New to list and question

Alex Lovell-Troy alovell at as.arizona.edu
Thu Mar 2 16:31:45 UTC 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Mar 2, 2006, at 8:28 AM, Patrick wrote:

> Hi all,
>
> Last time I was on this list was iirc in 2002 so I'm sort of new to  
> the
> list. Recently I setup a PXE/kickstart install system for a bunch of
> servers. Works very well (pxe/kickstart rocks!) but it is  
> incomplete so
> I would like to iron out more details. Once the install is finished I
> would like to:
>
> * add extra firewall rules to /etc/sysconfig/iptables or replace it
> * change or replace some configs like /etc/ntp.conf, /etc/hosts
> * turn off a ton of unneeded services (chkconfig --level 2345 foo off)
> * turn off IPv6 in (iirc) /etc/modules.conf
> * turn off zerconf in /etc/sysconfig/network
> * install a bunch of updates
> * install some extra rpms
>
> I assume I should specify this in the %post section of the kickstart
> file but I don't know what the required syntax is. Any suggestions or
> docs how I go about this?
>
> Thanks and regards,
> Patrick
>
> _______________________________________________
> Kickstart-list mailing list
> Kickstart-list at redhat.com
> https://www.redhat.com/mailman/listinfo/kickstart-list


Patrick,
	I have found that a fairly minimal postinstall script  with cfengine  
handling all the other changes later.  The advantage of this is that  
cfengine can help maintain the state of the machine long after the  
installation.  Another benefit of this method is that any changes you  
want to make to a group of machines will happen immediately and any  
newly kickstarted machines will get the updated config.  For things  
like iptables blacklists and whitelists, it is really useful.

So, my post install script downloads and installs yum with my custom  
configurations and then uses yum to apply security patches and  
install some third party applications that I rely on and then it  
calls cfengine to handle the rest of it.

Check it out at http://www.cfengine.org

- -alex

Alex Lovell-Troy
Computer Systems Engineer
Large Binocular Telescope
alt at arizona.edu



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)

iD8DBQFEBx3xdmWtRNAkjzERAnNGAJ4hF+feg0rFbTKynJeibm54vszejQCfRuh1
JdD1l42Wm1rlE4oBenaNGdk=
=CTd5
-----END PGP SIGNATURE-----




More information about the Kickstart-list mailing list