Health Sciences Imaging Solution

By: Luis Alves - Revised: 2007-05-24 richard

Download Slides – PDF-File, 357.6 KB
Download Scripts – ZIP-File, 12.2 KB

Introduction

Eccles Library Mac Imaging Solution - by Luis Alves
Eccles Library has developed a solution for distributing image files to Mac clients from a Linux server using Samba for file sharing, ssh for secure logins and asr for restoring the images.

Luis will gave an overview of the setup which could be an alternative to using Apple Remote Desktop, Mac OS X Server or other commercial software.

Scripts

Readme
Scripts for Health Sciences Ed. Building.

These scripts are used to sync a dmg image file from a client with a server copy on a Unix server. The image is then restored to the appropriate partition.

asr needs to be installed on both Admin and User Volumes and an ssh key established between the client and server.

asr NEEDS to be run by root to restore images but it is advised to use a restricted user on the server when using rsync.

The Scripts-User folder is installed on the root (/) directory of the User volume, Scripts-Admin on the root dir. of the Admin volume.

RenameComp-User can be installed without modifications to the /System/Libraries/StartupItems/ directory on the User volume and modified according  to it's readme file before installing on the same path in the Admin Volume.

RenameComp-User Scripts

Readme
This goes into /System/Library/StartUpItems, this readme file has to be removed.

The line

SYNCIMAGE=-YES-

has to be added to /etc/hostconfig in order for this to run.

RenameComp Script

#!/bin/sh

#
# Renames the Computername to match it's hostname acquired by the DNS server
#

#
# On admin partition, replace the last paragraph with:
# /Scripts/sync_image >> /Scripts/image_synced
#


. /etc/rc.common

StartService ()
{
if [ "${SYNCIMAGE:=-NO-}" = "-YES-" ]; then

        computer_name=`hostname`  #assign the hostname given to the computer to the variable "computer_name"

        #set the computer-name and host-name to be $computer_name
        /usr/sbin/ncutil setprop / computer-name $computer_name

        /usr/sbin/ncutil setprop / local-host-name $computer_name

        echo "seems to have worked"
        echo "computer-name is ${computer_name}"
    
    #Since it's user partition just set Admin read-only,
    #if installing on Admin, replace next 3 lines.
    echo "Setting permissions to Admin partition to root:wheel"
    chown root:wheel /Volumes/Admin
    chmod 700 /Volumes/Admin
fi
}

StopService ()
{
echo " "
}

RestartService ()
{
computer_name=`hostname`  #assign the hostname given to the computer to the variable "computer_name"

#set the computer-name and host-name to be $computer_name
/usr/sbin/ncutil setprop / computer-name $computer_name

/usr/sbin/ncutil setprop / local-host-name $computer_name

echo "seems to have worked"
echo "computer-name is ${computer_name}" > /Scripts/renamed


}

RunService "$1"

RenameComp StartupParmeters.plist

{
  Description     = "Renames computer name to hostname";
  Provides        = ("RenameComp");
  OrderPreference = "First";
}

Admin Scripts

Readme
These are the scripts on the Admin partition.

They are run as system startup scripts. In case maintenance is needed, login, comment out "sync_image" and reboot.

The user is always prompted with a login screen while the scripts run on background.

bless Script
#!/bin/sh
echo "This script was last run on: "
date

#blessing User partition for next reboot
bless -folder '/Volumes/User/System/Library/CoreServices' -setBoot
echo "Blessed"

#halt the system to conserve power. Upon being turned on
#it will boot into the User partition.

shutdown -h now

bless_log
This script was last run on:
Thu May 10 00:08:24 MDT 2007
Blessed
Shutdown NOW!
 
Stopping Network Information Service
Stopping Apache web server
/usr/sbin/apachectl stop: httpd (no pid file) not running
ntpd is not running.
Starting...
Done.

computer_rename script
#!/bin/sh

computer_name=`hostname`  #assign the hostname given to the computer to the variable "computer_name"

#set computer-name and host-name to be $computer_name
/usr/sbin/ncutil setprop / computer-name $computer_name

/usr/sbin/ncutil setprop / local-host-name $computer_name

echo "seems to have worked" > /Scripts/image_synced
echo "computer-name is ${computer_name}" >> /Scripts/image_synced

#
# For reference:
#    ncutil is NOT part of a standard Mac OS install, free download.
#

image_synced
this log was created on:
Wed May  9 23:58:46 MDT 2007
syncing
    Validating target...done
    Validating source...done
    Erasing target device /dev/disk0s3...done
    Retrieving scan information...done
    Validating sizes...done
    Restoring  ....10....20....30....40....50....60....70....80....90....100
    Verifying  ....10....20....30....40....50....60....70....80....90....100
    Remounting target volume...done

sync_image script
#!/bin/sh
echo "this log was created on:"
date

#rsync user image with the one on server
echo "rsyncing"
rsync -azvtp -e "ssh -i /var/root/.ssh/rsync-key" user@server:/Full_path/disk_image.dmg /Scripts/Image/

#restore user image into disk slice
echo "restoring"
asr -erase -noprompt -source /Scripts/Image/disk0s3.dmg -target /dev/disk0s3

#Run bless script to shutdown
/Scripts/bless > /Scripts/bless_log

User Scripts

Readme
These files go into the folder "Scripts" in the partition where the patron OS X install will be located at.

bless Script
#!/bin/sh

#First, print date so we know when script was run
echo "This script was last run on: "
date

#Since Admin partition has wrong permissions,
#fix those before running diskutil
echo "Setting proper permissions for the Admin partiton"
chown root:admin /Volumes/Admin
chmod 775  /Volumes/Admin

echo "fixing permissions on Admin"
diskutil repairPermissions /Volumes/Admin

#Prepare for boot of Admin partition
bless -folder '/Volumes/Admin/System/Library/CoreServices' -setBoot
echo "Blessed"

#reboot now
launchctl load /Scripts/com.rebootnow.plist

com.rebootnow.plist File
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.test.rebootnow</string>
    <key>OnDemand</key>
    <false/>
    <key>Program</key>
    <string>/sbin/reboot</string>
    <key>ProgramArguments</key>
    <array>
        <string>/sbin/reboot</string>
    </array>
</dict>
</plist>

renamed File
This file is created by the boot script. It will contain the name the computer will have and it's presence confirms that the startup script loaded properly.

sync_image
#!/bin/sh

echo "this log was created on:"
date

#Set proper permissions and run diskutil on Admin
echo "Setting proper permissions for the Admin partiton"
chown root:admin /Volumes/Admin
chmod 775 /Volumes/Admin

diskutil repairPermissions /Volumes/Admin

#rsync image with updated image on server,
#run asr to restore Admin to pristine state.

echo "rsyncing"
rsync -azvtp -e "ssh -i /var/root/.ssh/rsync-key" username@server:/Full_Path/disk_image.dmg /Scripts/Image/

echo "restoring"
date
asr -erase -noprompt -source /Scripts/Image/disk0s3.dmg -target /dev/disk0s3

#reboot into Admin so User partition will be updated
/Scripts/bless > /Scripts/bless_log