NetBSD's test framework has automated installs, but it uses an
expect-like program I believe (i.e., via a serial port).
For automating sysinst, I thought that was a GSOC project but I don't see it.
On Mon, 21 Jul 2025 at 17:00, Brian Buhrow <buh...@nfbcal.org> wrote:
>
> Hello everyone! A friend of mine asked me how to install NetBSD on a
> new machine without
> access to the console. Under linux, this can be done with an answer file,
> which is a
> configuration file that gets the installer up far enough so that the machine
> on which it's
> running can be accessed via ssh.
kickstart, preseed, ... oh so many choices :-)
If the target is an embedded device then I believe the SOP is to tweak
the build process to do this (a Linux m/c can be used to build
NetBSD).
> Is there a way to do this using the stock installation images?
> My friend does not have another NetBSD machine installed from which to modify
> an existing
> installation image.
Per above, It's possible to build custom install images on a
non-NetBSD system (see "The Guide").
It's also possible to modify the NetBSD boot ISO using growisofs without NetBSD.
For instance, this will add the file base.sh to the ISO. Put it in
the correct place (where?) and it will run automatically during boot:
growisofs -M $@.tmp -l \
-input-charset utf-8 \
-graft-points \
/base.sh=$(KVM_NETBSD_BASE_DOMAIN).sh
While crude, this script can be written to install 10.x using what I
call the 1.5 install process (the script is based on the 1.5
documentation).
For instance, below is the script Libreswan uses to automate installs
on NetBSD within a VM. It uses two ISOs (modifies and boots
boot-com.iso) so that the headless VM uses a serial port for the
console. You likely don't need to do that. Oh and yes, the root
password is hardwired to "swan".
#!/bin/sh
set -x
:
: Controlled panic
:
sysctl -w ddb.onpanic=0
sysctl -w ddb.lines=0
:
: Make /tmp writable.
:
mount -t tmpfs tmpfs /tmp
touch /tmp/foo
:
: Initialize the disk creating a single DOS NetBSD partition.
:
dd count=2 if=/dev/zero of=/dev/ld0
fdisk -f -i ld0
fdisk -f -0 -a -s 169 -u ld0
fdisk ld0
:
: Now create the NetBSD partitions within that.
:
# By default NetBSD generates a label with everything in e:, switch it
# to a:. And use that as the root file system. Don't bother with
# swap.
disklabel ld0 > /tmp/ld0.label || echo disklabel barfed 2
sed -i -e "s/ e:/ a:/" /tmp/ld0.label
disklabel -R -r ld0 /tmp/ld0.label
newfs /dev/ld0a
:
: Enable booting of the first or zero partition.
:
# The MBR is installed into front of the disk; the NetBSD partition is
# made active; and finally install secondary boot and boot-blocks are
# installed into the just built root file system.
#
# Should (can) speed be changed, 9600 is so retro?
fdisk -f -0 -a ld0
fdisk -f -c /usr/mdec/mbr_com0 ld0
mount -o async /dev/ld0a /targetroot
cp /usr/mdec/boot /targetroot/boot # file: /boot not /boot/
umount /targetroot
dumpfs /dev/ld0a | grep format # expect FFSv1
installboot -v -o console=com0,timeout=5,speed=9600 /dev/rld0a
/usr/mdec/bootxx_ffsv1
:
: Unpack the files into the root file system.
:
mount -o async /dev/ld0a /targetroot
touch /targetroot/.
sets=/mnt/$(uname -m)/binary/sets
case $(uname -m) in
i386 ) tgz=tgz ;;
* ) tgz=tar.xz ;;
esac
ls ${sets}
for f in ${sets}/[a-jl-z]*.${tgz} ${sets}/[a-jl-z]*.${tgz} ; do
if test -r "${f}" ; then
echo $f
( cd /targetroot && tar xpf ${f} )
fi
done
# Generating the ISO seems to, sometimes, corrupt the name.
for f in kern-GENERIC.${tgz} kern_generic.${tgz} ; do
k=${sets}/${f}
if test -r ${k} ; then
( cd /targetroot && tar xpvf ${k} )
break
fi
done
:
: Set up the mount points
:
mkdir /targetroot/kern /targetroot/proc /targetroot/pool /targetroot/bench
cat <<EOF | tee /targetroot/etc/fstab
ROOT.a / ffs rw,noatime 1 1
kernfs /kern kernfs rw
ptyfs /dev/pts ptyfs rw
procfs /proc procfs rw
tmpfs /var/shm tmpfs rw,-m1777,-sram%25
tmpfs /tmp tmpfs rw
198.19.0.1:/home/libreswan/pool /pool nfs rw
198.19.0.1:/home/libreswan/git-crypto /bench nfs rw
EOF
:
: run post install
:
# opensslcertsrehash needs /dev populated
( cd /targetroot/dev && ./MAKEDEV all )
# postinstall needs these
cp ${sets}/etc.${tgz} /targetroot/var/tmp
cp ${sets}/xetc.${tgz} /targetroot/var/tmp
# opensslcertsreahsh only works with /
chroot /targetroot postinstall -s /var/tmp/etc.${tgz} -s
/var/tmp/xetc.${tgz} fix
# also blank out TOOR's password as backup?
# c("echo swan | pwhash |sed -e 's/[\$\/\\]/\\\$/g' | tee /tmp/pwd")
# sed -i -e "s/root:[^:]*:/root:$(cat /tmp/pwd):/" /etc/master.passwd
# sed -i -e "s/toor:[^:]*:/toor::/" /etc/master.passwd
:
: Setup the network to use DHCP on eth0
:
cat <<EOF | tee -a /targetroot/etc/rc.conf
. /etc/defaults/rc.conf
rc_configured=YES
no_swap=YES
savecore=NO
EOF
cat <<EOF | tee /targetroot/etc/ifconfig.vioif0
dhcp
EOF
cat <<EOF | tee /targetroot/etc/myname
netbsd
EOF
:
: Fix SHELL prompt
:
#
# Change the shell prompt to [USER@HOST PWD STATUS]# so it works with
# the make files.
#
cat <<EOF | tee /targetroot/root/.shrc
case "\$-" in
*i*)
if /bin/test -z "\${HOST}"; then
HOST=\$(hostname)
fi
set -E emacs
set -o tabcomplete
set -o promptcmds
PS1='['"\${USER}@\${HOST%%.*}"' \$(s=\$?;p=\${PWD##*/};echo
\${p:-/} \${s#0})]# '
;;
esac
EOF
:
: tweak sysctl
:
echo ddb.lines=0 >> /targetroot/etc/sysctl.conf
:
: Cleanup and shutdown
:
umount /targetroot
umount /mnt
