forked from srbala/fedora-kickstarts
fbeec77bd5
Atomic is HVM only, since OSTree doesn't understand grub1 at the moment, and incentive to have it do so is low.
150 lines
4.5 KiB
Plaintext
150 lines
4.5 KiB
Plaintext
# Fedora Atomic is a cloud-focused spin implementing the Project Atomic
|
|
# patterns.
|
|
#
|
|
# RIGHT NOW, this is very like the traditional cloud image -- this is
|
|
# just a starting point.
|
|
|
|
text
|
|
lang en_US.UTF-8
|
|
keyboard us
|
|
timezone --utc Etc/UTC
|
|
|
|
auth --useshadow --enablemd5
|
|
selinux --enforcing
|
|
rootpw --lock --iscrypted locked
|
|
user --name=none
|
|
|
|
firewall --disabled
|
|
|
|
bootloader --timeout=1 --append="no_timer_check console=tty1 console=ttyS0,115200n8" --extlinux
|
|
|
|
network --bootproto=dhcp --device=eth0 --activate --onboot=on
|
|
services --enabled=network,sshd,rsyslog,cloud-init,cloud-init-local,cloud-config,cloud-final
|
|
|
|
zerombr
|
|
clearpart --all
|
|
# Atomic differs from cloud - we want LVM
|
|
part /boot --size=300 --fstype="ext4"
|
|
part pv.01 --grow
|
|
volgroup atomicos pv.01
|
|
logvol / --size=3000 --fstype="xfs" --name=root --vgname=atomicos
|
|
|
|
ostreesetup --nogpg --osname=fedora-atomic-host --remote=installmedia --url=http://compose-x86-02.phx2.fedoraproject.org/compose/atomic/ --ref=fedora-atomic/f21/x86_64/docker-host
|
|
|
|
reboot
|
|
|
|
|
|
|
|
%post --erroronfail
|
|
|
|
# older versions of livecd-tools do not follow "rootpw --lock" line above
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=964299
|
|
passwd -l root
|
|
# remove the user anaconda forces us to make
|
|
userdel -r none
|
|
|
|
# Kickstart specifies timeout in seconds; syslinux uses 10ths.
|
|
# 0 means wait forever, so instead we'll go with 1.
|
|
sed -i 's/^timeout 10/timeout 1/' /boot/extlinux/extlinux.conf
|
|
|
|
# setup systemd to boot to the right runlevel
|
|
echo -n "Setting default runlevel to multiuser text mode"
|
|
rm -f /etc/systemd/system/default.target
|
|
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
|
|
echo .
|
|
|
|
# If you want to remove rsyslog and just use journald, remove this!
|
|
echo -n "Disabling persistent journal"
|
|
rmdir /var/log/journal/
|
|
echo .
|
|
|
|
echo -n "Getty fixes"
|
|
# although we want console output going to the serial console, we don't
|
|
# actually have the opportunity to login there. FIX.
|
|
# we don't really need to auto-spawn _any_ gettys.
|
|
sed -i '/^#NAutoVTs=.*/ a\
|
|
NAutoVTs=0' /etc/systemd/logind.conf
|
|
|
|
echo -n "Network fixes"
|
|
# initscripts don't like this file to be missing.
|
|
cat > /etc/sysconfig/network << EOF
|
|
NETWORKING=yes
|
|
NOZEROCONF=yes
|
|
EOF
|
|
|
|
# For cloud images, 'eth0' _is_ the predictable device name, since
|
|
# we don't want to be tied to specific virtual (!) hardware
|
|
rm -f /etc/udev/rules.d/70*
|
|
ln -s /dev/null /etc/udev/rules.d/80-net-setup-link.rules
|
|
|
|
# simple eth0 config, again not hard-coded to the build hardware
|
|
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
|
|
DEVICE="eth0"
|
|
BOOTPROTO="dhcp"
|
|
ONBOOT="yes"
|
|
TYPE="Ethernet"
|
|
PERSISTENT_DHCLIENT="yes"
|
|
EOF
|
|
|
|
# generic localhost names
|
|
cat > /etc/hosts << EOF
|
|
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
|
|
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
|
|
|
|
EOF
|
|
echo .
|
|
|
|
|
|
# Because memory is scarce resource in most cloud/virt environments,
|
|
# and because this impedes forensics, we are differing from the Fedora
|
|
# default of having /tmp on tmpfs.
|
|
echo "Disabling tmpfs for /tmp."
|
|
systemctl mask tmp.mount
|
|
|
|
# make sure firstboot doesn't start
|
|
echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
|
|
|
|
# Uncomment this if you want to use cloud init but suppress the creation
|
|
# of an "ec2-user" account. This will, in the absence of further config,
|
|
# cause the ssh key from a metadata source to be put in the root account.
|
|
#cat <<EOF > /etc/cloud/cloud.cfg.d/50_suppress_ec2-user_use_root.cfg
|
|
#users: []
|
|
#disable_root: 0
|
|
#EOF
|
|
|
|
echo "Removing random-seed so it's not the same in every image."
|
|
rm -f /var/lib/random-seed
|
|
|
|
echo "Packages within this cloud image:"
|
|
echo "-----------------------------------------------------------------------"
|
|
rpm -qa
|
|
echo "-----------------------------------------------------------------------"
|
|
# Note that running rpm recreates the rpm db files which aren't needed/wanted
|
|
rm -f /var/lib/rpm/__db*
|
|
|
|
|
|
# This is a temporary workaround for
|
|
# <https://bugzilla.redhat.com/show_bug.cgi?id=1147998>
|
|
# where sfdisk seems to be messing up the mbr.
|
|
# Long-term fix is to address this in anaconda directly and remove this.
|
|
# <https://bugzilla.redhat.com/show_bug.cgi?id=1015931>
|
|
dd if=/usr/share/syslinux/mbr.bin of=/dev/vda
|
|
|
|
|
|
echo "Fixing SELinux contexts."
|
|
touch /var/log/cron
|
|
touch /var/log/boot.log
|
|
mkdir -p /var/cache/yum
|
|
chattr -i /boot/extlinux/ldlinux.sys
|
|
/usr/sbin/fixfiles -R -a restore
|
|
chattr +i /boot/extlinux/ldlinux.sys
|
|
|
|
echo "Zeroing out empty space."
|
|
# This forces the filesystem to reclaim space from deleted files
|
|
dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
|
|
rm -f /var/tmp/zeros
|
|
echo "(Don't worry -- that out-of-space error was expected.)"
|
|
|
|
%end
|
|
|