Compare commits

..

52 Commits

Author SHA1 Message Date
lumarel
34bd176f2d
Add VMware Vagrant kickstart 2022-07-24 00:22:14 +02:00
dd9d73a0f8
Add UEFI partitions for generic cloud 2022-07-21 10:46:27 -04:00
b2f0118066
fix workstation lite welcome tour 2022-07-12 13:06:52 -07:00
e51f7bb0f7
fix XFCE still 2022-07-11 18:39:16 -07:00
3ea2667cef
try to fix xfce 2022-07-11 18:22:20 -07:00
405cfdb912
remove unsigned him and fix grubby 2022-07-11 16:40:55 -07:00
90157c1fac
add some EFI stuff for live 2022-07-11 16:30:57 -07:00
2f9f4fd64a
fix readme 2022-07-11 15:49:54 -07:00
7c1dc22cfc
fix dialog 2022-07-11 09:09:49 -07:00
cb7f32affc
add initial mate kickstarts 2022-07-08 14:16:01 -07:00
fbcd5f424d
Fixes for azure on el9 2022-07-08 15:50:36 -04:00
9e9e16aaa7
change to --utc 2022-07-08 15:44:09 -04:00
e7d64d75b2
Add azure kickstart to this repo 2022-07-08 15:24:28 -04:00
cde7be8a93
Change 9.0 to just 9 and add peridot repos
To reduce commits (every 6 months), this change makes it so "9" is the
absolute default location as it should be symlinked to the latest in
either staging or prod. With that being said, peridot repositories are
also provided for automation purposes but also at the convenience of the
user if they so choose to use those repos instead.

And the readme was updated a bit.
2022-07-05 20:49:59 -07:00
fad38825c7
These don't actually work, despite giving a warning to use them in anaconda 2022-07-04 20:21:35 -04:00
34ff9d485f
Revert "test rearranging the arguments"
This reverts commit bd06f33d71.
2022-07-04 20:20:49 -04:00
bd06f33d71
test rearranging the arguments 2022-07-04 20:16:18 -04:00
dd8f897fa9
grow genclo disk, reqpart on vagrant 2022-07-04 18:01:25 -04:00
bb9888a73a
fix deprecation notices for real this time 2022-07-04 17:50:46 -04:00
ae8788fa91
Apparently that's not the right option.. 2022-07-04 17:46:41 -04:00
a8c3556bc4
Fixup deprecations in kickstarts 2022-07-04 17:41:15 -04:00
eb59b5651a
fix kickstarts 2022-07-04 17:35:11 -04:00
d61b6a1b26
No dracut-norescue in 9 2022-07-03 21:50:07 -04:00
Louis Abel
1d39aa6ff2
Fix README 2022-06-29 19:35:18 -07:00
Louis Abel
41e1d78dee
fix up kickstarts 2022-06-29 19:31:05 -07:00
nazunalika
5c668d21b7
start r9 live kickstarts 2022-05-26 09:48:43 -07:00
nazunalika
225ede7fc5
lightdm will be available in EPEL 2022-05-15 19:55:42 -07:00
nazunalika
998a1ead36
remove breeze on xfce 2022-05-15 11:17:53 -07:00
nazunalika
02d4ef974a
remove extraneous posts 2022-05-15 10:34:12 -07:00
nazunalika
50ae667781
add sddm themes 2022-05-15 10:19:26 -07:00
nazunalika
78b5936463
fix up ks 2022-05-15 08:47:38 -07:00
nazunalika
ad67199c3e
fix up ks 2022-05-15 08:43:03 -07:00
nazunalika
8cf1ca32bb
hostname shouldn't be localhost 2022-05-15 01:43:21 -07:00
nazunalika
d111a30da0
patches are in anaconda now 2022-05-12 13:43:58 -07:00
nazunalika
a6b0c4912a
update to 8.6 2022-05-10 07:28:59 -07:00
nazunalika
888b882668
Add XDG 2022-02-28 12:58:44 -07:00
nazunalika
a93ba16ed8
fix up the xfce background 2021-11-14 16:16:24 -07:00
b1c99d8584
Use staging repos for image builds 2021-11-14 12:48:01 -05:00
nazunalika
1d57465221
XFCE needs a default background 2021-11-13 15:43:54 -07:00
nazunalika
c544e9bca7
remove auth from the kickstarts 2021-11-13 15:29:28 -07:00
nazunalika
6d1ffb5136
Add mainline kernel kickstart 2021-11-10 13:23:14 -07:00
nazunalika
8ea740d0ce
8.5 2021-11-10 11:39:40 -07:00
f7850ec5d8
Remember to always stay positive 2021-10-27 17:37:18 -04:00
de40f77ca0
a \ 2021-10-27 17:26:14 -04:00
bc9779cca4
Cleanup container image even more 2021-10-27 15:30:06 -04:00
4b670a9ad2
swap dracut for kexec-tools 2021-10-26 19:55:24 -04:00
cfc4a16b1a
exclude dracut 2021-10-26 17:08:26 -04:00
25b7bd31d5
skip kexec tools 2021-10-26 16:24:20 -04:00
701c2785b8
Update container image to build w/o ISO 2021-10-20 15:16:27 -04:00
nazunalika
9936c1728e
make lite images 2021-10-06 21:23:38 -07:00
nazunalika
837ae26098
Flatten kickstarts 2021-07-02 16:21:36 -07:00
nazunalika
e8cc11b128
add r8 branch 2021-07-02 16:17:10 -07:00
73 changed files with 9795 additions and 16 deletions

View File

@ -1,22 +1,71 @@
**Note**: This repository is mirrored at the [RESF Git Service](https://git.resf.org/sig_core/kickstarts)
and [Rocky Linux GitHub](https://github.com/rocky-linux/kickstarts)
# R9 specific kickstarts
This is the kickstarts repository for Rocky Linux. These kickstarts help us
make a variety of images, such as:
This branch has Rocky Linux 9 specific kickstarts. These kickstarts vary
between cloud images and live images provided in our repositories and
mirrors.
* Live images (eg GNOME/Workstation, XFCE, KDE)
* Cloud Images (eg EC2, GenericCloud for OpenStack, Azure)
* Various container images
## Structure
Each major version gets their own separate branch or branches, depending on the
nature of the images and where development is for Rocky Linux.
In the root of the repository are the general kickstarts in use that any
user can pick up, use, or modify to their liking to make their own Rocky
Linux live images. For those who are curious, in the `live` directory are
the split parts that make the live kickstarts what they are, which you can
use `ksflatten` on if you so choose.
If you find that there is an error with a kickstart, there are problems with
the images produced from these kickstarts, or you have suggestions to fix
them, please open an issue. You can open an issue or PR at both the
[RESF Git Service](https://git.resf.org/sig_core/kickstarts) or at our
[GitHub Organization](https://github.com/rocky-linux/kickstarts)
For SIG/Core's usage, we use the `live` area as a "working" directory,
where we use the split parts in our automation for the images and the
pre-flattened versions are there for the convenience of all users.
When opening a PR, please ensure it is against the correct branch.
## Building Live Images
-Release Engineering
To build live images, you will need to use `livecd-creator` or
`livemedia-creator`. The former is simpler to use and generally works without
many issues. The latter can be a bit more tricky to work with and typically
runs the installer virtually. However, it can be used without a virtual machine
like in a mock shell.
Optionally, it is possible to use `empanadas` found in the SIG/Core toolkit.
### Automatic: Using empanadas
To be filled.
### Manual: Using livemedia-creator
To use livemedia-creator without using virt, you can use a mock shell. To
setup a mock chroot for the purpose of building a live image, you would
set it up like so:
```
# Install mock if you haven't already
% dnf install epel-release -y
% dnf install mock -y
# Add a user to the mock group
% usermod -a -G mock user
# As the user, setup the mock environment
% mock -r rocky-9-x86_64 --init
% mock -r rocky-9-x86_64 --install lorax-lmc-novirt vim-minimal pykickstart git
# You may need to be in permissive mode temporarily if you have issues
% setenforce 0
# Enter the shell
% mock -r rocky-9-x86_64 --shell --isolation=simple --enable-network
# Clone the kickstarts and run an installation
% git clone https://github.com/rocky-linux/kickstarts
% cd kickstarts
% livemedia-creator --ks Rocky-9-Workstation.ks \
--no-virt \
--resultdir /var/lmc \
--project="Rocky Linux" \
--make-iso \
--volid Rocky-Workstation-9 \
--iso-only \
--iso-name Rocky-Workstation-9-x86_64.iso \
--releasever=9 \
--nomacboot # This option is important to set, mkfs.hfsplus is not available
```
With the example above, all of the results will appear in
`/var/lib/mock/rocky-9-x86_64/root/var/lmc`.

304
Rocky-9-Azure.ks Normal file
View File

@ -0,0 +1,304 @@
text
auth --enableshadow --passalgo=sha512
shutdown
firewall --enabled --service=ssh
firstboot --disable
ignoredisk --only-use=vda
keyboard us
# System language
lang en_US.UTF-8
# Network information
network --bootproto=dhcp --device=link --activate --onboot=on
network --hostname=localhost.localdomain
# Root password
rootpw --iscrypted thereisnopasswordanditslocked
selinux --enforcing
services --disabled="kdump" --enabled="NetworkManager,sshd,rsyslog,chronyd,cloud-init,cloud-init-local,cloud-config,cloud-final,rngd"
timezone UTC --utc
# Disk
bootloader --append="rootdelay=300 console=ttyS0 earlyprintk=ttyS0 no_timer_check crashkernel=auto net.ifnames=0" --location=mbr --timeout=1 --boot-drive=vda
zerombr
clearpart --all --initlabel
part /boot --fstype xfs --size 1024 --asprimary --ondisk vda
part /boot/efi --fstype vfat --size 512 --asprimary --ondisk vda
reqpart
part / --fstype="xfs" --ondisk=vda --maxsize=3000 --grow
%post --erroronfail
passwd -d root
passwd -l root
###
# Common Cloud Tweaks
###
# pvgrub support
echo -n "Creating grub.conf for pvgrub"
rootuuid=$( awk '$2=="/" { print $1 };' /etc/fstab )
mkdir /boot/grub
echo -e 'default=0\ntimeout=0\n\n' > /boot/grub/grub.conf
for kv in $( ls -1v /boot/vmlinuz* |grep -v rescue |sed s/.*vmlinuz-// ); do
echo "title Rocky Linux 8 ($kv)" >> /boot/grub/grub.conf
echo -e "\troot (hd0)" >> /boot/grub/grub.conf
echo -e "\tkernel /boot/vmlinuz-$kv ro root=$rootuuid console=hvc0 LANG=en_US.UTF-8" >> /boot/grub/grub.conf
echo -e "\tinitrd /boot/initramfs-$kv.img" >> /boot/grub/grub.conf
echo
done
ln -sf grub.conf /boot/grub/menu.lst
ln -sf /boot/grub/grub.conf /etc/grub.conf
# setup systemd to boot to the right runlevel
rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
echo .
# remove linux-firmware as we're virt and it's half a gig
dnf -C -y remove linux-firmware
# Remove firewalld; it is required to be present for install/image building.
# but we dont ship it in cloud
dnf -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
dnf -C -y remove avahi\*
sed -i '/^#NAutoVTs=.*/ a\
NAutoVTs=0' /etc/systemd/logind.conf
echo "virtual-guest" > /etc/tuned/active_profile
###
# Networking Changes
###
# For cloud images, 'eth0' _is_ the predictable device name, since
# we don't want to be tied to specific virtual (!) hardware
#rm -f /etc/udev/rules.d/70*
#ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
# simple eth0 config, again not hard-coded to the build hardware
#cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
#DEVICE=eth0
#ONBOOT=yes
#BOOTPROTO=dhcp
#TYPE=Ethernet
#USERCTL=no
#PEERDNS=yes
#IPV6INIT=no
#NM_CONTROLLED=yes
#IPV4_DHCP_TIMEOUT=300
#EOF
cat << EOF | tee -a /etc/NetworkManager/conf.d/dhcp-timeout.conf
# Configure dhcp timeout to 300s by default
[connection]
ipv4.dhcp-timeout=300
EOF
cat > /etc/sysconfig/network << EOF
NETWORKING=yes
NOZEROCONF=yes
EOF
# Remove build-time resolvers to fix #16948
echo > /etc/resolv.conf
# generic localhost names
cat > /etc/hosts << EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
EOF
echo .
###
# Services
###
systemctl mask tmp.mount
###
# azure
###
# Setup WALinux Agent
dnf -y install WALinuxAgent
systemctl enable waagent
# Configure waagent for cloud-init
sed -i 's/Provisioning.UseCloudInit=n/Provisioning.UseCloudInit=y/g' /etc/waagent.conf
sed -i 's/Provisioning.Enabled=y/Provisioning.Enabled=n/g' /etc/waagent.conf
# Azure: handle sr-iov and networkmanaeger
cat << EOF | tee -a /etc/udev/rules.d/68-azure-sriov-nm-unmanaged.rules
# Accelerated Networking on Azure exposes a new SRIOV interface to the VM.
# This interface is transparently bonded to the synthetic interface,
# so NetworkManager should just ignore any SRIOV interfaces.
SUBSYSTEM=="net", DRIVERS=="hv_pci", ACTION=="add", ENV{NM_UNMANAGED}="1"
EOF
# Azure: Time sync for linux
## Setup udev rule for ptp_hyperv
cat << EOF | tee -a /etc/udev/rules.d/98-hyperv-ptp.rules
## See: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/time-sync#check-for-ptp-clock-source
SUBSYSTEM=="ptp", ATTR{clock_name}=="hyperv", SYMLINK += "ptp_hyperv"
EOF
# Configure chrony to use ptp_hyperv
cat << EOF | tee -a /etc/chrony.conf
# Setup hyperv PTP device as refclock
refclock PHC /dev/ptp_hyperv poll 3 dpoll -2 offset 0 stratum 2
EOF
# Azure: Blacklist modules
cat << EOF | tee -a /etc/modprobe.d/azure-blacklist.conf
blacklist amdgpu
blacklist nouveau
blacklist radeon
EOF
# Azure: cloud-init customizations for Hyperv
cat << EOF | tee /etc/cloud/cloud.cfg.d/10-azure-kvp.cfg
# Enable logging to the Hyper-V kvp in Azure
reporting:
logging:
type: log
telemetry:
type: hyperv
EOF
###
# Kernel and Drivers
###
# Add drivers when building in VMWare, Vbox, or KVM (KVM)
cat << EOF | tee -a /etc/dracut.conf.d/80-azure.conf
add_drivers+=" hv_vmbus hv_netvsc hv_storvsc "
EOF
dracut -f -v
cat <<EOL > /etc/sysconfig/kernel
# UPDATEDEFAULT specifies if new-kernel-pkg should make
# new kernels the default
UPDATEDEFAULT=yes
# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel
EOL
# make sure firstboot doesn't start
echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
# rocky cloud user
echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
dnf clean all
# XXX instance type markers - MUST match Rocky Infra expectation
echo 'azure' > /etc/yum/vars/infra
# change dhcp client retry/timeouts to resolve #6866
###
# Cleanup
###
###
# Azure Cleanup
###
sudo rm -f /var/log/waagent.log
sudo cloud-init clean
waagent -force -deprovision+user
# Commont cleanup
rm -f ~/.bash_history
export HISTSIZE=0
rm -f /var/lib/systemd/random-seed
rm -rf /root/anaconda-ks.cfg
rm -rf /root/install.log
rm -rf /root/install.log.syslog
rm -rf "/var/lib/yum/*"
rm -rf "/var/log/anaconda*"
rm -rf /var/log/yum.log
# Wipe machineid
cat /dev/null > /etc/machine-id
# Fix selinux
touch /var/log/cron
touch /var/log/boot.log
mkdir -p /var/cache/yum
/usr/sbin/fixfiles -R -a restore
true
%end
%packages
@core
chrony
dnf
yum
cloud-init
cloud-utils-growpart
NetworkManager
dracut-config-generic
firewalld
gdisk
grub2
kernel
nfs-utils
rsync
tar
dnf-utils
yum-utils
-aic94xx-firmware
-alsa-firmware
-alsa-lib
-alsa-tools-firmware
-ivtv-firmware
-iwl100-firmware
-iwl1000-firmware
-iwl105-firmware
-iwl135-firmware
-iwl2000-firmware
-iwl2030-firmware
-iwl3160-firmware
-iwl3945-firmware
-iwl4965-firmware
-iwl5000-firmware
-iwl5150-firmware
-iwl6000-firmware
-iwl6000g2a-firmware
-iwl6000g2b-firmware
-iwl6050-firmware
-iwl7260-firmware
-libertas-sd8686-firmware
-libertas-sd8787-firmware
-libertas-usb8388-firmware
-biosdevname
-iprutils
-plymouth
python3-jsonschema
qemu-guest-agent
dhcp-client
cockpit-ws
cockpit-system
-langpacks-*
-langpacks-en
rocky-release
rng-tools
WALinuxAgent
hyperv-daemons
%end

97
Rocky-9-Container-Base.ks Normal file
View File

@ -0,0 +1,97 @@
# This is a minimal Rocky kickstart designed for docker.
# It will not produce a bootable system
# To use this kickstart, run make
# Basic setup information
text
bootloader --disable
firewall --disabled
network --bootproto=dhcp --device=link --activate --onboot=on
rootpw --lock --iscrypted locked
selinux --disabled
shutdown
keyboard us
lang en_US.UTF-8
timezone --utc --nontp UTC
# Disk setup
zerombr
clearpart --all --initlabel
autopart --noboot --nohome --noswap --nolvm --fstype=ext4
# Package setup
%packages --ignoremissing --excludedocs --inst-langs=en --nocore --exclude-weakdeps
bash
binutils
coreutils-single
glibc-minimal-langpack
hostname
iputils
less
rocky-release
rootfiles
tar
vim-minimal
yum
-brotli
-dosfstools
-kexec-tools
-e2fsprogs
-firewalld
-fuse-libs
-gettext*
-gnupg2-smime
-grub\*
-iptables
-kernel
-libss
-os-prober*
-pinentry
-qemu-guest-agent
-shared-mime-info
-trousers
-xfsprogs
-xkeyboard-config
%end
%post --erroronfail --log=/root/anaconda-post.log
# container customizations inside the chroot
# Stay compatible
echo 'container' > /etc/dnf/vars/infra
#Generate installtime file record
/bin/date +%Y%m%d_%H%M > /etc/BUILDTIME
# Limit languages to help reduce size.
LANG="en_US"
echo "%_install_langs $LANG" > /etc/rpm/macros.image-language-conf
# https://bugzilla.redhat.com/show_bug.cgi?id=1727489
echo 'LANG="C.UTF-8"' > /etc/locale.conf
# systemd fixes
:> /etc/machine-id
umount /run
systemd-tmpfiles --create --boot
# mask mounts and login bits
systemctl mask \
console-getty.service \
dev-hugepages.mount \
getty.target \
sys-fs-fuse-connections.mount \
systemd-logind.service \
systemd-remount-fs.service
# Cleanup the image
rm -f /etc/udev/hwdb.bin
rm -rf /usr/lib/udev/hwdb.d/ \
/boot /var/lib/dnf/history.* \
"/tmp/*" "/tmp/.*" || true
%end

View File

@ -0,0 +1,97 @@
# This is a minimal Rocky kickstart designed for docker.
# It will not produce a bootable system
# To use this kickstart, run make
# Basic setup information
bootloader --disable
firewall --disabled
network --bootproto=dhcp --device=link --activate --onboot=on
rootpw --lock --iscrypted locked
selinux --disabled
shutdown
keyboard us
lang en_US.UTF-8
timezone --utc --nontp UTC
# Disk setup
zerombr
clearpart --all --initlabel
autopart --noboot --nohome --noswap --nolvm --fstype=ext4
# Package setup
%packages --ignoremissing --excludedocs --inst-langs=en --nocore --exclude-weakdeps
bash
coreutils-single
glibc-minimal-langpack
microdnf
rocky-release
-brotli
-dosfstools
-e2fsprogs
-firewalld
-fuse-libs
-gettext*
-gnupg2-smime
-grub\*
-hostname
-iptables
-iputils
-kernel
-kexec-tools
-less
-libss
-os-prober*
-pinentry
-qemu-guest-agent
-rootfiles
-shared-mime-info
-tar
-trousers
-vim-minimal
-xfsprogs
-xkeyboard-config
-yum
%end
%post --erroronfail --log=/root/anaconda-post.log
# container customizations inside the chroot
rpm --rebuilddb
/bin/date +%Y-%m-%d_%H:%M:%S > /etc/BUILDTIME
echo 'container' > /etc/dnf/vars/infra
LANG="en_US"
echo '%_install_langs en_US.UTF-8' > /etc/rpm/macros.image-language-conf
echo 'LANG="C.UTF-8"' > /etc/locale.conf
rm -f /var/lib/dnf/history.*
rm -fr "/var/log/*" "/tmp/*" "/tmp/.*"
for dir in $(ls -d "/usr/share/{locale,i18n}/*" | grep -v 'en_US\|all_languages\|locale\.alias'); do rm -fr $dir; done
# systemd fixes
umount /run
systemd-tmpfiles --create --boot
# mask mounts and login bits
systemctl mask \
console-getty.service \
dev-hugepages.mount \
getty.target \
sys-fs-fuse-connections.mount \
systemd-logind.service \
systemd-remount-fs.service
# Cleanup the image
rm -f /etc/udev/hwdb.bin
rm -rf /usr/lib/udev/hwdb.d/ \
/boot /var/lib/dnf/history.* \
"/tmp/*" "/tmp/.*" || true
%end

220
Rocky-9-EC2.ks Normal file
View File

@ -0,0 +1,220 @@
text
auth --enableshadow --passalgo=sha512
shutdown
firewall --enabled --service=ssh
firstboot --disable
keyboard us
# System language
lang en_US.UTF-8
# Network information
network --bootproto=dhcp --device=link --activate --onboot=on
network --hostname=localhost.localdomain
# Root password
rootpw --iscrypted thereisnopasswordanditslocked
selinux --enforcing
services --disabled="kdump" --enabled="NetworkManager,sshd,rsyslog,chronyd,cloud-init,cloud-init-local,cloud-config,cloud-final,rngd"
timezone UTC --utc
# Disk
bootloader --append="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0 nvme_core.io_timeout=4294967295 nvme_core.max_retries=10" --location=mbr --timeout=1 --boot-drive=vda
zerombr
clearpart --all --initlabel
reqpart
part / --fstype="xfs" --ondisk=vda --size=7950
%pre --erroronfail
/usr/sbin/parted -s /dev/vda mklabel gpt
%end
%post --erroronfail
passwd -d root
passwd -l root
# pvgrub support
echo -n "Creating grub.conf for pvgrub"
rootuuid=$( awk '$2=="/" { print $1 };' /etc/fstab )
mkdir /boot/grub
echo -e 'default=0\ntimeout=0\n\n' > /boot/grub/grub.conf
for kv in $( ls -1v /boot/vmlinuz* |grep -v rescue |sed s/.*vmlinuz-// ); do
echo "title Rocky Linux 8 ($kv)" >> /boot/grub/grub.conf
echo -e "\troot (hd0)" >> /boot/grub/grub.conf
echo -e "\tkernel /boot/vmlinuz-$kv ro root=$rootuuid console=hvc0 LANG=en_US.UTF-8" >> /boot/grub/grub.conf
echo -e "\tinitrd /boot/initramfs-$kv.img" >> /boot/grub/grub.conf
echo
done
ln -sf grub.conf /boot/grub/menu.lst
ln -sf /boot/grub/grub.conf /etc/grub.conf
# setup systemd to boot to the right runlevel
rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
echo .
dnf -C -y remove linux-firmware
# Remove firewalld; it is required to be present for install/image building.
# but we dont ship it in cloud
dnf -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
dnf -C -y remove avahi\*
sed -i '/^#NAutoVTs=.*/ a\
NAutoVTs=0' /etc/systemd/logind.conf
cat > /etc/sysconfig/network << EOF
NETWORKING=yes
NOZEROCONF=yes
EOF
# For cloud images, 'eth0' _is_ the predictable device name, since
# we don't want to be tied to specific virtual (!) hardware
rm -f /etc/udev/rules.d/70*
ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
# simple eth0 config, again not hard-coded to the build hardware
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
DEVICE="eth0"
BOOTPROTO="dhcp"
ONBOOT="yes"
TYPE="Ethernet"
USERCTL="yes"
PEERDNS="yes"
IPV6INIT="no"
PERSISTENT_DHCLIENT="1"
EOF
echo "virtual-guest" > /etc/tuned/active_profile
# generic localhost names
cat > /etc/hosts << EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
EOF
echo .
systemctl mask tmp.mount
cat <<EOL > /etc/sysconfig/kernel
# UPDATEDEFAULT specifies if new-kernel-pkg should make
# new kernels the default
UPDATEDEFAULT=yes
# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel
EOL
# make sure firstboot doesn't start
echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
# rocky cloud user
echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
dnf clean all
# XXX instance type markers - MUST match Rocky Infra expectation
echo 'ec2' > /etc/yum/vars/infra
# change dhcp client retry/timeouts to resolve #69.0
cat >> /etc/dhcp/dhclient.conf << EOF
timeout 300;
retry 60;
EOF
rm -rf /var/log/yum.log
rm -rf /var/lib/yum/*
rm -rf /root/install.log
rm -rf /root/install.log.syslog
rm -rf /root/anaconda-ks.cfg
rm -rf /var/log/anaconda*
rm -f /var/lib/systemd/random-seed
cat /dev/null > /etc/machine-id
echo "Fixing SELinux contexts."
touch /var/log/cron
touch /var/log/boot.log
mkdir -p /var/cache/yum
/usr/sbin/fixfiles -R -a restore
# remove these for ec2 debugging
sed -i -e 's/ rhgb quiet//' /boot/grub/grub.conf
cat > /etc/modprobe.d/blacklist-nouveau.conf << EOL
blacklist nouveau
EOL
# enable resizing on copied AMIs
echo 'install_items+=" sgdisk "' > /etc/dracut.conf.d/sgdisk.conf
echo 'add_drivers+="xen-netfront xen-blkfront "' > /etc/dracut.conf.d/xen.conf
# Rerun dracut for the installed kernel (not the running kernel):
KERNEL_VERSION=$(rpm -q kernel --qf '%{V}-%{R}.%{arch}\n')
dracut -f /boot/initramfs-$KERNEL_VERSION.img $KERNEL_VERSION
# reorder console entries
sed -i 's/console=tty0/console=tty0 console=ttyS0,115200n8/' /boot/grub2/grub.cfg
true
%end
%packages
@core
chrony
dnf
yum
cloud-init
cloud-utils-growpart
NetworkManager
dracut-config-generic
firewalld
gdisk
grub2
kernel
nfs-utils
rsync
tar
dnf-utils
yum-utils
-aic94xx-firmware
-alsa-firmware
-alsa-lib
-alsa-tools-firmware
-ivtv-firmware
-iwl100-firmware
-iwl1000-firmware
-iwl105-firmware
-iwl135-firmware
-iwl2000-firmware
-iwl2030-firmware
-iwl3160-firmware
-iwl3945-firmware
-iwl4965-firmware
-iwl5000-firmware
-iwl5150-firmware
-iwl6000-firmware
-iwl6000g2a-firmware
-iwl6000g2b-firmware
-iwl6050-firmware
-iwl7260-firmware
-libertas-sd8686-firmware
-libertas-sd8787-firmware
-libertas-usb8388-firmware
-biosdevname
-iprutils
-plymouth
python3-jsonschema
qemu-guest-agent
dhcp-client
cockpit-ws
cockpit-system
-langpacks-*
-langpacks-en
rocky-release
rng-tools
%end

206
Rocky-9-GenericCloud.ks Normal file
View File

@ -0,0 +1,206 @@
text
auth --enableshadow --passalgo=sha512
shutdown
firewall --enabled --service=ssh
firstboot --disable
ignoredisk --only-use=vda
keyboard us
# System language
lang en_US.UTF-8
# Network information
network --bootproto=dhcp --device=link --activate --onboot=on
network --hostname=localhost.localdomain
# Root password
rootpw --iscrypted thereisnopasswordanditslocked
selinux --enforcing
services --disabled="kdump" --enabled="NetworkManager,sshd,rsyslog,chronyd,cloud-init,cloud-init-local,cloud-config,cloud-final,rngd"
timezone --utc UTC
# Disk
bootloader --append="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0" --location=mbr --timeout=1 --boot-drive=vda
zerombr
clearpart --all --initlabel
part /boot --fstype xfs --size 1024 --asprimary --ondisk vda
part /boot/efi --fstype vfat --size 512 --asprimary --ondisk vda
reqpart
part / --fstype="xfs" --ondisk=vda --size=8000 --grow
%post --erroronfail
passwd -d root
passwd -l root
# pvgrub support
echo -n "Creating grub.conf for pvgrub"
rootuuid=$( awk '$2=="/" { print $1 };' /etc/fstab )
mkdir /boot/grub
echo -e 'default=0\ntimeout=0\n\n' > /boot/grub/grub.conf
for kv in $( ls -1v /boot/vmlinuz* |grep -v rescue |sed s/.*vmlinuz-// ); do
echo "title Rocky Linux 8 ($kv)" >> /boot/grub/grub.conf
echo -e "\troot (hd0)" >> /boot/grub/grub.conf
echo -e "\tkernel /boot/vmlinuz-$kv ro root=$rootuuid console=hvc0 LANG=en_US.UTF-8" >> /boot/grub/grub.conf
echo -e "\tinitrd /boot/initramfs-$kv.img" >> /boot/grub/grub.conf
echo
done
ln -sf grub.conf /boot/grub/menu.lst
ln -sf /boot/grub/grub.conf /etc/grub.conf
# setup systemd to boot to the right runlevel
rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
echo .
dnf -C -y remove linux-firmware
# Remove firewalld; it is required to be present for install/image building.
# but we dont ship it in cloud
dnf -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
dnf -C -y remove avahi\*
sed -i '/^#NAutoVTs=.*/ a\
NAutoVTs=0' /etc/systemd/logind.conf
cat > /etc/sysconfig/network << EOF
NETWORKING=yes
NOZEROCONF=yes
EOF
# Remove build-time resolvers to fix #16948
echo > /etc/resolv.conf
# For cloud images, 'eth0' _is_ the predictable device name, since
# we don't want to be tied to specific virtual (!) hardware
rm -f /etc/udev/rules.d/70*
ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
# simple eth0 config, again not hard-coded to the build hardware
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
DEVICE="eth0"
BOOTPROTO="dhcp"
ONBOOT="yes"
TYPE="Ethernet"
USERCTL="yes"
PEERDNS="yes"
IPV6INIT="no"
PERSISTENT_DHCLIENT="1"
EOF
echo "virtual-guest" > /etc/tuned/active_profile
# generic localhost names
cat > /etc/hosts << EOF
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
EOF
echo .
systemctl mask tmp.mount
cat <<EOL > /etc/sysconfig/kernel
# UPDATEDEFAULT specifies if new-kernel-pkg should make
# new kernels the default
UPDATEDEFAULT=yes
# DEFAULTKERNEL specifies the default kernel package type
DEFAULTKERNEL=kernel
EOL
# make sure firstboot doesn't start
echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
# rocky cloud user
echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
dnf clean all
# XXX instance type markers - MUST match Rocky Infra expectation
echo 'genclo' > /etc/yum/vars/infra
# change dhcp client retry/timeouts to resolve #69.0
cat >> /etc/dhcp/dhclient.conf << EOF
timeout 300;
retry 60;
EOF
rm -rf /var/log/yum.log
rm -rf /var/lib/yum/*
rm -rf /root/install.log
rm -rf /root/install.log.syslog
rm -rf /root/anaconda-ks.cfg
rm -rf /var/log/anaconda*
rm -f /var/lib/systemd/random-seed
cat /dev/null > /etc/machine-id
echo "Fixing SELinux contexts."
touch /var/log/cron
touch /var/log/boot.log
mkdir -p /var/cache/yum
/usr/sbin/fixfiles -R -a restore
# reorder console entries
sed -i 's/console=tty0/console=tty0 console=ttyS0,115200n8/' /boot/grub2/grub.cfg
true
%end
%packages
@core
chrony
dnf
yum
cloud-init
cloud-utils-growpart
NetworkManager
dracut-config-generic
firewalld
gdisk
grub2
kernel
nfs-utils
rsync
tar
dnf-utils
yum-utils
-aic94xx-firmware
-alsa-firmware
-alsa-lib
-alsa-tools-firmware
-ivtv-firmware
-iwl100-firmware
-iwl1000-firmware
-iwl105-firmware
-iwl135-firmware
-iwl2000-firmware
-iwl2030-firmware
-iwl3160-firmware
-iwl3945-firmware
-iwl4965-firmware
-iwl5000-firmware
-iwl5150-firmware
-iwl6000-firmware
-iwl6000g2a-firmware
-iwl6000g2b-firmware
-iwl6050-firmware
-iwl7260-firmware
-libertas-sd8686-firmware
-libertas-sd8787-firmware
-libertas-usb8388-firmware
-biosdevname
-iprutils
-plymouth
python3-jsonschema
qemu-guest-agent
dhcp-client
cockpit-ws
cockpit-system
-langpacks-*
-langpacks-en
rocky-release
rng-tools
%end

520
Rocky-9-KDE.ks Normal file
View File

@ -0,0 +1,520 @@
# Generated by pykickstart v3.36
#version=DEVEL
# X Window System configuration information
xconfig --startxonboot
# Keyboard layouts
keyboard 'us'
# Root password
rootpw --iscrypted --lock locked
# System language
lang en_US.UTF-8
# Shutdown after installation
shutdown
# Network information
network --bootproto=dhcp --device=link --activate
# Firewall configuration
firewall --enabled --service=mdns
# Use network installation
url --url="http://dl.rockylinux.org/pub/rocky/9/BaseOS/$basearch/os/"
repo --name="BaseOS" --baseurl=http://dl.rockylinux.org/pub/rocky/9/BaseOS/$basearch/os/ --cost=200
repo --name="AppStream" --baseurl=http://dl.rockylinux.org/pub/rocky/9/AppStream/$basearch/os/ --cost=200
repo --name="CRB" --baseurl=http://dl.rockylinux.org/pub/rocky/9/CRB/$basearch/os/ --cost=200
repo --name="extras" --baseurl=http://dl.rockylinux.org/pub/rocky/9/extras/$basearch/os --cost=200
repo --name="epel" --baseurl=https://dl.fedoraproject.org/pub/epel/9/Everything/$basearch/ --cost=200
#repo --name="epel-modular" --baseurl=https://dl.fedoraproject.org/pub/epel/8/Modular/$basearch/ --cost=200
# System timezone
timezone US/Eastern
# SELinux configuration
selinux --enforcing
# System services
services --disabled="sshd" --enabled="NetworkManager,ModemManager"
# System bootloader configuration
bootloader --location=none
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all
# Disk partitioning information
part / --fstype="ext4" --size=5120
part / --size=7000
%post
# FIXME: it'd be better to get this installed from a package
cat > /etc/rc.d/init.d/livesys << EOF
#!/bin/bash
#
# live: Init script for live image
#
# chkconfig: 345 00 99
# description: Init script for live image.
### BEGIN INIT INFO
# X-Start-Before: display-manager chronyd
### END INIT INFO
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then
exit 0
fi
if [ -e /.liveimg-configured ] ; then
configdone=1
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
livedir="LiveOS"
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then
livedir=\${arg##rd.live.dir=}
continue
fi
if [ "\${arg##live_dir=}" != "\${arg}" ]; then
livedir=\${arg##live_dir=}
fi
done
# Enable swap unless requested otherwise
swaps=\`blkid -t TYPE=swap -o device\`
if ! strstr "\`cat /proc/cmdline\`" noswap && [ -n "\$swaps" ] ; then
for s in \$swaps ; do
action "Enabling swap partition \$s" swapon \$s
done
fi
if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then
action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img
fi
# Support for persistent homes
mountPersistentHome() {
# support label/uuid
if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then
homedev=\`/sbin/blkid -o device -t "\$homedev"\`
fi
# if we're given a file rather than a blockdev, loopback it
if [ "\${homedev##mtd}" != "\${homedev}" ]; then
# mtd devs don't have a block device but get magic-mounted with -t jffs2
mountopts="-t jffs2"
elif [ ! -b "\$homedev" ]; then
loopdev=\`losetup -f\`
if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then
action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live
fi
losetup \$loopdev \$homedev
homedev=\$loopdev
fi
# if it's encrypted, we need to unlock it
if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then
echo
echo "Setting up encrypted /home device"
plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome"
homedev=/dev/mapper/EncHome
fi
# and finally do the mount
mount \$mountopts \$homedev /home
# if we have /home under what's passed for persistent home, then
# we should make that the real /home. useful for mtd device on olpc
if [ -d /home/home ]; then mount --bind /home/home /home ; fi
[ -x /sbin/restorecon ] && /sbin/restorecon /home
if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi
}
# Help locate persistent homes
findPersistentHome() {
for arg in \`cat /proc/cmdline\` ; do
if [ "\${arg##persistenthome=}" != "\${arg}" ]; then
homedev=\${arg##persistenthome=}
fi
done
}
if strstr "\`cat /proc/cmdline\`" persistenthome= ; then
findPersistentHome
elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then
homedev=/run/initramfs/live/\${livedir}/home.img
fi
# Mount the persistent home if it's available
if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then
action "Mounting persistent /home" mountPersistentHome
fi
if [ -n "\$configdone" ]; then
exit 0
fi
# Create the liveuser (no password) so automatic logins and sudo works
action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser
passwd -d liveuser > /dev/null
usermod -aG wheel liveuser > /dev/null
# Same for root
passwd -d root > /dev/null
# Turn off firstboot (similar to a DVD/minimal install, where it asks
# for the user to accept the EULA before bringing up a TTY)
systemctl --no-reload disable firstboot-text.service 2> /dev/null || :
systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || :
systemctl stop firstboot-text.service 2> /dev/null || :
systemctl stop firstboot-graphical.service 2> /dev/null || :
# Prelinking damages the images
sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || :
# Turn off mdmonitor by default
systemctl --no-reload disable mdmonitor.service 2> /dev/null || :
systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || :
systemctl stop mdmonitor.service 2> /dev/null || :
systemctl stop mdmonitor-takeover.service 2> /dev/null || :
# Even if there isn't gnome, this doesn't hurt.
gsettings set org.gnome.software download-updates 'false' || :
# Disable cron
systemctl --no-reload disable crond.service 2> /dev/null || :
systemctl --no-reload disable atd.service 2> /dev/null || :
systemctl stop crond.service 2> /dev/null || :
systemctl stop atd.service 2> /dev/null || :
# Disable abrt
systemctl --no-reload disable abrtd.service 2> /dev/null || :
systemctl stop abrtd.service 2> /dev/null || :
# Don't sync the system clock when running live (RHBZ #1018162)
sed -i 's/rtcsync//' /etc/chrony.conf
# Mark things as configured
touch /.liveimg-configured
# add static hostname to work around xauth bug
# https://bugzilla.redhat.com/show_bug.cgi?id=679486
# the hostname must be something else than 'localhost'
# https://bugzilla.redhat.com/show_bug.cgi?id=1370222
echo "localhost-live" > /etc/hostname
EOF
# HAL likes to start late.
cat > /etc/rc.d/init.d/livesys-late << EOF
#!/bin/bash
#
# live: Late init script for live image
#
# chkconfig: 345 99 01
# description: Late init script for live image.
. /etc/init.d/functions
if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then
exit 0
fi
exists() {
which \$1 >/dev/null 2>&1 || return
\$*
}
touch /.liveimg-late-configured
# Read some stuff out of the kernel cmdline
for o in \`cat /proc/cmdline\` ; do
case \$o in
ks=*)
ks="--kickstart=\${o#ks=}"
;;
xdriver=*)
xdriver="\${o#xdriver=}"
;;
esac
done
# If liveinst or textinst is given, start installer
if strstr "\`cat /proc/cmdline\`" liveinst ; then
plymouth --quit
/usr/sbin/liveinst \$ks
fi
if strstr "\`cat /proc/cmdline\`" textinst ; then
plymouth --quit
/usr/sbin/liveinst --text \$ks
fi
# Configure X, allowing user to override xdriver
if [ -n "\$xdriver" ]; then
cat > /etc/X11/xorg.conf.d/00-xdriver.conf <<FOE
Section "Device"
Identifier "Videocard0"
Driver "\$xdriver"
EndSection
FOE
fi
EOF
chmod 755 /etc/rc.d/init.d/livesys
/sbin/restorecon /etc/rc.d/init.d/livesys
/sbin/chkconfig --add livesys
chmod 755 /etc/rc.d/init.d/livesys-late
/sbin/restorecon /etc/rc.d/init.d/livesys-late
/sbin/chkconfig --add livesys-late
# Enable tmpfs for /tmp - this is a good idea
systemctl enable tmp.mount
# make it so that we don't do writing to the overlay for things which
# are just tmpdirs/caches
# note https://bugzilla.redhat.com/show_bug.cgi?id=1135475
cat >> /etc/fstab << EOF
vartmp /var/tmp tmpfs defaults 0 0
EOF
# PackageKit likes to play games. Let's fix that.
rm -f /var/lib/rpm/__db*
releasever=$(rpm -q --qf '%{version}\n' --whatprovides system-release)
basearch=$(uname -i)
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
echo "Packages within this LiveCD"
rpm -qa
# Note that running rpm recreates the rpm db files which aren't needed or wanted
rm -f /var/lib/rpm/__db*
# go ahead and pre-make the man -k cache (#455968)
/usr/bin/mandb
# make sure there aren't core files lying around
rm -f /core*
# remove random seed, the newly installed instance should make it's own
rm -f /var/lib/systemd/random-seed
# convince readahead not to collect
# FIXME: for systemd
echo 'File created by kickstart. See systemd-update-done.service(8).' \
| tee /etc/.updated >/var/.updated
# Drop the rescue kernel and initramfs, we don't need them on the live media itself.
# See bug 1317709
rm -f /boot/*-rescue*
# Disable network service here, as doing it in the services line
# fails due to RHBZ #1369794 - the error is expected
/sbin/chkconfig network off
# Remove machine-id on generated images
rm -f /etc/machine-id
touch /etc/machine-id
%end
%post --nochroot
cp $INSTALL_ROOT/usr/share/licenses/*-release/* $LIVE_ROOT/
# only works on x86_64
if [ "$(uname -i)" = "i386" -o "$(uname -i)" = "x86_64" ]; then
# For livecd-creator builds
if [ ! -d $LIVE_ROOT/LiveOS ]; then mkdir -p $LIVE_ROOT/LiveOS ; fi
cp /usr/bin/livecd-iso-to-disk $LIVE_ROOT/LiveOS
# For lorax/livemedia-creator builds
sed -i '
/## make boot.iso/ i\
# Add livecd-iso-to-disk script to .iso filesystem at /LiveOS/\
<% f = "usr/bin/livecd-iso-to-disk" %>\
%if exists(f):\
install ${f} ${LIVEDIR}/${f|basename}\
%endif\
' /usr/share/lorax/templates.d/99-generic/live/x86.tmpl
fi
%end
%post
# set default GTK+ theme for root (see #683855, #689070, #808062)
cat > /root/.gtkrc-2.0 << EOF
include "/usr/share/themes/Adwaita/gtk-2.0/gtkrc"
include "/etc/gtk-2.0/gtkrc"
gtk-theme-name="Adwaita"
EOF
mkdir -p /root/.config/gtk-3.0
cat > /root/.config/gtk-3.0/settings.ini << EOF
[Settings]
gtk-theme-name = Adwaita
EOF
# add initscript
cat >> /etc/rc.d/init.d/livesys << EOF
# are we *not* able to use wayland sessions?
if strstr "\`cat /proc/cmdline\`" nomodeset ; then
PLASMA_SESSION_FILE="plasmax11.desktop"
else
PLASMA_SESSION_FILE="plasma.desktop"
fi
# set up autologin for user liveuser
if [ -f /etc/sddm.conf ]; then
sed -i 's/^#User=.*/User=liveuser/' /etc/sddm.conf
sed -i "s/^#Session=.*/Session=\${PLASMA_SESSION_FILE}/" /etc/sddm.conf
else
cat > /etc/sddm.conf << SDDM_EOF
[Autologin]
User=liveuser
Session=\${PLASMA_SESSION_FILE}
SDDM_EOF
fi
# add liveinst.desktop to favorites menu
mkdir -p /home/liveuser/.config/
cat > /home/liveuser/.config/kickoffrc << MENU_EOF
[Favorites]
FavoriteURLs=/usr/share/applications/firefox.desktop,/usr/share/applications/org.kde.dolphin.desktop,/usr/share/applications/systemsettings.desktop,/usr/share/applications/org.kde.konsole.desktop,/usr/share/applications/liveinst.desktop
MENU_EOF
# show liveinst.desktop on desktop and in menu
sed -i 's/NoDisplay=true/NoDisplay=false/' /usr/share/applications/liveinst.desktop
# set executable bit disable KDE security warning
chmod +x /usr/share/applications/liveinst.desktop
mkdir /home/liveuser/Desktop
cp -a /usr/share/applications/liveinst.desktop /home/liveuser/Desktop/
if [ -f /usr/share/anaconda/gnome/fedora-welcome.desktop ]; then
mkdir -p ~liveuser/.config/autostart
cp /usr/share/anaconda/gnome/fedora-welcome.desktop /usr/share/applications/
cp /usr/share/anaconda/gnome/fedora-welcome.desktop ~liveuser/.config/autostart/
fi
# Set akonadi backend
mkdir -p /home/liveuser/.config/akonadi
cat > /home/liveuser/.config/akonadi/akonadiserverrc << AKONADI_EOF
[%General]
Driver=QSQLITE3
AKONADI_EOF
# "Disable plasma-discover-notifier"
mkdir -p /home/liveuser/.config/autostart
cp -a /etc/xdg/autostart/org.kde.discover.notifier.desktop /home/liveuser/.config/autostart/
echo 'Hidden=true' >> /home/liveuser/.config/autostart/org.kde.discover.notifier.desktop
# Disable baloo
cat > /home/liveuser/.config/baloofilerc << BALOO_EOF
[Basic Settings]
Indexing-Enabled=false
BALOO_EOF
# Disable kres-migrator
cat > /home/liveuser/.kde/share/config/kres-migratorrc << KRES_EOF
[Migration]
Enabled=false
KRES_EOF
# Disable kwallet migrator
cat > /home/liveuser/.config/kwalletrc << KWALLET_EOL
[Migration]
alreadyMigrated=true
KWALLET_EOL
# Disable automount of 'known' devices
# https://bugzilla.redhat.com/show_bug.cgi?id=2073708
cat > /home/liveuser/.config/kded_device_automounterrc << AUTOMOUNTER_EOF
[General]
AutomountEnabled=false
AutomountOnLogin=false
AutomountOnPlugin=false
AUTOMOUNTER_EOF
# make sure to set the right permissions and selinux contexts
chown -R liveuser:liveuser /home/liveuser/
restorecon -R /home/liveuser/
restorecon -R /
EOF
systemctl enable --force sddm.service
dnf config-manager --set-enabled crb
%end
%packages
@^kde-desktop-environment
@anaconda-tools
@base-x
@core
@dial-up
@firefox
@fonts
@guest-desktop-agents
@hardware-support
@kde-apps
@kde-media
@multimedia
@standard
aajohan-comfortaa-fonts
anaconda
anaconda-install-env-deps
anaconda-live
chkconfig
dracut-live
epel-release