## runtime-postinstall.tmpl ## post-install setup required to make the system work. <%page args="root, basearch, libdir, configdir"/> <% # TODO: fix filenames in anaconda so we can drop the ppc64 workaround filearch = 'ppc' if basearch == 'ppc64' else basearch KEYMAP_OVERRIDE = "usr/share/anaconda/keymaps-override-%s" % filearch SCREENFONT = "usr/share/anaconda/screenfont-%s.gz" % filearch PYTHONDIR = glob("usr/"+libdir+"/python?.?")[0] stubs = ("list-harddrives", "loadkeys", "raidstart", "raidstop") %> ## create_keymaps() %if basearch not in ("s390", "s390x"): %if exists(KEYMAP_OVERRIDE): move ${KEYMAP_OVERRIDE} etc/keymaps.gz %else: runcmd ${root}/usr/libexec/anaconda/getkeymaps ${basearch} ${root}/etc/keymaps.gz ${root} %endif %endif ## create_screenfont() moveif ${SCREENFONT} etc/screenfont.gz ## move_stubs() move usr/share/anaconda/restart-anaconda usr/bin move ${PYTHONDIR}/site-packages/pyanaconda/sitecustomize.py ${PYTHONDIR}/site-packages %for stub in stubs: moveif usr/share/anaconda/${stub}-stub usr/bin/${stub} %endfor ## move_repos() move etc/yum.repos.d etc/anaconda.repos.d ## Configure systemd to start anaconda remove etc/systemd/system/default.target remove etc/systemd/system/default.target.wants/* symlink /lib/systemd/system/anaconda.target etc/systemd/system/default.target ## workaround: /tmp is writeable, so we don't need tmp.mount replace tmp.mount "" /lib/systemd/system/loader.service ## make the anaconda shell on tty2 work without login remove bin/login append bin/login "#!/bin/bash" append bin/login "exec -l /bin/bash" chmod bin/login 755 ## remove unwanted systemd services removefrom systemd-units /lib/systemd/system/kexec* removefrom systemd-units /lib/systemd/system/local-fs.target.wants/media.mount removefrom systemd-units /lib/systemd/system/media.mount removefrom systemd-units /lib/systemd/system/*plymouth* removefrom systemd-units /lib/systemd/system/quota*.service removefrom systemd-units /lib/systemd/system/systemd-remount-api-vfs.service removefrom ConsoleKit /lib/systemd/system/* removefrom initscripts /lib/systemd/system/fedora* /lib/systemd/fedora* removefrom lvm2 /lib/systemd/system/* removefrom mdadm /lib/systemd/system/* ## finally, make /init -> /sbin/init symlink symlink /sbin/init init ## install some basic configuration files append etc/resolv.conf "" copy usr/share/anaconda/lang-table etc install ${configdir}/rsyslog.conf etc install ${configdir}/.bash_history root install ${configdir}/.profile root install ${configdir}/libuser.conf etc %if exists(root+"/etc/selinux/targeted"): install ${configdir}/selinux.config etc/selinux/config %endif ## set up sshd install ${configdir}/sshd_config.anaconda etc/ssh install ${configdir}/pam.sshd etc/pam.d/sshd install ${configdir}/pam.sshd etc/pam.d/login install ${configdir}/pam.sshd etc/pam.d/remote append etc/passwd "sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin" append etc/passwd "install:x:0:0:root:/root:/sbin/loader" append etc/shadow "root::14438:0:99999:7:::" append etc/shadow "install::14438:0:99999:7:::" chmod etc/shadow 400 ## s390-specific setup %if basearch in ("s390", "s390x"): remove sbin/init move usr/share/anaconda/linuxrc.s390 sbin/init ## generate ssh keys runcmd ssh-keygen -q -C "" -N "" -t rsa1 -f ${root}/etc/ssh/ssh_host_key runcmd ssh-keygen -q -C "" -N "" -t rsa -f ${root}/etc/ssh/ssh_host_rsa_key runcmd ssh-keygen -q -C "" -N "" -t dsa -f ${root}/etc/ssh/ssh_host_dsa_key chmod etc/ssh/ssh_host*_key 600 chmod etc/ssh/ssh_host*_key.pub 644 %endif ## gconf settings gconfset /apps/metacity/general/button_layout string : gconfset /apps/metacity/general/action_right_click_titlebar string none gconfset /apps/metacity/general/num_workspaces int 1 gconfset /apps/metacity/window_keybindings/close string disabled gconfset /apps/metacity/global_keybindings/run_command_window_screenshot string disabled gconfset /apps/metacity/global_keybindings/run_command_screenshot string disabled gconfset /apps/metacity/global_keybindings/switch_to_workspace_up string disabled gconfset /apps/metacity/global_keybindings/switch_to_workspace_down string disabled gconfset /apps/metacity/global_keybindings/switch_to_workspace_left string disabled gconfset /apps/metacity/global_keybindings/switch_to_workspace_right string disabled gconfset /desktop/gnome/interface/accessibility bool true gconfset /desktop/gnome/interface/at-spi-corba bool true ## get_anaconda_portions() move usr/${libdir}/anaconda/loader sbin move usr/share/anaconda/loader.tr etc move usr/libexec/anaconda/auditd sbin ## move_modules() move lib/modules modules move lib/firmware firmware symlink ../modules lib/modules symlink ../firmware lib/firmware ## create_depmod_conf() append etc/depmod.d/dd.conf "search updates built-in" ## TODO: we could run prelink here if we wanted?