Hello Hans,
Am 29.01.2024 um 12:34 schrieb Hans:
Am Montag, 29. Januar 2024, 12:16:14 CET schrieb Arno Lehmann:
Hi Arno,
yes, I saw the option SRCDISK. For my understanding it is used, when you want
to mount a an alien system i.e. via network and make a livefile from this.
But even I will do so, still all files will be copied to the livefilesystem,
this makes no change.
Well, I think this is what you can expect when using a tool to
essentially copy your running Linux to a DVD image.
You asked me, what I want. Simple: I am running KALI-Linux on one of my
notebooks· with encrypted partitions.
As my KALI got some tools, which need lots of plugins, has added some software
NOT in the KALI-repo and got several personal settings, I could not build a
livefile system of KALI by using live-build.
I'll try to not digress into why you would want to use a heavily
modified Kali in the first place, and then copy it to a different media,
which probably results in something quite unmaintainable ;-)
...
Everything is working perfectly, except this little annoying at boot.
So I understand you want the exact same system as you run it on the
host, *but* without the file systems mounted.
Here we reach the point where I must admit I do not know how bootcdwrite
works :-)
However, from its documentation, I conclude it essentially puts all
system configuration into its target directory tree, but it will have to
modify some of it -- for example, if / is mounted from the live file
system, a mount point in /etc/fstab for / would be counterproductive.
The tool, accordingly, has to modify all the fstab entries for the file
systems it copies.
That seems to work, as you state above. Also apparently, the underlying
block storage setup *is* copied.
Your goal seems clear, you do not want that block storage to be
accessed, so you'd have tomake sure the necessary setup is *not* copied.
Depending on the stack you use, that could be md, lvm, luks, and
possible more stuff.
Now, where do you draw the line? I, for example, would prefer to have md
automatically trying to assemble any RAID it may find, and LVM to kick
in, too.
Matters of taste put aside -- I think you can use the extra_changes()
function in the configuration to mangle the respective configurations
according to your needs. Removing entries from fstab and crypttab would
possibly be sufficient, but if the created image makes use of your
existing initrd, you might have to modify that as well.
In that latter case, I would probably decide that the modifications are
so invasive, that the idea to call this a "copy" of the origin system is
no longer true, and just using a generic live / rescue system may be easier.
Besides: Doing so, is a great advantage, as you might agree: I can make a
livesystem from a server, then boot it and now can dangerousless test different
configurations, can install packages, can test special settings and so on. Just
without to harm any productive system.
That appears to be too much overhead to me... virtual machines (for
server as full OS) seem much more appropriate to me, in particular as
differences between in-VM and physical devices are pretty much (not
completely, though!) abstracted away these days.
If a real, identical piece of hardware is needed for such projects, I
would rather invest money than time and still carry the risk to
accidentally destroy a production system, which also would, by
necessity, be down for whenever I experiment. Which would at least make
comparisons of behaviour much more difficult.
And after testing, I can easily change the well tested configurations to the
productive server!
Two advantages, as you see.
My views are quite different, but that may be because I'm working too
much in environments where lab - staging - production systems are
prescribed anyway, and configuration is engineered in labs and
eventually deployed through automated systems.
Does this make things a little bit clearer?
Definitely clearer, but I suspect you'll eventually have to put a lot of
your own effort into your final solution, as the general idea is rather
specific.
Cheers,
Arno
--
Arno Lehmann
IT-Service Lehmann
Sandstr. 6, 49080 Osnabrück