# Kickstart file for test dCache pool node installs # in VMWare client... # install from http install url --url http://mirror.msulocal/mirror/scientific/6.3/x86_64/os # disk setup # clear sda on vm client clearpart --initlabel --all --drives=/dev/disk/by-path/pci-0000:00:10.0-scsi-0:0:0:0 #ignoredisk --disk= # partitions partition /boot --fstype=ext4 --size=200 --ondisk=/dev/disk/by-path/pci-0000:00:10.0-scsi-0:0:0:0 partition pv.01 --grow --size=1 --ondisk=/dev/disk/by-path/pci-0000:00:10.0-scsi-0:0:0:0 volgroup vg_sys pv.01 --pesize=4096 #logvol / --fstype=ext4 --name=lv_root --vgname=vg_sys --size=20480 #logvol /tmp --fstype=ext4 --name=lv_tmp --vgname=vg_sys --size=15360 #logvol /var --fstype=ext4 --name=lv_var --vgname=vg_sys --size=15360 logvol / --fstype=ext4 --name=lv_root --vgname=vg_sys --size=8192 logvol /var/cache/openafs --fstype=ext4 --name=lv_afscache --vgname=vg_sys --size=4096 logvol swap --name=lv_swap --vgname=vg_sys --size=1024 lang en_US.UTF-8 keyboard us network --device eth0 --onboot yes --bootproto static --noipv6 --ip 10.10.128.40 --netmask 255.255.240.0 --gateway 10.10.128.1 --nameserver 10.10.128.8 # SHA512 rootpw --iscrypted $6$G0Green$HYkspUsxwH6bBhU87cxojUKNYE8SFhayIAE/sFkkc9MZ7bHij7ul.B5LotqJkwfgysuxdndPqDP20vDZoIy3j1 firewall --service=ssh authconfig --enableshadow --passalgo=sha512 timezone --utc America/Detroit bootloader --location=mbr --append="crashkernel=auto" selinux --disabled skipx text # local repo repo --name="AGLT2 Repo 6/x86_64" --baseurl=http://mirror.msulocal/mirror/aglt2/6/x86_64 # services. make sure to have no spaces in lists services --disable auditd,cups,smartd,avahi-daemon --enable ntpd # sshd setup just for install time sshpw --username=installer INST5577 --plaintext reboot %packages @base @client-mgmt-tools @console-internet @core @directory-client @hardware-monitoring @large-systems @misc-sl @performance @perl-runtime xorg-x11-xauth cfengine-community %pre #!/bin/sh mkdir /tmp/anaconda-pre ls -l /dev/disk/by-path > /tmp/anaconda-pre/disks-by-path-pre.out %end %pre #!/bin/sh # verify that install target disk is sane # size check? # error message? # sleep forever, user prompt? # exit? %end %post --nochroot cp -r /tmp/anaconda-pre /mnt/sysimage/root %end %post # paren for redirect of ouput to logfile... ( echo "post script ssh keys running `date`" # Tom's ssh key for root access mkdir /root/.ssh chmod 700 /root/.ssh touch /root/.ssh/authorized_keys chmod 600 /root/.ssh/authorized_keys cat >> /root/.ssh/authorized_keys << ENDSSHKEY ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApn2AFiC3Oi30VaeZ7o8h\ I6fV7oWpUp9Hq8sWABHRftohXufJ+KdjlH1Xv+iwfXlk8iiM8SRtuJol\ RtaOyMEuwMZKz8+AzS0VXceBUd/EAcUCAKHsLO4VRwJpUfMNan6jj1OD\ V4hx5zL9ZecR/C2VpOoYSusFQ1emBdvOO4lE2TAM1gicrjMgHWfo5fu6\ PsFb/ShXu4N52mzTO0LYa0pDUePsZfucEo2M0rDywtAOxENQ/bZ9E7Tc\ jp2Hzuh5rE145TeN/J2wh3Bw09d+FernumAtwayD3VRoLZudlU9Z/+h+\ 6dgZ6Y9XHumjvUIvU8JTFDay5eqtPM5ueIUI7xO/hw== Tom Rockwell ENDSSHKEY # SSHD Config, defaults have been stripped out cp /etc/ssh/sshd_config /etc/ssh/sshd_config.install.orig cat > /etc/ssh/sshd_config << 'ENDSSHCONFIG' SyslogFacility AUTHPRIV PasswordAuthentication no ChallengeResponseAuthentication no GSSAPIAuthentication yes GSSAPICleanupCredentials yes UsePAM yes X11Forwarding yes PermitRootLogin without-password Subsystem sftp /usr/libexec/openssh/sftp-server ListenAddress 10.10.128.40 ENDSSHCONFIG # try to set time ntpdate 10.10.128.8 # kill grub splashimage and hidden menu options sed -i '/^hiddenmenu/d' /boot/grub/grub.conf sed -i '/^splashimage/d' /boot/grub/grub.conf # kill the graphical and quiet kernel options sed -i 's/ rhgb//' /boot/grub/grub.conf sed -i 's/ quiet//' /boot/grub/grub.conf # add time boot parameter for timestamp in dmesg # match "kernel /vmlinuz" and append to the line sed -i 's/\(.*kernel .vmlinuz.*\)/\1 printk.time=1/' /boot/grub/grub.conf # Overwrite sl.repo so local repo mirror is used rm /etc/yum.repos.d/sl-other.repo # fill file using here-doc with parameter sub turned off cat > /etc/yum.repos.d/sl.repo << 'ENDSLREPO' # Written by kickstart. Use local mirrors. [sl] name=Scientific Linux $releasever - $basearch baseurl=http://mirror.msulocal/mirror/scientific/$releasever/$basearch/os enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-sl file:///etc/pki/rpm-gpg/RPM-GPG-KEY-sl6 file:///etc/pki/rpm-gpg/RPM-GPG-KEY-cern [sl-security] name=Scientific Linux $releasever - $basearch - security updates baseurl=http://mirror.msulocal/mirror/scientific/$releasever/$basearch/updates/security enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-sl file:///etc/pki/rpm-gpg/RPM-GPG-KEY-sl6 file:///etc/pki/rpm-gpg/RPM-GPG-KEY-cern ENDSLREPO chmod 644 /etc/yum.repos.d/sl.repo # add the AGLT2 repo cat > /etc/yum.repos.d/aglt2.repo << 'ENDAGLT2REPO' [aglt2] name=AGLT2 $releasever - $basearch baseurl=http://mirror.msulocal/mirror/aglt2/$releasever/$basearch enabled=1 gpgcheck=0 [aglt2-testing] name=AGLT2 Testing $releasever - $basearch baseurl=http://mirror.msulocal/mirror/aglt2/testing$releasever/$basearch enabled=0 gpgcheck=0 ENDAGLT2REPO # CFEngine Keys? # Salt Keys? # Change pxe boot action to localboot # wget --no-check-certificate -O - -o /dev/null https://10.10.128.11/install/sbin/public/setPxeboot.cgi # paren for redirect of ouput to logfile... ) 2>&1 | tee /root/anaconda_post-ssh-keys.log %end %post # for dbugin #sleep 3600 %end