上一篇博文:http://www.cnblogs.com/hjc4025/p/6918323.html
这篇文章是对之前博文的一点扩展和补充:
这里主要是在之前的基础上添加了一些自己制作好的程序,还有安装openssh7.5版本,直接全部包含在镜像中,并且设置一些自启动程序、DNS、还有计划任务之类的,都是利用ks.cfg文件的post字段后面定义的脚本实现的,在post的阶段中使用--nochroot 表示可以使用任何目录,而本阶段中的 / (根目录)是会自动挂在到/mnt/sysimage下,下面请看我的ks.cfg文件:
#platform=x86, AMD64, or Intel EM64T # Firewall configuration firewall --disabled # Install OS instead of upgrade install # Use CDROM installation media cdrom # Root password default is "redhat" rootpw --iscrypted $1$n5Jfcfwa$//2gZpFMJypdiXEF8ld6O. # System authorization information auth --useshadow --passalgo=md5 # Use text mode install text firstboot --disable # System keyboard keyboard us # System language lang en_US # SELinux configuration selinux --disabled # Do not configure the X Window System skipx # Installation logging level logging --level=info # Reboot after installation reboot # System timezone timezone Asia/Shanghai # Network information network --bootproto=dhcp --device=eth0 --onboot=on –noipv6 # System bootloader configuration bootloader --location=mbr # Clear the Master Boot Record zerombr # Partition clearing information clearpart --all --initlabel # Disk partitioning information ignoredisk --only-use=sda part /boot --fstype="ext4" --size=1032 part swap --size=8300 part / --fstype="ext4" --grow --size=1 %packages @additional-devel @base @compat-libraries @core @debugging @basic-desktop @desktop-debugging @desktop-platform @desktop-platform-devel @development @directory-client @eclipse @emacs @fonts @general-desktop @graphical-admin-tools @graphics @input-methods @internet-browser @java-platform @legacy-x @network-file-system-client @php @performance @perl-runtime @print-client @remote-desktop-clients @system-management-snmp @server-platform @server-platform-devel @server-policy @system-admin-tools @tex @technical-writing @virtualization @virtualization-client @virtualization-platform @virtualization-tools @web-server @web-servlet @workstation-policy @x11 libgcrypt-devel libXinerama-devel openmotif-devel libXmu-devel xorg-x11-proto-devel startup-notification-devel libgnomeui-devel libbonobo-devel junit libXau-devel libXrandr-devel popt-devel gnome-python2-desktop libdrm-devel libxslt-devel libglade2-devel gnutls-devel mtools gdisk pax python-dmidecode oddjob wodim sgpio genisoimage device-mapper-persistent-data systemtap-client abrt-gui desktop-file-utils ant expect rpmdevtools python-six jpackage-utils rpmlint samba-winbind certmonger pam_krb5 krb5-workstation netpbm-progs dcraw openmotif libXmu libXp php-odbc php-pecl-memcache php-xmlrpc php-pecl-apc php-ldap php-soap php-mysql php-pgsql perl-DBD-SQLite net-snmp-python net-snmp-perl symlinks rrdtool pexpect dtach mc xdelta screen tree mgetty hardlink lshw expect conman crypto-utils scrub rdist vlock rear lsscsi libvirt-java perl-Sys-Virt libguestfs-java virt-v2v libguestfs-tools mod_authnz_pam mod_auth_mysql mod_auth_mellon mod_auth_kerb squid mod_nss mod_auth_pgsql certmonger mod_authz_ldap mod_intercept_form_submit perl-CGI-Session perl-CGI python-memcached mod_revocator perl-Cache-Memcached memcached mod_lookup_identity libmemcached %post --nochroot --log=/mnt/sysimage/root/postinstall_stage1.log mkdir -p /mnt/source mount -o loop /dev/cdrom /mnt/source cp /mnt/source/software/netgainagent_v3.tar.gz /mnt/sysimage/usr/ cp /mnt/source/software/netgainagent_v4.tar.gz /mnt/sysimage/usr/ cp /mnt/source/software/openssh-7.5p1.tar.gz /mnt/sysimage/usr/local cp /mnt/source/software/cn_node_yum.repo /mnt/sysimage/etc/yum.repos.d/ umount -f /mnt/source %post --log=/root/postinstall_stage2.log #agent cd /usr tar zxvf netgainagent_v3.tar.gz echo "==>Uncompress netgainagent ok!\n" >> /root/postinstall_stage2.log #openssl rm -rf /etc/ssh/ rm -rf /etc/init.d/sshd cd /usr/local tar -xvf openssh-7.5p1.tar.gz cd /usr/local/openssh-7.5p1 ./configure --prefix=/usr --sysconfdir=/etc/ssh --with-pam --with-zlib --with-ssl-dir=/usr/local/ssl --with-md5-passwords --mandir=/usr/share/man make make install cp /usr/local/openssh-7.5p1/contrib/redhat/sshd.init /etc/init.d/sshd echo "PermitRootLogin yes" >> /etc/ssh/sshd_config chkconfig sshd on echo "==>Update openssl ok!\n" >> /root/postinstall_stage2.log #yum.repo.d mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo_bak mv /etc/yum.repos.d/CentOS-Debuginfo.repo /etc/yum.repos.d/CentOS-Debuginfo.repo_bak mv /etc/yum.repos.d/CentOS-fasttrack.repo /etc/yum.repos.d/CentOS-fasttrack.repo_bak mv /etc/yum.repos.d/CentOS-Media.repo /etc/yum.repos.d/CentOS-Media.repo_bak mv /etc/yum.repos.d/CentOS-Vault.repo /etc/yum.repos.d/CentOS-Vault.repo_bak #chkconfig chkconfig iptables off chkconfig cgconfig off chkconfig cgdcbxd off chkconfig abrtd off chkconfig ip6tables off chkconfig xinetd off chkconfig virt-who off chkconfig pppoe-server off chkconfig postfix off chkconfig lvm2-monitor off chkconfig libvirtd off chkconfig libvirt-guests off chkconfig isdn off chkconfig iscsid off chkconfig iscsi off chkconfig fcoe-target off chkconfig fcoe off chkconfig certmonger off chkconfig bluetooth off chkconfig NetworkManager off #set /etc/resolv.conf cat > /etc/resolv.conf << EOF nameserver 218.241.99.50 nameserver 218.241.118.144 EOF echo "==>Set OS DNS ok!\n" >> /root/postinstall_stage2.log #ntp cat >> /var/spool/cron/root << EOF */3 * * * * /usr/sbin/ntpdate ntp.cnnic.cn && /sbin/hwclock -w # */3 * * * * /usr/sbin/ntpdate 10.10.1.12 && /sbin/hwclock -w # */3 * * * * /usr/sbin/ntpdate 10.20.2.53 && /sbin/hwclock -w EOF echo "==>Set OS NTP ok!\n" >> /root/postinstall_stage2.log
这个里面包括使用了最新的openssh 7.5 版本,里面也有一些走过的坑。。不过最终还是做出来了
时间: 2024-10-20 02:00:17