Commit Graph

9 Commits

Author SHA1 Message Date
Brian C. Lane
21eb9c2122 Remove exclusions from lorax-composer templates
If a package is excluded in the template and later added by a blueprint
or dependency, anaconda will fail to finish the installation. So remove
the -dracut-config-rescue exclusion and instead remove the rescue
artifacts in %post

Related: rhbz#1673744
2019-03-21 14:48:27 -07:00
Brian C. Lane
8c94ee6ba1 lorax-composer: Use reqpart --add-boot for partitioned disk templates
Some platforms, like ppc64, require that the /boot partition be present.
It doesn't hurt to have it there on other platforms so instead of trying
to add per-arch kickstart templates just use reqpart --add-boot
everywhere.

Related: rhbz#1673744
2019-03-21 14:48:27 -07:00
Brian C. Lane
3c2f06899c Make the lorax-composer ks templates more generic
Some platforms do not have grub2, and some require other partitions.

Anaconda will add platform specific partitions if the 'reqpart' command
is included, and it will add bootloader specific packages to the list if
they are needed.

Related: rhbz#1673744
2019-03-21 14:48:27 -07:00
Brian C. Lane
97b138c3d1 lorax-composer: Install selinux-policy-targeted in images
This is required to ensure that SELinux is configured properly while
building. It fixes the problem with building tar, and should be
installed in the other image types for consistency.

Resolves: rhbz#1645189
2018-11-29 13:05:01 -08:00
David Shea
6bcb2823d4 Replace /etc/machine-id with an empty file
Since these images can be used to create multiple machines, they should
not have a unique machine-id attached to them. Replace /etc/machine-id
with an empty file so that it will be regenerated at boot time.

(cherry picked from commit 6fab72d894)

Related: rhbz#1628645
Related: rhbz#1628646
Related: rhbz#1628647
Related: rhbz#1628648
2018-10-09 11:34:48 -04:00
Brian C. Lane
85d7d3d01a Lock the root account, except on live-iso
If we leave the root account w/o a password people will use it that way,
leading to insecure images. Also if we use a default password. So lock
the root account in the templates.

Users will need to do one of these things:
 1. Use [[customizations.user]] in their blueprint to configure root or
    another user.
 2. Use [[customizations.sshkey]] to set a key for root
 2. Install a package that configures a user at install time
 3. Install a package that sets up a user at boot time (eg. cloud-init)

This also drops the auth line from the kickstart templates, allowing it
to use the default password algoritm instead of md5.

Resolves: rhbz#1626122
2018-09-28 15:34:58 -07:00
Brian C. Lane
22a6852b44 Move disklabel and UEFI support to compose.py
Currently we are making MBR disk images for qcow2 and partitioned disk,
so the UEFI packages aren't required at this point.

Move the clearpart command into compose.py so that in the futute it can
use clearpart --disklabel to create a GPT image, and add the required
packages to the package set.
2018-08-09 15:35:57 -07:00
Brian C. Lane
8bd028e9d0 Update composer templates for use with Fedora 2018-05-17 10:34:35 -07:00
Brian C. Lane
cb0158ca22 Add lorax-composer and the composer kickstart templates 2018-05-17 10:34:34 -07:00