# cat anaconda-ks.cfg
#version=DEVEL
# System authorization information
auth --enableshadow --passalgo=sha512
repo --name="Server-HighAvailability" --baseurl=file:///run/install/repo/addons/HighAvailability
repo --name="Server-ResilientStorage" --baseurl=file:///run/install/repo/addons/ResilientStorage
# Use CDROM installation media
cdrom
# Use graphical install
graphical
# Run the Setup Agent on first boot
firstboot --enable
ignoredisk --only-use=sda,sdb
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8
# Network information
network --bootproto=static --device=ens192 --gateway=10.50.50.254 --ip=10.50.50.209 --nameserver=10.50.50.203,10.50.50.200 --netmask=255.255.255.0 --ipv6=auto --activate
network --hostname=web-one.example.com
# Root password
rootpw --iscrypted $6$Vdf3Ffefdfdwwtr.kGnfdgthdfgrewcdfju7ytnvdsa345ungfjuijfjN6J7c5Z1kdjg4ahF2SeSybSR.fdgsdgsdfg.
# System services
services --enabled="chronyd"
# System timezone
timezone America/New_York --isUtc
# System bootloader configuration
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
autopart --type=lvm
# Partition clearing information
clearpart --all --initlabel --drives=sda,sdb
%packages
@^minimal
@core
chrony
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
# Begin the install!
# Are we online?
ping -c3 google.com
subscription-manager register --username 'example.com' --password 'sdfgsdfgsdfg' --auto-attach
yum install yum-utils vim
shutdown -r now
fdisk -l
fdisk /dev/sdb
pvcreate /dev/sdb1
pvscan
vgcreate data /dev/sdb1
vgscan
lvcreate --size 100GiB --name web-stuff data
lvscan
mkfs.xfs /dev/data/web-stuff
mkdir -p /content/cms/web-stuff
mount /dev/data/web-stuff /content/cms/web-stuff
echo '/dev/data/web-stuff /content/cms/web-stuff xfs _netdev 0 0' >> /etc/fstab
shutdown -r now
yum install bind-utils
dig -t SRV _ldap._tcp.ad.example.com
dig -t SRV _ldap._tcp.dc._msdcs.ad.example.com
sync ; sync
yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-client samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python -y
realm join --user=sjadmin example.com
realm list
id sjadmin
id sjadmin@example.com
# This gives a long listing that includes a dozen @example.com entries
cp /etc/sssd/sssd.conf /etc/sssd/sssd.conf.$(date +"%Y-%m-%d-%H-%M")
vim /etc/sssd/sssd.conf
diff /etc/sssd/sssd.conf /etc/sssd/sssd.conf.2018-09-25-14-55
# 16,17c16,17
# < use_fully_qualified_names = False
# < fallback_homedir = /home/%u
# ---
# > use_fully_qualified_names = True
# > fallback_homedir = /home/%u@%d
systemctl restart sssd
id sjadmin@example.com
# Now it just shows the username
ls /home/
chcon -Rt samba_share_t /content/cms/web-stuff
smbclient -k //`hostname`/test
kinit steve.jones
ls -al /home/
chcon -Rt samba_share_t /home/steve.jones
yum install ntp
vi /etc/ntp.conf
firewall-cmd --add-service=ntp --permanent
firewall-cmd --reload
systemctl start ntpd
systemctl enable ntpd
ntpq -p |
# cat anaconda-ks.cfg
#version=DEVEL
# System authorization information
auth --enableshadow --passalgo=sha512
repo --name="Server-HighAvailability" --baseurl=file:///run/install/repo/addons/HighAvailability
repo --name="Server-ResilientStorage" --baseurl=file:///run/install/repo/addons/ResilientStorage
# Use CDROM installation media
cdrom
# Use graphical install
graphical
# Run the Setup Agent on first boot
firstboot --enable
ignoredisk --only-use=sda,sdb
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us'
# System language
lang en_US.UTF-8
# Network information
network --bootproto=static --device=ens192 --gateway=10.50.50.254 --ip=10.50.50.209 --nameserver=10.50.50.203,10.50.50.200 --netmask=255.255.255.0 --ipv6=auto --activate
network --hostname=web-one.example.com
# Root password
rootpw --iscrypted $6$Vdf3Ffefdfdwwtr.kGnfdgthdfgrewcdfju7ytnvdsa345ungfjuijfjN6J7c5Z1kdjg4ahF2SeSybSR.fdgsdgsdfg.
# System services
services --enabled="chronyd"
# System timezone
timezone America/New_York --isUtc
# System bootloader configuration
bootloader --append=" crashkernel=auto" --location=mbr --boot-drive=sda
autopart --type=lvm
# Partition clearing information
clearpart --all --initlabel --drives=sda,sdb
%packages
@^minimal
@core
chrony
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
# Begin the install!
# Are we online?
ping -c3 google.com
subscription-manager register --username 'example.com' --password 'sdfgsdfgsdfg' --auto-attach
yum install yum-utils vim
shutdown -r now
fdisk -l
fdisk /dev/sdb
pvcreate /dev/sdb1
pvscan
vgcreate data /dev/sdb1
vgscan
lvcreate --size 100GiB --name web-stuff data
lvscan
mkfs.xfs /dev/data/web-stuff
mkdir -p /content/cms/web-stuff
mount /dev/data/web-stuff /content/cms/web-stuff
echo '/dev/data/web-stuff /content/cms/web-stuff xfs _netdev 0 0' >> /etc/fstab
shutdown -r now
yum install bind-utils
dig -t SRV _ldap._tcp.ad.example.com
dig -t SRV _ldap._tcp.dc._msdcs.ad.example.com
sync ; sync
yum install sssd realmd oddjob oddjob-mkhomedir adcli samba-client samba-common samba-common-tools krb5-workstation openldap-clients policycoreutils-python -y
realm join --user=sjadmin example.com
realm list
id sjadmin
id sjadmin@example.com
# This gives a long listing that includes a dozen @example.com entries
cp /etc/sssd/sssd.conf /etc/sssd/sssd.conf.$(date +"%Y-%m-%d-%H-%M")
vim /etc/sssd/sssd.conf
diff /etc/sssd/sssd.conf /etc/sssd/sssd.conf.2018-09-25-14-55
# 16,17c16,17
# < use_fully_qualified_names = False
# < fallback_homedir = /home/%u
# ---
# > use_fully_qualified_names = True
# > fallback_homedir = /home/%u@%d
systemctl restart sssd
id sjadmin@example.com
# Now it just shows the username
ls /home/
chcon -Rt samba_share_t /content/cms/web-stuff
smbclient -k //`hostname`/test
kinit steve.jones
ls -al /home/
chcon -Rt samba_share_t /home/steve.jones
yum install ntp
vi /etc/ntp.conf
firewall-cmd --add-service=ntp --permanent
firewall-cmd --reload
systemctl start ntpd
systemctl enable ntpd
ntpq -p