#!/bin/sh
# Initial bootstrap of a pristine Debian system.
# Copyright (C) 2007 Bob Proulx
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
# Written by Bob Proulx
VERSION=0
test -x /usr/bin/dpkg || exit 0
test -x /usr/bin/apt-get || exit 0
test -r /etc/debian_version || exit 0
progname=$(basename $0)
print_help()
{
# Create a help message suitable for help2man to format into a man
# page directly from the online --help and --version message.
cat <<'EOF'
Usage: bootstrap [options]
Initial bootstrap of a pristine Debian system.
Options:
--help output help message
--version output version information
Examples:
The most common use is to run the script.
$ bootstrap
But it is also possible to pull this from the web and run it on the
fly.
$ apt-get install wget
$ wget -q -O - http://www.proulx.com/~bob/debian/bootstrap | sh
Report bugs to Bob Proulx
EOF
}
print_version()
{
cat </dev/null 2>&1) ; [ $? = 4 ] ; then # New longopts getopt.
OPTS=$(getopt -o $SHORTOPTS --long $LONGOPTS -n "$progname" -- "$@")
else # Old classic getopt.
# Special handling for --help and --version on old getopt.
case $1 in --help) print_help ; exit 0 ;; esac
case $1 in --version) print_version ; exit 0 ;; esac
OPTS=$(getopt $SHORTOPTS "$@")
fi
if [ $? -ne 0 ]; then
echo "'$progname --help' for more information" 1>&2
exit 1
fi
eval set -- "$OPTS"
verbose=false
while [ $# -gt 0 ]; do
: debug: $1
case $1 in
--help)
print_help
exit 0
;;
--verbose|-v)
verbose=true
exit 0
;;
--version)
print_version
exit 0
;;
--)
shift
break
;;
*)
echo "Internal Error: option processing error: $1" 1>&2
exit 1
;;
esac
done
if ! (apt-get --version) >/dev/null 2>&1; then
: No apt-get available so not an apt machine, exiting.
exit 0
fi
if ! (dpkg --version) >/dev/null 2>&1; then
: No dpkg available so not an dpkg machine, exiting.
exit 0
fi
if [ ! -f /etc/apt/sources.list ]; then
echo "Error: No /etc/apt/sources.list" 1>&2
echo "Not running on a Debian GNU/Linux machine?" 1>&2
exit 1
fi
if [ ! -w / ]; then
echo "Error: Must be root to run this script" 1>&2
exit 1
fi
case $(&2
exit 1
;;
esac
# At the time that this script is executed a simple temporary file
# naming scheme is okay. By not needing to keep track of temporary
# files the handling and cleaning up of them is greatly simplified.
# A generic cleanup of our style of temporary files.
trap 'rm -f /tmp/*.tmp.$$~' EXIT
rm -f /tmp/*.tmp.$$~
# Quiet down the installer.
export DEBIAN_FRONTEND=noninteractive
export DEBCONF_ADMIN_EMAIL=""
case $( 4000 )); then
sysctl -w vm.overcommit_memory=2
sleep 5 # Give system time to crash if it is going to.
# If the system can take it then make it permanent.
cat >>/etc/sysctl.conf < /tmp/recommends.tmp.$$~ < /tmp/sources.list.tmp.$$~ <&2
exit 1
fi
if ! apt-get -o DPkg::Options::=--force-confnew upgrade -q -y; then
echo "Error: apt-get failed" 1>&2
exit 1
fi
if [ ! -x /usr/local/bin/ll ]; then
cat >/usr/local/bin/ll <<'EOF'
#!/bin/sh
exec ls -l "$@"
EOF
chmod a+x /usr/local/bin/ll
fi
if [ ! -d /root/bin ]; then
mkdir /root/bin
fi
mypurge()
{
for pkgname in "$@"; do
if [ -d /usr/share/doc/$pkgname ]; then
dpkg --purge $pkgname
fi
done
}
myinstall()
{
for pkgname in "$@"; do
if [ ! -d /usr/share/doc/$pkgname ]; then
apt-get install $pkgname
fi
done
}
myinstall debsums
# initscripts failed to reinstall when in conjuction with other packages.
# Therefore use a for-loop.
for pkg in $(debsums -l); do
apt-get install --reinstall -y $pkg
done
myinstall dlocate
myinstall nvi
mypurge nano
myinstall postfix
eximlist='exim4 exim4-base exim4-config exim4-daemon-light'
for p in $eximlist; do
if dpkg --status $p | grep -q '^Status: deinstall .* config-files'; then
dpkg --purge $p
fi
done
# Correct this problem with an empty field.
# mydestination = foo.example.com, localhost.example.com, , localhost
mydomain=$(postconf -h mydomain)
myhostname=$(postconf -h myhostname)
mydestination="$myhostname, localhost.$mydomain, localhost"
if ! postconf -h mydestination | grep -q "$mydestination"; then
postconf -e mydestination="$mydestination"
fi
# FIXME: /root/.forward or /etc/aliases root forward
myinstall bind9
myinstall resolvconf
if ! grep -q '^include.*/var/run/bind/named.options' /etc/bind/named.conf; then
sed --in-place '/^include/s|/etc/bind/named.conf.options|/var/run/bind/named.options|' /etc/bind/named.conf
fi
myinstall smartmontools
if ! grep -q '^start_smartd=yes' /etc/default/smartmontools; then
sed --in-place '/^#start_smartd=/s/.*/start_smartd=yes/' /etc/default/smartmontools
invoke-rc.d smartmontools start
fi
myinstall aptitude
# Download separately first since this is so large that it sometimes fails.
for i in $(seq 1 3); do # try download up to three times
if aptitude -d -q --without-recommends -y install '~t^desktop$' '~t^gnome-desktop$'; then
break
fi
done
# The files are downloaded. Fire for effect.
aptitude -q --without-recommends -y install '~t^desktop$' '~t^gnome-desktop$'
# Unfortunately aptitude does not always pass results back to the
# caller in the exit code. Therefore there is no way to know if
# aptitude actually succeeded. All we can do is push on regardless.
# crypt++el
# libdb2
# memshow
# nfs-kernel-server
# nis
# other-distro-compat
# rsemd
# ssh-setup-user
# libxft1
# xlibs-dev
list='
apt-utils
autoconf
autofs
automake1.9
biff
bind9
bind9-host
binutils
binutils-dev
bison
bonnie++
byacc
bzip2
c2man
cfengine2
cflow
cle
connect-proxy
cpp
cutils
cvs
dc
debconf-doc
debian-el
devscripts
devscripts-el
dh-make
diffstat
dnsutils
doc-debian
dosfstools
dpkg-dev
dpkg-dev-el
emacs
ethtool
expect
fakeroot
feh
finger
fingerd
flex
ftp
g++
g++-3.3
gawk
gcc
gcc-3.3
gdb
gettext
git-core
glibc-doc
gnupg
gnuserv
grep-dctrl
help2man
iamerican
indent
ispell
kernel-package
ksh
less
libc6-dev
libcurses-ruby
libgdbmg1
libncurses5-dev
libssl-dev
libterm-readline-gnu-perl
libtime-hires-perl
libtool
libxaw7-dev
lintian
liwc
lsb
lsof
lynx
mailcrypt
mailx
make
man-db
manpages
manpages-dev
metamail
mime-support
most
mpack
mtools
mutt
mysql-client
netcat
nmh
ntp
openssl
patch
perl-doc
perl-tk
pinfo
pkg-config
procmail
psmisc
psutils
rcs
rsync
ruby
ruby-elisp
screen
sharutils
ssh
stl-manual
strace
sudo
sysvbanner
talk
talkd
tcsh
time
tk8.3
tmpreaper
traceroute
tramp
unifdef
unzip
urlview
vim-gtk
tightvncserver
wamerican
wdiff
wget
xdu
xemacs21
xloadimage
xosview
xpdf
xsltproc
xterm
xtightvncviewer
ytalk
zip
zsh
'
# myinstall $list
# x-window-system-core
list='
doc-debian
fvwm
gimp
gnumeric
gnuplot
gpm
imagemagick
kde
iceweasel
mpeglib
mpg321
pan
procmail
slrn
spamassassin
libmail-spf-query-perl
libmailtools-perl
libnet-dns-perl
ssh-askpass
vacation
xterm
x2vnc
xautolock
xwit
'
# myinstall $list
# Consider installing the meta package nvidia-kernel-2.6-686 to pull
# in latest nvidia-kernel-$(uname -r) kernel specific driver.
aptitude install -sfy
aptitude install -sfD
# aptitude keep-all
# Now that iceweasel is installed configure alternatives.
update-alternatives --set x-www-browser /usr/bin/iceweasel
# Now that vim is installed it will own the alternatives. Configure.
update-alternatives --set vi /usr/bin/nvi
update-alternatives --set view /usr/bin/nview
update-alternatives --set ex /usr/bin/nex
update-alternatives --set editor /usr/bin/nvi
test -d /etc/skel/.ssh || mkdir -m 0700 /etc/skel/.ssh
if [ ! -x /etc/skel/.xsession ]; then
cat >/etc/skel/.xsession <>/etc/default/ssh </etc/shorewall/blacklist </etc/shorewall/init </etc/shorewall/interfaces </etc/shorewall/policy </etc/shorewall/rules </etc/shorewall/zones </etc/aide/aide.conf.d/80_local < /etc/cron.daily/aide-post <