English (change) Knowledgebase | Documentation User: admin|Organization: Spacewalk Default Organization|Preferences|Sign Out . SystemsPackagesErrataDocumentation . Overview Systems Errata Channels Audit Configuration Schedule Users Monitoring Admin Help . No systems selected Manage Clear . Overview Systems System Groups System Set Manager Advanced Search Activation Keys Stored Profiles Custom System Info Kickstart Profiles Bare Metal GPG and SSL Keys Distributions File Preservation Kickstart Snippets clone kickstartdelete kickstart Kickstart: scc-centos-5-x86-64-vm-base-build Kickstart Details System Details Software Activation Keys Scripts Kickstart File . . Kickstart File The kickstart file generated by this kickstart profile is viewable below: Download Kickstart File # Kickstart config file generated by Spacewalk Config Management # Profile Label : scc-centos-5-x86-64-vm-base-build # Date Created : 2011-05-12 09:43:01.0 install text network --bootproto dhcp url --url http://spacewalk01.sccis.net/ks/dist/centos-5-x86-64-kickstart-distro lang en_GB keyboard uk zerombr clearpart --all bootloader --location mbr timezone --utc Europe/London auth --enablemd5 --enableshadow rootpw --iscrypted $1$UuN2fpAq$NOSDl6IIE/yiizszBb9M31 selinux --enforcing reboot firewall --disabled skipx repo --name=VT --baseurl=http://spacewalk01.sccis.net/ks/dist/centos-5-x86-64-kickstart-distro/VT key --skip part /boot --fstype=ext3 --size=250 part / --fstype=ext3 --size=8192 part /home --fstype=ext3 --size=10240 part /var --fstype=ext3 --size=10240 part swap --fstype=swap --size=4096 %packages --ignoremissing --nobase @core -system-config-firewall-base -iptables-ipv6 -xorg-x11-drv-ati-firmware -zd1211-firmware -iwl6050-firmware -iwl6000-firmware -iwl5150-firmware -iwl5000-firmware -iwl1000-firmware -iwl4965-firmware -iwl3945-firmware -b43-openfwwf -ipw2100-firmware -ipw2200-firmware -ivtv-firmware -bfa-firmware -dhclient %pre wget "http://spacewalk01.sccis.net/cblr/svc/op/trig/mode/pre/profile/scc-centos-5-x86-64-vm-base-build:1:SpacewalkDefaultOrganization" -O /dev/null echo "Saving RHN keys..." > /dev/ttyS0 SYSTEM_ID=/etc/sysconfig/rhn/systemid rhn_keys_found=no mkdir -p /tmp/rhn drives=$(list-harddrives | awk '{print $1}') for disk in $drives; do DISKS="$DISKS $(fdisk -l /dev/$disk | grep -v "swap\|LVM\|Extended" | awk '/^\/dev/{print $1}')" done # Try to find the keys on ordinary partitions for disk in $DISKS; do name=test-$(basename $disk) mkdir -p /tmp/$name mount $disk /tmp/$name [ $? -eq 0 ] || continue # Skip to the next partition if the mount fails # Copy current RHN host keys out to be reused if [ -f /tmp/${name}$SYSTEM_ID ]; then cp -a /tmp/${name}$SYSTEM_ID /tmp/rhn rhn_keys_found="yes" umount /tmp/$name break fi umount /tmp/$name rm -r /tmp/$name done # Try LVM if that didn't work if [ "$rhn_keys_found" = "no" ]; then lvm lvmdiskscan vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }') for vg in $vgs; do # Activate any VG we found lvm vgchange -ay $vg done lvs=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }') for lv in $lvs; do tmpdir=$(mktemp -d findkeys.XXXXXX) mkdir -p /tmp/${tmpdir} mount $lv /tmp/${tmpdir} || continue # Skip to next volume if this fails # Let's see if the keys are in there if [ -f /tmp/${tmpdir}$SYSTEM_ID ]; then cp -a /tmp/${tmpdir}$SYSTEM_ID /tmp/rhn/ rhn_keys_found="yes" umount /tmp/${tmpdir} break # We're done! fi umount /tmp/${tmpdir} rm -r /tmp/${tmpdir} done # And clean up.. for vg in $vgs; do lvm vgchange -an $vg done fi %post --nochroot mkdir /mnt/sysimage/tmp/ks-tree-copy if [ -d /oldtmp/ks-tree-shadow ]; then cp -fa /oldtmp/ks-tree-shadow/* /mnt/sysimage/tmp/ks-tree-copy elif [ -d /tmp/ks-tree-shadow ]; then cp -fa /tmp/ks-tree-shadow/* /mnt/sysimage/tmp/ks-tree-copy fi cp /etc/resolv.conf /mnt/sysimage/etc/resolv.conf cp -f /tmp/ks-pre.log* /mnt/sysimage/root/ %post --nochroot --interpreter /usr/bin/python import xmlrpclib import shutil import os import os.path old_system_id = "/tmp/rhn/systemid" new_system_id = "/mnt/sysimage/root/systemid.old" try: new_keys = "1-972a0b7ef4bc2703fab0b344d6fe26a4,1-f567631e7792cc3c66baa71308a418d8" for key in new_keys.split(','): if key.startswith('re-'): os.exit(0) if os.path.exists(old_system_id): client = xmlrpclib.Server("http://spacewalk01/rpc/api") key = client.system.obtain_reactivation_key(open(old_system_id).read()) f = open("/mnt/sysimage/tmp/key","w") f.write(key) f.close() shutil.copy(old_system_id, new_system_id) except: # xml rpc due to a old/bad system id # we don't care about those # we'll register those as new. pass %post --logfile /root/ks-rhn-post.log # --Begin Spacewalk command section-- cat > /tmp/ssl-key-1 <<'EOF' Certificate: Data: Version: 3 (0x2) Serial Number: fa:bd:ed:8c:b6:d5:05:a3 Signature Algorithm: sha1WithRSAEncryption Issuer: C=GB, ST=West Midlands, L=Birmingham, O=SCC, OU=DCS, CN=spacewalk01 Validity Not Before: May 9 08:51:41 2011 GMT Not After : May 2 08:51:41 2036 GMT Subject: C=GB, ST=West Midlands, L=Birmingham, O=SCC, OU=DCS, CN=spacewalk01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:a0:48:2a:66:e6:77:92:d3:b8:5a:6a:96:ca:a9: 6c:51:75:11:f4:92:0c:ff:27:d1:01:0c:33:0a:6d: d3:dc:2a:31:bd:72:bb:53:5e:70:2d:bc:12:50:8f: 99:b3:43:f0:96:df:d3:d3:ea:ad:91:57:b9:10:5b: 4b:2d:37:fb:8e:76:eb:9f:f2:eb:6a:09:8d:0a:63: 2e:53:51:fe:06:b6:bf:f5:9b:91:ff:a7:7a:b8:43: 72:c2:ad:d1:6d:44:d9:2a:bb:ee:a1:26:b5:49:f4: 9e:16:75:e1:6a:0b:0a:28:54:ba:1c:0c:2d:b9:a2: 6a:d9:1e:a6:b5:81:78:18:46:46:cd:5e:21:c2:a1: e2:40:5c:75:87:df:9f:f9:ec:55:e3:5b:33:1a:dd: d6:5c:f2:ef:4e:3e:db:3e:bf:19:86:f3:0b:06:b7: 7c:f2:9b:96:26:6d:ba:e3:65:a2:07:5f:b0:ca:c8: b0:5f:a0:37:b8:99:29:eb:de:f7:e0:d1:d0:22:ac: 2f:1b:c6:e5:2d:1e:bb:6b:61:d5:27:98:93:19:81: 2b:dd:ab:96:6f:a6:b6:37:26:1e:f1:90:18:ee:46: ba:af:94:f7:b4:a0:05:ae:ff:ac:44:5a:b3:fd:3f: 0c:28:24:51:9a:66:c9:a7:fc:91:39:3a:1e:bf:88: 4d:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:TRUE X509v3 Key Usage: Digital Signature, Key Encipherment, Certificate Sign X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication Netscape Comment: RHN SSL Tool Generated Certificate X509v3 Subject Key Identifier: 6D:30:4B:40:34:93:A4:50:92:3D:D1:B1:0C:4B:90:D4:4E:7B:20:51 X509v3 Authority Key Identifier: keyid:6D:30:4B:40:34:93:A4:50:92:3D:D1:B1:0C:4B:90:D4:4E:7B:20:51 DirName:/C=GB/ST=West Midlands/L=Birmingham/O=SCC/OU=DCS/CN=spacewalk01 serial:FA:BD:ED:8C:B6:D5:05:A3 Signature Algorithm: sha1WithRSAEncryption 1b:a7:5f:b6:bb:c2:ab:2a:a9:6a:be:ca:e5:a5:cb:c9:34:b8: 9c:a4:96:1a:79:13:5b:8e:a9:d0:6d:8e:b7:4f:ab:d9:d9:92: da:38:4e:65:43:97:32:16:23:51:bd:27:03:1c:2c:45:ff:99: 70:ef:6a:a3:73:5e:cc:21:bd:a2:bf:0b:68:a2:a4:40:e6:0d: f5:11:ba:7c:2d:4e:21:f2:5e:5a:24:4b:8e:cb:1a:d5:4c:93: b3:1a:18:d5:7f:b4:bb:32:cb:22:16:c9:43:04:23:59:9a:62: 84:05:2b:95:b1:6f:ba:87:75:a1:01:3c:68:ff:90:48:9a:c9: 84:70:b2:f0:da:df:9d:d6:ec:26:6a:1a:42:ca:3d:8d:a5:bf: 2d:df:9e:bb:41:e5:4c:46:46:7f:94:48:e2:e6:83:a5:8a:1b: fa:7b:ed:3a:50:d3:67:5b:6d:0d:68:54:d9:0f:5e:ce:21:80: ea:c7:f2:e7:62:e7:b2:d0:70:88:9b:a8:9c:dd:2e:f0:e1:67: 1e:82:89:a8:5c:99:91:56:64:cc:b6:36:46:c2:b9:2c:86:38: 1c:04:5e:24:9e:6b:7d:00:00:57:b7:5a:92:0d:bd:f1:97:2d: a2:32:ab:53:9b:67:81:fe:30:c7:55:db:de:22:60:bc:31:34: 29:9f:bd:82 -----BEGIN CERTIFICATE----- MIIEjjCCA3agAwIBAgIJAPq97Yy21QWjMA0GCSqGSIb3DQEBBQUAMGwxCzAJBgNV BAYTAkdCMRYwFAYDVQQIEw1XZXN0IE1pZGxhbmRzMRMwEQYDVQQHEwpCaXJtaW5n aGFtMQwwCgYDVQQKEwNTQ0MxDDAKBgNVBAsTA0RDUzEUMBIGA1UEAxMLc3BhY2V3 YWxrMDEwHhcNMTEwNTA5MDg1MTQxWhcNMzYwNTAyMDg1MTQxWjBsMQswCQYDVQQG EwJHQjEWMBQGA1UECBMNV2VzdCBNaWRsYW5kczETMBEGA1UEBxMKQmlybWluZ2hh bTEMMAoGA1UEChMDU0NDMQwwCgYDVQQLEwNEQ1MxFDASBgNVBAMTC3NwYWNld2Fs azAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEgqZuZ3ktO4WmqW yqlsUXUR9JIM/yfRAQwzCm3T3CoxvXK7U15wLbwSUI+Zs0Pwlt/T0+qtkVe5EFtL LTf7jnbrn/LragmNCmMuU1H+Bra/9ZuR/6d6uENywq3RbUTZKrvuoSa1SfSeFnXh agsKKFS6HAwtuaJq2R6mtYF4GEZGzV4hwqHiQFx1h9+f+exV41szGt3WXPLvTj7b Pr8ZhvMLBrd88puWJm2642WiB1+wysiwX6A3uJkp69734NHQIqwvG8blLR67a2HV J5iTGYEr3auWb6a2NyYe8ZAY7ka6r5T3tKAFrv+sRFqz/T8MKCRRmmbJp/yROToe v4hNgQIDAQABo4IBMTCCAS0wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAqQwHQYD VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDEGCWCGSAGG+EIBDQQkFiJSSE4g U1NMIFRvb2wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRtMEtANJOk UJI90bEMS5DUTnsgUTCBngYDVR0jBIGWMIGTgBRtMEtANJOkUJI90bEMS5DUTnsg UaFwpG4wbDELMAkGA1UEBhMCR0IxFjAUBgNVBAgTDVdlc3QgTWlkbGFuZHMxEzAR BgNVBAcTCkJpcm1pbmdoYW0xDDAKBgNVBAoTA1NDQzEMMAoGA1UECxMDRENTMRQw EgYDVQQDEwtzcGFjZXdhbGswMYIJAPq97Yy21QWjMA0GCSqGSIb3DQEBBQUAA4IB AQAbp1+2u8KrKqlqvsrlpcvJNLicpJYaeRNbjqnQbY63T6vZ2ZLaOE5lQ5cyFiNR vScDHCxF/5lw72qjc17MIb2ivwtooqRA5g31Ebp8LU4h8l5aJEuOyxrVTJOzGhjV f7S7MssiFslDBCNZmmKEBSuVsW+6h3WhATxo/5BImsmEcLLw2t+d1uwmahpCyj2N pb8t3567QeVMRkZ/lEji5oOlihv6e+06UNNnW20NaFTZD17OIYDqx/LnYuey0HCI m6ic3S7w4WcegomoXJmRVmTMtjZGwrkshjgcBF4knmt9AABXt1qSDb3xly2iMqtT m2eB/jDHVdveImC8MTQpn72C -----END CERTIFICATE----- EOF # ssl-key1 cat /tmp/ssl-key-* > /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT perl -npe 's/RHNS-CA-CERT/RHN-ORG-TRUSTED-SSL-CERT/g' -i /etc/sysconfig/rhn/* mkdir -p /tmp/rhn_rpms/optional cd /tmp/rhn_rpms/optional wget -P /tmp/rhn_rpms/optional http://spacewalk01/download/package/e3b476d4adf06983096a4d7eebcc287d981ce809/0/1/3972/rhnlib-2.5.39-1.el5.noarch.rpm http://spacewalk01/download/package/2c2ac2bd4b1be4e10ae9de34bcc37b758d63af15/0/1/2740/pyOpenSSL-0.6-1.p24.7.2.2.x86_64.rpm http://spacewalk01/download/package/ee9a1bcd483b703a9a3bc26511bc5c342846c850/0/1/3439/libxml2-python-2.6.26-2.1.2.8.el5_5.1.x86_64.rpm rpm -Uvh --replacepkgs --replacefiles /tmp/rhn_rpms/optional/pyOpenSSL* /tmp/rhn_rpms/optional/rhnlib* /tmp/rhn_rpms/optional/libxml2-python* perl -npe 's|^(\s*serverURL\s*=\s*[^:]+://)[^/]*/|${1}spacewalk01/|' -i /etc/sysconfig/rhn/up2date mkdir -p /etc/sysconfig/rhn/allowed-actions/script touch /etc/sysconfig/rhn/allowed-actions/script/all mkdir -p /etc/sysconfig/rhn/allowed-actions/configfiles touch /etc/sysconfig/rhn/allowed-actions/configfiles/all # now copy from the ks-tree we saved in the non-chroot checkout cp -fav /tmp/ks-tree-copy/* / rm -Rf /tmp/ks-tree-copy # --End Spacewalk command section-- /etc/init.d/messagebus restart /etc/init.d/haldaemon restart # begin cobbler snippet # begin Red Hat management server registration mkdir -p /usr/share/rhn/ wget http://spacewalk01/pub/RHN-ORG-TRUSTED-SSL-CERT -O /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT perl -npe 's/RHNS-CA-CERT/RHN-ORG-TRUSTED-SSL-CERT/g' -i /etc/sysconfig/rhn/* key="" if [ -f /tmp/key ]; then key=`cat /tmp/key` fi if [ $key ]; then rhnreg_ks --serverUrl=https://spacewalk01/XMLRPC --sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT --activationkey=$key,1-972a0b7ef4bc2703fab0b344d6fe26a4,1-f567631e7792cc3c66baa71308a418d8 else rhnreg_ks --serverUrl=https://spacewalk01/XMLRPC --sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT --activationkey=1-972a0b7ef4bc2703fab0b344d6fe26a4,1-f567631e7792cc3c66baa71308a418d8 fi # end Red Hat management server registration # end cobbler snippet rhn_check # Start post_install_network_config generated code # End post_install_network_config generated code %post # Start koan environment setup echo "export COBBLER_SERVER=spacewalk01.sccis.net" > /etc/profile.d/cobbler.sh echo "setenv COBBLER_SERVER spacewalk01.sccis.net" > /etc/profile.d/cobbler.csh # End koan environment setup # MOTD echo >> /etc/motd echo "Spacewalk kickstart on $(date +'%Y-%m-%d')" >> /etc/motd echo >> /etc/motd # end of generated kickstart file wget "http://spacewalk01.sccis.net/cblr/svc/op/ks/profile/scc-centos-5-x86-64-vm-base-build:1:SpacewalkDefaultOrganization" -O /root/cobbler.ks wget "http://spacewalk01.sccis.net/cblr/svc/op/trig/mode/post/profile/scc-centos-5-x86-64-vm-base-build:1:SpacewalkDefaultOrganization" -O /dev/null Copyright © 2002-10 Red Hat, Inc. All rights reserved. Privacy statement : Legal statement : redhat.com Spacewalk release 1.3