# rocky-live-base.ks # lang en_US.UTF-8 keyboard us timezone US/Eastern selinux --enforcing firewall --enabled --service=mdns xconfig --startxonboot zerombr clearpart --all part / --size 6144 --fstype ext4 # services --enabled=NetworkManager,ModemManager --disabled=sshd services --enabled=NetworkManager --disabled=sshd network --bootproto=dhcp --device=link --activate rootpw --lock --iscrypted locked shutdown # # %include fedora-repo.ks # url --url "http://172.27.175.219/repos/rocky9/BaseOS/x86_64/os/" # # repo --name="local-rocky9-baseos" --baseurl="http://172.27.175.219/repos/rocky9/BaseOS/x86_64/os/" # repo --name="local-rocky9-appstream" --baseurl="http://172.27.175.219/repos/rocky9/AppStream/x86_64/os/" # repo --name="epel" --baseurl="https://download.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm" --install # 主要安装源 - 你的本地 BaseOS 仓库 url --url "https://mirrors.aliyun.com/rockylinux/9.7/BaseOS/x86_64/os/" # url --url "http://172.27.175.219/repos/rocky9/Custom/x86_64/os/Packages/" # 你的本地 AppStream 仓库 repo --name="appstream" --baseurl="https://mirrors.aliyun.com/rockylinux/9.7/AppStream/x86_64/os/" repo --name="extras" --baseurl="https://mirrors.aliyun.com/rockylinux/9.7/extras/x86_64/os/" repo --name="epel" --baseurl="https://mirrors.aliyun.com/epel/9/Everything/x86_64/" repo --name="my-local-repo" --baseurl="http://172.27.175.219/repos/rocky9/Custom/x86_64/os/Packages/" # repo --name="local-rocky9-appstream" --baseurl="http://172.27.175.219/repos/rocky9/AppStream/x86_64/os/" # repo --name="my-local-repo" --baseurl="http://172.27.175.219/repos/rocky9/Custom/x86_64/os/Packages/" # 添加公共 EPEL 仓库 (需要互联网连接) #repo --name="epel" --baseurl="https://download.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm" --install # 添加 CRB (CodeReady Builder) 仓库 # CRB 提供了许多开发工具和库,经常是 EPEL 软件包的依赖。强烈建议启用。 # 确保你的构建环境可以访问此公共 URL。 #repo --name="crb" --baseurl="https://download.rockylinux.org/pub/rocky/9/CRB/x86_64/os/" # --- 添加 Rocky Linux 官方的 Extras 仓库 --- # 这个仓库通常包含一些官方支持但不在核心 BaseOS 或 AppStream 中的软件包。 # 确保你的构建环境可以访问此公共 URL。 #repo --name="rocky-extras" --baseurl="https://download.rockylinux.org/pub/rocky/9/extras/x86_64/os/" # --- 添加 Rocky Linux 官方的 Plus 仓库 --- # Plus 仓库可能包含一些增强功能或特定软件包。 # 确保你的构建环境可以访问此公共 URL。 #repo --name="rocky-plus" --baseurl="https://download.rockylinux.org/pub/rocky/9/plus/x86_64/os/" %packages # 基础包 @core kernel memtest86+ kernel-modules kernel-modules-extra authselect-compat chrony cryptsetup device-mapper-multipath dosfstools dracut-network e2fsprogs efibootmgr fcoe-utils firewalld glibc-all-langpacks grub2-efi-x64 grub2-efi-x64-cdboot grub2-pc grub2-tools grub2-tools-efi grub2-tools-extra iscsi-initiator-utils kdump-anaconda-addon libblockdev-plugins-all libreport-plugin-bugzilla lvm2 mdadm realmd restore shim-x64 syslinux-extlinux teamd tmux xfsprogs # live环境包 anaconda-install-env-deps anaconda-live device-mapper-multipath aajohan-comfortaa-fonts dracut-live glibc-all-langpacks livesys-scripts # xfce 桌面环境,以及应用 # Thunar # xfce4-panel # xfce4-session # xfce4-settings # xfce-polkit # xfce4-appfinder # xfce4-power-manager # xfce4-pulseaudio-plugin # xfce4-screensaver # xfce4-terminal # xfce4-about # xfce4-mount-plugin # xfconf # xfdesktop # xfwm4 # lightdm # network-manager-applet # openssh-askpass # thunar-archive-plugin # thunar-volman # tumbler # # pinentry-gnome3 # mousepad # ristretto @Xfce -gdm lightdm xfce4-about xfce4-mount-plugin mousepad ristretto # 工具 wget vim nmap open-vm-tools open-vm-tools-desktop %end %post # Enable livesys services systemctl enable livesys.service systemctl enable livesys-late.service systemctl enable vmtoolsd # enable tmpfs for /tmp systemctl enable tmp.mount # make it so that we don't do writing to the overlay for things which # are just tmpdirs/caches # note https://bugzilla.redhat.com/show_bug.cgi?id=1135475 cat >> /etc/fstab << EOF vartmp /var/tmp tmpfs defaults 0 0 EOF # work around for poor key import UI in PackageKit rm -f /var/lib/rpm/__db* echo "Packages within this LiveCD" rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' |sort -rn # Note that running rpm recreates the rpm db files which aren't needed or wanted rm -f /var/lib/rpm/__db* # go ahead and pre-make the man -k cache (#455968) /usr/bin/mandb # make sure there aren't core files lying around rm -f /core* # remove random seed, the newly installed instance should make it's own rm -f /var/lib/systemd/random-seed # convince readahead not to collect # FIXME: for systemd echo 'File created by kickstart. See systemd-update-done.service(8).' \ | tee /etc/.updated >/var/.updated # Drop the rescue kernel and initramfs, we don't need them on the live media itself. # See bug 1317709 rm -f /boot/*-rescue* # Disable network service here, as doing it in the services line # fails due to RHBZ #1369794 systemctl disable network # Remove machine-id on pre generated images rm -f /etc/machine-id touch /etc/machine-id %end %post # xfce configuration # create /etc/sysconfig/desktop (needed for installation) cat > /etc/sysconfig/desktop <