Re: Package lists for Cloud images

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Oct 04, 2012 at 11:16:59AM +0200, Tru Huynh wrote:
> I would disable ssh password login completely too.

%packages
@base
lftp
sudo
screen
wget
nfs-utils
epel-release
cloud-init
# disable kdump
-kexec-tools
ntp
nano
acpid
openssh-clients
# firmware--
# ...

%end

%post
# sudoers ** don't forget to have sudo in the package list
echo 'ec2-user ALL = NOPASSWD: ALL' >> /etc/sudoers
# sshd
sed -i -e 's/^#PermitRootLogin yes.*/PermitRootLogin no/g' /etc/ssh/sshd_config
sed -i -e 's/^PasswordAuthentication yes.*/PasswordAuthentication no/g' /etc/ssh/sshd_config
#
# ec2-users configuration
useradd -G wheel ec2-user

# fix network
cat <<ETH0 > /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
TYPE=Ethernet
USERCTL=yes
PEERDNS=yes
IPV6INIT=no
ETH0

/bin/rm -f "/etc/udev/rules.d/*persistent*"

# fix selinux permissions
/sbin/restorecon -rv /home /etc /boot

# turn off fsck *** FIX the device ***
tune2fs -c 0 -i 0 /dev/sda1

# cleanup
# you will get error messages from anaconda trying to chmod the missing files
# if you are reading the console output, these messages are harmless, afaik!
/bin/rm -f \
/tmp/ks* \
/tmp/yum* \
/var/log/anaconda* \
/var/log/dracut.log \
/root/install* \
/root/anaconda* 

%end

-- 
Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B

Attachment: pgphE18dlt0Yt.pgp
Description: PGP signature

_______________________________________________
CentOS-virt mailing list
CentOS-virt@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos-virt

[Index of Archives]     [CentOS Users]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [X.org]     [Xfree86]     [Linux USB]

  Powered by Linux