daniel/phyllomeos
1
0
Fork 0
forked from roots/phyllomeos
Code Pull Requests Activity

refactor the base-live

Browse Source 
rebase with upstream (fedora kickstarts). Add associated dishes
This commit is contained in:
lukas
2023-05-27 15:35:08 +02:00
parent 1d56725e17
commit 20ed966ff2
7 changed files with 468 additions and 1764 deletions
Download Patch File Download Diff File Expand all files Collapse all files

212
dishes/live-desktop-backup.cfg Normal file
View File

@@ -0,0 +1,212 @@
# Generated by pykickstart v3.47
#version=DEVEL
# Firewall configuration
firewall --enabled --service=mdns
# Keyboard layouts
keyboard --xlayouts='ch (fr)'
# System language
lang en_US.UTF-8
# Network information
network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
# Shutdown after installation
shutdown
repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
# Root password
rootpw --iscrypted --lock locked
# SELinux configuration
selinux --disabled
# System services
services --disabled="sshd" --enabled="NetworkManager,systemd-resolved"
# System timezone
timezone Europe/Paris --utc
# Use network installation
url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
# X Window System configuration information
xconfig --defaultdesktop=GNOME --startxonboot
# System bootloader configuration
bootloader --location=none
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
part / --fstype="ext4" --size=5120
part / --size=7750
%post
# Enable livesys services
systemctl enable livesys.service
systemctl enable livesys-late.service
# enable tmpfs for /tmp
systemctl enable tmp.mount
# make it so that we don't do writing to the overlay for things which
# are just tmpdirs/caches
# note https://bugzilla.redhat.com/show_bug.cgi?id=1135475
cat >> /etc/fstab << EOF
vartmp /var/tmp tmpfs defaults 0 0
EOF
# work around for poor key import UI in PackageKit
rm -f /var/lib/rpm/__db*
echo "Packages within this LiveCD"
rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' |sort -rn
# Note that running rpm recreates the rpm db files which aren't needed or wanted
rm -f /var/lib/rpm/__db*
# go ahead and pre-make the man -k cache (#455968)
/usr/bin/mandb
# make sure there aren't core files lying around
rm -f /core*
# remove random seed, the newly installed instance should make it's own
rm -f /var/lib/systemd/random-seed
# convince readahead not to collect
# FIXME: for systemd
echo 'File created by kickstart. See systemd-update-done.service(8).' \
| tee /etc/.updated >/var/.updated
# Drop the rescue kernel and initramfs, we don't need them on the live media itself.
# See bug 1317709
rm -f /boot/*-rescue*
# Disable network service here, as doing it in the services line
# fails due to RHBZ #1369794
systemctl disable network
# Remove machine-id on pre generated images
rm -f /etc/machine-id
touch /etc/machine-id
# set livesys session type
sed -i 's/^livesys_session=.*/livesys_session="gnome"/' /etc/sysconfig/livesys
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
[org.gnome.desktop.background]
picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg'
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF
[org.gnome.desktop.media-handling]
automount-open=false
autorun-never=true
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF
[org.gnome.Terminal.Legacy.Profile]
font='DejaVu Sans Mono 12'
use-system-font=false
audible-bell=false
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF
[org.gnome.desktop.wm.preferences]
button-layout=':minimize,maximize,close'
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF
[org.gnome.desktop.a11y]
always-show-universal-access-status=true
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF
[org.gnome.desktop.interface]
enable-animations=false
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF
[org.gnome.desktop.privacy]
remove-old-temp-files=true
remember-recent-files=false
remember-app-usage=false
disable-camera=true
disable-microphone=true
disable-sound-output=true
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF
[org.gnome.desktop.search-providers]
disable-external=true
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF
[org.gnome.desktop.notifications.application]
enable-sound-alerts=false
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF
[org.gnome.desktop.sound]
event-sounds=false
EOF
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF
[org.gnome.desktop.thumbnailers]
disable-all=true
EOF
glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
%end
%packages --exclude-weakdeps
@anaconda-tools
@core
@hardware-support
NetworkManager-wifi
aajohan-comfortaa-fonts
dejavu-sans-mono-fonts
dracut-live
fedora-remix-logos
firefox
generic-logos
generic-release
generic-release-common
generic-release-notes
glibc-all-langpacks
gnome-backgrounds.noarch
gnome-shell
gnome-terminal
grub2-common.noarch
grub2-efi-ia32
grub2-efi-x64
grub2-efi-x64-cdboot
grub2-pc-modules.noarch
grub2-tools
grub2-tools-efi
grub2-tools-extra
grub2-tools-minimal
grubby
kernel
kernel-modules
kernel-modules-extra
libusb
livesys-scripts
mesa-dri-drivers
mozilla-ublock-origin.noarch
nano
neofetch
pciutils
usbutils
wget
wpa_supplicant
-device-mapper-multipath
-fcoe-utils
-fedora-logos
-fedora-release
-fedora-release-common
-fedora-release-identity-basic
-fedora-release-notes
-gnome-tour
%end

277
dishes/live-desktop-hypervisor-amdcpu.cfg
View File

@@ -1,23 +1,21 @@
# Generated by pykickstart v3.47
#version=DEVEL
# Firewall configuration
firewall --enabled --service=mdns
firewall --enabled
# Keyboard layouts
keyboard --xlayouts='ch (fr)'
# System language
lang en_US.UTF-8
# Network information
network --bootproto=dhcp --device=link --activate
# Shutdown after installation
shutdown
network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
# Root password
rootpw --iscrypted --lock locked
# SELinux configuration
selinux --enforcing
selinux --disabled
# System services
services --enabled="NetworkManager,libvirtd"
services --disabled="sshd" --enabled="NetworkManager,libvirtd"
# System timezone
timezone Europe/Paris --utc
# Use network installation
@@ -25,229 +23,19 @@ url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$rele
# X Window System configuration information
xconfig --defaultdesktop=GNOME --startxonboot
# System bootloader configuration
bootloader --location=none
bootloader --location=mbr --timeout=1
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all
clearpart --all --initlabel
# Disk partitioning information
part / --size=5120
%post --logfile=/root/bl.log
%post
# FIXME: it'd be better to get this installed from a package
cat > /etc/rc.d/init.d/livesys << EOF
#!/bin/bash
#
# live: Init script for live image
#
# chkconfig: 345 00 99
# description: Init script for live image.
### BEGIN INIT INFO
# X-Start-Before: display-manager chronyd
### END INIT INFO
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then
exit 0
fi
if [ -e /.liveimg-configured ] ; then
configdone=1
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
livedir="LiveOS"
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then
livedir=\${arg##rd.live.dir=}
continue
fi
if [ "\${arg##live_dir=}" != "\${arg}" ]; then
livedir=\${arg##live_dir=}
fi
done
# enable swapfile if it exists
if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then
action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img
fi
mountPersistentHome() {
# support label/uuid
if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then
homedev=\`/sbin/blkid -o device -t "\$homedev"\`
fi
# if we're given a file rather than a blockdev, loopback it
if [ "\${homedev##mtd}" != "\${homedev}" ]; then
# mtd devs don't have a block device but get magic-mounted with -t jffs2
mountopts="-t jffs2"
elif [ ! -b "\$homedev" ]; then
loopdev=\`losetup -f\`
if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then
action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live
fi
losetup \$loopdev \$homedev
homedev=\$loopdev
fi
# if it's encrypted, we need to unlock it
if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then
echo
echo "Setting up encrypted /home device"
plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome"
homedev=/dev/mapper/EncHome
fi
# and finally do the mount
mount \$mountopts \$homedev /home
# if we have /home under what's passed for persistent home, then
# we should make that the real /home. useful for mtd device on olpc
if [ -d /home/home ]; then mount --bind /home/home /home ; fi
[ -x /sbin/restorecon ] && /sbin/restorecon /home
if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi
}
findPersistentHome() {
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##persistenthome=}" != "\${arg}" ]; then
homedev=\${arg##persistenthome=}
fi
done
}
if strstr "\`cat /proc/cmdline\`" persistenthome= ; then
findPersistentHome
elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then
homedev=/run/initramfs/live/\${livedir}/home.img
fi
# if we have a persistent /home, then we want to go ahead and mount it
if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then
action "Mounting persistent /home" mountPersistentHome
fi
if [ -n "\$configdone" ]; then
exit 0
fi
# add liveuser user with no passwd
action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser
passwd -d liveuser > /dev/null
usermod -aG wheel liveuser > /dev/null
# Remove root password lock
passwd -d root > /dev/null
# turn off firstboot for livecd boots
systemctl --no-reload disable firstboot-text.service 2> /dev/null || :
systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || :
systemctl stop firstboot-text.service 2> /dev/null || :
systemctl stop firstboot-graphical.service 2> /dev/null || :
# don't use prelink on a running live image
sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || :
# turn off mdmonitor by default
systemctl --no-reload disable mdmonitor.service 2> /dev/null || :
systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || :
systemctl stop mdmonitor.service 2> /dev/null || :
systemctl stop mdmonitor-takeover.service 2> /dev/null || :
# don't start cron/at as they tend to spawn things which are
# disk intensive that are painful on a live image
systemctl --no-reload disable crond.service 2> /dev/null || :
systemctl --no-reload disable atd.service 2> /dev/null || :
systemctl stop crond.service 2> /dev/null || :
systemctl stop atd.service 2> /dev/null || :
# turn off abrtd on a live image
systemctl --no-reload disable abrtd.service 2> /dev/null || :
systemctl stop abrtd.service 2> /dev/null || :
# Don't sync the system clock when running live (RHBZ #1018162)
sed -i 's/rtcsync//' /etc/chrony.conf
# Mark things as configured
touch /.liveimg-configured
# add static hostname to work around xauth bug
# https://bugzilla.redhat.com/show_bug.cgi?id=679486
# the hostname must be something else than 'localhost'
# https://bugzilla.redhat.com/show_bug.cgi?id=1370222
hostnamectl set-hostname "localhost-live"
EOF
# bah, hal starts way too late
cat > /etc/rc.d/init.d/livesys-late << EOF
#!/bin/bash
#
# live: Late init script for live image
#
# chkconfig: 345 99 01
# description: Late init script for live image.
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then
exit 0
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
touch /.liveimg-late-configured
# read some variables out of /proc/cmdline
for o in \`cat /proc/cmdline\` ; do
case \$o in
ks=*)
ks="--kickstart=\${o#ks=}"
;;
xdriver=*)
xdriver="\${o#xdriver=}"
;;
esac
done
# if liveinst or textinst is given, start anaconda
if strstr "\`cat /proc/cmdline\`" liveinst ; then
plymouth --quit
/usr/sbin/liveinst \$ks
fi
if strstr "\`cat /proc/cmdline\`" textinst ; then
plymouth --quit
/usr/sbin/liveinst --text \$ks
fi
# configure X, allowing user to override xdriver
if [ -n "\$xdriver" ]; then
cat > /etc/X11/xorg.conf.d/00-xdriver.conf <<FOE
Section "Device"
Identifier "Videocard0"
Driver "\$xdriver"
EndSection
FOE
fi
EOF
chmod 755 /etc/rc.d/init.d/livesys
/sbin/restorecon /etc/rc.d/init.d/livesys
/sbin/chkconfig --add livesys
chmod 755 /etc/rc.d/init.d/livesys-late
/sbin/restorecon /etc/rc.d/init.d/livesys-late
/sbin/chkconfig --add livesys-late
# Enable livesys services
# systemctl enable livesys.service
# systemctl enable livesys-late.service
# enable tmpfs for /tmp
systemctl enable tmp.mount
@@ -287,7 +75,7 @@ rm -f /boot/*-rescue*
# Disable network service here, as doing it in the services line
# fails due to RHBZ #1369794
/sbin/chkconfig network off
systemctl disable network
# Remove machine-id on pre generated images
rm -f /etc/machine-id
@@ -295,20 +83,6 @@ touch /etc/machine-id
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-live.log
# For livecd-creator builds only (lorax/livemedia-creator handles this directly)
if [ -n "$LIVE_ROOT" ]; then
cp "$INSTALL_ROOT"/usr/share/licenses/*-release-common/* "$LIVE_ROOT/"
# only installed on x86, x86_64
if [ -f /usr/bin/livecd-iso-to-disk ]; then
mkdir -p "$LIVE_ROOT/LiveOS"
cp /usr/bin/livecd-iso-to-disk "$LIVE_ROOT/LiveOS"
fi
fi
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log
cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF
@@ -496,48 +270,57 @@ chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh
%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-amdcpu.log
sed -i 's/\(quiet\)/\1 amd_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB.
sed -i 's/\(quiet\)/\1 iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB.
echo "options kvm_amd nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add support for nested-virtualization
%end
%packages --exclude-weakdeps
@anaconda-tools
@x86-baremetal-tools
@core
@hardware-support
NetworkManager-wifi
aajohan-comfortaa-fonts
anaconda
anaconda-install-env-deps
anaconda-live
chkconfig
dejavu-sans-mono-fonts
dracut-live
fedora-remix-logos
firefox
generic-logos
generic-release
generic-release-common
generic-release-notes
glibc-all-langpacks
gnome-backgrounds.noarch
gnome-shell
gnome-terminal
guestfs-tools
initscripts
kernel
kernel-modules
kernel-modules-extra
libguestfs-tools
libusb
libvirt
libvirt-daemon-config-network
libvirt-daemon-kvm
livesys-scripts
mesa-dri-drivers
mozilla-ublock-origin.noarch
nano
neofetch
pciutils
python3-libguestfs
qemu-kvm
usbutils
virt-install
virt-manager
virt-top
wget
wpa_supplicant
-device-mapper-multipath
-fcoe-utils
-fedora-logos
-fedora-release
-fedora-release-common
-fedora-release-identity-basic
-fedora-release-notes
-gnome-tour
%end

324
dishes/live-desktop-hypervisor-intelcpu-intelgpu.cfg
View File

@@ -7,17 +7,15 @@ keyboard --xlayouts='ch (fr)'
# System language
lang en_US.UTF-8
# Network information
network --bootproto=dhcp --device=link --activate
# Shutdown after installation
shutdown
network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
# Root password
rootpw --iscrypted --lock locked
# SELinux configuration
selinux --enforcing
selinux --disabled
# System services
services --enabled="NetworkManager,libvirtd"
services --disabled="sshd" --enabled="NetworkManager,libvirtd"
# System timezone
timezone Europe/Paris --utc
# Use network installation
@@ -29,225 +27,16 @@ bootloader --location=none
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all
clearpart --all --initlabel
# Disk partitioning information
part / --size=5120
part / --size=7750
part / --fstype="ext4" --size=5120
%post --logfile=/root/bl.log
%post
# FIXME: it'd be better to get this installed from a package
cat > /etc/rc.d/init.d/livesys << EOF
#!/bin/bash
#
# live: Init script for live image
#
# chkconfig: 345 00 99
# description: Init script for live image.
### BEGIN INIT INFO
# X-Start-Before: display-manager chronyd
### END INIT INFO
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then
exit 0
fi
if [ -e /.liveimg-configured ] ; then
configdone=1
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
livedir="LiveOS"
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then
livedir=\${arg##rd.live.dir=}
continue
fi
if [ "\${arg##live_dir=}" != "\${arg}" ]; then
livedir=\${arg##live_dir=}
fi
done
# enable swapfile if it exists
if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then
action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img
fi
mountPersistentHome() {
# support label/uuid
if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then
homedev=\`/sbin/blkid -o device -t "\$homedev"\`
fi
# if we're given a file rather than a blockdev, loopback it
if [ "\${homedev##mtd}" != "\${homedev}" ]; then
# mtd devs don't have a block device but get magic-mounted with -t jffs2
mountopts="-t jffs2"
elif [ ! -b "\$homedev" ]; then
loopdev=\`losetup -f\`
if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then
action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live
fi
losetup \$loopdev \$homedev
homedev=\$loopdev
fi
# if it's encrypted, we need to unlock it
if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then
echo
echo "Setting up encrypted /home device"
plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome"
homedev=/dev/mapper/EncHome
fi
# and finally do the mount
mount \$mountopts \$homedev /home
# if we have /home under what's passed for persistent home, then
# we should make that the real /home. useful for mtd device on olpc
if [ -d /home/home ]; then mount --bind /home/home /home ; fi
[ -x /sbin/restorecon ] && /sbin/restorecon /home
if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi
}
findPersistentHome() {
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##persistenthome=}" != "\${arg}" ]; then
homedev=\${arg##persistenthome=}
fi
done
}
if strstr "\`cat /proc/cmdline\`" persistenthome= ; then
findPersistentHome
elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then
homedev=/run/initramfs/live/\${livedir}/home.img
fi
# if we have a persistent /home, then we want to go ahead and mount it
if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then
action "Mounting persistent /home" mountPersistentHome
fi
if [ -n "\$configdone" ]; then
exit 0
fi
# add liveuser user with no passwd
action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser
passwd -d liveuser > /dev/null
usermod -aG wheel liveuser > /dev/null
# Remove root password lock
passwd -d root > /dev/null
# turn off firstboot for livecd boots
systemctl --no-reload disable firstboot-text.service 2> /dev/null || :
systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || :
systemctl stop firstboot-text.service 2> /dev/null || :
systemctl stop firstboot-graphical.service 2> /dev/null || :
# don't use prelink on a running live image
sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || :
# turn off mdmonitor by default
systemctl --no-reload disable mdmonitor.service 2> /dev/null || :
systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || :
systemctl stop mdmonitor.service 2> /dev/null || :
systemctl stop mdmonitor-takeover.service 2> /dev/null || :
# don't start cron/at as they tend to spawn things which are
# disk intensive that are painful on a live image
systemctl --no-reload disable crond.service 2> /dev/null || :
systemctl --no-reload disable atd.service 2> /dev/null || :
systemctl stop crond.service 2> /dev/null || :
systemctl stop atd.service 2> /dev/null || :
# turn off abrtd on a live image
systemctl --no-reload disable abrtd.service 2> /dev/null || :
systemctl stop abrtd.service 2> /dev/null || :
# Don't sync the system clock when running live (RHBZ #1018162)
sed -i 's/rtcsync//' /etc/chrony.conf
# Mark things as configured
touch /.liveimg-configured
# add static hostname to work around xauth bug
# https://bugzilla.redhat.com/show_bug.cgi?id=679486
# the hostname must be something else than 'localhost'
# https://bugzilla.redhat.com/show_bug.cgi?id=1370222
hostnamectl set-hostname "localhost-live"
EOF
# bah, hal starts way too late
cat > /etc/rc.d/init.d/livesys-late << EOF
#!/bin/bash
#
# live: Late init script for live image
#
# chkconfig: 345 99 01
# description: Late init script for live image.
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then
exit 0
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
touch /.liveimg-late-configured
# read some variables out of /proc/cmdline
for o in \`cat /proc/cmdline\` ; do
case \$o in
ks=*)
ks="--kickstart=\${o#ks=}"
;;
xdriver=*)
xdriver="\${o#xdriver=}"
;;
esac
done
# if liveinst or textinst is given, start anaconda
if strstr "\`cat /proc/cmdline\`" liveinst ; then
plymouth --quit
/usr/sbin/liveinst \$ks
fi
if strstr "\`cat /proc/cmdline\`" textinst ; then
plymouth --quit
/usr/sbin/liveinst --text \$ks
fi
# configure X, allowing user to override xdriver
if [ -n "\$xdriver" ]; then
cat > /etc/X11/xorg.conf.d/00-xdriver.conf <<FOE
Section "Device"
Identifier "Videocard0"
Driver "\$xdriver"
EndSection
FOE
fi
EOF
chmod 755 /etc/rc.d/init.d/livesys
/sbin/restorecon /etc/rc.d/init.d/livesys
/sbin/chkconfig --add livesys
chmod 755 /etc/rc.d/init.d/livesys-late
/sbin/restorecon /etc/rc.d/init.d/livesys-late
/sbin/chkconfig --add livesys-late
# Enable livesys services
systemctl enable livesys.service
systemctl enable livesys-late.service
# enable tmpfs for /tmp
systemctl enable tmp.mount
@@ -287,25 +76,14 @@ rm -f /boot/*-rescue*
# Disable network service here, as doing it in the services line
# fails due to RHBZ #1369794
/sbin/chkconfig network off
systemctl disable network
# Remove machine-id on pre generated images
rm -f /etc/machine-id
touch /etc/machine-id
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-live.log
# For livecd-creator builds only (lorax/livemedia-creator handles this directly)
if [ -n "$LIVE_ROOT" ]; then
cp "$INSTALL_ROOT"/usr/share/licenses/*-release-common/* "$LIVE_ROOT/"
# only installed on x86, x86_64
if [ -f /usr/bin/livecd-iso-to-disk ]; then
mkdir -p "$LIVE_ROOT/LiveOS"
cp /usr/bin/livecd-iso-to-disk "$LIVE_ROOT/LiveOS"
fi
fi
# set livesys session type
sed -i 's/^livesys_session=.*/livesys_session="gnome"/' /etc/sysconfig/livesys
%end
@@ -441,25 +219,6 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
%end
%post --logfile=/opt/live-desktop-quirks.log
cat >> /etc/rc.d/init.d/livesys << EOF
# set up auto-login
cat > /etc/gdm/custom.conf << FOE
[daemon]
AutomaticLoginEnable=True
AutomaticLogin=liveuser
FOE
# Make sure to set the right permissions and selinux contexts
chown -R liveuser:liveuser /home/liveuser/
restorecon -R /home/liveuser/
EOF
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log
# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
@@ -468,25 +227,9 @@ echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf
echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf
echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf
mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images
mkdir /mnt/sysimage/var/lib/libvirt/image/iso # Create a directory to store iso images
wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/
chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/
chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/
chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/
chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh
wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/image/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/
@@ -513,41 +256,60 @@ echo "vfio-mdev" > /mnt/sysimage/etc/modules-load.d/vfio-mdev.conf # Load specif
%end
%packages --exclude-weakdeps
@anaconda-tools
@x86-baremetal-tools
@core
@hardware-support
NetworkManager-wifi
aajohan-comfortaa-fonts
anaconda
anaconda-install-env-deps
anaconda-live
chkconfig
dejavu-sans-mono-fonts
dracut-live
fedora-remix-logos
firefox
generic-logos
generic-release
generic-release-common
generic-release-notes
glibc-all-langpacks
gnome-backgrounds.noarch
gnome-shell
gnome-terminal
grub2-common.noarch
grub2-efi-ia32
grub2-efi-x64
grub2-efi-x64-cdboot
grub2-pc-modules.noarch
grub2-tools
grub2-tools-efi
grub2-tools-extra
grub2-tools-minimal
grubby
guestfs-tools
initscripts
kernel
kernel-modules
kernel-modules-extra
libguestfs-tools
libusb
libvirt
libvirt-daemon-config-network
libvirt-daemon-kvm
livesys-scripts
mesa-dri-drivers
mozilla-ublock-origin.noarch
nano
neofetch
pciutils
python3-libguestfs
qemu-kvm
usbutils
virt-install
virt-manager
virt-top
wget
wpa_supplicant
-device-mapper-multipath
-fcoe-utils
-fedora-logos
-fedora-release
-fedora-release-common
-fedora-release-identity-basic
-fedora-release-notes
-gnome-tour
%end

324
dishes/live-desktop-hypervisor-intelcpu.cfg
View File

@@ -7,17 +7,15 @@ keyboard --xlayouts='ch (fr)'
# System language
lang en_US.UTF-8
# Network information
network --bootproto=dhcp --device=link --activate
# Shutdown after installation
shutdown
network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
# Root password
rootpw --iscrypted --lock locked
# SELinux configuration
selinux --enforcing
selinux --disabled
# System services
services --enabled="NetworkManager,libvirtd"
services --disabled="sshd" --enabled="NetworkManager,libvirtd"
# System timezone
timezone Europe/Paris --utc
# Use network installation
@@ -29,225 +27,16 @@ bootloader --location=none
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all
clearpart --all --initlabel
# Disk partitioning information
part / --size=5120
part / --size=7750
part / --fstype="ext4" --size=5120
%post --logfile=/root/bl.log
%post
# FIXME: it'd be better to get this installed from a package
cat > /etc/rc.d/init.d/livesys << EOF
#!/bin/bash
#
# live: Init script for live image
#
# chkconfig: 345 00 99
# description: Init script for live image.
### BEGIN INIT INFO
# X-Start-Before: display-manager chronyd
### END INIT INFO
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then
exit 0
fi
if [ -e /.liveimg-configured ] ; then
configdone=1
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
livedir="LiveOS"
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then
livedir=\${arg##rd.live.dir=}
continue
fi
if [ "\${arg##live_dir=}" != "\${arg}" ]; then
livedir=\${arg##live_dir=}
fi
done
# enable swapfile if it exists
if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then
action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img
fi
mountPersistentHome() {
# support label/uuid
if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then
homedev=\`/sbin/blkid -o device -t "\$homedev"\`
fi
# if we're given a file rather than a blockdev, loopback it
if [ "\${homedev##mtd}" != "\${homedev}" ]; then
# mtd devs don't have a block device but get magic-mounted with -t jffs2
mountopts="-t jffs2"
elif [ ! -b "\$homedev" ]; then
loopdev=\`losetup -f\`
if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then
action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live
fi
losetup \$loopdev \$homedev
homedev=\$loopdev
fi
# if it's encrypted, we need to unlock it
if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then
echo
echo "Setting up encrypted /home device"
plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome"
homedev=/dev/mapper/EncHome
fi
# and finally do the mount
mount \$mountopts \$homedev /home
# if we have /home under what's passed for persistent home, then
# we should make that the real /home. useful for mtd device on olpc
if [ -d /home/home ]; then mount --bind /home/home /home ; fi
[ -x /sbin/restorecon ] && /sbin/restorecon /home
if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi
}
findPersistentHome() {
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##persistenthome=}" != "\${arg}" ]; then
homedev=\${arg##persistenthome=}
fi
done
}
if strstr "\`cat /proc/cmdline\`" persistenthome= ; then
findPersistentHome
elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then
homedev=/run/initramfs/live/\${livedir}/home.img
fi
# if we have a persistent /home, then we want to go ahead and mount it
if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then
action "Mounting persistent /home" mountPersistentHome
fi
if [ -n "\$configdone" ]; then
exit 0
fi
# add liveuser user with no passwd
action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser
passwd -d liveuser > /dev/null
usermod -aG wheel liveuser > /dev/null
# Remove root password lock
passwd -d root > /dev/null
# turn off firstboot for livecd boots
systemctl --no-reload disable firstboot-text.service 2> /dev/null || :
systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || :
systemctl stop firstboot-text.service 2> /dev/null || :
systemctl stop firstboot-graphical.service 2> /dev/null || :
# don't use prelink on a running live image
sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || :
# turn off mdmonitor by default
systemctl --no-reload disable mdmonitor.service 2> /dev/null || :
systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || :
systemctl stop mdmonitor.service 2> /dev/null || :
systemctl stop mdmonitor-takeover.service 2> /dev/null || :
# don't start cron/at as they tend to spawn things which are
# disk intensive that are painful on a live image
systemctl --no-reload disable crond.service 2> /dev/null || :
systemctl --no-reload disable atd.service 2> /dev/null || :
systemctl stop crond.service 2> /dev/null || :
systemctl stop atd.service 2> /dev/null || :
# turn off abrtd on a live image
systemctl --no-reload disable abrtd.service 2> /dev/null || :
systemctl stop abrtd.service 2> /dev/null || :
# Don't sync the system clock when running live (RHBZ #1018162)
sed -i 's/rtcsync//' /etc/chrony.conf
# Mark things as configured
touch /.liveimg-configured
# add static hostname to work around xauth bug
# https://bugzilla.redhat.com/show_bug.cgi?id=679486
# the hostname must be something else than 'localhost'
# https://bugzilla.redhat.com/show_bug.cgi?id=1370222
hostnamectl set-hostname "localhost-live"
EOF
# bah, hal starts way too late
cat > /etc/rc.d/init.d/livesys-late << EOF
#!/bin/bash
#
# live: Late init script for live image
#
# chkconfig: 345 99 01
# description: Late init script for live image.
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then
exit 0
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
touch /.liveimg-late-configured
# read some variables out of /proc/cmdline
for o in \`cat /proc/cmdline\` ; do
case \$o in
ks=*)
ks="--kickstart=\${o#ks=}"
;;
xdriver=*)
xdriver="\${o#xdriver=}"
;;
esac
done
# if liveinst or textinst is given, start anaconda
if strstr "\`cat /proc/cmdline\`" liveinst ; then
plymouth --quit
/usr/sbin/liveinst \$ks
fi
if strstr "\`cat /proc/cmdline\`" textinst ; then
plymouth --quit
/usr/sbin/liveinst --text \$ks
fi
# configure X, allowing user to override xdriver
if [ -n "\$xdriver" ]; then
cat > /etc/X11/xorg.conf.d/00-xdriver.conf <<FOE
Section "Device"
Identifier "Videocard0"
Driver "\$xdriver"
EndSection
FOE
fi
EOF
chmod 755 /etc/rc.d/init.d/livesys
/sbin/restorecon /etc/rc.d/init.d/livesys
/sbin/chkconfig --add livesys
chmod 755 /etc/rc.d/init.d/livesys-late
/sbin/restorecon /etc/rc.d/init.d/livesys-late
/sbin/chkconfig --add livesys-late
# Enable livesys services
systemctl enable livesys.service
systemctl enable livesys-late.service
# enable tmpfs for /tmp
systemctl enable tmp.mount
@@ -287,25 +76,14 @@ rm -f /boot/*-rescue*
# Disable network service here, as doing it in the services line
# fails due to RHBZ #1369794
/sbin/chkconfig network off
systemctl disable network
# Remove machine-id on pre generated images
rm -f /etc/machine-id
touch /etc/machine-id
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-live.log
# For livecd-creator builds only (lorax/livemedia-creator handles this directly)
if [ -n "$LIVE_ROOT" ]; then
cp "$INSTALL_ROOT"/usr/share/licenses/*-release-common/* "$LIVE_ROOT/"
# only installed on x86, x86_64
if [ -f /usr/bin/livecd-iso-to-disk ]; then
mkdir -p "$LIVE_ROOT/LiveOS"
cp /usr/bin/livecd-iso-to-disk "$LIVE_ROOT/LiveOS"
fi
fi
# set livesys session type
sed -i 's/^livesys_session=.*/livesys_session="gnome"/' /etc/sysconfig/livesys
%end
@@ -441,25 +219,6 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
%end
%post --logfile=/opt/live-desktop-quirks.log
cat >> /etc/rc.d/init.d/livesys << EOF
# set up auto-login
cat > /etc/gdm/custom.conf << FOE
[daemon]
AutomaticLoginEnable=True
AutomaticLogin=liveuser
FOE
# Make sure to set the right permissions and selinux contexts
chown -R liveuser:liveuser /home/liveuser/
restorecon -R /home/liveuser/
EOF
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log
# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
@@ -468,25 +227,9 @@ echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf
echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf
echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf
mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images
mkdir /mnt/sysimage/var/lib/libvirt/image/iso # Create a directory to store iso images
wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/
chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/
chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/
chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/
chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh
wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/image/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/
@@ -503,41 +246,60 @@ echo "options kvm_intel nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add
%end
%packages --exclude-weakdeps
@anaconda-tools
@x86-baremetal-tools
@core
@hardware-support
NetworkManager-wifi
aajohan-comfortaa-fonts
anaconda
anaconda-install-env-deps
anaconda-live
chkconfig
dejavu-sans-mono-fonts
dracut-live
fedora-remix-logos
firefox
generic-logos
generic-release
generic-release-common
generic-release-notes
glibc-all-langpacks
gnome-backgrounds.noarch
gnome-shell
gnome-terminal
grub2-common.noarch
grub2-efi-ia32
grub2-efi-x64
grub2-efi-x64-cdboot
grub2-pc-modules.noarch
grub2-tools
grub2-tools-efi
grub2-tools-extra
grub2-tools-minimal
grubby
guestfs-tools
initscripts
kernel
kernel-modules
kernel-modules-extra
libguestfs-tools
libusb
libvirt
libvirt-daemon-config-network
libvirt-daemon-kvm
livesys-scripts
mesa-dri-drivers
mozilla-ublock-origin.noarch
nano
neofetch
pciutils
python3-libguestfs
qemu-kvm
usbutils
virt-install
virt-manager
virt-top
wget
wpa_supplicant
-device-mapper-multipath
-fcoe-utils
-fedora-logos
-fedora-release
-fedora-release-common
-fedora-release-identity-basic
-fedora-release-notes
-gnome-tour
%end

324
dishes/live-desktop-hypervisor.cfg
View File

@@ -7,17 +7,15 @@ keyboard --xlayouts='ch (fr)'
# System language
lang en_US.UTF-8
# Network information
network --bootproto=dhcp --device=link --activate
# Shutdown after installation
shutdown
network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
# Root password
rootpw --iscrypted --lock locked
# SELinux configuration
selinux --enforcing
selinux --disabled
# System services
services --enabled="NetworkManager,libvirtd"
services --disabled="sshd" --enabled="NetworkManager,libvirtd"
# System timezone
timezone Europe/Paris --utc
# Use network installation
@@ -29,225 +27,16 @@ bootloader --location=none
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all
clearpart --all --initlabel
# Disk partitioning information
part / --size=5120
part / --size=7750
part / --fstype="ext4" --size=5120
%post --logfile=/root/bl.log
%post
# FIXME: it'd be better to get this installed from a package
cat > /etc/rc.d/init.d/livesys << EOF
#!/bin/bash
#
# live: Init script for live image
#
# chkconfig: 345 00 99
# description: Init script for live image.
### BEGIN INIT INFO
# X-Start-Before: display-manager chronyd
### END INIT INFO
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then
exit 0
fi
if [ -e /.liveimg-configured ] ; then
configdone=1
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
livedir="LiveOS"
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then
livedir=\${arg##rd.live.dir=}
continue
fi
if [ "\${arg##live_dir=}" != "\${arg}" ]; then
livedir=\${arg##live_dir=}
fi
done
# enable swapfile if it exists
if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then
action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img
fi
mountPersistentHome() {
# support label/uuid
if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then
homedev=\`/sbin/blkid -o device -t "\$homedev"\`
fi
# if we're given a file rather than a blockdev, loopback it
if [ "\${homedev##mtd}" != "\${homedev}" ]; then
# mtd devs don't have a block device but get magic-mounted with -t jffs2
mountopts="-t jffs2"
elif [ ! -b "\$homedev" ]; then
loopdev=\`losetup -f\`
if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then
action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live
fi
losetup \$loopdev \$homedev
homedev=\$loopdev
fi
# if it's encrypted, we need to unlock it
if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then
echo
echo "Setting up encrypted /home device"
plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome"
homedev=/dev/mapper/EncHome
fi
# and finally do the mount
mount \$mountopts \$homedev /home
# if we have /home under what's passed for persistent home, then
# we should make that the real /home. useful for mtd device on olpc
if [ -d /home/home ]; then mount --bind /home/home /home ; fi
[ -x /sbin/restorecon ] && /sbin/restorecon /home
if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi
}
findPersistentHome() {
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##persistenthome=}" != "\${arg}" ]; then
homedev=\${arg##persistenthome=}
fi
done
}
if strstr "\`cat /proc/cmdline\`" persistenthome= ; then
findPersistentHome
elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then
homedev=/run/initramfs/live/\${livedir}/home.img
fi
# if we have a persistent /home, then we want to go ahead and mount it
if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then
action "Mounting persistent /home" mountPersistentHome
fi
if [ -n "\$configdone" ]; then
exit 0
fi
# add liveuser user with no passwd
action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser
passwd -d liveuser > /dev/null
usermod -aG wheel liveuser > /dev/null
# Remove root password lock
passwd -d root > /dev/null
# turn off firstboot for livecd boots
systemctl --no-reload disable firstboot-text.service 2> /dev/null || :
systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || :
systemctl stop firstboot-text.service 2> /dev/null || :
systemctl stop firstboot-graphical.service 2> /dev/null || :
# don't use prelink on a running live image
sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || :
# turn off mdmonitor by default
systemctl --no-reload disable mdmonitor.service 2> /dev/null || :
systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || :
systemctl stop mdmonitor.service 2> /dev/null || :
systemctl stop mdmonitor-takeover.service 2> /dev/null || :
# don't start cron/at as they tend to spawn things which are
# disk intensive that are painful on a live image
systemctl --no-reload disable crond.service 2> /dev/null || :
systemctl --no-reload disable atd.service 2> /dev/null || :
systemctl stop crond.service 2> /dev/null || :
systemctl stop atd.service 2> /dev/null || :
# turn off abrtd on a live image
systemctl --no-reload disable abrtd.service 2> /dev/null || :
systemctl stop abrtd.service 2> /dev/null || :
# Don't sync the system clock when running live (RHBZ #1018162)
sed -i 's/rtcsync//' /etc/chrony.conf
# Mark things as configured
touch /.liveimg-configured
# add static hostname to work around xauth bug
# https://bugzilla.redhat.com/show_bug.cgi?id=679486
# the hostname must be something else than 'localhost'
# https://bugzilla.redhat.com/show_bug.cgi?id=1370222
hostnamectl set-hostname "localhost-live"
EOF
# bah, hal starts way too late
cat > /etc/rc.d/init.d/livesys-late << EOF
#!/bin/bash
#
# live: Late init script for live image
#
# chkconfig: 345 99 01
# description: Late init script for live image.
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then
exit 0
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
touch /.liveimg-late-configured
# read some variables out of /proc/cmdline
for o in \`cat /proc/cmdline\` ; do
case \$o in
ks=*)
ks="--kickstart=\${o#ks=}"
;;
xdriver=*)
xdriver="\${o#xdriver=}"
;;
esac
done
# if liveinst or textinst is given, start anaconda
if strstr "\`cat /proc/cmdline\`" liveinst ; then
plymouth --quit
/usr/sbin/liveinst \$ks
fi
if strstr "\`cat /proc/cmdline\`" textinst ; then
plymouth --quit
/usr/sbin/liveinst --text \$ks
fi
# configure X, allowing user to override xdriver
if [ -n "\$xdriver" ]; then
cat > /etc/X11/xorg.conf.d/00-xdriver.conf <<FOE
Section "Device"
Identifier "Videocard0"
Driver "\$xdriver"
EndSection
FOE
fi
EOF
chmod 755 /etc/rc.d/init.d/livesys
/sbin/restorecon /etc/rc.d/init.d/livesys
/sbin/chkconfig --add livesys
chmod 755 /etc/rc.d/init.d/livesys-late
/sbin/restorecon /etc/rc.d/init.d/livesys-late
/sbin/chkconfig --add livesys-late
# Enable livesys services
systemctl enable livesys.service
systemctl enable livesys-late.service
# enable tmpfs for /tmp
systemctl enable tmp.mount
@@ -287,25 +76,14 @@ rm -f /boot/*-rescue*
# Disable network service here, as doing it in the services line
# fails due to RHBZ #1369794
/sbin/chkconfig network off
systemctl disable network
# Remove machine-id on pre generated images
rm -f /etc/machine-id
touch /etc/machine-id
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-live.log
# For livecd-creator builds only (lorax/livemedia-creator handles this directly)
if [ -n "$LIVE_ROOT" ]; then
cp "$INSTALL_ROOT"/usr/share/licenses/*-release-common/* "$LIVE_ROOT/"
# only installed on x86, x86_64
if [ -f /usr/bin/livecd-iso-to-disk ]; then
mkdir -p "$LIVE_ROOT/LiveOS"
cp /usr/bin/livecd-iso-to-disk "$LIVE_ROOT/LiveOS"
fi
fi
# set livesys session type
sed -i 's/^livesys_session=.*/livesys_session="gnome"/' /etc/sysconfig/livesys
%end
@@ -441,25 +219,6 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
%end
%post --logfile=/opt/live-desktop-quirks.log
cat >> /etc/rc.d/init.d/livesys << EOF
# set up auto-login
cat > /etc/gdm/custom.conf << FOE
[daemon]
AutomaticLoginEnable=True
AutomaticLogin=liveuser
FOE
# Make sure to set the right permissions and selinux contexts
chown -R liveuser:liveuser /home/liveuser/
restorecon -R /home/liveuser/
EOF
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log
# Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd
@@ -468,25 +227,9 @@ echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf
echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf
echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf
mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images
mkdir /mnt/sysimage/var/lib/libvirt/image/iso # Create a directory to store iso images
wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/
chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/
chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/
chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/
chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh
wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/image/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory
# fetch custom script and make it executable
wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/
@@ -495,41 +238,60 @@ chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh
%end
%packages --exclude-weakdeps
@anaconda-tools
@x86-baremetal-tools
@core
@hardware-support
NetworkManager-wifi
aajohan-comfortaa-fonts
anaconda
anaconda-install-env-deps
anaconda-live
chkconfig
dejavu-sans-mono-fonts
dracut-live
fedora-remix-logos
firefox
generic-logos
generic-release
generic-release-common
generic-release-notes
glibc-all-langpacks
gnome-backgrounds.noarch
gnome-shell
gnome-terminal
grub2-common.noarch
grub2-efi-ia32
grub2-efi-x64
grub2-efi-x64-cdboot
grub2-pc-modules.noarch
grub2-tools
grub2-tools-efi
grub2-tools-extra
grub2-tools-minimal
grubby
guestfs-tools
initscripts
kernel
kernel-modules
kernel-modules-extra
libguestfs-tools
libusb
libvirt
libvirt-daemon-config-network
libvirt-daemon-kvm
livesys-scripts
mesa-dri-drivers
mozilla-ublock-origin.noarch
nano
neofetch
pciutils
python3-libguestfs
qemu-kvm
usbutils
virt-install
virt-manager
virt-top
wget
wpa_supplicant
-device-mapper-multipath
-fcoe-utils
-fedora-logos
-fedora-release
-fedora-release-common
-fedora-release-identity-basic
-fedora-release-notes
-gnome-tour
%end

374
dishes/live-desktop.cfg
View File

@@ -7,15 +7,21 @@ keyboard --xlayouts='ch (fr)'
# System language
lang en_US.UTF-8
# Network information
network --bootproto=dhcp --device=link --activate
network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate
# Shutdown after installation
shutdown
repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch
repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch
# Root password
rootpw --iscrypted --lock locked
# SELinux configuration
selinux --enforcing
selinux --disabled
# System services
services --disabled="sshd" --enabled="NetworkManager,systemd-resolved"
# System timezone
timezone Europe/Paris --utc
# Use network installation
url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch"
# X Window System configuration information
xconfig --defaultdesktop=GNOME --startxonboot
# System bootloader configuration
@@ -23,223 +29,16 @@ bootloader --location=none
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all
clearpart --all --initlabel
# Disk partitioning information
part / --fstype="ext4" --size=5120
part / --size=7750
%post --logfile=/root/bl.log
%post
# FIXME: it'd be better to get this installed from a package
cat > /etc/rc.d/init.d/livesys << EOF
#!/bin/bash
#
# live: Init script for live image
#
# chkconfig: 345 00 99
# description: Init script for live image.
### BEGIN INIT INFO
# X-Start-Before: display-manager chronyd
### END INIT INFO
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then
exit 0
fi
if [ -e /.liveimg-configured ] ; then
configdone=1
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
livedir="LiveOS"
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then
livedir=\${arg##rd.live.dir=}
continue
fi
if [ "\${arg##live_dir=}" != "\${arg}" ]; then
livedir=\${arg##live_dir=}
fi
done
# enable swapfile if it exists
if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then
action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img
fi
mountPersistentHome() {
# support label/uuid
if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then
homedev=\`/sbin/blkid -o device -t "\$homedev"\`
fi
# if we're given a file rather than a blockdev, loopback it
if [ "\${homedev##mtd}" != "\${homedev}" ]; then
# mtd devs don't have a block device but get magic-mounted with -t jffs2
mountopts="-t jffs2"
elif [ ! -b "\$homedev" ]; then
loopdev=\`losetup -f\`
if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then
action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live
fi
losetup \$loopdev \$homedev
homedev=\$loopdev
fi
# if it's encrypted, we need to unlock it
if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then
echo
echo "Setting up encrypted /home device"
plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome"
homedev=/dev/mapper/EncHome
fi
# and finally do the mount
mount \$mountopts \$homedev /home
# if we have /home under what's passed for persistent home, then
# we should make that the real /home. useful for mtd device on olpc
if [ -d /home/home ]; then mount --bind /home/home /home ; fi
[ -x /sbin/restorecon ] && /sbin/restorecon /home
if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi
}
findPersistentHome() {
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##persistenthome=}" != "\${arg}" ]; then
homedev=\${arg##persistenthome=}
fi
done
}
if strstr "\`cat /proc/cmdline\`" persistenthome= ; then
findPersistentHome
elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then
homedev=/run/initramfs/live/\${livedir}/home.img
fi
# if we have a persistent /home, then we want to go ahead and mount it
if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then
action "Mounting persistent /home" mountPersistentHome
fi
if [ -n "\$configdone" ]; then
exit 0
fi
# add liveuser user with no passwd
action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser
passwd -d liveuser > /dev/null
usermod -aG wheel liveuser > /dev/null
# Remove root password lock
passwd -d root > /dev/null
# turn off firstboot for livecd boots
systemctl --no-reload disable firstboot-text.service 2> /dev/null || :
systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || :
systemctl stop firstboot-text.service 2> /dev/null || :
systemctl stop firstboot-graphical.service 2> /dev/null || :
# don't use prelink on a running live image
sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || :
# turn off mdmonitor by default
systemctl --no-reload disable mdmonitor.service 2> /dev/null || :
systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || :
systemctl stop mdmonitor.service 2> /dev/null || :
systemctl stop mdmonitor-takeover.service 2> /dev/null || :
# don't start cron/at as they tend to spawn things which are
# disk intensive that are painful on a live image
systemctl --no-reload disable crond.service 2> /dev/null || :
systemctl --no-reload disable atd.service 2> /dev/null || :
systemctl stop crond.service 2> /dev/null || :
systemctl stop atd.service 2> /dev/null || :
# turn off abrtd on a live image
systemctl --no-reload disable abrtd.service 2> /dev/null || :
systemctl stop abrtd.service 2> /dev/null || :
# Don't sync the system clock when running live (RHBZ #1018162)
sed -i 's/rtcsync//' /etc/chrony.conf
# Mark things as configured
touch /.liveimg-configured
# add static hostname to work around xauth bug
# https://bugzilla.redhat.com/show_bug.cgi?id=679486
# the hostname must be something else than 'localhost'
# https://bugzilla.redhat.com/show_bug.cgi?id=1370222
hostnamectl set-hostname "localhost-live"
EOF
# bah, hal starts way too late
cat > /etc/rc.d/init.d/livesys-late << EOF
#!/bin/bash
#
# live: Late init script for live image
#
# chkconfig: 345 99 01
# description: Late init script for live image.
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then
exit 0
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
touch /.liveimg-late-configured
# read some variables out of /proc/cmdline
for o in \`cat /proc/cmdline\` ; do
case \$o in
ks=*)
ks="--kickstart=\${o#ks=}"
;;
xdriver=*)
xdriver="\${o#xdriver=}"
;;
esac
done
# if liveinst or textinst is given, start anaconda
if strstr "\`cat /proc/cmdline\`" liveinst ; then
plymouth --quit
/usr/sbin/liveinst \$ks
fi
if strstr "\`cat /proc/cmdline\`" textinst ; then
plymouth --quit
/usr/sbin/liveinst --text \$ks
fi
# configure X, allowing user to override xdriver
if [ -n "\$xdriver" ]; then
cat > /etc/X11/xorg.conf.d/00-xdriver.conf <<FOE
Section "Device"
Identifier "Videocard0"
Driver "\$xdriver"
EndSection
FOE
fi
EOF
chmod 755 /etc/rc.d/init.d/livesys
/sbin/restorecon /etc/rc.d/init.d/livesys
/sbin/chkconfig --add livesys
chmod 755 /etc/rc.d/init.d/livesys-late
/sbin/restorecon /etc/rc.d/init.d/livesys-late
/sbin/chkconfig --add livesys-late
# Enable livesys services
systemctl enable livesys.service
systemctl enable livesys-late.service
# enable tmpfs for /tmp
systemctl enable tmp.mount
@@ -279,25 +78,14 @@ rm -f /boot/*-rescue*
# Disable network service here, as doing it in the services line
# fails due to RHBZ #1369794
/sbin/chkconfig network off
systemctl disable network
# Remove machine-id on pre generated images
rm -f /etc/machine-id
touch /etc/machine-id
%end
%post --nochroot --logfile=/mnt/sysimage/opt/base-live.log
# For livecd-creator builds only (lorax/livemedia-creator handles this directly)
if [ -n "$LIVE_ROOT" ]; then
cp "$INSTALL_ROOT"/usr/share/licenses/*-release-common/* "$LIVE_ROOT/"
# only installed on x86, x86_64
if [ -f /usr/bin/livecd-iso-to-disk ]; then
mkdir -p "$LIVE_ROOT/LiveOS"
cp /usr/bin/livecd-iso-to-disk "$LIVE_ROOT/LiveOS"
fi
fi
# set livesys session type
sed -i 's/^livesys_session=.*/livesys_session="gnome"/' /etc/sysconfig/livesys
%end
@@ -370,119 +158,51 @@ glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/
%end
%post --logfile=/root/ld.log
cat >> /etc/rc.d/init.d/livesys << EOF
# # disable gnome-software automatically downloading updates
# cat >> /usr/share/glib-2.0/schemas/org.gnome.software.gschema.override << FOE
# [org.gnome.software]
# download-updates=false
# FOE
#
# # don't autostart gnome-software session service
# rm -f /etc/xdg/autostart/gnome-software-service.desktop
# # disable the gnome-software shell search provider
# cat >> /usr/share/gnome-shell/search-providers/org.gnome.Software-search-provider.ini << FOE
# DefaultDisabled=true
# FOE
# # don't run gnome-initial-setup
# mkdir ~liveuser/.config
# touch ~liveuser/.config/gnome-initial-setup-done
# suppress anaconda spokes redundant with gnome-initial-setup
# cat >> /etc/sysconfig/anaconda << FOE
# [NetworkSpoke]
# visited=1
#
# [PasswordSpoke]
# visited=1
#
# [UserSpoke]
# visited=1
# FOE
## make the installer show up
#if [ -f /usr/share/applications/liveinst.desktop ]; then
# # Show harddisk install in shell dash
# sed -i -e 's/NoDisplay=true/NoDisplay=false/' /usr/share/applications/liveinst.desktop ""
# # need to move it to anaconda.desktop to make shell happy
# mv /usr/share/applications/liveinst.desktop /usr/share/applications/anaconda.desktop
#
# cat >> /usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override << FOE
# [org.gnome.shell]
# favorite-apps=['firefox.desktop', 'org.gnome.Calendar.desktop', 'rhythmbox.desktop', 'org.gnome.Photos.desktop', 'org.gnome.Nautilus.desktop', 'anaconda.desktop']
# FOE
#
# # Make the welcome screen show up
# if [ -f /usr/share/anaconda/gnome/fedora-welcome.desktop ]; then
# mkdir -p ~liveuser/.config/autostart
# cp /usr/share/anaconda/gnome/fedora-welcome.desktop /usr/share/applications/
# cp /usr/share/anaconda/gnome/fedora-welcome.desktop ~liveuser/.config/autostart/
# fi
#
# # Disable GNOME welcome tour so it doesn't overlap with Fedora welcome screen
# cat >> /usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override << FOE
# welcome-dialog-last-shown-version='4294967295'
# FOE
#
# # Copy Anaconda branding in place
# if [ -d /usr/share/lorax/product/usr/share/anaconda ]; then
# cp -a /usr/share/lorax/product/* /
# fi
# fi
# rebuild schema cache with any overrides we installed
# glib-compile-schemas /usr/share/glib-2.0/schemas
# set up auto-login
cat > /etc/gdm/custom.conf << FOE
[daemon]
AutomaticLoginEnable=True
AutomaticLogin=liveuser
FOE
# Turn off PackageKit-command-not-found while uninstalled
# if [ -f /etc/PackageKit/CommandNotFound.conf ]; then
# sed -i -e 's/^SoftwareSourceSearch=true/SoftwareSourceSearch=false/' /etc/PackageKit/CommandNotFound.conf
# fi
# make sure to set the right permissions and selinux contexts
chown -R liveuser:liveuser /home/liveuser/
restorecon -R /home/liveuser/
EOF
%end
%packages --exclude-weakdeps
@anaconda-tools
@x86-baremetal-tools
@core
@hardware-support
NetworkManager-wifi
aajohan-comfortaa-fonts
anaconda
anaconda-install-env-deps
anaconda-live
chkconfig
dejavu-sans-mono-fonts
dracut-live
fedora-remix-logos
firefox
generic-logos
generic-release
generic-release-common
generic-release-notes
glibc-all-langpacks
gnome-backgrounds.noarch
gnome-shell
gnome-terminal
initscripts
grub2-common.noarch
grub2-efi-ia32
grub2-efi-x64
grub2-efi-x64-cdboot
grub2-pc-modules.noarch
grub2-tools
grub2-tools-efi
grub2-tools-extra
grub2-tools-minimal
grubby
kernel
kernel-modules
kernel-modules-extra
libusb
livesys-scripts
mesa-dri-drivers
mozilla-ublock-origin.noarch
nano
neofetch
pciutils
usbutils
wget
wpa_supplicant
-device-mapper-multipath
-fcoe-utils
-fedora-logos
-fedora-release
-fedora-release-common
-fedora-release-identity-basic
-fedora-release-notes
-gnome-tour
%end

397
ingredients/base-live.cfg
View File

@@ -7,361 +7,77 @@
# What ? This kickstart file provides a basic block to build a minimal, live system
# text # Perform installation in text mode
keyboard --xlayouts='ch (fr)' # set keyboard layouts for Romandie
keyboard --xlayouts='ch (fr)' # set keyboard layouts for Romandy
lang en_US.UTF-8 # Set system language to American English. More languages could be supported: --addsupport=cs_CZ,de_DE,en_UK
timezone Europe/Paris --utc # Set system timezone to Paris
selinux --enforcing # Make sure SELinux is in enforced mode
firewall --enabled --service=mdns
# selinux --enforcing
# firewall --enabled --service=mdns
rootpw --lock --iscrypted locked # Lock the root account
# xconfig --startxonboot
selinux --disabled # Make sure SELinux is disabled / Other option: --enforcing
firewall --enabled --service=mdns# Make sure the firewall is enabled
services --enabled=NetworkManager,systemd-resolved --disabled=sshd
network --onboot=yes --bootproto=dhcp --device=link --activate --hostname=phyllome-alpha # Configure network interfaces and set hostname. "link" selects the first device reaching an up state
zerombr
clearpart --all
# part / --size 5120
# bootloader --timeout=2
# services --enabled=NetworkManager --disabled=sshd
# network --bootproto=dhcp --device=link --activate --hostname=phyllome
#
# rootpw --lock --iscrypted locked
#
# # shutdown
zerombr # WARNING : Dangerous command ! Will clear the Master Boot Record
clearpart --all --initlabel # Partition clearing information. This setup uses GPT by default.
bootloader --location=none # Set the GNU GRUB bootloader
part / --fstype="ext4" --size=5120 # Create a root partition of around 7GB
# zerombr
# clearpart --all
# part / --size 5120 --fstype ext4
# services --enabled=NetworkManager,ModemManager --disabled=sshd
network --bootproto=dhcp --device=link --activate
rootpw --lock --iscrypted locked
shutdown
%packages # Beginning of the package section. Does not include weak dependencies.
#
# %packages # Beginning of the packages section.
#
# # Explicitly specified here:
# # <notting> walters: because otherwise dependency loops cause yum issues.
# kernel
# kernel-modules
# kernel-modules-extra
#
# # This was added a while ago, I think it falls into the category of
# # "Diagnosis/recovery tool useful from a Live OS image". Leaving this untouched
# # for now.
# #memtest86+
# #@x86-baremetal-tools # memtest86+ is included
#
# # The point of a live image is to install
# # anaconda
# # anaconda-install-env-deps
# # anaconda-live
# # @anaconda-tools
# # Anaconda has a weak dep on this and we don't want it on livecds, see
# # https://fedoraproject.org/wiki/Changes/RemoveDeviceMapperMultipathFromWorkstationLiveCD
# # -fcoe-utils
# # -device-mapper-multipath
#
# # Need aajohan-comfortaa-fonts for the SVG rnotes images
# # aajohan-comfortaa-fonts
#
# # Without this, initramfs generation during live image creation fails: #1242586
# dracut-live
# dracut-config-generic # add that as sugested here : https://www.brianlane.com/post/creating-live-isos-with-livemedia-creator/
#
# # For UEFI-boot, see https://github.com/weldr/lorax/blob/master/docs/fedora-livemedia.ks
# shim
# shim-ia32
# grub2
# grub2-efi
# grub2-efi-*-cdboot
# grub2-efi-ia32
# efibootmgr
#
# # syslinux is in @x86-baremetal-tools
#
# # anaconda needs the locales available to run for different locales
# glibc-all-langpacks
#
# # no longer in @core since 2018-10, but needed for livesys script
# initscripts
# chkconfig
#
# @core # minimal installation
# pciutils # Pciutils provides lspci commandline tool and is not installed by default
# # initial-setup # Install the initial setup package. For the GUI version, use initial-setup-gui instead.
# qemu-guest-agent # "QEMU guest agent"
# spice-vdagent # "Agent for Spice guests"
# -fedora-logos # Fedora logos
# -fedora-release # Fedora release-notes
# -fedora-release-notes
# -fedora-release-common # Fedora release files
# -fedora-release-identity-basic # ???
# fedora-remix-logos # Install Fedora remix logos
# generic-release
# generic-logos
# generic-release-common # "Generic release files"
# generic-release-notes # "Release Notes"
@core # minimal installation
@hardware-support # Provides extended hardware support, and especially extra wireless drivers
pciutils # Pciutils provides lspci commandline tool, which is not installed by default
libusb # add usb library (otherwise, USB 3.0 controllers seem to not work)
usbutils # add lsusb utility
wget # "The non-interactive network downloader. " Used to fetch files during installation
neofetch # a simple tool to show hardware-related informations inside a terminal
nano # The nano text editor
-fedora-logos # Remove Fedora logos to comply with [Fedora Remix legal guidelines](https://fedoraproject.org/wiki/Remix)
-fedora-release # Remove Fedora release-notes
-fedora-release-notes # Remove Fedora release-notes
-fedora-release-common # Remove Fedora release files
-fedora-release-identity-basic # ???
fedora-remix-logos # Add Fedora Remix logos
generic-release # Add Fedora Remix logos
generic-logos # Add Fedora Remix logos
generic-release-common # "Generic release files"
generic-release-notes # "Release Notes"
grub2-common.noarch
grub2-efi-ia32
grub2-efi-x64
grub2-efi-x64-cdboot
grub2-pc-modules.noarch
grub2-tools
grub2-tools-efi
grub2-tools-extra
grub2-tools-minimal
grubby
# %end # End of the packages section
%packages
# Explicitly specified here:
# <notting> walters: because otherwise dependency loops cause yum issues.
kernel
kernel-modules
kernel-modules-extra
# This was added a while ago, I think it falls into the category of
# "Diagnosis/recovery tool useful from a Live OS image". Leaving this untouched
# for now.
#memtest86+
@x86-baremetal-tools # memtest86+ is included
# The point of a live image is to install
anaconda
anaconda-install-env-deps
anaconda-live
@anaconda-tools
# Anaconda has a weak dep on this and we don't want it on livecds, see
# https://fedoraproject.org/wiki/Changes/RemoveDeviceMapperMultipathFromWorkstationLiveCD
-fcoe-utils
-device-mapper-multipath
# Need aajohan-comfortaa-fonts for the SVG rnotes images
aajohan-comfortaa-fonts
# Without this, initramfs generation during live image creation fails: #1242586
dracut-live
# syslinux is in @x86-baremetal-tools
# anaconda needs the locales available to run for different locales
glibc-all-langpacks
# no longer in @core since 2018-10, but needed for livesys script
initscripts
chkconfig
# provide the livesys scripts
livesys-scripts
%end
%end # End of the packages section
%post
%post --log=/root/bl.log # Beginning of the post-installation section. Add logging.
# FIXME: it'd be better to get this installed from a package
cat > /etc/rc.d/init.d/livesys << EOF
#!/bin/bash
#
# live: Init script for live image
#
# chkconfig: 345 00 99
# description: Init script for live image.
### BEGIN INIT INFO
# X-Start-Before: display-manager chronyd
### END INIT INFO
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then
exit 0
fi
if [ -e /.liveimg-configured ] ; then
configdone=1
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
livedir="LiveOS"
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then
livedir=\${arg##rd.live.dir=}
continue
fi
if [ "\${arg##live_dir=}" != "\${arg}" ]; then
livedir=\${arg##live_dir=}
fi
done
# enable swapfile if it exists
if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then
action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img
fi
mountPersistentHome() {
# support label/uuid
if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then
homedev=\`/sbin/blkid -o device -t "\$homedev"\`
fi
# if we're given a file rather than a blockdev, loopback it
if [ "\${homedev##mtd}" != "\${homedev}" ]; then
# mtd devs don't have a block device but get magic-mounted with -t jffs2
mountopts="-t jffs2"
elif [ ! -b "\$homedev" ]; then
loopdev=\`losetup -f\`
if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then
action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live
fi
losetup \$loopdev \$homedev
homedev=\$loopdev
fi
# if it's encrypted, we need to unlock it
if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then
echo
echo "Setting up encrypted /home device"
plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome"
homedev=/dev/mapper/EncHome
fi
# and finally do the mount
mount \$mountopts \$homedev /home
# if we have /home under what's passed for persistent home, then
# we should make that the real /home. useful for mtd device on olpc
if [ -d /home/home ]; then mount --bind /home/home /home ; fi
[ -x /sbin/restorecon ] && /sbin/restorecon /home
if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi
}
findPersistentHome() {
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##persistenthome=}" != "\${arg}" ]; then
homedev=\${arg##persistenthome=}
fi
done
}
if strstr "\`cat /proc/cmdline\`" persistenthome= ; then
findPersistentHome
elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then
homedev=/run/initramfs/live/\${livedir}/home.img
fi
# if we have a persistent /home, then we want to go ahead and mount it
if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then
action "Mounting persistent /home" mountPersistentHome
fi
if [ -n "\$configdone" ]; then
exit 0
fi
# add liveuser user with no passwd
action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser
passwd -d liveuser > /dev/null
usermod -aG wheel liveuser > /dev/null
# Remove root password lock
passwd -d root > /dev/null
# turn off firstboot for livecd boots
systemctl --no-reload disable firstboot-text.service 2> /dev/null || :
systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || :
systemctl stop firstboot-text.service 2> /dev/null || :
systemctl stop firstboot-graphical.service 2> /dev/null || :
# don't use prelink on a running live image
sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || :
# turn off mdmonitor by default
systemctl --no-reload disable mdmonitor.service 2> /dev/null || :
systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || :
systemctl stop mdmonitor.service 2> /dev/null || :
systemctl stop mdmonitor-takeover.service 2> /dev/null || :
# don't start cron/at as they tend to spawn things which are
# disk intensive that are painful on a live image
systemctl --no-reload disable crond.service 2> /dev/null || :
systemctl --no-reload disable atd.service 2> /dev/null || :
systemctl stop crond.service 2> /dev/null || :
systemctl stop atd.service 2> /dev/null || :
# turn off abrtd on a live image
systemctl --no-reload disable abrtd.service 2> /dev/null || :
systemctl stop abrtd.service 2> /dev/null || :
# Don't sync the system clock when running live (RHBZ #1018162)
sed -i 's/rtcsync//' /etc/chrony.conf
# Mark things as configured
touch /.liveimg-configured
# add static hostname to work around xauth bug
# https://bugzilla.redhat.com/show_bug.cgi?id=679486
# the hostname must be something else than 'localhost'
# https://bugzilla.redhat.com/show_bug.cgi?id=1370222
hostnamectl set-hostname "localhost-live"
EOF
# bah, hal starts way too late
cat > /etc/rc.d/init.d/livesys-late << EOF
#!/bin/bash
#
# live: Late init script for live image
#
# chkconfig: 345 99 01
# description: Late init script for live image.
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then
exit 0
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
touch /.liveimg-late-configured
# read some variables out of /proc/cmdline
for o in \`cat /proc/cmdline\` ; do
case \$o in
ks=*)
ks="--kickstart=\${o#ks=}"
;;
xdriver=*)
xdriver="\${o#xdriver=}"
;;
esac
done
# if liveinst or textinst is given, start anaconda
if strstr "\`cat /proc/cmdline\`" liveinst ; then
plymouth --quit
/usr/sbin/liveinst \$ks
fi
if strstr "\`cat /proc/cmdline\`" textinst ; then
plymouth --quit
/usr/sbin/liveinst --text \$ks
fi
# configure X, allowing user to override xdriver
if [ -n "\$xdriver" ]; then
cat > /etc/X11/xorg.conf.d/00-xdriver.conf <<FOE
Section "Device"
Identifier "Videocard0"
Driver "\$xdriver"
EndSection
FOE
fi
EOF
chmod 755 /etc/rc.d/init.d/livesys
/sbin/restorecon /etc/rc.d/init.d/livesys
/sbin/chkconfig --add livesys
chmod 755 /etc/rc.d/init.d/livesys-late
/sbin/restorecon /etc/rc.d/init.d/livesys-late
/sbin/chkconfig --add livesys-late
# Enable livesys services
systemctl enable livesys.service
systemctl enable livesys-late.service
# enable tmpfs for /tmp
systemctl enable tmp.mount
@@ -401,26 +117,13 @@ rm -f /boot/*-rescue*
# Disable network service here, as doing it in the services line
# fails due to RHBZ #1369794
/sbin/chkconfig network off
systemctl disable network
# Remove machine-id on pre generated images
rm -f /etc/machine-id
touch /etc/machine-id
%end
%post --nochroot --log=/mnt/sysimage/opt/base-live.log
# For livecd-creator builds only (lorax/livemedia-creator handles this directly)
if [ -n "$LIVE_ROOT" ]; then
cp "$INSTALL_ROOT"/usr/share/licenses/*-release-common/* "$LIVE_ROOT/"
# only installed on x86, x86_64
if [ -f /usr/bin/livecd-iso-to-disk ]; then
mkdir -p "$LIVE_ROOT/LiveOS"
cp /usr/bin/livecd-iso-to-disk "$LIVE_ROOT/LiveOS"
fi
fi
%end
# set livesys session type
sed -i 's/^livesys_session=.*/livesys_session="gnome"/' /etc/sysconfig/livesys
%end