Skip to content

Instantly share code, notes, and snippets.

Forked from vkanevska/
Created September 21, 2018 08:47
Show Gist options
  • Save adofirst2018/f98fb76fe0cb4b46de440e626845a36e to your computer and use it in GitHub Desktop.
Save adofirst2018/f98fb76fe0cb4b46de440e626845a36e to your computer and use it in GitHub Desktop.
Custom CentOS 7 bootable ISO / Support UEFI & Secure boot
# create custom bootable iso for CentOS 7 with kickstart
if [ $# -lt 2 ]
echo "Usage1: $0 path2iso path2kickstart"
exit 1
if [ ! -f $1 ]
echo "File $1 does not exist!"
exit 0
elif [ ! -f $2 ]
echo "File $2 does not exist!"
exit 0
echo "Source file - $INNAME"
echo "Kickstart file - $KSFILE"
# original ISO file of CentOS 7
# out file name
OUTNAME=$(basename "$INNAME" | cut -d. -f1)"-KS-UEFI".iso
# working directory
# Delete possible previous results
rm -rf $WORK
# create a new working directory
echo "Create working directory - $WORK"
mkdir $WORK
# dir to mount original ISO - SRC
# dir for customised ISO
# Dir for mount EFI image
# mount ISO to SRC dir
echo "Create $SRC"
mkdir $SRC
echo "Mount original $ISO_ORIGINAL to $SRC"
mount -o loop $ISO_ORIGINAL $SRC
# create dir for ISO customisation
echo "Create dir $DST for customisation"
mkdir $DST
# copy orginal files to destination dir
# use dot after SRC dir (SRC/.) to help copy hidden files also
cp -v -r $SRC/. $DST/
echo "Umount original ISO $SRC"
umount $SRC
# create dir for EFI image
echo "Create dir for EFIBOOT image - $EFI"
mkdir $EFI
# change rights for rw
echo "Make EFIBOOT RW"
chmod 644 $DST/images/efiboot.img
echo "Mount EFIBOOT image to $EFI"
mount -o loop $DST/images/efiboot.img $EFI/
# add boot menu grab.cfg for UEFI mode
cp -v $(dirname $0)/cfg/efi-boot-grub.cfg $EFI/EFI/BOOT/grub.cfg
# unmount image
echo "Unmount $EFI"
umount $EFI/
# back RO rights
echo "Make EFIBOOT RO"
chmod 444 $DST/images/efiboot.img
# add boot menu grab.cfg for UEFI mode
# It is the second place where boot menu is exists for EFI.
# /images/efiboot.img/{grub.cfg} has the working menu
# /EFI/BOOT/grub.cfg just present (this case has to be discovered)
cp -v $(dirname $0)/cfg/efi-boot-grub.cfg $DST/EFI/BOOT/grub.cfg
# add boot menu with kickstart option to /isolinux (BIOS)
cp -v $(dirname $0)/cfg/isolinux.cfg $DST/isolinux/isolinux.cfg
# put kickstart file custom-ks.cfg to isolinux/ks.cfg
cp -v $KSFILE $DST/isolinux/ks.cfg
# create dir for custom scripts
mkdir -p $DST/extras/ansible/
cp -v -r $(dirname $0)/../ansible/. $DST/extras/ansible/
# copy custom rc.local
cp -v -r $(dirname $0)/cfg/rc.local $DST/extras/
# copy extra RPM to Packages
echo "Copy custom RPM to $DST/Packages"
PACKAGES="$(dirname $0)/packages.txt"
while IFS='' read -r pname || [[ -n "$pname" ]]; do
cp -v $(dirname $0)/Packages/$pname $DST/Packages/
done < "$PACKAGES"
# update RPM repository index
echo "Update repository index"
cd $DST/;
chmod u+w repodata/*;
createrepo -g repodata/*comps.xml . --update;
# create output directory
mkdir $OUTPUT
echo "$PWD - Create custom ISO";
cd $DST;
genisoimage \
-V "CentOS 7 x86_64" \
-A "CentOS 7 x86_64" \
-joliet-long \
-b isolinux/isolinux.bin \
-c isolinux/ \
-no-emul-boot \
-boot-load-size 4 \
-boot-info-table \
-eltorito-alt-boot -e images/efiboot.img \
-no-emul-boot \
-R -J -v -T \
$DST \
> $WORK/out.log 2>&1
echo "Isohybrid - make custom iso bootable"
sudo isohybrid --uefi $OUTPUT/$OUTNAME
set default="0"
function load_video {
insmod efi_gop
insmod efi_uga
insmod video_bochs
insmod video_cirrus
insmod all_video
set gfxpayload=keep
insmod gzio
insmod part_gpt
insmod ext2
set timeout=60
### END /etc/grub.d/00_header ###
search --no-floppy --set=root -l 'CentOS 7 x86_64'
### BEGIN /etc/grub.d/10_linux ###
menuentry 'Install CentOS 7 KS' --class fedora --class gnu-linux --class gnu --class os {
linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 inst.ks=hd:LABEL=CentOS\x207\x20x86_64:/isolinux/ks.cfg text
initrdefi /images/pxeboot/initrd.img
menuentry 'Test this media & install CentOS 7' --class fedora --class gnu-linux --class gnu --class os {
linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 quiet
initrdefi /images/pxeboot/initrd.img
submenu 'Troubleshooting -->' {
menuentry 'Install CentOS 7 in basic graphics mode' --class fedora --class gnu-linux --class gnu --class os {
linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 xdriver=vesa nomodeset quiet
initrdefi /images/pxeboot/initrd.img
menuentry 'Rescue a CentOS system' --class fedora --class gnu-linux --class gnu --class os {
linuxefi /images/pxeboot/vmlinuz inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 rescue quiet
initrdefi /images/pxeboot/initrd.img
default vesamenu.c32
timeout 600
display boot.msg
# Clear the screen when exiting the menu, instead of leaving the menu displayed.
# For vesamenu, this means the graphical background is still displayed without
# the menu itself for as long as the screen remains in graphics mode.
menu clear
menu background splash.png
menu title CentOS 7
menu vshift 8
menu rows 18
menu margin 8
#menu hidden
menu helpmsgrow 15
menu tabmsgrow 13
# Border Area
menu color border * #00000000 #00000000 none
# Selected item
menu color sel 0 #ffffffff #00000000 none
# Title bar
menu color title 0 #ff7ba3d0 #00000000 none
# Press [Tab] message
menu color tabmsg 0 #ff3a6496 #00000000 none
# Unselected menu item
menu color unsel 0 #84b8ffff #00000000 none
# Selected hotkey
menu color hotsel 0 #84b8ffff #00000000 none
# Unselected hotkey
menu color hotkey 0 #ffffffff #00000000 none
# Help text
menu color help 0 #ffffffff #00000000 none
# A scrollbar of some type? Not sure.
menu color scrollbar 0 #ffffffff #ff355594 none
# Timeout msg
menu color timeout 0 #ffffffff #00000000 none
menu color timeout_msg 0 #ffffffff #00000000 none
# Command prompt text
menu color cmdmark 0 #84b8ffff #00000000 none
menu color cmdline 0 #ffffffff #00000000 none
# Do not display the actual menu unless the user presses a key. All that is displayed is a timeout message.
menu tabmsg Press Tab for full configuration options on menu items.
menu separator # insert an empty line
menu separator # insert an empty line
label linux
menu label ^Install CentOS 7 KS
menu default
kernel vmlinuz
append initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 inst.stage2=hd:LABEL=CentOS\x207\x20x86_64:/isolinux/ks.cfg text
label check
menu label Test this ^media & install CentOS 7
kernel vmlinuz
append initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 quiet
menu separator # insert an empty line
# utilities submenu
menu begin ^Troubleshooting
menu title Troubleshooting
label vesa
menu indent count 5
menu label Install CentOS 7 in ^basic graphics mode
text help
Try this option out if you're having trouble installing
CentOS 7.
kernel vmlinuz
append initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 xdriver=vesa nomodeset quiet
label rescue
menu indent count 5
menu label ^Rescue a CentOS system
text help
If the system will not boot, this lets you access files
and edit config files to try to get it booting again.
kernel vmlinuz
append initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 rescue quiet
label memtest
menu label Run a ^memory test
text help
If your system is having issues, a problem with your
system's memory may be the cause. Use this utility to
see if the memory is working correctly.
kernel memtest
menu separator # insert an empty line
label local
menu label Boot from ^local drive
localboot 0xffff
menu separator # insert an empty line
menu separator # insert an empty line
label returntomain
menu label Return to ^main menu
menu exit
menu end
# System authorization information
auth --enableshadow --passalgo=sha512
# Use CDROM installation media
# Use text install
# Run the Setup Agent on first boot
firstboot --enable
ignoredisk --only-use=sdb,sdc
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8
# Network information
network --bootproto=dhcp --device=eno1 --noipv6 --activate
network --bootproto=dhcp --device=enp5s0 --onboot=off --noipv6
network --hostname=localhost.localdomain
# Root password
rootpw --iscrypted $6$jlaU.DRbpb/lugun$JfnIkJadI.fFfd3WX9ktSLeRwerGgTiykdvVWS.jmSz1RakRS86Wpo1OL2fP2M0SkFCf0b3ki34Pmt3cYU6Ii0
# System timezone
timezone America/New_York --isUtc
# System bootloader configuration
bootloader --location=mbr --boot-drive=sdb
# Partition clearing information
clearpart --all --initlabel --drives=sdb,sdc
# Disk partitioning information
part /boot --fstype="xfs" --size=500
part pv.764 --fstype="lvmpv" --ondisk=sdb --size=476239
part pv.770 --fstype="lvmpv" --ondisk=sdc --size=2861587
part /boot/efi --fstype="efi" --size=200 --fsoptions="umask=0077,shortname=winnt"
volgroup centos00 --pesize=4096 pv.764 pv.770
logvol /home --fstype="xfs" --grow --size=500 --name=home --vgname=centos00
logvol / --fstype="xfs" --grow --maxsize=51200 --size=1024 --name=root --vgname=centos00
logvol swap --fstype="swap" --size=32192 --name=swap --vgname=centos00
%packages --nobase
%post --nochroot
# redirect the output to the log file
exec >/mnt/sysimage/root/ks-post-anaconda-chroot.log 2>&1
# show the output on the 7th console
tail -f /mnt/sysimage/root/ks-post-anaconda-chroot.log >/dev/tty7 &
# changing to VT 7 that we can see what's going on
/usr/bin/chvt 7
export SRCDIR="/run/install/repo"
export DSTDIR="/mnt/sysimage"
cp -v -r $SRCDIR/extras/. $DSTDIR/root/
find $DSTDIR/root/ -name "TRANS.TBL" -delete
mv -v $DSTDIR/etc/rc.d/rc.local $DSTDIR/etc/rc.d/rc.local-backup
mv -v $SRCDIR/extras/rc.local $DSTDIR/etc/rc.d/rc.local
chmod +x $DSTDIR/etc/rc.d/rc.local
echo "Ready to reboot!"
# redirect the output to the log file
exec >/root/ks-post-anaconda-chroot.log 2>&1
# show the output on the 8th console
tail -f /root/ks-post-anaconda-chroot.log >/dev/tty8 &
# changing to VT 8 that we can see what's going on
/usr/bin/chvt 8
mv -v /root/bin/custom-setup.service /usr/lib/systemd/system/custom-setup.service
systemctl enable custom-setup.service
echo "Ready to reboot!"
%addon com_redhat_kdump --disable --reserve-mb='auto'
# Put custom instructions in the script. Keep copy of previous rc.local in /etc/rc.d/rc.local-backup to replace after booting
# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
# that this script will be executed during boot.
/bin/ansible-playbook -i /root/ansible/localhost /root/ansible/bootstrap.yml -vvvv > /root/ansible-run.log
mv /etc/rc.d/rc.local-backup /etc/rc.d/rc.local
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment