# install from http
install
url --url http://mirror.msulocal/mirror/scientific/6.3/x86_64/os
# remove everything from install disk
# note that by limiting this (--initlabel) to just the install drive,
# unlabeled disks will no be labeled. anaconda will make a popup
# asking to approve labels (gpt, atleast for large parts)
clearpart --initlabel --all --drives=/dev/disk/by-path/pci-0000:02:08.0-sas-0x1221000000000000-lun-0
# partitions
partition /boot --fstype=ext4 --size=200 --ondisk=/dev/disk/by-path/pci-0000:02:08.0-sas-0x1221000000000000-lun-0
partition pv.01 --grow --size=1 --ondisk=/dev/disk/by-path/pci-0000:02:08.0-sas-0x1221000000000000-lun-0
# volume group
volgroup vg_sys pv.01 --pesize=4096
# logical volumes
logvol / --fstype=ext4 --name=lv_root --vgname=vg_sys --size=15360
logvol /tmp --fstype=ext4 --name=lv_tmp --vgname=vg_sys --size=10240
logvol /var --fstype=ext4 --name=lv_var --vgname=vg_sys --size=10240
logvol /var/cache/openafs --fstype=ext4 --name=lv_afscache --vgname=vg_sys --size=4096
logvol swap --name=lv_swap --vgname=vg_sys --size=4096
network --device eth0 --onboot yes --bootproto static --noipv6 --ip 10.10.128.93 --netmask 255.255.240.0 --gateway 10.10.128.1 --nameserver 10.10.128.8,10.10.128.9 --hostname msut3-xrootd-p1.aglt2.org
network --device p2p1 --onboot yes --bootproto static --noipv6 --ip 192.41.236.93 --netmask 255.255.254.0 --gateway 192.41.236.1 --hostname msut3-xrootd-p1.aglt2.org
lang en_US.UTF-8
keyboard us
# SHA512
rootpw --iscrypted $6$GoGreen!!$8tySC5W8uSuDsOi3AMNDqz6al9gOFuYJd13Uw3jUgYHKhYYy/KWTsrVkLQukfy.3kaCp5Rvdosj9gDiYsgccl/
#firewall --service=ssh
firewall --trust=eth0
authconfig --enableshadow --passalgo=sha512
timezone --utc America/Detroit
bootloader --location=mbr --append="crashkernel=auto"
selinux --disabled
skipx
text
# local repo for use during packages section
#repo --name="AGLT2 Repo 6/x86_64" --baseurl=http://mirror.msulocal/mirror/aglt2/6/x86_64
# services to disable or enable. make sure to have no spaces in lists
services --disable NetworkManager,auditd,cups,smartd,avahi-daemon --enable ntpd
# nonpriv user setup just for install time, root account is also available...
# also need to boot with option "sshd=1"
#sshpw --username=installer INST5577 --plaintext
# reboot when done
reboot
%packages
@base
@client-mgmt-tools
@console-internet
@core
@directory-client
@hardware-monitoring
@large-systems
@misc-sl
@performance
@perl-runtime
xorg-x11-xauth
openafs-client
openafs-compat
openafs-krb5
openafs-authlibs
-NetworkManager
%pre
#!/bin/sh
mkdir /tmp/anaconda-pre
ls -l /dev/disk/by-path > /tmp/anaconda-pre/disks-by-path-pre.out
%end
%pre
# tests to verify that correct disk is used for install
# if tests fail, want to stop installer
# ! this is pretty flakey. Maybe should skip if the install disk is uniquely
# ! specified by path
# Max allowed disk size in GB
MAXSIZE=999
# a place to put a log
LOGDIR="/tmp/anaconda-pre"
LOGFILE="$LOGDIR/pre-check-install-disk-maxsize.out"
mkdir $LOGDIR
# get the size. ask parted for size in GB, grep for 1 or more digits in result
# parted print fails if disk has no label, so OK for reinstalls, but a
# problem for fresh systems or new vdisks
#SIZE=`parted /dev/disk/by-path/pci-0000:02:08.0-sas-0x1221000000000000-lun-0 unit gb print | awk '/^Disk.*GB/ {print $3}' | sed 's/GB//' | grep '^[0-9][0-9]*$'`
# fdisk works?
SIZE=`fdisk -l /dev/disk/by-path/pci-0000:02:08.0-sas-0x1221000000000000-lun-0 | head -2 | awk '/Disk/ {print int($3)}' | grep '^[0-9][0-9]*$'`
SIZEEXIT=$?
if [ "$SIZEEXIT" -ne "0" ]; then
echo "failed to get disk size" >> $LOGFILE
# send output to console
chvt 3
exec < /dev/tty3 > /dev/tty3
echo "failed to get disk size, pausing installer, please correct and retry."
# want to stop install, this "cat" should just wait forever...
cat
fi
if [ "$SIZE" -gt "$MAXSIZE" ]; then
echo "disk size $SIZE greater than $MAXSIZE stop installer" >> $LOGFILE
# send output to console
chvt 3
exec < /dev/tty3 > /dev/tty3
echo "disk size $SIZE GB greater than $MAXSIZE, pausing installer, please correct and retry."
# want to stop install, this "cat" should just wait forever...
cat
# this should kill the installer (tested interactively), leaves at
# "enter Ctrl-C or Ctrl-Alt-Delete prompt"
# killall anaconda
fi
echo "disk size $SIZE is OK" >> $LOGFILE
%end
%post --nochroot
cp -r /tmp/anaconda-pre /mnt/sysimage/root
%end
%post
(
# post-sshd-config-ten-ten.tmpl
# minimal sshd config allowing ssh_keys access on 10.10. network
# expect sshd to be reconfigured by CFEngine
# SSHD Config, defaults have been stripped out
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.install.orig
cat > /etc/ssh/sshd_config << 'ENDSSHCONFIG'
SyslogFacility AUTHPRIV
PasswordAuthentication no
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
UsePAM yes
X11Forwarding yes
PermitRootLogin without-password
Subsystem sftp /usr/libexec/openssh/sftp-server
ListenAddress 10.10.128.93
ENDSSHCONFIG
) 2>&1 | tee /root/post-sshd-config-ten-ten.log
%end
%post
echo "post-ssh-key-rockwell running `date`"
# need to have authorized_keys file
# note that this leaves file broken for selinux
mkdir /root/.ssh
chmod 700 /root/.ssh
touch /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
cat >> /root/.ssh/authorized_keys << ENDSSHKEY
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEApn2AFiC3Oi30VaeZ7o8h\
I6fV7oWpUp9Hq8sWABHRftohXufJ+KdjlH1Xv+iwfXlk8iiM8SRtuJol\
RtaOyMEuwMZKz8+AzS0VXceBUd/EAcUCAKHsLO4VRwJpUfMNan6jj1OD\
V4hx5zL9ZecR/C2VpOoYSusFQ1emBdvOO4lE2TAM1gicrjMgHWfo5fu6\
PsFb/ShXu4N52mzTO0LYa0pDUePsZfucEo2M0rDywtAOxENQ/bZ9E7Tc\
jp2Hzuh5rE145TeN/J2wh3Bw09d+FernumAtwayD3VRoLZudlU9Z/+h+\
6dgZ6Y9XHumjvUIvU8JTFDay5eqtPM5ueIUI7xO/hw== Tom Rockwell
ENDSSHKEY
%end
%post
# kill grub splashimage and hidden menu grub options
sed -i '/^hiddenmenu/d' /boot/grub/grub.conf
sed -i '/^splashimage/d' /boot/grub/grub.conf
# kill the graphical and quiet kernel options
sed -i 's/ rhgb//' /boot/grub/grub.conf
sed -i 's/ quiet//' /boot/grub/grub.conf
# add time boot parameter for timestamp in dmesg
# match "kernel /vmlinuz" and append to the line
sed -i 's/\(.*kernel .vmlinuz.*\)/\1 printk.time=1/' /boot/grub/grub.conf
%end
%post
# Overwrite sl.repo so local repo mirror is used
rm /etc/yum.repos.d/sl-other.repo
# fill file using here-doc with parameter sub turned off
cat > /etc/yum.repos.d/sl.repo << 'ENDSLREPO'
# Written by kickstart. Use local mirrors.
[sl]
name=Scientific Linux $releasever - $basearch
baseurl=http://mirror.msulocal/mirror/scientific/$releasever/$basearch/os
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-sl file:///etc/pki/rpm-gpg/RPM-GPG-KEY-sl6 file:///etc/pki/rpm-gpg/RPM-GPG-KEY-cern
[sl-security]
name=Scientific Linux $releasever - $basearch - security updates
baseurl=http://mirror.msulocal/mirror/scientific/$releasever/$basearch/updates/security
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-sl file:///etc/pki/rpm-gpg/RPM-GPG-KEY-sl6 file:///etc/pki/rpm-gpg/RPM-GPG-KEY-cern
ENDSLREPO
chmod 644 /etc/yum.repos.d/sl.repo
# add the AGLT2 repo
cat > /etc/yum.repos.d/aglt2.repo << 'ENDAGLT2REPO'
[aglt2]
name=AGLT2 $releasever - $basearch
baseurl=http://mirror.msulocal/mirror/aglt2/$releasever/$basearch
enabled=1
gpgcheck=0
[aglt2-testing]
name=AGLT2 Testing $releasever - $basearch
baseurl=http://mirror.msulocal/mirror/aglt2/testing/$releasever/$basearch
enabled=0
gpgcheck=0
ENDAGLT2REPO
chmod 644 /etc/yum.repos.d/aglt2.repo
%end
%post
echo 'atlas.umich.edu' > /usr/vice/etc/ThisCell
sed -i s/^CACHESIZE=.*/CACHESIZE=1900000/ /etc/sysconfig/afs
chkconfig afs on
%pre
%post
# add static routes using /etc/sysconfig/network-scripts/devname.route files
echo "ADDRESS0=10.10.0.0" >> /etc/sysconfig/network-scripts/eth0.route
echo "NETMASK0=255.255.240.0" >> /etc/sysconfig/network-scripts/eth0.route
echo "GATEWAY0=10.10.128.1" >> /etc/sysconfig/network-scripts/eth0.route
%end
%post
# create the repo file pointing to local mirror of OMSA
cat > /etc/yum.repos.d/dell-omsa.repo <<ENDREPOFILE
[dell-omsa-indep]
name=Dell OMSA repository - Hardware independent
baseurl=http://mirror.msulocal/mirror/dell/hardware/OMSA_7.1/platform_independent/rh60_64
type=rpm-md
gpgcheck=1
gpgkey=http://mirror.msulocal/mirror/dell/hardware/OMSA_7.1/RPM-GPG-KEY-dell
http://mirror.msulocal/mirror/dell/hardware/OMSA_7.1/RPM-GPG-KEY-libsmbios
enabled=1
failover=priority
[dell-omsa-specific]
name=Dell OMSA repository - Hardware specific
type=rpm-md
baseurl=http://mirror.msulocal/mirror/dell/hardware/OMSA_7.1/pe1950/rh60_64
gpgcheck=1
gpgkey=http://mirror.msulocal/mirror/dell/hardware/OMSA_7.1/RPM-GPG-KEY-dell
http://mirror.msulocal/mirror/dell/hardware/OMSA_7.1/RPM-GPG-KEY-libsmbios
enabled=1
failover=priority
ENDREPOFILE
%end
%post
# paren for redirect of ouput to logfile...
(
echo "post script running `date`"
# don't have solution for using UL kernel with SL openafs packges in SL6
#yum -y update kernel
#wget -O /tmp/kmod-openafs.rpm http://mirror.msulocal/mirror/aglt2/6/x86_64/kmod-openafs-1.6.1-1.3.2.13_UL1.el6.x86_64.rpm
#rpm -i /tmp/kmod-openafs.rpm
yum -y install srvadmin-omacore srvadmin-storage
# try to set time
ntpdate 10.10.128.8
# CFEngine Keys?
# Salt Keys?
# Change pxe boot action to localboot
wget --no-check-certificate -O - -o /dev/null https://10.10.128.11/install/sbin/public/setPxeboot.cgi
# paren for redirect of ouput to logfile...
) 2>&1 | tee /root/anaconda_post-ssh-keys.log
%end
%post
# for debugging
#sleep 3456
sleep 7
%end