## runtime-postinstall.tmpl
## post-install setup required to make the system work.

<%page args="root, basearch, libdir, configdir"/>
<%
stubs = ("list-harddrives", "raidstart", "raidstop")
configdir = configdir + "/common"
%>

## move_stubs()
move usr/share/anaconda/restart-anaconda usr/bin
%for stub in stubs:
    -move usr/share/anaconda/${stub}-stub usr/bin/${stub}
%endfor

## move_repos()
move etc/yum.repos.d etc/anaconda.repos.d

## Setup mdadm config to turn off homehost
remove etc/mdadm.conf
append etc/mdadm.conf "HOMEHOST <ignore>\n"

## Configure systemd to start anaconda
remove etc/systemd/system/default.target
symlink /lib/systemd/system/anaconda.target etc/systemd/system/default.target

## Make sure tmpfs is enabled
mkdir etc/systemd/system/local-fs.target.wants/
symlink /lib/systemd/system/tmp.mount etc/systemd/system/local-fs.target.wants/tmp.mount

## Start rngd
mkdir etc/systemd/system/basic.target.wants/
symlink /lib/systemd/system/rngd.service etc/systemd/system/basic.target.wants/rngd.service

## Disable unwanted systemd services
systemctl disable systemd-readahead-collect.service \
                  systemd-readahead-replay.service \
                  mdmonitor.service \
                  mdmonitor-takeover.service \
                  lvm2-monitor.service \
                  dnf-makecache.timer
## These services can't be disabled normally (they're linked into place in
## /usr/lib/systemd rather than /etc/systemd), so we have to mask them.
systemctl mask fedora-configure.service fedora-loadmodules.service \
               fedora-autorelabel.service fedora-autorelabel-mark.service \
               fedora-wait-storage.service media.mount \
               systemd-tmpfiles-clean.service systemd-tmpfiles-clean.timer \
               ldconfig.service

## remove because it cannot be disabled
remove usr/lib/systemd/system-generators/lvm2-activation-generator

## Remove the more terrible parts of systemd-tmpfiles.
## etc.conf is written with the assumption that /etc/ is empty, which is
## ridiculous, and it also creates a broken /etc/resolv.conf, which breaks
## networking.
remove usr/lib/tmpfiles.d/etc.conf

## Make logind activate anaconda-shell@.service on switch to empty VT
symlink anaconda-shell@.service lib/systemd/system/autovt@.service
replace "#ReserveVT=6" "ReserveVT=2" etc/systemd/logind.conf

## Don't write the journal to the overlay, just keep it in RAM
remove var/log/journal

## install some basic configuration files
append etc/fstab ""
install ${configdir}/i18n etc/sysconfig
install ${configdir}/rsyslog.conf etc
install ${configdir}/bash_history root/.bash_history
install ${configdir}/profile root/.profile
install ${configdir}/libuser.conf etc
install ${configdir}/sysctl.conf etc/sysctl.d/anaconda.conf
install ${configdir}/spice-vdagentd etc/sysconfig
mkdir etc/NetworkManager/conf.d
install ${configdir}/91-anaconda-autoconnect-slaves.conf etc/NetworkManager/conf.d
install ${configdir}/vconsole.conf etc
install ${configdir}/92-anaconda-loglevel-debug.conf etc/NetworkManager/conf.d
install ${configdir}/90-anaconda-no-auto-default.conf etc/NetworkManager/conf.d

## set up sshd
install ${configdir}/sshd_config.anaconda etc/ssh
install ${configdir}/pam.sshd etc/pam.d/sshd
install ${configdir}/pam.sshd etc/pam.d/login
install ${configdir}/pam.sshd etc/pam.d/remote

## set up "install" user account
append etc/passwd "install:x:0:0:root:/root:/usr/libexec/anaconda/run-anaconda"
append etc/shadow "install::14438:0:99999:7:::"
## remove root password
replace "root:\*:" "root::" etc/shadow

## gsettings settings
install ${configdir}/org.gtk.Settings.Debug.gschema.override usr/share/glib-2.0/schemas
runcmd chroot ${root} glib-compile-schemas /usr/share/glib-2.0/schemas

move usr/libexec/anaconda/auditd sbin

## for compatibility with Ancient Anaconda Traditions
symlink lib/modules /modules
symlink lib/firmware /firmware
symlink ../run/install mnt/install

## create_depmod_conf()
append etc/depmod.d/dd.conf "search updates built-in"

## create multipath.conf so multipath gets auto-started
append etc/multipath.conf "defaults {\n\tfind_multipaths smart\n\tuser_friendly_names yes\n}\n"

## make lvm auto-activate
remove etc/lvm/archive/*
remove etc/lvm/archive
remove etc/lvm/backup/*
remove etc/lvm/backup
remove etc/lvm/cache/*
remove etc/lvm/cache
remove etc/lvm/lvm.conf
append etc/lvm/lvm.conf "global {\n\tuse_lvmetad = 1\n}\n"

## Record the package versions used to create the image
## rpm initializes nss, which requires /dev/urandom to be present, hence the mknod
runcmd chroot ${root} /usr/bin/mknod -m 666 /dev/random c 1 8
runcmd chroot ${root} /usr/bin/mknod -m 666 /dev/urandom c 1 9
runcmd chroot ${root} /usr/bin/rpm -qa --pipe "tee /root/lorax-packages.log"

## TODO: we could run prelink here if we wanted?