lorax/share/runtime-postinstall.tmpl
Jesse Keating ca15f6d2ba Mask the tmp.mount service to avoid tmpfs
Anaconda runtime is already in memory, no need to use tmpfs here.  In
fact use of tmpfs here will overwrite any updates content that was put
in place by dracut.
2012-08-15 15:11:39 -07:00

100 lines
3.9 KiB
Cheetah

## runtime-postinstall.tmpl
## post-install setup required to make the system work.
<%page args="root, basearch, libdir, configdir"/>
<%
PYTHONDIR = glob("usr/"+libdir+"/python?.?")[0]
stubs = ("list-harddrives", "raidstart", "raidstop")
configdir = configdir + "/common"
%>
## move_stubs()
move usr/share/anaconda/restart-anaconda usr/bin
move ${PYTHONDIR}/site-packages/pyanaconda/sitecustomize.py ${PYTHONDIR}/site-packages
%for stub in stubs:
-move usr/share/anaconda/${stub}-stub usr/bin/${stub}
%endfor
## move_repos()
move etc/yum.repos.d etc/anaconda.repos.d
## Configure systemd to start anaconda
remove etc/systemd/system/default.target
symlink /lib/systemd/system/anaconda.target etc/systemd/system/default.target
## Disable unwanted systemd services
systemctl disable systemd-readahead-collect.service \
systemd-readahead-replay.service \
mdmonitor.service \
mdmonitor-takeover.service \
lvm2-monitor.service
## These services can't be disabled normally (they're linked into place in
## /usr/lib/systemd rather than /etc/systemd), so we have to mask them.
systemctl mask fedora-configure.service fedora-loadmodules.service \
fedora-storage-init.service fedora-storage-init-late.service \
fedora-autorelabel.service fedora-autorelabel-mark.service \
fedora-wait-storage.service media.mount tmp.mount
## install some basic configuration files
append etc/resolv.conf ""
append etc/fstab ""
copy usr/share/anaconda/lang-table etc
install ${configdir}/i18n etc/sysconfig
install ${configdir}/rsyslog.conf etc
install ${configdir}/bash_history root/.bash_history
install ${configdir}/profile root/.profile
install ${configdir}/libuser.conf etc
install ${configdir}/sysctl.conf etc/sysctl.d/anaconda.conf
%if exists(root+"/etc/selinux/targeted"):
install ${configdir}/selinux.config etc/selinux/config
%endif
## set up sshd
install ${configdir}/sshd_config.anaconda etc/ssh
install ${configdir}/pam.sshd etc/pam.d/sshd
install ${configdir}/pam.sshd etc/pam.d/login
install ${configdir}/pam.sshd etc/pam.d/remote
## set up "install" user account
append etc/passwd "install:x:0:0:root:/root:/sbin/anaconda"
append etc/shadow "install::14438:0:99999:7:::"
## remove root password
replace "root:\*:" "root::" etc/shadow
## s390-specific setup
%if basearch in ("s390", "s390x"):
## generate ssh keys
runcmd ssh-keygen -q -C "" -N "" -t rsa1 -f ${root}/etc/ssh/ssh_host_key
runcmd ssh-keygen -q -C "" -N "" -t rsa -f ${root}/etc/ssh/ssh_host_rsa_key
runcmd ssh-keygen -q -C "" -N "" -t dsa -f ${root}/etc/ssh/ssh_host_dsa_key
chmod etc/ssh/ssh_host*_key 600
chmod etc/ssh/ssh_host*_key.pub 644
%endif
## gconf settings
gconfset /apps/metacity/general/button_layout string :
gconfset /apps/metacity/general/action_right_click_titlebar string none
gconfset /apps/metacity/general/num_workspaces int 1
gconfset /apps/metacity/window_keybindings/close string disabled
gconfset /apps/metacity/global_keybindings/run_command_window_screenshot string disabled
gconfset /apps/metacity/global_keybindings/run_command_screenshot string disabled
gconfset /apps/metacity/global_keybindings/switch_to_workspace_up string disabled
gconfset /apps/metacity/global_keybindings/switch_to_workspace_down string disabled
gconfset /apps/metacity/global_keybindings/switch_to_workspace_left string disabled
gconfset /apps/metacity/global_keybindings/switch_to_workspace_right string disabled
gconfset /apps/metacity/global_keybindings/switch_windows string disabled
gconfset /desktop/gnome/interface/accessibility bool true
gconfset /desktop/gnome/interface/at-spi-corba bool true
move usr/libexec/anaconda/auditd sbin
## for compatibility with Ancient Anaconda Traditions
symlink lib/modules /modules
symlink lib/firmware /firmware
symlink ../run/install mnt/install
## create_depmod_conf()
append etc/depmod.d/dd.conf "search updates built-in"
## TODO: we could run prelink here if we wanted?