How to create a USB install key for Security Analytics on Symantec S500 hardware
search cancel

How to create a USB install key for Security Analytics on Symantec S500 hardware

book

Article ID: 210752

calendar_today

Updated On:

Products

Security Analytics

Issue/Introduction

If you need to reinstall Security Analytics on a Symantec SA-S500 appliance, you can create a bootable installation key using the following instructions.  Please note that you can only reinstall Security Analytics using the same version as is currently installed on the S500.  For example, if the appliance was running 8.1.3, you cannot use an 8.2.1 install key to perform an upgrade using the USB key.  You can only use an 8.1.3 installation key. 

Copying the ISO to a USB key is not sufficient.  There are several install scripts that must be copied to the key for the S500 hardware to recognize the installation files.

Resolution

This process requires the following items:

  • creation script (see below in the Additional Information section)
  • a Linux system (Ubuntu or CentOS is recommended)
  • Security Analytics ISO file

The script is named drive_script.sh.  The text of the script is found below as well as a link to download the script.  Copy and paste the text of the script to a file on your Linux appliance and name the file drive_script.sh.  Apply the appropriate executable privileges to the script as well.

The script should work with either a 16GB or 32GB flash drive, but it is highly recommended to use a 32GB drive.  The 64GB and larger flash drives do not work.

To create the installable flash drive, copy the drive_script.sh and the atpsa ISO file to the Linux box.  Insert the flash drive into the USB port.  Find the USB flash drive with fdisk -l | grep G.  Look for a device the same size which you inserted.  It may be 31.9GB or 14.9GB.

The directory of drive_script.sh may change as needed.  The directory of the atpsa ISO file may change as needed.  


Run the following command:

   bash drive_script.sh -d=sdX1 -i=/home/atpsa*iso 

Where 'X' is the drive letter of your USB flash device and the correct path of your atpsa ISO input file is specified.  On Ubuntu, you may need to run using 'sudo'

This takes about 7-10 minutes and provides plenty of output to know that it is progressing.  A successful key creation on Ubuntu shows the following:

IMPORTANT:  using the Recovery option will preserve your configuration and settings (including licensing and networking).  However, all capture and index data will be lost.   

Once the USB key is created, to install on the S500

  1. Insert the flash drive in the S500.
  2. Connect to the console over the serial port. 
  3. Power on or reboot the system, and when prompted for the boot options of the following, press the Space Bar to interrupt the boot process and choose 3 from the menu below.
    1. 1 for Installed O/S
    2. 2 for FIPS
    3. 3 for Recovery
  4. The system will begin the install, stalling at sda7 or sda8 for /home for at 3 - 10 minutes
  5. When prompted, press enter to quit and the system will reboot to complete the install.
  6. After the first boot, you will see a localhost login.  The install is not complete at this point.  Wait for the second reboot before logging in to the appliance.
  7. Login as root and run cfg_bond_interface.py ‐i eth0 ‐n <IP>/<netmask> ‐g <gateway>, for example cfg_bond_interface.py ‐i eth0 ‐n ##.##.##.##/255.255.255.0 ‐g ##.##.##.##
  8. Login as admin with the password of Solera to the Web UI, in this example, ##.##.##.##.  This will guide you through setting the network configuration and installing the license before a final reboot.

Additional Information

If you have access to your license key, you can download the script file by going to this link:  https://license.soleranetworks.com/upgrades/patches/drive_script.sh.  Otherwise the text of the script can be found below.

drive_script .sh

**********COPY EVERYTHING BELOW THIS LINE*************

#!/bin/bash
#
#Centos USB Recovery creation script
#

#Global Variables
USB_LABEL="SOLERAINST"
REQUIRED_FORMAT="vfat"

RED='\033[0;31m'
GREEN='\033[0;32m'
NC='\033[0m' # No Color

USB_MIN_SIZE=10
USB_MAX_SIZE=50

#########  Functions    #########

verify_drive(){
    #Get the block size of the device
    BLKSIZE=$(blockdev --getsize64 /dev/$1) 
    if [ $? -ne 0 ];then
    echo "Device does not exist.  Aborting"
    return 1
    fi
    BLKSIZE=$((BLKSIZE/(1024*1024*1024)))
    #Block Size of device
    echo "Device Size: $BLKSIZE GB" 

    if [ $BLKSIZE -gt $USB_MAX_SIZE ] || [ $BLKSIZE -lt $USB_MIN_SIZE ];then
    echo "Invalid Device Size"
    echo "Device Must be Larger than $USB_MIN_SIZE and smaller than $USB_MAX_SIZE"
    return 1
    fi

    return 0
}


verify_partition_format(){
    PART_TYPE=$(lsblk -no FSTYPE /dev/$1)
    if [ "${PART_TYPE}" ==  "${REQUIRED_FORMAT}" ];then
    echo -e "${GREEN}Correct Partition Format $PART_TYPE Detected ${NC}"
    return 0
    fi
    echo -e "${RED}Incorrect Partition Format $PART_TYPE Detected ${NC}"
    return 1 
}

label_drive(){
    fatlabel /dev/$1 $USB_LABEL
    sleep 1 #Give time for the newly labeled drive to come up
}

get_label(){
    echo $(ls -l /dev/disk/by-label/ | grep $1 | awk '{print $9}')
}

verify_drive_label(){

    #Get the device label
    LABEL=$(get_label $1)
    echo "Initial Detected label: $LABEL"
    if [ -z $LABEL ];then
    echo "Drive does not have a disk label..Attempting to create it"
    label_drive $1
    if [ -z $(get_label $1) ];then
      echo -e "${RED}Error Setting a Disk Label.  Aborting${NC}"
      return 1
    fi
    fi
    LABEL=$(get_label $1)
    if [ "${LABEL}" == "${USB_LABEL}" ];then
    echo -e "${GREEN}Drive Configured whith correct disk label${NC}"
    else
    echo "Drive Configured with incorrect disk label.  Changing Disk Label"
    label_drive $1
    if [ -z $(get_label $1) ];then
     echo -e "${RED}Error Setting a Disk Label.  Aborting${NC}"
     return 1
    fi
    LABEL=$(get_label $1)
    if [ "${LABEL}" != "${USB_LABEL}" ];then
     echo -e "${RED}Error Setting a Disk Label.  Aborting${NC}"
     return 1
    fi
    fi

    echo "Current Disk Label: $LABEL"

    return 0

}


copy_iso(){
    if [ ! -e $1 ];then
    echo -e "${RED}Specified Iso Does not exist${NC}"
    return 1
    fi

    mkdir tmp_usb_mount
    mount /dev/$2 tmp_usb_mount
    if [ $? -ne 0 ];then
    echo -e "${RED}Failed to Mount USB${NC}"
    rmdir tmp_usb_mount
    return 1
    fi

    echo ""
    echo "Mounting ISO and Copying Kickstart"
    mkdir tmp_iso_mount
    mount -o loop $1 tmp_iso_mount
    cp tmp_iso_mount/ks/solera-net.ks tmp_usb_mount/solera-s500-cleanusb.ks #Must have this name
    sync
    if [ ! -e tmp_usb_mount/solera-s500-cleanusb.ks ];then
    echo -e "${RED}Failed to copy kickstart File${NC}"
    umount tmp_usb_mount
    rmdir tmp_usb_mount

    umount tmp_iso_mount
    rmdir tmp_iso_mount  
    return 1
    fi

    echo ""
    echo "Fixing kickstart file"
    sed -i '/^url/d' tmp_usb_mount/solera-s500-cleanusb.ks
    sed -i 's/$dev_name != $fixed_system_drive/"$dev_name" != "$fixed_system_drive"/' tmp_usb_mount/solera-s500-cleanusb.ks

    echo "Copying Image to USB"
    cp -v $1 tmp_usb_mount/Solera.iso #Must have this name
    if [ ! -e tmp_usb_mount/Solera.iso ];then
    echo -e "${RED}Failed to copy iso${NC}"
    umount tmp_usb_mount
    rmdir tmp_usb_mount
    return 1
    fi


    umount /dev/$2
    rmdir tmp_usb_mount
 
    umount tmp_iso_mount
    rmdir tmp_iso_mount
}


########  END FUNCTIONS   #######

######## Begin Work ############
#Make sure we run with sudo
if [[ $EUID -ne 0 ]]; then
   echo "This script must be run with sudo" 
   exit 1
fi

DRIVE=""
ISO_NAME=""

#Parse the command line options
USAGE="./drive_script -d=<drive> -i=<iso>
We assume that the iso is in the same directory at this script.
We require that the drive be VFAT
"

for i in "$@"
do
case $i in
    -d=*|--drive=*)
    DRIVE="${i#*=}"
    shift # past argument=value
    ;;
    -i=*|--iso=*)
    ISO_NAME="${i#*=}"
    shift # past argument=value
    ;;
    *)
    echo "Invalid Input"
    echo $USAGE
    exit
    ;;
    esac
    done

if [ -z $DRIVE ] || [ -z $ISO_NAME ];then
    echo "Invalid Input"
    echo "Using Drive: $DRIVE"
    echo "Using ISO: $ISO_NAME"
    echo $USAGE
    exit
fi

echo "INPUT Drive: $DRIVE"
echo "INPUT ISO: $ISO_NAME"
echo ""

#Verify that the drive exists
echo "Verifying specified drive exists and is of a valid size"
verify_drive $DRIVE
if [ $? -ne 0 ];then
    echo "Aborting Drive Configuration Script"
    exit
else
    echo -e "${GREEN}Drive $DRIVE exists and is of a valid size ${NC}"
fi
echo ""
echo "Verifying that the drive is correctly formatted"
#verify_partition_format $DRIVE
#if [ $? -ne 0 ];then
#    echo "Aborting Drive Configuration Script"
#    exit
#fi
#echo ""

#Delay in the event of a mishap
echo ""
echo -e "${RED}Sleeping 10 seconds to give you a chance to abort${NC}"
CNTR=10
echo -n "Time remaining: 10 sec"
while [ $CNTR -gt 0 ];do
    echo -e -n "\e[0K\r Time remaining: $CNTR sec"
    CNTR=$((CNTR-1))
    sleep 1
done

echo ""
echo "Checking/Setting the Drive Label..."
verify_drive_label $DRIVE
if [ $? -ne 0 ];then
    echo -e "${RED}FAILED to set DISK Label.  Aborting...${NC}"
    exit
else
    echo -e "${GREEN}Disk Label Sucessfully Set ${NC}"
fi

echo ""
echo "Copy over the ISO onto the Drive..."
copy_iso $ISO_NAME $DRIVE
if [ $? -ne 0 ];then
    echo -e "${RED}FAILED to copy ISO.  Aborting...${NC}"
    exit
else
    echo -e "${GREEN}ISO Copied to $DRIVE ${NC}"
fi

echo ""
echo -e "${GREEN}All Steps Complete.  Ready for re-installation.... ${NC}"
Powered by Wolken Software