Difference between revisions of "Creating a template cache : Slackware or HostGIS Linux"

Latest revision as of 10:55, 19 October 2009

This process uses VMware to install the OS into a VM, then to trim down the VM's contents to only those items suitable for a VE environment, then to save a snapshot of the system as a host template cache for use in OpenVZ.

This document focuses on HostGIS Linux (a Slackware derivative) but aside from the specifics about installation settings, it should be 99% applicable to Slackware as well.

Create the VM in VMware[edit]

Technically, you could probably do this on a hardware PC without VMware, but VMware does make it more convenient.

Start by creating a new VM in VMware.

The disk and RAM stats can be minimal, as the system will never see live use.
There is no need to create the entire disk at once during the setup.
Create the disk as SCSI.

Then install HGL.

Create a small partition at the end of the disk for swap. Some swap is technically necessary, but since you'll never in fact be using it, a few MB should be fine.
Set the passwords to 'password'
Do set the timezone properly. The internal clock does not use UTC/GMT.
Select the default mouse, but do NOT enable GPM at startup.
Hostname: template
Domain: internal.lan
IP config: as appropriate for your LAN
Nameserver: no

Reboot into your new HGL install, and log in.

Delete unnecessary stuff[edit]

A lot of packages aren't relevant to a VЕ setting, e.g. floppy disk utilities and kernel modules, even getty listening on the console.

 # kernel, kernel modules, documentation, mount points
 rm -rf /lib/modules /boot /dev/.udev /usr/doc /usr/info /media

 # packages not applicable to a VE
 cd /var/log/packages
 for pkg in \
    hotplug-* hdparm-* devmapper-* udev-* usbutils-* pciutils-* module-init-tools-* \
    mdadm-* floppy-* lvm2-* raidtools-* reiserfsprogs-* \
    smartmontools-* sysfsutils-* syslinux-* wireless_tools.* quota-* iptables-*
 do removepkg $pkg ; done

 # prune init's getty
 vi  /etc/inittab # delete everything after entry l6 (runlevel 6)
 init q

 # clean out the fstab and mtab files
 ( cd /etc ; rm -f fstab mtab ; ln -s ../proc/mounts mtab )
 echo "proc     /proc      proc     defaults    0  0" >> /etc/fstab
 echo "devpts   /dev/pts   devpts   mode=0620   0  0" >> /etc/fstab

 # the startup sequence and services
 cd /etc/rc.d
 rm -f rc.gpm-sample rc.gpm rc.hotplug rc.ip_forward rc.modules \
       rc.scanluns  rc.serial rc.udev rc.sysvinit
 vi rc.syslog    # delete all mentions of klogd
 vi rc.M         # delete the setterm entry
 vi rc.S         # delete the MOTD clobbering

Fix permissions and ownerships[edit]

 # clear out old/dummy SSL certificates
 mv /etc/ssl/openssl.cnf /tmp ; rm -r /etc/ssl/* ; mv /tmp/openssl.cnf /etc/ssl

 # set an ownership on any unowned files
 find / -mount -nouser -exec chown root {} \; &
 find / -mount -nogroup -exec chgrp root {} \; &

 # remove the setuid bit from programs which nobody else should use
 # you may want to review this list first, as some folks want their users
 # able to edit cronjobs and to change their own passwords, etc.
 for i in \
   /bin/ping /bin/mount /bin/ping6 /bin/umount /usr/bin/chfn \
    /usr/bin/chsh /usr/bin/crontab /usr/bin/chage /usr/bin/traceroute6 /usr/bin/traceroute \
    /usr/bin/expiry /usr/bin/newgrp /usr/bin/passwd /usr/bin/gpasswd \
    /usr/libexec/ssh-keysign /usr/libexec/pt_chown /usr/bin/wall /usr/bin/write
    do chmod u-s $i ; done

Changes to rc scripts[edit]

OpenVZ emulates rebooting with an external cronjob called vpsreboot and a dummy file called /reboot within the VE, and emulates the /etc/mtab file by pointing it to /proc/mounts So, some small changes are necessary to the rc scripts.

 # somewhere in rc.6 add this command: touch /reboot
 vi /etc/rc.d/rc.6

 # somewhere in rc.M, add this command: rm -f /etc/mtab ;  ln -s /proc/mounts /etc/mtab
 vi /etc/rc.d/rc.M

Blanking settings[edit]

Lastly, you'll want to delete or blank out a bunch of files so they start fresh when the VE is booted for its first time.

 # stop all services
 apachectl stop
 killall syslogd klogd udevd crond
 /etc/rc.d/rc.sendmail stop
 /etc/rc.d/rc.inetd stop
 /etc/webmin/stop
 /etc/rc.d/rc.pgsql stop
 /etc/rc.d/rc.mysqld stop
 killall named proftpd

 # blow away the network configuration with dummy strings for later replacement
 #    replace the IP address with __IPADDRESS_
 #    replace the netmask with __NETMASK__
 #    replace the GATEWAY with __GATEWAY__
 vi /etc/rc.d/rc.inet1.conf

 # disable the root and user accounts
 # by changing the password for root and user to a ! character.
 vi /etc/shadow

 # refresh the 'locate' cache
 /etc/cron.daily/slocate

 # blank out the system logfiles
 for logfile in \
     /var/log/messages /var/log/syslog /var/log/debug /var/log/secure \
     /var/log/maillog /var/log/spooler /var/log/proftpd.log /var/log/xinetd.log \
     /var/log/dmesg /var/log/faillog /var/log/lastlog /var/log/wtmp \
     /var/log/apache/access_log /var/log/apache/error_log \
     /var/log/webmin/miniserv.error /var/log/webmin/miniserv.pid
 do cp /dev/null $logfile ; done
 rmdir /var/log/sa

 # clear the SSH host key
 rm -f /etc/ssh/ssh_host_*

 # database server logfiles
 rm -f /var/lib/mysql/*.err /var/lib/pgsql/logfile

 # delete vi backup files, bash_history files, and other small application crud
 unset HISTFILE
 find / -name '*~' \
     -o -name .bash_history \
     -o -name .gnupg \
     -o -name .lesshst \
     -o -name .viminfo \
     -o -name .rnd \
     -delete

 # anything under /tmp
 rm -rf /tmp/*

Zipping it up into a cache image[edit]

A CT cache is just a tar.gz file of the entire filesystem, excluding some very dynamic stuff which gets populated by the OS at runtime anyway:

 tar --numeric-owner -zcvf /tmp/HostGIS_Linux_4.2_64bit.tar.gz --exclude='/sys/*' --exclude='/proc/*' --exclude='/tmp/*' /

Difference between revisions of "Creating a template cache : Slackware or HostGIS Linux"

Latest revision as of 10:55, 19 October 2009

Contents

Create the VM in VMware[edit]

Delete unnecessary stuff[edit]

Fix permissions and ownerships[edit]

Changes to rc scripts[edit]

Blanking settings[edit]

Zipping it up into a cache image[edit]

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Services

Donate

Tools

@@ Line 1: / Line 1: @@
-Creating a new Host Template Cache
+This process uses VMware to install the OS into a VM, then to trim down the VM's contents to only those items suitable for a [[VE]] environment, then to save a snapshot of the system as a host template cache for use in OpenVZ.
-for HostGIS Linux 4.x or Slackware 11.x/12.x
-This process uses VMWare to install the OS into a VM, then to trim down the VM's contents to only those items suitable for a VPS/VE environment, then to save a snapshot of the system as a host template cache for use in OpenVZ.
+This document focuses on HostGIS Linux (a Slackware derivative) but aside from the specifics about installation settings, it should be 99% applicable to Slackware as well.
-***** CREATING THE VM
+== Create the VM in VMware ==
-Start by creating a new VM in VMWare. The stats can be minimal, and there
+Technically, you could probably do this on a hardware PC without VMware, but VMware does make it more convenient.
-is no need to create the entire disk at once during the setup.
-   * Create the disk as SCSI.
+Start by creating a new VM in VMware.
+* The disk and RAM stats can be minimal, as the system will never see live use.
+* There is no need to create the entire disk at once during the setup.
+* Create the disk as SCSI.
 Then install HGL.
-  * Create a small partition at the end of the disk for swap. Some swap
+* Create a small partition at the end of the disk for swap. Some swap is technically necessary, but since you'll never in fact be using it, a few MB should be fine.
-    is technically necessary, but since you'll never in fact be using it,
+* Set the passwords to 'password'
-    a few MB should be fine.
+* Do set the timezone properly. The internal clock does not use UTC/GMT.
-  * Set the passwords to 'password'
+* Select the default mouse, but do NOT enable GPM at startup.
-  * Do set the timezone properly. The internal clock does not use UTC/GMT.
+* Hostname: template
-  * Select the default mouse, but do NOT enable GPM at startup.
+* Domain: internal.lan
-  * Hostname:  template   Domain: internal.lan
+* IP config: as appropriate for your LAN
-  * IP config:  as appropriate for your LAN
+* Nameserver: no
-  * Nameserver: no
-Reboot into your new HGL install.
-Now we want to tweak it into a usable template.
+Reboot into your new HGL install, and log in.
-Go ahead and login to the VM.
+== Delete unnecessary stuff ==
+A lot of packages aren't relevant to a VЕ setting, e.g. floppy disk utilities and kernel modules, even getty listening on the console.
-***** UPGRADES AND SECURITY PATCHES
+<code>
-The default HGL you used may require some software to be reinstalled, since new versions
+  # kernel, kernel modules, documentation, mount points
-and critical bugfixes may have been released since that version of HGL was released.
+  rm -rf /lib/modules /boot /dev/.udev /usr/doc /usr/info /media
-Follow these instructions, and also update them as necessary for the appropriate versions
-and to remove paragraphs when a revision of HGL comes out that no longer requires them.
-# HGL 4.2 - no necessary upgrades as of Nov 29 2007
+  # packages not applicable to a VE
+  cd /var/log/packages
+  for pkg in \
+     hotplug-* hdparm-* devmapper-* udev-* usbutils-* pciutils-* module-init-tools-* \
+     mdadm-* floppy-* lvm2-* raidtools-* reiserfsprogs-* \
+     smartmontools-* sysfsutils-* syslinux-* wireless_tools.* quota-* iptables-*
+  do removepkg $pkg ; done
+  # prune init's getty
+  vi  /etc/inittab # delete everything after entry l6 (runlevel 6)
+  init q
+  # clean out the fstab and mtab files
+  ( cd /etc ; rm -f fstab mtab ; ln -s ../proc/mounts mtab )
+  echo "proc     /proc      proc     defaults    0  0" >> /etc/fstab
+  echo "devpts   /dev/pts   devpts   mode=0620   0  0" >> /etc/fstab
-***** REPLACE INETD WITH XINETD
+  # the startup sequence and services
+  cd /etc/rc.d
+  rm -f rc.gpm-sample rc.gpm rc.hotplug rc.ip_forward rc.modules \
+        rc.scanluns  rc.serial rc.udev rc.sysvinit
+  vi rc.syslog    # delete all mentions of klogd
+  vi rc.M         # delete the setterm entry
+  vi rc.S         # delete the MOTD clobbering
-Inetd is good but minimal. Xinetd offers security features, such as restricting service
+</code>
-to only certain IPs, and only listening on certain interfaces,.
-removepkg inetd
-rm -f /etc/inetd.conf* /etc/rc.d/rc.inetd
-cd /tmp
+== Fix permissions and ownerships ==
-wget --header="Host: xinetd.org" http://204.152.188.37/xinetd-2.3.14.tar.gz
-tar zxvf xinetd*.gz
-cd xinetd*
-./configure --prefix=/usr --sysconfdir=/etc
-make && make install
-mkdir /etc/xinetd.d
-cat >> /etc/rc.d/rc.local <<EOF
-# xinetd
+<code>
-/usr/sbin/xinetd
-EOF
-cat > /etc/xinetd.conf <<EOF
-defaults
-{
-        log_type        = SYSLOG daemon notice
-        log_on_success  = HOST EXIT DURATION
-        log_on_failure  = HOST ATTEMPT
-        instances       = 30
-        cps             = 50 10
-}
-includedir /etc/xinetd.d
-EOF
+  # clear out old/dummy SSL certificates
+  mv /etc/ssl/openssl.cnf /tmp ; rm -r /etc/ssl/* ; mv /tmp/openssl.cnf /etc/ssl
+  # set an ownership on any unowned files
+  find / -mount -nouser -exec chown root {} \; &
+  find / -mount -nogroup -exec chgrp root {} \; &
-***** NAGIOS: THE HEALTH-MONITORING SYSTEM
+  # remove the setuid bit from programs which nobody else should use
+  # you may want to review this list first, as some folks want their users
+  # able to edit cronjobs and to change their own passwords, etc.
+  for i in \
+    /bin/ping /bin/mount /bin/ping6 /bin/umount /usr/bin/chfn \
+     /usr/bin/chsh /usr/bin/crontab /usr/bin/chage /usr/bin/traceroute6 /usr/bin/traceroute \
+     /usr/bin/expiry /usr/bin/newgrp /usr/bin/passwd /usr/bin/gpasswd \
+     /usr/libexec/ssh-keysign /usr/libexec/pt_chown /usr/bin/wall /usr/bin/write
+     do chmod u-s $i ; done
-groupadd nagios
+</code>
-useradd -g nagios -d /usr/local/nagios -m nagios
-echo "nrpe             5666/tcp  # Nagios NRPE" >> /etc/services
-cd /tmp
+== Changes to rc scripts ==
-wget http://superb-east.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.10.tar.gz
-tar zxvf nagios-plugins-*.tar.gz ; cd nagios-plugins-*
-./configure && make all && make install
-cd /tmp
-wget http://umn.dl.sourceforge.net/sourceforge/nagios/nrpe-2.10.tar.gz
-tar zxvf nrpe-2.10.tar.gz ; cd nrpe-2.10
-./configure && make && cp src/nrpe /usr/local/nagios/nrpe
-for plugin in \
+OpenVZ emulates rebooting with an external cronjob called vpsreboot and a dummy file called /reboot within the VE, and emulates the /etc/mtab file by pointing it to /proc/mounts So, some small changes are necessary to the rc scripts.
-   check_wave check_users check_ups check_time check_tcp check_swap check_ssh check_ssmtp \
-   check_spop check_simap check_smtp check_sensors check_rpc check_real check_pop check_ping \
-   check_overcr check_oracle check_nwstat check_nt check_nntps check_nntp check_nagios \
-   check_mysql_query check_mrtgtraf check_mrtg check_log check_jabber check_ircd \
-   check_imap check_ifstatus check_ifoperstatus check_icmp check_http check_ftp check_flexlm \
-   check_file_age check_dummy check_disk_smb check_dig check_dhcp check_clamd check_by_ssh \
-   check_breeze check_apt check_udp
-do rm -f /usr/local/nagios/libexec/$plugin ; done
-cat > /usr/local/nagios/nrpe.cfg <<EOF
+<code>
-# NRPE Config File
-pid_file=/var/run/nrpe.pid
-debug=0
-command_timeout=60
-connection_timeout=300
-# And now the list of allowed check-commands:
+  # somewhere in rc.6 add this command: touch /reboot
-command[check_disk]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -m /
+  vi /etc/rc.d/rc.6
-command[check_dns]=/usr/local/nagios/libexec/check_dns www.google.com
-command[check_load]=/usr/local/nagios/libexec/check_load -w 5,5,5 -c 8,8,8
-command[check_mailq]=/usr/local/nagios/libexec/check_mailq -w 10 -c 20
-command[check_mysql]=/usr/local/nagios/libexec/check_mysql -d gisdata -H localhost -u gisdata -p password
-command[check_pgsql]=/usr/local/nagios/libexec/check_pgsql -d gisdata -H localhost -l gisdata -p password
-command[check_ntp]=/usr/local/nagios/libexec/check_ntp -H pool.ntp.org
-command[check_crond]=/usr/local/nagios/libexec/check_procs -u root -c 1: --command=crond
-command[check_syslogd]=/usr/local/nagios/libexec/check_procs -u root -c 1:1 --command=syslogd
-command[check_xinetd]=/usr/local/nagios/libexec/check_procs -u root -c 1:1 --command=xinetd
-EOF
-cat > /etc/xinetd.d/nrpe <<EOF
+  # somewhere in rc.M, add this command: rm -f /etc/mtab ;  ln -s /proc/mounts /etc/mtab
-# description: NRPE for Nagios
+  vi /etc/rc.d/rc.M
-service nrpe
-{
-   socket_type     = stream
-   protocol        = tcp
-   wait            = no
-   user            = nagios
-   server          = /usr/local/nagios/nrpe
-   server_args     = -c /usr/local/nagios/nrpe.cfg --inetd
-   only_from       = __HOSTIP__
-}
-EOF
-chown -R nagios:nagios /usr/local/nagios
+</code>
-chmod -R o-rwx /usr/local/nagios
-chmod go-rwx /etc/xinetd.d
-***** OTHER UNNECESSARY STUFF
-# kernel, kernel modules, documentation, mount points
-rm -rf /lib/modules /boot /dev/.udev /usr/doc /usr/info /media
-# packages not applicable to a VPS setting, or which we don't use at HostGIS
-# e.g. phpMyAdmin and phpPgAdmin are security holes
-cd /var/log/packages
-for pkg in \
-   hotplug-* hdparm-* devmapper-* udev-* usbutils-* pciutils-* module-init-tools-* \
-   mdadm-* floppy-* lvm2-* phpMyAdmin-* phppgAdmin-* raidtools-* reiserfsprogs-* \
-   smartmontools-* sysfsutils-* syslinux-* wireless_tools.* quota-* iptables-*
-do removepkg $pkg ; done
-# most folks don't use GeoServer, so disable it by default
-chmod 644 /etc/rc.d/rc.geoserver
-# prune init's getty
-vi  /etc/inittab # delete everything after entry l6 (runlevel 6)
-init q
-# clean out the fstab and mtab files
-( cd /etc ; rm -f fstab mtab ; ln -s ../proc/mounts mtab )
-echo "proc     /proc      proc     defaults    0  0" >> /etc/fstab
-echo "devpts   /dev/pts   devpts   mode=0620   0  0" >> /etc/fstab
-# the startup sequence and services, even the firewall
-cd /etc/rc.d
-rm -f rc.gpm-sample rc.hotplug rc.ip_forward rc.modules rc.scanluns  rc.serial rc.udev rc.sysvinit rc.firewall
-vi rc.syslog    # delete all mentions of klogd
-vi rc.local     # delete smartd and inetd
-vi rc.M         # delete the setterm entry
-vi rc.S         # delete the MOTD clobbering
-# blow away the network configuration with dummy strings for later replacement
-#    replace the IP address with __IPADDRESS_
-#    replace the netmask with __NETMASK__
-#    replace the GATEWAY with __GATEWAY__
-vi /etc/rc.d/rc.inet1.conf
-***** BASIC FILE SECURITY SETTINGS
-# clear out old/dummy SSL certificates
-mv /etc/ssl/openssl.cnf /tmp ; rm -r /etc/ssl/* ; mv /tmp/openssl.cnf /etc/ssl
-# fix file permissions
-find / -mount -nouser -exec chown root {} \; &
-find / -mount -nogroup -exec chgrp root {} \; &
-for i in \
-   /bin/ping /bin/mount /bin/ping6 /bin/umount /usr/bin/chfn \
-   /usr/bin/chsh /usr/bin/crontab /usr/bin/chage /usr/bin/traceroute6 /usr/bin/traceroute \
-   /usr/bin/expiry /usr/bin/newgrp /usr/bin/passwd /usr/bin/gpasswd \
-   /usr/libexec/ssh-keysign /usr/libexec/pt_chown /usr/bin/wall /usr/bin/write
-   do chmod u-s $i ; done
-# fix Apache's configuration:
-# add ServerTokens prod
-# go to the htdocs Directory definition and change Indexes to -Indexes
-# delete the entries for phpmyadmin and phppgadmin
-vi /etc/apache/httpd.conf
-# keep FTP users chrooted:
-echo "" >> /etc/proftpd.conf
-echo "# keep all users chrooted to their homedir" >> /etc/proftpd.conf
-echo "DefaultRoot ~" >> /etc/proftpd.conf
-# allow the mailq to be checked by anybody:
-chgrp smmsp /var/spool/mqueue
-chmod g+rx /var/spool/mqueue
-# disable the root and user accounts
-# by changing the password for root and user to a ! character.
-vi /etc/shadow
-***** REBOOTING
-A VPS cannot actually reboot, since there's no power switch to power-cycle the machine
-after the VE has been shut down. OpenVZ emulates this effect with an external cronjob
-called vpsreboot (see /etc/cron.d/vz). In order to reboot a VPS that has been shut down
-and which is expecting a reboot, the shutdown sequence must create a file named /reboot
-in the VPS's filesystem.
-Also, the /etc/mtab file should point to /proc/mounts so it can detect the / filesystem.
-vi /etc/rc.d/rc.6
-And add these two lines near the start:
-# create the reboot flag so we get rebooted automatically
-touch /reboot
-vi /etc/rc.d/rc.M
-And add these two lines near the start:
-# replace the mtab file with a link to /proc/mounts so OpenVZ can find the / filesystem
-rm -f /etc/mtab ;  ln -s /proc/mounts /etc/mtab
+== Blanking settings ==
+Lastly, you'll want to delete or blank out a bunch of files so they start fresh
+when the VE is booted for its first time.
-***** DELETING AND BLANKING SETTINGS
+<code>
-Lastly, you'll want to delete or blank out a bunch of files so they start fresh
+  # stop all services
-when the VE is booted for its first time.
+  apachectl stop
+  killall syslogd klogd udevd crond
+  /etc/rc.d/rc.sendmail stop
+  /etc/rc.d/rc.inetd stop
+  /etc/webmin/stop
+  /etc/rc.d/rc.pgsql stop
+  /etc/rc.d/rc.mysqld stop
+  killall named proftpd
-# stop all services
+  # blow away the network configuration with dummy strings for later replacement
-apachectl stop
+  #    replace the IP address with __IPADDRESS_
-killall syslogd klogd udevd crond
+  #    replace the netmask with __NETMASK__
-/etc/rc.d/rc.sendmail stop
+  #    replace the GATEWAY with __GATEWAY__
-/etc/webmin/stop
+  vi /etc/rc.d/rc.inet1.conf
-/etc/rc.d/rc.pgsql stop
-/etc/rc.d/rc.mysqld stop
-killall named proftpd
-killall xinetd
-# refresh the 'locate' cache
+  # disable the root and user accounts
-/etc/cron.daily/slocate
+  # by changing the password for root and user to a ! character.
+  vi /etc/shadow
-# blank out the system logfiles
+  # refresh the 'locate' cache
-for logfile in \
+  /etc/cron.daily/slocate
-    /var/log/messages /var/log/syslog /var/log/debug /var/log/secure \
-    /var/log/maillog /var/log/spooler /var/log/proftpd.log /var/log/xinetd.log \
-    /var/log/dmesg /var/log/faillog /var/log/lastlog /var/log/wtmp \
-    /var/log/apache/access_log /var/log/apache/error_log \
-    /var/log/webmin/miniserv.error /var/log/webmin/miniserv.pid
-do cp /dev/null $logfile ; done
-rmdir /var/log/sa
-# clear the SSH host key
+  # blank out the system logfiles
-rm -f /etc/ssh/ssh_host_*
+  for logfile in \
+      /var/log/messages /var/log/syslog /var/log/debug /var/log/secure \
+      /var/log/maillog /var/log/spooler /var/log/proftpd.log /var/log/xinetd.log \
+      /var/log/dmesg /var/log/faillog /var/log/lastlog /var/log/wtmp \
+      /var/log/apache/access_log /var/log/apache/error_log \
+      /var/log/webmin/miniserv.error /var/log/webmin/miniserv.pid
+  do cp /dev/null $logfile ; done
+  rmdir /var/log/sa
-# database server logfiles
+  # clear the SSH host key
-rm -f /var/lib/mysql/*.err /var/lib/pgsql/logfile
+  rm -f /etc/ssh/ssh_host_*
-# delete vi backup files, bash_history files, and other small application crud
+  # database server logfiles
-unset HISTFILE
+  rm -f /var/lib/mysql/*.err /var/lib/pgsql/logfile
-find / -name '*~' \
-    -o -name .bash_history \
-    -o -name .gnupg \
-    -o -name .lesshst \
-    -o -name .viminfo \
-    -o -name .rnd \
-    -delete
-# the junk under /tmp
+  # delete vi backup files, bash_history files, and other small application crud
-rm -rf /tmp/*
+  unset HISTFILE
+  find / -name '*~' \
+      -o -name .bash_history \
+      -o -name .gnupg \
+      -o -name .lesshst \
+      -o -name .viminfo \
+      -o -name .rnd \
+      -delete
+  # anything under /tmp
+  rm -rf /tmp/*
+</code>
-***** CREATING THE VE CACHE IMAGE
+== Zipping it up into a cache image ==
-A VE cache is just a tar.gz file of the entire filesystem. So creating them is simple!
+A CT cache is just a tar.gz file of the entire filesystem, excluding some very dynamic stuff which gets populated by the OS at runtime anyway:
-tar zcvf /tmp/HostGIS_Linux_4.2_64bit.tar.gz --exclude='/sys/*' --exclude='/proc/*' --exclude='/tmp/*' /
+  tar --numeric-owner -zcvf /tmp/HostGIS_Linux_4.2_64bit.tar.gz --exclude='/sys/*' --exclude='/proc/*' --exclude='/tmp/*' /
-Ta-da! That's your new VE template cache. Just SFTP it to the VE server and you're all set!
+[[Category: Templates]]