[CentOS-virt] Package lists for Cloud images

Thu Oct 4 17:17:08 UTC 2012
Tru Huynh <tru at centos.org>

On Thu, Oct 04, 2012 at 11:16:59AM +0200, Tru Huynh wrote:
> I would disable ssh password login completely too.

%packages
@base
lftp
sudo
screen
wget
nfs-utils
epel-release
cloud-init
# disable kdump
-kexec-tools
ntp
nano
acpid
openssh-clients
# firmware--
# ...

%end

%post
# sudoers ** don't forget to have sudo in the package list
echo 'ec2-user ALL = NOPASSWD: ALL' >> /etc/sudoers
# sshd
sed -i -e 's/^#PermitRootLogin yes.*/PermitRootLogin no/g' /etc/ssh/sshd_config
sed -i -e 's/^PasswordAuthentication yes.*/PasswordAuthentication no/g' /etc/ssh/sshd_config
#
# ec2-users configuration
useradd -G wheel ec2-user

# fix network
cat <<ETH0 > /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
ETH0

/bin/rm -f "/etc/udev/rules.d/*persistent*"

# fix selinux permissions
/sbin/restorecon -rv /home /etc /boot

# turn off fsck *** FIX the device ***
tune2fs -c 0 -i 0 /dev/sda1

# cleanup
# you will get error messages from anaconda trying to chmod the missing files
# if you are reading the console output, these messages are harmless, afaik!
/bin/rm -f \
/tmp/ks* \
/tmp/yum* \
/var/log/anaconda* \
/var/log/dracut.log \
/root/install* \
/root/anaconda* 

%end

-- 
Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20121004/cbb7e35b/attachment-0002.sig>