# autogenerated by redpesk image build: it replaces /dev/mapper/Redpesk-OS by /dev/mapper/Redpesk-OS-97b1a881-4dda-486b-9fe2-e8e640d28d55-livemedia # autogenerated by redpesk image build: it comments old fstab generation and and a new one # you should fixed it in your original ks using new fstab generation # Generated by pykickstart v3.32 #version=RHEL9 # System authorization information authselect select sssd # License agreement eula --agreed firstboot --disable ignoredisk --drives=sd*|nvme*|vd*|sr* # Keyboard layouts keyboard --vckeymap=fr --xlayouts='fr' # System language lang en_US.UTF-8 # Network information network --bootproto=dhcp --device=link --activate # Shutdown after installation shutdown repo --name="redpesk-redpesk-bsp-generic--redpesk-lts-batz-2.0-update-build-72196" --baseurl=http://distro-hub-prod02.redpesk.onprem/kojifiles//repos/redpesk-bsp-generic--redpesk-lts-batz-2.0-update-build/72196/$basearch --noverifyssl --priority=1 --module_hotfixes=true repo --name="redpesk-redpesk-lts-batz-2.0-update-build-74171" --baseurl=http://distro-hub-prod02.redpesk.onprem/kojifiles//repos/redpesk-lts-batz-2.0-update-build/74171/$basearch --noverifyssl --priority=2 --module_hotfixes=true repo --name="redpesk-import-redpesk-lts-batz-2.0-update-build-75304" --baseurl=http://distro-hub-prod02.redpesk.onprem/kojifiles//repos/import-redpesk-lts-batz-2.0-update-build/75304/$basearch --noverifyssl --priority=3 --module_hotfixes=true repo --name="redpesk-redpesk-config-build-60680" --baseurl=http://distro-hub-prod02.redpesk.onprem/kojifiles//repos/redpesk-config-build/60680/$basearch --noverifyssl --priority=52 --module_hotfixes=true # Root password rootpw --iscrypted $6$/0r4m3q/3.Nd4LUq$IJof8jdAwstBb1W5Q0fiQHEUouD5yYrmfU27wORmfJarXRfMclZNWORdCHwDTAYrhImZquhJp6xAB1L5EeZir0 # SELinux configuration selinux --disabled # Do not configure the X Window System skipx # System timezone timezone Europe/Paris --utc # Use network installation url --url="https://download.redpesk.bzh/redpesk-lts/batz-2.0-update/imager-os/aarch64/" # System bootloader configuration bootloader --append="security=smack console=tty1" --location=mbr --timeout=1 --boot-drive=/dev/mapper/Redpesk-OS-97b1a881-4dda-486b-9fe2-e8e640d28d55-livemedia # Clear the Master Boot Record zerombr # Partition clearing information clearpart --all --initlabel --disklabel=gpt # Disk partitioning information part /boot/efi --asprimary --fstype="FAT32" --size=200 --label=EFI part /config --asprimary --fstype="ext4" --size=50 --fsoptions="noatime,rw" --label=config part /recovery --asprimary --fstype="ext4" --size=500 --fsoptions="noatime,rw" --label=recovery part / --fstype="ext4" --size=2700 --fsoptions="noatime,rw" --label=rootfs part /data --fstype="ext4" --grow --size=500 --fsoptions="noatime,rw" --label=data %post --logfile=/tmp/post-efi.log --erroronfail echo "fix boot/loaders options config" source /etc/default/grub sed -i "s/^options.*$/& $GRUB_CMDLINE_LINUX/" /boot/loader/entries/*.conf echo "regenerate grub config" rm -f /boot/efi/EFI/redpesk/grub.cfg grub2-mkconfig -o /boot/efi/EFI/redpesk/grub.cfg %end %post # Find the architecture we are on arch=$(uname -m) # Setup Raspberry Pi firmware if [[ $arch == "aarch64" ]] || [[ $arch == "armv7l" ]]; then if [[ $arch == "aarch64" ]]; then cp -P /usr/share/uboot/rpi_3/u-boot.bin /boot/efi/rpi3-u-boot.bin cp -P /usr/share/uboot/rpi_4/u-boot.bin /boot/efi/rpi4-u-boot.bin else cp -P /usr/share/uboot/rpi_2/u-boot.bin /boot/efi/rpi2-u-boot.bin cp -P /usr/share/uboot/rpi_3_32b/u-boot.bin /boot/efi/rpi3-u-boot.bin cp -P /usr/share/uboot/rpi_4_32b/u-boot.bin /boot/efi/rpi4-u-boot.bin fi fi #releasever=$(rpm --eval '%{fedora}') #rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-$releasever-primary #echo "Packages within this disk image" #rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' |sort -rn # Note that running rpm recreates the rpm db files which aren't needed or wanted rm -f /var/lib/rpm/__db* # remove random seed, the newly installed instance should make it's own rm -f /var/lib/systemd/random-seed # The enp1s0 interface is a left over from the imagefactory install, clean this up rm -f /etc/sysconfig/network-scripts/ifcfg-enp1s0 dnf -y remove dracut-config-generic # Disable network service here, as doing it in the services line # fails due to RHBZ #1369794 /sbin/chkconfig network off # Remove machine-id on pre generated images rm -f /etc/machine-id touch /etc/machine-id %end %post --logfile=/tmp/post-generic.log --erroronfail mkdir -p /boot/efi/EFI/redpesk/aarch64-efi cp $(find /usr/lib/grub -name 'smbios.mod') /boot/efi/EFI/redpesk/aarch64-efi/ dnf -y remove grub2-efi-aa64-modules %end %post --nochroot --logfile=/mnt/sysroot/tmp/post-fstab.log --erroronfail echo "Setting UUID into /etc/fstab..." grep "^/dev.*Redpesk*" /mnt/sysroot/etc/fstab | while read part ; do dev=$(echo $part | cut -d' ' -f1) label=$(echo $part | cut -d' ' -f2) label="${label##*/}" if [[ "$label" == "" ]]; then label="rootfs" elif [[ "$label" == "efi" ]]; then label="EFI" fi UUID=$(blkid -s UUID -o value `blkid -L $label`) echo "dev=$dev UUID=$UUID label=$label" #\"${UUID}\"|g" /mnt/sysroot/etc/fstab done %end %post --logfile=/mnt/sysroot/tmp/post-tmp.log --erroronfail echo "Enabling tmpfs for /tmp..." systemctl enable tmp.mount %end %post --logfile=/tmp/post-distro.log --erroronfail # Note that /etc/dnf/dnf.conf is not replace at dnf upgrade echo "do not install weak deps" echo "install_weak_deps=0" >> /etc/dnf/dnf.conf echo "disable rngd.service" systemctl disable rngd.service echo "import gpg keys" rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY* echo "Packages within this disk image :" rpm -qa | sort -h echo "" # Note that running rpm recreates the rpm db files which aren't needed or wanted rm -f /var/lib/rpm/__db* # remove random seed, the newly installed instance should make it's own rm -f /var/lib/systemd/random-seed dnf -y remove dracut-config-generic # Remove machine-id on pre generated images rm -f /etc/machine-id touch /etc/machine-id # Fix "/etc/rc.d/rc.local is not marked executable" mkdir -p /etc/systemd/system-generators touch /etc/systemd/system-generators/systemd-rc-local-generator # setup systemd to boot to the right runlevel echo -n "Setting default runlevel to multiuser text mode" rm -f /etc/systemd/system/default.target ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target #Permit root login in ssh [ -f /etc/ssh/sshd_config ] && sed -ri "s/^\#?(PermitRootLogin).*$/\1 yes/" /etc/ssh/sshd_config echo . echo "ARCH=\"`rpm --eval %{_arch}`\"" >> /etc/os-release echo "BUILD_DATE=\"`date '+%Y-%m-%d %H:%M:%S'`\"" >> /etc/os-release %end %post --logfile=/tmp/post-initramfs.log --erroronfail dracut -f --no-kernel --confdir="/etc/dracut.conf.d/redpesk/" /tmp/initramfs.img if [[ `rpm -E %{_arch}` == "aarch64" ]]; then mkimage -A arm64 -O linux -T ramdisk -C gzip -d /tmp/initramfs.img /recovery/initramfs.img rm -f /tmp/initramfs.img else mv /tmp/initramfs.img /recovery/initramfs.img #Re-generate grub2 entries with recovery initramfs grub2-mkconfig -o /boot/efi/EFI/redpesk/grub.cfg fi #Remove pkg only installed for initramfs generating dnf remove -y dracut-redpesk-recovery %end %post --logfile=/tmp/post-recovery.log --erroronfail if [[ `rpm -E %{_arch}` == "aarch64" ]]; then cp /boot/Image /recovery/recovery.img cp /boot/*.dtb /recovery/ elif [[ `rpm -E %{_arch}` == "x86_64" ]]; then cp /boot/vmlinuz*x86_64 /recovery/recovery.img else echo "WARN: recovery not supported for this arch." fi sed -i '/recovery/d' /etc/fstab %end %post --logfile=/tmp/post-clean.log --erroronfail #Delete all manuals rm -rf /usr/share/man rm -rf /usr/share/doc #Clean DNF Cache dnf clean all #Clean journal journalctl --rotate journalctl --vacuum-time=1s #Clean local according filesystem rpm request for list in `rpm -ql filesystem | grep "/usr/share/locale/"`; do [[ $list != *"LC_MESSAGES" ]] && basename $list >> /tmp/filter ;done for folder in `ls /usr/share/locale`; do if [[ -d /usr/share/locale/$folder ]]; then grep -q $folder /tmp/filter && echo "Keeping $folder" grep -q $folder /tmp/filter || (echo "Deleting $folder" && rm -rf /usr/share/locale/$folder) else echo "$folder is a file" fi done %end %post BINDING="\ helloworld-binding \ " echo "BINDING=\"\$BINDING ${BINDING}\"" >> /tmp/binding-list %end %post --nochroot --logfile=/mnt/sysroot/tmp/post-binding_install.log --erroronfail # Exit script on first error as this step is mandatory for package installation set -e # Use mock dnf config file to be able to access repository CONFIG_FILE="/etc/dnf/dnf.conf" CHROOT_DIR="/mnt/sysimage" RPMS_DIR=${CHROOT_DIR}"/var/lib/rp-firstboot/rpms" alias dnf_ks='dnf -c ${CONFIG_FILE} --installroot=${CHROOT_DIR}' # For debug purpose dnf_ks repolist -v if [ -f ${CHROOT_DIR}/tmp/binding-list ]; then source ${CHROOT_DIR}/tmp/binding-list mkdir -p ${RPMS_DIR} LIST=$(rpm --root=${CHROOT_DIR} -qa --qf "%{NAME}\n" | grep binding | tr "\n" " ") [ -n "${LIST}" ] && dnf_ks reinstall -y \ --downloadonly --downloaddir=${RPMS_DIR} \ ${LIST} [ -n "${BINDING}" ] && dnf_ks install -y \ --downloadonly --downloaddir=${RPMS_DIR} \ ${BINDING} rm ${CHROOT_DIR}/tmp/binding-list fi # Since first boot RPMs are not installed in the image, they are not listed in manifest.log rpm -qp ${RPMS_DIR}/* >> /tmp/manifest-firstboot.log #Clean DNF Cache dnf_ks clean all %end %post --logfile=/tmp/post-project-features.log --erroronfail #CUSTOM FEATURE WILL COME HERE %end %post echo "SECURITY_MODEL=\"smack\"" >> /etc/os-release %end %post --nochroot # Save pre and post action logs for extraction into koji cp /mnt/sysroot/tmp/pre-*.log /chroot_tmpdir/lmc-logs cp /mnt/sysroot/tmp/post-*.log /chroot_tmpdir/lmc-logs %end %pre-install # disable systemd-networkd mkdir -p /mnt/sysimage/etc/systemd/system-preset cat < /mnt/sysimage/etc/systemd/system-preset/10-disable-networkd.preset disable systemd-networkd.service disable systemd-networkd-wait-online.service EOF %end %post ## Firewall configuration firewall --enabled --service=mdns,ssh # Fix NetworkManager DNS resolving rm -f /etc/resolv.conf ln -sf /run/NetworkManager/resolv.conf /etc/resolv.conf %end %addon com_redhat_kdump --disable %end %packages --nocore --ignoremissing --exclude-weakdeps NetworkManager NetworkManager-wifi afb-app-manager afb-app-manager-rpm afb-binder audit basesystem bash bcm283x-firmware can-tests can-utils chkconfig chrony coreutils cronie curl dnf dnf-utils dracut-config-generic dracut-live dracut-redpesk-arm dracut-redpesk-common dracut-redpesk-recovery e2fsprogs filesystem firewalld glibc glibc-langpack-en grub-redpesk grub2-efi-aa64-modules grubby hostname i2c-tools initscripts iproute iputils irqbalance iw kbd kexec-tools less libgomp linux-firmware-brcm man-db ncurses openssh-clients openssh-server parted passwd picocom platform-firstboot platform-runtime-tools policycoreutils procps-ng redhat-rpm-config redpesk-repos rng-tools rootfiles rpm sec-lsm-manager-smack sec-smack-rules setup shadow-utils sssd-client sudo systemd systemd-udev tar tree tuned uboot-images-armv8 uboot-tools usbutils util-linux vim vim-minimal wget xfsprogs yum -alsa-sof-firmware -atheros-firmware -brcmfmac-firmware -dracut-config-rescue -fedora-repos -fedora-repos-modular -gawk-all-langpacks -generic-release* -geolite2-city -geolite2-country -glibc-all-langpacks -grubby-deprecated -initial-setup -initial-setup-gui -iproute-tc -ipw* -iwl* -langpacks-en -lvm2 -mozjs78 -selinux-policy -selinux-policy-targeted -sssd-common -sssd-kcm -syslinux-extlinux -trousers -usb_modeswitch -zram-generator-defaults %end %post --logfile=/tmp/post-etcfstab.log --erroronfail echo "set /etc/fstab" for dev in $(cat /etc/fstab | grep /dev/mapper/Redpesk-OS-97b1a881-4dda-486b-9fe2-e8e640d28d55-livemedia | awk '{print $1}'); do eval $(blkid | grep $dev | awk -F ':' '{print $2}'); sed -i "s#$dev#UUID=$UUID#" /etc/fstab; done cat /etc/fstab %end %post --logfile=/tmp/manifest.log --erroronfail rpm -qa %end %post --nochroot --erroronfail # Save logs for extraction into koji cp /mnt/sysroot/tmp/*.log /chroot_tmpdir/lmc-logs/ %end