局域网通过FTP远程网络安装Linux

—详细解决方案

作者:cgeek

前言:

在网络管理中常常需要给用户或服务器安装操作系统,而许多企业的客户端或者服务器很少配备CD-ROM,而且如果每次安装或升级系统都带着系统光盘,既累又效率低。

不过幸运的是redhat支持通过网络安装。通过网络安装适用于批量安装linux的情况或者机器上没有CD-ROM也没有ISO文件映像的情况。

本文为你提供了局域网内Linux远程网络安装的完美解决方案。不需要刻录iso安装启动文件或使用软盘启动。

说明:本文以实现网络安装Fedora 7.0为例。

一、 架设Linux网络安装服务器

(本文测试环境是:Radhat 9.0 + vsFTP。)

Vsftp(Very Secure FTP)是一种在Unix/Linux中非常安全且快速稳定的FTP服务器。而Radhat 9.0已经自带了vsFTPRedhat 9.0所带的是vsftpd-1.1.3-8.i386.rpm,在安装盘的第三张中如果希望获得。最新版的vsFTP,可以到Vsftp官方下载:ftp://vsftpd.beasts.org/users/cevans/vsftpd-2.0.3.tar.gz,目前已经到2.0.3版本。

下面已系统自带的vsFTP为例。

1、查看是否安装了vsFTP软件

# rpm –qa | grep vsftpd

如果没有任何显示,说明系统没有安装vsFTPd,请先安装;如果出现下面的提示,就证明安装上了。

# rpm -qa | grep vsftpd
vsftpd-1.1.3-8

2、启动vsFTPd服务器。

套用Red Hat 9.0的预设范例直接启动VSFTP

# /sbin/service vsftpd start

3、测试

/var/ftp/pub目录下创建一个名为test.txt的文件,文件内容为“This is a test file”

使用FTP客户端登录到本地服务器,然后以匿名身份(anonymous)登录:

# ftp 127.0.0.1
Connected to 127.0.0.1 (127.0.0.1).
220 (vsFTPd 1.1.3)
Name (127.0.0.1:root): anonymous
331 Please specify the password.
Password:
230 Login successful. H***e fun.
Remote system type is UNIX.
Using binary mode to transfer files.

这样就成功地登录到FTP服务器。可以显示服务器目录列表如下:ftp> ls
227 Entering Passive Mode (127,0,0,1,63,15)
drwxr-xr-x 2 0 0 4096 Dec 04 01:35 pub 226 Directory send OK.

切换到pub目录下,并显示目录内容,可以找到刚才创建的文件test.txtftp> cd pub
250 Directory successfully changed.
ftp> ls
227 Entering Passive Mode (127,0,0,1,232,34)
150 Here comes the directory listing.
-rw-r–r– 1 0 0 21 Dec 04 01:35 test.txt 226 Directory send OK.

下载test.txt文件:ftp> mget test.txt
mget test.txt? y
227 Entering Passive Mode (127,0,0,1,186,210)
150 Opening BINARY mode data connection for test.txt (21 bytes).
226 File send OK.
21 bytes received in 0.0108 secs (1.9 Kbytes/sec)

查看本机目录内容,可以看到test.txt已成功下载到本机。

到此,vsFtTP已经简单通过测试了。

4、配制vsFTPd

我们主要把vsFTPd的配制文件改一下就行了。配制文件在/etc/vsftpd/vsftpd.conf,用您喜欢的编辑器打开。请参考下面的配制文件。
# Example config file /etc/vsftpd.conf
#
# The default compiled in settings are very paranoid. This sample file
# loosens things up a bit, to make the ftp daemon more usable.
#
# Allow anonymous FTP?
anonymous_enable=YES
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
# Uncomment this to enable any form of FTP write command.
write_enable=YES
#
# Default umask for local users is 077. You may wish to change this to 022,
# if your users expect that (022 is used by most other ftpd’s)
local_umask=022
#
# Uncomment this to allow the anonymous FTP user to upload files. This only
# has an effect if the above global write enable is activated. Also, you will
# obviously need to create a directory writable by the FTP user.
anon_upload_enable=YES
#
# Uncomment this if you want the anonymous FTP user to be able to create
# new directories.
anon_mkdir_write_enable=YES
#
# Activate directory messages – messages given to remote users when they
# go into a certain directory.
dirmessage_enable=YES
#
# Activate logging of uploads/downloads.
xferlog_enable=YES
#
# Make sure PORT transfer connections originate from port 20 (ftp-data).
connect_from_port_20=YES
#
# If you want, you can arrange for uploaded anonymous files to be owned by
# a different user. Note! Using “root” for uploaded files is not
# recommended!
#chown_uploads=YES
#chown_username=whoever
#
# You may override where the log file goes if you like. The default is shown
# below.
#xferlog_file=/var/log/vsftpd.log
#
# If you want, you can have your log file in standard ftpd xferlog format
xferlog_std_format=YES
#
# You may change the default value for timing out an idle session.
#idle_session_timeout=600
#
# You may change the default value for timing out a data connection.
#data_connection_timeout=120
#
# It is recommended that you define on your system a unique user which the
# ftp server can use as a totally isolated and unprivileged user.
#nopriv_user=ftpsecure
#
# Enable this and the server will recognise asynchronous ABOR requests. Not
# recommended for security (the code is non-trivial). Not enabling it,
# however, may confuse older FTP clients.
#async_abor_enable=YES
#
# By default the server will pretend to allow ASCII mode but in fact ignore
# the request. Turn on the below options to have the server actually do ASCII
# mangling on files when in ASCII mode.
# Beware that turning on ascii_download_enable enables malicious remote parties
# to consume your I/O resources, by issuing the command “SIZE /big/file” in
# ASCII mode.
# These ASCII options are split into upload and download because you may wish
# to enable ASCII uploads (to prevent uploaded scripts etc. from breaking),
# without the DoS risk of SIZE and ASCII downloads. ASCII mangling should be
# on the client anyway..
#ascii_upload_enable=YES
#ascii_download_enable=YES
#
# You may fully customise the login banner string:
#ftpd_banner=Welcome to blah FTP service.
#
# You may specify a file of disallowed anonymous e-mail addresses. Apparently
# useful for combatting certain DoS attacks.
#deny_email_enable=YES
# (default follows)
#banned_email_file=/etc/vsftpd.banned_emails
#
# You may specify an explicit list of local users to chroot() to their home
# directory. If chroot_local_user is YES, then this list becomes a list of
# users to NOT chroot().
#chroot_list_enable=YES
# (default follows)
#chroot_list_file=/etc/vsftpd.chroot_list
#
# You may activate the “-R” option to the builtin ls. This is disabled by
# default to avoid remote users being able to cause excessive I/O on large
# sites. However, some broken FTP clients such as “ncftp” and “mirror” assume
# the presence of the “-R” option, so there is a strong case for enabling it.
#ls_recurse_enable=YES

pam_service_name=vsftpd
userlist_enable=YES
#enable for standalone mode
listen=YES

tcp_wrappers=YES

更改完配制文件后,我们可以用下面的命令来重启vsFTPd服务器(千万别忘了)

# /etc/init.d/vsftpd restart

关闭 vsftpd [ 确定 ]

vsftpd 启动 vsftpd [ 确定 ]

#

5、添加加普通用户

# adduser -d /var/ftp/pub/ username
# passwd passwd
Changing password for user beinan.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

6、设置ftp目录属性.

#chmod 777 /var/ftp/pub/

二、 上传网络安装文件

l 获取Fedora 7.0

官方下载地址: http://fedoraproject.org/wiki/

Linux伊甸园 下载http://www.linuxeden.com/download/DownSoft/?softid=857

l/var/ftp/pub中,新建一个目录Fedora7,然后将下载下来的ISO都直接解压到相应的目录里或者上传到相应目录。

这样服务器的设置就完成了。

三、 Fedora7网络安装的客户端制作

建好提供网络安装的ftp服务器后,接下来就是如何引导客户端安装系统的问题了。

如何引导:

1、 如果您的客户机上有windows,就直接通过局域网的FTPdosutils images isolinux三个目录放到一个在fat32分区中建的目录中,比如说在客户机上建一个Redhat9的目录,然后把三个文件拷到客户机中的fat32 分区中的Redhat9的目录中。3.客户机安装及操作:以DOS盘引导,不要加载CDROM,直接进入客户机中fat32分区Redhat9\dosutils目录,执行下面的命令。Autoboot

(说明:fedora 7目录里好像找不到dosutils目录。需要从网上下载)

2、 刻录制作一张安装引导盘:将fedora7/images/目录下的boot.iso下载下来,刻录成安装引导盘。

但上面两种方法的缺陷是如果遇到没有光驱或软驱的客户端就不行了。下面提供一种不需要启动盘引导网络安装的方法。

原理:使用grub+inno setup制作网络安装客户端软件

方法:

1、下载GNU GRUB中文版:http://sysoft.zdwx.com/grub/download.html

2、解压后,修改menu.lst如下:

timeout 5

###########

default 0

fallback 1

###fontfile (hd0,0)/boot/grub/fonts

###########

###password

splashimage (hd0,0)/boot/grub/fedora7.xpm.gz

fontfile (hd0,0)/boot/grub/fonts

title 启动Fedora Core 7 安装

kernel (hd0,0)/boot/grub/memdisk.gz c=60 h=64 s=32 floppy

initrd (hd0,0)/boot/grub/img/fedora7.img c=60 h=64 s=32 floppy

title 启动Windows菜单

rootnoverify (hd0,0)

makeactive

chainloader +1

title CDROM启动

kernel (hd0,0)/boot/grub/memdisk.gz

initrd (hd0,0)/boot/grub/bcdl.zip

然后将fedora7/images/下的diskboot.img文件下载下来重命名为fedora7.img粘帖到grub目录下新建的img文件夹中。为了美观可以自己设计一下启动的画面,制作一个fedora7.xpm.gz,方法网上有。

3、 为了能在安装软件时自动修改根目录下的boot.ini,我们写一个批处理Install.bat.内容如下:

@echo off

title 安装GRUB到启动菜单

attrib -s -h -r c:\boot.ini >nul

insert.exe >nul

attrib +s +h +r c:\boot.ini >nul

c:\boot\help.chm //弹出帮助文件

再写一个卸载时用的批处理uninst.bat

@echo off

title 从启动菜单卸载GRUB

attrib -s -h -r c:\boot.ini >nul

delete.exe >nul

attrib +s +h +r c:\boot.ini >nul

4、 inno setup打包成安装文件。

参考脚本如下:

; 脚本用 Inno Setup 脚本向导生成。

; 查阅文档获取创建 INNO SETUP 脚本文件详细资料!

[Setup]

AppName=Linux网络安装客户端

AppVerName=Linux网络安装客户端 2.0

AppPublisher=HFUTNIC

AppPublisherURL=http://secu.hfut.edu.cn

AppSupportURL=http://secu.hfut.edu.cn

AppUpdatesURL=http://secu.hfut.edu.cn

CreateAppDir=no

LicenseFile=C:\文本文档.txt

OutputBaseFilename=setup

SetupIconFile=C:\Linux\penguin.ico

Compression=lzma

SolidCompression=yes

[Files]

Source: “C:\boot\*”; DestDir: “{sd}\boot”; Attribs: hidden system; Flags: ignoreversion recursesubdirs createallsubdirs

Source: “C:\grldr”; DestDir: “{sd}”; Attribs: hidden system; Flags: ignoreversion

; 注意: 不要在任何共享系统文件中使用“Flags: ignoreversion

[Run]

Filename: {sd}\boot\install.bat

[Code]

function InitializeUninstall(): Boolean;

begin

Result := MsgBox(’InitializeUninstall:’ #13#13 ‘卸载程序正在初始化。你确实要开始卸载吗?‘, mbConfirmation, MB_YESNO) = idYes;

if Result = False then

MsgBox(’InitializeUninstall:’ #13#13 ‘再见。‘, mbInformation, MB_OK);

end;

procedure DeinitializeUninstall();

begin

MsgBox(’DeinitializeUninstall:’ #13#13 ‘谢谢您的使用!’, mbInformation, MB_OK);

end;

procedure CurUninstallStepChanged(CurUninstallStep: TUninstallStep);

begin

case CurUninstallStep of

usUninstall:

begin

MsgBox(’CurUninstallStepChanged:’ #13#13 ‘卸载开始。‘, mbInformation, MB_OK)

// …在这里插入执行卸载前任务的代码

end;

usPostUninstall:

begin

MsgBox(’CurUninstallStepChanged:’ #13#13 ‘卸载完成。‘, mbInformation, MB_OK);

// …在这里插入执行卸载后任务的代码

end;

end;

end;

参考文章:

vsFTPd自架Linux网络安装服务器http://www.linuxsir.org/bbs/showthread.php?t=42075

经典推荐:远程网络安装RedHat-Linux

http://publish.it168.com/2007/0323/20070323023801.shtml

GRUB简体中文化版使用方法:http://sysoft.zdwx.com/grub/index.html