User:Moggers87/Installing Opensuse
Install OpenSUSE
Make sure you're in PVH mode
xen-shell> virtmode pvh
Boot rescue VM and log in
xen-shell> rescue
After a while you'll be presented with a login prompt. The password is auto-generated and should be printed a few lines above the prompt. Once you're logged in, become root:
user@rescue:~$ sudo -i
root@rescue:~#
Install required utilities into rescue VM
root@rescue:~# apt update
root@rescue:~# apt install rpm zypper curl btrfs-progs zstd parted
Set up partitions on disk
Wipe existing block devices:
root@rescue:~# for d in a b; do wipefs -a /dev/xvd${d}; done
Create partitions:
root@rescue:~# parted -s /dev/xvda mklabel gpt mkpart root btrfs 0% 100%
root@rescue:~# parted -s /dev/xvda set 1 boot on
root@rescue:~# parted -s /dev/xvdb mklabel gpt mkpart swap linux-swap 0% 100%
root@rescue:~# mkfs.btrfs /dev/xvda1
root@rescue:~# mkswap -L SWAP /dev/xvdb1
Finally, mount the partition:
root@rescue:~# mkdir -vp /target && mount -v /dev/xvda1 /target
Copy in resolv.conf
root@rescue:~# mkdir /target/etc/
root@rescue:~# cp -v /etc/resolv.conf /target/etc/
Set up Zypper repoes
root@rescue:~# mkdir -p /target/etc/zypp/repos.d/
root@rescue:~# cat <<-EOF > /target/etc/zypp/repos.d/repo-oss.repo
[repo-oss]
name=Main Repository
enabled=1
autorefresh=1
baseurl=http://download.opensuse.org/distribution/leap/\$releasever/repo/oss/
path=/
type=rpm-md
keeppackages=0
EOF
root@rescue:~# cat <<-EOF > /target/etc/zypp/repos.d/repo-update.repo
[repo-update]
name=Main Update Repository
enabled=1
autorefresh=1
baseurl=http://download.opensuse.org/update/leap/\$releasever/oss
path=/
type=rpm-md
keeppackages=0
EOF
Install Zypper
root@rescue:~# zypper --releasever=15.3 -R /target install zypper
You'll be prompted to trust various GPG keys and confirm that you want to install the zypper package and its dependencies.
Enter chroot
Mount /dev
and some other things needed by the chroot:
root@rescue:~# mount -v --bind /dev /target/dev
root@rescue:~# mount -v -t proc procfs /target/proc
root@rescue:~# mount -v -t sysfs sysfs /target/sys
Enter the chroot:
root@rescue:~# chroot /target /bin/bash
Install base packages
Install some base packages for first boot:
rescue:/ # zypper --releasever=15.3 install openSUSE-release lsb grub2 dracut-tools wicked -t pattern enhanced_base
Configure GRUB and install kernel
rescue:/ # cat > /etc/default/grub << EOF
# If you change this file, run 'grub2-mkconfig -o /boot/grub2/grub.cfg' afterwarrds to update
# /boot/grub2/grub.cfg.
GRUB_DEFAULT=saved
GRUB_HIDDEN_TIMEOUT=0
GRUB_HIDDEN_TIMEOUT_QUIET=true
GRUB_TIMEOUT=10
# Xen consoles are on hvc0
#GRUB_CMDLINE_LINUX_DEFAULT=""
GRUB_CMDLINE_LINUX_DEFAULT="console=hvc0"
# I like to see all the kernel boot/shutdown messages so I remove "quiet"
#GRUB_CMDLINE_LINUX="splash=silent mitigations=auto quiet"
GRUB_CMDLINE_LINUX="splash=silent mitigations=auto"
GRUB_TERMINAL=console
GRUB_DISABLE_RECOVERY="true"
EOF
rescue:/ # zypper --releasever=15.3 install kernel-default
Finally, you need to manually generate an initrd file and then generate the GRUB config:
rescue:/ # dracut --kver `ls /lib/modules`
rescue:/ # grub2-mkconfig -o /boot/grub2/grub.cfg
Networking
rescue:/ # cat > /etc/sysconfig/network/ifcfg-eth0 << EOF
TYPE='Ethernet'
PROXY_METHOD='none'
BROWSER_ONLY='no'
DEFROUTE='yes'
IPV6INIT='yes'
DEVICE='eth0'
ONBOOT='yes'
PREFIX='21'
PREFIX_0='64'
DNS1='85.119.80.232'
DNS2='85.119.80.233'
IPADDR='85.119.82.225/21'
IPADDR_0='2001:ba8:1f1:f1d7::2/64'
NAME='eth0'
BOOTPROTO='static'
STARTMODE='auto'
LABEL_0=''
ZONE='public'
EOF
rescue:/ # cat > /etc/sysconfig/network/ifroute-eth0 << EOF
85.119.80.0/21 - - eth0
2001:ba8:1f1:f1d7::/64 - - eth0
default 85.119.80.1 - eth0
default 2001:ba8:1f1:f1d7::1 - eth0
EOF
Set host name
Can be skipped but you'll only have to do it after boot if so.
The format of the /etc/hosts file is:
- IP address
- Fully-qualified host name, i.e. what this host would be reachable as from the Internet
- Zero or more short alias names
Each separated by white space.
Note the append ('>>') on the second cat; don't clobber the existing contents of the hosts file.
rescue:/ # cat > /etc/hostname << EOF
susetest1
EOF
rescue:/ # cat >> /etc/hosts << EOF
85.119.82.225 susetest1.vps.bitfolk.space susetest1
EOF
Create fstab
rescue:/ # cat > /etc/fstab << EOF
/dev/xvda1 / btrfs defaults,noatime 0 0
LABEL=SWAP swap swap defaults 0 0
EOF
Set root password
rescue:/ # passwd root
SSHD configuration
The default configuration of SSHD is to both allow password logins and allow root logins. I would recommend you change at least one of these settings before your first boot
rescue:/ # zypper --releasever=15.3 install openssh
rescue:/ # sed -i 's/.*PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config
rescue:/ # sed -i 's/.*PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
Exit chroot and dismount
rescue:/ # exit
root@rescue:~# umount /target/sys
root@rescue:~# umount /target/proc
root@rescue:~# umount /target/dev
root@rescue:~# umount /target
Stop the rescue VM
root@rescue:~# poweroff
First boot
Boot and then log in as root with the password you set earlier:
xen-shell> boot
Firewall
Currently there is no firewall running, so we need to configure it and start it:
localhost:~ # zypper install firewalld
localhost:~ # firewall-offline-cmd --zone=public --add-service=ssh
localhost:~ # systemctl enable firewalld
localhost:~ # systemctl start firewalld
Add a user
localhost:~ # useradd -m user
localhost:~ # passwd user
You can add your ssh keys to /home/user/.ssh/authorized_keys
to allow login via SSH. You will be able to use sudo
to perform actions as root.
Sudo with user password
By default, sudo will ask for the password of the target user (usually root). If you want it to ask for the user's own password you will need to take the following steps:
localhost:~ # groupadd wheel
localhost:~ # usermod -a -G wheel user
You will now need to use visudo
to change sudo's configuration:
localhost:~ # sypper install vim # or whatever other editor you like
localhost:~ # visudo
Search for the following lines and uncomment the second line:
## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL) ALL
And add this line above to turn off targetpw for users in group wheel:
## Uncomment to allow members of group wheel to execute any command
Defaults:%wheel !targetpw
%wheel ALL=(ALL) ALL
Exit with :wq
.
All done
OpenSUSE is now installed. You can log out of the Xen console and SSH in via the user you've just created.