31fec67150
Make sure grub2-efi-*-cdboot is included in the live media kickstart, add some documentation about creating UEFI disk images, and add ia32 to the minimal example (it will need to be commented out for other arches). Resolves: rhbz#1458937
373 lines
12 KiB
Plaintext
373 lines
12 KiB
Plaintext
#version=DEVEL
|
|
sshpw --username=root --plaintext randOmStrinGhERE
|
|
# Firewall configuration
|
|
firewall --enabled --service=mdns
|
|
# Use network installation
|
|
url --url=http://repo/rhel7.4/Server/os
|
|
repo --name=optional --baseurl=http://repo/rhel7.4/Server/optional/os
|
|
|
|
# X Window System configuration information
|
|
xconfig --startxonboot
|
|
# Root password
|
|
rootpw --plaintext removethispw
|
|
# Network information
|
|
network --bootproto=dhcp --onboot=on --activate
|
|
# System authorization information
|
|
auth --useshadow --enablemd5
|
|
# System keyboard
|
|
keyboard --xlayouts=us --vckeymap=us
|
|
# System language
|
|
lang en_US.UTF-8
|
|
# SELinux configuration
|
|
selinux --enforcing
|
|
# Installation logging level
|
|
logging --level=info
|
|
# Shutdown after installation
|
|
shutdown
|
|
# System services
|
|
services --disabled="network,sshd" --enabled="NetworkManager"
|
|
# System timezone
|
|
timezone US/Eastern
|
|
# System bootloader configuration
|
|
bootloader --location=mbr
|
|
# Clear the Master Boot Record
|
|
zerombr
|
|
# Partition clearing information
|
|
clearpart --all
|
|
# Disk partitioning information
|
|
part biosboot --size=1
|
|
part / --fstype="ext4" --size=5000
|
|
part swap --size=1000
|
|
|
|
%post
|
|
# FIXME: it'd be better to get this installed from a package
|
|
cat > /etc/rc.d/init.d/livesys << EOF
|
|
#!/bin/bash
|
|
#
|
|
# live: Init script for live image
|
|
#
|
|
# chkconfig: 345 00 99
|
|
# description: Init script for live image.
|
|
|
|
. /etc/init.d/functions
|
|
|
|
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then
|
|
exit 0
|
|
fi
|
|
|
|
if [ -e /.liveimg-configured ] ; then
|
|
configdone=1
|
|
fi
|
|
|
|
exists() {
|
|
which \$1 >/dev/null 2>&1 || return
|
|
\$*
|
|
}
|
|
|
|
touch /.liveimg-configured
|
|
|
|
# mount live image
|
|
if [ -b \`readlink -f /dev/live\` ]; then
|
|
mkdir -p /mnt/live
|
|
mount -o ro /dev/live /mnt/live 2>/dev/null || mount /dev/live /mnt/live
|
|
fi
|
|
|
|
livedir="LiveOS"
|
|
for arg in \`cat /proc/cmdline\` ; do
|
|
if [ "\${arg##live_dir=}" != "\${arg}" ]; then
|
|
livedir=\${arg##live_dir=}
|
|
return
|
|
fi
|
|
done
|
|
|
|
# enable swaps unless requested otherwise
|
|
swaps=\`blkid -t TYPE=swap -o device\`
|
|
if ! strstr "\`cat /proc/cmdline\`" noswap && [ -n "\$swaps" ] ; then
|
|
for s in \$swaps ; do
|
|
action "Enabling swap partition \$s" swapon \$s
|
|
done
|
|
fi
|
|
if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /mnt/live/\${livedir}/swap.img ] ; then
|
|
action "Enabling swap file" swapon /mnt/live/\${livedir}/swap.img
|
|
fi
|
|
|
|
mountPersistentHome() {
|
|
# support label/uuid
|
|
if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then
|
|
homedev=\`/sbin/blkid -o device -t "\$homedev"\`
|
|
fi
|
|
|
|
# if we're given a file rather than a blockdev, loopback it
|
|
if [ "\${homedev##mtd}" != "\${homedev}" ]; then
|
|
# mtd devs don't have a block device but get magic-mounted with -t jffs2
|
|
mountopts="-t jffs2"
|
|
elif [ ! -b "\$homedev" ]; then
|
|
loopdev=\`losetup -f\`
|
|
if [ "\${homedev##/mnt/live}" != "\${homedev}" ]; then
|
|
action "Remounting live store r/w" mount -o remount,rw /mnt/live
|
|
fi
|
|
losetup \$loopdev \$homedev
|
|
homedev=\$loopdev
|
|
fi
|
|
|
|
# if it's encrypted, we need to unlock it
|
|
if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then
|
|
echo
|
|
echo "Setting up encrypted /home device"
|
|
plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome"
|
|
homedev=/dev/mapper/EncHome
|
|
fi
|
|
|
|
# and finally do the mount
|
|
mount \$mountopts \$homedev /home
|
|
# if we have /home under what's passed for persistent home, then
|
|
# we should make that the real /home. useful for mtd device on olpc
|
|
if [ -d /home/home ]; then mount --bind /home/home /home ; fi
|
|
[ -x /sbin/restorecon ] && /sbin/restorecon /home
|
|
if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi
|
|
}
|
|
|
|
findPersistentHome() {
|
|
for arg in \`cat /proc/cmdline\` ; do
|
|
if [ "\${arg##persistenthome=}" != "\${arg}" ]; then
|
|
homedev=\${arg##persistenthome=}
|
|
return
|
|
fi
|
|
done
|
|
}
|
|
|
|
if strstr "\`cat /proc/cmdline\`" persistenthome= ; then
|
|
findPersistentHome
|
|
elif [ -e /mnt/live/\${livedir}/home.img ]; then
|
|
homedev=/mnt/live/\${livedir}/home.img
|
|
fi
|
|
|
|
# if we have a persistent /home, then we want to go ahead and mount it
|
|
if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then
|
|
action "Mounting persistent /home" mountPersistentHome
|
|
fi
|
|
|
|
# make it so that we don't do writing to the overlay for things which
|
|
# are just tmpdirs/caches
|
|
mount -t tmpfs -o mode=0755 varcacheyum /var/cache/yum
|
|
mount -t tmpfs tmp /tmp
|
|
mount -t tmpfs vartmp /var/tmp
|
|
[ -x /sbin/restorecon ] && /sbin/restorecon /var/cache/yum /tmp /var/tmp >/dev/null 2>&1
|
|
|
|
if [ -n "\$configdone" ]; then
|
|
exit 0
|
|
fi
|
|
|
|
# add fedora user with no passwd
|
|
action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser
|
|
passwd -d liveuser > /dev/null
|
|
|
|
# turn off firstboot for livecd boots
|
|
chkconfig --level 345 firstboot off 2>/dev/null
|
|
# We made firstboot a native systemd service, so it can no longer be turned
|
|
# off with chkconfig. It should be possible to turn it off with systemctl, but
|
|
# that doesn't work right either. For now, this is good enough: the firstboot
|
|
# service will start up, but this tells it not to run firstboot. I suspect the
|
|
# other services 'disabled' below are not actually getting disabled properly,
|
|
# with systemd, but we can look into that later. - AdamW 2010/08 F14Alpha
|
|
echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
|
|
|
|
# don't start yum-updatesd for livecd boots
|
|
chkconfig --level 345 yum-updatesd off 2>/dev/null
|
|
|
|
# turn off mdmonitor by default
|
|
chkconfig --level 345 mdmonitor off 2>/dev/null
|
|
|
|
# turn off setroubleshoot on the live image to preserve resources
|
|
chkconfig --level 345 setroubleshoot off 2>/dev/null
|
|
|
|
# don't do packagekit checking by default
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t string /apps/gnome-packagekit/update-icon/frequency_get_updates never >/dev/null
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t string /apps/gnome-packagekit/update-icon/frequency_get_upgrades never >/dev/null
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t string /apps/gnome-packagekit/update-icon/frequency_refresh_cache never >/dev/null
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/update-icon/notify_available false >/dev/null
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/update-icon/notify_distro_upgrades false >/dev/null
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_check_firmware false >/dev/null
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_check_hardware false >/dev/null
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_codec_helper false >/dev/null
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_font_helper false >/dev/null
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_mime_type_helper false >/dev/null
|
|
|
|
|
|
# don't start cron/at as they tend to spawn things which are
|
|
# disk intensive that are painful on a live image
|
|
chkconfig --level 345 crond off 2>/dev/null
|
|
chkconfig --level 345 atd off 2>/dev/null
|
|
chkconfig --level 345 anacron off 2>/dev/null
|
|
chkconfig --level 345 readahead_early off 2>/dev/null
|
|
chkconfig --level 345 readahead_later off 2>/dev/null
|
|
|
|
# Stopgap fix for RH #217966; should be fixed in HAL instead
|
|
touch /media/.hal-mtab
|
|
|
|
# workaround clock syncing on shutdown that we don't want (#297421)
|
|
sed -i -e 's/hwclock/no-such-hwclock/g' /etc/rc.d/init.d/halt
|
|
|
|
# and hack so that we eject the cd on shutdown if we're using a CD...
|
|
if strstr "\`cat /proc/cmdline\`" CDLABEL= ; then
|
|
cat >> /sbin/halt.local << FOE
|
|
#!/bin/bash
|
|
# XXX: This often gets stuck during shutdown because /etc/init.d/halt
|
|
# (or something else still running) wants to read files from the block\
|
|
# device that was ejected. Disable for now. Bug #531924
|
|
# we want to eject the cd on halt, but let's also try to avoid
|
|
# io errors due to not being able to get files...
|
|
#cat /sbin/halt > /dev/null
|
|
#cat /sbin/reboot > /dev/null
|
|
#/usr/sbin/eject -p -m \$(readlink -f /dev/live) >/dev/null 2>&1
|
|
#echo "Please remove the CD from your drive and press Enter to finish restarting"
|
|
#read -t 30 < /dev/console
|
|
FOE
|
|
chmod +x /sbin/halt.local
|
|
fi
|
|
|
|
EOF
|
|
|
|
# bah, hal starts way too late
|
|
cat > /etc/rc.d/init.d/livesys-late << EOF
|
|
#!/bin/bash
|
|
#
|
|
# live: Late init script for live image
|
|
#
|
|
# chkconfig: 345 99 01
|
|
# description: Late init script for live image.
|
|
|
|
. /etc/init.d/functions
|
|
|
|
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then
|
|
exit 0
|
|
fi
|
|
|
|
exists() {
|
|
which \$1 >/dev/null 2>&1 || return
|
|
\$*
|
|
}
|
|
|
|
touch /.liveimg-late-configured
|
|
|
|
# read some variables out of /proc/cmdline
|
|
for o in \`cat /proc/cmdline\` ; do
|
|
case \$o in
|
|
ks=*)
|
|
ks="--kickstart=\${o#ks=}"
|
|
;;
|
|
xdriver=*)
|
|
xdriver="\${o#xdriver=}"
|
|
;;
|
|
esac
|
|
done
|
|
|
|
# if liveinst or textinst is given, start anaconda
|
|
if strstr "\`cat /proc/cmdline\`" liveinst ; then
|
|
plymouth --quit
|
|
/usr/sbin/liveinst \$ks
|
|
fi
|
|
if strstr "\`cat /proc/cmdline\`" textinst ; then
|
|
plymouth --quit
|
|
/usr/sbin/liveinst --text \$ks
|
|
fi
|
|
|
|
# configure X, allowing user to override xdriver
|
|
if [ -n "\$xdriver" ]; then
|
|
cat > /etc/X11/xorg.conf.d/00-xdriver.conf <<FOE
|
|
Section "Device"
|
|
Identifier "Videocard0"
|
|
Driver "\$xdriver"
|
|
EndSection
|
|
FOE
|
|
fi
|
|
|
|
EOF
|
|
|
|
chmod 755 /etc/rc.d/init.d/livesys
|
|
/sbin/restorecon /etc/rc.d/init.d/livesys
|
|
/sbin/chkconfig --add livesys
|
|
|
|
chmod 755 /etc/rc.d/init.d/livesys-late
|
|
/sbin/restorecon /etc/rc.d/init.d/livesys-late
|
|
/sbin/chkconfig --add livesys-late
|
|
|
|
# work around for poor key import UI in PackageKit
|
|
rm -f /var/lib/rpm/__db*
|
|
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora
|
|
echo "Packages within this LiveCD"
|
|
rpm -qa
|
|
|
|
# go ahead and pre-make the man -k cache (#455968)
|
|
/usr/bin/mandb
|
|
|
|
# make sure there aren't core files lying around
|
|
rm -f /core*
|
|
|
|
# convince readahead not to collect
|
|
rm -f /.readahead_collect
|
|
touch /var/lib/readahead/early.sorted
|
|
|
|
# Remove random-seed
|
|
rm /var/lib/systemd/random-seed
|
|
%end
|
|
|
|
%post
|
|
cat >> /etc/rc.d/init.d/livesys << EOF
|
|
# disable screensaver locking
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-screensaver/lock_enabled false >/dev/null
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /desktop/gnome/lockdown/disable_lock_screen true >/dev/null
|
|
|
|
# set up timed auto-login for after 60 seconds
|
|
cat >> /etc/gdm/custom.conf << FOE
|
|
[daemon]
|
|
AutomaticLoginEnable=True
|
|
AutomaticLogin=liveuser
|
|
FOE
|
|
|
|
# Show harddisk install on the desktop
|
|
sed -i -e 's/NoDisplay=true/NoDisplay=false/' /usr/share/applications/liveinst.desktop
|
|
mkdir /home/liveuser/Desktop
|
|
cp /usr/share/applications/liveinst.desktop /home/liveuser/Desktop
|
|
chown -R liveuser.liveuser /home/liveuser/Desktop
|
|
chmod a+x /home/liveuser/Desktop/liveinst.desktop
|
|
|
|
# But not trash and home
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/nautilus/desktop/trash_icon_visible false >/dev/null
|
|
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/nautilus/desktop/home_icon_visible false >/dev/null
|
|
|
|
# Turn off PackageKit-command-not-found while uninstalled
|
|
sed -i -e 's/^SoftwareSourceSearch=true/SoftwareSourceSearch=false/' /etc/PackageKit/CommandNotFound.conf
|
|
|
|
EOF
|
|
|
|
# Remove root password
|
|
passwd -d root > /dev/null
|
|
|
|
# fstab from the install won't match anything. remove it and let dracut
|
|
# handle mounting.
|
|
cat /dev/null > /etc/fstab
|
|
|
|
%end
|
|
|
|
%packages
|
|
# Packages needed by anaconda, but not directly required.
|
|
# Includes all of the grub2 and shim packages needed, except
|
|
# for the grub2-efi-*-cdboot package
|
|
@anaconda-tools --optional
|
|
@core
|
|
@fonts
|
|
@x11
|
|
@gnome-desktop
|
|
@input-methods
|
|
anaconda
|
|
isomd5sum
|
|
kernel
|
|
memtest86+
|
|
syslinux
|
|
-dracut-config-rescue
|
|
|
|
# This package is needed to boot the iso on UEFI
|
|
grub2-efi-*-cdboot
|
|
%end
|