Test wrote: > > Is it at all possible to do a graphical netinstall ? > > I am using centos 5.2, and i have been doing net installs (pxe) for a > while in console mode... The pxeboot initrd and vmlinuz are in the boot directory on CD 1. Copy those to the tftpboot directory, along with your pxelinux.0, and put the syslinux config in the pxelinux.cfg/default file, mine looks like so: default server prompt 1 timeout 100 display pxeboot.msg label server kernel vmlinuz append initrd=initrd.img ramdisk_size=8192 root=/dev/ram0 ip=dhcp lang=us expert ksdevice=eth0 ks=http://10.1.1.60/CentOS/5/server.cfg method=http://10.1.1.60/CentOS/5/os/i386 noipv6 quiet label desktop kernel vmlinuz append initrd=initrd.img ramdisk_size=8192 root=/dev/ram0 ip=dhcp lang=us ksdevice=eth0 ks=http://10.1.1.60/CentOS/5/desktop.cfg method=http://10.1.1.60/CentOS/5/os/i386 noipv6 quiet I setup the packages on a web server along with my kickstart that looks like so for desktops: install reboot lang en_US.UTF-8 keyboard us firewall --disabled selinux --disabled firstboot --disabled timezone --utc America/New_York network --device=eth0 --bootproto=dhcp authconfig --enableshadow --enablemd5 --enablecache rootpw --iscrypted <passwd hash> monitor --noprobe --monitor="LCD Panel 1280x1024" xconfig --driver "vesa" --resolution="1280x1024" --depth=24 --startxonboot --defaultdesktop=kde bootloader --location=mbr zerombr clearpart --linux --initlabel --drives=sda part /boot --fstype ext3 --size=128 --ondisk=sda --asprimary part pv.0 --size=0 --grow --ondisk=sda volgroup vg0 --pesize=32768 pv.0 logvol / --fstype ext3 --name=root --vgname=vg0 --size=4096 --grow --maxsize=16384 logvol swap --fstype swap --name=swap --vgname=vg0 --size=1024 --grow --maxsize=2048 %packages @base @core @base-x @kde-desktop -NetworkManager -desktop-printing -firstboot -gdm -im-chooser -kdeaccessibility -kdeaddons -kdepim -pirut -pup -system-config-date -system-config-display -system-config-keyboard -system-config-language ImageMagick compat-libstdc++-33 cyrus-sasl-gssapi cyrus-sasl-md5 cyrus-sasl-ntlm firefox hplip k3b ntp openldap-clients openmotif openoffice.org-base openoffice.org-calc openoffice.org-draw openoffice.org-emailmerge openoffice.org-graphicfilter openoffice.org-math openoffice.org-impress openoffice.org-writer openoffice.org-xsltfilter openoffice.org-javafilter openoffice.org-pyuno rdesktop samba-client sendmail-cf telnet-server usermode-gtk vnc %post export ARCH="`uname -i`" # Install EPEL Repository rpm -ivh http://software.mfg.prv/Software/Redhat/EPEL/5/epel-release-5-2.noarch.rpm # Set yum repos to baseurl from mirrorlist and set their priorities for repo in `ls /etc/yum.repos.d/*.repo`; do sed -i -e 's/^#baseurl=/baseurl=/' $repo sed -i -e 's/^mirrorlist=/#mirrorlist=/' $repo sed -i -e 's/^baseurl=\(.*\)\(\/os\/\$basearch\/\)$/#baseurl=\1\2\nbaseurl=http:\/\/centos.mfg.prv\/centos\/\$releasever\2/' $repo sed -i -e 's/^baseurl=\(.*\)\(\/updates\/\$basearch\/\)$/#baseurl=\1\2\nbaseurl=http:\/\/centos.mfg.prv\/centos\/\$releasever\2/' $repo sed -i -e 's/\(^name=CentOS.*Media$\)/\1\npriority=1/' $repo sed -i -e 's/\(^name=CentOS.*Base$\)/\1\npriority=1/' $repo sed -i -e 's/\(^name=CentOS.*Updates$\)/\1\npriority=1/' $repo sed -i -e 's/\(^name=CentOS.*Addons$\)/\1\npriority=2/' $repo sed -i -e 's/\(^name=CentOS.*Extras$\)/\1\npriority=2/' $repo sed -i -e 's/\(^name=CentOS.*Plus$\)/\1\npriority=2/' $repo sed -i -e 's/\(^name=CentOS.*Contrib$\)/\1\npriority=2/' $repo done # Load default package signing keys rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-beta rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5 rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL # Install Yum Priorities yum -y install yum-priorities # Config Priority Obsoletes echo "check_obsoletes = 1" >>/etc/yum/pluginconf.d/priorities.conf # Update distribution yum -y update # Microsoft core TT fonts rpm -ivh http://software.mfg.prv/Software/Linux/msttcorefonts/msttcorefonts-2.0-1.noarch.rpm # Adobe Reader rpm -ivh http://software.mfg.prv/Software/Adobe/Reader/Linux/AdobeReader_enu-8.1.2-1.i486.rpm # Adobe Flash Plugin rpm -ivh http://software.mfg.prv/Software/Adobe/Flash/Linux/flash-plugin-9.0.124.0-release.i386.rpm # Sun Java Runtime Environment rpm -ivh http://software.mfg.prv/Software/Sun/Java/JRE/Linux/jre-6u2-linux-i586.rpm # Set Sun Java as default rm -f /usr/bin/javaws rm -f /usr/bin/jcontrol alternatives --install /usr/bin/java java /usr/java/default/bin/java 1000 --slave /usr/lib/jvm/jre jre /usr/java/default --slave /usr/bin/javaws javaws /usr/java/default/bin/javaws --slave /usr/bin/jcontrol jcontrol /usr/java/default/bin/jcontrol --slave /usr/bin/rmiregistry rmiregistry /usr/java/default/bin/rmiregistry alternatives --set java /usr/java/default/bin/java # Add local admin user account (failsafe) useradd -p '<passwd hash>' admin # Configure services chkconfig lisa on chkconfig ntpd on chkconfig telnet on # Default LISA configuration mv /etc/lisarc /etc/lisarc.orig cat >/etc/lisarc <<EOF PingAddresses = 127.0.0.1/255.255.255.255; PingNames = AllowedAddresses = 127.0.0.1/255.255.255.255; BroadcastNetwork = 127.0.0.1/255.255.255.255; SearchUsingNmblookup = 1 FirstWait = 30 SecondWait = -1 UpdatePeriod = 150 DeliverUnnamedHosts = 1 MaxPingsAtOnce = 256 EOF # Default Kerberos configuration mv /etc/krb5.conf /etc/krb5.conf.orig cat >/etc/krb5.conf <<EOF [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = EXAMPLE.COM dns_lookup_realm = false dns_lookup_kdc = false ticket_lifetime = 24h renew_lifetime = 7d forwardable = yes [appdefaults] pam = { debug = false ticket_lifetime = 24h renew_lifetime = 7d forwardable = true krb4_convert = false } EOF authconfig --kickstart --enablekrb5 --krb5realm=MFG.PRV --krb5kdc=mfg.prv --krb5adminserver=mfg.prv --enablekrb5kdcdns --enablekrb5realmdns # Default Samba configuration mv /etc/samba/smb.conf /etc/samba/smb.conf.orig cat >/etc/samba/smb.conf <<EOF [global] workgroup = EXAMPLE realm = EXAMPLE.COM security = ads password server = * use kerberos keytab = yes passdb backend = tdbsam allow trusted domains = no idmap domains = default idmap config default:default = yes idmap config default:backend = rid idmap uid = 100000 - 999999 idmap gid = 100000 - 999999 template homedir = /home/%U template shell = /bin/bash winbind use default domain = true winbind enum groups = yes winbind enum users = yes name resolve order = wins bcast host [homes] comment = Home Directories read only = no browseable = no [printers] comment = All Printers path = /var/spool/samba printable = yes browseable = no EOF authconfig --kickstart --smbworkgroup=MFG --smbservers=* --enablewinbind --smbsecurity=ads --smbrealm=MFG.PRV --smbidmapuid=100000-999999 --smbidmapgid=100000-999999 --winbindtemplatehomedir=/home/%U --winbindtemplateshell=/bin/bash --enablewinbindusedefaultdomain # Default NSS_LDAP configuration mv /etc/ldap.conf /etc/ldap.conf.orig cat >/etc/ldap.conf <<EOF uri ldap://example.com/ base dc=example,dc=com timelimit 30 bind_timelimit 30 idle_timelimit 3600 ssl start_tls tls_checkpeer no use_sasl yes sasl_secprops maxssf=0 krb5_ccname FILE:/tmp/krb5.ldap pam_filter objectClass=User pam_password crypt nss_map_objectclass posixAccount User nss_map_objectclass shadowAccount User nss_map_objectclass posixGroup Group nss_map_attribute homeDirectory unixHomeDirectory nss_map_attribute uniqueMember msSFU30PosixMember nss_map_attribute userPassword unixUserPassword nss_initgroups_ignoreusers root,ldap,named,avahi,haldaemon,dbus,radvd,tomcat,radiusd,news,mailman EOF # Default OpenLDAP configuration mv /etc/openldap/ldap.conf /etc/openldap/ldap.conf.orig cat >/etc/openldap/ldap.conf <<EOF URI ldap://example.com BASE dc=example, dc=com SASL_SECPROPS maxssf=0 TLS_REQCERT allow EOF authconfig --kickstart --ldapserver=mfg.prv --ldapbasedn="DC=mfg,DC=prv" # Default Sendmail & Submission configuration mv /etc/mail/sendmail.mc /etc/mail/sendmail.mc.orig cat >/etc/mail/sendmail.mc <<EOF divert(-1)dnl dnl # dnl # This is the sendmail macro config file for m4. If you make changes to dnl # /etc/mail/sendmail.mc, you will need to regenerate the dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is dnl # installed and then performing a dnl # dnl # make -C /etc/mail dnl # include(\`/usr/share/sendmail-cf/m4/cf.m4')dnl VERSIONID(\`setup for Red Hat Linux')dnl OSTYPE(\`linux')dnl DAEMON_OPTIONS(\`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl DOMAIN(\`generic')dnl FEATURE(\`nocanonify')dnl FEATURE(\`nullclient',\`mfg.prv')dnl MASQUERADE_AS(\`mfg.prv')dnl undefine(\`ALIAS_FILE')dnl EOF mv /etc/mail/submit.mc /etc/mail/submit.mc.orig cat >/etc/mail/submit.mc <<EOF divert(-1) # # Copyright (c) 2001-2003 Sendmail, Inc. and its suppliers. # All rights reserved. # # By using this file, you agree to the terms and conditions set # forth in the LICENSE file which can be found at the top level of # the sendmail distribution. # # # # This is the prototype file for a set-group-ID sm-msp sendmail that # acts as a initial mail submission program. # divert(0)dnl include(\`/usr/share/sendmail-cf/m4/cf.m4') VERSIONID(\`linux setup for Red Hat Linux')dnl define(\`confCF_VERSION', \`Submit')dnl define(\`__OSTYPE__',\`')dnl dirty hack to keep proto.m4 from complaining define(\`_USE_DECNET_SYNTAX_', \`1')dnl support DECnet define(\`confTIME_ZONE', \`USE_TZ')dnl define(\`confDONT_INIT_GROUPS', \`True')dnl define(\`confPID_FILE', \`/var/run/sm-client.pid')dnl dnl define(\`confDIRECT_SUBMISSION_MODIFIERS',\`C') FEATURE(\`use_ct_file')dnl FEATURE(\`allmasquerade')dnl FEATURE(\`masquerade_envelope')dnl MASQUERADE_AS(\`mfg.prv')dnl dnl dnl If you use IPv6 only, change [127.0.0.1] to [IPv6:::1] FEATURE(\`msp', \`[127.0.0.1]')dnl EOF # Default KDE-CUPS settings mv /etc/cups/cupsd.conf /etc/cups/cupsd.conf.orig mv /etc/cups/cupsd.conf.default /etc/cups/cupsd.conf.default.orig cat >/etc/cups/cupsd.conf <<EOF Classification none DefaultCharset UTF-8 DefaultLanguage en Printcap /etc/printcap PrintcapFormat BSD RemoteRoot remroot SystemGroup sys root ServerCertificate /etc/cups/ssl/server.crt ServerKey /etc/cups/ssl/server.key <Location /> Encryption IfRequested Satisfy All Order allow,deny Allow @LOCAL </Location> <Location /admin> Encryption Required Satisfy All Order allow,deny Allow @LOCAL </Location> <Location /admin/conf> AuthType Basic Require user @SYSTEM Encryption IfRequested Satisfy All Order allow,deny Allow @LOCAL </Location> HostnameLookups Off KeepAlive On KeepAliveTimeout 60 MaxClients 100 MaxRequestSize 0 Timeout 300 Port 631 Listen /var/run/cups/cups.sock AccessLog /var/log/cups/access_log ErrorLog /var/log/cups/error_log PageLog /var/log/cups/page_log MaxLogSize 0 LogLevel info PreserveJobHistory On PreserveJobFiles Off AutoPurgeJobs No MaxJobs 0 MaxJobsPerPrinter 0 MaxJobsPerUser 0 User lp Group lp RIPCache 8m FilterLimit 0 DataDir /usr/share/cups DocumentRoot /usr/share/cups/doc RequestRoot /var/spool/cups ServerBin /usr/lib/cups ServerRoot /etc/cups TempDir /var/spool/cups/tmp Browsing On BrowseOrder allow,deny BrowseAllow @LOCAL BrowseAddress @LOCAL BrowseProtocols CUPS BrowsePort 631 BrowseInterval 30 BrowseTimeout 300 ImplicitClasses On ImplicitAnyClasses On HideImplicitMembers Off BrowseShortNames Yes EOF cp /etc/cups/cupsd.conf /etc/cups/cupsd.conf.default mv /etc/cups/snmp.conf /etc/cups/snmp.conf.orig cat >/etc/cups/snmp.conf <<EOF Address @LOCAL Community medallion DebugLevel 0 HostNameLookups on EOF # Make sure in the end, local accounts can always login authconfig --kickstart --enablelocauthorize # Disable IPv6 echo "alias net-pf-10 off" >>/etc/modprobe.conf # Add an entry for pam_mkhomedir in system-auth sed -i -e 's/\(session required pam_limits.so\)/session required pam_mkhomedir.so skel=\/etc\/skel umask=0077 silent\n\1/' /etc/pam.d/system-auth # Set HOSTNAME to DHCP_HOSTNAME for DDNS in /etc/sysconfig/network sed -i -e "s/^HOSTNAME=.*/DHCP_HOSTNAME=$(hostname -s)/" /etc/sysconfig/network # Remove DHCP_HOSTNAME from ifcfg files if it exists sed -i -e '/^DHCP_HOSTNAME=.*/d' /etc/sysconfig/network-scripts/ifcfg-* # Clean up /etc/hosts, 127.0.0.1 is ALWAYS localhost sed -i -e 's/^127.0.0.1\t\t.*localhost.localdomain localhost/127.0.0.1\t\tlocalhost.localdomain localhost/' /etc/hosts sed -i -e 's/^::1\t\t.*localhost.localdomain localhost/::1\t\t\tlocalhost.localdomain localhost/' /etc/hosts # Stop NTP daemon if it is running service ntpd stop # Sync clock to network time ntpdate -b mfg.prv ______________________________________________________________________ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof.