The configuration fragments used in this appendix are also available as an example preconfiguration file from ../example-preseed.txt.
Note that this example is based on an installation for the Intel x86 architecture. If you are installing a different architecture, some of the examples (like keyboard selection and bootloader installation) may not be relevant and will need to be replaced by debconf settings appropriate for your architecture.
Setting localization values will only work if you are using initrd preseeding. With all other methods the preconfiguration file will only be loaded after these questions have been asked.
The locale can be used to specify both language and country and can be any
combination of a language supported by debian-installer and a recognized country. If
the combination does not form a valid locale, the installer will automatically
select a locale that is valid for the selected language.
To specify the locale as a boot parameter, use
locale=.
en_US
# Locale sets language and country. d-i debian-installer/locale string en_US
Keyboard configuration consists of selecting a keyboard architecture and a
keymap. In most cases the correct keyboard architecture is selected by
default, so there's normally no need to preseed it. The keymap must
be known to the debian-installer for the selected keyboard architecture.
# Keyboard selection. #d-i console-tools/archs select at d-i console-keymaps-at/keymap select us # Example for a different keyboard architecture #d-i console-keymaps-usb/keymap select mac-usb-us
To skip keyboard configuration, preseed
console-tools/archs with
skip-config.
This will result in the kernel keymap remaining active.
The changes in the input layer for 2.6 kernels have made the keyboard
architecture virtually obsolete. For 2.6 kernels normally a “PC”
(at) keymap should be selected.
Of course, preseeding the network configuration won't work if you're loading your preconfiguration file from the network. But it's great when you're booting from CD or USB stick. If you are loading preconfiguration files from the network, you can pass network config parameters by using kernel boot parameters.
If you need to pick a particular interface when netbooting before loading
a preconfiguration file from the network, use a boot parameter such as
interface=.
eth1
Although preseeding the network configuration is normally not possible when using network preseeding (using “preseed/url”), you can use the following hack to work around that, for example if you'd like to set a static address for the network interface. The hack is to force the network configuration to run again after the preconfiguration file has been loaded by creating a “preseed/run” script containing the following commands:
killall.sh; netcfg
The following debconf variables are relevant for network configuration.
# netcfg will choose an interface that has link if possible. This makes it # skip displaying a list if there is more than one interface. d-i netcfg/choose_interface select auto # To pick a particular interface instead: #d-i netcfg/choose_interface select eth1 # If you have a slow dhcp server and the installer times out waiting for # it, this might be useful. #d-i netcfg/dhcp_timeout string 60 # If you prefer to configure the network manually, uncomment this line and # the static network configuration below. #d-i netcfg/disable_dhcp boolean true # If you want the preconfiguration file to work on systems both with and # without a dhcp server, uncomment these lines and the static network # configuration below. #d-i netcfg/dhcp_failed note #d-i netcfg/dhcp_options select Configure network manually # Static network configuration. #d-i netcfg/get_nameservers string 192.168.1.1 #d-i netcfg/get_ipaddress string 192.168.1.42 #d-i netcfg/get_netmask string 255.255.255.0 #d-i netcfg/get_gateway string 192.168.1.1 #d-i netcfg/confirm_static boolean true # Any hostname and domain names assigned from dhcp take precedence over # values set here. However, setting the values still prevents the questions # from being shown, even if values come from dhcp. d-i netcfg/get_hostname string unassigned-hostname d-i netcfg/get_domain string unassigned-domain # Disable that annoying WEP key dialog. d-i netcfg/wireless_wep string # The wacky dhcp hostname that some ISPs use as a password of sorts. #d-i netcfg/dhcp_hostname string radish # If non-free firmware is needed for the network or other hardware, you can # configure the installer to always try to load it, without prompting. Or # change to false to disable asking. #d-i hw-detect/load_firmware boolean true
Please note that netcfg will automatically determine the
netmask if netcfg/get_netmask is not preseeded. In
this case, the variable has to be marked as seen for
automatic installations. Similarly, netcfg will choose
an appropriate address if netcfg/get_gateway is not
set. As a special case, you can set
netcfg/get_gateway to “none” to specify
that no gateway should be used.
# Use the following settings if you wish to make use of the network-console # component for remote installation over SSH. This only makes sense if you # intend to perform the remainder of the installation manually. #d-i anna/choose_modules string network-console #d-i network-console/password password r00tme #d-i network-console/password-again password r00tme
Depending on the installation method you use, a mirror may be used to
download additional components of the installer, to install the base system,
and to set up the /etc/apt/sources.list for the installed
system.
The parameter mirror/suite determines the suite for
the installed system.
The parameter mirror/udeb/suite determines the suite
for additional components for the installer. It is only useful to set this
if components are actually downloaded over the network and should match the
suite that was used to build the initrd for the installation method used for
the installation.
By default the value for mirror/udeb/suite is the
same as mirror/suite.
# If you select ftp, the mirror/country string does not need to be set. #d-i mirror/protocol string ftp d-i mirror/country string manual d-i mirror/http/hostname string http.us.debian.org d-i mirror/http/directory string /debian d-i mirror/http/proxy string # Suite to install. #d-i mirror/suite string testing # Suite to use for loading installer components (optional). #d-i mirror/udeb/suite string testing
# Controls whether or not the hardware clock is set to UTC. d-i clock-setup/utc boolean true # You may set this to any valid setting for $TZ; see the contents of # /usr/share/zoneinfo/ for valid values. d-i time/zone string US/Eastern # Controls whether to use NTP to set the clock during the install d-i clock-setup/ntp boolean true # NTP server to use. The default is almost always fine here. #d-i clock-setup/ntp-server string ntp.example.com
Using preseeding to partition the harddisk is very much limited to what is
supported by partman-auto. You can choose to partition
either existing free space on a disk or a whole disk. The layout of the
disk can be determined by using a predefined recipe, a custom recipe from
a recipe file or a recipe included in the preconfiguration file. It is
currently not possible to partition multiple disks using preseeding.
The identification of disks is dependent on the order in which their drivers are loaded. If there are multiple disks in the system, make very sure the correct one will be selected before using preseeding.
# If the system has free space you can choose to only partition that space.
#d-i partman-auto/init_automatically_partition select biggest_free
# Alternatively, you can specify a disk to partition. The device name must
# be given in traditional non-devfs format.
# Note: A disk must be specified, unless the system has only one disk.
# For example, to use the first SCSI/SATA hard disk:
#d-i partman-auto/disk string /dev/sda
# In addition, you'll need to specify the method to use.
# The presently available methods are: "regular", "lvm" and "crypto"
d-i partman-auto/method string lvm
# If one of the disks that are going to be automatically partitioned
# contains an old LVM configuration, the user will normally receive a
# warning. This can be preseeded away...
d-i partman-lvm/device_remove_lvm boolean true
# The same applies to pre-existing software RAID array:
d-i partman-md/device_remove_md boolean true
# And the same goes for the confirmation to write the lvm partitions.
d-i partman-lvm/confirm boolean true
# You can choose one of the three predefined partitioning recipes:
# - atomic: all files in one partition
# - home: separate /home partition
# - multi: separate /home, /usr, /var, and /tmp partitions
d-i partman-auto/choose_recipe select atomic
# Or provide a recipe of your own...
# The recipe format is documented in the file devel/partman-auto-recipe.txt.
# If you have a way to get a recipe file into the d-i environment, you can
# just point at it.
#d-i partman-auto/expert_recipe_file string /hd-media/recipe
# If not, you can put an entire recipe into the preconfiguration file in one
# (logical) line. This example creates a small /boot partition, suitable
# swap, and uses the rest of the space for the root partition:
#d-i partman-auto/expert_recipe string \
# boot-root :: \
# 40 50 100 ext3 \
# $primary{ } $bootable{ } \
# method{ format } format{ } \
# use_filesystem{ } filesystem{ ext3 } \
# mountpoint{ /boot } \
# . \
# 500 10000 1000000000 ext3 \
# method{ format } format{ } \
# use_filesystem{ } filesystem{ ext3 } \
# mountpoint{ / } \
# . \
# 64 512 300% linux-swap \
# method{ swap } format{ } \
# .
# This makes partman automatically partition without confirmation, provided
# that you told it what to do using one of the methods above.
d-i partman/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
You can also use preseeding to set up partitions on software RAID arrays. Supported are RAID levels 0, 1, 5, 6 and 10, creating degraded arrays and specifying spare devices. If you are using RAID 1, you can preseed grub to install to all devices used in the array; see Section B.4.12, “Boot loader installation”.
This type of automated partitioning is easy to get wrong. It is also
functionality that receives relatively little testing from the developers
of debian-installer. The responsibility to get the various recipes right (so they
make sense and don't conflict) lies with the user.
Check /var/log/syslog if you run into problems.
# NOTE: this option is of beta release quality and should be used carefully
# The method should be set to "raid".
#d-i partman-auto/method string raid
# Specify the disks to be partitioned. They will all get the same layout,
# so this will only work if the disks are the same size.
#d-i partman-auto/disk string /dev/sda /dev/sdb
# Next you need to specify the physical partitions that will be used.
#d-i partman-auto/expert_recipe string \
# multiraid :: \
# 1000 5000 4000 raid \
# $primary{ } method{ raid } \
# . \
# 64 512 300% raid \
# method{ raid } \
# . \
# 500 10000 1000000000 raid \
# method{ raid } \
# .
# Last you need to specify how the previously defined partitions will be
# used in the RAID setup. Remember to use the correct partition numbers
# for logical partitions.
# Parameters are:
# <raidtype> <devcount> <sparecount> <fstype> <mountpoint> \
# <devices> <sparedevices>
# RAID levels 0, 1, 5, 6 and 10 are supported; devices are separated using "#"
#d-i partman-auto-raid/recipe string \
# 1 2 0 ext3 / \
# /dev/sda1#/dev/sdb1 \
# . \
# 1 2 0 swap - \
# /dev/sda5#/dev/sdb5 \
# . \
# 0 2 0 ext3 /home \
# /dev/sda6#/dev/sdb6 \
# .
# This makes partman automatically partition without confirmation.
d-i partman-md/confirm boolean true
d-i partman/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
There is actually not very much that can be preseeded for this stage of the installation. The only questions asked concern the installation of the kernel.
# Select the initramfs generator used to generate the initrd for 2.6 kernels. #d-i base-installer/kernel/linux/initramfs-generators string yaird # The kernel image (meta) package to be installed; "none" can be used if no # kernel is to be installed. #d-i base-installer/kernel/image string linux-image-2.6-486
The password for the root account and name and password for a first regular user's account can be preseeded. For the passwords you can use either clear text values or MD5 hashes.
Be aware that preseeding passwords is not completely secure as everyone with access to the preconfiguration file will have the knowledge of these passwords. Using MD5 hashes is considered slightly better in terms of security but it might also give a false sense of security as access to a MD5 hash allows for brute force attacks.
# Skip creation of a root account (normal user account will be able to # use sudo). #d-i passwd/root-login boolean false # Alternatively, to skip creation of a normal user account. #d-i passwd/make-user boolean false # Root password, either in clear text #d-i passwd/root-password password r00tme #d-i passwd/root-password-again password r00tme # or encrypted using an MD5 hash. #d-i passwd/root-password-crypted password [MD5 hash] # To create a normal user account. #d-i passwd/user-fullname string Debian User #d-i passwd/username string debian # Normal user's password, either in clear text #d-i passwd/user-password password insecure #d-i passwd/user-password-again password insecure # or encrypted using an MD5 hash. #d-i passwd/user-password-crypted password [MD5 hash] # Create the first user with the specified UID instead of the default. #d-i passwd/user-uid string 1010 # The user account will be added to some standard initial groups. To # override that, use this. #d-i passwd/user-default-groups string audio cdrom video
The passwd/root-password-crypted and
passwd/user-password-crypted variables can also
be preseeded with “!” as their value. In that case, the
corresponding account is disabled. This may be convenient for the root
account, provided of course that an alternative method is set up to allow
administrative activities or root login (for instance by using SSH key
authentication or sudo).
The following command can be used to generate an MD5 hash for a password:
$ printf "r00tme" | mkpasswd -s -m md5
Setup of the /etc/apt/sources.list and basic configuration
options is fully automated based on your installation method and answers to
earlier questions. You can optionally add other (local) repositories.
# You can choose to install non-free and contrib software. #d-i apt-setup/non-free boolean true #d-i apt-setup/contrib boolean true # Uncomment this if you don't want to use a network mirror. #d-i apt-setup/use_mirror boolean false # Select which update services to use; define the mirrors to be used. # Values shown below are the normal defaults. #d-i apt-setup/services-select multiselect security, volatile #d-i apt-setup/security_host string security.debian.org #d-i apt-setup/volatile_host string volatile.debian.org # Additional repositories, local[0-9] available #d-i apt-setup/local0/repository string \ # http://local.server/debian stable main #d-i apt-setup/local0/comment string local server # Enable deb-src lines #d-i apt-setup/local0/source boolean true # URL to the public key of the local repository; you must provide a key or # apt will complain about the unauthenticated repository and so the # sources.list line will be left commented out #d-i apt-setup/local0/key string http://local.server/key # By default the installer requires that repositories be authenticated # using a known gpg key. This setting can be used to disable that # authentication. Warning: Insecure, not recommended. #d-i debian-installer/allow_unauthenticated string true
You can choose to install any combination of tasks that are available. Available tasks as of this writing include:
standard
desktop
gnome-desktop
kde-desktop
web-server
print-server
dns-server
file-server
mail-server
sql-database
laptop
You can also choose to install no tasks, and force the installation of a
set of packages in some other way. We recommend always including the
standard task.
If you want to install some individual packages in addition to packages
installed by tasks, you can use the parameter
pkgsel/include. The value of this parameter can be
a list of packages separated by either commas or spaces, which allows it
to be used easily on the kernel command line as well.
#tasksel tasksel/first multiselect standard, web-server # If the desktop task is selected, install the kde and xfce desktops # instead of the default gnome desktop. #tasksel tasksel/desktop multiselect kde, xfce # Individual additional packages to install #d-i pkgsel/include string openssh-server build-essential # Whether to upgrade packages after debootstrap. # Allowed values: none, safe-upgrade, full-upgrade #d-i pkgsel/upgrade select none # Some versions of the installer can report back on what software you have # installed, and what software you use. The default is not to report back, # but sending reports helps the project determine what software is most # popular and include it on CDs. #popularity-contest popularity-contest/participate boolean false
# Grub is the default boot loader (for x86). If you want lilo installed # instead, uncomment this: #d-i grub-installer/skip boolean true # To also skip installing lilo, and install no bootloader, uncomment this # too: #d-i lilo-installer/skip boolean true # This is fairly safe to set, it makes grub install automatically to the MBR # if no other operating system is detected on the machine. d-i grub-installer/only_debian boolean true # This one makes grub-installer install to the MBR if it also finds some other # OS, which is less safe as it might not be able to boot that other OS. d-i grub-installer/with_other_os boolean true # Alternatively, if you want to install to a location other than the mbr, # uncomment and edit these lines: #d-i grub-installer/only_debian boolean false #d-i grub-installer/with_other_os boolean false #d-i grub-installer/bootdev string (hd0,0) # To install grub to multiple disks: #d-i grub-installer/bootdev string (hd0,0) (hd1,0) (hd2,0) # Optional password for grub, either in clear text #d-i grub-installer/password password r00tme #d-i grub-installer/password-again password r00tme # or encrypted using an MD5 hash, see grub-md5-crypt(8). #d-i grub-installer/password-crypted password [MD5 hash]
An MD5 hash for a password for grub can be generated
using grub-md5-crypt, or using the command from the
example in Section B.4.9, “Account setup”.
# During installations from serial console, the regular virtual consoles # (VT1-VT6) are normally disabled in /etc/inittab. Uncomment the next # line to prevent this. #d-i finish-install/keep-consoles boolean true # Avoid that last message about the install being complete. d-i finish-install/reboot_in_progress note # This will prevent the installer from ejecting the CD during the reboot, # which is useful in some situations. #d-i cdrom-detect/eject boolean false # This is how to make the installer shutdown when finished, but not # reboot into the installed system. #d-i debian-installer/exit/halt boolean true # This will power off the machine instead of just halting it. #d-i debian-installer/exit/poweroff boolean true
# Depending on what software you choose to install, or if things go wrong # during the installation process, it's possible that other questions may # be asked. You can preseed those too, of course. To get a list of every # possible question that could be asked during an install, do an # installation, and then run these commands: # debconf-get-selections --installer > file # debconf-get-selections >> file