Main body:
#System languagelang en_US
#Language modules to install
langsupport en_US
#System keyboard
keyboard us
#System mouse
mouse
#Sytem timezone
timezone Asia/Shanghai
#Root password
rootpw --iscrypted $1$UZUA.l3B$mmjEjFdMwW6.Dkt3V.9QM.
#Reboot after installation
reboot
#Install OS instead of upgrade
install
nfs --server=10.0.250.50 --dir=/rinstall/source/AS4-64
#System bootloader configuration
bootloader --location=mbr
#Clear the Master Boot Record
zerombr yes
#Partition clearing information
clearpart --all
#part /
#System authorization infomation
auth --useshadow --enablemd5
#Network information
#network --bootproto=dhcp --device=eth0
#Firewall configuration
firewall --disabled
selinux --disabled
#Do not configure XWindows
skipx
#Package install information
%packages --resolvedeps
@ admin-tools
@ editors
@ system-tools
@ text-internet
@ dialup
@ compat-arch-support
@ server-cfg
@ development-tools
e2fsprogs
-ckermit
grub
-bluez-pin
lvm2
-firstboot
-rhgb
-zsh
kernel-devel
-OpenIPMI-tools
-xdelta
net-snmp
sysstat
lslk
-nmap
kernel
-synaptics
分区部分,见.
Pre action part:
# Empty now.Post action part:
%post# Set default language
[ -f /etc/sysconfig/i18n ] && cp /etc/sysconfig/i18n /etc/sysconfig/i18n.ksbak
cat << EOF > /etc/sysconfig/i18n
LANG="en_US"
SUPPORTED="en_US.UTF-8:en_US:en"
SYSFONT="latarcyrheb-sun16"
EOF
# Set default run level to 3
echo "Set default run level to 3"
pushd /etc &>/dev/null
mv inittab inittab.bak
cat inittab.bak | sed 's/^id\:[0-5]\:init/id\:3\:init/' > inittab
popd &>/dev/null
cat /etc/inittab | grep '^id:'
# stop unuseful services
# nsrvs is the list for stop
nsrvs="\
kudzu
isdn
pcmcia
portmap
nfslock
rpcidmapd
rpcgssd
netfs
apmd
autofs
cups
xinetd
sendmail
smartd
gpm
xfs
rhnsd
cups-config-daemon"
for item in $nsrvs
do
if [ ! -f /etc/init.d/$item ]; then
echo "There is no $item exist!"
else
chkconfig $item off
fi
done
cat << EOF > /etc/rc.d/rc.tune
echo 0 >/proc/sys/net/ipv4/tcp_sack
echo 0 >/proc/sys/net/ipv4/tcp_timestamps
echo 0 >/proc/sys/net/ipv4/tcp_window_scaling
echo "1024 65000" > /proc/sys/net/ipv4/ip_local_port_range
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo "4096 65536 8388608" > /proc/sys/net/ipv4/tcp_wmem
echo "4096 87380 8388608" > /proc/sys/net/ipv4/tcp_rmem
echo 5 > /proc/sys/kernel/panic
echo 8192 > /proc/sys/net/ipv4/tcp_max_syn_backlog
echo 8388608 > /proc/sys/net/core/rmem_max
echo 8388608 > /proc/sys/net/core/wmem_max
EOF
if [ -f /etc/rc.d/rc.tune ]; then
chmod +x /etc/rc.d/rc.tune
echo ". /etc/rc.d/rc.tune" >> /etc/rc.d/rc.local
echo "ulimit -n 65535" >> /etc/rc.d/rc.local
echo "ulimit -u 16384" >> /etc/rc.d/rc.local
else
echo Error! rc.tune can not be found!
fi
# Import gpg key
rpm --import ftp://10.0.250.50/pub/as4u3/RPM-GPG-KEY
pushd /boot/grub &>/dev/null
if grep '^splash' grub.conf >/dev/null; then
cp grub.conf grub.conf.bak
cat grub.conf | sed 's/^splash/#splash/' > foo
cat foo > grub.conf
fi
if grep 'rhgb' grub.conf >/dev/null; then
[ -f grub.conf.bak ] || cp grub.conf grub.conf.bak
cat grub.conf | sed 's/rhgb//' > foo
cat foo > grub.conf
fi
[ -f foo ] && rm -f foo
popd &>/dev/null
# Set noatime
cp /etc/fstab /etc/fstab.ksbak
cat /etc/fstab | grep cache > /tmp/cachepart
cat /etc/fstab.ksbak | grep -v cache > /etc/fstab
cat /tmp/cachepart | sed 's/defaults/noatime/' > /tmp/noatime
cat /tmp/noatime >> /etc/fstab
rm /tmp/cachepart /tmp/noatime
# Blank issue
cp /etc/issue /etc/issue.ksbak
cat <
Welcome login! (\l)
EOF
cp /etc/issue.net /etc/issue.net.ksbak
> /etc/issue.net
# Tune filesystem
PARTS=`cat /etc/fstab | egrep 'cache|log' | awk '{print $1}'`
if [ "$PARTS" != "" ]; then
if [ -e /dev/cciss/c0d0 ]; then
>/tmp/lblist
# Get label list
for DEV in ` fdisk -l | grep 'Linux' | grep -v 'swap' | awk '{print $1}'`
do
echo "$DEV `e2label $DEV`" >> /tmp/lblist
done
fi
for item in $PARTS
do
if [ ! -e $item ]; then
# if label, find its dev name
FSDEV=`cat /tmp/lblist | grep ${item##*/} | cut -d' ' -f1`
echo "Tunning fs $FSDEV ...."
tune2fs -m 0 $FSDEV >/dev/null
else
if [ -e $item ]; then
echo "Tunning fs $item ...."
tune2fs -m 0 $item >/dev/null
fi
fi
done
rm /tmp/lblist
fi
# Tune snmp settings
if [ -f /etc/snmp/snmpd.conf ]; then
cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.ksbak
cat << EOF > /etc/snmp/snmpd.conf
smuxsocket 127.0.0.1
com2sec local localhost vistata
com2sec mynet 202.99.16.0/24 vistata
com2sec mynet 192.168.0.0/16 vistata
com2sec mynet 10.0.0.0/16 vistata
group mygroup v1 mynet
group mygroup v2c mynet
view all included .1 80
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
access mygroup "" any noauth exact mib2 none none
view mib2 included .iso.org.dod.internet.mgmt.mib-2 fc
syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root
exec .1.3.6.1.2.1.100 httpusers /usr/bin/perl /etc/snmp/disk-i.pl cache1
exec .1.3.6.1.2.1.101 httpusers /usr/bin/perl /etc/snmp/disk-i.pl cache2
exec .1.3.6.1.2.1.102 httpusers /usr/bin/perl /etc/snmp/disk-i.pl cache3
exec .1.3.6.1.2.1.200 httpusers /usr/bin/perl /etc/snmp/disk-k.pl cache1
exec .1.3.6.1.2.1.201 httpusers /usr/bin/perl /etc/snmp/disk-k.pl cache2
exec .1.3.6.1.2.1.202 httpusers /usr/bin/perl /etc/snmp/disk-k.pl cache3
pass .1.3.6.1.4.1.4413.4.1 /usr/bin/ucd5820stat
EOF
chkconfig snmpd on
else
echo "WARNNING!!! snmpd.conf was NOT found!"
fi
# Register my key
[ -d /root/.ssh ] || mkdir /root/.ssh
cat << EOF > /root/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAyCOfpB/Q1QQKwsHhzdEvIIVHU30kN1y1klrPBPv6KWw2
Eko6GHEJsiLoiWaNkLce0II2H87g5D0zTdlkCv0ahRP4lgVXVsEqaE5ilL86SOAQ126oPHI5ldZLQBf8
a26oyu7c0KD5ewhWo+S1MtiTujpVDTJua0NZLgcO/5vY6a2058HkgMjvzy9ehDOStG5Moj8Z1ePb77FT
Hvm6sGaejthh8C1qDEDdg5Q8UyV6uVePB6IRqCBbBR6xZzFqpnfB9XCTL/RenaXQWg/G7ln90kgebaJj
GKfxThrI8jhaHEZ3qpiXblrXeKvw**Uh0o2/cjtILzXbZVnt+5xfoY9hQ== wangjw@hexun
EOF
chmod 700 /root/.ssh
chmod 644 /root/.ssh/authorized_keys
# set ntp job into crontab
cat << EOF > /etc/cron.daily/ntp
#!/bin/sh
ntpdate itime.hexun.com 2>&1 >/var/log/ntplog
EOF
chmod 755 /etc/cron.daily/ntp
export RH_MOUNT='/tmp/bootstrap'
mkdir -p $RH_MOUNT
/etc/init.d/portmap start
mount -t nfs -o ro 10.0.250.50:/rinstall $RH_MOUNT
export RH_RELEASE=rhel
export RH_VERSION=`rpm -q --queryformat '%{VERSION}' redhat-release`
export RH_PLATFORM=`uname -i`
# install some packages, default configuration
PKGS_ARCH='python-elementtree sqlite python-sqlite'
PKGS_NOARCH='python-urlgrabber yum'
pushd $RH_MOUNT/yum
for pkg in $PKGS_ARCH; do
PKG_RPMS="${PKG_RPMS} ${pkg}-*.${RH_PLATFORM}.rpm"
done
rpm -i ${PKG_RPMS}
popd
for pkg in $PKGS_NOARCH; do
rpm -i --nodeps $RH_MOUNT/yum/${pkg}*.rpm
done
cp -f $RH_MOUNT/yum/$RH_RELEASE.conf /etc/yum.conf
chmod +r /etc/yum.conf
# umount nfs
umount $RH_MOUNT