我想创建 ubuntu (桌面版) iso,其中包含预安装的应用程序并使用 LVM 进行全盘加密安装。第一部分已使用 Cubic 成功解决,但“强制”加密(安装过程中省略问题)效果不佳。
Cubic 允许我们创建预置文件,并将其放入 iso (.../preseed/enc.seed) - 但是当我尝试使用该 iso 安装 ubuntu 时,所有问题仍然会出现。我做错了什么?在我的 enc.seed 文件下面:
ubiquity partman-auto/method string crypto
ubiquity partman-lvm/device_remove_lvm boolean true
ubiquity partman-lvm/confirm boolean true
ubiquity partman-auto-lvm/guided_size string max
ubiquity partman-auto-lvm/new_vg_name string crypt
ubiquity partman-auto/disk string /dev/sda
ubiquity partman-auto/choose_recipe select root-encrypted
ubiquity partman-auto/expert_recipe string \
root-encrypted :: \
500 500 500 ext3 \
$primary{ } $bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /boot } \
. \
2000 2000 2000 linux-swap \
$lvmok{ } lv_name{ swap } \
in_vg { crypt } \
$primary{ } \
method{ swap } format{ } \
. \
500 10000 1000000000 ext4 \
$lvmok{ } lv_name{ root } \
in_vg { crypt } \
$primary{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ / } \
. \
2000 2000 2000 ext4 \
$primary{ } \
method{ keep } \
use_filesystem{ } filesystem{ ext4 } \
label{ rescuedisk } \
.
ubiquity partman-md/device_remove_md boolean true
ubiquity partman-basicfilesystems/no_mount_point boolean false
ubiquity partman-partitioning/confirm_write_new_label boolean true
ubiquity partman/choose_partition select finish
ubiquity partman/confirm boolean true
ubiquity partman/confirm_nooverwrite boolean true
顺便说一句。当我尝试添加ubiquity localechooser/supported-locales string en_US.UTF-8或任何其他“选择器”选项时 - 我仍然必须在安装过程中选择它。也许这会有所帮助。
答案1
好的,我忘记了一件事,那就是预置文件不会自动加载。我们可以通过以下方式激活它:/isolinux/txt.cfg文件(在立方体中,您可以在最后一个选项卡上配置它ISO 启动配置。
我的txt.cfg:
default live
label live
menu label ^Install Ubuntu
kernel /casper/vmlinuz
append file=/cdrom/preseed/ks.seed auto=true priority=critical automatic-ubiquity keyboard-configuration/layoutcode=pl boot=casper initrd=/casper/initrd quiet splash ---
您还必须创建一个新的预置文件preseed/ks.seed。您可以手动进行,也可以使用立方预置文件选项卡,点击“+”按钮并将其命名为 ks.seed。您可以更改名称,但也必须在 txt.cfg 中更改它。
我将在下面粘贴我的种子文件(lvm,加密)。它可能不是编写得非常好的预种子,但可以完成工作。
d-i partman-auto/method string crypto
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/confirm boolean true
d-i partman-auto-lvm/guided_size string max
d-i partman-auto-lvm/new_vg_name string crypt
d-i partman-crypto/passphrase password 1234
d-i partman-crypto/passphrase-again password 1234
d-i partman-auto/disk string /dev/sda
d-i partman-auto/choose_recipe select root-encrypted
d-i partman-auto/expert_recipe string \
root-encrypted :: \
500 500 500 ext3 \
$primary{ } $bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /boot } \
. \
8000 8000 8000 linux-swap \
$lvmok{ } lv_name{ swap } \
in_vg { crypt } \
$primary{ } \
method{ swap } format{ } \
. \
500 10000 1000000000 ext4 \
$lvmok{ } lv_name{ root } \
in_vg { crypt } \
$primary{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ / } \
.
d-i partman-md/device_remove_md boolean true
d-i partman-basicfilesystems/no_mount_point boolean false
d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
# Enable extras.ubuntu.com.
d-i apt-setup/extras boolean true
# Install the Ubuntu desktop.
tasksel tasksel/first multiselect ubuntu-desktop
# On live DVDs, don't spend huge amounts of time removing substantial
# application packages pulled in by language packs. Given that we clearly
# have the space to include them on the DVD, they're useful and we might as
# well keep them installed.
ubiquity ubiquity/keep-installed string icedtea6-plugin openoffice.org
d-i base-installer/kernel/altmeta string hwe-18.04
我希望这能对某些人有所帮助。