Skip to content

Instantly share code, notes, and snippets.

@liweitianux
Last active February 26, 2023 05:19
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
  • Save liweitianux/16161c9a3ca06d430c3d7e226033972e to your computer and use it in GitHub Desktop.
Save liweitianux/16161c9a3ca06d430c3d7e226033972e to your computer and use it in GitHub Desktop.
DragonFly BSD Manual Installation with HAMMER2 and Encrypted Root

DragonFly BSD Installation

2018-01-30

Disk Partition

MBR Slice

root# dd if=/dev/zero of=/dev/vbd0 bs=32k count=16
root# fdisk -IB /dev/vbd0

Disk Label

root# disklabel64 -r -w /dev/vbd0s1
root# disklabel64 /dev/vbd0s1 > label.txt
root# cat >> label.txt <<_EOF_
a: 768m 0 4.2BSD
b: 512m * swap
d: * * HAMMER2
_EOF_
root# disklabel64 -R /dev/vbd0s1 label.txt
root# disklabel64 -B /dev/vbd0s1

Encryption Root

root# cryptsetup -y luksFormat /dev/vbd0s1d
root# cryptsetup luksOpen /dev/vbd0s1d root

Format Partitions

root# newfs -i 65536 /dev/vbd0s1a
root# newfs_hammer2 /dev/mapper/root

Install System

Mount Partitions

root# mount_hammer2 /dev/mapper/root /mnt
root# mkdir /mnt/boot
root# mount /dev/vbd0s1a /mnt/boot

root# cd /mnt
root# mkdir -p   build/usr.obj usr/obj
root# mount_null build/usr.obj usr/obj
root# mkdir -p   build/var.crash var/crash
root# mount_null build/var.crash var/crash
root# mkdir -p   build/var.cache var/cache
root# mount_null build/var.cache var/cache
root# mkdir -p   build/var.spool var/spool
root# mount_null build/var.spool var/spool
root# mkdir -p   build/var.log var/log
root# mount_null build/var.log var/log
root# mkdir -p   build/var.tmp var/tmp
root# mount_null build/var.tmp var/tmp

Create filesystem layout

root# mtree -deU -f /etc/mtree/BSD.root.dist    -p /mnt
root# mtree -deU -f /etc/mtree/BSD.var.dist     -p /mnt/var
root# mtree -deU -f /etc/mtree/BSD.usr.dist     -p /mnt/usr
root# mtree -deU -f /etc/mtree/BSD.include.dist -p /mnt/usr/include

Copy System Files

root# cpdup -o -vvv -u /COPYRIGHT /mnt/COPYRIGHT
root# cpdup -o -vvv -u /bin /mnt/bin
root# cpdup -o -vvv -u /boot /mnt/boot
root# cpdup -o -vvv -u /compat /mnt/compat
root# cpdup -o -vvv -u /etc.hdd /mnt/etc
root# cpdup -o -vvv -u /lib /mnt/lib
root# cpdup -o -vvv -u /libexec /mnt/libexec
root# cpdup -o -vvv -u /root /mnt/root
root# cpdup -o -vvv -u /sbin /mnt/sbin
root# cpdup -o -vvv -u /tmp /mnt/tmp
root# cpdup -o -vvv -u /usr/Makefile /mnt/usr/Makefile
root# cpdup -o -vvv -u /usr/bin /mnt/usr/bin
root# cpdup -o -vvv -u /usr/games /mnt/usr/games
root# cpdup -o -vvv -u /usr/include /mnt/usr/include
root# cpdup -o -vvv -u /usr/lib /mnt/usr/lib
root# cpdup -o -vvv -u /usr/libdata /mnt/usr/libdata
root# cpdup -o -vvv -u /usr/libexec /mnt/usr/libexec
root# cpdup -o -vvv -u /usr/local /mnt/usr/local
root# cpdup -o -vvv -u /usr/local/etc /mnt/usr/local/etc
root# cpdup -o -vvv -u /usr/obj /mnt/usr/obj
root# cpdup -o -vvv -u /usr/sbin /mnt/usr/sbin
root# cpdup -o -vvv -u /usr/share /mnt/usr/share
root# cpdup -o -vvv -u /var /mnt/var
root# cpdup -o -vvv -u /var/crash /mnt/var/crash
root# cpdup -o -vvv -u /var/cache /mnt/var/cache
root# cpdup -o -vvv -u /var/spool /mnt/var/spool
root# cpdup -o -vvv -u /var/log /mnt/var/log
root# cpdup -o -vvv -u /var/tmp /mnt/var/tmp

root# pwd_mkdb -p -d /mnt/etc /mnt/etc/master.passwd
root# pw -V /mnt/etc userdel installer

Cleanups

root# rm -r /mnt/autorun
root# rm /mnt/README* /mnt/autorun* /mnt/boot.catalog /mnt/index.html
root# rm -r /mnt/etc.hdd

Configure System

File systems

root# cat > /mnt/etc/fstab << _EOF_
/dev/mapper/root  /  hammer2  rw  1  1
/dev/vbd0s1a  /boot  ufs   rw  1  1
/dev/vbd0s1b  none   swap  sw,crypt  0  0
_EOF_

Boot

root# cat > /mnt/boot/loader.conf << _EOF_
dm_load="YES"
dm_target_crypt_load="YES"
initrd.img_load="YES"
initrd.img_type="md_image"
vfs.root.mountfrom="ufs:md0s0"
vfs.root.realroot="crypt:hammer2:vbd0s1d:root"
_EOF_

System

root# cat >> /mnt/etc/rc.conf << _EOF_
hostname="???"
ifconfig_<name>="DHCP"
sshd_enable="YES"
dntpd_enable="YES"
dumpdev="/dev/vbd0s1b"
_EOF_

root# chroot /mnt passwd

root# umount /mnt/dev /mnt/boot /mnt
root# cryptsetup luksClose root

References:

  • DragonFly BSD source: share/examples/rcconfig/encrypted_root.sh
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment