Ryan Nelson's Blog

RyanBlog:entry:Mar 21, 2012

~~Technically, I *am* root for the home team. Weird, huh?~~
(I need a new pun here, huh...)

About Me

My current FotoLog
My Flickr page

number of junkmail messages currently in my spam folder filtered by SpamAssassin since Noon, May 3, 2003:

where's ryan? ...well, maybe he's at a computer:
home:

work:

March 2015
S	M	T	W	T	F	S
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31

Recent Entries
[ AntiViral Video Challenge ]
[ Oh, hey... this blog is still on! ]
[ it's like a baby monitor for gadgets ]
[ writer's blocked ]
[ Redsox.com Considered Harmful ]
[ Yay, More World Baseball ]
[ Italian Baseball Team Denies me the Freakshow I've Been Waiting For ]
[ Monumental Art Project Postponed Due to Illness ]
[ The cops can apparently smell me. ]
[ "We're going to DisneyLand!" ]

Links:

The Onion
Dilbert

The Yankees
FreeBSD

Pals:

Maggie
Rudy
Scott
Beth
Mike Essl
Tommy

My BlogRoll (frequent reading)

"Adam Leventhal's Weblog"

"Alasdair Lumsden's Blog"

"American McCarver"

"Bay Area Shutterbug"

"BitWorking | Joe Gregorio"

"Blog O' Matty"

"Brendan's blog"

"Bryans's blog"

"Chitwood & Hobbs"

"Click On Tyler » Blog"

"D'Arcy Norman dot net"

"Daring Fireball"

"Data Center Knowledge"

"defective yeti"

"Electoral-vote.com"

"Esoteric Curio"

"Flip Flop Fly Ball"

"Get Rich Slowly"

"good coders code, great reuse"

"High Performance Web Sites"

"I Will Teach You To Be Rich"

"Jeremy Zawodny's blog"

"Jonathan Coulton"

"Michael Wilde (the Wilde)"

"Paul's Journal"

"Richard Crowley's blog"

"stevenberlinjohnson.com"

"The Blog of Ben Rockwood"

"Unix Admin Corner"

"Uploads from Hastings Historical Society"

"Uploads from maggie1000"

"Uploads from sassydotnet"

"Waxy.org Links"

"Zach Hoeken's µBlog"

Powered by Movable Type 2.51
CSS swiped with permission from glish.com

� entry:03/18/12 | Main | entry:03/21/12 �

March 21, 2012

SmartOS.org - run things at boot

Quickie blog post to answer some questions that i've gotten in the #smartos channel on irc:

... I'll turn this into a wiki post on smartos.org , but I needed to get a post in here for Forced March anyway:

The Challenge:

SmartOS boots from a ramdisk, but I want to customize things, and make something run in the global zone at boot.

The answer is, make a SMF service, and put it in /opt/custom/smf ... make that service do your extra commands.

My example here is "I can't edit stuff in root's home directory, since it's erased from ramdisk at every boot... but I want to put my ssh key in there!" I just make a new service definition, (I like the "manifold" program for this ... it's in Joyent's pkgsrc repo. ) ... that service just grabs my ssh_public_key from a place that's persistent on disk (in /zones, or /opt someplace safe) , and every time I reboot, it replaces it.

(It could just as easily "wget" it from someplace, or generate a new one, and email it to me, you know?)

Detailed example:

- fetch http://ryan.net/misc/custom-ssh-key-smf.tar.gz

- copy this file onto your SmartOS machine, into the /opt directory. /opt is not on ramdisk, and will persist through reboots.

- cd to /opt , then un-archive this file by running "tar -xvzf custom-ssh-key-smf.tar.gz"

- this should result in the following directory structure:



/opt

  custom/

     copy-in-ssh-key.sh

     authorized_keys

     smf/

        ssh-key-copy-in.xml

Then, edit the /opt/custom/authorized_keys file to contain the public key file you want to be copied to /root/.ssh/authorized_keys immediately after reboot. (that file contains my public key as a test. Please replace it!)

This mechanism allows solaris-style smf manifest definitions that are placed in /opt/custom/smf/ to be imported upon boot. I created a smf service manifest that simply runs /opt/custom/copy-in-ssh-key.sh , which copies the key file into root's home directory.

(this blog post'll probably get edited for correctness or verbosity soon, ... or, you know me, not.)

| Comments (1) - Posted by ryan at 06:36 PM