6.3-RELEASE installation media. Ignore Boot Loader when it is loaded.
2. Country Selection – United States
3. Choose “Custom” under the Main Installation Screen
   1. Select “Partition”
      1. Select free space and choose “A” to use the entire disk
      2. Set the partition as bootable with “S”
      3. Select “Q” to finish
4. When prompted on the Boot Manager Screen, select “Standard”
5. Select “Label” to begin assigning and labeling disk slices
   1. Use the following partition scheme:
      • swap – 512 MB
      • / – 1024 MB
      • /usr – 8192 MB (This can be more if needed, but I use 8192MB as a minimum)
      • /var – 1024 MB (Running a large MySQL database will require an increase here)
      • /tmp – 512 MB
      • /home – 4096 MB
      • /opt – What ever is left.
   2. Hit “Q” to finish
6. Choose “Distributions” under the Main Installation Screen
   1. Select only the following distributions:
      • Minimal
      • Custom
      • base
      • kernels
      • dict
      • doc
      • man
      • catman
      • proflibs
      • src – ALL
      • ports
      • local
   2. Back out to the Main Installation Screen
7. Select “Media”
   1. Choose “CD-ROM”
8. Select “Commit” to finalize these settings
   1. Verify the settings by choosing “Yes”
   2. The operating system will now be installed from CD-ROM
9. After installation, when prompted to set last options, choose “Yes”
   1. Set root password
   2. Set the time zone. I use the Pacific time zone in the US as an example here.
      1. Select “No” when asked to set the clock to UTC
      2. Select America – North and South
      3. United States
      4. Pacific Time – Confirm abbreviation of the time zone
10. Configure “Networking”
    1. Enable ssh, leave the rest at defaults
    2. Select “Interfaces”
       1. Select interface you wish to configure
       2. Do not enable Ipv6 (unless you need it)
       3. Do not enable DHCP (unless you need it)
       4. Enter hostname
       5. Enter domain name
       6. Enter Gateway – Appropriate gateway for the network you are on
       7. Enter DNS server(s)
       8. Enter IP address and subnet mask
       9. Select Yes to bring up the interface
       10. Exit back up out of Interfaces
    3. Configure “Startup”
       1. Unselect “quotas”
11. Select “Exit” twice, followed by “Exit Install”, then “Yes”
12. The server will be automatically rebooted, finishing the installation

Operating System Configuration

1. On startup the server will prompt you to type in random junk to provide a seed value for the SSH keys. Just pound on the keyboard until you get bored.
2. Log into the server as root
3. vi /etc/rc.conf and ensure the following options are set:
   • check_quotas=”NO”
   • defaultrouter=”x.x.x.x”
   • hostname=”hostname”
   • ifconfig_=”x.x.x.x netmask x.x.x.x”
   • xntpd_enable=”YES”
   • xntpd_program=”ntpd”
   • xntpd_flags=”-c /etc/ntpd.conf -p /var/run/ntpd.pid”

Note: Instances of “x.x.x.x” should be replaced with the proper IP address or network mask

4. vi /etc/resolv.conf and ensure the following lines are set:
   • domain domain.com
   • nameserver x.x.x.x
   • nameserver x.x.x.x
   • search search.com domains.com
5. Configure the message of the day (MOTD) to something appropriate
6. run “chpass”
   1. Change “Charlie &” to read “HOSTNAME &”
7. Disable unneeded terminals
   1. vi /etc/ttys
   2. Comment out (or delete) everything in the Virtual Terminal section except the following ttyvs:
      • ttyv0
      • ttyv1
      • ttyv2
   3. Save and quit vi
   4. killall -HUP init
8. Install bash
   1. pkg_add -r bash
9. Install cvsup-without-gui
   1. pkg_add -r cvsup-without-guiv
   2. vi /etc/cvsupfile and enter the following:
      • *default tag=RELENG_6_3
      • *default host=cvsup12.freebsd.org
      • *default prefix=/usr
      • *default base=/var/db
      • *default release=cvs delete use-rel-suffix compress
      • src-all
      • ports-all
      • docs-all
   3. Save and quit
   4. Run CVSup
      1. /usr/local/bin/cvsup /etc/cvsupfile
      2. This will take a fair amount of time; leave the install and go do something else for awhile
10. Update your world
    1. cd /usr/src
    2. Check to see if the obj subdirectory exists; remove it (and all of its contents) if it does
    3. make buildworld
    4. This will take even longer than the cvsup; find something better to do then watch the pretty text scrolling by
    5. cp /usr/src/sys/i386/conf/SMP /usr/src/sys/i386/conf/MYCUSTOMKERNEL
    6. If you want to be able to connect to shares on Windows systems, edit MYCUSTOMKERNEL and add the following options:
       • # Compile in SMBFS support
       • options SMBFS
       • options LIBMCHAIN
       • options LIBICONV
       • options NETSMB
       • options NETSMBCRYPTO
    7. cd /usr/src – (just to make sure we are still in the right place)
    8. make buildkernel KERNCONF= MYCUSTOMKERNEL
    9. This will also take a while, but not nearly as long as buildworld. Once it finishes compiling, we next type
    10. make installkernel KERNCONF= MYCUSTOMKERNEL
    11. make installworld
    12. Once this completes it is time to reboot into our newly updated OS.
    13. init 6
    14. Once the box comes back online, log in as root again and merge our config files
    15. mergemaster
    16. This will install new files and walk you through the process of merging changes into existing files. My general rule of thumb is to install all files that I have not modified
11. Install basic packages
    1. pkg_add -r sudo
    2. pkg_add -r portupgrade
    3. pkg_add -r portsnap
12. run portsnap and upgrade packages as needed with portupgrade.
13. visudo and verify that privileges are set correctly.
14. Configure portupgrade and verify that all ports are up to date:
    1. portsdb -Uu
    2. portversion
15. Configure NTP
    1. ntpdate local.time.server
    2. vi /etc/ntpd.conf, erase all contents (if any) and insert the following:
       • server local.time.server
       • driftfile /etc/ntp/drift
       • multicastclient
       • broadcastdelay 0.008
       • restrict X.X.X.X mask X.X.X.X nomodify notrap
16. Configure aliases
    1. vi /etc/aliases and change
       • root: sysadmin@somedomain.com
    2. Write and quit
    3. newaliases
17. init 6 ; manually cycle server power
18. Make sure everything starts up properly on boot
19. Done