273 lines
7.0 KiB
Plaintext
273 lines
7.0 KiB
Plaintext
# rocky-live-base.ks
|
|
#
|
|
|
|
lang zh_CN.UTF-8
|
|
keyboard us
|
|
timezone Asia/Shanghai
|
|
# selinux --enforcing
|
|
selinux --disabled
|
|
firewall --disabled
|
|
xconfig --startxonboot
|
|
zerombr
|
|
clearpart --all
|
|
part / --size 12288 --fstype ext4
|
|
# services --enabled=NetworkManager,ModemManager --disabled=sshd
|
|
services --enabled=NetworkManager,sshd
|
|
network --bootproto=dhcp --device=link --activate
|
|
rootpw --lock --iscrypted locked
|
|
shutdown
|
|
|
|
# # %include fedora-repo.ks
|
|
# url --url "http://172.27.175.219/repos/rocky9/BaseOS/x86_64/os/"
|
|
# # repo --name="local-rocky9-baseos" --baseurl="http://172.27.175.219/repos/rocky9/BaseOS/x86_64/os/"
|
|
# repo --name="local-rocky9-appstream" --baseurl="http://172.27.175.219/repos/rocky9/AppStream/x86_64/os/"
|
|
# repo --name="epel" --baseurl="https://download.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm" --install
|
|
|
|
# 主要安装源 - 你的本地 BaseOS 仓库
|
|
url --url "https://mirrors.aliyun.com/rockylinux/9.7/BaseOS/x86_64/os/"
|
|
# url --url "http://172.27.175.219/repos/rocky9/Custom/x86_64/os/Packages/"
|
|
# 你的本地 AppStream 仓库
|
|
|
|
repo --name="appstream" --baseurl="https://mirrors.aliyun.com/rockylinux/9.7/AppStream/x86_64/os/"
|
|
repo --name="extras" --baseurl="https://mirrors.aliyun.com/rockylinux/9.7/extras/x86_64/os/"
|
|
repo --name="epel" --baseurl="https://mirrors.aliyun.com/epel/9/Everything/x86_64/"
|
|
repo --name="my-local-repo" --baseurl="http://172.27.175.219/repos/rocky9/Custom/x86_64/os/Packages/"
|
|
|
|
# repo --name="local-rocky9-appstream" --baseurl="http://172.27.175.219/repos/rocky9/AppStream/x86_64/os/"
|
|
# repo --name="my-local-repo" --baseurl="http://172.27.175.219/repos/rocky9/Custom/x86_64/os/Packages/"
|
|
# 添加公共 EPEL 仓库 (需要互联网连接)
|
|
#repo --name="epel" --baseurl="https://download.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm" --install
|
|
|
|
# 添加 CRB (CodeReady Builder) 仓库
|
|
# CRB 提供了许多开发工具和库,经常是 EPEL 软件包的依赖。强烈建议启用。
|
|
# 确保你的构建环境可以访问此公共 URL。
|
|
#repo --name="crb" --baseurl="https://download.rockylinux.org/pub/rocky/9/CRB/x86_64/os/"
|
|
|
|
# --- 添加 Rocky Linux 官方的 Extras 仓库 ---
|
|
# 这个仓库通常包含一些官方支持但不在核心 BaseOS 或 AppStream 中的软件包。
|
|
# 确保你的构建环境可以访问此公共 URL。
|
|
#repo --name="rocky-extras" --baseurl="https://download.rockylinux.org/pub/rocky/9/extras/x86_64/os/"
|
|
# --- 添加 Rocky Linux 官方的 Plus 仓库 ---
|
|
# Plus 仓库可能包含一些增强功能或特定软件包。
|
|
# 确保你的构建环境可以访问此公共 URL。
|
|
#repo --name="rocky-plus" --baseurl="https://download.rockylinux.org/pub/rocky/9/plus/x86_64/os/"
|
|
|
|
|
|
|
|
|
|
%packages
|
|
# 基础包
|
|
@core
|
|
kernel
|
|
memtest86+
|
|
kernel-modules
|
|
kernel-modules-extra
|
|
|
|
authselect-compat
|
|
chrony
|
|
cryptsetup
|
|
device-mapper-multipath
|
|
dosfstools
|
|
dracut-network
|
|
e2fsprogs
|
|
efibootmgr
|
|
fcoe-utils
|
|
firewalld
|
|
glibc-all-langpacks
|
|
grub2-efi-x64
|
|
grub2-efi-x64-cdboot
|
|
grub2-pc
|
|
grub2-tools
|
|
grub2-tools-efi
|
|
grub2-tools-extra
|
|
iscsi-initiator-utils
|
|
kdump-anaconda-addon
|
|
libblockdev-plugins-all
|
|
libreport-plugin-bugzilla
|
|
lvm2
|
|
mdadm
|
|
realmd
|
|
restore
|
|
shim-x64
|
|
syslinux-extlinux
|
|
teamd
|
|
tmux
|
|
xfsprogs
|
|
|
|
|
|
# live环境包
|
|
anaconda-install-env-deps
|
|
anaconda-live
|
|
device-mapper-multipath
|
|
aajohan-comfortaa-fonts
|
|
dracut-live
|
|
glibc-all-langpacks
|
|
livesys-scripts
|
|
|
|
|
|
# xfce 桌面环境,以及应用
|
|
@Xfce
|
|
-gdm
|
|
lightdm
|
|
lightdm-gtk-greeter
|
|
xorg-x11-server-Xorg
|
|
xorg-x11-drivers
|
|
xfce4-about
|
|
xfce4-mount-plugin
|
|
mousepad
|
|
ristretto
|
|
firefox
|
|
|
|
|
|
# 中文支持
|
|
google-droid-sans-fonts
|
|
google-noto-cjk-fonts-common
|
|
google-noto-emoji-color-fonts
|
|
google-noto-fonts-common
|
|
google-noto-sans-cjk-ttc-fonts
|
|
google-noto-sans-gurmukhi-fonts
|
|
google-noto-sans-sinhala-vf-fonts
|
|
google-noto-serif-cjk-ttc-fonts
|
|
fontconfig
|
|
glibc-langpack-zh
|
|
|
|
# 中文输入法
|
|
ibus
|
|
ibus-libpinyin
|
|
ibus-gtk2
|
|
ibus-gtk3
|
|
|
|
|
|
# 远程工具
|
|
teamviewer
|
|
todesk
|
|
|
|
# 工具
|
|
wget
|
|
vim
|
|
nmap
|
|
zip
|
|
unzip
|
|
|
|
open-vm-tools
|
|
open-vm-tools-desktop
|
|
|
|
|
|
%end
|
|
|
|
|
|
|
|
|
|
|
|
%post
|
|
# Enable livesys services
|
|
systemctl enable livesys.service
|
|
systemctl enable livesys-late.service
|
|
systemctl enable vmtoolsd
|
|
|
|
# enable tmpfs for /tmp
|
|
systemctl enable tmp.mount
|
|
|
|
# make it so that we don't do writing to the overlay for things which
|
|
# are just tmpdirs/caches
|
|
# note https://bugzilla.redhat.com/show_bug.cgi?id=1135475
|
|
cat >> /etc/fstab << EOF
|
|
vartmp /var/tmp tmpfs defaults 0 0
|
|
EOF
|
|
|
|
# work around for poor key import UI in PackageKit
|
|
rm -f /var/lib/rpm/__db*
|
|
echo "Packages within this LiveCD"
|
|
rpm -qa --qf '%{size}\t%{name}-%{version}-%{release}.%{arch}\n' |sort -rn
|
|
# Note that running rpm recreates the rpm db files which aren't needed or wanted
|
|
rm -f /var/lib/rpm/__db*
|
|
|
|
# go ahead and pre-make the man -k cache (#455968)
|
|
/usr/bin/mandb
|
|
|
|
# make sure there aren't core files lying around
|
|
rm -f /core*
|
|
|
|
# remove random seed, the newly installed instance should make it's own
|
|
rm -f /var/lib/systemd/random-seed
|
|
|
|
# convince readahead not to collect
|
|
# FIXME: for systemd
|
|
|
|
echo 'File created by kickstart. See systemd-update-done.service(8).' \
|
|
| tee /etc/.updated >/var/.updated
|
|
|
|
# Drop the rescue kernel and initramfs, we don't need them on the live media itself.
|
|
# See bug 1317709
|
|
rm -f /boot/*-rescue*
|
|
|
|
# Disable network service here, as doing it in the services line
|
|
# fails due to RHBZ #1369794
|
|
systemctl disable network
|
|
|
|
# Remove machine-id on pre generated images
|
|
rm -f /etc/machine-id
|
|
touch /etc/machine-id
|
|
|
|
%end
|
|
|
|
%post
|
|
|
|
mkdir -p /etc/xdg/autostart/
|
|
cat > /etc/xdg/autostart/ibus.desktop <<EOF
|
|
[Desktop Entry]
|
|
Name=Input Method Daemon
|
|
Comment=Start IBus daemon
|
|
Exec=/usr/bin/ibus-daemon --daemonize --xim
|
|
Terminal=false
|
|
Type=Application
|
|
Categories=System;Utility;
|
|
EOF
|
|
|
|
|
|
cat >> /etc/environment << EOF
|
|
export GTK_IM_MODULE=ibus
|
|
export QT_IM_MODULE=ibus
|
|
export XMODIFIERS=@im=ibus
|
|
export IM_CONFIG_PHASE=2
|
|
EOF
|
|
|
|
fc-cache -fv
|
|
|
|
# xfce configuration
|
|
|
|
# create /etc/sysconfig/desktop (needed for installation)
|
|
|
|
cat > /etc/sysconfig/desktop <<EOF
|
|
PREFERRED=/usr/bin/startxfce4
|
|
DISPLAYMANAGER=/usr/sbin/lightdm
|
|
EOF
|
|
|
|
# set livesys session type
|
|
sed -i 's/^livesys_session=.*/livesys_session="xfce"/' /etc/sysconfig/livesys
|
|
|
|
|
|
|
|
systemctl enable teamviewerd.service
|
|
systemctl start teamviewerd.service
|
|
systemctl enable todeskd.service
|
|
|
|
mkdir -p /etc/teamviewer/
|
|
cat >> /etc/teamviewer/global.conf << EOF
|
|
TeamViewer Global Settings
|
|
|
|
[int32] Always_Online = 1
|
|
[int32] EulaAccepted = 1
|
|
[int32] General_DirectLAN = 1
|
|
[bin ] PermanentPassword = 13b0a813880888089e8ac6a1dcdeee4db2db172fa0d33d68c903aac7500a9ec8978b1106e8ea26a978ec58f3d073f05507cb0a96ce973f1abdd25b24cc971d2297b83d090d2ab380507dd0e106b7e890599680af5c2afd6166a65c13b6697684878b3aa1ca58b0c7d3ddd0405354ad608c0a5089a588b4cea8528a1937ce4d22b2b8b764660b54218af08baa04925bfcf1cbaf59de19dea8244f022ba43cbcb09b4087b5d5c39ffd91bd4d2cc9443b05bd90d28b690a4300c5f87fef8b9d94d03416413c40aa8941d81dfdeed4e7e19be457e774b0346befb05d68eba1d5090c0798cbed803635bba6c5a4c8f608813d931bc742d5c47498ce16a335e2fdd391a7f9ee188b23381fda251ac8b6472f67daa63b377d1374a67af639045bf2ba4b22d0c1607d5af5ed0dc6a3c67371da9c
|
|
[strng] PermanentPasswordDate = "20251119T120621"
|
|
[int32] Security_PasswordStrength = 1
|
|
EOF
|
|
|
|
teamviewer --passwd 'Bbt123!@#'
|
|
|
|
|
|
|
|
%end
|
|
|