对Centos的自动安装的补充

上一篇博文：http://www.cnblogs.com/hjc4025/p/6918323.html

这篇文章是对之前博文的一点扩展和补充：

这里主要是在之前的基础上添加了一些自己制作好的程序，还有安装openssh7.5版本，直接全部包含在镜像中，并且设置一些自启动程序、DNS、还有计划任务之类的，都是利用ks.cfg文件的post字段后面定义的脚本实现的，在post的阶段中使用--nochroot 表示可以使用任何目录，而本阶段中的 / （根目录）是会自动挂在到/mnt/sysimage下，下面请看我的ks.cfg文件：

#platform=x86, AMD64, or Intel EM64T
# Firewall configuration
firewall --disabled
# Install OS instead of upgrade
install
# Use CDROM installation media
cdrom
# Root password default is "redhat"
rootpw --iscrypted $1$n5Jfcfwa$//2gZpFMJypdiXEF8ld6O.
# System authorization information
auth  --useshadow  --passalgo=md5
# Use text mode install
text
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# Installation logging level
logging --level=info
# Reboot after installation
reboot
# System timezone
timezone  Asia/Shanghai
# Network information
network  --bootproto=dhcp --device=eth0 --onboot=on –noipv6
# System bootloader configuration
bootloader --location=mbr
# Clear the Master Boot Record
zerombr
# Partition clearing information
clearpart --all --initlabel
# Disk partitioning information
ignoredisk --only-use=sda
part /boot --fstype="ext4" --size=1032
part swap --size=8300
part / --fstype="ext4" --grow --size=1
%packages
@additional-devel
@base
@compat-libraries
@core
@debugging
@basic-desktop
@desktop-debugging
@desktop-platform
@desktop-platform-devel
@development
@directory-client
@eclipse
@emacs
@fonts
@general-desktop
@graphical-admin-tools
@graphics
@input-methods
@internet-browser
@java-platform
@legacy-x
@network-file-system-client
@php
@performance
@perl-runtime
@print-client
@remote-desktop-clients
@system-management-snmp
@server-platform
@server-platform-devel
@server-policy
@system-admin-tools
@tex
@technical-writing
@virtualization
@virtualization-client
@virtualization-platform
@virtualization-tools
@web-server
@web-servlet
@workstation-policy
@x11
libgcrypt-devel
libXinerama-devel
openmotif-devel
libXmu-devel
xorg-x11-proto-devel
startup-notification-devel
libgnomeui-devel
libbonobo-devel
junit
libXau-devel
libXrandr-devel
popt-devel
gnome-python2-desktop
libdrm-devel
libxslt-devel
libglade2-devel
gnutls-devel
mtools
gdisk
pax
python-dmidecode
oddjob
wodim
sgpio
genisoimage
device-mapper-persistent-data
systemtap-client
abrt-gui
desktop-file-utils
ant
expect
rpmdevtools
python-six
jpackage-utils
rpmlint
samba-winbind
certmonger
pam_krb5
krb5-workstation
netpbm-progs
dcraw
openmotif
libXmu
libXp
php-odbc
php-pecl-memcache
php-xmlrpc
php-pecl-apc
php-ldap
php-soap
php-mysql
php-pgsql
perl-DBD-SQLite
net-snmp-python
net-snmp-perl
symlinks
rrdtool
pexpect
dtach
mc
xdelta
screen
tree
mgetty
hardlink
lshw
expect
conman
crypto-utils
scrub
rdist
vlock
rear
lsscsi
libvirt-java
perl-Sys-Virt
libguestfs-java
virt-v2v
libguestfs-tools
mod_authnz_pam
mod_auth_mysql
mod_auth_mellon
mod_auth_kerb
squid
mod_nss
mod_auth_pgsql
certmonger
mod_authz_ldap
mod_intercept_form_submit
perl-CGI-Session
perl-CGI
python-memcached
mod_revocator
perl-Cache-Memcached
memcached
mod_lookup_identity
libmemcached
%post --nochroot --log=/mnt/sysimage/root/postinstall_stage1.log
mkdir -p /mnt/source
mount -o loop /dev/cdrom /mnt/source
cp /mnt/source/software/netgainagent_v3.tar.gz /mnt/sysimage/usr/
cp /mnt/source/software/netgainagent_v4.tar.gz /mnt/sysimage/usr/
cp /mnt/source/software/openssh-7.5p1.tar.gz /mnt/sysimage/usr/local
cp /mnt/source/software/cn_node_yum.repo /mnt/sysimage/etc/yum.repos.d/
umount -f /mnt/source
%post --log=/root/postinstall_stage2.log
#agent
cd /usr
tar zxvf netgainagent_v3.tar.gz
echo "==>Uncompress netgainagent ok!\n" >> /root/postinstall_stage2.log
#openssl
rm -rf /etc/ssh/
rm -rf /etc/init.d/sshd
cd /usr/local
tar -xvf openssh-7.5p1.tar.gz
cd /usr/local/openssh-7.5p1
./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-zlib --with-ssl-dir=/usr/local/ssl --with-md5-passwords --mandir=/usr/share/man
make
make install
cp /usr/local/openssh-7.5p1/contrib/redhat/sshd.init /etc/init.d/sshd
echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
chkconfig sshd on
echo "==>Update openssl ok!\n" >> /root/postinstall_stage2.log
#yum.repo.d
mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo_bak
mv /etc/yum.repos.d/CentOS-Debuginfo.repo /etc/yum.repos.d/CentOS-Debuginfo.repo_bak
mv /etc/yum.repos.d/CentOS-fasttrack.repo /etc/yum.repos.d/CentOS-fasttrack.repo_bak
mv /etc/yum.repos.d/CentOS-Media.repo /etc/yum.repos.d/CentOS-Media.repo_bak
mv /etc/yum.repos.d/CentOS-Vault.repo /etc/yum.repos.d/CentOS-Vault.repo_bak
#chkconfig
chkconfig iptables off
chkconfig cgconfig off
chkconfig cgdcbxd off
chkconfig abrtd off
chkconfig ip6tables off
chkconfig xinetd off
chkconfig virt-who off
chkconfig pppoe-server off
chkconfig postfix off
chkconfig lvm2-monitor off
chkconfig libvirtd off
chkconfig libvirt-guests off
chkconfig isdn off
chkconfig iscsid off
chkconfig iscsi off
chkconfig fcoe-target off
chkconfig fcoe off
chkconfig certmonger off
chkconfig bluetooth off
chkconfig NetworkManager off
#set /etc/resolv.conf
cat > /etc/resolv.conf << EOF
nameserver 218.241.99.50
nameserver 218.241.118.144
EOF
echo "==>Set OS DNS ok!\n" >> /root/postinstall_stage2.log
#ntp
cat >> /var/spool/cron/root << EOF
*/3 * * * * /usr/sbin/ntpdate ntp.cnnic.cn && /sbin/hwclock -w
# */3 * * * * /usr/sbin/ntpdate 10.10.1.12 && /sbin/hwclock -w
# */3 * * * * /usr/sbin/ntpdate 10.20.2.53 && /sbin/hwclock -w
EOF
echo "==>Set OS NTP ok!\n" >> /root/postinstall_stage2.log

这个里面包括使用了最新的openssh 7.5 版本，里面也有一些走过的坑。。不过最终还是做出来了