> From: Michael Hennebry [mailto:hennebry@xxxxxxxxxxxxxxxxxxxxx] > Sent: 26 January 2012 00:56 > On Wed, 25 Jan 2012, Tim Mooney wrote: > > > In regard to: Re: kickstart vs. /etc/login.defs, Michael Hennebry > said > > (at...: > > > >> On Wed, 25 Jan 2012, root@xxxxxxxxxxxx wrote: > >> > >>> Firstly, for where to put the ks file, it would be easiest for you > to > >>> remaster the boot CD, and put the ks file into the root directory > of the > >>> CD, update the configuration for the CD's boot-loader to add > something > >>> like "ks=cdrom:/fc14.ks", and then burn the resulting (modified) > file-tree > >>> to a new CD disk > > > > For a one-off install, in the absence of a provisioning environment > like > > cobbler, I personally think it's a lot easier to load the kickstart > file > > over the network. Just do something like > > > > - place your ks.cfg in a directory that is accessible via a URL > > - tell anaconda to load the ks.cfg from the URL > > > > ks=http://your.web.host.here/url/path/to/ks.cfg > > I think I can do that. I'm pretty sure that I can use my web site for > it. > Right, Tim? > > >>> To get around the too early/to late of %pre and %post, you may want > to add > >>> a custom RPM archive file to the CD, have it dump the files into > the > >>> being-created system, and run a command as part of its installation > >>> procedure that causes the newly added files to be read. Then > reference the > >>> new RPM archive in the packages section of your ks file. > > > > I don't understand from the initial post what the actual goal is, so > it's > > hard to know what to suggest here. Unless I missed it, the original > issue > > has something to do with uids in the 101-499 range, but I have no > idea > > what the actual problem is. > > By default, Fedora 16 has UID_MIN=GID_MIN=1000. > My Fedora 14 (EOL) has UID_MIN=GID=500. > These values are stored in /etc/login.defs . > I want to install (not uppgrade) Fedora 16 and retain the 500. > I have considered alternatives. > During %pre /etc does not yet exist, > so %pre is too early. > During %post there will already be fake users in the range 500..999, > so %post is too late. > Fedora claims that a kickstart file is the way to keep the 500. > Fedora was stingy with details. > > > I will say that you can do a lot in %post using things like "wget" to > > fetch a remote tarball or zip and then using the contents of that > archive > > to perform further actions. Ah, so I was right to have some of my own programs check login.defs rather than relying on a hard-wired 500 everywhere! That's useful to know. What fake users are created by the install? I would expect only system accounts to be created at that point, which are supposed to have uid's outside the range of normal users. Oh, amandabackup (in CentOS 5, anyway) is a "normal" user. That could be considered a bug in the amanda-backup_client package. Other than that, the only user I see on my CentOS servers that does not use an explicitly defined uid is openvpn, and that is created as a system user. It would be tricky to do what you want. /etc/login.defs is part of the shadow-utils package. You would need to create an rpm that would be installed onto the system after shadow-utils and before whichever packages create the users you are concerned about. In %post, though, you could modify the login.defs file - it will be /mnt/sysimage/etc/login.defs while the %post script is running, and use usermod to change the uid of any user you are particularly concerned about. Note: users with explicitly-assigned uids should not be changed. The --uid option of usermod will change a uid and "Any files which the user owns and which are located in the directory tree rooted at the user's home directory will have the file user ID changed automatically. Files outside of the user's home directory must be altered manually." If you're freshly installing a system though, I would really recommend leaving the defaults the way they are. Moray. "To err is human; to purr, feline." _______________________________________________ Kickstart-list mailing list Kickstart-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/kickstart-list
