Creating a Stage4 Linux Image

Creating a Stage4 Image is actually quite a simple process, it's effectively a full system snapshot.

Method One - Stage4 Script

The simplest method possible is to use our stage4.sh script which will pack most of the system. It's fairly east to customise by simply editing the file.

root@host # cd /tmp
root@host # wget -q -O./stage4.sh http://stage4.org/bin/stage4.sh
root@host # chmod 0755 ./stage4.sh
root@host # ./stage4.sh +file=/path/to/archive/file.tar.bz2 pack

Creating a Clone

root@host # ./stage4.sh +copy=/mnt/stage4/ copy

Excluding Files to Image

If the option given is a file it will be concatenated to the list; else it is added.

root@host # ./stage4.sh +copy=/mnt/stage4/ +dont=/opt +dont=/etc [copy|pack]
root@host # ./stage4.sh +dont=/tmp/file.list +dont=/opt +dont=/private/data [copy|pack]

Image a Differnt Source

The default source is /, but can be chaged with +root=.

root@host # ./stage4.sh +root=/mnt/other/ +dont=/opt +dont=/etc [copy|pack]

Copy, w/Exclustions, Pack to Image

Using all the options:

root@host # ./stage4.sh \
    +copy=/mnt/stage4/ \
    +dont=/opt \
    copy \
    +root=/mnt/stage4/ \
    +file=/stage4.tgz \
    pack

Method Two - Manual Process

Effectively all we are doing is creatging a huge tarball of the system. If you really wanted to you could rsync your system to a location, then merge other stuff in there.

Clone our system to a designated location. Prepare a location (or partition), rsync the system to here using the exclude file, merge some changes and viola!

root@host # mkdir /mnt/stage4/
root@host # mkdir /dev/sdc4 /mnt/stage4
root@host # ./stage4.sh dont > /exclude.txt
root@host # rsync --achive --exclude=/exclude.txt --one-file-system / /mnt/stage4/

Merge in specific changes from this prepared location.

root@host # rsync --archive /opt/stage4/_st4root/ /mnt/stage4/

The /opt/stage4/_st4root directory would be created before to contain a set of files that would/should always be configured. An example of files to force to a baseline would be the following list, which is not comprehensive. The list is very much determine by which packages one has installed, such as Apache, FTPd or similar.

/etc/fstab
/etc/group*
/etc/gshadow*
/etc/hosts
/etc/mtab
/etc/passwd*
/etc/shadow*

These directoies may also contain files that could be sensitive.

/etc/openldap/*
/etc/openvpn/*
/etc/ssh/*
/etc/ssmtp/*
/etc/wpa_supplicant/*