# based on work by Jeff Geerling - https://github.com/geerlingguy/packer-boxes/blob/master/centos7/http/ks.cfg install cdrom lang en_US.UTF-8 keyboard us network --bootproto=dhcp rootpw Packer firewall --disabled selinux --permissive timezone UTC bootloader --location=mbr text skipx zerombr clearpart --all --initlabel # systems will often run better with a bit of swap part / --fstype xfs --grow --size=6144 part swap --fstype swap --size=512 auth --enableshadow --passalgo=sha512 --kickstart firstboot --disabled eula --agreed services --enabled=NetworkManager,sshd reboot %packages --ignoremissing --excludedocs @Core openssh-clients openssh-server sudo net-tools curl # unnecessary firmware -aic94xx-firmware -atmel-firmware -b43-openfwwf -bfa-firmware -ipw2100-firmware -ipw2200-firmware -ivtv-firmware -iwl100-firmware -iwl1000-firmware -iwl3945-firmware -iwl4965-firmware -iwl5000-firmware -iwl5150-firmware -iwl6000-firmware -iwl6000g2a-firmware -iwl6050-firmware -libertas-usb8388-firmware -ql2100-firmware -ql2200-firmware -ql23xx-firmware -ql2400-firmware -ql2500-firmware -rt61pci-firmware -rt73usb-firmware -xorg-x11-drv-ati-firmware -zd1211-firmware %end %post yum update -y # set virtual-guest as default profile for tuned echo "virtual-guest" > /etc/tuned/active_profile # Because memory is scarce resource in most cloud/virt environments, # and because this impedes forensics, we are differing from the Fedora # default of having /tmp on tmpfs. echo "Disabling tmpfs for /tmp." systemctl mask tmp.mount cat < /etc/sysconfig/kernel # UPDATEDEFAULT specifies if new-kernel-pkg should make # new kernels the default UPDATEDEFAULT=yes # DEFAULTKERNEL specifies the default kernel package type DEFAULTKERNEL=kernel EOL # make sure firstboot doesn't start echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot echo "Fixing SELinux contexts." touch /var/log/cron touch /var/log/boot.log mkdir -p /var/cache/yum /usr/sbin/fixfiles -R -a restore yum -y remove firewalld sed -i "s/^.*requiretty/#Defaults requiretty/" /etc/sudoers yum clean all %end