container/container-medium-19.ks container/container-medium-20.ks container/container-minimal-19.ks container/container-minimal-20.ks
by Matthew Miller
container/container-medium-19.ks | 6 ++++++
container/container-medium-20.ks | 6 ++++++
container/container-minimal-19.ks | 6 ++++++
container/container-minimal-20.ks | 6 ++++++
4 files changed, 24 insertions(+)
New commits:
commit d27bd267cf8160550a596e8404a2d1804409487d
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Sun Sep 22 17:36:09 2013 -0400
create devices which appliance-creator doesn't
diff --git a/container/container-medium-19.ks b/container/container-medium-19.ks
index 2826c43..0eefe6c 100644
--- a/container/container-medium-19.ks
+++ b/container/container-medium-19.ks
@@ -65,6 +65,12 @@ rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
echo .
+# create devices which appliance-creator does not
+ln -s /proc/kcore /dev/core
+mknod -m 600 /dev/console c 5 1
+mknod -m 660 /dev/loop0 b 7 0
+mknod -m 660 /dev/loop1 b 7 1
+
echo -n "Network fixes"
# initscripts don't like this file to be missing.
cat > /etc/sysconfig/network << EOF
diff --git a/container/container-medium-20.ks b/container/container-medium-20.ks
index 4c9b2f5..5c90c61 100644
--- a/container/container-medium-20.ks
+++ b/container/container-medium-20.ks
@@ -65,6 +65,12 @@ rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
echo .
+# create devices which appliance-creator does not
+ln -s /proc/kcore /dev/core
+mknod -m 600 /dev/console c 5 1
+mknod -m 660 /dev/loop0 b 7 0
+mknod -m 660 /dev/loop1 b 7 1
+
echo -n "Network fixes"
# initscripts don't like this file to be missing.
cat > /etc/sysconfig/network << EOF
diff --git a/container/container-minimal-19.ks b/container/container-minimal-19.ks
index cf0d311..5f15a0b 100644
--- a/container/container-minimal-19.ks
+++ b/container/container-minimal-19.ks
@@ -57,6 +57,12 @@ rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
echo .
+# create devices which appliance-creator does not
+ln -s /proc/kcore /dev/core
+mknod -m 600 /dev/console c 5 1
+mknod -m 660 /dev/loop0 b 7 0
+mknod -m 660 /dev/loop1 b 7 1
+
echo -n "Network fixes"
# initscripts don't like this file to be missing.
cat > /etc/sysconfig/network << EOF
diff --git a/container/container-minimal-20.ks b/container/container-minimal-20.ks
index 653cefb..c052a0e 100644
--- a/container/container-minimal-20.ks
+++ b/container/container-minimal-20.ks
@@ -57,6 +57,12 @@ rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
echo .
+# create devices which appliance-creator does not
+ln -s /proc/kcore /dev/core
+mknod -m 600 /dev/console c 5 1
+mknod -m 660 /dev/loop0 b 7 0
+mknod -m 660 /dev/loop1 b 7 1
+
echo -n "Network fixes"
# initscripts don't like this file to be missing.
cat > /etc/sysconfig/network << EOF
10 years, 7 months
why (not) update amis
by milanisko k
Yesterday I debugged an installation of a pulp-server F19 node in EC2.
Of course, I hit a Selinux issue[1] which could have been solved by a
simple 'yum update -y' of the affected package. The thing is everyone
would have to do that.
Given the fact ami instances are ephemeral/disposable single-shot
entities appearing and disappearing in huge numbers with significant
frequency world-wide, such a dumb thing like updating the system right
after boot has negative impacts on many things starting from ones EC2
budget, continuing through wasting fedora content bandwidth and ending
with Carbon Dioxide pollution stemming in the CPU cycles wasted and
all of that just because the amis aren't up-to-date...
Let's preserve the planet for our children by more frequent ami respins!
--
milan
[1] https://bugzilla.redhat.com/show_bug.cgi?id=877831
10 years, 7 months
container/container-medium-19.ks container/container-medium-20.ks container/container-minimal-19.ks container/container-minimal-20.ks
by Matthew Miller
container/container-medium-19.ks | 3 +++
container/container-medium-20.ks | 3 +++
container/container-minimal-19.ks | 2 ++
container/container-minimal-20.ks | 2 ++
4 files changed, 10 insertions(+)
New commits:
commit 813cd55875feaff0e3273fb2b53dc2ed51bdf62a
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Thu Sep 19 12:17:48 2013 -0500
remove /boot contents (created by appliance-creator, not needed)
diff --git a/container/container-medium-19.ks b/container/container-medium-19.ks
index 2a311fb..2826c43 100644
--- a/container/container-medium-19.ks
+++ b/container/container-medium-19.ks
@@ -119,6 +119,9 @@ rm -rf /var/lib/yum/history/*
yum history new || yum history new
truncate -c -s 0 /var/log/yum.log
+echo "Removing boot, since we don't need that."
+rm -rf /boot/*
+
echo "Fixing SELinux contexts."
/usr/sbin/fixfiles -R -a restore
diff --git a/container/container-medium-20.ks b/container/container-medium-20.ks
index 5cec913..4c9b2f5 100644
--- a/container/container-medium-20.ks
+++ b/container/container-medium-20.ks
@@ -119,6 +119,9 @@ rm -rf /var/lib/yum/history/*
yum history new || yum history new
truncate -c -s 0 /var/log/yum.log
+echo "Removing boot, since we don't need that."
+rm -rf /boot/*
+
echo "Fixing SELinux contexts."
/usr/sbin/fixfiles -R -a restore
diff --git a/container/container-minimal-19.ks b/container/container-minimal-19.ks
index 2548b44..cf0d311 100644
--- a/container/container-minimal-19.ks
+++ b/container/container-minimal-19.ks
@@ -110,6 +110,8 @@ yum -C -y remove passwd --setopt="clean_requirements_on_remove=1"
yum -C -y remove findutils --setopt="clean_requirements_on_remove=1"
yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
+echo "Removing boot, since we don't need that."
+rm -rf /boot/*
echo "Cleaning old yum repodata."
yum clean all
diff --git a/container/container-minimal-20.ks b/container/container-minimal-20.ks
index b6df5b4..653cefb 100644
--- a/container/container-minimal-20.ks
+++ b/container/container-minimal-20.ks
@@ -110,6 +110,8 @@ yum -C -y remove passwd --setopt="clean_requirements_on_remove=1"
yum -C -y remove findutils --setopt="clean_requirements_on_remove=1"
yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
+echo "Removing boot, since we don't need that."
+rm -rf /boot/*
echo "Cleaning old yum repodata."
yum clean all
10 years, 7 months
container/container-medium-19.ks container/container-medium-20.ks
by Matthew Miller
container/container-medium-19.ks | 2 +-
container/container-medium-20.ks | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
New commits:
commit 8e496ed47904b5fe6a5fcf099d8e53a2c7b6f90a
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Wed Sep 18 15:53:17 2013 -0500
kludge for yum history new segfaulting on first run after i mangle its db
diff --git a/container/container-medium-19.ks b/container/container-medium-19.ks
index 8b06283..2a311fb 100644
--- a/container/container-medium-19.ks
+++ b/container/container-medium-19.ks
@@ -116,7 +116,7 @@ echo "Cleaning old yum repodata."
yum clean all
rm -rf /var/lib/yum/yumdb/*
rm -rf /var/lib/yum/history/*
-yum history new
+yum history new || yum history new
truncate -c -s 0 /var/log/yum.log
echo "Fixing SELinux contexts."
diff --git a/container/container-medium-20.ks b/container/container-medium-20.ks
index c0599e5..5cec913 100644
--- a/container/container-medium-20.ks
+++ b/container/container-medium-20.ks
@@ -116,7 +116,7 @@ echo "Cleaning old yum repodata."
yum clean all
rm -rf /var/lib/yum/yumdb/*
rm -rf /var/lib/yum/history/*
-yum history new
+yum history new || yum history new
truncate -c -s 0 /var/log/yum.log
echo "Fixing SELinux contexts."
10 years, 7 months
2 commits - container/container-medium-19.ks container/container-medium-20.ks container/container-minimal-19.ks container/container-minimal-20.ks container/fedora-20-container.ks
by Matthew Miller
container/container-medium-19.ks | 133 ++++++++++++++++++++++++++++++++++++++
container/container-medium-20.ks | 133 ++++++++++++++++++++++++++++++++++++++
container/container-minimal-19.ks | 130 +++++++++++++++++++++++++++++++++++++
container/container-minimal-20.ks | 4 -
container/fedora-20-container.ks | 126 ------------------------------------
5 files changed, 398 insertions(+), 128 deletions(-)
New commits:
commit d83c0cd0d8ab4b733fabe4405478840499d08220
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Wed Sep 18 15:09:12 2013 -0500
add a few more files
diff --git a/container/container-medium-19.ks b/container/container-medium-19.ks
new file mode 100644
index 0000000..8b06283
--- /dev/null
+++ b/container/container-medium-19.ks
@@ -0,0 +1,133 @@
+# This is a kickstart for making a non-bootable container environment.
+#
+# Convert the result to a tarfile with
+#
+# virt-tar-out -a fedora.qcow2 / - | bzip2 --best > fedora.tar.bz2
+#
+#
+# This kickstart file is designed to be used with appliance-creator and
+# may need slight modification for use with actual anaconda or other tools.
+# We intend to target anaconda-in-a-vm style image building for F20, but
+# not necessarily for containers -- that's yet to be worked out.
+
+lang en_US.UTF-8
+keyboard us
+timezone --utc Etc/UTC
+
+auth --useshadow --enablemd5
+selinux --enforcing
+rootpw --lock --iscrypted locked
+
+zerombr
+clearpart --all
+part / --size 1024 --fstype ext4
+
+# Repositories
+repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-19&arch=$basearch
+repo --name=fedora-updates --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f19&arch=$basearch
+
+reboot
+
+# Package list.
+%packages
+@core
+tar
+rsync
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1004976
+firewalld
+
+# Some things from @core we can do without inside the container
+-audit
+-biosdevname
+-dhclient
+-e2fsprogs
+-grubby
+-iprutils
+-kbd
+-NetworkManager
+-openssh-server
+-parted
+-plymouth
+-policycoreutils
+-selinux-policy-targeted
+
+
+%end
+
+
+
+%post --erroronfail
+
+# setup systemd to boot to the right runlevel
+echo -n "Setting default runlevel to multiuser text mode"
+rm -f /etc/systemd/system/default.target
+ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+echo .
+
+echo -n "Network fixes"
+# initscripts don't like this file to be missing.
+cat > /etc/sysconfig/network << EOF
+NETWORKING=yes
+NOZEROCONF=yes
+EOF
+
+# For cloud images, 'eth0' _is_ the predictable device name, since
+# we don't want to be tied to specific virtual (!) hardware
+rm -f /etc/udev/rules.d/70*
+ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
+
+# simple eth0 config, again not hard-coded to the build hardware
+cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
+DEVICE="eth0"
+BOOTPROTO="dhcp"
+ONBOOT="yes"
+TYPE="Ethernet"
+EOF
+
+# generic localhost names
+cat > /etc/hosts << EOF
+127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
+::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
+
+EOF
+echo .
+
+
+# Because memory is scarce resource in most cloud/virt environments,
+# and because this impedes forensics, we are differing from the Fedora
+# default of having /tmp on tmpfs.
+echo "Disabling tmpfs for /tmp."
+systemctl mask tmp.mount
+
+echo "Removing random-seed so it's not the same in every image."
+rm -f /var/lib/random-seed
+
+
+echo "Compressing cracklib."
+gzip -9 /usr/share/cracklib/pw_dict.pwd
+
+echo "Removing extra packages."
+rm -vf /etc/yum/protected.d/*
+yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
+
+
+echo "Cleaning old yum repodata."
+yum clean all
+rm -rf /var/lib/yum/yumdb/*
+rm -rf /var/lib/yum/history/*
+yum history new
+truncate -c -s 0 /var/log/yum.log
+
+echo "Fixing SELinux contexts."
+/usr/sbin/fixfiles -R -a restore
+
+
+echo "Zeroing out empty space."
+# This forces the filesystem to reclaim space from deleted files
+dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
+rm -f /var/tmp/zeros
+echo "(Don't worry -- that out-of-space error was expected.)"
+
+%end
+
diff --git a/container/container-medium-20.ks b/container/container-medium-20.ks
new file mode 100644
index 0000000..c0599e5
--- /dev/null
+++ b/container/container-medium-20.ks
@@ -0,0 +1,133 @@
+# This is a kickstart for making a non-bootable container environment.
+#
+# Convert the result to a tarfile with
+#
+# virt-tar-out -a fedora.qcow2 / - | bzip2 --best > fedora.tar.bz2
+#
+#
+# This kickstart file is designed to be used with appliance-creator and
+# may need slight modification for use with actual anaconda or other tools.
+# We intend to target anaconda-in-a-vm style image building for F20, but
+# not necessarily for containers -- that's yet to be worked out.
+
+lang en_US.UTF-8
+keyboard us
+timezone --utc Etc/UTC
+
+auth --useshadow --enablemd5
+selinux --enforcing
+rootpw --lock --iscrypted locked
+
+zerombr
+clearpart --all
+part / --size 1024 --fstype ext4
+
+# Repositories
+repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-20&arch=$basearch
+repo --name=fedora-updates --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f20&arch=$basearch
+
+reboot
+
+# Package list.
+%packages
+@core
+tar
+rsync
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1004976
+firewalld
+
+# Some things from @core we can do without inside the container
+-audit
+-biosdevname
+-dhclient
+-e2fsprogs
+-grubby
+-iprutils
+-kbd
+-NetworkManager
+-openssh-server
+-parted
+-plymouth
+-policycoreutils
+-selinux-policy-targeted
+
+
+%end
+
+
+
+%post --erroronfail
+
+# setup systemd to boot to the right runlevel
+echo -n "Setting default runlevel to multiuser text mode"
+rm -f /etc/systemd/system/default.target
+ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+echo .
+
+echo -n "Network fixes"
+# initscripts don't like this file to be missing.
+cat > /etc/sysconfig/network << EOF
+NETWORKING=yes
+NOZEROCONF=yes
+EOF
+
+# For cloud images, 'eth0' _is_ the predictable device name, since
+# we don't want to be tied to specific virtual (!) hardware
+rm -f /etc/udev/rules.d/70*
+ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
+
+# simple eth0 config, again not hard-coded to the build hardware
+cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
+DEVICE="eth0"
+BOOTPROTO="dhcp"
+ONBOOT="yes"
+TYPE="Ethernet"
+EOF
+
+# generic localhost names
+cat > /etc/hosts << EOF
+127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
+::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
+
+EOF
+echo .
+
+
+# Because memory is scarce resource in most cloud/virt environments,
+# and because this impedes forensics, we are differing from the Fedora
+# default of having /tmp on tmpfs.
+echo "Disabling tmpfs for /tmp."
+systemctl mask tmp.mount
+
+echo "Removing random-seed so it's not the same in every image."
+rm -f /var/lib/random-seed
+
+
+echo "Compressing cracklib."
+gzip -9 /usr/share/cracklib/pw_dict.pwd
+
+echo "Removing extra packages."
+rm -vf /etc/yum/protected.d/*
+yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
+
+
+echo "Cleaning old yum repodata."
+yum clean all
+rm -rf /var/lib/yum/yumdb/*
+rm -rf /var/lib/yum/history/*
+yum history new
+truncate -c -s 0 /var/log/yum.log
+
+echo "Fixing SELinux contexts."
+/usr/sbin/fixfiles -R -a restore
+
+
+echo "Zeroing out empty space."
+# This forces the filesystem to reclaim space from deleted files
+dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
+rm -f /var/tmp/zeros
+echo "(Don't worry -- that out-of-space error was expected.)"
+
+%end
+
diff --git a/container/container-minimal-19.ks b/container/container-minimal-19.ks
new file mode 100644
index 0000000..2548b44
--- /dev/null
+++ b/container/container-minimal-19.ks
@@ -0,0 +1,130 @@
+# This is a kickstart for making a non-bootable container environment.
+#
+# Convert the result to a tarfile with
+#
+# virt-tar-out -a fedora.qcow2 / - | bzip2 --best > fedora.tar.bz2
+#
+#
+# This kickstart file is designed to be used with appliance-creator and
+# may need slight modification for use with actual anaconda or other tools.
+# We intend to target anaconda-in-a-vm style image building for F20, but
+# not necessarily for containers -- that's yet to be worked out.
+
+lang en_US.UTF-8
+keyboard us
+timezone --utc Etc/UTC
+
+auth --useshadow --enablemd5
+selinux --enforcing
+rootpw --lock --iscrypted locked
+
+zerombr
+clearpart --all
+part / --size 1024 --fstype ext4
+
+# Repositories
+repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-19&arch=$basearch
+repo --name=fedora-updates --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f19&arch=$basearch
+
+reboot
+
+# Package list.
+%packages --excludedocs
+
+bash
+coreutils
+fedora-release
+filesystem
+iproute
+setup
+yum
+
+# removed below
+findutils
+passwd
+# https://bugzilla.redhat.com/show_bug.cgi?id=1004976
+firewalld
+
+%end
+
+
+
+%post --erroronfail
+
+# setup systemd to boot to the right runlevel
+echo -n "Setting default runlevel to multiuser text mode"
+rm -f /etc/systemd/system/default.target
+ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+echo .
+
+echo -n "Network fixes"
+# initscripts don't like this file to be missing.
+cat > /etc/sysconfig/network << EOF
+NETWORKING=yes
+NOZEROCONF=yes
+EOF
+
+# For cloud images, 'eth0' _is_ the predictable device name, since
+# we don't want to be tied to specific virtual (!) hardware
+rm -f /etc/udev/rules.d/70*
+ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
+
+# simple eth0 config, again not hard-coded to the build hardware
+cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
+DEVICE="eth0"
+BOOTPROTO="dhcp"
+ONBOOT="yes"
+TYPE="Ethernet"
+EOF
+
+# generic localhost names
+cat > /etc/hosts << EOF
+127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
+::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
+
+EOF
+echo .
+
+
+# Because memory is scarce resource in most cloud/virt environments,
+# and because this impedes forensics, we are differing from the Fedora
+# default of having /tmp on tmpfs.
+echo "Disabling tmpfs for /tmp."
+systemctl mask tmp.mount
+
+echo "Removing random-seed so it's not the same in every image."
+rm -f /var/lib/random-seed
+
+
+echo "Compressing cracklib."
+gzip -9 /usr/share/cracklib/pw_dict.pwd
+
+echo "Minimizing locale-archive."
+localedef --list-archive | grep -v en_US | xargs localedef --delete-from-archive
+mv /usr/lib/locale/locale-archive /usr/lib/locale/locale-archive.tmpl
+/usr/sbin/build-locale-archive
+
+echo "Removing extra packages."
+rm -vf /etc/yum/protected.d/*
+yum -C -y remove passwd --setopt="clean_requirements_on_remove=1"
+yum -C -y remove findutils --setopt="clean_requirements_on_remove=1"
+yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
+
+
+echo "Cleaning old yum repodata."
+yum clean all
+rm -rf /var/lib/yum/yumdb/*
+truncate -c -s 0 /var/log/yum.log
+
+echo "Fixing SELinux contexts."
+/usr/sbin/fixfiles -R -a restore
+
+
+echo "Zeroing out empty space."
+# This forces the filesystem to reclaim space from deleted files
+dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
+rm -f /var/tmp/zeros
+echo "(Don't worry -- that out-of-space error was expected.)"
+
+%end
+
diff --git a/container/fedora-20-container.ks b/container/fedora-20-container.ks
deleted file mode 100644
index 0422064..0000000
--- a/container/fedora-20-container.ks
+++ /dev/null
@@ -1,126 +0,0 @@
-# This is a kickstart for making a non-bootable container environment.
-#
-# Convert the result to a tarfile with
-#
-# virt-tar-out -a fedora.qcow2 / - | bzip2 --best > fedora.tar.bz2
-#
-#
-# This kickstart file is designed to be used with appliance-creator and
-# may need slight modification for use with actual anaconda or other tools.
-# We intend to target anaconda-in-a-vm style image building for F20, but
-# not necessarily for containers -- that's yet to be worked out.
-
-lang en_US.UTF-8
-keyboard us
-timezone --utc Etc/UTC
-
-auth --useshadow --enablemd5
-selinux --enforcing
-rootpw --lock --iscrypted locked
-
-zerombr
-clearpart --all
-part / --size 1024 --fstype ext4
-
-# Repositories
-repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-20&arch=$basearch
-repo --name=fedora-updates --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f20&arch=$basearch
-
-reboot
-
-# Package list.
-%packages --excludedocs
-
-bash
-coreutils
-filesystem
-setup
-yum
-
-# removed below
-findutils
-passwd
-# https://bugzilla.redhat.com/show_bug.cgi?id=1004976
-firewalld
-
-%end
-
-
-
-%post --erroronfail
-
-# setup systemd to boot to the right runlevel
-echo -n "Setting default runlevel to multiuser text mode"
-rm -f /etc/systemd/system/default.target
-ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
-echo .
-
-echo -n "Network fixes"
-# initscripts don't like this file to be missing.
-cat > /etc/sysconfig/network << EOF
-NETWORKING=yes
-NOZEROCONF=yes
-EOF
-
-# For cloud images, 'eth0' _is_ the predictable device name, since
-# we don't want to be tied to specific virtual (!) hardware
-rm -f /etc/udev/rules.d/70*
-ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
-
-# simple eth0 config, again not hard-coded to the build hardware
-cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
-DEVICE="eth0"
-BOOTPROTO="dhcp"
-ONBOOT="yes"
-TYPE="Ethernet"
-EOF
-
-# generic localhost names
-cat > /etc/hosts << EOF
-127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
-::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
-
-EOF
-echo .
-
-
-# Because memory is scarce resource in most cloud/virt environments,
-# and because this impedes forensics, we are differing from the Fedora
-# default of having /tmp on tmpfs.
-echo "Disabling tmpfs for /tmp."
-systemctl mask tmp.mount
-
-echo "Removing random-seed so it's not the same in every image."
-rm -f /var/lib/random-seed
-
-
-echo "Compressing cracklib."
-gzip -9 /usr/share/cracklib/pw_dict.pwd
-
-echo "Minimizing locale-archive."
-localedef --list-archive | grep -v en_US | xargs localedef --delete-from-archive
-mv /usr/lib/locale/locale-archive /usr/lib/locale/locale-archive.tmpl
-/usr/sbin/build-locale-archive
-
-echo "Removing extra packages."
-yum -C -y remove passwd --setopt="clean_requirements_on_remove=1"
-yum -C -y remove findutils --setopt="clean_requirements_on_remove=1"
-yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
-
-
-echo "Cleaning old yum repodata."
-yum clean all
-truncate -c -s 0 /var/log/yum.log
-
-echo "Fixing SELinux contexts."
-/usr/sbin/fixfiles -R -a restore
-
-
-echo "Zeroing out empty space."
-# This forces the filesystem to reclaim space from deleted files
-dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
-rm -f /var/tmp/zeros
-echo "(Don't worry -- that out-of-space error was expected.)"
-
-%end
-
commit 68b2cc7518c2667eff1240f9b79930c823d37745
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Wed Sep 18 12:27:41 2013 -0500
actually remove the things that are supposed to be removed in post
diff --git a/container/container-minimal-20.ks b/container/container-minimal-20.ks
index abe66a4..b6df5b4 100644
--- a/container/container-minimal-20.ks
+++ b/container/container-minimal-20.ks
@@ -33,6 +33,7 @@ reboot
bash
coreutils
+fedora-release
filesystem
iproute
setup
@@ -104,6 +105,7 @@ mv /usr/lib/locale/locale-archive /usr/lib/locale/locale-archive.tmpl
/usr/sbin/build-locale-archive
echo "Removing extra packages."
+rm -vf /etc/yum/protected.d/*
yum -C -y remove passwd --setopt="clean_requirements_on_remove=1"
yum -C -y remove findutils --setopt="clean_requirements_on_remove=1"
yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
@@ -112,8 +114,6 @@ yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
echo "Cleaning old yum repodata."
yum clean all
rm -rf /var/lib/yum/yumdb/*
-rm -rf /var/lib/yum/history/*
-yum history new
truncate -c -s 0 /var/log/yum.log
echo "Fixing SELinux contexts."
10 years, 7 months
container/container-minimal-20.ks
by Matthew Miller
container/container-minimal-20.ks | 4 ++++
1 file changed, 4 insertions(+)
New commits:
commit 24ccb853abcb7f40598a5c53684f4d7283b74191
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Wed Sep 18 11:38:37 2013 -0500
iproute = a thing we need
diff --git a/container/container-minimal-20.ks b/container/container-minimal-20.ks
index 0422064..abe66a4 100644
--- a/container/container-minimal-20.ks
+++ b/container/container-minimal-20.ks
@@ -34,6 +34,7 @@ reboot
bash
coreutils
filesystem
+iproute
setup
yum
@@ -110,6 +111,9 @@ yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
echo "Cleaning old yum repodata."
yum clean all
+rm -rf /var/lib/yum/yumdb/*
+rm -rf /var/lib/yum/history/*
+yum history new
truncate -c -s 0 /var/log/yum.log
echo "Fixing SELinux contexts."
10 years, 7 months
generic/fedora-20-cloud.ks generic/fedora-20.ks generic/fedora-20-minimal.ks
by Matthew Miller
generic/fedora-20-cloud.ks | 3 +++
generic/fedora-20-minimal.ks | 3 +++
generic/fedora-20.ks | 3 +++
3 files changed, 9 insertions(+)
New commits:
commit fb103de1c544d7a497440d5657db3673d2c863c9
Author: Matthew Miller <mattdm(a)mattdm.org>
Date: Tue Sep 17 15:50:42 2013 -0500
clean a few more scraps from initial yum transaction
diff --git a/generic/fedora-20-cloud.ks b/generic/fedora-20-cloud.ks
index b6e0016..cda0edf 100644
--- a/generic/fedora-20-cloud.ks
+++ b/generic/fedora-20-cloud.ks
@@ -242,6 +242,9 @@ echo "Removing random-seed so it's not the same in every image."
rm -f /var/lib/random-seed
echo "Cleaning old yum repodata."
+rm -rf /var/lib/yum/yumdb/*
+rm -rf /var/lib/yum/history/*
+yum history new
yum clean all
truncate -c -s 0 /var/log/yum.log
diff --git a/generic/fedora-20-minimal.ks b/generic/fedora-20-minimal.ks
index e8e446d..fb4aeca 100644
--- a/generic/fedora-20-minimal.ks
+++ b/generic/fedora-20-minimal.ks
@@ -205,6 +205,9 @@ mv /usr/lib/locale/locale-archive /usr/lib/locale/locale-archive.tmpl
echo "Cleaning old yum repodata."
yum clean all
+rm -rf /var/lib/yum/yumdb/*
+rm -rf /var/lib/yum/history/*
+yum history new
truncate -c -s 0 /var/log/yum.log
echo "Fixing SELinux contexts."
diff --git a/generic/fedora-20.ks b/generic/fedora-20.ks
index 4ae6a85..ab5d30b 100644
--- a/generic/fedora-20.ks
+++ b/generic/fedora-20.ks
@@ -188,6 +188,9 @@ echo "Removing random-seed so it's not the same in every image."
rm -f /var/lib/random-seed
echo "Cleaning old yum repodata."
+rm -rf /var/lib/yum/yumdb/*
+rm -rf /var/lib/yum/history/*
+yum history new
yum clean all
truncate -c -s 0 /var/log/yum.log
10 years, 7 months