forked from blalor/ami-creator
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ks-centos6.cfg
98 lines (80 loc) · 2.49 KB
/
ks-centos6.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
lang en_US.UTF-8
keyboard us
timezone --utc UTC
authconfig --enableshadow --passalgo=sha512
selinux --disabled
firewall --disabled
firstboot --disabled
## selinux=0 required to log in via ssh; something missing in this config, I'm
## sure, but I hate/don't understand selinux, so disabling with a vengance.
## modifying /etc/sysconfig/selinux in %post below *should* do the trick, but it
## isn't. punting.
## "xen_blkfront.sda_is_xvda=1" -- https://bugzilla.redhat.com/show_bug.cgi?id=729586
## remainder stolen from bashton
## dracut options: http://fedoraproject.org/wiki/Dracut/Options
bootloader --timeout=1 --append="xen_blkfront.sda_is_xvda=1 selinux=0 rd_NO_LUKS rd_NO_LVM rd_NO_DM rd_NO_MD LANG=en_US.UTF-8 KEYTABLE=us SYSFONT=latarcyrheb-sun16 console=hvc0 crashkernel=auto"
network --bootproto=dhcp --device=eth0 --onboot=on
services --enabled=network,sshd,cloud-init
# Uncomment the next line to make the root password be password
# By default the root password is locked
#rootpw password
#rootpw --lock
#
# Define how large you want your rootfs to be
# NOTE: S3-backed AMIs have a limit of 10G
#
# fs label is not used for the root fs! if you need to refer to the label, use
# "_root".
part / --size 768 --fstype ext4
#
# Repositories
repo --name=CentOS6-Base --mirrorlist=http://mirrorlist.centos.org/?release=6&arch=$basearch&repo=os
repo --name=CentOS6-Updates --mirrorlist=http://mirrorlist.centos.org/?release=6&arch=$basearch&repo=updates
#repo --name=EPEL --baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch/
repo --name=EPEL --baseurl=http://mirror.pnl.gov/epel/6/$basearch/
#
#
# Add all the packages after the base packages
#
%packages --nobase --instLangs=en
@core
audit
pciutils
bash
coreutils
kernel-xen
grub
e2fsprogs
passwd
policycoreutils
chkconfig
rootfiles
yum
vim-minimal
acpid
openssh-clients
openssh-server
curl
epel-release
cloud-init
sudo
#Allow for dhcp access
dhclient
iputils
%end
# set up ec2-user
%post --erroronfail
set -e
set -x
set -u
/usr/sbin/useradd ec2-user
echo 'ec2-user ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
## hrm, even with "selinux --disabled" above, selinux still appears to be enabled!
## relevant? https://bugzilla.redhat.com/show_bug.cgi?id=690279
sed -i -e 's#^SELINUX=.*$#SELINUX=disabled#' /etc/sysconfig/selinux
## only one console needed (if that…)
sed -i -e 's#^ACTIVE_CONSOLES=.*$#ACTIVE_CONSOLES=/dev/tty1#' /etc/sysconfig/init
## this could help diagnostics later
sed -i -e 's#^BOOTUP=.*$#BOOTUP=verbose#' /etc/sysconfig/init
yum clean all
%end