Wednesday, November 29, 2006

Yaifo Update

OpenBSDAs I've stated in previous posts, I use YAIFO (Yet Another Installer for OpenBSD) to do remote upgrades of my OpenBSD boxes. By remote, sometimes I mean the server sitting in the other room. :)

It seems that development of YAIFO has stopped (and the site is inaccessible). I had previously made a few patches to improve usability (for me) and to make it work with 3.9 and 4.0. But, it started getting complicated with too many patches. So I combined all of the patches into single OpenBSD-version specific files (meaning one for 3.9 and one for 4.0).

If you've found this page via Google and are just looking for the unmodified YAIFO code, you're welcome to download it from my server.

However, I've made several useful modifications and some necessary fixes to make YAIFO work with versions of OpenBSD after 3.8 (that are available as patch files):

  • Updated for 3.9 and 4.0. The setup scripts have been updated since 3.8 and the patch implements these changes.

  • Enables using ${SUDO} where appropriate. So, if the SUDO environment variable is defined (or set in mk.conf), you can run make as a non-root user with SUDO access and you will be prompted to enter your password when root-access is needed.

  • Allows for including your own ssh_host*_key files. If these files are not included in the root YAIFO build directory, YAIFO will create its own. If you're upgrading a server (either through (I)nstall or (U)pgrade), you'll have to muck with your ~/.ssh/known_hosts file to access the temporary ssh_host*_key that YAIFO creates without this patch.

  • If you do include your own ssh_host*_key files, you will be prompted during an (I)nstall to copy those files to /etc/ssh/.

  • DNS Search string added to the YAIFO config file. If specified, it is also added to the newly installed system's /etc/resolv.conf.

  • ancontrol and wicontrol entries removed from i386/list file since they are no longer used.

The patch files:

To use:

  1. Download YAIFO.

  2. Download the appropriate patch (yaifo-0.2-39p1.patch or yaifo-0.2-40p1.patch)
  3. Extract it (tar -xvzf yaifo-newest.tgz).

  4. Change to the build directory (cd yaifo-0.2)

  5. Patch it (patch -p0 < ../yaifo-0.2-39p1.patch or patch -p0 < ../yaifo-0.2-40p1.patch).

  6. Set the SUDO variable, if necessary (export SUDO=/usr/bin/sudo).

  7. Copy /etc/ssh/ssh_host*_key* files (sudo cp /etc/ssh/ssh_host*_key* . ; sudo chown `id -un` ssh_host*_key*).

  8. Copy your authorized_keys file (cp ~/.ssh/authorized_keys .).

  9. Run make obj

  10. Run make

When the build is done, you'll end up with two files: yaifo.fs and yaifo.rd. I generally just use the yaifo.rd file by backing up the current kernel (sudo cp /bsd /bsd.old) and copy the yaifo.rd kernel to be used upon reboot (sudo cp yaifo.rd /bsd) and reboot.

The yaifo.fs file can be used in other ways. But, I don't use that file, so I can't comment about its use.

Now, ssh back to your box as root. You'll be promtped with the familiar prompt: (I)nstall, (U)pgrade or (S)hell.

After upgrading, consider using Mergemaster to upgrade /etc & /var.