-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcentos8-base.def
62 lines (57 loc) · 2.12 KB
/
centos8-base.def
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
BootStrap: yum
OSVersion: 8
MirrorURL: http://mirror.centos.org/centos-%{OSVERSION}/%{OSVERSION}/BaseOS/$basearch/os/
Include: yum
#UpdateURL: http://mirror.centos.org/centos-%{OSVERSION}/%{OSVERSION}/updates/$basearch/
%runscript
exec "$@"
%setup
rsync -a base_nonbd/ ${SINGULARITY_ROOTFS}
%post
sed -i '/^tsflags=/d' /etc/dnf/dnf.conf
dnf install -y epel-release
dnf install -y 'dnf-command(config-manager)'
dnf config-manager --set-enabled powertools
# basic system + booting, @core requires kernel so extra stuff for
# booting (nbd, nfs, dracut*) must be in the same transaction in order
# to build a correct initramfs
# allowerasing apparently needed for @core (curl), hopefully temporary
# nbd not found for the moment
dnf install --allowerasing -y @standard @core nfs-utils autofs authconfig \
kernel kernel-modules kernel-modules-extra \
dracut-live dracut-network
# generate once for all ssh host keys, sshd-keygen does not work in chroot
/usr/libexec/openssh/sshd-keygen rsa
/usr/libexec/openssh/sshd-keygen ecdsa
/usr/libexec/openssh/sshd-keygen ed25519
# use systemd-firstboot where possible, root passwd ignored here
systemd-firstboot --locale=en_US.UTF-8 --timezone=UTC
# configure keyboard
cat <<EOF > /etc/vconsole.conf
KEYMAP="us"
FONT="eurlatgr"
EOF
# configure root password
echo ciao | /usr/bin/passwd --stdin root
# disable selinux
sed -i -e 's/^SELINUX=.*$/SELINUX=disabled/g' /etc/selinux/config
# configure network
cat <<EOF > /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
EOF
cat <<EOF > /etc/hosts || true
127.0.0.1 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
EOF
# change default services, allow failure due to missing units
for serv in rewrite-ifcfg NetworkManager dbus-daemon rdma; do
systemctl enable $serv || true
done
for serv in network systemd-random-seed mdmonitor firewalld atd auditd \
abrtd abrt-xorg abrt-vmcore abrt-journal-core abrt-oops kdump; do
systemctl disable $serv || true
done
# authconfig from kickstart, should we switch to authselect?
#authconfig --update --nostart --useshadow --passalgo=sha512
authselect select sssd -f || true