定制iso系统

定制CentOS 5.5精简的自动安装版
1、安装制作发行版所需的基本软件包
yum  -y install createrepo mkisofs
2、生成安装系统所需的rpm文件列表
awk ‘/Installing/{print $2}‘ install.log |sed ‘s/^[0-9]*://g‘ >/root/CentOS.list
3、创建定制工作目录
mkdir -p /mnt/cdrom
mkdir -p /data/OS
mount /dev/cdrom /mnt/cdrom/
rsync -a --exclude=CentOS /mnt/cdrom/ /data/OS/
mkdir /data/OS/CentOS
4、复制精简后的RPM包
vi /data/cprmps.sh  #创建自动复制RPM包脚本
#!/bin/bash  
DEBUG=0 
CentOS_DVD=/mnt/cdrom  
ALL_RPMS_DIR=/mnt/cdrom/CentOS #源光盘RPM包存放的目录  
KOS_RPMS_DIR=/data/OS/CentOS    #精简后RPM包存放的目录  
CentOS_list=/root/CentOS.list  #精简后的RPM包列表  
number_of_CentOS=`cat $CentOS_list | wc -l`  
i=1 
    while [ $i -le $number_of_CentOS ] ; do  
        line=`head -n $i $CentOS_list | tail -n -1`  
        name=`echo $line | awk ‘{print $1}‘`  
        version=`echo $line | awk ‘{print $3}‘ | cut -f 2 -d :`  
    if [ $DEBUG -eq "1" ] ; then  
        echo $i: $line  
        echo $name   
        echo $version  
    fi  
    if [ $DEBUG -eq "1" ] ; then  
        ls $ALL_RPMS_DIR/$name-$version*  
        if [ $? -ne 0 ] ; then  
            echo "cp $ALL_RPMS_DIR/$name-$version* "  
        fi  
        else  
            echo "cp $ALL_RPMS_DIR/$name-$version* $KOS_RPMS_DIR/"  
            cp $ALL_RPMS_DIR/$name-$version* $KOS_RPMS_DIR/  
        # in case the copy failed  
        if [ $? -ne 0 ] ; then  
            echo "cp $ALL_RPMS_DIR/$name-$version* "  
            cp $ALL_RPMS_DIR/$name* $KOS_RPMS_DIR/  
        fi  
    fi  
i=`expr $i + 1`  
done

chmod u+x /data/cprmps.sh
.//data/cprmps.sh

5、配置kickstart脚本
cp /root/anaconda-ks.cfg /data/OS/isolinux/ks.cfg
#修改ks.cfg文件
vi /data/OS/isolinux/ks.cfg
# Kickstart file automatically generated by anaconda.
install
cdrom
lang en_US.UTF-8
keyboard us
network --device eth0 --bootproto dhcp
#root 密码123456
rootpw --iscrypted $1$jdjqFYQd$LrVDCZqFDpWjQDrxAzyb0/
firewall --disabled
authconfig --enableshadow --enablemd5
selinux --disabled
timezone --utc  Asia/Shanghai
bootloader --location=mbr --driveorder=sda
%packages
@base
@chinese-support
@core
@development-libs
@development-tools
@dialup
@editors
@legacy-network-server
@legacy-software-development
@mail-server
@network-server
@news-server
@server-cfg
@text-internet
@web-server
@smb-server
keyutils
trousers
fipscheck
device-mapper-multipath
perl-Convert-ASN1
imake

%post --nochroot  
%post  
#tunoff services
for i in `ls /etc/rc3.d/S*`
do
CURSRV=`echo $i | cut -c 15-`
echo $CURSRV
case $CURSRV in
crond | irqbalance | microcode_ctl | network | random | sendmail | sshd | syslog | local )
echo "Base services,skip!"
;;
*)
echo "change $CURSRV to off"
chkconfig --level 235 $CURSRV off
service $CURSRV stop
;;
esac
done
# disable ipv6
echo "alias net-pf-10 off" >> /etc/modprobe.conf
echo "alias ipv6 off" >> /etc/modprobe.conf
/sbin/chkconfig --level 35 ip6tables off
# file descriptors  
echo "ulimit -SHn 65535" >> /etc/profile
echo "* soft nofile 65536" >> /etc/security/limits.conf
echo "* hard nofile 65536" >> /etc/security/limits.conf
#set sysctl  
echo ‘‘>/etc/sysctl.conf
cat >>/etc/sysctl.conf<<eof
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
net.ipv4.tcp_max_tw_buckets = 60000
net.ipv4.tcp_sack = 1
net.ipv4.tcp_window_scaling = 1
net.ipv4.tcp_rmem = 4096        87380   4194304
net.ipv4.tcp_wmem = 4096        16384   4194304
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.core.netdev_max_backlog = 262144
net.core.somaxconn = 262144
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.tcp_max_syn_backlog = 262144
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 1
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_fin_timeout = 1
net.ipv4.tcp_keepalive_time = 30
net.ipv4.ip_local_port_range = 1024    65000
fs.file-max = 102400
net.ipv4.ip_conntrack_max = 1048576
net.ipv4.netfilter.ip_conntrack_max = 131072
net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 216000
eof
modprobe ip_conntrack
/sbin/sysctl -p  
 
#close ctrl+alt+del  
sed -i "s/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/#ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/" /etc/inittab  
#modify ssh
sed -i ‘/AddressFamily/ a\UseDNS no‘ /etc/ssh/sshd_config

#add lib
touch /etc/ld.so.conf.d/default.conf
echo "/usr/lib" >> /etc/ld.so.conf.d/default.conf
echo "/usr/lib64" >> /etc/ld.so.conf.d/default.conf
echo "/usr/local/lib"  >> /etc/ld.so.conf.d/default.conf
echo "/usr/local/lib64" >> /etc/ld.so.conf.d/default.conf
#set purview   
chmod 600 /etc/passwd  
chmod 600 /etc/shadow  
chmod 600 /etc/group  
chmod 600 /etc/gshadow
%end

6、生成comps.xml
cd /data/OS
createrepo -g repodata/comps.xml  /data/OS/
7、让系统从kickstart配置启动安装
rm -rf /data/OS/isolinux/isolinux.cfg
vi /data/OS/isolinux/isolinux.cfg
default auto
prompt 1
timeout 600
display boot.msg
F1 boot.msg
F2 options.msg
F3 general.msg
F4 param.msg
F5 rescue.msg
label linux
kernel vmlinuz
append initrd=initrd.img
label text
kernel vmlinuz
append initrd=initrd.img text
label auto
kernel vmlinuz
append ks=cdrom:/isolinux/ks.cfg initrd=initrd.img
label ks
kernel vmlinuz
append ks initrd=initrd.img
label local
localboot 1
label memtest86
kernel memtest
append -
8、生成ISO文件
cd /data/OS
declare -x discinfo=`head -1 .discinfo`
createrepo -u  "media://$discinfo" -g repodata/comps.xml /data/OS/
mkisofs -R -J -T -r -l -d -joliet-long -allow-multidot -allow-leading-dots -no-bak -o /data/Centos5.5_x64.iso -b isolinux/isolinux.bin -c isolinux/boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table /data/OS