Customizing Leopard netinstall images?

[blake]

Anybody else creating customized netinstall netboot images for Leopard yet?

With 10.4.x I was able to modify the rc.cdrom scripts to launch an applescript studio application instead of apple’s installer.app. This allows us to have a nice GUI fronted to restore any of our 40+ os images. Leopard has changed the boot up game quite a bit. I currently have an netinstall image that boots and launches our application but fails to connect to AFP shares. When using mount_afp from the command line I get a “network security failure” error.

I’m using Leopard server 10.5.0 on a MacPro with apples SUI tool to create these netinstall images from a second volume. Using this SUI tool on leopard has also been problematic. However the netinstall image I’m starting with is “known good” or at least works as apple intended.

I have been adding back some of the LaunchDaemons from a standard install of leopard but this has not resulted in success. I could really use some suggestions on how to figure out the dependancies for connecting to an afp share when booted from a netinstall image.

Suggestions?

TIA,
Blake-

[mattjenns]

I’m playing with this at the moment. Our workflow for imaging is built around Mike Bombich’s NetRestore; which isn’t currently working fully in Leopard. I’ve also had flakiness with SIU – it seems to take forever to build a netrestore image (2 hours for an 8GB image?), and fails with disturbing regularity.

What i’ve done is build an SIU NetInstall image, then hack in a terminal launch and mount of the netboot NFS mount. This is into /etc/rc.install. mount_afp works fine in my testing. I just drop a restore script into the NetBootSP0 mount on the server, and run it from there.

[blake]

Well it turns out that mount_afp is working for me now. It’s when try and mount the share via our applescript studio application it’s failing. I have added in the required frameworks and any other required binaries that I know of.

However when I run this applescript command
[code]
mount volume “afp://imageserver/LabRestore”
[/code]
I’m getting a network security error. On a 10.4.10 netinstall image the user is prompted for credentials. If I hard code the username and password the command completes successfully. Seems like a needed service isn’t running. I see DirectoryService is running.

Unfortunately it’s required that users login with their AD credentials and I would prefer not to create an login window in applescript if I can avoid it..

Any suggestions on how I can turn on additional logging and figure out what’s failing are appreciated..

Blake-

[Dominic]

Have you had any joy with this?

in 10.4 i could create a netinstall image and modify the rc.cdrom in 10.5 this is now done in the rc.install

How ever after adding all the dependency files i cannot get any applescript studio app to run even the default apple examples.

this is so frustrating as it worked fine in 10.4

I have yet to create a 10.5.1 netinstall image and try but because of the case of having to copy over framework files to get a basic app running (example…a single window with a button attached to a apple script with the command display dialog “hello”….

the window with the button will appear but clicking the button will not do anything…under 10.4 this same app works fine…

[blake]

Dominic you may need to ditto over a few more items to get your application running.

Make sure your netinstall image has these

/System/Library/PrivateFrameworks/AppleScript.framework
/System/Library/Components/AppleScript.component

Currently I use ditto to copy over the entire contents of these directories. A lot of those files are unused but It hasn’t broken anything to add them all.

/System/Library/ScriptingAdditions
/System/Library/Components
/System/Library/Frameworks
/System/Library/PrivateFrameworks
/System/Library/CoreServices

Remember to enable permissions on the .dmg before you ditto things over or it will blow up..

As for my issue PAM may be failing. Looks like some additional ram disks and possibly launchd .plists will need to be added to the boot image.

Blake-

[Dominic]

Fantastic

I was missing the component

aaahhhhh 😀

All working now thank you

Would it not be easier to create a login window and ask for the user pass and the pass these credentials to mount_afp?

[blake]

I have considered creating my own login window with apple script studio. I want to avoid doing that if at all possible.

I’m waiting to hear back from apple right now. Hopefully this issue is the last kink I need to work out.

blake-

[blake]

Quick update to this..
I built a login window to handle logging into the server in applescript studio which works well. Except with users who have some special characters like % in their passwords. The command will fail with no matter what kind of quoting I throw around it. Currently I’m using this.

mount_afp ‘afp://joeuser:1#$%[email protected]/Lab’ /Volumes/Lab

Any suggestions on escaping special characters in the password here are welcome.

-Blake

[blake]

After some more research it turns out that you have to encode the special characters like you would in a browser url. I found this applescript code that will do the work for you.

http://harvey.nu/applescript_url_encode_routine.html

Get the password from your login window and run it though this before passing it on the command line. Works like a champ now.

Also we switched from apple’s SIU to using netrestore helper now that its working with leopard. It’s working quite well and I’m digging the ability to connect to netbooted systems using ARD.

Blake

[Author]

Posts