[CentOS] Minimal kickstart.cfg requested

Richard Karhuse rkarhuse at gmail.com
Sun Apr 26 10:40:15 UTC 2009


On Fri, Apr 24, 2009 at 9:48 PM, <Daniel_Curry at dell.com> wrote:
>
> Hello, all.
>
> I'm looking at building about a dozen CentOS VM's for a project.  I have
> a desire to use kickstart for this coupled with PXE.  I'm looking for a
> minimal ks.cfg file specifically, I want the bare minimum of software
> that is needed for a system to function.  I will need sshd and yum as
> the only 'services or applications' on top of the OS.  Does anyone have
> an example I can work with, or suggestions on getting to this minimal
> configuration? I'm just looking to save some time, rather than
> re-inventing what may and probably is already out there.
>
> Thanks
>
> Daniel

Since this topic comes up frequently on various e-mail lists, I was
surprised that there wasn't a (mild) flame about searching the archives
and/or googling ...

Here are a few, representative posts that have occurred in the
past (and I've saved) and I hope it helps ...

  -rak-

=====================================================================

---------- Forwarded message ----------
From: David Goldsmith <dgoldsmith at sans.org>
Date: Sat, Mar 28, 2009 at 6:19 PM
Subject: Re: [CentOS] Minimal Install?
To: CentOS mailing list <centos at centos.org>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Norberto Bensa wrote:
> On Sat, Mar 28, 2009 at 12:05 PM, Jim Wildman <jim at rossberry.com> wrote:
>> rpm -qf `which <command>`
>
> Nice. Thanks Frank and Jim
>
> What about the minimal install? Is it possible? I don't need kerberos,
> ldap, and a lot of other things.
>
> Best regards,
> Norberto
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

I was just playing with this myself this week.  For CentOS 5.2, the very
minimal install is 88 RPMs.  This is missing things you will need (like
openssh, passwd, yum, etc) but its basically the bare-bones install.  If
you statically assign IP addresses and don't care about DHCP, you can
reduce the list one more and get rid of 'dhclient'.

All other RPMs are required because of the dependencies that are laid
out.  Various other things will be required as you add some of the
useful utilities back in.

The list of RPMS are:

audit-libs basesystem bash beecrypt bzip2-libs centos-release
centos-release-notes chkconfig coreutils cpio cracklib cracklib-dicts
db4 device-mapper device-mapper-event device-mapper-multipath dhclient
diffutils dmraid e2fsprogs e2fsprogs-libs elfutils-libelf ethtool expat
filesystem findutils gawk gdbm glib2 glibc glibc-common grep grub gzip
info initscripts iproute iputils kernel keyutils-libs kpartx krb5-libs
less libacl libattr libcap libgcc libselinux libsepol libstdc++ libsysfs
libtermcap lvm2 m2crypto MAKEDEV mcstrans mingett mkinitrd mktemp
module-init-tools nash ncurses net-tools openssl pam pcre popt procps
psmisc python readline redhat-logos rootfiles rpm rpm-libs sed setup
shadow-utils sqlite sysklogd SysVinit tar termcap tzdata udev util-linux
vim-minimal zlib


If you are building a Kickstart file, here are useful %packages and
%post sections:

%packages --nobase
kernel-PAE
- -audit-libs-python
- -checkpolicy
- -dhcpv6-client
- -ecryptfs-utils
- -ed
- -file
- -gnu-efi
- -gpm
- -hdparm
- -kbd
- -libhugetlbfs
- -libselinux-python
- -libsemanage
- -nspr
- -nss
- -openssh
- -openssh-clients
- -openssh-server
- -perl
- -policycoreutils
- -prelink
- -selinux-policy
- -selinux-policy-targeted
- -setools
- -setserial
- -sysfsutils
- -tcl
- -udftools
- -vim-enhanced

%post
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
yum -y remove kernel iptables slang usermode wireless-tools
yum -y remove cryptsetup-luks dbus dmidecode hwdata libgpg-error libusb
yum -y remove libvolume_id libxml2-python pciutils
yum -y remove cyrus-sasl-lib logrotate

Packages that are in the Core group tagged as 'mandatory' will get
installed even if you specify them with '-' in the %packages section
thus the need to explicitly remove them in the %post section.

Packages in the Core group tagged as 'default' can be configured to not
be installed by subtracting them in the %packages section.

After the install finishes, you can run the following rpm command to get
rid of yum stuff if desired:

rpm -e libxml2 python-elementtree python-iniparse python-sqlite
python-urlgrabber rpm-python yum yum-metadata-parser

This 'minimal' load is mainly for educational purposes just to see how
small it can get (about 300MB) -- its not very useful.  A useful minimal
load will be somewhere around 150-200 packages depending on what
utilities you want to include.

- --
David Goldsmith
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJzqJV417vU8/9QfkRAjYPAKC3k6UMS2qKA6P8BcXYEtDnOWczJQCcCGLG
lpoKd9kbkc3Hw6HyKgmdf30=
=3/Px
-----END PGP SIGNATURE-----

-------------------------------------------------------------------------------------------------------


---------- Forwarded message ----------
From: Paul Heinlein <heinlein at madboa.com>
Date: Tue, Oct 28, 2008 at 5:15 PM
Subject: Re: [CentOS] Kickstart package groups
To: CentOS mailing list <centos at centos.org>


On Tue, 28 Oct 2008, Francisco Puente wrote:

    Hello,

    I'm building another kickstart CD, minimal, and creating my own repository.

    Is there any way I can get the list of files that a group (like
@core o @base) will install?


Below my .sig is an XSLT stylesheet that will do the trick. Save it to
your filesystem as, e.g., comps.xsl. Then use xsltproc to apply it to
the comps.xml file, e.g.,

 xsltproc --novalid comps.xsl /path/to/repodata/comps.xml > comps.html

The resulting HTML file will provide you a reasonable list of packages
associated with each group.

Warning: the list might not be complete because any given package in
your named group(s) might might require packages not in those groups.
That's why anaconda does dependency checking at installation time.

-- 
Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/

----- comps.xsl -----

<?xml version='1.0'?>
<!DOCTYPE xsl:stylesheet [ <!ENTITY nbsp "&#160;"> ]>
<xsl:stylesheet version="1.0"
                  mlns="http://www.w3.org/1999/xhtml"
             xmlns:xsl="http://www.w3.org/1999/XSL/Transform">

 <xsl:output method="xml"
             indent="yes"
           encoding="iso-8859-1"
     doctype-public="-//W3C//DTD XHTML 1.0 Strict//EN"
     doctype-system="http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"/>

 <!-- the main event -->
 <xsl:template match="comps">
   <html lang="en-US">
     <head>
       <title>comps.xml</title>
       <xsl:call-template name="default.css"/>
     </head>
     <body>
   <xsl:call-template name="intro.text"/>
   <table width="95%">
     <tr>
       <th>Name</th>
       <th>Default</th>
       <th>Visible</th>
       <th>Description</th>
     </tr>
     <xsl:apply-templates select="group" mode="group.chart"/>
   </table>
   <p>&nbsp;</p>
   <table width="95%">
     <tr>
       <th>Name</th>
       <th>Groups Req.</th>
       <th>Packages Req.</th>
     </tr>
   <xsl:apply-templates select="group" mode="package.chart"/>
   </table>
     </body>
   </html>
 </xsl:template>


 <!-- for listing descriptions, whether group is default, ... -->
 <xsl:template match="group" mode="group.chart">
   <xsl:variable name="id" select="id"/>
   <tr>
     <td id="{$id}-info">
       <a href="#{$id}-detail"><xsl:value-of select="name"/></a>
     </td>
     <td><xsl:value-of select="default"/>&nbsp;</td>
     <td><xsl:value-of select="uservisible"/>&nbsp;</td>
     <td><xsl:value-of select="description"/>&nbsp;</td>
   </tr>
 </xsl:template>

 <!-- for listing groups and packages req. by this group -->
 <xsl:template match="group" mode="package.chart">
   <xsl:variable name="id" select="id"/>
   <tr>
     <td id="{$id}-detail">
       <a href="#{$id}-info"><xsl:value-of select="name"/></a>
     </td>
     <td><xsl:apply-templates select="grouplist"/></td>
     <td><xsl:apply-templates select="packagelist"/></td>
   </tr>
 </xsl:template>

 <!-- templates for grouplist and children -->
 <xsl:template match="grouplist">
   <table width="100%">
     <xsl:apply-templates select="*" mode="html.table"/>
   </table>
 </xsl:template>

 <xsl:template match="groupreq" mode="html.table">
   <tr>
     <xsl:call-template name="sub.table.row">
       <xsl:with-param name="leftcol" select="."/>
       <xsl:with-param name="rightcol" select="'&nbsp;'"/>
     </xsl:call-template>
   </tr>
 </xsl:template>

 <xsl:template match="metapkg" mode="html.table">
   <tr>
     <xsl:call-template name="sub.table.row">
       <xsl:with-param name="leftcol" select="."/>
       <xsl:with-param name="rightcol" select="@type"/>
     </xsl:call-template>
   </tr>
 </xsl:template>

 <!-- templates for packagelist and children -->
 <xsl:template match="packagelist">
   <table width="100%">
     <xsl:apply-templates select="*" mode="html.table"/>
   </table>
 </xsl:template>

 <xsl:template match="packagereq" mode="html.table">
   <tr>
     <xsl:call-template name="sub.table.row">
       <xsl:with-param name="leftcol" select="."/>
       <xsl:with-param name="rightcol" select="@type"/>
     </xsl:call-template>
   </tr>
 </xsl:template>


 <!-- named templates -->
 <xsl:template name="sub.table.row">
   <xsl:param name="leftcol"/>
   <xsl:param name="rightcol"/>
   <xsl:variable name="last">
     <xsl:choose>
       <xsl:when test="position() = last()">1</xsl:when>
       <xsl:otherwise>0</xsl:otherwise>
     </xsl:choose>
   </xsl:variable>
   <xsl:choose>
     <xsl:when test="$last = '1'">
       <td style="border-style: none;"><xsl:value-of select="$leftcol"/></td>
       <td style="border-style: none; text-align: right;">
           <xsl:value-of select="$rightcol"/>
       </td>
     </xsl:when>
     <xsl:otherwise>
       <td><xsl:value-of select="$leftcol"/></td>
       <td style="text-align: right;"><xsl:value-of select="$rightcol"/></td>
     </xsl:otherwise>
   </xsl:choose>
 </xsl:template>

 <xsl:template name="default.css">
   <xsl:variable name="color" select="'#990000'"/>
   <style type="text/css">
     a, a:link, a:active, a:visited {
       color: <xsl:value-of select="$color"/>;
       }
     body {
       font-size: small;
       background-color: white;
       color: black;
       width: 700px;
       }
     td {
       border-bottom: 1px solid #999;
       font-size: small;
       vertical-align: top;
       }
     th {
       color: white;
       background-color: <xsl:value-of select="$color"/>;
       font-weight: bold;
       text-align: left;
       padding-right: 15px;
       }
   </style>
 </xsl:template>

 <xsl:template name="intro.text">
   <p>
     Below is an outline of the package groups available at installation
     and, later, via yum and other package-management tools. The top
     table contains descriptions of each group. To see a detailed view
     of the packages that get installed with each group, click on the
     group name.
   </p>
 </xsl:template>

</xsl:stylesheet>

----- end comps.xsl -----

------------------------------------------------------------------------------------------------

---------- Forwarded message ----------
From: Barry Brimer <lists at brimer.org>
Date: Sat, Jul 5, 2008 at 9:32 AM
Subject: Re: [CentOS] Wanted: minimal install ks.cfg
To: CentOS mailing list <centos at centos.org>


>    I'm in need of a minimal ks.cfg file for the smallest possible install
>    with yum.  I've got the scripting for yum to install the apps I need, I
>    just want to insure all the cruft is not on the system as well.  Using
>    the s-c-ks app, the smallest I have gotten is 600MB.  This is for a
>    server appliance vm that I need to deploy quickly and dynamically.


http://wiki.centos.org/TipsAndTricks/KickStart

=====================================================================


---------- Forwarded message ----------
From: <centos at bartbaars.nl>
Date: Wed, Jun 25, 2008 at 4:20 AM
Subject: Re: [CentOS] truly minimal install
To: CentOS mailing list <centos at centos.org>


Use a kickstart-file that has a "nobase" statement..

And have a look at CLIP
(http://oss.tresys.com/projects/clip/wiki/WikiStart) for a truly
minimal kickstart (and a lot of other security related stuff, if
you're interested)..

Cheers,

Bart

----- Original Message -----
From: "Karanbir Singh" <mail-lists at karan.org>
To: "CentOS mailing list" <centos at centos.org>
Sent: Wednesday, June 25, 2008 1:17:28 AM GMT +01:00 Amsterdam /
Berlin / Bern / Rome / Stockholm / Vienna
Subject: Re: [CentOS] truly minimal install

David Hláčik wrote:
> My question is, which way i will achieve really minimum install (with yum).
> So far, i have during install unchecked all packages , then customized
> groups and removed everything including base system.
> As a result my CentOS install was 800MB , which is still to much for us.
> Value around 300 - 400 MB is OK.

do a bunch of 'yum erase' runs postinstall to remove whatever you dont
need ?

--
Karanbir Singh : http://www.karan.org/ : 2522219 at icq

-------------------------------------------------------------------------------------------


http://jons-thoughts.blogspot.com/2007/12/minimal-kickstart.html


Friday, December 07, 2007
Minimal kickstart

I get a lot of questions regarding the fact that RHEL and CentOS
install "too much" by default. They do - not many people require
Bluetooth on their servers for example. So here's a kickstart which
will install Just enough in order to boot the system. Note that
removing some stuff from the below list will result in a less than
functional system, possibly even unbootable. There is a bug which
could result in the system becoming unbootable if too much is stripped
out. Without further ado, here's a working kickstart for CentOS 4. It
will also work on RHEL4 if you remove the 'yum' package specification


install
text
reboot
url --url (your install source goes here)
lang en_US.UTF-8
langsupport --default=en_US.UTF-8 en_US.UTF-8
keyboard us
skipx
network --device eth0 --bootproto dhcp

rootpw --iscrypted (insert a crypted rootpw here - openssl passwd -1)
firewall --disabled
selinux --permissive
authconfig --enableshadow --enablemd5
timezone America/New_York
bootloader --location=mbr

# The following is the partition information you requested
# Note that any partitions you deleted are not expressed
# here so unless you clear all partitions first, this is
# not guaranteed to work
clearpart --all --initlabel

part /boot --fstype ext3 --size=250 --ondisk=sda
part pv.2 --size=0 --grow --ondisk=sda
volgroup VolGroup00 --pesize=32768 pv.2
logvol / --fstype ext3 --name=LogVol00 --vgname=VolGroup00 --size=1024 --grow

logvol swap --fstype swap --name=LogVol01 --vgname=VolGroup00
--size=256 --grow --maxsize=512

%packages --nobase
coreutils
yum
rpm
e2fsprogs
lvm2
grub
sysstat
ntp
openssh-server
openssh-clients



%post

# setup NTP
eco << EOF > /etc/ntp.conf
restrict default noquery notrap nomodfiy
restrict 127.0.0.1
server 0.rhel.ntp.org

server 1.rhel.ntp.org
server 2.rhel.ntp.org
driftfile /var/lib/ntp/drift
EOF
chkconfig ntpd on

Posted by Jon Stanley at 11:33 AM

==============================================================================


---------- Forwarded message ----------
From: Jim Wildman <jim at rossberry.com>
Date: Thu, Sep 28, 2006 at 8:49 AM
Subject: Re: [CentOS] Trimming the fat out of a Centos 4.4 Installation
To: CentOS mailing list <centos at centos.org>


On Thu, 28 Sep 2006, Erick Perez wrote:

> Hi, just to avoid re-inventing the wheel, is there any document that
> can help me reduce even further a "minimum" installation of Centos 4.4
> (BTW can you say 600mb is minimum)?
>

This is my 'minimal base' that I start from.  You could remove the lvm2
stuff as well.  It will do an install of 163 packages and take about
540M of disk.  About the only thing you will have is ssh and yum.  For
a card, you obviously want to change the disk layout.

Apply all the other comments to this one.


# Kickstart file automatically generated by anaconda.

install
url --url <your url here>
lang en_US.UTF-8
langsupport --default=en_US.UTF-8 en_US.UTF-8
keyboard us
# xconfig --card "VMWare" --videoram 16384 --hsync 31.5-37.9 --vsync
50-70 --resolution 800x600 --depth 16
network --device eth0 --bootproto dhcp
rootpw --iscrypted <your pw here>
firewall --disabled
selinux --disabled
authconfig --enableshadow --enablemd5
timezone America/New_York
bootloader --location=mbr
# The following is the partition information you requested
# Note that any partitions you deleted are not expressed
# here so unless you clear all partitions first, this is
# not guaranteed to work
clearpart --linux --drives=sda
part /boot --fstype ext3 --size=100 --ondisk=sda
part pv.2 --size=0 --grow --ondisk=sda
volgroup VolGroup00 --pesize=32768 pv.2
logvol / --fstype ext3 --name=LogVol00 --vgname=VolGroup00 --size=1024
logvol swap --fstype swap --name=LogVol01 --vgname=VolGroup00 --size=1024
reboot
skipx

%packages -nobase
yum
-acpid
-authconfig
-bc
-checkpolicy
-dmraid
-policycoreutils
-selinux-policy-targeted
-libxslt
-xmlsec1-openssl
-xmlsec1
-nc
-lsof

-apmd
-aspell
-aspell-en
-autofs
-bluez-bluefw
-bluez-hcidump
-bluez-libs
-bluez-utils
-crash
-cups
-cups-libs
-dapl
-desktop-file-utils
-dhcpv6_client
-diskdumputils
-dos2unix
-dosfstools
-dump
-eject
-finger
-fontconfig
-freetype
-ftp
-gpm
-groff
-hdparm
-htmlview
-ibmasm
-indexhtml
-ipsec-tools
-irda-utils
-isdn4k-utils
-jpackage-utils
-jwhois
-kernel-ib
-kernel-smp
-krb5-workstation
-lftp
-lha
-libgssapi
-libibverbs
-libmthca
-librdmacm
-libsdp
-libwvstreams
-lksctp-tools
-logrotate
-logwatch
-m4
-m4
-mailcap
-mailx
-man
-man-pages
-mdadm
-minicom
-mkbootdisk
-mt
-mtools
-mtr
-mt-st
-nano
-netconfig
-netdump
-net-snmp-libs
-NetworkManager
-nfs
-nfs-utils-lib
-nscd
-nss_ldap
-numactl
-OpenIPMI
-OpenIPMI-libs
-pam_ccreds
-pam_krb5
-pam_passwdqc
-pam_smb
-parted
-patch
-pax
-pcmcia-cs
-pdksh
-pinfo
-portmap
-ppp
-procmail
-psacct
-quota
-rdate
-rdist
-redhat-lsb
-redhat-menus
-rhpl
-rmt
-rp-pppoe
-rsh
-rsync
-sendmail
-setarch
-setools
-slocate
-specspo
-stunnel
-sudo
-syslinux
-sysreport
-system-config-mouse
-system-config-network-tui
-system-config-securitylevel-tui
-talk
-tcpdump
-tcsh
-telnet
-time
-traceroute
-unix2dos
-up2date
-vconfig
-wget
-which
-wireless-tools
-wvdial
-xorg-x11-libs
-xorg-x11-Mesa-libGL
-ypbind
-yp-tools

%post
------------------------------------------------------------------------
Jim Wildman, CISSP, RHCE       jim at rossberry.com http://www.rossberry.com
"Society in every state is a blessing, but Government, even in its best
state, is a necessary evil; in its worst state, an intolerable one."
Thomas Paine


More information about the CentOS mailing list