【引自HelloDog的博客】一、前言
在金融行业中,我所接触的操作系统主要是AIX和SLES(SuSE Linux Enterprise Server),也许大家平时用得更多是CentOS,虽然有部分差异但原理都是相通的,SMIT和YaST也是灰常实用的功能,推荐大家有机会尝试体验 下。因为网上关于SuSE自动化部署的参考文章较少,这套自动化部署方案已经被验证并在生产系统使用了1年半,配置相对成熟和稳定。遵循Don't Repeat Yourself原则,本文主要介绍基于AutoYaST实现半自动化SuSE定制光盘和PXE网络全自动化安装SuSE的实践过程,如需了解更加详细的 参数说明可以参考扩展阅读中的SuSE官网。
AutoYaST是自动化部署SuSE的黄金搭档
二、更新历史
2015年10月20日 - 补充isolinux.cfg完整配置避免歧义
2015年05月28日 - 初稿
阅读原文 - http://wsgzao.github.io/post/autoyast/
扩展阅读:
◆SuSE - https://www.suse.com/zh-cn/
◆AutoYaST - http://doc.opensuse.org/projects/autoyast/
◆Autoinst索引 - http://wsgzao.github.io/index/#Autoinst
三、SuSE自动安装光盘
1.定制版本
SUSE Linux Enterprise Server 11 (x86_64)
VERSION = 11
PATCHLEVEL = 2
下载地址 - https://www.suse.com/zh-cn/download-linux/
2.AutoYast简介
AutoYast是SuSE Linux的自动安装工具。通过AutoYast,在DHCP、TFTP、PXE服务的支持下,通过FTP、NFS等网络安装源可以实现SuSE Linux的完全无人值守自动安装。但是,这种方式必须建立独立的服务器且客户端支持PXE网络启动,在现场没有网络或者系统不支持客户端网卡的场景下不适合,通过AutoYast制作的SuSE Linux一键安装光盘可以满足上述场景。本文主要介绍SuSE Linux Enterprise Server 11(简称SLES11)一键安装光盘的制作, 其他SuSE Linux仅供参考。
3.生成AutoYaST配置文件
AutoYast配置成功后,生成一个名为autoinst.xml的XML配置文件,SuSE Linux通过这个文件控制操作系统的安装。AutoYast生成配置文件有3种方式:
(1)系统安装时自动生成
(2)系统安装后通过运行命令生成
(3)直接编辑生成(偷懒最佳姿势)
系统安装时生成配置文件
按照正常步骤安装SLES11,把必须的软件全部安装。运行到最后一步“安装已完成”,勾选“为AutoYast复制此系统”,系统开始克隆系统生成配置文件,并弹出提示窗口。生成配置文件用时约2分钟左右,生成的配置文件位于/root目录下。
运行命令生成或者修改配置文件
如果在系统安装时没有生成配置文件,可以运行命令生成。在系统中打开终端,以root用户运行命令yast2 autoyast,打开AutoYast配置窗口,选择“工具”->“创建参考配置文件”,弹出“创建参考控制文件”窗口。勾选需要配置的项目,如 软件包选择、语言、分区、键盘布局、防火墙、网络设置等,AutoYast根据选择的项目从系统获取相关配置信息。选择“文件”->“保存”,弹出 “另存为”窗口,输入文件名“autoinst.xml”,选择“保存”,系统提示文件保存到指定目录下。
有时我们需要对模块做些调整,比如磁盘分区、软件包等。以调整磁盘分区为例介绍配置文件的修改。
以root用户运行yast2 autoyast,打开AutoYast窗口,选择“文件”->“打开”,选择autoinst.xml文件,等系统读取配置后,在AutoYast窗口显示配置配件名称,修改后保存即可。
#p#
制作安装光盘
AutoYast配置文件生成后,可以开始制作一键安装光盘了。制作一键安装光盘需要用到SLES11的原安装光盘的数据。
- #首先复制SLES11原安装光盘的数据到指定目录
- mkdir /tmp/sles11
- cp -R /media/S*/* /tmp/sles11
- #复制autoinst.xml
- cp /root/autoinst.xml /tmp/sles11
- #编辑isolinux.cfg文件,找到# install所在位置
- cd boot/x86_64/loader/
- #修改引导菜单
- vi isolinux.cfg
- default harddisk
- # hard disk
- label harddisk
- localboot 0x80
- # install
- label linux
- kernel linux
- append initrd=initrd autoyast=file:///autoinst.xml splash=silent showopts
- # repair
- label repair
- kernel linux
- append initrd=initrd splash=silent repair=1 showopts
- # rescue
- label rescue
- kernel linux
- append initrd=initrd splash=silent rescue=1 showopts
- # mediacheck
- label mediachk
- kernel linux
- append initrd=initrd splash=silent mediacheck=1 showopts
- # bios test
- label firmware
- kernel linux
- append initrd=biostest,initrd splash=silent install=exec:/bin/run_biostest showopts
- # memory test
- label memtest
- kernel memtest
- ui gfxboot bootlogo message
- implicit 1
- prompt 1
- timeout 600
- #运行mkisofs命令生成自动安装光盘
- cd /tmp/sles11
- mkisofs -R -o /tmp/SLES11-SP2-64-AUTO.iso -b boot/x86_64/loader/isolinux.bin -c boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table .
我的配置文件
预设分区
预装软件包
- KDE Desktop Environment
- Oracle Server Base
- C/C++ Compiler and Tools
- nmap
- java-1_6_0
- libstdc++43-devel-32bit
预设语言
- 主要:英语
- 添加:中文
预设用户名/密码
- root/如果你直接复用我的配置文件请私信我获取密码
预设网络配置
- 禁用服务:防火墙,IPv6
autoinst.xml
- <?xml version="1.0"?>
- <!DOCTYPE profile>
- <profile xmlns="http://www.suse.com/1.0/yast2ns" xmlns:config="http://www.suse.com/1.0/configns">
- <bootloader>
- <device_map config:type="list">
- <device_map_entry>
- <firmware>fd0</firmware>
- <linux>/dev/fd0</linux>
- </device_map_entry>
- <device_map_entry>
- <firmware>hd0</firmware>
- <linux>/dev/sda</linux>
- </device_map_entry>
- </device_map>
- <global>
- <activate>true</activate>
- <boot_boot>true</boot_boot>
- <default>SUSE Linux Enterprise Server 11 SP2 - 3.0.13-0.27</default>
- <generic_mbr>true</generic_mbr>
- <gfxmenu>/boot/message</gfxmenu>
- <lines_cache_id>3</lines_cache_id>
- <timeout config:type="integer">8</timeout>
- </global>
- <initrd_modules config:type="list">
- <initrd_module>
- <module>mptspi</module>
- </initrd_module>
- <initrd_module>
- <module>ata_piix</module>
- </initrd_module>
- <initrd_module>
- <module>ata_generic</module>
- </initrd_module>
- </initrd_modules>
- <loader_type>grub</loader_type>
- <sections config:type="list">
- <section>
- <append>resume=/dev/sda1 splash=silent showopts</append>
- <image>/boot/vmlinuz-3.0.13-0.27-default</image>
- <initial>1</initial>
- <initrd>/boot/initrd-3.0.13-0.27-default</initrd>
- <lines_cache_id>0</lines_cache_id>
- <name>SUSE Linux Enterprise Server 11 SP2 - 3.0.13-0.27</name>
- <original_name>linux</original_name>
- <root>/dev/system/root</root>
- <type>image</type>
- <vgamode>0x317</vgamode>
- </section>
- <section>
- <append>showopts ide=nodma apm=off noresume edd=off powersaved=off nohz=off highres=off processor.max_cstate=1 nomodeset x11failsafe</append>
- <image>/boot/vmlinuz-3.0.13-0.27-default</image>
- <initrd>/boot/initrd-3.0.13-0.27-default</initrd>
- <lines_cache_id>1</lines_cache_id>
- <name>Failsafe -- SUSE Linux Enterprise Server 11 SP2 - 3.0.13-0.27</name>
- <original_name>failsafe</original_name>
- <root>/dev/system/root</root>
- <type>image</type>
- <vgamode>0x317</vgamode>
- </section>
- <section>
- <blockoffset>1</blockoffset>
- <chainloader>/dev/fd0</chainloader>
- <lines_cache_id>2</lines_cache_id>
- <name>Floppy</name>
- <noverifyroot>true</noverifyroot>
- <original_name>floppy</original_name>
- <type>other</type>
- </section>
- </sections>
- </bootloader>
- <ca_mgm>
- <CAName>YaST_Default_CA</CAName>
- <ca_commonName>YaST Default CA (site)</ca_commonName>
- <country>CN</country>
- <password>ENTER PASSWORD HERE</password>
- <server_email>postmaster@site</server_email>
- <takeLocalServerName config:type="boolean">true</takeLocalServerName>
- </ca_mgm>
- <deploy_image>
- <image_installation config:type="boolean">false</image_installation>
- </deploy_image>
- <firewall>
- <FW_ALLOW_FW_BROADCAST_DMZ>no</FW_ALLOW_FW_BROADCAST_DMZ>
- <FW_ALLOW_FW_BROADCAST_EXT>no</FW_ALLOW_FW_BROADCAST_EXT>
- <FW_ALLOW_FW_BROADCAST_INT>no</FW_ALLOW_FW_BROADCAST_INT>
- <FW_CONFIGURATIONS_DMZ></FW_CONFIGURATIONS_DMZ>
- <FW_CONFIGURATIONS_EXT></FW_CONFIGURATIONS_EXT>
- <FW_CONFIGURATIONS_INT></FW_CONFIGURATIONS_INT>
- <FW_DEV_DMZ></FW_DEV_DMZ>
- <FW_DEV_EXT>any eth0</FW_DEV_EXT>
- <FW_DEV_INT></FW_DEV_INT>
- <FW_FORWARD_ALWAYS_INOUT_DEV></FW_FORWARD_ALWAYS_INOUT_DEV>
- <FW_FORWARD_MASQ></FW_FORWARD_MASQ>
- <FW_IGNORE_FW_BROADCAST_DMZ>no</FW_IGNORE_FW_BROADCAST_DMZ>
- <FW_IGNORE_FW_BROADCAST_EXT>yes</FW_IGNORE_FW_BROADCAST_EXT>
- <FW_IGNORE_FW_BROADCAST_INT>no</FW_IGNORE_FW_BROADCAST_INT>
- <FW_IPSEC_TRUST>no</FW_IPSEC_TRUST>
- <FW_LOAD_MODULES>nf_conntrack_netbios_ns</FW_LOAD_MODULES>
- <FW_LOG_ACCEPT_ALL>no</FW_LOG_ACCEPT_ALL>
- <FW_LOG_ACCEPT_CRIT>yes</FW_LOG_ACCEPT_CRIT>
- <FW_LOG_DROP_ALL>no</FW_LOG_DROP_ALL>
- <FW_LOG_DROP_CRIT>yes</FW_LOG_DROP_CRIT>
- <FW_MASQUERADE>no</FW_MASQUERADE>
- <FW_PROTECT_FROM_INT>no</FW_PROTECT_FROM_INT>
- <FW_ROUTE>no</FW_ROUTE>
- <FW_SERVICES_ACCEPT_DMZ></FW_SERVICES_ACCEPT_DMZ>
- <FW_SERVICES_ACCEPT_EXT></FW_SERVICES_ACCEPT_EXT>
- <FW_SERVICES_ACCEPT_INT></FW_SERVICES_ACCEPT_INT>
- <FW_SERVICES_ACCEPT_RELATED_DMZ></FW_SERVICES_ACCEPT_RELATED_DMZ>
- <FW_SERVICES_ACCEPT_RELATED_EXT></FW_SERVICES_ACCEPT_RELATED_EXT>
- <FW_SERVICES_ACCEPT_RELATED_INT></FW_SERVICES_ACCEPT_RELATED_INT>
- <FW_SERVICES_DMZ_IP></FW_SERVICES_DMZ_IP>
- <FW_SERVICES_DMZ_RPC></FW_SERVICES_DMZ_RPC>
- <FW_SERVICES_DMZ_TCP></FW_SERVICES_DMZ_TCP>
- <FW_SERVICES_DMZ_UDP></FW_SERVICES_DMZ_UDP>
- <FW_SERVICES_EXT_IP></FW_SERVICES_EXT_IP>
- <FW_SERVICES_EXT_RPC></FW_SERVICES_EXT_RPC>
- <FW_SERVICES_EXT_TCP></FW_SERVICES_EXT_TCP>
- <FW_SERVICES_EXT_UDP></FW_SERVICES_EXT_UDP>
- <FW_SERVICES_INT_IP></FW_SERVICES_INT_IP>
- <FW_SERVICES_INT_RPC></FW_SERVICES_INT_RPC>
- <FW_SERVICES_INT_TCP></FW_SERVICES_INT_TCP>
- <FW_SERVICES_INT_UDP></FW_SERVICES_INT_UDP>
- <enable_firewall config:type="boolean">false</enable_firewall>
- <start_firewall config:type="boolean">false</start_firewall>
- </firewall>
- <general>
- <ask-list config:type="list"/>
- <mode>
- <confirm config:type="boolean">false</confirm>
- </mode>
- <mouse>
- <id>none</id>
- </mouse>
- <proposals config:type="list"/>
- <signature-handling>
- <accept_file_without_checksum config:type="boolean">true</accept_file_without_checksum>
- <accept_non_trusted_gpg_key config:type="boolean">true</accept_non_trusted_gpg_key>
- <accept_unknown_gpg_key config:type="boolean">true</accept_unknown_gpg_key>
- <accept_unsigned_file config:type="boolean">true</accept_unsigned_file>
- <accept_verification_failed config:type="boolean">false</accept_verification_failed>
- <import_gpg_key config:type="boolean">true</import_gpg_key>
- </signature-handling>
- <storage/>
- </general>
- <groups config:type="list">
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>100</gid>
- <group_password>x</group_password>
- <groupname>users</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>19</gid>
- <group_password>x</group_password>
- <groupname>floppy</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>1</gid>
- <group_password>x</group_password>
- <groupname>bin</groupname>
- <userlist>daemon</userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>41</gid>
- <group_password>x</group_password>
- <groupname>xok</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>65533</gid>
- <group_password>x</group_password>
- <groupname>nobody</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>43</gid>
- <group_password>x</group_password>
- <groupname>modem</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>5</gid>
- <group_password>x</group_password>
- <groupname>tty</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>7</gid>
- <group_password>x</group_password>
- <groupname>lp</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>104</gid>
- <group_password>!</group_password>
- <groupname>uuidd</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>51</gid>
- <group_password>!</group_password>
- <groupname>postfix</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>115</gid>
- <group_password>!</group_password>
- <groupname>gdm</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>65534</gid>
- <group_password>x</group_password>
- <groupname>nogroup</groupname>
- <userlist>nobody</userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>107</gid>
- <group_password>!</group_password>
- <groupname>oinstall</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>101</gid>
- <group_password>!</group_password>
- <groupname>messagebus</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>59</gid>
- <group_password>!</group_password>
- <groupname>maildrop</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>33</gid>
- <group_password>x</group_password>
- <groupname>video</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>3</gid>
- <group_password>x</group_password>
- <groupname>sys</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>15</gid>
- <group_password>x</group_password>
- <groupname>shadow</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>20</gid>
- <group_password>x</group_password>
- <groupname>cdrom</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>21</gid>
- <group_password>x</group_password>
- <groupname>console</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>42</gid>
- <group_password>x</group_password>
- <groupname>trusted</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>102</gid>
- <group_password>!</group_password>
- <groupname>haldaemon</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>106</gid>
- <group_password>!</group_password>
- <groupname>puppet</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>16</gid>
- <group_password>x</group_password>
- <groupname>dialout</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>110</gid>
- <group_password>!</group_password>
- <groupname>polkituser</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>10</gid>
- <group_password>x</group_password>
- <groupname>wheel</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>112</gid>
- <group_password>!</group_password>
- <groupname>pulse</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>8</gid>
- <group_password>x</group_password>
- <groupname>www</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>40</gid>
- <group_password>x</group_password>
- <groupname>games</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>6</gid>
- <group_password>x</group_password>
- <groupname>disk</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>17</gid>
- <group_password>x</group_password>
- <groupname>audio</groupname>
- <userlist>pulse</userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>114</gid>
- <group_password>!</group_password>
- <groupname>suse-ncc</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>49</gid>
- <group_password>x</group_password>
- <groupname>ftp</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>103</gid>
- <group_password>!</group_password>
- <groupname>tape</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>25</gid>
- <group_password>!</group_password>
- <groupname>at</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>9</gid>
- <group_password>x</group_password>
- <groupname>kmem</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>32</gid>
- <group_password>x</group_password>
- <groupname>public</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>0</gid>
- <group_password>x</group_password>
- <groupname>root</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>12</gid>
- <group_password>x</group_password>
- <groupname>mail</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>2</gid>
- <group_password>x</group_password>
- <groupname>daemon</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>105</gid>
- <group_password>!</group_password>
- <groupname>sfcb</groupname>
- <userlist>root</userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>111</gid>
- <group_password>!</group_password>
- <groupname>ntp</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>14</gid>
- <group_password>x</group_password>
- <groupname>uucp</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>113</gid>
- <group_password>!</group_password>
- <groupname>pulse-access</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>108</gid>
- <group_password>!</group_password>
- <groupname>dba</groupname>
- <userlist>oracle</userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>71</gid>
- <group_password>!</group_password>
- <groupname>ntadmin</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>62</gid>
- <group_password>x</group_password>
- <groupname>man</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>109</gid>
- <group_password>!</group_password>
- <groupname>mysql</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>22</gid>
- <group_password>x</group_password>
- <groupname>utmp</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>13</gid>
- <group_password>x</group_password>
- <groupname>news</groupname>
- <userlist></userlist>
- </group>
- <group>
- <encrypted config:type="boolean">true</encrypted>
- <gid>65</gid>
- <group_password>!</group_password>
- <groupname>sshd</groupname>
- <userlist></userlist>
- </group>
- </groups>
- <host>
- <hosts config:type="list">
- <hosts_entry>
- <host_address>127.0.0.1</host_address>
- <names config:type="list">
- <name>localhost</name>
- </names>
- </hosts_entry>
- <hosts_entry>
- <host_address>::1</host_address>
- <names config:type="list">
- <name>localhost ipv6-localhost ipv6-loopback</name>
- </names>
- </hosts_entry>
- <hosts_entry>
- <host_address>addr:127.0.0.1</host_address>
- <names config:type="list">
- <name>n n</name>
- </names>
- </hosts_entry>
- <hosts_entry>
- <host_address>fe00::0</host_address>
- <names config:type="list">
- <name>ipv6-localnet</name>
- </names>
- </hosts_entry>
- <hosts_entry>
- <host_address>ff00::0</host_address>
- <names config:type="list">
- <name>ipv6-mcastprefix</name>
- </names>
- </hosts_entry>
- <hosts_entry>
- <host_address>ff02::1</host_address>
- <names config:type="list">
- <name>ipv6-allnodes</name>
- </names>
- </hosts_entry>
- <hosts_entry>
- <host_address>ff02::2</host_address>
- <names config:type="list">
- <name>ipv6-allrouters</name>
- </names>
- </hosts_entry>
- <hosts_entry>
- <host_address>ff02::3</host_address>
- <names config:type="list">
- <name>ipv6-allhosts</name>
- </names>
- </hosts_entry>
- </hosts>
- </host>
- <iscsi-client>
- <version>1.0</version>
- </iscsi-client>
- <kdump>
- <add_crash_kernel config:type="boolean">false</add_crash_kernel>
- <crash_kernel>128M-:64M</crash_kernel>
- <general>
- <KDUMP_CONTINUE_ON_ERROR>false</KDUMP_CONTINUE_ON_ERROR>
- <KDUMP_COPY_KERNEL>yes</KDUMP_COPY_KERNEL>
- <KDUMP_DUMPFORMAT>compressed</KDUMP_DUMPFORMAT>
- <KDUMP_DUMPLEVEL>0</KDUMP_DUMPLEVEL>
- <KDUMP_FREE_DISK_SIZE>64</KDUMP_FREE_DISK_SIZE>
- <KDUMP_IMMEDIATE_REBOOT>yes</KDUMP_IMMEDIATE_REBOOT>
- <KDUMP_KEEP_OLD_DUMPS>5</KDUMP_KEEP_OLD_DUMPS>
- <KDUMP_NETCONFIG>auto</KDUMP_NETCONFIG>
- <KDUMP_SAVEDIR>file:///var/crash</KDUMP_SAVEDIR>
- <KDUMP_VERBOSE>3</KDUMP_VERBOSE>
- </general>
- </kdump>
- <keyboard>
- <keymap>english-us</keymap>
- </keyboard>
- <language>
- <language>en_US</language>
- <languages>zh_CN,en_US</languages>
- </language>
- <ldap>
- <base_config_dn></base_config_dn>
- <bind_dn></bind_dn>
- <create_ldap config:type="boolean">false</create_ldap>
- <file_server config:type="boolean">false</file_server>
- <ldap_domain>dc=example,dc=com</ldap_domain>
- <ldap_server>127.0.0.1</ldap_server>
- <ldap_tls config:type="boolean">true</ldap_tls>
- <ldap_v2 config:type="boolean">false</ldap_v2>
- <login_enabled config:type="boolean">true</login_enabled>
- <member_attribute>member</member_attribute>
- <mkhomedir config:type="boolean">false</mkhomedir>
- <nss_base_group></nss_base_group>
- <nss_base_passwd></nss_base_passwd>
- <nss_base_shadow></nss_base_shadow>
- <pam_password>exop</pam_password>
- <sssd config:type="boolean">false</sssd>
- <start_autofs config:type="boolean">false</start_autofs>
- <start_ldap config:type="boolean">false</start_ldap>
- </ldap>
- <login_settings/>
- <networking>
- <dhcp_options>
- <dhclient_client_id></dhclient_client_id>
- <dhclient_hostname_option>AUTO</dhclient_hostname_option>
- </dhcp_options>
- <dns>
- <dhcp_hostname config:type="boolean">false</dhcp_hostname>
- <resolv_conf_policy>auto</resolv_conf_policy>
- </dns>
- <interfaces config:type="list">
- <interface>
- <bootproto>dhcp</bootproto>
- <device>eth0</device>
- <prefixlen>16</prefixlen>
- <startmode>onboot</startmode>
- <usercontrol>no</usercontrol>
- </interface>
- <interface>
- <bootproto>dhcp</bootproto>
- <device>eth1</device>
- <prefixlen>16</prefixlen>
- <startmode>onboot</startmode>
- <usercontrol>no</usercontrol>
- </interface>
- </interfaces>
- <managed config:type="boolean">false</managed>
- <routing>
- <ip_forward config:type="boolean">false</ip_forward>
- </routing>
- </networking>
- <nis>
- <netconfig_policy>auto</netconfig_policy>
- <nis_broadcast config:type="boolean">false</nis_broadcast>
- <nis_broken_server config:type="boolean">false</nis_broken_server>
- <nis_local_only config:type="boolean">false</nis_local_only>
- <start_autofs config:type="boolean">false</start_autofs>
- <start_nis config:type="boolean">false</start_nis>
- </nis>
- <ntp-client>
- <ntp_policy>auto</ntp_policy>
- <peers config:type="list">
- <peer>
- <address>127.127.1.0</address>
- <comment>################################################################################
- ## /etc/ntp.conf
- ##
- ## Sample NTP configuration file.
- ## See package 'ntp-doc' for documentation, Mini-HOWTO and FAQ.
- ## Copyright (c) 1998 S.u.S.E. GmbH Fuerth, Germany.
- ##
- ## Author: Michael Andres, <ma@suse.de>
- ## Michael Skibbe, <mskibbe@suse.de>
- ##
- ################################################################################
- ##
- ## Radio and modem clocks by convention have addresses in the
- ## form 127.127.t.u, where t is the clock type and u is a unit
- ## number in the range 0-3.
- ##
- ## Most of these clocks require support in the form of a
- ## serial port or special bus peripheral. The particular
- ## device is normally specified by adding a soft link
- ## /dev/device-u to the particular hardware device involved,
- ## where u correspond to the unit number above.
- ##
- ## Generic DCF77 clock on serial port (Conrad DCF77)
- ## Address: 127.127.8.u
- ## Serial Port: /dev/refclock-u
- ##
- ## (create soft link /dev/refclock-0 to the particular ttyS?)
- ##
- # server 127.127.8.0 mode 5 prefer
- ##
- ## Undisciplined Local Clock. This is a fake driver intended for backup
- ## and when no outside source of synchronized time is available.
- ##
- </comment>
- <fudge_comment># local clock (LCL)
- </fudge_comment>
- <fudge_options> stratum 10</fudge_options>
- <type>__clock</type>
- </peer>
- <peer>
- <address>/var/lib/ntp/drift/ntp.drift </address>
- <comment># LCL is unsynchronized
- ##
- ## Add external Servers using
- ## # rcntp addserver <yourserver>
- ##
- ##
- ## Miscellaneous stuff
- ##
- </comment>
- <type>driftfile</type>
- </peer>
- <peer>
- <address>/var/log/ntp </address>
- <comment># path for drift file
- </comment>
- <type>logfile</type>
- </peer>
- <peer>
- <address>/etc/ntp.keys </address>
- <comment># alternate log file
- # logconfig =syncstatus + sysevents
- # logconfig =all
- # statsdir /tmp/ # directory for statistics files
- # filegen peerstats file peerstats type day enable
- # filegen loopstats file loopstats type day enable
- # filegen clockstats file clockstats type day enable
- #
- # Authentication stuff
- #
- </comment>
- <type>keys</type>
- </peer>
- <peer>
- <address>1 </address>
- <comment># path for keys file
- </comment>
- <type>trustedkey</type>
- </peer>
- <peer>
- <address>1 </address>
- <comment># define trusted keys
- </comment>
- <type>requestkey</type>
- </peer>
- </peers>
- <start_at_boot config:type="boolean">false</start_at_boot>
- <start_in_chroot config:type="boolean">true</start_in_chroot>
- </ntp-client>
- <partitioning config:type="list">
- <drive>
- <device>/dev/sda</device>
- <initialize config:type="boolean">true</initialize>
- <partitions config:type="list">
- <partition>
- <create config:type="boolean">true</create>
- <crypt_fs config:type="boolean">false</crypt_fs>
- <filesystem config:type="symbol">swap</filesystem>
- <filesystem_id config:type="integer">130</filesystem_id>
- <format config:type="boolean">true</format>
- <fstopt>defaults</fstopt>
- <loop_fs config:type="boolean">false</loop_fs>
- <mount>swap</mount>
- <mountby config:type="symbol">device</mountby>
- <partition_id config:type="integer">130</partition_id>
- <partition_nr config:type="integer">1</partition_nr>
- <resize config:type="boolean">false</resize>
- <size>32G</size>
- </partition>
- <partition>
- <create config:type="boolean">true</create>
- <crypt_fs config:type="boolean">false</crypt_fs>
- <filesystem config:type="symbol">ext3</filesystem>
- <filesystem_id config:type="integer">131</filesystem_id>
- <format config:type="boolean">true</format>
- <fstopt>acl,user_xattr</fstopt>
- <loop_fs config:type="boolean">false</loop_fs>
- <mount>/boot</mount>
- <mountby config:type="symbol">device</mountby>
- <partition_id config:type="integer">131</partition_id>
- <partition_nr config:type="integer">2</partition_nr>
- <resize config:type="boolean">false</resize>
- <size>120M</size>
- </partition>
- <partition>
- <create config:type="boolean">true</create>
- <crypt_fs config:type="boolean">false</crypt_fs>
- <filesystem config:type="symbol">ext3</filesystem>
- <filesystem_id config:type="integer">142</filesystem_id>
- <format config:type="boolean">false</format>
- <loop_fs config:type="boolean">false</loop_fs>
- <lvm_group>system</lvm_group>
- <mountby config:type="symbol">device</mountby>
- <partition_id config:type="integer">142</partition_id>
- <partition_nr config:type="integer">3</partition_nr>
- <resize config:type="boolean">false</resize>
- <size>max</size>
- </partition>
- </partitions>
- <type config:type="symbol">CT_DISK</type>
- <use>all</use>
- </drive>
- <drive>
- <device>/dev/system</device>
- <initialize config:type="boolean">true</initialize>
- <partitions config:type="list">
- <partition>
- <create config:type="boolean">true</create>
- <crypt_fs config:type="boolean">false</crypt_fs>
- <filesystem config:type="symbol">ext3</filesystem>
- <filesystem_id config:type="integer">131</filesystem_id>
- <format config:type="boolean">true</format>
- <fstopt>acl,user_xattr</fstopt>
- <loop_fs config:type="boolean">false</loop_fs>
- <lv_name>home</lv_name>
- <mount>/home</mount>
- <mountby config:type="symbol">device</mountby>
- <partition_id config:type="integer">131</partition_id>
- <resize config:type="boolean">false</resize>
- <size>15G</size>
- </partition>
- <partition>
- <create config:type="boolean">true</create>
- <crypt_fs config:type="boolean">false</crypt_fs>
- <filesystem config:type="symbol">ext3</filesystem>
- <filesystem_id config:type="integer">131</filesystem_id>
- <format config:type="boolean">true</format>
- <fstopt>acl,user_xattr</fstopt>
- <loop_fs config:type="boolean">false</loop_fs>
- <lv_name>opt</lv_name>
- <mount>/opt</mount>
- <mountby config:type="symbol">device</mountby>
- <partition_id config:type="integer">131</partition_id>
- <resize config:type="boolean">false</resize>
- <size>10G</size>
- </partition>
- <partition>
- <create config:type="boolean">true</create>
- <crypt_fs config:type="boolean">false</crypt_fs>
- <filesystem config:type="symbol">ext3</filesystem>
- <filesystem_id config:type="integer">131</filesystem_id>
- <format config:type="boolean">true</format>
- <fstopt>acl,user_xattr</fstopt>
- <loop_fs config:type="boolean">false</loop_fs>
- <lv_name>root</lv_name>
- <mount>/</mount>
- <mountby config:type="symbol">device</mountby>
- <partition_id config:type="integer">131</partition_id>
- <resize config:type="boolean">false</resize>
- <size>5G</size>
- </partition>
- <partition>
- <create config:type="boolean">true</create>
- <crypt_fs config:type="boolean">false</crypt_fs>
- <filesystem config:type="symbol">ext3</filesystem>
- <filesystem_id config:type="integer">131</filesystem_id>
- <format config:type="boolean">true</format>
- <fstopt>acl,user_xattr</fstopt>
- <loop_fs config:type="boolean">false</loop_fs>
- <lv_name>tmp</lv_name>
- <mount>/tmp</mount>
- <mountby config:type="symbol">device</mountby>
- <partition_id config:type="integer">131</partition_id>
- <resize config:type="boolean">false</resize>
- <size>10G</size>
- </partition>
- <partition>
- <create config:type="boolean">true</create>
- <crypt_fs config:type="boolean">false</crypt_fs>
- <filesystem config:type="symbol">ext3</filesystem>
- <filesystem_id config:type="integer">131</filesystem_id>
- <format config:type="boolean">true</format>
- <fstopt>acl,user_xattr</fstopt>
- <loop_fs config:type="boolean">false</loop_fs>
- <lv_name>usr</lv_name>
- <mount>/usr</mount>
- <mountby config:type="symbol">device</mountby>
- <partition_id config:type="integer">131</partition_id>
- <resize config:type="boolean">false</resize>
- <size>10G</size>
- </partition>
- <partition>
- <create config:type="boolean">true</create>
- <crypt_fs config:type="boolean">false</crypt_fs>
- <filesystem config:type="symbol">ext3</filesystem>
- <filesystem_id config:type="integer">131</filesystem_id>
- <format config:type="boolean">true</format>
- <fstopt>acl,user_xattr</fstopt>
- <loop_fs config:type="boolean">false</loop_fs>
- <lv_name>var</lv_name>
- <mount>/var</mount>
- <mountby config:type="symbol">device</mountby>
- <partition_id config:type="integer">131</partition_id>
- <resize config:type="boolean">false</resize>
- <size>5G</size>
- </partition>
- </partitions>
- <pesize>4M</pesize>
- <type config:type="symbol">CT_LVM</type>
- <use>all</use>
- </drive>
- </partitioning>
- <printer>
- <server_settings>
- <BrowseAllow config:type="list">
- <listentry>all</listentry>
- </BrowseAllow>
- <BrowseOrder config:type="list">
- <listentry>allow,deny</listentry>
- </BrowseOrder>
- <Browsing config:type="list">
- <listentry>On</listentry>
- </Browsing>
- <DefaultAuthType config:type="list">
- <listentry>Basic</listentry>
- </DefaultAuthType>
- <DefaultPolicy config:type="list">
- <listentry>default</listentry>
- </DefaultPolicy>
- <Listen config:type="list">
- <listentry>localhost:631</listentry>
- <listentry>/var/run/cups/cups.sock</listentry>
- </Listen>
- <LogLevel config:type="list">
- <listentry>info</listentry>
- </LogLevel>
- <SystemGroup config:type="list">
- <listentry>sys root</listentry>
- </SystemGroup>
- <sections config:type="list">
- <section>
- <Allow config:type="list">
- <listentry>127.0.0.2</listentry>
- </Allow>
- <Key>Location</Key>
- <Order config:type="list">
- <listentry>allow,deny</listentry>
- </Order>
- <Value>/</Value>
- </section>
- <section>
- <Encryption config:type="list">
- <listentry>Required</listentry>
- </Encryption>
- <Key>Location</Key>
- <Order config:type="list">
- <listentry>allow,deny</listentry>
- </Order>
- <Value>/admin</Value>
- </section>
- <section>
- <AuthType config:type="list">
- <listentry>Default</listentry>
- </AuthType>
- <Key>Location</Key>
- <Order config:type="list">
- <listentry>allow,deny</listentry>
- </Order>
- <Require config:type="list">
- <listentry>user @SYSTEM</listentry>
- </Require>
- <Value>/admin/conf</Value>
- </section>
- <section>
- <Key>Policy</Key>
- <Value>default</Value>
- <sections config:type="list">
- <section>
- <Key>Limit</Key>
- <Order config:type="list">
- <listentry>deny,allow</listentry>
- </Order>
- <Require config:type="list">
- <listentry>user @OWNER @SYSTEM</listentry>
- </Require>
- <Value>Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job</Value>
- </section>
- <section>
- <AuthType config:type="list">
- <listentry>Default</listentry>
- </AuthType>
- <Key>Limit</Key>
- <Order config:type="list">
- <listentry>deny,allow</listentry>
- </Order>
- <Require config:type="list">
- <listentry>user @SYSTEM</listentry>
- </Require>
- <Value>CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default</Value>
- </section>
- <section>
- <AuthType config:type="list">
- <listentry>Default</listentry>
- </AuthType>
- <Key>Limit</Key>
- <Order config:type="list">
- <listentry>deny,allow</listentry>
- </Order>
- <Require config:type="list">
- <listentry>user @SYSTEM</listentry>
- </Require>
- <Value>Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs</Value>
- </section>
- <section>
- <Key>Limit</Key>
- <Order config:type="list">
- <listentry>deny,allow</listentry>
- </Order>
- <Require config:type="list">
- <listentry>user @OWNER @SYSTEM</listentry>
- </Require>
- <Value>Cancel-Job CUPS-Authenticate-Job</Value>
- </section>
- <section>
- <Key>Limit</Key>
- <Order config:type="list">
- <listentry>deny,allow</listentry>
- </Order>
- <Value>All</Value>
- </section>
- </sections>
- </section>
- <section>
- <Key>Policy</Key>
- <Value>easy</Value>
- <sections config:type="list">
- <section>
- <Key>Limit</Key>
- <Order config:type="list">
- <listentry>allow,deny</listentry>
- </Order>
- <Satisfy config:type="list">
- <listentry>any</listentry>
- </Satisfy>
- <Value>All</Value>
- </section>
- </sections>
- </section>
- <section>
- <Key>Policy</Key>
- <Value>paranoid</Value>
- <sections config:type="list">
- <section>
- <Allow config:type="list">
- <listentry>from 127.0.0.0/8</listentry>
- </Allow>
- <Key>Limit</Key>
- <Order config:type="list">
- <listentry>deny,allow</listentry>
- </Order>
- <Require config:type="list">
- <listentry>user @OWNER</listentry>
- </Require>
- <Value>Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job</Value>
- </section>
- <section>
- <Allow config:type="list">
- <listentry>from 127.0.0.0/8</listentry>
- </Allow>
- <AuthType config:type="list">
- <listentry>Default</listentry>
- </AuthType>
- <Key>Limit</Key>
- <Order config:type="list">
- <listentry>deny,allow</listentry>
- </Order>
- <Require config:type="list">
- <listentry>user @SYSTEM</listentry>
- </Require>
- <Value>CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default</Value>
- </section>
- <section>
- <Allow config:type="list">
- <listentry>from 127.0.0.0/8</listentry>
- </Allow>
- <AuthType config:type="list">
- <listentry>Default</listentry>
- </AuthType>
- <Key>Limit</Key>
- <Order config:type="list">
- <listentry>deny,allow</listentry>
- </Order>
- <Require config:type="list">
- <listentry>user @SYSTEM</listentry>
- </Require>
- <Value>Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs</Value>
- </section>
- <section>
- <Allow config:type="list">
- <listentry>from 127.0.0.0/8</listentry>
- </Allow>
- <Key>Limit</Key>
- <Order config:type="list">
- <listentry>deny,allow</listentry>
- </Order>
- <Require config:type="list">
- <listentry>user @OWNER</listentry>
- </Require>
- <Value>Cancel-Job CUPS-Authenticate-Job</Value>
- </section>
- <section>
- <Allow config:type="list">
- <listentry>from 127.0.0.0/8</listentry>
- </Allow>
- <Key>Limit</Key>
- <Order config:type="list">
- <listentry>deny,allow</listentry>
- </Order>
- <Require config:type="list">
- <listentry>user @OWNER @SYSTEM</listentry>
- </Require>
- <Value>All</Value>
- </section>
- </sections>
- </section>
- </sections>
- </server_settings>
- </printer>
- <proxy>
- <enabled config:type="boolean">false</enabled>
- <ftp_proxy></ftp_proxy>
- <http_proxy></http_proxy>
- <https_proxy></https_proxy>
- <no_proxy>localhost, 127.0.0.1</no_proxy>
- <proxy_password></proxy_password>
- <proxy_user></proxy_user>
- </proxy>
- <report>
- <errors>
- <log config:type="boolean">true</log>
- <show config:type="boolean">true</show>
- <timeout config:type="integer">0</timeout>
- </errors>
- <messages>
- <log config:type="boolean">true</log>
- <show config:type="boolean">true</show>
- <timeout config:type="integer">0</timeout>
- </messages>
- <warnings>
- <log config:type="boolean">true</log>
- <show config:type="boolean">true</show>
- <timeout config:type="integer">0</timeout>
- </warnings>
- <yesno_messages>
- <log config:type="boolean">true</log>
- <show config:type="boolean">true</show>
- <timeout config:type="integer">0</timeout>
- </yesno_messages>
- </report>
- <runlevel>
- <default>5</default>
- </runlevel>
- <software>
- <packages config:type="list">
- <package>ConsoleKit-32bit</package>
- <package>Mesa-32bit</package>
- <package>PolicyKit-32bit</package>
- <package>PolicyKit-gnome-libs-32bit</package>
- <package>aspell-32bit</package>
- <package>at-spi-32bit</package>
- <package>audiofile-32bit</package>
- <package>audit-libs-32bit</package>
- <package>bind-libs-32bit</package>
- <package>bison-32bit</package>
- <package>cpufrequtils-32bit</package>
- <package>cracklib-32bit</package>
- <package>cryptconfig-32bit</package>
- <package>cyrus-sasl-32bit</package>
- <package>cyrus-sasl-gssapi-32bit</package>
- <package>cyrus-sasl-plain-32bit</package>
- <package>dbus-1-32bit</package>
- <package>dbus-1-glib-32bit</package>
- <package>device-mapper-32bit</package>
- <package>evolution-data-server-32bit</package>
- <package>fam-32bit</package>
- <package>file-32bit</package>
- <package>flex-32bit</package>
- <package>freeglut-32bit</package>
- <package>freetype-32bit</package>
- <package>fribidi-32bit</package>
- <package>gcc-32bit</package>
- <package>gcc43-32bit</package>
- <package>gconf2-32bit</package>
- <package>gdbm-devel-32bit</package>
- <package>gettext-runtime-32bit</package>
- <package>giflib-32bit</package>
- <package>glibc-devel-32bit</package>
- <package>glibc-locale-32bit</package>
- <package>gnome-keyring-32bit</package>
- <package>gnome-panel-32bit</package>
- <package>gnome-vfs2-32bit</package>
- <package>gpm-32bit</package>
- <package>hal-32bit</package>
- <package>hunspell-32bit</package>
- <package>java-1_6_0-ibm</package>
- <package>java-1_6_0-ibm-fonts</package>
- <package>jpackage-utils</package>
- <package>libFLAC8-32bit</package>
- <package>libHX13-32bit</package>
- <package>libacl-32bit</package>
- <package>libaio-32bit</package>
- <package>libaio-devel-32bit</package>
- <package>libart_lgpl-32bit</package>
- <package>libattr-32bit</package>
- <package>libavahi-client3-32bit</package>
- <package>libavahi-common3-32bit</package>
- <package>libavahi-glib1-32bit</package>
- <package>libblkid1-32bit</package>
- <package>libbonobo-32bit</package>
- <package>libbonoboui-32bit</package>
- <package>libbz2-1-32bit</package>
- <package>libcanberra-gtk-32bit</package>
- <package>libcanberra-gtk0-32bit</package>
- <package>libcanberra0-32bit</package>
- <package>libcap2-32bit</package>
- <package>libcroco-0_6-3-32bit</package>
- <package>libcurl4-32bit</package>
- <package>libdnet1</package>
- <package>libdrm-32bit</package>
- <package>libesd0-32bit</package>
- <package>libfreebl3-32bit</package>
- <package>libgcrypt11-32bit</package>
- <package>libglade2-32bit</package>
- <package>libgnome-32bit</package>
- <package>libgnome-desktop-2-11-32bit</package>
- <package>libgnomecanvas-32bit</package>
- <package>libgnutls26-32bit</package>
- <package>libgomp46-32bit</package>
- <package>libgpg-error0-32bit</package>
- <package>libgsf-1-114-32bit</package>
- <package>libgstreamer-0_10-0-32bit</package>
- <package>libgthread-2_0-0-32bit</package>
- <package>libgweather1-32bit</package>
- <package>libical0-32bit</package>
- <package>libidl-32bit</package>
- <package>libidn-32bit</package>
- <package>liblcms1-32bit</package>
- <package>libldap-2_4-2-32bit</package>
- <package>libltdl7-32bit</package>
- <package>liblua5_1</package>
- <package>liblzma5-32bit</package>
- <package>libmng-32bit</package>
- <package>libncurses6-32bit</package>
- <package>libnetpbm10-32bit</package>
- <package>libnscd-32bit</package>
- <package>libnsssharedhelper0-32bit</package>
- <package>libogg0-32bit</package>
- <package>libopenct1-32bit</package>
- <package>libopensc2-32bit</package>
- <package>libpciaccess0-32bit</package>
- <package>libproxy0-32bit</package>
- <package>libproxy0-config-gnome</package>
- <package>libproxy0-config-kde4</package>
- <package>libpulse0-32bit</package>
- <package>libpython2_6-1_0-32bit</package>
- <package>libqt4-32bit</package>
- <package>libqt4-qt3support-32bit</package>
- <package>libqt4-sql-32bit</package>
- <package>libqt4-x11-32bit</package>
- <package>libreiserfs-32bit</package>
- <package>librsvg-32bit</package>
- <package>libsepol1-32bit</package>
- <package>libsmbclient0-32bit</package>
- <package>libsmbios2-32bit</package>
- <package>libsndfile-32bit</package>
- <package>libsoup-2_4-1-32bit</package>
- <package>libsqlite3-0-32bit</package>
- <package>libstdc++33-32bit</package>
- <package>libstdc++43-devel-32bit</package>
- <package>libtalloc2-32bit</package>
- <package>libtasn1-3-32bit</package>
- <package>libtdb1-32bit</package>
- <package>libtool-32bit</package>
- <package>libudev0-32bit</package>
- <package>libvorbis-32bit</package>
- <package>libwbclient0-32bit</package>
- <package>libwnck-1-22-32bit</package>
- <package>libxcrypt-32bit</package>
- <package>libxml2-32bit</package>
- <package>libxslt-32bit</package>
- <package>mozilla-kde4-integration</package>
- <package>mozilla-nspr-32bit</package>
- <package>mozilla-nss-32bit</package>
- <package>mozilla-xulrunner192-32bit</package>
- <package>nautilus-32bit</package>
- <package>nautilus-cd-burner-32bit</package>
- <package>ncurses-devel-32bit</package>
- <package>nmap</package>
- <package>opensc-32bit</package>
- <package>openslp-32bit</package>
- <package>opie-32bit</package>
- <package>orbit2-32bit</package>
- <package>pam-32bit</package>
- <package>pam-modules-32bit</package>
- <package>pam_mount-32bit</package>
- <package>parted-32bit</package>
- <package>pciutils-32bit</package>
- <package>pcsc-lite-32bit</package>
- <package>popt-32bit</package>
- <package>qt3-32bit</package>
- <package>qtcurve-gtk2-32bit</package>
- <package>rpm-32bit</package>
- <package>samba-32bit</package>
- <package>samba-client-32bit</package>
- <package>startup-notification-32bit</package>
- <package>strace-32bit</package>
- <package>sysfsutils-32bit</package>
- <package>tcl-32bit</package>
- <package>tcpd-32bit</package>
- <package>tk-32bit</package>
- <package>utempter-32bit</package>
- <package>xaw3d-32bit</package>
- <package>xorg-x11-driver-video-radeonhd</package>
- <package>yast2-trans-en_US</package>
- <package>autoyast2-installation</package>
- <package>autoyast2-installation</package>
- </packages>
- <patterns config:type="list">
- <pattern>Basis-Devel</pattern>
- <pattern>Minimal</pattern>
- <pattern>WBEM</pattern>
- <pattern>apparmor</pattern>
- <pattern>base</pattern>
- <pattern>documentation</pattern>
- <pattern>gnome</pattern>
- <pattern>kde</pattern>
- <pattern>oracle_server</pattern>
- <pattern>print_server</pattern>
- <pattern>x11</pattern>
- </patterns>
- <remove-packages config:type="list">
- <package>apache2</package>
- <package>apache2-prefork</package>
- <package>apache2-utils</package>
- <package>apache2-worker</package>
- <package>emacs-nox</package>
- <package>libapr-util1</package>
- <package>libapr1</package>
- <package>libqt4-sql-sqlite</package>
- <package>lprng</package>
- <package>pcmciautils</package>
- <package>portmap</package>
- <package>rsyslog</package>
- <package>sendmail</package>
- <package>susehelp_de</package>
- <package>open-iscsi</package>
- </remove-packages>
- </software>
- <timezone>
- <hwclock>localtime</hwclock>
- <timezone>Asia/Shanghai</timezone>
- </timezone>
- <user_defaults>
- <group>100</group>
- <groups>video,dialout</groups>
- <home>/home</home>
- <inactive>-1</inactive>
- <shell>/bin/bash</shell>
- <skel>/etc/skel</skel>
- <umask>022</umask>
- </user_defaults>
- <users config:type="list">
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>Games account</fullname>
- <gid>100</gid>
- <home>/var/games</home>
- <password_settings>
- <flag></flag>
- <inact>-1</inact>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>12</uid>
- <user_password>*</user_password>
- <username>games</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>bin</fullname>
- <gid>1</gid>
- <home>/bin</home>
- <password_settings>
- <flag></flag>
- <inact>-1</inact>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>1</uid>
- <user_password>*</user_password>
- <username>bin</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>nobody</fullname>
- <gid>65533</gid>
- <home>/var/lib/nobody</home>
- <password_settings>
- <flag></flag>
- <inact>-1</inact>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>65534</uid>
- <user_password>*</user_password>
- <username>nobody</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>Printing daemon</fullname>
- <gid>7</gid>
- <home>/var/spool/lpd</home>
- <password_settings>
- <flag></flag>
- <inact>-1</inact>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>4</uid>
- <user_password>*</user_password>
- <username>lp</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>User for uuidd</fullname>
- <gid>104</gid>
- <home>/var/run/uuidd</home>
- <password_settings>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>102</uid>
- <user_password>*</user_password>
- <username>uuidd</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>Postfix Daemon</fullname>
- <gid>51</gid>
- <home>/var/spool/postfix</home>
- <password_settings>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>51</uid>
- <user_password>*</user_password>
- <username>postfix</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>Novell Customer Center User</fullname>
- <gid>114</gid>
- <home>/var/lib/YaST2/suse-ncc-fakehome</home>
- <password_settings>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>107</uid>
- <user_password>*</user_password>
- <username>suse-ncc</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>FTP account</fullname>
- <gid>49</gid>
- <home>/srv/ftp</home>
- <password_settings>
- <flag></flag>
- <inact>-1</inact>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>40</uid>
- <user_password>*</user_password>
- <username>ftp</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>Gnome Display Manager daemon</fullname>
- <gid>115</gid>
- <home>/var/lib/gdm</home>
- <password_settings>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>108</uid>
- <user_password>*</user_password>
- <username>gdm</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>Batch jobs daemon</fullname>
- <gid>25</gid>
- <home>/var/spool/atjobs</home>
- <password_settings>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>25</uid>
- <user_password>*</user_password>
- <username>at</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>root</fullname>
- <gid>0</gid>
- <home>/root</home>
- <password_settings>
- <flag></flag>
- <inact>-1</inact>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>0</uid>
- <user_password>$2y$05$PgHRKTw9p..KhpR4r3bhF.8yFRP30eBTO6bQSfDspTz8J5/8yw.qW</user_password>
- <username>root</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>Mailer daemon</fullname>
- <gid>12</gid>
- <home>/var/spool/clientmqueue</home>
- <password_settings>
- <flag></flag>
- <inact>-1</inact>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>8</uid>
- <user_password>*</user_password>
- <username>mail</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>Daemon</fullname>
- <gid>2</gid>
- <home>/sbin</home>
- <password_settings>
- <flag></flag>
- <inact>-1</inact>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>2</uid>
- <user_password>*</user_password>
- <username>daemon</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>NTP daemon</fullname>
- <gid>111</gid>
- <home>/var/lib/ntp</home>
- <password_settings>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>74</uid>
- <user_password>*</user_password>
- <username>ntp</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>Unix-to-Unix CoPy system</fullname>
- <gid>14</gid>
- <home>/etc/uucp</home>
- <password_settings>
- <flag></flag>
- <inact>-1</inact>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>10</uid>
- <user_password>*</user_password>
- <username>uucp</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>User for D-Bus</fullname>
- <gid>101</gid>
- <home>/var/run/dbus</home>
- <password_settings>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>100</uid>
- <user_password>*</user_password>
- <username>messagebus</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>User for haldaemon</fullname>
- <gid>102</gid>
- <home>/var/run/hald</home>
- <password_settings>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>101</uid>
- <user_password>*</user_password>
- <username>haldaemon</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>Oracle user</fullname>
- <gid>107</gid>
- <home>/opt/oracle</home>
- <password_settings>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>104</uid>
- <user_password>*</user_password>
- <username>oracle</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>WWW daemon apache</fullname>
- <gid>8</gid>
- <home>/var/lib/wwwrun</home>
- <password_settings>
- <flag></flag>
- <inact>-1</inact>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>30</uid>
- <user_password>*</user_password>
- <username>wwwrun</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>Puppet daemon</fullname>
- <gid>106</gid>
- <home>/var/lib/puppet</home>
- <password_settings>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>103</uid>
- <user_password>*</user_password>
- <username>puppet</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>Manual pages viewer</fullname>
- <gid>62</gid>
- <home>/var/cache/man</home>
- <password_settings>
- <flag></flag>
- <inact>-1</inact>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>13</uid>
- <user_password>*</user_password>
- <username>man</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>MySQL database admin</fullname>
- <gid>109</gid>
- <home>/var/lib/mysql</home>
- <password_settings>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>60</uid>
- <user_password>*</user_password>
- <username>mysql</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>PolicyKit</fullname>
- <gid>110</gid>
- <home>/var/run/PolicyKit</home>
- <password_settings>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>105</uid>
- <user_password>*</user_password>
- <username>polkituser</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>News system</fullname>
- <gid>13</gid>
- <home>/etc/news</home>
- <password_settings>
- <flag></flag>
- <inact>-1</inact>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/bash</shell>
- <uid>9</uid>
- <user_password>*</user_password>
- <username>news</username>
- </user>
- <user>
- <fullname>SSH daemon</fullname>
- <gid>65</gid>
- <home>/var/lib/sshd</home>
- <password_settings>
- <inact>-1</inact>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>71</uid>
- <username>sshd</username>
- </user>
- <user>
- <encrypted config:type="boolean">true</encrypted>
- <fullname>PulseAudio daemon</fullname>
- <gid>112</gid>
- <home>/var/lib/pulseaudio</home>
- <password_settings>
- <max>99999</max>
- <min>0</min>
- <warn>7</warn>
- </password_settings>
- <shell>/bin/false</shell>
- <uid>106</uid>
- <user_password>*</user_password>
- <username>pulse</username>
- </user>
- </users>
- <x11>
- <color_depth config:type="integer">24</color_depth>
- <display_manager>gdm</display_manager>
- <enable_3d config:type="boolean">true</enable_3d>
- <monitor>
- <display>
- <max_hsync config:type="integer">48</max_hsync>
- <max_vsync config:type="integer">60</max_vsync>
- <min_hsync config:type="integer">31</min_hsync>
- <min_vsync config:type="integer">50</min_vsync>
- </display>
- <monitor_device>1024X768@60HZ</monitor_device>
- <monitor_vendor>--> VESA</monitor_vendor>
- </monitor>
- <resolution>1024x768 (XGA)</resolution>
- <window_manager>gnome</window_manager>
- </x11>
- </profile>
#p#
四、SuSE自动化PXE网络安装
PXE基本原理
什么是PXE
PXE(Pre-boot Execution Environment)是由Intel设计的协议,它可以使计算机通过网络启动。协议分为client和server两端,PXE client在网卡的ROM中,当计算机引导时,BIOS把PXE client调入内存执行,并显示出命令菜单,经用户选择后,PXE client将放置在远端的操作系统通过网络下载到本地运行。
PXE协议的成功运行需要解决以下两个问题:
1.既然是通过网络传输,那么计算机在启动时,它的IP地址由谁来配置;
2.通过什么协议下载Linux内核和根文件系统。
对于第一个问题,可以通过DHCP Server解决,由DHCP server来给PXE client分配一个IP地址,DHCP Server是用来给DHCP Client动态分配IP地址的协议,不过由于这里是给PXE Client分配IP地址,所以在配置DHCP Server时,需要增加相应的PXE特有配置。
至于第二个问题,在PXE client所在的ROM中,已经存在了TFTP Client。PXE Client使用TFTP Client,通过TFTP协议到TFTP Server上下载所需的文件。
这样,PXE协议运行的条件就具备了,下面我们就来看看PXE协议的工作过程。
工作过程
在下图中,PXE client是需要安装Linux的计算机,TFTP Server和DHCP Server运行在另外一台Linux Server上。Bootstrap文件、配置文件、Linux内核以及Linux根文件系统都放置在Linux Server上TFTP服务器的根目录下。
PXE client在工作过程中,需要三个二进制文件:bootstrap、Linux 内核和Linux根文件系统。Bootstrap文件是可执行程序,它向用户提供简单的控制界面,并根据用户的选择,下载合适的Linux内核以及Linux根文件系统。
方案介绍
这种方案需要首先设置一个启动服务器和一个安装服务器(可以配置在同一台物理机上),然后通过网络启动存放在启动服务器上的安装程序。安装程序会自动访问存放在安装服务器上的安装配置文件和安装介质来完成安装。
涉及到的技术
该方案主要应用了三种技术:
1.在PC上从网络启动SLES安装程序的PXE协议
2.SLES安装程序提供的网络安装功能(即指通过网络访问安装介质)
3.SLES安装程序提供的无人值守安装功能(SuSE称为AutoYast)
软硬件需求
要按本文介绍的方法完成自动化安装,你需要如下软硬件资源:
◆一台PC机器作为启动和安装服务器(其它架构机器也可以)
◆一台待安装的PC机器,它的网卡必须带有PXE支持
◆一个建好的局域网,上述两台机器已经连接入同一子网
◆待安装的SLES安装介质
配置tftpd
为了简化步骤,我们在XP虚拟机下搭建DHCP和TFTP服务端,用tftpd工具来整合实现PXE网络引导,注意服务端与客户端要在同一局域网内。在Linux下配置服务的原理类似,具体方法可参考互联网。
(1)下载tftpd
(2)启动tftpd32程序,选择【Settings】
(3)按需勾选,这里我们仅选择【TFTP】和【DHCP】
#p#
(4)TFTP设置如下:
Base Directory:对应存放Linux的引导文件
PXE Compatibility:增强对不同型号网卡的网络启动支持
Show Progress bar:在网络引导过程中显示进度
Translate Unix file names:转化Unix文件名
Allow “\” As virtual root:允许虚拟路径
其它高级选项:设置包括兼容性以及一些细节
(5)DHCP配置
重点注意Boot File引导文件的设置和DHCP绑定地址
(6)tftpboot目录结构
- file://D:\tftpboot (2 folders, 3 files, 35.86 MB, 36.46 MB in total.)
- │ INITRD 32.20 MB
- │ LINUX 3.64 MB
- │ pxelinux.0 16.04 KB
- ├─pxelinux.cfg (0 folders, 1 files, 193 bytes, 193 bytes in total.)
- │ default 193 bytes
- └─tftpd32 (0 folders, 4 files, 620.33 KB, 620.33 KB in total.)
- EUPL-EN.pdf 33.51 KB
- tftpd32.chm 346.96 KB
- tftpd32.exe 200.50 KB
- tftpd32.ini 39.36 KB
INITRD和LINUX提取自Linux启动引导镜像
pxelinux.0是pxe启动引导镜像
pxelinux.cfg文件夹下的default文件为启动菜单配置项
编辑tftpboot\pxelinux.cfg,可以自定义autoinst.xml文件的访问方式和路径
- default linux
- # Install Linux
- label linux
- kernel linux
- append initrd=initrd autoyast=ftp://198.15.0.106/suse/autoinst.xml install=ftp://198.15.0.106/suse splash=silent showopts
配置FTP
(1)下载Filezilla Server
(2)设置ftp
允许匿名访问帐户即可,配置好ftp路径
提取SLES镜像内的安装目录至ftp目录下
配置AutoYaST
使用SuSE中的AutoYaST工具生成autoinst.xml,复制到ftp任意目录下,注意文件路径与default配置相吻合
网络启动机器
前面的配置工作完成后,下面我们就在待安装机器上通过网络以无人值守的方式来安装
(1)启动待安装机器,选择从网卡启动。具体方法因BIOS版本不同而异。下图是从VMWare虚拟机上得到的选择网络启动的屏幕截图。
(2)网卡中的PXE代码会联系DHCP服务器来获取IP地址以及启动镜像,然后启动镜像被载入并运行。
(3)开始全自动安装
安装后添加自定义模块
我这里以添加Kernel内核补丁为例
- <scripts>
- <init-scripts config:type="list">
- <script>
- <filename>instkernel.sh</filename>
- <debug config:type="boolean">true</debug>
- <location></location>
- <interpreter>shell</interpreter>
- <source><![CDATA[
- #!/bin/bash
- #
- # After installation, the logfile from this script can be found in
- # /var/adm/autoinstall/logs
- #
- echo "========================================="
- echo "... Starting AutoYAST included script ..."
- echo "========================================="
- rpm -ivh --root=/ ftp://144.131.254.206/update/3.0.74-0.6.8/kernel-default-base-3.0.74-0.6.8.1.x86_64.rpm
- rpm -ivh --root=/ ftp://144.131.254.206/update/3.0.74-0.6.8/kernel-default-3.0.74-0.6.8.1.x86_64.rpm
- rpm -ivh --root=/ ftp://144.131.254.206/update/3.0.74-0.6.8/kernel-source-3.0.74-0.6.8.1.x86_64.rpm
- rpm -ivh --root=/ ftp://144.131.254.206/update/3.0.74-0.6.8/kernel-default-devel-3.0.74-0.6.8.1.x86_64.rpm
- ]]>
- </source>
- </script>
- </init-scripts>
- </scripts>
小结
统一是自动化运维的基础核心,而统一部署又是自动化运维的第一步,其实在研究自动化部署的过程中我们会遇到各种坑,只有踩过的人才能够体会其中的不容易,如果大家在测试和使用SuSE自动化安装时遇到任何问题,欢迎直接在原文下方留言,我们一起学习和成长^_^。
GitHub源码 - https://github.com/wsgzao/autoinstall/
