沒DHCP的話,一開始就指定IP,Gateway,Dns

boot 下====>    linux ks=ftp://neo:123456@192.168.1.30/ks.cfg ksdevice eth0 ip=10.10.50.39 netmask=255.255.255.0 gateway=10.10.50.254 dns=192.168.1.111

===============================

預設在一台server安裝完後 /root 下會有anaconda-ks.cfg做為ks.cfg編輯的參考

 

#platform=x86, AMD64, or Intel EM64T
# System authorization information
#auth  --useshadow  --enablemd5

#LDAP驗證

auth  --useshadow  --enablemd5  --enableldap --enableldapauth --ldapserver=ldap://lc01.test.com.tw/,ldap://lc02.test.com.tw/,ldap://lc03.test.com.tw --ldapbasedn=dc=goldengame,dc=com,dc=tw --ldaploadcacert=/etc/openldap/

 


# System bootloader configuration
bootloader --location=mbr --driveorder=sda
# The following is the partition information you requested
# Note that any partitions you deleted are not expressed
# here so unless you clear all partitions first, this is
# not guaranteed to work
clearpart --linux --drives=sda
part /boot --fstype ext3 --size=100 --ondisk=sda
part pv.2 --size=0 --grow --ondisk=sda
volgroup VolGroup00 --pesize=32768 pv.2
logvol / --fstype ext3 --name=LogVol00 --vgname=VolGroup00 --size=1024 --grow
logvol swap --fstype swap --name=LogVol01 --vgname=VolGroup00 --size=512 --grow --maxsize=1024

#logvol swap --fstype swap --name=LogVol01 --vgname=VolGroup00 logvol swap –-recommended  

#swap --recommended預設

 

#DB模式

#clearpart --all --drives=sda
#part /boot --fstype ext3 --size=512 --asprimary
#part pv.25 --size=50000
#part pv.23 --size=50000
#part pv.21 --size=50000
#part pv.19 --size=50000
#part swap --size=16000 --asprimary
#part / --fstype ext3 --size=1000 --grow --asprimary

 

text
# Firewall configuration
firewall --disabled
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# Installation logging level
logging --level=info
# Use CDROM installation media
cdrom
# Network information
#network --bootproto=dhcp --device=eth0 --onboot=on

network --bootproto static --device eth0 --onboot=on --ip 10.10.50.39 --netmask 255.255.255.0 --gateway 10.10.50.254 --nameserver 192.168.1.111,192.168.1.112 --hostname test
#network --bootproto=dhcp --device=eth1 --onboot=on
# Reboot after installation
reboot
#Root password
rootpw --iscrypted $1$oRkFd5Ap$qd5Hs4gG52gImGKduc7ba.

# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone  Asia/Taipei
# Install OS instead of upgrade
install

%packages
@base
@development-libs
@development-tools
@admin-tools
@server-cfg
@system-tools
@text-internet
@editors
keyutils
kexec-tools
trousers
fipscheck
device-mapper-multipath
perl-Convert-ASN1
imake
audit

%post
#!/bin/sh

#    lftp ip.sh

lftp -u neo,123456 192.168.1.30 -e "set xfer:clobber yes;set net:reconnect-interval-base 50;set net:max-retries 50;set net:timeout 50;lcd /tmp;mget *.sh;exit"

#    install lrzsz
yum -y install lrzsz

# lftp ldap-cert

echo "bind_policy soft" >> /etc/ldap.conf
echo "session required pam_mkhomedir.so skel=/etc/skel umask=0022" >> /etc/pam.d/system-auth
echo "ssl start_tls" >> /etc/ldap.conf
lftp -u neo,123456 192.168.1.30  -e "set xfer:clobber yes;set net:reconnect-interval-base 50;set net:max-retries 50;set net:timeout 50;lcd /etc/openldap/cacerts;cd /;get lc01.pem;get lc02.pem;get lc03.pem;exit"
authconfig --update

#    sshd_config
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
sed -i 's/\#\Port 22/Port 2010/g' /etc/ssh/sshd_config
sed -i 's/\#\PermitRootLogin yes/PermitRootLogin no/g' /etc/ssh/sshd_config
sed -i 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
sed -i 's/\#\UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
chkconfig sshd on
#   inittab
cp -a /etc/inittab /etc/inittab.orig
sed -i 's/3:2345/\#3\:2345/g' /etc/inittab
sed -i 's/4:2345/\#4\:2345/g' /etc/inittab
sed -i 's/5:2345/\#5\:2345/g' /etc/inittab

#   create username
useradd -m test
echo "123456" | passwd --stdin test

#   net-snmp*
yum -y install net-snmp*
chkconfig snmpd on
service snmpd start
cp /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.orig
sed "/com2sec notConfigUser  default       public/ a\com2sec local       localhost     public" /etc/snmp/snmpd.conf.orig >/etc/snmp/snmpd.conf
sed "/group   notConfigGroup v2c           notConfigUser/ a\group   MyROGroup      v1           local" /etc/snmp/snmpd.conf.orig >/etc/snmp/snmpd.conf
sed -i '49a group   MyROGroup      v2c           local' /etc/snmp/snmpd.conf
sed -i '57c view    local   included   .1.3.6.1.2.1.1' /etc/snmp/snmpd.conf
sed -i '58c view    local   included   .1.3.6.1.2.1.25.1.1' /etc/snmp/snmpd.conf
sed -i '65c access  MyROGroup     ""       any       noauth    exact  all  none   none' /etc/snmp/snmpd.conf
sed -i '42c com2sec local       localhost     public' /etc/snmp/snmpd.conf
sed -i '59c disk    /       100000' /etc/snmp/snmpd.conf

#  crontab
echo "0 4 * * * /usr/sbin/ntpdate clock.stdtime.gov.tw && /usr/sbin/hwclock -w" >> /var/spool/cron/root

#   chkconfig all services

chkconfig    NetworkManager     off
chkconfig    atd                off
chkconfig    autofs             off
chkconfig    avahi-daemon       off
chkconfig    avahi-dnsconfd     off
chkconfig    conman             off
chkconfig    dnsmasq            off
chkconfig    dund               off
chkconfig    firstboot          off
chkconfig    haldaemon          off
chkconfig    httpd              off
chkconfig    ibmasm             off
chkconfig    ipmi               off
chkconfig    irda               off
chkconfig    kdump              off
chkconfig    kudzu              off
chkconfig    mdmpd              off
chkconfig    messagebus         off
chkconfig    multipathd         off
chkconfig    netconsole         off
chkconfig    netfs              off
chkconfig    netplugd           off
chkconfig    nfs                off
chkconfig    nfslock            off
chkconfig    nscd               off
chkconfig    ntpd               off
chkconfig    oddjobd            off
chkconfig    pand               off
chkconfig    portmap            off
chkconfig    psacct             off
chkconfig    rawdevices         off
chkconfig    rdisc              off
chkconfig    readahead_later    off
chkconfig    rpcgssd            off
chkconfig    rpcidmapd          off
chkconfig    rpcsvcgssd         off
chkconfig    saslauthd          off
chkconfig    setroubleshoot     off
chkconfig    smb                off
chkconfig    snmptrapd          off
chkconfig    tcsd               off
chkconfig    winbind            off
chkconfig    wpa_supplicant     off
chkconfig    ypbind             off
chkconfig    acpid              --level 3 off
chkconfig    anacron            --level 3 off
chkconfig    apmd               --level 3 off
chkconfig    auditd             --level 3 off
chkconfig    bluetooth          --level 3 off
chkconfig    cpuspeed           --level 3 off
chkconfig    cups               --level 3 off
chkconfig    gpm                --level 3 off
chkconfig    hidd               --level 3 off
chkconfig    ip6tables          --level 3 off
chkconfig    iptables           --level 3 off
chkconfig    lm_sensors         --level 3 off
chkconfig    lvm2-monitor       --level 3 off
chkconfig    mcstrans           --level 3 off
chkconfig    mdmonitor          --level 3 off
chkconfig    pcscd              --level 3 off
chkconfig    readahead_early    --level 3 off
chkconfig    restorecond        --level 3 off
chkconfig    sendmail           --level 3 off
chkconfig    smartd             --level 3 off
chkconfig    xfs                --level 3 off
chkconfig    yum-updatesd       --level 3 off

 

參考資料:

http://www.coolsun.idv.tw/modules/xhnewbb/viewtopic.php?topic_id=118

http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Installation_Guide/VNC_Whitepaper-kickstart-installation.html

neo2124 發表在 痞客邦 PIXNET 留言(0) 人氣()