diff options
Diffstat (limited to 'release')
| -rwxr-xr-x | release/amd64/make-memstick.sh | 10 | ||||
| -rwxr-xr-x | release/amd64/make-mfsroot-memstick.sh | 63 | ||||
| -rw-r--r-- | release/conf/pfSense_installer_make.conf | 3 | ||||
| -rw-r--r-- | release/conf/pfSense_installer_src.conf | 91 | ||||
| -rw-r--r-- | release/conf/pfSense_make.conf | 7 | ||||
| -rw-r--r-- | release/conf/pfSense_src-env.conf | 2 | ||||
| -rw-r--r-- | release/conf/pfSense_src.conf | 50 | ||||
| -rwxr-xr-x | release/rc.local | 81 |
8 files changed, 294 insertions, 13 deletions
diff --git a/release/amd64/make-memstick.sh b/release/amd64/make-memstick.sh index 3de8cb2..83a89a4 100755 --- a/release/amd64/make-memstick.sh +++ b/release/amd64/make-memstick.sh @@ -15,8 +15,8 @@ set -e PATH=/bin:/usr/bin:/sbin:/usr/sbin export PATH -if [ $# -ne 2 ]; then - echo "make-memstick.sh /path/to/directory /path/to/image/file" +if [ $# -ne 2 -a $# -ne 3 ]; then + echo "make-memstick.sh /path/to/directory /path/to/image/file [FAT32 partition]" exit 1 fi @@ -30,6 +30,11 @@ if [ -e ${2} ]; then exit 1 fi +unset fat32_partition +if [ -n "${3}" -a -f "${3}" ]; then + fat32_partition="-p fat32:=${3}" +fi + echo '/dev/ufs/FreeBSD_Install / ufs ro,noatime 1 1' > ${1}/etc/fstab echo 'root_rw_mount="NO"' > ${1}/etc/rc.conf.local makefs -B little -o label=FreeBSD_Install -o version=2 ${2}.part ${1} @@ -40,6 +45,7 @@ mkimg -s mbr \ -b ${1}/boot/mbr \ -p efi:=${1}/boot/boot1.efifat \ -p freebsd:-"mkimg -s bsd -b ${1}/boot/boot -p freebsd-ufs:=${2}.part" \ + ${fat32_partition} \ -a 2 \ -o ${2} rm ${2}.part diff --git a/release/amd64/make-mfsroot-memstick.sh b/release/amd64/make-mfsroot-memstick.sh new file mode 100755 index 0000000..da55c6b --- /dev/null +++ b/release/amd64/make-mfsroot-memstick.sh @@ -0,0 +1,63 @@ +#!/bin/sh +# +# This script generates a "memstick image with mfsroot" (image that can be copied to a +# USB memory stick or PXE booted) from a directory tree. Note that the script does not +# clean up after itself very well for error conditions on purpose so the +# problem can be diagnosed (full filesystem most likely but ...). +# +# Usage: make-mfsroot-memstick.sh <directory tree> <image filename> +# +# $FreeBSD$ +# + +PATH=/bin:/usr/bin:/sbin:/usr/sbin +export PATH + +if [ $# -ne 2 ]; then + echo "make-memstick.sh /path/to/directory /path/to/image/file" + exit 1 +fi + +if [ ! -d ${1} ]; then + echo "${1} must be a directory" + exit 1 +fi + +if [ -e ${2} ]; then + echo "won't overwrite ${2}" + exit 1 +fi + +if [ -e "${1}.tmp" ]; then + rm -rf ${1}.tmp +fi + +mkdir -p ${1}.tmp + +echo '/dev/md0 / ufs ro,noatime 1 1' > ${1}/etc/fstab +echo 'root_rw_mount="NO"' > ${1}/etc/rc.conf.local + +cp -rp ${1}/boot ${1}.tmp +makefs -o version=2 ${1}.tmp/mfsroot ${1} +gzip ${1}.tmp/mfsroot + +rm ${1}/etc/fstab +rm ${1}/etc/rc.conf.local + +echo 'autoboot_delay="3"' >> ${1}.tmp/boot/loader.conf +echo 'mfs_load="YES"' >> ${1}.tmp/boot/loader.conf +echo 'mfs_type="mfs_root"' >> ${1}.tmp/boot/loader.conf +echo 'mfs_name="/mfsroot"' >> ${1}.tmp/boot/loader.conf +echo 'vfs.root.mountfrom="ufs:/dev/md0"' >> ${1}.tmp/boot/loader.conf + +makefs -B little -o label=pfSense_Install ${2}.part ${1}.tmp +if [ $? -ne 0 ]; then + echo "makefs failed" + exit 1 +fi + +rm -rf ${1}.tmp + +mkimg -s gpt -b ${1}/boot/pmbr -p efi:=${1}/boot/boot1.efifat -p freebsd-boot:=${1}/boot/gptboot -p freebsd-ufs:=${2}.part -p freebsd-swap::1M -o ${2} +rm ${2}.part + diff --git a/release/conf/pfSense_installer_make.conf b/release/conf/pfSense_installer_make.conf new file mode 100644 index 0000000..2a9e237 --- /dev/null +++ b/release/conf/pfSense_installer_make.conf @@ -0,0 +1,3 @@ +# Default serial console speed +BOOT_COMCONSOLE_SPEED=115200 +BOOT_BOOT0_COMCONSOLE_SPEED=0 diff --git a/release/conf/pfSense_installer_src.conf b/release/conf/pfSense_installer_src.conf new file mode 100644 index 0000000..b81e09f --- /dev/null +++ b/release/conf/pfSense_installer_src.conf @@ -0,0 +1,91 @@ +WITHOUT_ACCT=YES +WITHOUT_AMD=YES +WITHOUT_APM=YES +WITHOUT_ASSERT_DEBUG=YES +WITHOUT_AT=YES +WITHOUT_ATM=YES +WITHOUT_AUDIT=YES +WITHOUT_AUTHPF=YES +WITHOUT_AUTOFS=YES +WITHOUT_BHYVE=YES +WITHOUT_BLACKLIST=YES +WITHOUT_BLUETOOTH=YES +WITHOUT_BSDINSTALL=YES +WITHOUT_BSNMP=YES +WITHOUT_CALENDAR=YES +WITHOUT_CAPSICUM=YES +WITHOUT_CASPER=YES +WITHOUT_CCD=YES +WITHOUT_CDDL=YES +WITHOUT_CPP=YES +WITHOUT_CTM=YES +WITHOUT_CUSE=YES +WITHOUT_DEBUG_FILES=YES +WITHOUT_DICT=YES +WITHOUT_EE=YES +WITHOUT_EXAMPLES=YES +WITHOUT_FILE=YES +WITHOUT_FINGER=YES +WITHOUT_FLOPPY=YES +WITHOUT_FMTREE=YES +WITHOUT_FREEBSD_UPDATE=YES +WITHOUT_FTP=YES +WITHOUT_GAMES=YES +WITHOUT_GCOV=YES +WITHOUT_GROFF=YES +WITHOUT_HAST=YES +WITHOUT_HESIOD=YES +WITHOUT_HTML=YES +WITHOUT_HYPERV=YES +WITHOUT_ICONV=YES +WITHOUT_IPFILTER=YES +WITHOUT_IPFW=YES +WITHOUT_ISCSI=YES +WITHOUT_JAIL=YES +WITHOUT_KDUMP=YES +WITHOUT_KERNEL_SYMBOLS=YES +WITHOUT_LANG=YES +WITHOUT_LDNS_UTILS=YES +WITHOUT_LIB32=YES +WITHOUT_LOCALES=YES +WITHOUT_LOCATE=YES +WITHOUT_LPR=YES +WITHOUT_LS_COLORS=YES +WITHOUT_MAIL=YES +WITHOUT_MAKE=YES +WITHOUT_MAN=YES +WITHOUT_NDIS=YES +WITHOUT_NETGRAPH=YES +WITHOUT_NIS=YES +WITHOUT_NLS=YES +WITHOUT_NLS_CATALOGS=YES +WITHOUT_NS_CACHING=YES +WITHOUT_NTP=YES +WITHOUT_PC_SYSINSTALL=yes +WITHOUT_PF=YES +WITHOUT_PMC=YES +WITHOUT_PORTSNAP=yes +WITHOUT_PPP=YES +WITHOUT_PROFILE=YES +WITHOUT_QUOTAS=YES +WITHOUT_RADIUS_SUPPORT=YES +WITHOUT_RCMDS=YES +WITHOUT_RCS=YES +WITHOUT_RESCUE=YES +WITHOUT_ROUTED=YES +WITHOUT_SETUID_LOGIN=YES +WITHOUT_SHAREDOCS=YES +WITHOUT_SVNLITE=YES +WITHOUT_TALK=YES +WITHOUT_TCP_WRAPPERS=YES +WITHOUT_TCSH=YES +WITHOUT_TELNET=YES +WITHOUT_TESTS=yes +WITHOUT_TEXTPROC=YES +WITHOUT_TIMED=YES +WITHOUT_TOOLCHAIN=YES +WITHOUT_UNBOUND=YES +WITHOUT_USB_GADGET_EXAMPLES=YES +WITHOUT_VI=YES +WITHOUT_WIRELESS=YES +WITHOUT_WPA_SUPPLICANT_EAPOL=YES diff --git a/release/conf/pfSense_make.conf b/release/conf/pfSense_make.conf new file mode 100644 index 0000000..41a3db4 --- /dev/null +++ b/release/conf/pfSense_make.conf @@ -0,0 +1,7 @@ +#HOSTAPD_CFLAGS+=-DEAP_PAX -DEAP_SAKE -DCONFIG_RSN_PREAUTH -DCONFIG_IEEE80211N +#HOSTAPD_CFLAGS+=-DEAP_SERVER -DEAP_GTC -DEAP_AKA -DEAP_SIM -DEAP_GPSK +#WPA_SUPPLICANT_CFLAGS+=-DCONFIG_IEEE80211N + +# Default serial console speed +BOOT_COMCONSOLE_SPEED=115200 +BOOT_BOOT0_COMCONSOLE_SPEED=0 diff --git a/release/conf/pfSense_src-env.conf b/release/conf/pfSense_src-env.conf new file mode 100644 index 0000000..90c70e7 --- /dev/null +++ b/release/conf/pfSense_src-env.conf @@ -0,0 +1,2 @@ +WITH_META_MODE=YES +WITHOUT_SYSTEM_COMPILER=YES diff --git a/release/conf/pfSense_src.conf b/release/conf/pfSense_src.conf new file mode 100644 index 0000000..8288105 --- /dev/null +++ b/release/conf/pfSense_src.conf @@ -0,0 +1,50 @@ +WITHOUT_AMD=YES +WITHOUT_ASSERT_DEBUG=YES +WITHOUT_ATM=YES +WITHOUT_AUDIT=YES +WITHOUT_AUTHPF=YES +WITHOUT_BLACKLIST=YES +WITHOUT_BLUETOOTH=YES +WITHOUT_CALENDAR=YES +WITHOUT_CAPSICUM=YES +WITHOUT_CASPER=YES +WITHOUT_CCD=YES +WITHOUT_CTM=YES +WITHOUT_CUSE=YES +WITHOUT_DICT=YES +WITHOUT_EXAMPLES=YES +WITHOUT_FINGER=YES +WITHOUT_FLOPPY=YES +WITHOUT_FREEBSD_UPDATE=YES +WITHOUT_GAMES=YES +WITHOUT_GCOV=YES +WITHOUT_GROFF=YES +WITHOUT_HAST=YES +WITHOUT_HTML=YES +WITHOUT_INETD=YES +WITHOUT_IPFILTER=YES +WITHOUT_JAIL=YES +WITHOUT_LIB32=YES +WITHOUT_LOCALES=YES +WITHOUT_LOCATE=YES +WITHOUT_LPR=YES +WITHOUT_MAIL=YES +WITHOUT_MAN=YES +WITHOUT_NIS=YES +WITHOUT_NLS=YES +WITHOUT_NLS_CATALOGS=YES +WITHOUT_NS_CACHING=YES +WITHOUT_NTP=YES +WITHOUT_PC_SYSINSTALL=yes +WITHOUT_PORTSNAP=yes +WITHOUT_PROFILE=YES +WITHOUT_QUOTAS=YES +WITHOUT_RCMDS=YES +WITHOUT_RCS=YES +WITHOUT_SETUID_LOGIN=YES +WITHOUT_SHAREDOCS=YES +WITHOUT_SVNLITE=YES +WITHOUT_TALK=YES +WITHOUT_TESTS=yes +WITHOUT_TOOLCHAIN=YES +WITHOUT_UNBOUND=YES diff --git a/release/rc.local b/release/rc.local index cb44227..d39ea6a 100755 --- a/release/rc.local +++ b/release/rc.local @@ -8,6 +8,30 @@ : ${DIALOG_ITEM_HELP=4} : ${DIALOG_ESC=255} +if ! mdconfig -l | grep -q md3; then + mdconfig -a -u 3 -s 8m + newfs /dev/md3 + mount /dev/md3 /mnt + tar -C /etc -cf - . | tar -C /mnt -xf - + sync; sync; sync + umount /mnt + mount /dev/md3 /etc +fi + +# Mount /dev/ufs/pfSense_Install on factory to prevent USB stick disk used +# to boot to be shown as an option to install +if [ -e /dev/ufs/pfSense_Install -a ! -d /tmp/usb_install_media ]; then + mkdir -p /tmp/usb_install_media + mount /dev/ufs/pfSense_Install /tmp/usb_install_media +fi + +if [ -f /root/factory-pre.sh ]; then + sh -x /root/factory-pre.sh >/tmp/factory-pre.debug 2>&1 + unset CE_message +else + CE_message=1 +fi + MACHINE=`uname -m` # resolv.conf from DHCP ends up in here, so make sure the directory exists @@ -34,10 +58,12 @@ if [ $? -eq 0 ]; then /usr/libexec/getty autologin ttyv3 & EXTERNAL_VTY_STARTED=1 fi +elif kenv -q smbios.system.product | grep -q "SG-5100"; then + TERM="vt100" else # Serial or other console echo - echo "Welcome to FreeBSD!" + echo "Welcome to pfSense!" echo echo "Please choose the appropriate terminal type for your system." echo "Common console types are:" @@ -54,18 +80,46 @@ export TERM if [ -f /etc/installerconfig ]; then if bsdinstall script /etc/installerconfig; then - dialog --backtitle "FreeBSD Installer" --title "Complete" --no-cancel --ok-label "Reboot" --pause "Installation of FreeBSD complete! Rebooting in 10 seconds" 10 30 10 + dialog --backtitle "pfSense Installer" --title "Complete" --no-cancel --ok-label "Reboot" --pause "Installation of pfSense complete! Rebooting in 10 seconds" 10 30 10 reboot else - dialog --backtitle "FreeBSD Installer" --title "Error" --textbox /tmp/bsdinstall_log 0 0 + dialog --backtitle "pfSense Installer" --title "Error" --textbox /tmp/bsdinstall_log 0 0 fi exit fi -dialog --backtitle "FreeBSD Installer" --title "Welcome" --extra-button --extra-label "Shell" --ok-label "Install" --cancel-label "Live CD" --yesno "Welcome to FreeBSD! Would you like to begin an installation or use the live CD?" 0 0 +if [ -n "${CE_message}" ]; then + msg="pfSense is Copyright 2004-2019 Rubicon Communications, LLC (Netgate).\n\npfSense is a federally registered trademark of Electric Sheep Fencing, LLC. Any unauthorized use of this trademark is prohibited by state and federal law and international law. Refer to our Trademark Usage Guidelines for how to properly use the marks. All rights reserved.\n\nAbsolutely No Commercial Distribution Is Allowed." +else + msg="This software is only for use on platforms supplied by Rubicon Communications, LLC (Netgate).\n\npfSense is Copyright 2004-2019 Rubicon Communications, LLC (Netgate).\n\npfSense is a federally registered trademark of Electric Sheep Fencing, LLC. Any unauthorized use of this trademark is prohibited by state and federal law and international law. Refer to our Trademark Usage Guidelines for how to properly use the marks. All rights reserved.\n\nAbsolutely No Commercial Distribution Is Allowed" +fi -case $? in -$DIALOG_OK) # Install +if [ ! -f /tmp/buildroom ]; then + exec 3>&1 + dialog --backtitle "pfSense Installer" \ + --title "Copyright and distribution notice" \ + --ok-label "Accept" \ + --msgbox "${msg}" 0 0 2>&1 1>&3 + exec 3>&- +fi + +IOPTS="\ +\"Install\" \"Install pfSense\" \ +\"Rescue Shell\" \"Launch a shell for rescue operations\"" + +if [ -x /root/recover_configxml.sh ] ; then + IOPTS="${IOPTS} \"Recover config.xml\" \"Recover config.xml from a previous install\"" +fi + +exec 3>&1 +IMODE=`echo ${IOPTS} | xargs dialog --backtitle "pfSense Installer" \ + --title "Welcome" \ + --menu "Welcome to pfSense!" \ + 0 0 0 2>&1 1>&3` || exit 1 +exec 3>&- + +case "$IMODE" in +"Install") # Install # If not netbooting, have the installer configure the network dlv=`/sbin/sysctl -n vfs.nfs.diskless_valid 2> /dev/null` if [ ${dlv:=0} -eq 0 -a ! -f /etc/diskless ]; then @@ -75,19 +129,24 @@ $DIALOG_OK) # Install trap true SIGINT # Ignore cntrl-C here bsdinstall if [ $? -eq 0 ]; then - dialog --backtitle "FreeBSD Installer" --title "Complete" --yes-label "Reboot" --no-label "Live CD" --yesno "Installation of FreeBSD complete! Would you like to reboot into the installed system now?" 0 0 && reboot + dialog --backtitle "pfSense Installer" --title "Complete" --yes-label "Reboot" --no-label "Shell" --yesno "Installation of pfSense complete! Would you like to reboot into the installed system now?" 0 0 && reboot + clear + echo "When finished, type 'exit' to reboot." + /bin/sh + reboot else . /etc/rc.local fi ;; -$DIALOG_CANCEL) # Live CD - exit 0 - ;; -$DIALOG_EXTRA) # Shell +"Rescue Shell") # Rescue Shell clear echo "When finished, type 'exit' to return to the installer." /bin/sh . /etc/rc.local ;; +"Recover config.xml") # Recover config.xml from a target drive + /root/recover_configxml.sh + . /etc/rc.local + ;; esac |
