From c66617d38008f962912aa433d17127fdc9bd1588 Mon Sep 17 00:00:00 2001
From: Louis Abel <label@rockylinux.org>
Date: Thu, 1 Sep 2022 02:35:44 -0700
Subject: [PATCH] clean up azure kickstart

---
 Rocky-9-Azure.ks | 231 ++++++++++++++++-------------------------------
 1 file changed, 79 insertions(+), 152 deletions(-)

diff --git a/Rocky-9-Azure.ks b/Rocky-9-Azure.ks
index 5a12227..996e91b 100644
--- a/Rocky-9-Azure.ks
+++ b/Rocky-9-Azure.ks
@@ -1,54 +1,87 @@
 text
-
-auth --enableshadow --passalgo=sha512
-shutdown
-firewall --enabled --service=ssh
-firstboot --disable
-ignoredisk --only-use=vda
-keyboard us
-# System language
 lang en_US.UTF-8
-# Network information
-network  --bootproto=dhcp --device=link --activate --onboot=on
-network  --hostname=localhost.localdomain
-# Root password
-rootpw --iscrypted thereisnopasswordanditslocked
-selinux --enforcing
-services --disabled="kdump" --enabled="NetworkManager,sshd,rsyslog,chronyd,cloud-init,cloud-init-local,cloud-config,cloud-final,rngd"
+keyboard us
 timezone UTC --utc
 # Disk
-bootloader --append="rootdelay=300 console=ttyS0 earlyprintk=ttyS0  no_timer_check crashkernel=auto net.ifnames=0" --location=mbr --timeout=1 --boot-drive=vda
+bootloader --append="rootdelay=300 console=ttyS0 earlyprintk=ttyS0  no_timer_check crashkernel=auto net.ifnames=0" --location=mbr --timeout=1
+auth --enableshadow --passalgo=sha512
+selinux --enforcing
+firewall --enabled --service=ssh
+firstboot --disable
+# Network information
+network  --bootproto=dhcp --device=link --activate --onboot=on
+# Root password
+services --disabled="kdump" --enabled="NetworkManager,sshd,rsyslog,chronyd,cloud-init,cloud-init-local,cloud-config,cloud-final,rngd,waagent"
+rootpw --iscrypted thereisnopasswordanditslocked
+
+# Partition Stuff
 zerombr
 clearpart --all --initlabel 
-part /boot --fstype xfs --size 1024 --asprimary --ondisk vda
-part /boot/efi --fstype vfat --size 512 --asprimary --ondisk vda
 reqpart
-part / --fstype="xfs" --ondisk=vda --maxsize=3000 --grow
+part / --fstype="xfs" --mkfsoptions "-m bigtime=0,inobtcount=0" --ondisk=vda --size=3000
+shutdown
 
+%packages
+@core
+rocky-release
+kernel
+yum-utils
+-aic94xx-firmware
+-alsa-firmware
+-alsa-lib
+-alsa-tools-firmware
+-ivtv-firmware
+-iwl1000-firmware
+-iwl100-firmware
+-iwl105-firmware
+-iwl135-firmware
+-iwl2000-firmware
+-iwl2030-firmware
+-iwl3160-firmware
+-iwl3945-firmware
+-iwl4965-firmware
+-iwl5000-firmware
+-iwl5150-firmware
+-iwl6000-firmware
+-iwl6000g2a-firmware
+-iwl6000g2b-firmware
+-iwl6050-firmware
+-iwl7260-firmware
+-libertas-sd8686-firmware
+-libertas-sd8787-firmware
+-libertas-usb8388-firmware
+
+cloud-init
+cloud-utils-growpart
+gdisk
+dracut-config-generic
+grub2
+firewalld
+
+# some stuff that's missing from core or explicitly setting
+tar
+rsync
+dhcp-client
+NetworkManager
+rng-tools
+dnf-utils
+chrony
+WALinuxAgent
+hyperv-daemons
+
+-biosdevname
+-plymouth
+-iprutils
+-langpacks-*
+-langpacks-en
+-qemu-guest-agent
+%end
 
 %post --erroronfail
 passwd -d root
 passwd -l root
 
-###
 # Common Cloud Tweaks
-###
-
-# pvgrub support
-echo -n "Creating grub.conf for pvgrub"
-rootuuid=$( awk '$2=="/" { print $1 };'  /etc/fstab )
-mkdir /boot/grub
-echo -e 'default=0\ntimeout=0\n\n' > /boot/grub/grub.conf
-for kv in $( ls -1v /boot/vmlinuz* |grep -v rescue |sed s/.*vmlinuz-//  ); do
-  echo "title Rocky Linux 8 ($kv)" >> /boot/grub/grub.conf
-  echo -e "\troot (hd0)" >> /boot/grub/grub.conf
-  echo -e "\tkernel /boot/vmlinuz-$kv ro root=$rootuuid console=hvc0 LANG=en_US.UTF-8" >> /boot/grub/grub.conf
-  echo -e "\tinitrd /boot/initramfs-$kv.img" >> /boot/grub/grub.conf
-  echo
-done
-ln -sf grub.conf /boot/grub/menu.lst
-ln -sf /boot/grub/grub.conf /etc/grub.conf
-
 # setup systemd to boot to the right runlevel
 rm -f /etc/systemd/system/default.target
 ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
@@ -66,42 +99,19 @@ NAutoVTs=0' /etc/systemd/logind.conf
 
 echo "virtual-guest" > /etc/tuned/active_profile
 
-###
-# Networking Changes
-###
-
-# For cloud images, 'eth0' _is_ the predictable device name, since
-# we don't want to be tied to specific virtual (!) hardware
-#rm -f /etc/udev/rules.d/70*
-#ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
-
-# simple eth0 config, again not hard-coded to the build hardware
-#cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
-#DEVICE=eth0
-#ONBOOT=yes
-#BOOTPROTO=dhcp
-#TYPE=Ethernet
-#USERCTL=no
-#PEERDNS=yes
-#IPV6INIT=no
-#NM_CONTROLLED=yes
-#IPV4_DHCP_TIMEOUT=300
-#EOF
-
 cat << EOF | tee -a /etc/NetworkManager/conf.d/dhcp-timeout.conf
 # Configure dhcp timeout to 300s by default
 [connection]
 ipv4.dhcp-timeout=300
 EOF
 
-
 cat > /etc/sysconfig/network << EOF
 NETWORKING=yes
 NOZEROCONF=yes
 EOF
 
 # Remove build-time resolvers to fix #16948
-echo > /etc/resolv.conf
+truncate -s 0 /etc/resolv.conf
 
 # generic localhost names
 cat > /etc/hosts << EOF
@@ -111,26 +121,11 @@ cat > /etc/hosts << EOF
 EOF
 echo .
 
-
-###
-# Services
-###
-
-systemctl mask tmp.mount
-
-###
-# azure
-###
-# Setup WALinux Agent
-dnf -y install WALinuxAgent
-systemctl enable waagent
-
+# azure settings
 # Configure waagent for cloud-init
 sed -i 's/Provisioning.UseCloudInit=n/Provisioning.UseCloudInit=y/g' /etc/waagent.conf
 sed -i 's/Provisioning.Enabled=y/Provisioning.Enabled=n/g' /etc/waagent.conf
 
-
-
 # Azure: handle sr-iov and networkmanaeger
 cat << EOF | tee -a /etc/udev/rules.d/68-azure-sriov-nm-unmanaged.rules
 # Accelerated Networking on Azure exposes a new SRIOV interface to the VM.
@@ -169,10 +164,7 @@ reporting:
     type: hyperv
 EOF
 
-###
 # Kernel and Drivers
-###
-
 # Add drivers when building in VMWare, Vbox, or KVM (KVM)
 cat << EOF | tee -a /etc/dracut.conf.d/80-azure.conf
 add_drivers+=" hv_vmbus hv_netvsc hv_storvsc "
@@ -193,30 +185,25 @@ EOL
 echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
 
 # rocky cloud user
-echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
 sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
+echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
+
+# this shouldn't be the case, but we'll do it anyway
+sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/product-id.conf
+sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/subscription-manager.conf
 
 dnf clean all
+truncate -c -s 0 /var/log/dnf.log
 
 # XXX instance type markers - MUST match Rocky Infra expectation
 echo 'azure' > /etc/yum/vars/infra
 
-# change dhcp client retry/timeouts to resolve #6866
-
-
-###
-# Cleanup
-###
-
-###
 # Azure Cleanup
-###
 sudo rm -f /var/log/waagent.log
 sudo cloud-init clean
 waagent -force -deprovision+user
 
-
-# Commont cleanup
+# Common cleanup
 rm -f ~/.bash_history
 export HISTSIZE=0
 
@@ -241,64 +228,4 @@ true
 
 %end
 
-%packages
-@core
-chrony
-dnf
-yum
-cloud-init
-cloud-utils-growpart
-NetworkManager
-dracut-config-generic
-firewalld
-gdisk
-grub2
-kernel
-nfs-utils
-rsync
-tar
-dnf-utils
-yum-utils
--aic94xx-firmware
--alsa-firmware
--alsa-lib
--alsa-tools-firmware
--ivtv-firmware
--iwl100-firmware
--iwl1000-firmware
--iwl105-firmware
--iwl135-firmware
--iwl2000-firmware
--iwl2030-firmware
--iwl3160-firmware
--iwl3945-firmware
--iwl4965-firmware
--iwl5000-firmware
--iwl5150-firmware
--iwl6000-firmware
--iwl6000g2a-firmware
--iwl6000g2b-firmware
--iwl6050-firmware
--iwl7260-firmware
--libertas-sd8686-firmware
--libertas-sd8787-firmware
--libertas-usb8388-firmware
--biosdevname
--iprutils
--plymouth
 
-python3-jsonschema
-qemu-guest-agent
-dhcp-client
-cockpit-ws
-cockpit-system
--langpacks-*
--langpacks-en
-
-rocky-release
-rng-tools
-
-WALinuxAgent
-hyperv-daemons
-
-%end