init

doc/README-aggregated-depot-unionfs.txt

@@ -0,0 +1,89 @@
+--------------------------------------------------------------------------------------------------
+
+** Our objective: Prevent mixing up custom related files with opsi packages
+   If you install opsi packages on the OPSI-Server, they will be
+   extracted to /opt/pcbin/install. For some packages it's necessary to place 
+   customized files inside this area (e.g. /opt/pcbin/install/<program>/custom/myconfig.cfg)
+   In this situation, opsi-packages are mixed up with private/individual files. This
+   could be a problem for maintenance, update or prtivacy reason.
+
+** Solution: Separation of custom files
+   To separate the opsi-packages from the custom files, we setup a unionfs filesystem and 
+   publish two directories as one, readonly aggregation filesystem.
+
+---------------------------------------------------------------------------------------------------
+
+** Installation of unionfs-fuse on a centos system
+
+   # Prerequirements for compiling  unionfs
+     yum install gcc
+     yum install fuse
+     yum install fuse-devel
+
+   # Downloading and installing unionfs
+     wget http://podgorny.cz/unionfs-fuse/releases/unionfs-fuse-0.24.tar.bz2
+     tar xfvj unionfs-fuse-0.24.tar.bz2
+     cd unionfs-fuse-0.24
+     make
+     make install
+
+   # automatically loading the module
+     /etc/modprobe.d/fuse.conf
+	install fuse /sbin/modprobe fuse; /sbin/modprobe fuse
+     modprobe fuse
+
+
+** Configure the aggreeagated opsi depot
+   # Create a depot directory containing the customized files. 
+   mkdir /srv/opsi/depot.custom
+
+   # mount the new, aggregated depot to a new mountpoint
+     mkdir /dynamic/opsi-depot.unionfs
+
+     # Mount example1: 
+     unionfs -o max_files=32768 \
+	        -o allow_other,use_ino,suid,dev,nonempty \
+                /srv/opsi/depot.custom=RO:/opt/pcbin/install=RO \
+                /dynamic/opsi-depot.unionfs
+
+     # Mount example2: 
+     mount -t fuse  -o max_files=32768 \
+               -o allow_other,use_ino,suid,dev,nonempty \
+               unionfs\#/srv/opsi/depot.custom=RO:/opt/pcbin/install=RO \
+               /dynamic/opsi-depot.unionfs
+
+     # Automount aggreeagated depot by fstab
+     /etc/fstab
+	unionfs#/srv/opsi/depot.custom=RO:/opt/pcbin/install=RO    /dynamic/opsi-depot.unionfs     fuse    allow_other,use_ino,suid,dev,nonempty,max_files=32768    0 0
+
+
+     # check, if you can access the new filesystem
+     ls -la /dynamic/opsi-depot.unionfs
+
+
+** check functionallay using the swdaudit project
+     # create a custom file an validate the aggregated filesystem
+     touch /srv/opsi/depot.custom/MY_INDIVIDUAL_FILE.txt
+
+     # checks
+     ls /opt/pcbin/install/swaudit
+     ls /dynamic/opsi-depot.unionfs
+
+     rm /srv/opsi/depot.custom/MY_INDIVIDUAL_FILE.txt
+     
+
+** setup samba to use this new filesystem
+   /etc/samba/smb.conf
+	[opsi_depot]
+	   available = yes
+	   comment = opsi depot share (ro)
+	;  path = /var/lib/opsi/depot
+	   path = /dynamic/opsi-depot.unionfs
+	   oplocks = no
+	   level2 oplocks = no
+	   writeable = no
+	   invalid users = root
+
+   service smb restart
+
+--------------------------------------------------------------------------------------------------