Last active
February 29, 2024 15:04
-
-
Save ThinGuy/b0f935b93f6f03b0ad132e7734d2b188 to your computer and use it in GitHub Desktop.
Custom Kickstart file to further tweak RHEL and CentOS MAAS images using maas-image-builder
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Note: This further tweaks rhel and centos images | |
| # built by the maas-image-builder | |
| # | |
| # This is supplemental to the kickstart file | |
| # that gets auto-generated by the maas-image-builder. | |
| # It does not supercede those settings, unless | |
| # you purposely reverse a change, like unlocking | |
| # the root user's account | |
| # | |
| # Since it is supplemental, there are no "required" | |
| # entries since those are handled by the maas-image-builder's | |
| # default kickstart file. That said, all other kickstart rules apply | |
| # e.g sections that start with "%" must be closed off with | |
| # an %end statement | |
| # | |
| # Tested under rhel/7 and centos7 | |
| # | |
| # Apply with the following maas-image-builder | |
| # flag: --custom-kickstart ./mib-custom.ks | |
| # when building rhel/7 or centos7 images | |
| # Begin kickstart | |
| # Install additional repos if needed | |
| #repo --name="myrepo1" --baseurl=http://repo1.url | |
| #repo --name="myrepo2" --baseurl=http://repo2.url | |
| # The maas-image-builder's primary kickstart sets tz to UTC | |
| # Change to a local time zone if needed | |
| timezone America/Los_Angeles --isUtc | |
| # The maas-image-builder's primary kickstart creates a user called | |
| # centos which is part of sudoers | |
| # Add additional local users if desired | |
| # Note: --groups=wheel adds these users to sudoers | |
| user --name=craig --groups=wheel --password=Pass1234 --plaintext --shell=/bin/bash | |
| user --name=lee --groups=wheel --password=Pass1234 --plaintext --shell=/bin/bash | |
| user --name=surya --groups=wheel --password=Pass1234 --plaintext --shell=/bin/bash | |
| %post --erroronfail | |
| # post is where we can undo some of the changes made by maas-image-builder's | |
| # default kickstart file | |
| # The maas-image-builder's primary kickstart deletes root's password | |
| # and locks the account. If you want it unlocked, do the following | |
| echo 'root:Pass1234'|chpasswd - | |
| passwd -u root | |
| # If you want the users that were added above to be able to login | |
| # with a password, you'll need to change sshd_config | |
| # Specifically you need to change PasswordAuthentication from | |
| # no to yes | |
| sed 's/^PasswordAuthentication no/PasswordAuthentication yes/g' -i /etc/ssh/sshd_confi | |
| %end | |
| %packages | |
| #Add addtional packages if desired | |
| curl | |
| %end | |
| %anaconda | |
| # Relax password restrictions for root,users, and luks if desired | |
| pwpolicy root --minquality=0 --notstrict --notempty --changesok | |
| pwpolicy user --minquality=0 --notstrict --notempty --changesok | |
| pwpolicy luks --minquality=0 --notstrict --notempty --changesok | |
| %end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment