From 318b9ecc73245047a4f2c011c00cc412a4bfd3a6 Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Tue, 8 May 2018 14:11:05 +0100 Subject: [PATCH] Add initial IoT kickstart Signed-off-by: Peter Robinson --- fedora-iot.ks | 123 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 123 insertions(+) create mode 100644 fedora-iot.ks diff --git a/fedora-iot.ks b/fedora-iot.ks new file mode 100644 index 0000000..7162858 --- /dev/null +++ b/fedora-iot.ks @@ -0,0 +1,123 @@ +# This is the kickstart for Fedora IoT disk images. + +text # don't use cmdline -- https://github.com/rhinstaller/anaconda/issues/931 +lang en_US.UTF-8 +keyboard us +timezone --utc Etc/UTC + +auth --useshadow --passalgo=sha512 +selinux --enforcing +rootpw --lock --iscrypted locked + +# Add most common consoles console=ttyAMA0 console=ttyS0 console=ttyS1 as kernel boot parameter +bootloader --timeout=1 --append="console=tty1 console=ttyS0,115200n8 console=ttyS1,115200n8 console=ttyAMA0 net.ifnames=0" + +network --bootproto=dhcp --device=link --activate --onboot=on +services --enabled=NetworkManager,sshd,initial-setup + +zerombr +clearpart --all +# Use reqpart to create hardware platform specific partitions +# https://pagure.io/atomic-wg/issue/299 +reqpart --add-boot +part pv.01 --grow +volgroup fedoraiot pv.01 +# Start from 3GB as we did before, since we just need a size. +logvol / --size=3000 --fstype="ext4" --name=root --vgname=fedoraiot + +# Equivalent of %include fedora-repo.ks +# Pull from the ostree repo that was created during the compose +ostreesetup --nogpg --osname=fedora-iot --remote=fedora-iot --url=https://kojipkgs.fedoraproject.org/compose/iot/repo/ --ref=fedora/29/${basearch}/updates/iot + +reboot + +%post --erroronfail +# Find the architecture we are on +arch=$(uname -m) + +# Setup Raspberry Pi firmware +if [[ $arch == "aarch64" ]] || [[ $arch == "armv7l" ]]; then +cp -Pr /usr/share/bcm283x-firmware/* /boot/efi/ +if [[ $arch == "aarch64" ]]; then +mv -f /boot/efi/config-64.txt /boot/efi/config.txt +cp -P /usr/share/uboot/rpi_3/u-boot.bin /boot/efi/rpi3-u-boot.bin +else +cp -P /usr/share/uboot/rpi_2/u-boot.bin /boot/fw/rpi2-u-boot.bin +cp -P /usr/share/uboot/rpi_3_32b/u-boot.bin /boot/fw/rpi3-u-boot.bin +fi +fi + +# Set the origin to the "main ref", distinct from /updates/ which is where bodhi writes. +# We want consumers of this image to track the two week releases. +ostree admin set-origin --index 0 fedora-iot https://kojipkgs.fedoraproject.org/iot/29/ "fedora/29/${arch}/iot" + +# Make sure the ref we're supposedly sitting on (according +# to the updated origin) exists. +ostree refs "fedora-iot:fedora/29/${arch}/updates/iot" --create "fedora-iot:fedora/29/${arch}/iot" + +# Remove the old ref so that the commit eventually gets cleaned up. +ostree refs "fedora-iot:fedora/29/${arch}/updates/iot" --delete + +# delete/add the remote with new options to enable gpg verification +# and to point them at the cdn url +ostree remote delete fedora-iot +ostree remote add --set=gpg-verify=true --set=gpgkeypath=/etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-29-primary fedora-iot 'https://dl.fedoraproject.org/iot/repo/' + +# older versions of livecd-tools do not follow "rootpw --lock" line above +# https://bugzilla.redhat.com/show_bug.cgi?id=964299 +passwd -l root + +# Work around https://bugzilla.redhat.com/show_bug.cgi?id=1193590 +cp /etc/skel/.bash* /var/roothome + +echo -n "Network fixes" +# initscripts don't like this file to be missing. +cat > /etc/sysconfig/network << EOF +NETWORKING=yes +NOZEROCONF=yes +EOF + +# Remove any persistent NIC rules generated by udev +rm -vf /etc/udev/rules.d/*persistent-net*.rules +# And ensure that we will do DHCP on eth0 on startup +cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF +DEVICE="eth0" +BOOTPROTO="dhcp" +ONBOOT="yes" +TYPE="Ethernet" +PERSISTENT_DHCLIENT="yes" +EOF + +echo "Removing random-seed so it's not the same in every image." +rm -f /var/lib/systemd/random-seed + +echo "Packages within this iot image:" +echo "-----------------------------------------------------------------------" +rpm -qa +echo "-----------------------------------------------------------------------" +# Note that running rpm recreates the rpm db files which aren't needed/wanted +rm -f /var/lib/rpm/__db* + +echo "Zeroing out empty space." +# This forces the filesystem to reclaim space from deleted files +dd bs=1M if=/dev/zero of=/var/tmp/zeros || : +rm -f /var/tmp/zeros +echo "(Don't worry -- that out-of-space error was expected.)" + +# For trac ticket https://pagure.io/atomic-wg/issue/128 +rm -f /etc/sysconfig/network-scripts/ifcfg-ens3 + +echo "Adding Developer Mode GRUB2 menu item." +/usr/libexec/atomic-devmode/bootentry add + +# Disable network service here, as doing it in the services line +# fails due to RHBZ #1369794 +/sbin/chkconfig network off + +# Anaconda is writing an /etc/resolv.conf from the install environment. +# The system should start out with an empty file, otherwise cloud-init +# will try to use this information and may error: +# https://bugs.launchpad.net/cloud-init/+bug/1670052 +truncate -s 0 /etc/resolv.conf + +%end