dnf -y install lorax
mkdir /home/iso
curl -o /home/iso/Rocky9.iso https://dl.rockylinux.org/pub/rocky/9/isos/x86_64/Rocky-9-latest-x86_64-minimal.iso
tee /home/iso/KS-lab-svc01 > /dev/null << 'EOT'
# Generated by Anaconda 34.25.2.10
# Generated by pykickstart v3.32
#version=RHEL9
lang en_US
keyboard --xlayouts='us'
timezone Etc/UTC --utc
text
cdrom
bootloader --append="rhgb quiet crashkernel=1G-4G:192M,4G-64G:256M,64G-:512M"
zerombr
clearpart --all --initlabel
autopart
network --device=eno1 --hostname=svc01 --bootproto=static --ip=10.9.8.10 --netmask=255.255.255.0 --gateway=10.9.8.1 --nameserver=10.9.8.10
firstboot --disable
selinux --enforcing
firewall --enabled --ssh
%packages
@^minimal-environment
%end
# Root password
rootpw --lock
user --groups=wheel --name=breakglass --password=$6$PNwrL2BzVac4zrJT$InHnD3aff/qj2jCTH1ysh5AQll.2RF5pXs6AwuyHAAK5btEIgnzJjRRG587gEbT.0ePEvsfXW5hgfiGP7BUU.. --iscrypted --gecos="Breakglass"
reboot
EOT
mkksiso /home/iso/rocky9ks /home/iso/Rocky9.iso /home/iso/Rocky9-KS.iso
rpm -qa --queryformat %{NAME}-%{VERSION}-%{RELEASE}.%{ARCH}'\n' | sort > rpms.txt
#mount directory
MD="/tmp/iso/mnt"
#working directory
WD="/tmp/iso/working"
#rpm file
RPM_FILE="/home/iso/rpms.txt"
#iso source
ISO_S="/home/iso/rhel-8.7-x86_64-dvd.iso"
#iso dest
ISO_D="/home/iso/rhel-8.7-x86_64-shrunk.iso"
#kiskstart file
KS="/home/iso/rocky9ks"
umount $MD
mkdir -vp $MD $WD/BaseOS/Packages $WD/AppStream/Packages
mount -o loop $ISO_S $MD
rsync -av --progress $MD/ $WD --exclude BaseOS --exclude AppStream
for pkg in `cat $RPM_FILE`; do
RPM=`find $MD -name $pkg*.rpm`
if [[ $RPM =~ .*BaseOS.* ]];then
cp -avp $RPM $WD/BaseOS/Packages/
elif [[ $RPM =~ .*AppStream.* ]];then
cp -avp $RPM $WD/AppStream/Packages/
else
echo "$pkg not found"
fi
done
cp -v $MD/AppStream/repodata/*comps*.xml $WD/AppStream/comps_app.xml
cp -v $MD/BaseOS/repodata/*comps*.xml $WD/BaseOS/comps_base.xml
createrepo -g $WD/AppStream/comps_app.xml $WD/AppStream/
createrepo -g $WD/BaseOS/comps_base.xml $WD/BaseOS/
cp -v $MD/AppStream/repodata/*modules.yaml* $WD/AppStream/
for i in `ls $WD/AppStream/*modules.yaml.gz`; do gunzip $i; mv $WD/AppStream/*modules.yaml $WD/AppStream/modules.yaml; done
cp -v $KS $WD/ks.cfg
modifyrepo_c --mdtype=modules $WD/AppStream/modules.yaml $WD/AppStream/repodata/
# append initrd=initrd.img inst.repo=cdrom ks=cdrom:/ks.cfg quiet fips=1
vim $WD/isolinux/isolinux.cfg
cd $WD
mkisofs -o $ISO_D -b isolinux/isolinux.bin -c isolinux/boot.cat --no-emul-boot --boot-load-size 4 --boot-info-table -J -R -V "RHEL-8-7-0-BaseOS-x86_64" $WD/
umount $MD
rm -rfv $WD
tee /home/iso/KS-lab-edg01 > /dev/null << 'EOT'
# Generated by Anaconda 34.25.2.10
# Generated by pykickstart v3.32
#version=RHEL9
lang en_US
keyboard --xlayouts='us'
timezone Etc/UTC --utc
text
cdrom
bootloader --append="rhgb quiet crashkernel=1G-4G:192M,4G-64G:256M,64G-:512M"
zerombr
clearpart --all --initlabel
autopart
network --device=eno1 --hostname=edg01 --bootproto=static --ip=10.9.8.1 --netmask=255.255.255.0 --gateway=10.9.8.1 --nameserver=10.9.8.10 --noipv6 --activate
network --bootproto=dhcp --device=enp2s0f0 --noipv6 --activate
firstboot --disable
selinux --enforcing
firewall --enabled --ssh
%packages
@^minimal-environment
%end
# Root password
rootpw --lock
user --groups=wheel --name=breakglass --password=$6$PNwrL2BzVac4zrJT$InHnD3aff/qj2jCTH1ysh5AQll.2RF5pXs6AwuyHAAK5btEIgnzJjRRG587gEbT.0ePEvsfXW5hgfiGP7BUU.. --iscrypted --gecos="Breakglass"
reboot
EOT
Find types of passwords
openssl passwd -help 2>&1 | grep SHA
Generate Password
openssl passwd -6
dd if=/home/iso/Rocky9-KS.iso of=/dev/sdb bs=1M status=progress