diff --git a/dishes/live-desktop-backup.cfg b/dishes/live-desktop-backup.cfg new file mode 100644 index 0000000..f1335c2 --- /dev/null +++ b/dishes/live-desktop-backup.cfg @@ -0,0 +1,212 @@ +# Generated by pykickstart v3.47 +#version=DEVEL +# Firewall configuration +firewall --enabled --service=mdns +# Keyboard layouts +keyboard --xlayouts='ch (fr)' +# System language +lang en_US.UTF-8 +# Network information +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate +# Shutdown after installation +shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch +# Root password +rootpw --iscrypted --lock locked +# SELinux configuration +selinux --disabled +# System services +services --disabled="sshd" --enabled="NetworkManager,systemd-resolved" +# System timezone +timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" +# X Window System configuration information +xconfig --defaultdesktop=GNOME --startxonboot +# System bootloader configuration +bootloader --location=none +# Clear the Master Boot Record +zerombr +# Partition clearing information +clearpart --all --initlabel +# Disk partitioning information +part / --fstype="ext4" --size=5120 +part / --size=7750 + +%post + +# Enable livesys services +systemctl enable livesys.service +systemctl enable livesys-late.service + +# enable tmpfs for /tmp +systemctl enable tmp.mount + +# make it so that we don't do writing to the overlay for things which +# are just tmpdirs/caches +# note https://bugzilla.redhat.com/show_bug.cgi?id=1135475 +cat >> /etc/fstab << EOF +vartmp /var/tmp tmpfs defaults 0 0 +EOF + +# work around for poor key import UI in PackageKit +rm -f /var/lib/rpm/__db* +echo "Packages within this LiveCD" +rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' |sort -rn +# Note that running rpm recreates the rpm db files which aren't needed or wanted +rm -f /var/lib/rpm/__db* + +# go ahead and pre-make the man -k cache (#455968) +/usr/bin/mandb + +# make sure there aren't core files lying around +rm -f /core* + +# remove random seed, the newly installed instance should make it's own +rm -f /var/lib/systemd/random-seed + +# convince readahead not to collect +# FIXME: for systemd + +echo 'File created by kickstart. See systemd-update-done.service(8).' \ + | tee /etc/.updated >/var/.updated + +# Drop the rescue kernel and initramfs, we don't need them on the live media itself. +# See bug 1317709 +rm -f /boot/*-rescue* + +# Disable network service here, as doing it in the services line +# fails due to RHBZ #1369794 +systemctl disable network + +# Remove machine-id on pre generated images +rm -f /etc/machine-id +touch /etc/machine-id + +# set livesys session type +sed -i 's/^livesys_session=.*/livesys_session="gnome"/' /etc/sysconfig/livesys + +%end + +%post --nochroot --logfile=/mnt/sysimage/opt/base-desktop-gnome.log + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF +[org.gnome.desktop.background] +picture-uri='file:///usr/share/backgrounds/elementary/Morskie Oko.jpg' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.media-handling.gschema.override<< EOF +[org.gnome.desktop.media-handling] +automount-open=false +autorun-never=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.Terminal.gschema.override<< EOF +[org.gnome.Terminal.Legacy.Profile] +font='DejaVu Sans Mono 12' +use-system-font=false +audible-bell=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.wm.preferences.gschema.override<< EOF +[org.gnome.desktop.wm.preferences] +button-layout=':minimize,maximize,close' +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.a11y.gschema.override<< EOF +[org.gnome.desktop.a11y] +always-show-universal-access-status=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.interface.gschema.override<< EOF +[org.gnome.desktop.interface] +enable-animations=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.privacy.gschema.override<< EOF +[org.gnome.desktop.privacy] +remove-old-temp-files=true +remember-recent-files=false +remember-app-usage=false +disable-camera=true +disable-microphone=true +disable-sound-output=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.search-providers.gschema.override<< EOF +[org.gnome.desktop.search-providers] +disable-external=true +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.notifications.gschema.override<< EOF +[org.gnome.desktop.notifications.application] +enable-sound-alerts=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.sound.gschema.override<< EOF +[org.gnome.desktop.sound] +event-sounds=false +EOF + +cat >> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.thumbnailers.gschema.override<< EOF +[org.gnome.desktop.thumbnailers] +disable-all=true +EOF + +glib-compile-schemas /mnt/sysimage/usr/share/glib-2.0/schemas/ + +%end + + +%packages --exclude-weakdeps +@anaconda-tools +@core +@hardware-support +NetworkManager-wifi +aajohan-comfortaa-fonts +dejavu-sans-mono-fonts +dracut-live +fedora-remix-logos +firefox +generic-logos +generic-release +generic-release-common +generic-release-notes +glibc-all-langpacks +gnome-backgrounds.noarch +gnome-shell +gnome-terminal +grub2-common.noarch +grub2-efi-ia32 +grub2-efi-x64 +grub2-efi-x64-cdboot +grub2-pc-modules.noarch +grub2-tools +grub2-tools-efi +grub2-tools-extra +grub2-tools-minimal +grubby +kernel +kernel-modules +kernel-modules-extra +libusb +livesys-scripts +mesa-dri-drivers +mozilla-ublock-origin.noarch +nano +neofetch +pciutils +usbutils +wget +wpa_supplicant +-device-mapper-multipath +-fcoe-utils +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes +-gnome-tour + +%end diff --git a/dishes/live-desktop-hypervisor-amdcpu.cfg b/dishes/live-desktop-hypervisor-amdcpu.cfg index bfb8318..a813896 100644 --- a/dishes/live-desktop-hypervisor-amdcpu.cfg +++ b/dishes/live-desktop-hypervisor-amdcpu.cfg @@ -1,23 +1,21 @@ # Generated by pykickstart v3.47 #version=DEVEL # Firewall configuration -firewall --enabled --service=mdns +firewall --enabled # Keyboard layouts keyboard --xlayouts='ch (fr)' # System language lang en_US.UTF-8 # Network information -network --bootproto=dhcp --device=link --activate -# Shutdown after installation -shutdown +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch # Root password rootpw --iscrypted --lock locked # SELinux configuration -selinux --enforcing +selinux --disabled # System services -services --enabled="NetworkManager,libvirtd" +services --disabled="sshd" --enabled="NetworkManager,libvirtd" # System timezone timezone Europe/Paris --utc # Use network installation @@ -25,229 +23,19 @@ url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$rele # X Window System configuration information xconfig --defaultdesktop=GNOME --startxonboot # System bootloader configuration -bootloader --location=none +bootloader --location=mbr --timeout=1 # Clear the Master Boot Record zerombr # Partition clearing information -clearpart --all +clearpart --all --initlabel # Disk partitioning information part / --size=5120 -%post --logfile=/root/bl.log +%post -# FIXME: it'd be better to get this installed from a package -cat > /etc/rc.d/init.d/livesys << EOF -#!/bin/bash -# -# live: Init script for live image -# -# chkconfig: 345 00 99 -# description: Init script for live image. -### BEGIN INIT INFO -# X-Start-Before: display-manager chronyd -### END INIT INFO - -. /etc/init.d/functions - -if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then - exit 0 -fi - -if [ -e /.liveimg-configured ] ; then - configdone=1 -fi - -exists() { - which \$1 >/dev/null 2>&1 || return - \$* -} - -livedir="LiveOS" -for arg in \`cat /proc/cmdline\` ; do - if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then - livedir=\${arg##rd.live.dir=} - continue - fi - if [ "\${arg##live_dir=}" != "\${arg}" ]; then - livedir=\${arg##live_dir=} - fi -done - -# enable swapfile if it exists -if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then - action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img -fi - -mountPersistentHome() { - # support label/uuid - if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then - homedev=\`/sbin/blkid -o device -t "\$homedev"\` - fi - - # if we're given a file rather than a blockdev, loopback it - if [ "\${homedev##mtd}" != "\${homedev}" ]; then - # mtd devs don't have a block device but get magic-mounted with -t jffs2 - mountopts="-t jffs2" - elif [ ! -b "\$homedev" ]; then - loopdev=\`losetup -f\` - if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then - action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live - fi - losetup \$loopdev \$homedev - homedev=\$loopdev - fi - - # if it's encrypted, we need to unlock it - if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then - echo - echo "Setting up encrypted /home device" - plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome" - homedev=/dev/mapper/EncHome - fi - - # and finally do the mount - mount \$mountopts \$homedev /home - # if we have /home under what's passed for persistent home, then - # we should make that the real /home. useful for mtd device on olpc - if [ -d /home/home ]; then mount --bind /home/home /home ; fi - [ -x /sbin/restorecon ] && /sbin/restorecon /home - if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi -} - -findPersistentHome() { - for arg in \`cat /proc/cmdline\` ; do - if [ "\${arg##persistenthome=}" != "\${arg}" ]; then - homedev=\${arg##persistenthome=} - fi - done -} - -if strstr "\`cat /proc/cmdline\`" persistenthome= ; then - findPersistentHome -elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then - homedev=/run/initramfs/live/\${livedir}/home.img -fi - -# if we have a persistent /home, then we want to go ahead and mount it -if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then - action "Mounting persistent /home" mountPersistentHome -fi - -if [ -n "\$configdone" ]; then - exit 0 -fi - -# add liveuser user with no passwd -action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser -passwd -d liveuser > /dev/null -usermod -aG wheel liveuser > /dev/null - -# Remove root password lock -passwd -d root > /dev/null - -# turn off firstboot for livecd boots -systemctl --no-reload disable firstboot-text.service 2> /dev/null || : -systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || : -systemctl stop firstboot-text.service 2> /dev/null || : -systemctl stop firstboot-graphical.service 2> /dev/null || : - -# don't use prelink on a running live image -sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || : - -# turn off mdmonitor by default -systemctl --no-reload disable mdmonitor.service 2> /dev/null || : -systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || : -systemctl stop mdmonitor.service 2> /dev/null || : -systemctl stop mdmonitor-takeover.service 2> /dev/null || : - -# don't start cron/at as they tend to spawn things which are -# disk intensive that are painful on a live image -systemctl --no-reload disable crond.service 2> /dev/null || : -systemctl --no-reload disable atd.service 2> /dev/null || : -systemctl stop crond.service 2> /dev/null || : -systemctl stop atd.service 2> /dev/null || : - -# turn off abrtd on a live image -systemctl --no-reload disable abrtd.service 2> /dev/null || : -systemctl stop abrtd.service 2> /dev/null || : - -# Don't sync the system clock when running live (RHBZ #1018162) -sed -i 's/rtcsync//' /etc/chrony.conf - -# Mark things as configured -touch /.liveimg-configured - -# add static hostname to work around xauth bug -# https://bugzilla.redhat.com/show_bug.cgi?id=679486 -# the hostname must be something else than 'localhost' -# https://bugzilla.redhat.com/show_bug.cgi?id=1370222 -hostnamectl set-hostname "localhost-live" - -EOF - -# bah, hal starts way too late -cat > /etc/rc.d/init.d/livesys-late << EOF -#!/bin/bash -# -# live: Late init script for live image -# -# chkconfig: 345 99 01 -# description: Late init script for live image. - -. /etc/init.d/functions - -if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then - exit 0 -fi - -exists() { - which \$1 >/dev/null 2>&1 || return - \$* -} - -touch /.liveimg-late-configured - -# read some variables out of /proc/cmdline -for o in \`cat /proc/cmdline\` ; do - case \$o in - ks=*) - ks="--kickstart=\${o#ks=}" - ;; - xdriver=*) - xdriver="\${o#xdriver=}" - ;; - esac -done - -# if liveinst or textinst is given, start anaconda -if strstr "\`cat /proc/cmdline\`" liveinst ; then - plymouth --quit - /usr/sbin/liveinst \$ks -fi -if strstr "\`cat /proc/cmdline\`" textinst ; then - plymouth --quit - /usr/sbin/liveinst --text \$ks -fi - -# configure X, allowing user to override xdriver -if [ -n "\$xdriver" ]; then - cat > /etc/X11/xorg.conf.d/00-xdriver.conf <> /mnt/sysimage/usr/share/glib-2.0/schemas/org.gnome.desktop.background.gschema.override<< EOF @@ -496,48 +270,57 @@ chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh %post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor-amdcpu.log -sed -i 's/\(quiet\)/\1 amd_iommu=on iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. +sed -i 's/\(quiet\)/\1 iommu=pt rd.driver.pre=vfio-pci/i' /mnt/sysimage/etc/default/grub # Load kernel modules in GRUB. echo "options kvm_amd nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add support for nested-virtualization %end %packages --exclude-weakdeps -@anaconda-tools -@x86-baremetal-tools +@core +@hardware-support NetworkManager-wifi aajohan-comfortaa-fonts -anaconda -anaconda-install-env-deps -anaconda-live -chkconfig dejavu-sans-mono-fonts dracut-live +fedora-remix-logos firefox +generic-logos +generic-release +generic-release-common +generic-release-notes glibc-all-langpacks gnome-backgrounds.noarch gnome-shell gnome-terminal guestfs-tools -initscripts kernel kernel-modules kernel-modules-extra libguestfs-tools +libusb libvirt libvirt-daemon-config-network libvirt-daemon-kvm +livesys-scripts mesa-dri-drivers mozilla-ublock-origin.noarch nano +neofetch +pciutils python3-libguestfs qemu-kvm +usbutils virt-install virt-manager virt-top +wget wpa_supplicant --device-mapper-multipath --fcoe-utils +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes -gnome-tour %end diff --git a/dishes/live-desktop-hypervisor-intelcpu-intelgpu.cfg b/dishes/live-desktop-hypervisor-intelcpu-intelgpu.cfg index f82c79c..33ea955 100644 --- a/dishes/live-desktop-hypervisor-intelcpu-intelgpu.cfg +++ b/dishes/live-desktop-hypervisor-intelcpu-intelgpu.cfg @@ -7,17 +7,15 @@ keyboard --xlayouts='ch (fr)' # System language lang en_US.UTF-8 # Network information -network --bootproto=dhcp --device=link --activate -# Shutdown after installation -shutdown +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch # Root password rootpw --iscrypted --lock locked # SELinux configuration -selinux --enforcing +selinux --disabled # System services -services --enabled="NetworkManager,libvirtd" +services --disabled="sshd" --enabled="NetworkManager,libvirtd" # System timezone timezone Europe/Paris --utc # Use network installation @@ -29,225 +27,16 @@ bootloader --location=none # Clear the Master Boot Record zerombr # Partition clearing information -clearpart --all +clearpart --all --initlabel # Disk partitioning information -part / --size=5120 +part / --size=7750 +part / --fstype="ext4" --size=5120 -%post --logfile=/root/bl.log +%post -# FIXME: it'd be better to get this installed from a package -cat > /etc/rc.d/init.d/livesys << EOF -#!/bin/bash -# -# live: Init script for live image -# -# chkconfig: 345 00 99 -# description: Init script for live image. -### BEGIN INIT INFO -# X-Start-Before: display-manager chronyd -### END INIT INFO - -. /etc/init.d/functions - -if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then - exit 0 -fi - -if [ -e /.liveimg-configured ] ; then - configdone=1 -fi - -exists() { - which \$1 >/dev/null 2>&1 || return - \$* -} - -livedir="LiveOS" -for arg in \`cat /proc/cmdline\` ; do - if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then - livedir=\${arg##rd.live.dir=} - continue - fi - if [ "\${arg##live_dir=}" != "\${arg}" ]; then - livedir=\${arg##live_dir=} - fi -done - -# enable swapfile if it exists -if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then - action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img -fi - -mountPersistentHome() { - # support label/uuid - if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then - homedev=\`/sbin/blkid -o device -t "\$homedev"\` - fi - - # if we're given a file rather than a blockdev, loopback it - if [ "\${homedev##mtd}" != "\${homedev}" ]; then - # mtd devs don't have a block device but get magic-mounted with -t jffs2 - mountopts="-t jffs2" - elif [ ! -b "\$homedev" ]; then - loopdev=\`losetup -f\` - if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then - action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live - fi - losetup \$loopdev \$homedev - homedev=\$loopdev - fi - - # if it's encrypted, we need to unlock it - if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then - echo - echo "Setting up encrypted /home device" - plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome" - homedev=/dev/mapper/EncHome - fi - - # and finally do the mount - mount \$mountopts \$homedev /home - # if we have /home under what's passed for persistent home, then - # we should make that the real /home. useful for mtd device on olpc - if [ -d /home/home ]; then mount --bind /home/home /home ; fi - [ -x /sbin/restorecon ] && /sbin/restorecon /home - if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi -} - -findPersistentHome() { - for arg in \`cat /proc/cmdline\` ; do - if [ "\${arg##persistenthome=}" != "\${arg}" ]; then - homedev=\${arg##persistenthome=} - fi - done -} - -if strstr "\`cat /proc/cmdline\`" persistenthome= ; then - findPersistentHome -elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then - homedev=/run/initramfs/live/\${livedir}/home.img -fi - -# if we have a persistent /home, then we want to go ahead and mount it -if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then - action "Mounting persistent /home" mountPersistentHome -fi - -if [ -n "\$configdone" ]; then - exit 0 -fi - -# add liveuser user with no passwd -action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser -passwd -d liveuser > /dev/null -usermod -aG wheel liveuser > /dev/null - -# Remove root password lock -passwd -d root > /dev/null - -# turn off firstboot for livecd boots -systemctl --no-reload disable firstboot-text.service 2> /dev/null || : -systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || : -systemctl stop firstboot-text.service 2> /dev/null || : -systemctl stop firstboot-graphical.service 2> /dev/null || : - -# don't use prelink on a running live image -sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || : - -# turn off mdmonitor by default -systemctl --no-reload disable mdmonitor.service 2> /dev/null || : -systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || : -systemctl stop mdmonitor.service 2> /dev/null || : -systemctl stop mdmonitor-takeover.service 2> /dev/null || : - -# don't start cron/at as they tend to spawn things which are -# disk intensive that are painful on a live image -systemctl --no-reload disable crond.service 2> /dev/null || : -systemctl --no-reload disable atd.service 2> /dev/null || : -systemctl stop crond.service 2> /dev/null || : -systemctl stop atd.service 2> /dev/null || : - -# turn off abrtd on a live image -systemctl --no-reload disable abrtd.service 2> /dev/null || : -systemctl stop abrtd.service 2> /dev/null || : - -# Don't sync the system clock when running live (RHBZ #1018162) -sed -i 's/rtcsync//' /etc/chrony.conf - -# Mark things as configured -touch /.liveimg-configured - -# add static hostname to work around xauth bug -# https://bugzilla.redhat.com/show_bug.cgi?id=679486 -# the hostname must be something else than 'localhost' -# https://bugzilla.redhat.com/show_bug.cgi?id=1370222 -hostnamectl set-hostname "localhost-live" - -EOF - -# bah, hal starts way too late -cat > /etc/rc.d/init.d/livesys-late << EOF -#!/bin/bash -# -# live: Late init script for live image -# -# chkconfig: 345 99 01 -# description: Late init script for live image. - -. /etc/init.d/functions - -if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then - exit 0 -fi - -exists() { - which \$1 >/dev/null 2>&1 || return - \$* -} - -touch /.liveimg-late-configured - -# read some variables out of /proc/cmdline -for o in \`cat /proc/cmdline\` ; do - case \$o in - ks=*) - ks="--kickstart=\${o#ks=}" - ;; - xdriver=*) - xdriver="\${o#xdriver=}" - ;; - esac -done - -# if liveinst or textinst is given, start anaconda -if strstr "\`cat /proc/cmdline\`" liveinst ; then - plymouth --quit - /usr/sbin/liveinst \$ks -fi -if strstr "\`cat /proc/cmdline\`" textinst ; then - plymouth --quit - /usr/sbin/liveinst --text \$ks -fi - -# configure X, allowing user to override xdriver -if [ -n "\$xdriver" ]; then - cat > /etc/X11/xorg.conf.d/00-xdriver.conf <> /etc/rc.d/init.d/livesys << EOF - -# set up auto-login -cat > /etc/gdm/custom.conf << FOE -[daemon] -AutomaticLoginEnable=True -AutomaticLogin=liveuser -FOE - -# Make sure to set the right permissions and selinux contexts -chown -R liveuser:liveuser /home/liveuser/ -restorecon -R /home/liveuser/ - -EOF - -%end - %post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log # Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd @@ -468,25 +227,9 @@ echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf -mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images +mkdir /mnt/sysimage/var/lib/libvirt/image/iso # Create a directory to store iso images -wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory - -# fetch custom script and make it executable -wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ -chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh - -# fetch custom script and make it executable -wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ -chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh - -# fetch custom script and make it executable -wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ -chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh - -# fetch custom script and make it executable -wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ -chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/image/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory # fetch custom script and make it executable wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ @@ -513,41 +256,60 @@ echo "vfio-mdev" > /mnt/sysimage/etc/modules-load.d/vfio-mdev.conf # Load specif %end %packages --exclude-weakdeps -@anaconda-tools -@x86-baremetal-tools +@core +@hardware-support NetworkManager-wifi aajohan-comfortaa-fonts -anaconda -anaconda-install-env-deps -anaconda-live -chkconfig dejavu-sans-mono-fonts dracut-live +fedora-remix-logos firefox +generic-logos +generic-release +generic-release-common +generic-release-notes glibc-all-langpacks gnome-backgrounds.noarch gnome-shell gnome-terminal +grub2-common.noarch +grub2-efi-ia32 +grub2-efi-x64 +grub2-efi-x64-cdboot +grub2-pc-modules.noarch +grub2-tools +grub2-tools-efi +grub2-tools-extra +grub2-tools-minimal +grubby guestfs-tools -initscripts kernel kernel-modules kernel-modules-extra libguestfs-tools +libusb libvirt libvirt-daemon-config-network libvirt-daemon-kvm +livesys-scripts mesa-dri-drivers mozilla-ublock-origin.noarch nano +neofetch +pciutils python3-libguestfs qemu-kvm +usbutils virt-install virt-manager virt-top +wget wpa_supplicant --device-mapper-multipath --fcoe-utils +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes -gnome-tour %end diff --git a/dishes/live-desktop-hypervisor-intelcpu.cfg b/dishes/live-desktop-hypervisor-intelcpu.cfg index 0e72e54..fe5b3d4 100644 --- a/dishes/live-desktop-hypervisor-intelcpu.cfg +++ b/dishes/live-desktop-hypervisor-intelcpu.cfg @@ -7,17 +7,15 @@ keyboard --xlayouts='ch (fr)' # System language lang en_US.UTF-8 # Network information -network --bootproto=dhcp --device=link --activate -# Shutdown after installation -shutdown +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch # Root password rootpw --iscrypted --lock locked # SELinux configuration -selinux --enforcing +selinux --disabled # System services -services --enabled="NetworkManager,libvirtd" +services --disabled="sshd" --enabled="NetworkManager,libvirtd" # System timezone timezone Europe/Paris --utc # Use network installation @@ -29,225 +27,16 @@ bootloader --location=none # Clear the Master Boot Record zerombr # Partition clearing information -clearpart --all +clearpart --all --initlabel # Disk partitioning information -part / --size=5120 +part / --size=7750 +part / --fstype="ext4" --size=5120 -%post --logfile=/root/bl.log +%post -# FIXME: it'd be better to get this installed from a package -cat > /etc/rc.d/init.d/livesys << EOF -#!/bin/bash -# -# live: Init script for live image -# -# chkconfig: 345 00 99 -# description: Init script for live image. -### BEGIN INIT INFO -# X-Start-Before: display-manager chronyd -### END INIT INFO - -. /etc/init.d/functions - -if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then - exit 0 -fi - -if [ -e /.liveimg-configured ] ; then - configdone=1 -fi - -exists() { - which \$1 >/dev/null 2>&1 || return - \$* -} - -livedir="LiveOS" -for arg in \`cat /proc/cmdline\` ; do - if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then - livedir=\${arg##rd.live.dir=} - continue - fi - if [ "\${arg##live_dir=}" != "\${arg}" ]; then - livedir=\${arg##live_dir=} - fi -done - -# enable swapfile if it exists -if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then - action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img -fi - -mountPersistentHome() { - # support label/uuid - if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then - homedev=\`/sbin/blkid -o device -t "\$homedev"\` - fi - - # if we're given a file rather than a blockdev, loopback it - if [ "\${homedev##mtd}" != "\${homedev}" ]; then - # mtd devs don't have a block device but get magic-mounted with -t jffs2 - mountopts="-t jffs2" - elif [ ! -b "\$homedev" ]; then - loopdev=\`losetup -f\` - if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then - action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live - fi - losetup \$loopdev \$homedev - homedev=\$loopdev - fi - - # if it's encrypted, we need to unlock it - if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then - echo - echo "Setting up encrypted /home device" - plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome" - homedev=/dev/mapper/EncHome - fi - - # and finally do the mount - mount \$mountopts \$homedev /home - # if we have /home under what's passed for persistent home, then - # we should make that the real /home. useful for mtd device on olpc - if [ -d /home/home ]; then mount --bind /home/home /home ; fi - [ -x /sbin/restorecon ] && /sbin/restorecon /home - if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi -} - -findPersistentHome() { - for arg in \`cat /proc/cmdline\` ; do - if [ "\${arg##persistenthome=}" != "\${arg}" ]; then - homedev=\${arg##persistenthome=} - fi - done -} - -if strstr "\`cat /proc/cmdline\`" persistenthome= ; then - findPersistentHome -elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then - homedev=/run/initramfs/live/\${livedir}/home.img -fi - -# if we have a persistent /home, then we want to go ahead and mount it -if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then - action "Mounting persistent /home" mountPersistentHome -fi - -if [ -n "\$configdone" ]; then - exit 0 -fi - -# add liveuser user with no passwd -action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser -passwd -d liveuser > /dev/null -usermod -aG wheel liveuser > /dev/null - -# Remove root password lock -passwd -d root > /dev/null - -# turn off firstboot for livecd boots -systemctl --no-reload disable firstboot-text.service 2> /dev/null || : -systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || : -systemctl stop firstboot-text.service 2> /dev/null || : -systemctl stop firstboot-graphical.service 2> /dev/null || : - -# don't use prelink on a running live image -sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || : - -# turn off mdmonitor by default -systemctl --no-reload disable mdmonitor.service 2> /dev/null || : -systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || : -systemctl stop mdmonitor.service 2> /dev/null || : -systemctl stop mdmonitor-takeover.service 2> /dev/null || : - -# don't start cron/at as they tend to spawn things which are -# disk intensive that are painful on a live image -systemctl --no-reload disable crond.service 2> /dev/null || : -systemctl --no-reload disable atd.service 2> /dev/null || : -systemctl stop crond.service 2> /dev/null || : -systemctl stop atd.service 2> /dev/null || : - -# turn off abrtd on a live image -systemctl --no-reload disable abrtd.service 2> /dev/null || : -systemctl stop abrtd.service 2> /dev/null || : - -# Don't sync the system clock when running live (RHBZ #1018162) -sed -i 's/rtcsync//' /etc/chrony.conf - -# Mark things as configured -touch /.liveimg-configured - -# add static hostname to work around xauth bug -# https://bugzilla.redhat.com/show_bug.cgi?id=679486 -# the hostname must be something else than 'localhost' -# https://bugzilla.redhat.com/show_bug.cgi?id=1370222 -hostnamectl set-hostname "localhost-live" - -EOF - -# bah, hal starts way too late -cat > /etc/rc.d/init.d/livesys-late << EOF -#!/bin/bash -# -# live: Late init script for live image -# -# chkconfig: 345 99 01 -# description: Late init script for live image. - -. /etc/init.d/functions - -if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then - exit 0 -fi - -exists() { - which \$1 >/dev/null 2>&1 || return - \$* -} - -touch /.liveimg-late-configured - -# read some variables out of /proc/cmdline -for o in \`cat /proc/cmdline\` ; do - case \$o in - ks=*) - ks="--kickstart=\${o#ks=}" - ;; - xdriver=*) - xdriver="\${o#xdriver=}" - ;; - esac -done - -# if liveinst or textinst is given, start anaconda -if strstr "\`cat /proc/cmdline\`" liveinst ; then - plymouth --quit - /usr/sbin/liveinst \$ks -fi -if strstr "\`cat /proc/cmdline\`" textinst ; then - plymouth --quit - /usr/sbin/liveinst --text \$ks -fi - -# configure X, allowing user to override xdriver -if [ -n "\$xdriver" ]; then - cat > /etc/X11/xorg.conf.d/00-xdriver.conf <> /etc/rc.d/init.d/livesys << EOF - -# set up auto-login -cat > /etc/gdm/custom.conf << FOE -[daemon] -AutomaticLoginEnable=True -AutomaticLogin=liveuser -FOE - -# Make sure to set the right permissions and selinux contexts -chown -R liveuser:liveuser /home/liveuser/ -restorecon -R /home/liveuser/ - -EOF - -%end - %post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log # Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd @@ -468,25 +227,9 @@ echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf -mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images +mkdir /mnt/sysimage/var/lib/libvirt/image/iso # Create a directory to store iso images -wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory - -# fetch custom script and make it executable -wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ -chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh - -# fetch custom script and make it executable -wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ -chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh - -# fetch custom script and make it executable -wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ -chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh - -# fetch custom script and make it executable -wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ -chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/image/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory # fetch custom script and make it executable wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ @@ -503,41 +246,60 @@ echo "options kvm_intel nested=1" >> /mnt/sysimage/etc/modprobe.d/kvm.conf # Add %end %packages --exclude-weakdeps -@anaconda-tools -@x86-baremetal-tools +@core +@hardware-support NetworkManager-wifi aajohan-comfortaa-fonts -anaconda -anaconda-install-env-deps -anaconda-live -chkconfig dejavu-sans-mono-fonts dracut-live +fedora-remix-logos firefox +generic-logos +generic-release +generic-release-common +generic-release-notes glibc-all-langpacks gnome-backgrounds.noarch gnome-shell gnome-terminal +grub2-common.noarch +grub2-efi-ia32 +grub2-efi-x64 +grub2-efi-x64-cdboot +grub2-pc-modules.noarch +grub2-tools +grub2-tools-efi +grub2-tools-extra +grub2-tools-minimal +grubby guestfs-tools -initscripts kernel kernel-modules kernel-modules-extra libguestfs-tools +libusb libvirt libvirt-daemon-config-network libvirt-daemon-kvm +livesys-scripts mesa-dri-drivers mozilla-ublock-origin.noarch nano +neofetch +pciutils python3-libguestfs qemu-kvm +usbutils virt-install virt-manager virt-top +wget wpa_supplicant --device-mapper-multipath --fcoe-utils +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes -gnome-tour %end diff --git a/dishes/live-desktop-hypervisor.cfg b/dishes/live-desktop-hypervisor.cfg index ffa4612..25beb1f 100644 --- a/dishes/live-desktop-hypervisor.cfg +++ b/dishes/live-desktop-hypervisor.cfg @@ -7,17 +7,15 @@ keyboard --xlayouts='ch (fr)' # System language lang en_US.UTF-8 # Network information -network --bootproto=dhcp --device=link --activate -# Shutdown after installation -shutdown +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch # Root password rootpw --iscrypted --lock locked # SELinux configuration -selinux --enforcing +selinux --disabled # System services -services --enabled="NetworkManager,libvirtd" +services --disabled="sshd" --enabled="NetworkManager,libvirtd" # System timezone timezone Europe/Paris --utc # Use network installation @@ -29,225 +27,16 @@ bootloader --location=none # Clear the Master Boot Record zerombr # Partition clearing information -clearpart --all +clearpart --all --initlabel # Disk partitioning information -part / --size=5120 +part / --size=7750 +part / --fstype="ext4" --size=5120 -%post --logfile=/root/bl.log +%post -# FIXME: it'd be better to get this installed from a package -cat > /etc/rc.d/init.d/livesys << EOF -#!/bin/bash -# -# live: Init script for live image -# -# chkconfig: 345 00 99 -# description: Init script for live image. -### BEGIN INIT INFO -# X-Start-Before: display-manager chronyd -### END INIT INFO - -. /etc/init.d/functions - -if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then - exit 0 -fi - -if [ -e /.liveimg-configured ] ; then - configdone=1 -fi - -exists() { - which \$1 >/dev/null 2>&1 || return - \$* -} - -livedir="LiveOS" -for arg in \`cat /proc/cmdline\` ; do - if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then - livedir=\${arg##rd.live.dir=} - continue - fi - if [ "\${arg##live_dir=}" != "\${arg}" ]; then - livedir=\${arg##live_dir=} - fi -done - -# enable swapfile if it exists -if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then - action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img -fi - -mountPersistentHome() { - # support label/uuid - if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then - homedev=\`/sbin/blkid -o device -t "\$homedev"\` - fi - - # if we're given a file rather than a blockdev, loopback it - if [ "\${homedev##mtd}" != "\${homedev}" ]; then - # mtd devs don't have a block device but get magic-mounted with -t jffs2 - mountopts="-t jffs2" - elif [ ! -b "\$homedev" ]; then - loopdev=\`losetup -f\` - if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then - action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live - fi - losetup \$loopdev \$homedev - homedev=\$loopdev - fi - - # if it's encrypted, we need to unlock it - if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then - echo - echo "Setting up encrypted /home device" - plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome" - homedev=/dev/mapper/EncHome - fi - - # and finally do the mount - mount \$mountopts \$homedev /home - # if we have /home under what's passed for persistent home, then - # we should make that the real /home. useful for mtd device on olpc - if [ -d /home/home ]; then mount --bind /home/home /home ; fi - [ -x /sbin/restorecon ] && /sbin/restorecon /home - if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi -} - -findPersistentHome() { - for arg in \`cat /proc/cmdline\` ; do - if [ "\${arg##persistenthome=}" != "\${arg}" ]; then - homedev=\${arg##persistenthome=} - fi - done -} - -if strstr "\`cat /proc/cmdline\`" persistenthome= ; then - findPersistentHome -elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then - homedev=/run/initramfs/live/\${livedir}/home.img -fi - -# if we have a persistent /home, then we want to go ahead and mount it -if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then - action "Mounting persistent /home" mountPersistentHome -fi - -if [ -n "\$configdone" ]; then - exit 0 -fi - -# add liveuser user with no passwd -action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser -passwd -d liveuser > /dev/null -usermod -aG wheel liveuser > /dev/null - -# Remove root password lock -passwd -d root > /dev/null - -# turn off firstboot for livecd boots -systemctl --no-reload disable firstboot-text.service 2> /dev/null || : -systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || : -systemctl stop firstboot-text.service 2> /dev/null || : -systemctl stop firstboot-graphical.service 2> /dev/null || : - -# don't use prelink on a running live image -sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || : - -# turn off mdmonitor by default -systemctl --no-reload disable mdmonitor.service 2> /dev/null || : -systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || : -systemctl stop mdmonitor.service 2> /dev/null || : -systemctl stop mdmonitor-takeover.service 2> /dev/null || : - -# don't start cron/at as they tend to spawn things which are -# disk intensive that are painful on a live image -systemctl --no-reload disable crond.service 2> /dev/null || : -systemctl --no-reload disable atd.service 2> /dev/null || : -systemctl stop crond.service 2> /dev/null || : -systemctl stop atd.service 2> /dev/null || : - -# turn off abrtd on a live image -systemctl --no-reload disable abrtd.service 2> /dev/null || : -systemctl stop abrtd.service 2> /dev/null || : - -# Don't sync the system clock when running live (RHBZ #1018162) -sed -i 's/rtcsync//' /etc/chrony.conf - -# Mark things as configured -touch /.liveimg-configured - -# add static hostname to work around xauth bug -# https://bugzilla.redhat.com/show_bug.cgi?id=679486 -# the hostname must be something else than 'localhost' -# https://bugzilla.redhat.com/show_bug.cgi?id=1370222 -hostnamectl set-hostname "localhost-live" - -EOF - -# bah, hal starts way too late -cat > /etc/rc.d/init.d/livesys-late << EOF -#!/bin/bash -# -# live: Late init script for live image -# -# chkconfig: 345 99 01 -# description: Late init script for live image. - -. /etc/init.d/functions - -if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then - exit 0 -fi - -exists() { - which \$1 >/dev/null 2>&1 || return - \$* -} - -touch /.liveimg-late-configured - -# read some variables out of /proc/cmdline -for o in \`cat /proc/cmdline\` ; do - case \$o in - ks=*) - ks="--kickstart=\${o#ks=}" - ;; - xdriver=*) - xdriver="\${o#xdriver=}" - ;; - esac -done - -# if liveinst or textinst is given, start anaconda -if strstr "\`cat /proc/cmdline\`" liveinst ; then - plymouth --quit - /usr/sbin/liveinst \$ks -fi -if strstr "\`cat /proc/cmdline\`" textinst ; then - plymouth --quit - /usr/sbin/liveinst --text \$ks -fi - -# configure X, allowing user to override xdriver -if [ -n "\$xdriver" ]; then - cat > /etc/X11/xorg.conf.d/00-xdriver.conf <> /etc/rc.d/init.d/livesys << EOF - -# set up auto-login -cat > /etc/gdm/custom.conf << FOE -[daemon] -AutomaticLoginEnable=True -AutomaticLogin=liveuser -FOE - -# Make sure to set the right permissions and selinux contexts -chown -R liveuser:liveuser /home/liveuser/ -restorecon -R /home/liveuser/ - -EOF - -%end - %post --nochroot --logfile=/mnt/sysimage/opt/base-hypervisor.log # Load kernel modules by adding vfio, vfio_pci, vfio_iommu_type1, vfio_virqfd @@ -468,25 +227,9 @@ echo "vfio-pci" > /mnt/sysimage/etc/modules-load.d/vfio-pci.conf echo "vfio_iommu_type1" > /mnt/sysimage/etc/modules-load.d/vfio_iommu_type1.conf echo "vfio_virqfd" > /mnt/sysimage/etc/modules-load.d/vfio_virqfd.conf -mkdir /mnt/sysimage/var/lib/libvirt/iso # Create a directory to store iso images +mkdir /mnt/sysimage/var/lib/libvirt/image/iso # Create a directory to store iso images -wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory - -# fetch custom script and make it executable -wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/create-generic-vm-virtio-spice.sh -P /mnt/sysimage/usr/local/bin/ -chmod +x /mnt/sysimage/usr/local/bin/create-generic-vm-virtio-spice.sh - -# fetch custom script and make it executable -wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-server.sh -P /mnt/sysimage/usr/local/bin/ -chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-server.sh - -# fetch custom script and make it executable -wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-minimal-workstation.sh -P /mnt/sysimage/usr/local/bin/ -chmod +x /mnt/sysimage/usr/local/bin/deploy-minimal-workstation.sh - -# fetch custom script and make it executable -wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/deploy-phyllome-desktop.sh -P /mnt/sysimage/usr/local/bin/ -chmod +x /mnt/sysimage/usr/local/bin/deploy-phyllome-desktop.sh +wget https://boot.netboot.xyz/ipxe/netboot.xyz.iso -P /mnt/sysimage/var/lib/libvirt/image/iso/ # fetch netboot.xyz iso and store it to the newly created iso directory # fetch custom script and make it executable wget https://raw.githubusercontent.com/PhyllomeOS/phyllomeos/main/post-first-startup-scripts/virtualization-tweaks-root-needed.sh -P /mnt/sysimage/usr/local/bin/ @@ -495,41 +238,60 @@ chmod +x /mnt/sysimage/usr/local/bin/virtualization-tweaks-root-needed.sh %end %packages --exclude-weakdeps -@anaconda-tools -@x86-baremetal-tools +@core +@hardware-support NetworkManager-wifi aajohan-comfortaa-fonts -anaconda -anaconda-install-env-deps -anaconda-live -chkconfig dejavu-sans-mono-fonts dracut-live +fedora-remix-logos firefox +generic-logos +generic-release +generic-release-common +generic-release-notes glibc-all-langpacks gnome-backgrounds.noarch gnome-shell gnome-terminal +grub2-common.noarch +grub2-efi-ia32 +grub2-efi-x64 +grub2-efi-x64-cdboot +grub2-pc-modules.noarch +grub2-tools +grub2-tools-efi +grub2-tools-extra +grub2-tools-minimal +grubby guestfs-tools -initscripts kernel kernel-modules kernel-modules-extra libguestfs-tools +libusb libvirt libvirt-daemon-config-network libvirt-daemon-kvm +livesys-scripts mesa-dri-drivers mozilla-ublock-origin.noarch nano +neofetch +pciutils python3-libguestfs qemu-kvm +usbutils virt-install virt-manager virt-top +wget wpa_supplicant --device-mapper-multipath --fcoe-utils +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes -gnome-tour %end diff --git a/dishes/live-desktop.cfg b/dishes/live-desktop.cfg index d38260c..1a39bad 100644 --- a/dishes/live-desktop.cfg +++ b/dishes/live-desktop.cfg @@ -7,15 +7,21 @@ keyboard --xlayouts='ch (fr)' # System language lang en_US.UTF-8 # Network information -network --bootproto=dhcp --device=link --activate +network --bootproto=dhcp --device=link --hostname=phyllome-alpha --activate # Shutdown after installation shutdown +repo --name="fedora" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch +repo --name="updates" --mirrorlist=https://mirrors.fedoraproject.org/mirrorlist?repo=updates-released-f$releasever&arch=$basearch # Root password rootpw --iscrypted --lock locked # SELinux configuration -selinux --enforcing +selinux --disabled +# System services +services --disabled="sshd" --enabled="NetworkManager,systemd-resolved" # System timezone timezone Europe/Paris --utc +# Use network installation +url --mirrorlist="https://mirrors.fedoraproject.org/mirrorlist?repo=fedora-$releasever&arch=$basearch" # X Window System configuration information xconfig --defaultdesktop=GNOME --startxonboot # System bootloader configuration @@ -23,223 +29,16 @@ bootloader --location=none # Clear the Master Boot Record zerombr # Partition clearing information -clearpart --all +clearpart --all --initlabel +# Disk partitioning information +part / --fstype="ext4" --size=5120 +part / --size=7750 -%post --logfile=/root/bl.log +%post -# FIXME: it'd be better to get this installed from a package -cat > /etc/rc.d/init.d/livesys << EOF -#!/bin/bash -# -# live: Init script for live image -# -# chkconfig: 345 00 99 -# description: Init script for live image. -### BEGIN INIT INFO -# X-Start-Before: display-manager chronyd -### END INIT INFO - -. /etc/init.d/functions - -if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then - exit 0 -fi - -if [ -e /.liveimg-configured ] ; then - configdone=1 -fi - -exists() { - which \$1 >/dev/null 2>&1 || return - \$* -} - -livedir="LiveOS" -for arg in \`cat /proc/cmdline\` ; do - if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then - livedir=\${arg##rd.live.dir=} - continue - fi - if [ "\${arg##live_dir=}" != "\${arg}" ]; then - livedir=\${arg##live_dir=} - fi -done - -# enable swapfile if it exists -if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then - action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img -fi - -mountPersistentHome() { - # support label/uuid - if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then - homedev=\`/sbin/blkid -o device -t "\$homedev"\` - fi - - # if we're given a file rather than a blockdev, loopback it - if [ "\${homedev##mtd}" != "\${homedev}" ]; then - # mtd devs don't have a block device but get magic-mounted with -t jffs2 - mountopts="-t jffs2" - elif [ ! -b "\$homedev" ]; then - loopdev=\`losetup -f\` - if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then - action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live - fi - losetup \$loopdev \$homedev - homedev=\$loopdev - fi - - # if it's encrypted, we need to unlock it - if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then - echo - echo "Setting up encrypted /home device" - plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome" - homedev=/dev/mapper/EncHome - fi - - # and finally do the mount - mount \$mountopts \$homedev /home - # if we have /home under what's passed for persistent home, then - # we should make that the real /home. useful for mtd device on olpc - if [ -d /home/home ]; then mount --bind /home/home /home ; fi - [ -x /sbin/restorecon ] && /sbin/restorecon /home - if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi -} - -findPersistentHome() { - for arg in \`cat /proc/cmdline\` ; do - if [ "\${arg##persistenthome=}" != "\${arg}" ]; then - homedev=\${arg##persistenthome=} - fi - done -} - -if strstr "\`cat /proc/cmdline\`" persistenthome= ; then - findPersistentHome -elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then - homedev=/run/initramfs/live/\${livedir}/home.img -fi - -# if we have a persistent /home, then we want to go ahead and mount it -if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then - action "Mounting persistent /home" mountPersistentHome -fi - -if [ -n "\$configdone" ]; then - exit 0 -fi - -# add liveuser user with no passwd -action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser -passwd -d liveuser > /dev/null -usermod -aG wheel liveuser > /dev/null - -# Remove root password lock -passwd -d root > /dev/null - -# turn off firstboot for livecd boots -systemctl --no-reload disable firstboot-text.service 2> /dev/null || : -systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || : -systemctl stop firstboot-text.service 2> /dev/null || : -systemctl stop firstboot-graphical.service 2> /dev/null || : - -# don't use prelink on a running live image -sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || : - -# turn off mdmonitor by default -systemctl --no-reload disable mdmonitor.service 2> /dev/null || : -systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || : -systemctl stop mdmonitor.service 2> /dev/null || : -systemctl stop mdmonitor-takeover.service 2> /dev/null || : - -# don't start cron/at as they tend to spawn things which are -# disk intensive that are painful on a live image -systemctl --no-reload disable crond.service 2> /dev/null || : -systemctl --no-reload disable atd.service 2> /dev/null || : -systemctl stop crond.service 2> /dev/null || : -systemctl stop atd.service 2> /dev/null || : - -# turn off abrtd on a live image -systemctl --no-reload disable abrtd.service 2> /dev/null || : -systemctl stop abrtd.service 2> /dev/null || : - -# Don't sync the system clock when running live (RHBZ #1018162) -sed -i 's/rtcsync//' /etc/chrony.conf - -# Mark things as configured -touch /.liveimg-configured - -# add static hostname to work around xauth bug -# https://bugzilla.redhat.com/show_bug.cgi?id=679486 -# the hostname must be something else than 'localhost' -# https://bugzilla.redhat.com/show_bug.cgi?id=1370222 -hostnamectl set-hostname "localhost-live" - -EOF - -# bah, hal starts way too late -cat > /etc/rc.d/init.d/livesys-late << EOF -#!/bin/bash -# -# live: Late init script for live image -# -# chkconfig: 345 99 01 -# description: Late init script for live image. - -. /etc/init.d/functions - -if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then - exit 0 -fi - -exists() { - which \$1 >/dev/null 2>&1 || return - \$* -} - -touch /.liveimg-late-configured - -# read some variables out of /proc/cmdline -for o in \`cat /proc/cmdline\` ; do - case \$o in - ks=*) - ks="--kickstart=\${o#ks=}" - ;; - xdriver=*) - xdriver="\${o#xdriver=}" - ;; - esac -done - -# if liveinst or textinst is given, start anaconda -if strstr "\`cat /proc/cmdline\`" liveinst ; then - plymouth --quit - /usr/sbin/liveinst \$ks -fi -if strstr "\`cat /proc/cmdline\`" textinst ; then - plymouth --quit - /usr/sbin/liveinst --text \$ks -fi - -# configure X, allowing user to override xdriver -if [ -n "\$xdriver" ]; then - cat > /etc/X11/xorg.conf.d/00-xdriver.conf <> /etc/rc.d/init.d/livesys << EOF - -# # disable gnome-software automatically downloading updates -# cat >> /usr/share/glib-2.0/schemas/org.gnome.software.gschema.override << FOE -# [org.gnome.software] -# download-updates=false -# FOE -# -# # don't autostart gnome-software session service -# rm -f /etc/xdg/autostart/gnome-software-service.desktop - -# # disable the gnome-software shell search provider -# cat >> /usr/share/gnome-shell/search-providers/org.gnome.Software-search-provider.ini << FOE -# DefaultDisabled=true -# FOE - -# # don't run gnome-initial-setup -# mkdir ~liveuser/.config -# touch ~liveuser/.config/gnome-initial-setup-done - -# suppress anaconda spokes redundant with gnome-initial-setup -# cat >> /etc/sysconfig/anaconda << FOE -# [NetworkSpoke] -# visited=1 -# -# [PasswordSpoke] -# visited=1 -# -# [UserSpoke] -# visited=1 -# FOE - -## make the installer show up -#if [ -f /usr/share/applications/liveinst.desktop ]; then -# # Show harddisk install in shell dash -# sed -i -e 's/NoDisplay=true/NoDisplay=false/' /usr/share/applications/liveinst.desktop "" -# # need to move it to anaconda.desktop to make shell happy -# mv /usr/share/applications/liveinst.desktop /usr/share/applications/anaconda.desktop -# -# cat >> /usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override << FOE -# [org.gnome.shell] -# favorite-apps=['firefox.desktop', 'org.gnome.Calendar.desktop', 'rhythmbox.desktop', 'org.gnome.Photos.desktop', 'org.gnome.Nautilus.desktop', 'anaconda.desktop'] -# FOE -# -# # Make the welcome screen show up -# if [ -f /usr/share/anaconda/gnome/fedora-welcome.desktop ]; then -# mkdir -p ~liveuser/.config/autostart -# cp /usr/share/anaconda/gnome/fedora-welcome.desktop /usr/share/applications/ -# cp /usr/share/anaconda/gnome/fedora-welcome.desktop ~liveuser/.config/autostart/ -# fi -# -# # Disable GNOME welcome tour so it doesn't overlap with Fedora welcome screen -# cat >> /usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override << FOE -# welcome-dialog-last-shown-version='4294967295' -# FOE -# -# # Copy Anaconda branding in place -# if [ -d /usr/share/lorax/product/usr/share/anaconda ]; then -# cp -a /usr/share/lorax/product/* / -# fi -# fi - -# rebuild schema cache with any overrides we installed -# glib-compile-schemas /usr/share/glib-2.0/schemas - -# set up auto-login -cat > /etc/gdm/custom.conf << FOE -[daemon] -AutomaticLoginEnable=True -AutomaticLogin=liveuser -FOE - -# Turn off PackageKit-command-not-found while uninstalled -# if [ -f /etc/PackageKit/CommandNotFound.conf ]; then -# sed -i -e 's/^SoftwareSourceSearch=true/SoftwareSourceSearch=false/' /etc/PackageKit/CommandNotFound.conf -# fi - -# make sure to set the right permissions and selinux contexts -chown -R liveuser:liveuser /home/liveuser/ -restorecon -R /home/liveuser/ - -EOF - -%end - %packages --exclude-weakdeps -@anaconda-tools -@x86-baremetal-tools +@core +@hardware-support NetworkManager-wifi aajohan-comfortaa-fonts -anaconda -anaconda-install-env-deps -anaconda-live -chkconfig dejavu-sans-mono-fonts dracut-live +fedora-remix-logos firefox +generic-logos +generic-release +generic-release-common +generic-release-notes glibc-all-langpacks gnome-backgrounds.noarch gnome-shell gnome-terminal -initscripts +grub2-common.noarch +grub2-efi-ia32 +grub2-efi-x64 +grub2-efi-x64-cdboot +grub2-pc-modules.noarch +grub2-tools +grub2-tools-efi +grub2-tools-extra +grub2-tools-minimal +grubby kernel kernel-modules kernel-modules-extra +libusb +livesys-scripts mesa-dri-drivers mozilla-ublock-origin.noarch nano +neofetch +pciutils +usbutils +wget wpa_supplicant --device-mapper-multipath --fcoe-utils +-fedora-logos +-fedora-release +-fedora-release-common +-fedora-release-identity-basic +-fedora-release-notes -gnome-tour %end diff --git a/ingredients/base-live.cfg b/ingredients/base-live.cfg index 871b100..908a205 100644 --- a/ingredients/base-live.cfg +++ b/ingredients/base-live.cfg @@ -7,361 +7,77 @@ # What ? This kickstart file provides a basic block to build a minimal, live system -# text # Perform installation in text mode - -keyboard --xlayouts='ch (fr)' # set keyboard layouts for Romandie +keyboard --xlayouts='ch (fr)' # set keyboard layouts for Romandy lang en_US.UTF-8 # Set system language to American English. More languages could be supported: --addsupport=cs_CZ,de_DE,en_UK timezone Europe/Paris --utc # Set system timezone to Paris -selinux --enforcing # Make sure SELinux is in enforced mode -firewall --enabled --service=mdns -# selinux --enforcing -# firewall --enabled --service=mdns +rootpw --lock --iscrypted locked # Lock the root account -# xconfig --startxonboot +selinux --disabled # Make sure SELinux is disabled / Other option: --enforcing +firewall --enabled --service=mdns# Make sure the firewall is enabled +services --enabled=NetworkManager,systemd-resolved --disabled=sshd +network --onboot=yes --bootproto=dhcp --device=link --activate --hostname=phyllome-alpha # Configure network interfaces and set hostname. "link" selects the first device reaching an up state -zerombr -clearpart --all -# part / --size 5120 -# bootloader --timeout=2 - -# services --enabled=NetworkManager --disabled=sshd -# network --bootproto=dhcp --device=link --activate --hostname=phyllome -# -# rootpw --lock --iscrypted locked -# -# # shutdown +zerombr # WARNING : Dangerous command ! Will clear the Master Boot Record +clearpart --all --initlabel # Partition clearing information. This setup uses GPT by default. +bootloader --location=none # Set the GNU GRUB bootloader +part / --fstype="ext4" --size=5120 # Create a root partition of around 7GB -# zerombr -# clearpart --all -# part / --size 5120 --fstype ext4 -# services --enabled=NetworkManager,ModemManager --disabled=sshd -network --bootproto=dhcp --device=link --activate -rootpw --lock --iscrypted locked -shutdown +%packages # Beginning of the package section. Does not include weak dependencies. -# -# %packages # Beginning of the packages section. -# -# # Explicitly specified here: -# # walters: because otherwise dependency loops cause yum issues. -# kernel -# kernel-modules -# kernel-modules-extra -# -# # This was added a while ago, I think it falls into the category of -# # "Diagnosis/recovery tool useful from a Live OS image". Leaving this untouched -# # for now. -# #memtest86+ -# #@x86-baremetal-tools # memtest86+ is included -# -# # The point of a live image is to install -# # anaconda -# # anaconda-install-env-deps -# # anaconda-live -# # @anaconda-tools -# # Anaconda has a weak dep on this and we don't want it on livecds, see -# # https://fedoraproject.org/wiki/Changes/RemoveDeviceMapperMultipathFromWorkstationLiveCD -# # -fcoe-utils -# # -device-mapper-multipath -# -# # Need aajohan-comfortaa-fonts for the SVG rnotes images -# # aajohan-comfortaa-fonts -# -# # Without this, initramfs generation during live image creation fails: #1242586 -# dracut-live -# dracut-config-generic # add that as sugested here : https://www.brianlane.com/post/creating-live-isos-with-livemedia-creator/ -# -# # For UEFI-boot, see https://github.com/weldr/lorax/blob/master/docs/fedora-livemedia.ks -# shim -# shim-ia32 -# grub2 -# grub2-efi -# grub2-efi-*-cdboot -# grub2-efi-ia32 -# efibootmgr -# -# # syslinux is in @x86-baremetal-tools -# -# # anaconda needs the locales available to run for different locales -# glibc-all-langpacks -# -# # no longer in @core since 2018-10, but needed for livesys script -# initscripts -# chkconfig -# -# @core # minimal installation -# pciutils # Pciutils provides lspci commandline tool and is not installed by default -# # initial-setup # Install the initial setup package. For the GUI version, use initial-setup-gui instead. -# qemu-guest-agent # "QEMU guest agent" -# spice-vdagent # "Agent for Spice guests" -# -fedora-logos # Fedora logos -# -fedora-release # Fedora release-notes -# -fedora-release-notes -# -fedora-release-common # Fedora release files -# -fedora-release-identity-basic # ??? -# fedora-remix-logos # Install Fedora remix logos -# generic-release -# generic-logos -# generic-release-common # "Generic release files" -# generic-release-notes # "Release Notes" +@core # minimal installation +@hardware-support # Provides extended hardware support, and especially extra wireless drivers +pciutils # Pciutils provides lspci commandline tool, which is not installed by default +libusb # add usb library (otherwise, USB 3.0 controllers seem to not work) +usbutils # add lsusb utility +wget # "The non-interactive network downloader. " Used to fetch files during installation +neofetch # a simple tool to show hardware-related informations inside a terminal +nano # The nano text editor +-fedora-logos # Remove Fedora logos to comply with [Fedora Remix legal guidelines](https://fedoraproject.org/wiki/Remix) +-fedora-release # Remove Fedora release-notes +-fedora-release-notes # Remove Fedora release-notes +-fedora-release-common # Remove Fedora release files +-fedora-release-identity-basic # ??? +fedora-remix-logos # Add Fedora Remix logos +generic-release # Add Fedora Remix logos +generic-logos # Add Fedora Remix logos +generic-release-common # "Generic release files" +generic-release-notes # "Release Notes" +grub2-common.noarch +grub2-efi-ia32 +grub2-efi-x64 +grub2-efi-x64-cdboot +grub2-pc-modules.noarch +grub2-tools +grub2-tools-efi +grub2-tools-extra +grub2-tools-minimal +grubby -# %end # End of the packages section - -%packages # Explicitly specified here: # walters: because otherwise dependency loops cause yum issues. kernel kernel-modules kernel-modules-extra -# This was added a while ago, I think it falls into the category of -# "Diagnosis/recovery tool useful from a Live OS image". Leaving this untouched -# for now. -#memtest86+ -@x86-baremetal-tools # memtest86+ is included - -# The point of a live image is to install -anaconda -anaconda-install-env-deps -anaconda-live -@anaconda-tools -# Anaconda has a weak dep on this and we don't want it on livecds, see -# https://fedoraproject.org/wiki/Changes/RemoveDeviceMapperMultipathFromWorkstationLiveCD --fcoe-utils --device-mapper-multipath - # Need aajohan-comfortaa-fonts for the SVG rnotes images aajohan-comfortaa-fonts # Without this, initramfs generation during live image creation fails: #1242586 dracut-live -# syslinux is in @x86-baremetal-tools # anaconda needs the locales available to run for different locales glibc-all-langpacks -# no longer in @core since 2018-10, but needed for livesys script -initscripts -chkconfig +# provide the livesys scripts +livesys-scripts +%end -%end # End of the packages section +%post -%post --log=/root/bl.log # Beginning of the post-installation section. Add logging. - -# FIXME: it'd be better to get this installed from a package -cat > /etc/rc.d/init.d/livesys << EOF -#!/bin/bash -# -# live: Init script for live image -# -# chkconfig: 345 00 99 -# description: Init script for live image. -### BEGIN INIT INFO -# X-Start-Before: display-manager chronyd -### END INIT INFO - -. /etc/init.d/functions - -if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then - exit 0 -fi - -if [ -e /.liveimg-configured ] ; then - configdone=1 -fi - -exists() { - which \$1 >/dev/null 2>&1 || return - \$* -} - -livedir="LiveOS" -for arg in \`cat /proc/cmdline\` ; do - if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then - livedir=\${arg##rd.live.dir=} - continue - fi - if [ "\${arg##live_dir=}" != "\${arg}" ]; then - livedir=\${arg##live_dir=} - fi -done - -# enable swapfile if it exists -if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then - action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img -fi - -mountPersistentHome() { - # support label/uuid - if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then - homedev=\`/sbin/blkid -o device -t "\$homedev"\` - fi - - # if we're given a file rather than a blockdev, loopback it - if [ "\${homedev##mtd}" != "\${homedev}" ]; then - # mtd devs don't have a block device but get magic-mounted with -t jffs2 - mountopts="-t jffs2" - elif [ ! -b "\$homedev" ]; then - loopdev=\`losetup -f\` - if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then - action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live - fi - losetup \$loopdev \$homedev - homedev=\$loopdev - fi - - # if it's encrypted, we need to unlock it - if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then - echo - echo "Setting up encrypted /home device" - plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome" - homedev=/dev/mapper/EncHome - fi - - # and finally do the mount - mount \$mountopts \$homedev /home - # if we have /home under what's passed for persistent home, then - # we should make that the real /home. useful for mtd device on olpc - if [ -d /home/home ]; then mount --bind /home/home /home ; fi - [ -x /sbin/restorecon ] && /sbin/restorecon /home - if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi -} - -findPersistentHome() { - for arg in \`cat /proc/cmdline\` ; do - if [ "\${arg##persistenthome=}" != "\${arg}" ]; then - homedev=\${arg##persistenthome=} - fi - done -} - -if strstr "\`cat /proc/cmdline\`" persistenthome= ; then - findPersistentHome -elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then - homedev=/run/initramfs/live/\${livedir}/home.img -fi - -# if we have a persistent /home, then we want to go ahead and mount it -if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then - action "Mounting persistent /home" mountPersistentHome -fi - -if [ -n "\$configdone" ]; then - exit 0 -fi - -# add liveuser user with no passwd -action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser -passwd -d liveuser > /dev/null -usermod -aG wheel liveuser > /dev/null - -# Remove root password lock -passwd -d root > /dev/null - -# turn off firstboot for livecd boots -systemctl --no-reload disable firstboot-text.service 2> /dev/null || : -systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || : -systemctl stop firstboot-text.service 2> /dev/null || : -systemctl stop firstboot-graphical.service 2> /dev/null || : - -# don't use prelink on a running live image -sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || : - -# turn off mdmonitor by default -systemctl --no-reload disable mdmonitor.service 2> /dev/null || : -systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || : -systemctl stop mdmonitor.service 2> /dev/null || : -systemctl stop mdmonitor-takeover.service 2> /dev/null || : - -# don't start cron/at as they tend to spawn things which are -# disk intensive that are painful on a live image -systemctl --no-reload disable crond.service 2> /dev/null || : -systemctl --no-reload disable atd.service 2> /dev/null || : -systemctl stop crond.service 2> /dev/null || : -systemctl stop atd.service 2> /dev/null || : - -# turn off abrtd on a live image -systemctl --no-reload disable abrtd.service 2> /dev/null || : -systemctl stop abrtd.service 2> /dev/null || : - -# Don't sync the system clock when running live (RHBZ #1018162) -sed -i 's/rtcsync//' /etc/chrony.conf - -# Mark things as configured -touch /.liveimg-configured - -# add static hostname to work around xauth bug -# https://bugzilla.redhat.com/show_bug.cgi?id=679486 -# the hostname must be something else than 'localhost' -# https://bugzilla.redhat.com/show_bug.cgi?id=1370222 -hostnamectl set-hostname "localhost-live" - -EOF - -# bah, hal starts way too late -cat > /etc/rc.d/init.d/livesys-late << EOF -#!/bin/bash -# -# live: Late init script for live image -# -# chkconfig: 345 99 01 -# description: Late init script for live image. - -. /etc/init.d/functions - -if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then - exit 0 -fi - -exists() { - which \$1 >/dev/null 2>&1 || return - \$* -} - -touch /.liveimg-late-configured - -# read some variables out of /proc/cmdline -for o in \`cat /proc/cmdline\` ; do - case \$o in - ks=*) - ks="--kickstart=\${o#ks=}" - ;; - xdriver=*) - xdriver="\${o#xdriver=}" - ;; - esac -done - -# if liveinst or textinst is given, start anaconda -if strstr "\`cat /proc/cmdline\`" liveinst ; then - plymouth --quit - /usr/sbin/liveinst \$ks -fi -if strstr "\`cat /proc/cmdline\`" textinst ; then - plymouth --quit - /usr/sbin/liveinst --text \$ks -fi - -# configure X, allowing user to override xdriver -if [ -n "\$xdriver" ]; then - cat > /etc/X11/xorg.conf.d/00-xdriver.conf <