84d28df1b2
This is done so that it's easy spot large packages that are not necessary and identify packages that have grown in size too much by diffing the image compose logs. sed "s/rpm -qa/rpm -qa --qf '%{size}\\\\t%{name}-%{version}-%{release}.%{arch}\\\\n' |sort -rn/" -i *.ks
105 lines
3.9 KiB
Plaintext
105 lines
3.9 KiB
Plaintext
# This is the kickstart for Fedora IoT disk images.
|
|
|
|
text # don't use cmdline -- https://github.com/rhinstaller/anaconda/issues/931
|
|
lang en_US.UTF-8
|
|
keyboard us
|
|
timezone --utc Etc/UTC
|
|
|
|
selinux --enforcing
|
|
rootpw --lock --iscrypted locked
|
|
|
|
bootloader --timeout=1 --append="net.ifnames=0 modprobe.blacklist=vc4"
|
|
|
|
network --bootproto=dhcp --device=link --activate --onboot=on
|
|
services --enabled=NetworkManager,sshd,rngd,zram-swap
|
|
|
|
zerombr
|
|
clearpart --all --initlabel --disklabel=msdos
|
|
autopart --nohome --noswap --type=plain
|
|
|
|
# Equivalent of %include fedora-repo.ks
|
|
# Pull from the ostree repo that was created during the compose
|
|
ostreesetup --nogpg --osname=fedora-iot --remote=fedora-iot --url=https://kojipkgs.fedoraproject.org/compose/iot/repo/ --ref=fedora/rawhide/${basearch}/iot
|
|
|
|
reboot
|
|
|
|
%post --erroronfail
|
|
# Find the architecture we are on
|
|
arch=$(uname -m)
|
|
|
|
# Setup Raspberry Pi firmware
|
|
if [[ $arch == "aarch64" ]] || [[ $arch == "armv7l" ]]; then
|
|
if [[ $arch == "aarch64" ]]; then
|
|
cp -P /usr/share/uboot/rpi_3/u-boot.bin /boot/efi/rpi3-u-boot.bin
|
|
cp -P /usr/share/uboot/rpi_4/u-boot.bin /boot/efi/rpi4-u-boot.bin
|
|
else
|
|
cp -P /usr/share/uboot/rpi_2/u-boot.bin /boot/efi/rpi2-u-boot.bin
|
|
cp -P /usr/share/uboot/rpi_3_32b/u-boot.bin /boot/efi/rpi3-u-boot.bin
|
|
cp -P /usr/share/uboot/rpi_4_32b/u-boot.bin /boot/efi/rpi4-u-boot.bin
|
|
fi
|
|
fi
|
|
|
|
# Set the origin to the "main ref", distinct from /updates/ which is where bodhi writes.
|
|
# We want consumers of this image to track the two week releases.
|
|
ostree admin set-origin --index 0 fedora-iot https://dl.fedoraproject.org/iot/repo/ "fedora/rawhide/${arch}/iot"
|
|
|
|
# Make sure the ref we're supposedly sitting on (according
|
|
# to the updated origin) exists.
|
|
ostree refs "fedora-iot:fedora/rawhide/${arch}/iot" --create "fedora-iot:fedora/rawhide/${arch}/iot"
|
|
|
|
# Remove the old ref so that the commit eventually gets cleaned up.
|
|
ostree refs "fedora-iot:fedora/rawhide/${arch}/iot" --delete
|
|
|
|
# delete/add the remote with new options to enable gpg verification
|
|
# and to point them at the cdn url
|
|
ostree remote delete fedora-iot
|
|
ostree remote add --set=gpg-verify=true --set=gpgkeypath=/etc/pki/rpm-gpg/ --set=contenturl=mirrorlist=https://ostree.fedoraproject.org/iot/mirrorlist fedora-iot 'https://ostree.fedoraproject.org/iot'
|
|
|
|
# We're getting a stray console= from somewhere, work around it
|
|
rpm-ostree kargs --delete=console=tty0
|
|
|
|
# older versions of livecd-tools do not follow "rootpw --lock" line above
|
|
# https://bugzilla.redhat.com/show_bug.cgi?id=964299
|
|
passwd -l root
|
|
|
|
# Work around https://bugzilla.redhat.com/show_bug.cgi?id=1193590
|
|
cp /etc/skel/.bash* /var/roothome
|
|
|
|
# Remove any persistent NIC rules generated by udev
|
|
rm -vf /etc/udev/rules.d/*persistent-net*.rules
|
|
# And ensure that we will do DHCP on eth0 on startup
|
|
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
|
|
DEVICE="eth0"
|
|
BOOTPROTO="dhcp"
|
|
ONBOOT="yes"
|
|
TYPE="Ethernet"
|
|
PERSISTENT_DHCLIENT="yes"
|
|
EOF
|
|
|
|
echo "Removing random-seed so it's not the same in every image."
|
|
rm -f /var/lib/systemd/random-seed
|
|
|
|
echo "Packages within this iot image:"
|
|
echo "-----------------------------------------------------------------------"
|
|
rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' |sort -rn
|
|
echo "-----------------------------------------------------------------------"
|
|
# Note that running rpm recreates the rpm db files which aren't needed/wanted
|
|
rm -f /var/lib/rpm/__db*
|
|
|
|
echo "Zeroing out empty space."
|
|
# This forces the filesystem to reclaim space from deleted files
|
|
dd bs=1M if=/dev/zero of=/var/tmp/zeros || :
|
|
rm -f /var/tmp/zeros
|
|
echo "(Don't worry -- that out-of-space error was expected.)"
|
|
|
|
# For trac ticket https://pagure.io/atomic-wg/issue/128
|
|
rm -f /etc/sysconfig/network-scripts/ifcfg-ens3
|
|
|
|
# Anaconda is writing an /etc/resolv.conf from the install environment.
|
|
# The system should start out with an empty file, otherwise cloud-init
|
|
# will try to use this information and may error:
|
|
# https://bugs.launchpad.net/cloud-init/+bug/1670052
|
|
truncate -s 0 /etc/resolv.conf
|
|
|
|
%end
|