8f8e51a9e8
kernel 5.10 did not support crashkernel=auto, so we change it to crashkernel=512M, because kdump-anaconda-addon that is included in squashfs.img does not support the value --reserve-mb='2G-8G:256M,8G-16G:512M,16G-32G:1G,32G:2G'. crashkernel=512M-2G:64M,2G-8G:256M,8G-16G:512M,16G-32G:1G,32G-:2G that is equivalent to the 'auto' value for the 'crashkernel'. This work will be done to make this dynamic, based on system memory, via other tooling, such as puppet. Story: 2008921 Task: 42872 Signed-off-by: Jiping Ma <jiping.ma2@windriver.com> Change-Id: I9a12cf34074490fdfec897126bd9a32c530c36b1
79 lines
1.9 KiB
INI
79 lines
1.9 KiB
INI
%pre --erroronfail
|
|
|
|
# Source common functions
|
|
. /tmp/ks-functions.sh
|
|
|
|
# First, parse /proc/cmdline to find the boot args
|
|
set -- `cat /proc/cmdline`
|
|
for I in $*; do case "$I" in *=*) eval $I 2>/dev/null;; esac; done
|
|
|
|
append=
|
|
if [ -n "$console" ] ; then
|
|
append="console=$console"
|
|
fi
|
|
|
|
if [ -n "$security_profile" ]; then
|
|
append="$append security_profile=$security_profile"
|
|
fi
|
|
|
|
#### SECURITY PROFILE HANDLING (Pre Installation) ####
|
|
if [ -n "$security_profile" ] && [ "$security_profile" == "extended" ]; then
|
|
# IMA specific boot options:
|
|
# Enable Kernel auditing
|
|
append="$append audit=1"
|
|
else
|
|
# we need to blacklist the IMA and Integrity Modules
|
|
# on standard security profile
|
|
append="$append module_blacklist=integrity,ima"
|
|
|
|
# Disable Kernel auditing in Standard Security Profile mode
|
|
append="$append audit=0"
|
|
fi
|
|
|
|
if [ -n "$tboot" ]; then
|
|
append="$append tboot=$tboot"
|
|
else
|
|
append="$append tboot=false"
|
|
fi
|
|
|
|
if [ -z "$boot_device" ]; then
|
|
boot_device=$(get_disk_dev)
|
|
fi
|
|
|
|
boot_device_arg=
|
|
if [ -n "$boot_device" ] ; then
|
|
boot_device_arg="--boot-drive=$(get_by_path $boot_device)"
|
|
fi
|
|
|
|
echo "bootloader --location=mbr $boot_device_arg --timeout=5 --append=\"$append\"" > /tmp/bootloader-include
|
|
|
|
echo "timezone --nontp --utc UTC" >/tmp/timezone-include
|
|
%end
|
|
|
|
#version=DEVEL
|
|
install
|
|
lang en_US.UTF-8
|
|
keyboard us
|
|
%include /tmp/timezone-include
|
|
# set to 'x' so we can use shadow password
|
|
rootpw --iscrypted x
|
|
selinux --disabled
|
|
authconfig --enableshadow --passalgo=sha512
|
|
firewall --service=ssh
|
|
|
|
# The following is the partition information you requested
|
|
# Note that any partitions you deleted are not expressed
|
|
# here so unless you clear all partitions first, this is
|
|
# not guaranteed to work
|
|
zerombr
|
|
|
|
# Disk layout from %pre
|
|
%include /tmp/part-include
|
|
# Bootloader parms from %pre
|
|
%include /tmp/bootloader-include
|
|
|
|
reboot --eject
|
|
|
|
%addon com_redhat_kdump --enable --reserve-mb=512
|
|
%end
|