-
Notifications
You must be signed in to change notification settings - Fork 1
/
centos65min.cfg
203 lines (180 loc) · 5.52 KB
/
centos65min.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
install
text
cdrom
lang en_US.UTF-8
keyboard us
network --onboot yes --device eth0 --bootproto static --ip 192.168.10.10 --netmask 255.255.255.0 --gateway 192.168.10.2 --noipv6 --nameserver 192.168.10.2 --hostname c65min.localdomain
rootpw --iscrypted <CHANGEME>
firewall --service=ssh
services --enabled=network,rsyslog,sshd,udev-post --disabled=blk-availability,ip6tables,iptables,lvm2-monitor,netconsole,netfs,rdisc,restorecond
authconfig --enableshadow --passalgo=sha512
selinux --disabled
timezone Europe/Athens
bootloader --location=mbr --driveorder=sda
zerombr
clearpart --all --drives=sda
part /boot --fstype=ext4 --size=500
part pv.0 --grow --size=1
volgroup vg0 --pesize=4096 pv.0
logvol swap --name=lv0 --vgname=vg0 --size=256
logvol / --fstype=ext4 --name=lv1 --vgname=vg0 --size=512
logvol /home --fstype=ext4 --name=lv2 --vgname=vg0 --size=128
logvol /tmp --fstype=ext4 --name=lv3 --vgname=vg0 --size=128
logvol /usr --fstype=ext4 --name=lv4 --vgname=vg0 --size=768
logvol /var --fstype=ext4 --name=lv5 --vgname=vg0 --size=384
logvol /usr/local --fstype=ext4 --name=lv6 --vgname=vg0 --size=128
logvol /opt --fstype=ext4 --name=lv7 --vgname=vg0 --size=128
%packages --nobase
@core
-acl
-attr
-audit
-authconfig
-b43-openfwwf
-bridge-utils
-cronie
-cronie-anacron
-crontabs
-cryptsetup-luks
-cryptsetup-luks-libs
-cyrus-sasl
-device-mapper-multipath
-device-mapper-multipath-libs
-dhclient
-dhcp-common
-efibootmgr
-fuse
-iptables-ipv6
-iscsi-initiator-utils
-kernel-firmware
-kpartx
-m4
-mdadm
-mysql-libs
-newt
-newt-python
-pciutils-libs
-postfix
-selinux-policy
-selinux-policy-targeted
-slang
-system-config-firewall-base
-xfsprogs
bc
man
patch
screen
vim-enhanced
%end
%post --log=/root/post.log
umask 077
mkdir /root/patches
cat > /root/patches/bashrc.patch << "EOF"
--- /etc/bashrc.orig 2013-10-02 12:06:18.000000000 +0300
+++ /etc/bashrc 2014-02-02 19:24:28.189999409 +0200
@@ -33,7 +33,7 @@
fi
# Turn on checkwinsize
shopt -s checkwinsize
- [ "$PS1" = "\\s-\\v\\\$ " ] && PS1="[\u@\h \W]\\$ "
+ [ "$PS1" = "\\s-\\v\\\$ " ] && PS1="[\u@\H \w]\\$ "
# You might want to have e.g. tty in prompt (e.g. more virtual machines)
# and console windows
# If you want to do so, just add e.g.
EOF
cat > /root/patches/grub.conf.patch << "EOF"
--- /boot/grub/grub.conf.orig 2014-02-02 19:12:44.000000000 +0200
+++ /boot/grub/grub.conf 2014-02-02 19:21:29.000000000 +0200
@@ -9,9 +9,9 @@
#boot=/dev/sda
default=0
timeout=5
-splashimage=(hd0,0)/grub/splash.xpm.gz
-hiddenmenu
+#splashimage=(hd0,0)/grub/splash.xpm.gz
+#hiddenmenu
title CentOS (2.6.32-431.el6.x86_64)
root (hd0,0)
- kernel /vmlinuz-2.6.32-431.el6.x86_64 ro root=/dev/mapper/vg0-lv1 rd_NO_LUKS LANG=en_US.UTF-8 rd_LVM_LV=vg0/lv1 rd_LVM_LV=vg0/lv0 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
+ kernel /vmlinuz-2.6.32-431.el6.x86_64 ro root=/dev/mapper/vg0-lv1 rd_NO_LUKS LANG=en_US.UTF-8 rd_LVM_LV=vg0/lv1 rd_LVM_LV=vg0/lv0 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM consoleblank=0
initrd /initramfs-2.6.32-431.el6.x86_64.img
EOF
cat > /root/patches/network.patch << EOF
--- /etc/sysconfig/network.orig 2014-01-31 18:05:04.122999876 +0200
+++ /etc/sysconfig/network 2014-02-01 15:16:30.409003774 +0200
@@ -1,3 +1,4 @@
NETWORKING=yes
HOSTNAME=c65min.localdomain
GATEWAY=192.168.10.2
+NOZEROCONF=yes
EOF
cat > /root/patches/sshd_config.patch << EOF
--- /etc/ssh/sshd_config.orig 2013-11-23 00:40:03.000000000 +0200
+++ /etc/ssh/sshd_config 2014-02-01 15:10:51.538004292 +0200
@@ -11,7 +11,7 @@
# default value.
#Port 22
-#AddressFamily any
+AddressFamily inet
#ListenAddress 0.0.0.0
#ListenAddress ::
@@ -78,9 +78,7 @@
# GSSAPI options
#GSSAPIAuthentication no
-GSSAPIAuthentication yes
#GSSAPICleanupCredentials yes
-GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no
EOF
cat > /root/patches/sysctl.conf.patch << "EOF"
--- /etc/sysctl.conf.orig 2013-11-22 23:20:24.000000000 +0200
+++ /etc/sysctl.conf 2014-02-01 15:18:26.503000964 +0200
@@ -38,3 +38,9 @@
# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296
+
+# Disable IPV6
+net.ipv6.conf.all.disable_ipv6 = 1
+net.ipv6.conf.default.disable_ipv6 = 1
+net.ipv6.conf.lo.disable_ipv6 = 1
+net.ipv6.conf.eth0.disable_ipv6 = 1
EOF
cat > /root/patches/tty.conf.patch << "EOF"
--- /etc/init/tty.conf.orig 2013-10-10 17:48:43.000000000 +0300
+++ /etc/init/tty.conf 2014-02-01 15:03:44.103003068 +0200
@@ -9,5 +9,5 @@
respawn
instance $TTY
-exec /sbin/mingetty $TTY
+exec /sbin/mingetty --noclear $TTY
usage 'tty TTY=/dev/ttyX - where X is console id'
EOF
cat > /root/patches/root_bash_profile.patch << "EOF"
--- /root/.bash_profile.orig 2009-05-20 13:45:02.000000000 +0300
+++ /root/.bash_profile 2014-02-02 19:32:08.800998659 +0200
@@ -10,3 +10,4 @@
PATH=$PATH:$HOME/bin
export PATH
+export LESSHISTFILE="-"
EOF
cat > /root/patches/root_bashrc.patch << EOF
--- /root/.bashrc.orig 2004-09-23 06:59:52.000000000 +0300
+++ /root/.bashrc 2014-02-02 19:29:57.525999763 +0200
@@ -5,8 +5,11 @@
alias rm='rm -i'
alias cp='cp -i'
alias mv='mv -i'
+alias vi='vim'
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
+
+umask 077
EOF
for PATCH in /root/patches/*.patch ; do patch -p 0 --backup --verbose < $PATCH ; done
rm -fv /root/{.bash_logout,.cshrc,install.log,install.log.syslog,.tcshrc}
chmod -c 600 /root/.bash*
for i in `seq 1 7` ; do tune2fs -m 0 /dev/vg0/lv${i} ; done
%end