2 commits - container/container-medium-19.ks container/container-medium-20.ks container/container-minimal-19.ks container/container-minimal-20.ks container/fedora-20-container.ks
Matthew Miller
mattdm at fedoraproject.org
Wed Sep 18 20:16:36 UTC 2013
container/container-medium-19.ks | 133 ++++++++++++++++++++++++++++++++++++++
container/container-medium-20.ks | 133 ++++++++++++++++++++++++++++++++++++++
container/container-minimal-19.ks | 130 +++++++++++++++++++++++++++++++++++++
container/container-minimal-20.ks | 4 -
container/fedora-20-container.ks | 126 ------------------------------------
5 files changed, 398 insertions(+), 128 deletions(-)
New commits:
commit d83c0cd0d8ab4b733fabe4405478840499d08220
Author: Matthew Miller <mattdm at mattdm.org>
Date: Wed Sep 18 15:09:12 2013 -0500
add a few more files
diff --git a/container/container-medium-19.ks b/container/container-medium-19.ks
new file mode 100644
index 0000000..8b06283
--- /dev/null
+++ b/container/container-medium-19.ks
@@ -0,0 +1,133 @@
+# This is a kickstart for making a non-bootable container environment.
+#
+# Convert the result to a tarfile with
+#
+# virt-tar-out -a fedora.qcow2 / - | bzip2 --best > fedora.tar.bz2
+#
+#
+# This kickstart file is designed to be used with appliance-creator and
+# may need slight modification for use with actual anaconda or other tools.
+# We intend to target anaconda-in-a-vm style image building for F20, but
+# not necessarily for containers -- that's yet to be worked out.
+
+lang en_US.UTF-8
+keyboard us
+timezone --utc Etc/UTC
+
+auth --useshadow --enablemd5
+selinux --enforcing
+rootpw --lock --iscrypted locked
+
+zerombr
+clearpart --all
+part / --size 1024 --fstype ext4
+
+# Repositories
+repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-19&arch=$basearch
+repo --name=fedora-updates --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f19&arch=$basearch
+
+reboot
+
+# Package list.
+%packages
+ at core
+tar
+rsync
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1004976
+firewalld
+
+# Some things from @core we can do without inside the container
+-audit
+-biosdevname
+-dhclient
+-e2fsprogs
+-grubby
+-iprutils
+-kbd
+-NetworkManager
+-openssh-server
+-parted
+-plymouth
+-policycoreutils
+-selinux-policy-targeted
+
+
+%end
+
+
+
+%post --erroronfail
+
+# setup systemd to boot to the right runlevel
+echo -n "Setting default runlevel to multiuser text mode"
+rm -f /etc/systemd/system/default.target
+ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+echo .
+
+echo -n "Network fixes"
+# initscripts don't like this file to be missing.
+cat > /etc/sysconfig/network << EOF
+NETWORKING=yes
+NOZEROCONF=yes
+EOF
+
+# For cloud images, 'eth0' _is_ the predictable device name, since
+# we don't want to be tied to specific virtual (!) hardware
+rm -f /etc/udev/rules.d/70*
+ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
+
+# simple eth0 config, again not hard-coded to the build hardware
+cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
+DEVICE="eth0"
+BOOTPROTO="dhcp"
+ONBOOT="yes"
+TYPE="Ethernet"
+EOF
+
+# generic localhost names
+cat > /etc/hosts << EOF
+127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
+::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
+
+EOF
+echo .
+
+
+# Because memory is scarce resource in most cloud/virt environments,
+# and because this impedes forensics, we are differing from the Fedora
+# default of having /tmp on tmpfs.
+echo "Disabling tmpfs for /tmp."
+systemctl mask tmp.mount
+
+echo "Removing random-seed so it's not the same in every image."
+rm -f /var/lib/random-seed
+
+
+echo "Compressing cracklib."
+gzip -9 /usr/share/cracklib/pw_dict.pwd
+
+echo "Removing extra packages."
+rm -vf /etc/yum/protected.d/*
+yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
+
+
+echo "Cleaning old yum repodata."
+yum clean all
+rm -rf /var/lib/yum/yumdb/*
+rm -rf /var/lib/yum/history/*
+yum history new
+truncate -c -s 0 /var/log/yum.log
+
+echo "Fixing SELinux contexts."
+/usr/sbin/fixfiles -R -a restore
+
+
+echo "Zeroing out empty space."
+# This forces the filesystem to reclaim space from deleted files
+dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
+rm -f /var/tmp/zeros
+echo "(Don't worry -- that out-of-space error was expected.)"
+
+%end
+
diff --git a/container/container-medium-20.ks b/container/container-medium-20.ks
new file mode 100644
index 0000000..c0599e5
--- /dev/null
+++ b/container/container-medium-20.ks
@@ -0,0 +1,133 @@
+# This is a kickstart for making a non-bootable container environment.
+#
+# Convert the result to a tarfile with
+#
+# virt-tar-out -a fedora.qcow2 / - | bzip2 --best > fedora.tar.bz2
+#
+#
+# This kickstart file is designed to be used with appliance-creator and
+# may need slight modification for use with actual anaconda or other tools.
+# We intend to target anaconda-in-a-vm style image building for F20, but
+# not necessarily for containers -- that's yet to be worked out.
+
+lang en_US.UTF-8
+keyboard us
+timezone --utc Etc/UTC
+
+auth --useshadow --enablemd5
+selinux --enforcing
+rootpw --lock --iscrypted locked
+
+zerombr
+clearpart --all
+part / --size 1024 --fstype ext4
+
+# Repositories
+repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-20&arch=$basearch
+repo --name=fedora-updates --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f20&arch=$basearch
+
+reboot
+
+# Package list.
+%packages
+ at core
+tar
+rsync
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1004976
+firewalld
+
+# Some things from @core we can do without inside the container
+-audit
+-biosdevname
+-dhclient
+-e2fsprogs
+-grubby
+-iprutils
+-kbd
+-NetworkManager
+-openssh-server
+-parted
+-plymouth
+-policycoreutils
+-selinux-policy-targeted
+
+
+%end
+
+
+
+%post --erroronfail
+
+# setup systemd to boot to the right runlevel
+echo -n "Setting default runlevel to multiuser text mode"
+rm -f /etc/systemd/system/default.target
+ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+echo .
+
+echo -n "Network fixes"
+# initscripts don't like this file to be missing.
+cat > /etc/sysconfig/network << EOF
+NETWORKING=yes
+NOZEROCONF=yes
+EOF
+
+# For cloud images, 'eth0' _is_ the predictable device name, since
+# we don't want to be tied to specific virtual (!) hardware
+rm -f /etc/udev/rules.d/70*
+ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
+
+# simple eth0 config, again not hard-coded to the build hardware
+cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
+DEVICE="eth0"
+BOOTPROTO="dhcp"
+ONBOOT="yes"
+TYPE="Ethernet"
+EOF
+
+# generic localhost names
+cat > /etc/hosts << EOF
+127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
+::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
+
+EOF
+echo .
+
+
+# Because memory is scarce resource in most cloud/virt environments,
+# and because this impedes forensics, we are differing from the Fedora
+# default of having /tmp on tmpfs.
+echo "Disabling tmpfs for /tmp."
+systemctl mask tmp.mount
+
+echo "Removing random-seed so it's not the same in every image."
+rm -f /var/lib/random-seed
+
+
+echo "Compressing cracklib."
+gzip -9 /usr/share/cracklib/pw_dict.pwd
+
+echo "Removing extra packages."
+rm -vf /etc/yum/protected.d/*
+yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
+
+
+echo "Cleaning old yum repodata."
+yum clean all
+rm -rf /var/lib/yum/yumdb/*
+rm -rf /var/lib/yum/history/*
+yum history new
+truncate -c -s 0 /var/log/yum.log
+
+echo "Fixing SELinux contexts."
+/usr/sbin/fixfiles -R -a restore
+
+
+echo "Zeroing out empty space."
+# This forces the filesystem to reclaim space from deleted files
+dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
+rm -f /var/tmp/zeros
+echo "(Don't worry -- that out-of-space error was expected.)"
+
+%end
+
diff --git a/container/container-minimal-19.ks b/container/container-minimal-19.ks
new file mode 100644
index 0000000..2548b44
--- /dev/null
+++ b/container/container-minimal-19.ks
@@ -0,0 +1,130 @@
+# This is a kickstart for making a non-bootable container environment.
+#
+# Convert the result to a tarfile with
+#
+# virt-tar-out -a fedora.qcow2 / - | bzip2 --best > fedora.tar.bz2
+#
+#
+# This kickstart file is designed to be used with appliance-creator and
+# may need slight modification for use with actual anaconda or other tools.
+# We intend to target anaconda-in-a-vm style image building for F20, but
+# not necessarily for containers -- that's yet to be worked out.
+
+lang en_US.UTF-8
+keyboard us
+timezone --utc Etc/UTC
+
+auth --useshadow --enablemd5
+selinux --enforcing
+rootpw --lock --iscrypted locked
+
+zerombr
+clearpart --all
+part / --size 1024 --fstype ext4
+
+# Repositories
+repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-19&arch=$basearch
+repo --name=fedora-updates --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f19&arch=$basearch
+
+reboot
+
+# Package list.
+%packages --excludedocs
+
+bash
+coreutils
+fedora-release
+filesystem
+iproute
+setup
+yum
+
+# removed below
+findutils
+passwd
+# https://bugzilla.redhat.com/show_bug.cgi?id=1004976
+firewalld
+
+%end
+
+
+
+%post --erroronfail
+
+# setup systemd to boot to the right runlevel
+echo -n "Setting default runlevel to multiuser text mode"
+rm -f /etc/systemd/system/default.target
+ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+echo .
+
+echo -n "Network fixes"
+# initscripts don't like this file to be missing.
+cat > /etc/sysconfig/network << EOF
+NETWORKING=yes
+NOZEROCONF=yes
+EOF
+
+# For cloud images, 'eth0' _is_ the predictable device name, since
+# we don't want to be tied to specific virtual (!) hardware
+rm -f /etc/udev/rules.d/70*
+ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
+
+# simple eth0 config, again not hard-coded to the build hardware
+cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
+DEVICE="eth0"
+BOOTPROTO="dhcp"
+ONBOOT="yes"
+TYPE="Ethernet"
+EOF
+
+# generic localhost names
+cat > /etc/hosts << EOF
+127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
+::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
+
+EOF
+echo .
+
+
+# Because memory is scarce resource in most cloud/virt environments,
+# and because this impedes forensics, we are differing from the Fedora
+# default of having /tmp on tmpfs.
+echo "Disabling tmpfs for /tmp."
+systemctl mask tmp.mount
+
+echo "Removing random-seed so it's not the same in every image."
+rm -f /var/lib/random-seed
+
+
+echo "Compressing cracklib."
+gzip -9 /usr/share/cracklib/pw_dict.pwd
+
+echo "Minimizing locale-archive."
+localedef --list-archive | grep -v en_US | xargs localedef --delete-from-archive
+mv /usr/lib/locale/locale-archive /usr/lib/locale/locale-archive.tmpl
+/usr/sbin/build-locale-archive
+
+echo "Removing extra packages."
+rm -vf /etc/yum/protected.d/*
+yum -C -y remove passwd --setopt="clean_requirements_on_remove=1"
+yum -C -y remove findutils --setopt="clean_requirements_on_remove=1"
+yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
+
+
+echo "Cleaning old yum repodata."
+yum clean all
+rm -rf /var/lib/yum/yumdb/*
+truncate -c -s 0 /var/log/yum.log
+
+echo "Fixing SELinux contexts."
+/usr/sbin/fixfiles -R -a restore
+
+
+echo "Zeroing out empty space."
+# This forces the filesystem to reclaim space from deleted files
+dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
+rm -f /var/tmp/zeros
+echo "(Don't worry -- that out-of-space error was expected.)"
+
+%end
+
diff --git a/container/fedora-20-container.ks b/container/fedora-20-container.ks
deleted file mode 100644
index 0422064..0000000
--- a/container/fedora-20-container.ks
+++ /dev/null
@@ -1,126 +0,0 @@
-# This is a kickstart for making a non-bootable container environment.
-#
-# Convert the result to a tarfile with
-#
-# virt-tar-out -a fedora.qcow2 / - | bzip2 --best > fedora.tar.bz2
-#
-#
-# This kickstart file is designed to be used with appliance-creator and
-# may need slight modification for use with actual anaconda or other tools.
-# We intend to target anaconda-in-a-vm style image building for F20, but
-# not necessarily for containers -- that's yet to be worked out.
-
-lang en_US.UTF-8
-keyboard us
-timezone --utc Etc/UTC
-
-auth --useshadow --enablemd5
-selinux --enforcing
-rootpw --lock --iscrypted locked
-
-zerombr
-clearpart --all
-part / --size 1024 --fstype ext4
-
-# Repositories
-repo --name=fedora --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=fedora-20&arch=$basearch
-repo --name=fedora-updates --mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f20&arch=$basearch
-
-reboot
-
-# Package list.
-%packages --excludedocs
-
-bash
-coreutils
-filesystem
-setup
-yum
-
-# removed below
-findutils
-passwd
-# https://bugzilla.redhat.com/show_bug.cgi?id=1004976
-firewalld
-
-%end
-
-
-
-%post --erroronfail
-
-# setup systemd to boot to the right runlevel
-echo -n "Setting default runlevel to multiuser text mode"
-rm -f /etc/systemd/system/default.target
-ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
-echo .
-
-echo -n "Network fixes"
-# initscripts don't like this file to be missing.
-cat > /etc/sysconfig/network << EOF
-NETWORKING=yes
-NOZEROCONF=yes
-EOF
-
-# For cloud images, 'eth0' _is_ the predictable device name, since
-# we don't want to be tied to specific virtual (!) hardware
-rm -f /etc/udev/rules.d/70*
-ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
-
-# simple eth0 config, again not hard-coded to the build hardware
-cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
-DEVICE="eth0"
-BOOTPROTO="dhcp"
-ONBOOT="yes"
-TYPE="Ethernet"
-EOF
-
-# generic localhost names
-cat > /etc/hosts << EOF
-127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
-::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
-
-EOF
-echo .
-
-
-# Because memory is scarce resource in most cloud/virt environments,
-# and because this impedes forensics, we are differing from the Fedora
-# default of having /tmp on tmpfs.
-echo "Disabling tmpfs for /tmp."
-systemctl mask tmp.mount
-
-echo "Removing random-seed so it's not the same in every image."
-rm -f /var/lib/random-seed
-
-
-echo "Compressing cracklib."
-gzip -9 /usr/share/cracklib/pw_dict.pwd
-
-echo "Minimizing locale-archive."
-localedef --list-archive | grep -v en_US | xargs localedef --delete-from-archive
-mv /usr/lib/locale/locale-archive /usr/lib/locale/locale-archive.tmpl
-/usr/sbin/build-locale-archive
-
-echo "Removing extra packages."
-yum -C -y remove passwd --setopt="clean_requirements_on_remove=1"
-yum -C -y remove findutils --setopt="clean_requirements_on_remove=1"
-yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
-
-
-echo "Cleaning old yum repodata."
-yum clean all
-truncate -c -s 0 /var/log/yum.log
-
-echo "Fixing SELinux contexts."
-/usr/sbin/fixfiles -R -a restore
-
-
-echo "Zeroing out empty space."
-# This forces the filesystem to reclaim space from deleted files
-dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
-rm -f /var/tmp/zeros
-echo "(Don't worry -- that out-of-space error was expected.)"
-
-%end
-
commit 68b2cc7518c2667eff1240f9b79930c823d37745
Author: Matthew Miller <mattdm at mattdm.org>
Date: Wed Sep 18 12:27:41 2013 -0500
actually remove the things that are supposed to be removed in post
diff --git a/container/container-minimal-20.ks b/container/container-minimal-20.ks
index abe66a4..b6df5b4 100644
--- a/container/container-minimal-20.ks
+++ b/container/container-minimal-20.ks
@@ -33,6 +33,7 @@ reboot
bash
coreutils
+fedora-release
filesystem
iproute
setup
@@ -104,6 +105,7 @@ mv /usr/lib/locale/locale-archive /usr/lib/locale/locale-archive.tmpl
/usr/sbin/build-locale-archive
echo "Removing extra packages."
+rm -vf /etc/yum/protected.d/*
yum -C -y remove passwd --setopt="clean_requirements_on_remove=1"
yum -C -y remove findutils --setopt="clean_requirements_on_remove=1"
yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
@@ -112,8 +114,6 @@ yum -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
echo "Cleaning old yum repodata."
yum clean all
rm -rf /var/lib/yum/yumdb/*
-rm -rf /var/lib/yum/history/*
-yum history new
truncate -c -s 0 /var/log/yum.log
echo "Fixing SELinux contexts."
More information about the cloud
mailing list