VM ISV branding information Swarm Perforce Software, Inc. @INTERNAL_VERSION@ @VERSION@ http://www.perforce.com/ Application

3ee99593-0777-4749-ab26-1f7419297f3a ___ __ ___ | _ \___ _ _ / _|___ _ _ __ ___ / __|_ __ ____ _ _ _ _ __ | _/ -_) '_| _/ _ \ '_/ _/ -_) \__ \ V V / _` | '_| ' \ |_| \___|_| |_| \___/_| \__\___| |___/\_/\_/\__,_|_| |_|_|_| ${app.name} version ${app.version} To use Swarm, browse to: http://${app.ip}/ For documentation on Swarm, please see: http://${app.ip}/docs/ Please ensure you add the necessary triggers to your Perforce server: http://${app.ip}/docs/setup/perforce_config.html To manage this VM, browse to: ${vami.url} .' '. __ For assistance, please contact: . . . (__\_ support@perforce.com . . . -{{_(|8) ' . . ' ' . . ' (__/` This product includes PHP software, freely available from <http://www.php.net/software/>

www.perforce.com Perforce Software, Inc. VM Division US

VAMI Specific Information true true true true true true true true

@PACKAGE@.vmx #!/bin/sh # This script will be passed the full path to the ovffile as $1 # # The script should produce a detached signature file with # a .cert extension into the same directory as the passed ovffile. # this will generate a self-signed certificate and sign the OVF with it. cd `dirname $1` /opt/vmware/bin/signovf -s '/C=US/ST=Some-State/O=AnyCompany/CN=Self-Signed' `basename $1` # if you have your own pem key, you can sign the OVF with it this way: # /opt/vmware/bin/signovf -p /tmp/my_pem_file.pem `basename $1` @APP_PACKAGE_URL@ @VENDOR_PACKAGE_URL@ #!/bin/bash # Un comment to send the output of this script to a logfile #exec > /opt/vmware/var/log/firstboot 2>&1 : This script is executed on first boot only. /etc/first-time-boot.sh # Un comment to run subsequent boot script after first boot #/opt/vmware/etc/isv/subsequentboot #!/bin/bash # Un comment to send the output of this script to a logfile #exec > /opt/vmware/var/log/subsequentboot 2>&1 : This script is executed on all boots, except the first one.

Supported IP assignment schemes Supported IP assignment schemes

Unknown OVF elements in this element will be passed directly to the OVF output descriptor without interpretation

#!/bin/sh # Sample pre install update script # This script will be executed with the following arguments: # $1 - version of VM before update # $2 - version of VM trying to be installed : "Installing update from version $1 to version $2" #exit with value of 0 to allow update to continue exit 0 #!/bin/sh # Sample post install update script # This script will be executed with the following arguments: # $1 - version of VM before update # $2 - version of VM trying to be installed # $3 - status of update process # # The Status in $3 will indicate to success of failure of the update: # 0 - all update steps are successful # 1 - pre install script failed, package test and installation skipped # 2 - pre install success, package test failed, installation skipped # 4 - pre install and package test success, package installation failed # # A Status of 2 is likely caused by a package dependency conflict. # A Status of 4 is likely caused by a failed package install script. if [ $3 -eq 0 ]; then echo "Finished installing version $2" else echo "Failed with status of $3 while installing version $2" echo "VM version is still $1" fi # Exit with a value of 0 to allow the VM version to be changed and set the # final update status to success. exit 0 #!/bin/sh # Sample script to sign updates # $1 is the file to sign # $2 is the file to save sig into write the signature to stdout # sample pem file PEMFILE=/opt/vmware/etc/update.pem # Sign the update with the temporary certificate openssl dgst -sha1 -sign $PEMFILE -out "$2" "$1" #!/bin/sh # Sample script to get the public key # $1 is the file to write the public key to SUBJECT='/C=US/ST=Some-State/O=AnyCompany/CN=Self-Signed' PEMFILE=/opt/vmware/etc/update.pem if [ ! -f $PEMFILE ]; then # Create a temporary self-signed certificate first time only openssl req -x509 -nodes -sha256 -newkey rsa:1024 -keyout $PEMFILE -out $PEMFILE -subj '$SUBJECT' fi # Get the public key openssl rsa -in $PEMFILE -pubout -out $1 #!/bin/sh # Sample script to validate digital signature # $1 is the file to validate # $2 is the signature file # $3 is the signature key file # exit with status of 0 if valid openssl dgst -sha1 -verify "$3" -signature "$2" "$1"

Guest Operating System Ubuntu 12.04.2 LTS amd64

Virtual Hardware Requirements vmx-07 2 virtual CPU Number of virtual CPUs 1 3 2 MegaBytes 2048 MB of memory Memory Size 2 4 2048 true Ethernet adapter on vmnet Network 1 3 E1000 10 0 SCSI Controller 0 - LSI Logic 4 lsilogic 6 0 Harddisk 0 /disk/system 5 4 17

vService content in this element will be passed directly to the OVF output descriptor without interpretation

initrd=ubuntu-installer/amd64/initrd.gz priority=critical locale=en_US bootkbd=us kbd-chooser/method=us console-setup/layoutcode=us disable_dhcp=true file=/preseed.cfg -- append initrd=ubuntu-installer/amd64/initrd.gz priority=critical locale=en_US bootkbd=us kbd-chooser/method=us console-setup/layoutcode=us netcfg/disable_dhcp=false dhcptimeout=120 netcfg/choose_interface=eth0 preseed/url=[VADK.unattendedCfgURL] -- /ecloud/vmware-studio/templates/ubuntu/12/ubuntu12.xsl RepositoryList PackageList

VM Network dhcp 10.5.20.53 10.0.0.2 true true true #!/bin/bash # Enable the following lines for reducing the space occupied for the # operating system by uninstalling potentially unneeded packages. The script # template is located at /opt/vmware/etc/footprint and should be used with # appropriate verification. if true; then cut_pkgs_wrapper=run_cut_pkgs.sh cut_pkgs_url=http://[VADK.localIP]/build/[VADK.buildID]/script/$cut_pkgs_wrapper wget_err="/tmp/wget_err.log" wget_opt="-nH --cut-dirs=2 -nv" echo Download run_cut_pkgs.sh wget $wget_opt -P /tmp $cut_pkgs_url 2>$wget_err 1>/dev/null if [ $? -ne 0 ]; then errmsg=`cat $wget_err` echo Abort: $errmsg else echo Execute run_cut_pkgs.sh chmod +x /tmp/$cut_pkgs_wrapper /tmp/$cut_pkgs_wrapper rm -f /tmp/$cut_pkgs_wrapper $wget_err fi fi # Don't use default repositories; hardcoded to GB. # Use mirrors to find nearest repository to appliance instead. ( uri=mirror://mirrors.ubuntu.com/mirrors.txt rel=precise com='main restricted universe multiverse' echo deb $uri $rel $com echo deb $uri $rel-updates $com echo deb $uri $rel-backports $com echo deb $uri $rel-security $com ) > /etc/apt/sources.list.d/mirrors.list chmod 644 /etc/apt/sources.list.d/mirrors.list mv /etc/apt/sources.list /etc/apt/sources.list.default #!/bin/bash # n.b. Perforce developers: don't use this section. It removes files out # of /usr/share such as man pages, defeating their inclusion. # Enable the following lines for reducing the space occupied for the # operating system by deleting potentially unneeded files. The script # template is located at /opt/vmware/etc/footprint and should be used with # appropriate verification. if false; then cut_files_wrapper=run_cut_files.sh cut_files_url=http://[VADK.localIP]/build/[VADK.buildID]/script/$cut_files_wrapper wget_err="/tmp/wget_err.log" wget_opt="-nH --cut-dirs=2 -nv" echo Download run_cut_files.sh wget $wget_opt -P /tmp $cut_files_url 2>$wget_err 1>/dev/null if [ $? -ne 0 ]; then errmsg=`cat $wget_err` echo Abort: $errmsg else echo Execute run_cut_files.sh chmod +x /tmp/$cut_files_wrapper /tmp/$cut_files_wrapper rm -f /tmp/$cut_files_wrapper $wget_err fi fi # 2013-06-10 perforce.com : # The vami tools include their own version of various shared libraries like # libncurses and libpam, but they are incomplete: they don't provide their # own terminfo files or pam plugin modules. And naturally, these libs # aren't fully compatible with ubuntu12's configuration files and plugins. # # Since they're at the same major version numbers as the system libraries, # get rid of the vmware-supplied ones. rm /opt/vmware/lib/libpam.so* /opt/vmware/lib/libncurses.so* ldconfig # Oh and also, the vami tools hardcode the full path to the PAM modules. # That's unnecessary and the path is wrong for Ubuntu 12 anyway. for cf in /etc/pam.d/vami-sfcb /etc/pam.d/vmtoolsd do if [ -f $cf ]; then sed --follow-symlinks -i.orig 's=/lib64/security/==' $cf fi done # 2014-06-11 perforce.com: # Add our public repository echo "deb http://package.perforce.com/apt/ubuntu/ precise release" \ > /etc/apt/sources.list.d/perforce.list apt-key add /etc/apt/perforce.pubkey rm -f /etc/apt/perforce.pubkey # 2013-07-30 perforce.com: # Replace Apache's security configuration file with this stricter one. # The changes here are driven from a security audit cat <<APACHE_SECURITY > /etc/apache2/conf.d/security ServerTokens Prod ServerSignature Off TraceEnable off <IfModule mod_ssl.c> SSLHonorCipherOrder on SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH SSLCompression off </IfModule> APACHE_SECURITY

List of logical networks used in the package Network 1

List of the virtual disks and partitions needed

VMW Config elements in this element will be passed directly to the OVF output descriptor without interpretation