868e455f7e
Lorax already writes this list of installed packages when it creates the iso. There is no need to run rpm from inside runtime-postinstall.tmpl Resolves: RHEL-54534
127 lines
4.7 KiB
Cheetah
127 lines
4.7 KiB
Cheetah
## runtime-postinstall.tmpl
|
|
## post-install setup required to make the system work.
|
|
|
|
<%page args="root, basearch, libdir, configdir"/>
|
|
<%
|
|
configdir = configdir + "/common"
|
|
import os, time
|
|
SOURCE_DATE_EPOCH = os.environ.get('SOURCE_DATE_EPOCH', str(int(time.time())))
|
|
%>
|
|
|
|
## move_stubs()
|
|
move usr/share/anaconda/list-harddrives-stub usr/bin/list-harddrives
|
|
|
|
## move_repos()
|
|
move etc/yum.repos.d etc/anaconda.repos.d
|
|
|
|
## Setup mdadm config to turn off homehost
|
|
remove etc/mdadm.conf
|
|
append etc/mdadm.conf "HOMEHOST <ignore>\n"
|
|
|
|
## Configure systemd to start anaconda
|
|
remove etc/systemd/system/default.target
|
|
symlink /lib/systemd/system/anaconda.target etc/systemd/system/default.target
|
|
|
|
## Make sure tmpfs is enabled
|
|
mkdir etc/systemd/system/local-fs.target.wants/
|
|
symlink /lib/systemd/system/tmp.mount etc/systemd/system/local-fs.target.wants/tmp.mount
|
|
|
|
## Disable unwanted systemd services
|
|
systemctl disable systemd-readahead-collect.service \
|
|
systemd-readahead-replay.service \
|
|
lvm2-monitor.service \
|
|
dnf-makecache.timer \
|
|
sshd.socket
|
|
## These services can't be disabled normally (they're linked into place in
|
|
## /usr/lib/systemd rather than /etc/systemd), so we have to mask them.
|
|
systemctl mask fedora-configure.service fedora-loadmodules.service \
|
|
fedora-autorelabel.service fedora-autorelabel-mark.service \
|
|
fedora-wait-storage.service media.mount \
|
|
systemd-tmpfiles-clean.service systemd-tmpfiles-clean.timer \
|
|
ldconfig.service
|
|
remove usr/lib/systemd/system/rngd.service
|
|
|
|
## remove because it cannot be disabled
|
|
remove usr/lib/systemd/system-generators/lvm2-activation-generator
|
|
|
|
## Remove the more terrible parts of systemd-tmpfiles.
|
|
## etc.conf is written with the assumption that /etc/ is empty, which is
|
|
## ridiculous, and it also creates a broken /etc/resolv.conf, which breaks
|
|
## networking.
|
|
remove usr/lib/tmpfiles.d/etc.conf
|
|
|
|
## Make logind activate anaconda-shell@.service on switch to empty VT
|
|
symlink anaconda-shell@.service lib/systemd/system/autovt@.service
|
|
mkdir usr/lib/systemd/logind.conf.d
|
|
append usr/lib/systemd/logind.conf.d/anaconda-shell.conf "[Login]\nReserveVT=2"
|
|
|
|
## Don't write the journal to the overlay, just keep it in RAM
|
|
remove var/log/journal
|
|
|
|
## install some basic configuration files
|
|
append etc/fstab ""
|
|
install ${configdir}/i18n etc/sysconfig
|
|
install ${configdir}/rsyslog.conf etc
|
|
install ${configdir}/bash_history root/.bash_history
|
|
install ${configdir}/profile root/.profile
|
|
install ${configdir}/sysctl.conf etc/sysctl.d/anaconda.conf
|
|
install ${configdir}/spice-vdagentd etc/sysconfig
|
|
mkdir etc/NetworkManager/conf.d
|
|
install ${configdir}/91-anaconda-autoconnect-slaves.conf etc/NetworkManager/conf.d
|
|
install ${configdir}/vconsole.conf etc
|
|
install ${configdir}/92-anaconda-loglevel-debug.conf etc/NetworkManager/conf.d
|
|
|
|
## set up sshd
|
|
install ${configdir}/sshd_config.anaconda etc/ssh
|
|
install ${configdir}/pam.sshd etc/pam.d/sshd
|
|
install ${configdir}/pam.sshd etc/pam.d/login
|
|
install ${configdir}/pam.sshd etc/pam.d/remote
|
|
|
|
## set up inst.rngd support
|
|
install ${configdir}/inst.rngd.service etc/systemd/system/inst.rngd.service
|
|
mkdir etc/systemd/system/basic.target.wants/
|
|
symlink /etc/systemd/system/inst.rngd.service etc/systemd/system/basic.target.wants/inst.rngd.service
|
|
|
|
## set up "install" user account
|
|
append etc/passwd "install:x:0:0:root:/root:/usr/libexec/anaconda/run-anaconda"
|
|
append etc/shadow "install::14438:0:99999:7:::"
|
|
## remove root password
|
|
replace "root:\*:" "root::" etc/shadow
|
|
|
|
## gsettings settings
|
|
install ${configdir}/org.gtk.Settings.Debug.gschema.override usr/share/glib-2.0/schemas
|
|
runcmd chroot ${root} glib-compile-schemas /usr/share/glib-2.0/schemas
|
|
|
|
|
|
## for compatibility with Ancient Anaconda Traditions
|
|
symlink lib/modules /modules
|
|
symlink lib/firmware /firmware
|
|
symlink ../run/install mnt/install
|
|
|
|
## create_depmod_conf()
|
|
append etc/depmod.d/dd.conf "search updates built-in"
|
|
|
|
## create multipath.conf so multipath gets auto-started
|
|
append etc/multipath.conf "defaults {\n\tfind_multipaths smart\n\tuser_friendly_names yes\n}\n"
|
|
|
|
## make lvm auto-activate
|
|
remove etc/lvm/archive/*
|
|
remove etc/lvm/archive
|
|
remove etc/lvm/backup/*
|
|
remove etc/lvm/backup
|
|
remove etc/lvm/cache/*
|
|
remove etc/lvm/cache
|
|
remove etc/lvm/lvm.conf
|
|
append etc/lvm/lvm.conf "global {\n\tuse_lvmetad = 1\n}\n"
|
|
|
|
## Remove machine specific nvme-cli files
|
|
remove etc/nvme/hostid
|
|
remove etc/nvme/hostnqn
|
|
|
|
## TODO: we could run prelink here if we wanted?
|
|
|
|
## fix fonconfig cache containing timestamps
|
|
runcmd chroot ${root} /usr/bin/find /usr/share/fonts -newermt "@${SOURCE_DATE_EPOCH}" -exec \
|
|
touch --no-dereference --date="@${SOURCE_DATE_EPOCH}" {} +
|
|
runcmd chroot ${root} /usr/bin/fc-cache -f
|