Redhat Kickstart

Kickstart is a convenient way for automated installs from a customized packaged Linux distribution.

I recently packaged Redhat 64bit in an ISO and used Kickstart for automated installs according to custom defined rules:

Highlights of Kickstart:

• All files are available from the NFS Server "nfs.domain.tld" exported directory "/nfs/osinstall"
  
• Downloads the installation files from NFS Server
  
• Defines Language and Kayboard layout to English UK
• Configures the network device "eth0" to use DHCP
• Sets root password
• Disables firewall
• Disables firstboot (initial setup wizard when the system is used for the first time)
• Disables SeLinux
• Skips X-Window configuration
• Sets the Timezone to Europe/London (UTC)
  
• Formats all disk partitions on "/dev/sda" and creates a default LVM layout as follows:
  • Creates Two primary partitions:
    • SWAP
    • /boot
  • Creates Two major volume groups:
    • VolGroup_USER
      • Creates "/home" as a logical volume "LogVol_HOME" under volume group "VolGroup_USER"
    • VolGroup_SYSTEM
      • Creates "/, /var, /tmp" as logical volumes "LogVol_ROOT, LogVol_VAR, LogVol_TMP" under volume group "VolGroup_SYSTEM"
• Installs the bootloader "Grub" on MBR of disk device "/dev/sda"
  
• Installs a pre-defined list of selected applications and packages
  
• Executes a Post-install script, that:
  • Installs Redhat Installation Number
  • Installs Third-party applications: Sun Java SDK (SE)
  • Configures SAMBA and WINBIND for Active Directory Authentication
  • Installs user skel files "/etc/skel"
  • Installs system login messages, files "/etc/issue" and "/ect/issue.net"
  • Configures Network Time Protocol (NTP)
  • Disables all network and system services and Enables only the selected services defined in the file "services.txt" (see bottom of this post)
    
  • Creates the "sysadmin" user with a default password
    
  • Completes the installation and prompts for Reboot.

Usage:

• Create a bootable CD with mkboot.sh (see bottom of this post)
  

• Download the Bootable Linux ISO cd image "NBI_RH_Linux_NFS_Install.iso" from nfs server directory "bootdisk" under the export
  
• Burn the ISO image onto a writable compact disc
• Boot the system with this CD and follow the menu as desired
• Setup will take you through various steps of configuration process, modify configuration(s) only if required, do not go back from any menu to the previous one since doing so may result in loss of configuration information due to a bug in the Redhat Anaconda Installer. If you miss a step or require going back one menu level: reboot and start from scratch
• Reboot the system when prompted
  
• Login to the system using the "system" or "root" account and issue the following command to join the system to NBI Active Directory domain:

      net rpc join -S  -U 

• Logout and re-login using your NBI domain account for verification

# Kickstart file
install
nfs --server=nfs.domain.tld --dir=/nfs/osinstall
interactive
key --skip
lang en_GB
keyboard uk
interactive
network --device eth0 --bootproto dhcp
rootpw --iscrypted
firewall --disabled
firstboot --disable
authconfig --enableshadow --enablemd5
selinux --disabled
skipx
timezone --utc Europe/London
# Disk Partitioning
clearpart --all --initlabel --drives=sda
part /boot --fstype ext3 --size=250 --asprimary
part pv.4 --size=135168 --asprimary
part swap --size=36864 --asprimary
part pv.5 --size=100 --grow --asprimary
volgroup VolGroup_USER --pesize=32768 pv.5
volgroup VolGroup_SYSTEM --pesize=32768 pv.4
logvol /home --fstype ext3 --name=LogVol_HOME --vgname=VolGroup_USER --size=65504
logvol / --fstype ext3 --name=LogVol_ROOT --vgname=VolGroup_SYSTEM --size=103424
logvol /var --fstype ext3 --name=LogVol_VAR --vgname=VolGroup_SYSTEM --size=30720
logvol /tmp --fstype ext3 --name=LogVol_TMP --vgname=VolGroup_SYSTEM --size=1024
bootloader --location=mbr --driveorder=sda --append="rhgb quiet"
# Package Selection
%packages
@development-libs
@editors
@system-tools
@text-internet
@dialup
@core
@base
@legacy-software-development
@legacy-software-support
@server-cfg
@admin-tools
@development-tools
perl-Convert-ASN1
libstdc++43-devel
arpwatch
adjtimex
ktune
watchdog
uucp
lslk
arptables_jf
audit
net-snmp-utils
sysstat
iptraf
dstat
tftp
lynx
statserial
kexec-tools
bridge-utils
fipscheck
hardlink
device-mapper-multipath
cpufreq-utils
compat-db
openssl097a
compat-readline43
system-config-kickstart
imake
python-docs
expect
pexpect
unifdef
memtest86+
-gpm-devel
-xulrunner-devel
-pciutils-devel
-kudzu-devel
-gmp-devel
-python-devel
-xmlsec1-devel
-coolkey-devel
-boost-devel
-dbus-devel
-hesiod-devel
-libogg-devel
-pcsc-lite-devel
-libvorbis-devel
-expat-devel
-emacs-leim
-psgml
-emacspeak
-openldap-clients
-slrn
-fetchmail
-mutt
-elinks
-cadaver
-isdn4k-utils
-lrzsz
-jwhois

#--- Post-installation script
%post
#Use Activation/Installation Key
/usr/sbin/rhnreg_ks --activationkey=xxxxxxxxxxxxxxxx

#!/bin/sh
##Make copy of additional packages and customizations to the "/tmp/setup" partition
/sbin/start_udev
mkdir /tmp/setup
mkdir /mnt/cdr
mount /dev/cdrom /mnt/cdr
cp -r /mnt/cdr/configs /tmp/setup
cp -r /mnt/cdr/third_party_packages /tmp/setup
umount /mnt/cdr
#Install additional software packages
rpm -Uvh /tmp/setup/third_party_packages/*.rpm
#Install the custom Grub splash image
cp -f /tmp/setup/configs/etc/boot/grub/splash.xpm.gz /boot/grub/splash.xpm.gz
#Install Samba and Winbin configurations for AD Authentication
mkdir -p /var/lib/samba/drivers
cp -fr /tmp/setup/configs/etc/samba /etc/
cp -f /tmp/setup/configs/etc/pam.d/system_auth_ac /etc/pam.d/system-auth-ac
cp -f /tmp/setup/configs/etc/nsswitch.conf /etc/
mkdir /home/
#Install Skel
cp -fr /tmp/setup/configs/etc/skel /etc/
#Copy issue and issue.net
cp -f /tmp/setup/configs/etc/issue* /etc
#Copy ntp.conf
cp -f /tmp/setup/configs/etc/ntp.conf /etc

#Backup services configuration
chkconfig --list > ~root/chkconfig.save
#Disable All Services and Re-enable only the required
echo "Disabling all services..."
for i in $(chkconfig --list|cut -f1); do
chkconfig --level 2345 $i off
done
#Enable services specified in file: services.txt
echo "Enabling selected services..."
for i in $(cat /tmp/setup/configs/services.txt); do
chkconfig --level 2345 $i on
done

rm -rf /tmp/setup

#Create sys admin user
useradd -c "System User" -m -p '' -o -u 0 sysadmin

#Ask sytems administrator for Domain Admin password
#echo "Joining Active Directory Domain, enter Password for user [Administrator]:"
#net rpc join -S -U

#Reboot the system
reboot


mkboot.sh:
-----------------
#!/bin/bash
mkisofs -l -L -R -m TRANS.TBL -o RH_Linux_NFS_Install.iso -b isolinux.bin -c boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table isolinux


services.txt:
-------------

anacron
acpid
atd
auditd
cpuspeed
crond
haldaemon
irqbalance
lvm2-monitor
messagebus
microcode_ctl
network
ntpd
psacct
rhnsd
smartd
sshd
syslog
winbind