Fedora:Установка и настройка



Подготовка

Образ диска можно взять отсюда https://mirror.yandex.ru/fedora/linux/releases/29/Everything/x86_64/iso/

Установка

Установка с помощью сценария kickstart

При загрузке нужно выбрать пункт Install Fedora 29

Нажать клавишу e, найти строку, начинающуюся с linuxefi и ввести в конец строки ks=URL. Где URL - путь к kickstart файлу

Пример anaconda-ks.cfg

#version=DEVEL
ignoredisk --only-use=sda
# Partition clearing information
clearpart --all --initlabel --drives=sda
# Use graphical install
graphical
# Keyboard layouts
keyboard --vckeymap=us --xlayouts='us','ru' --switch='grp:ctrl_shift_toggle'
# System language
lang ru_RU.UTF-8

# Network information
network  --bootproto=dhcp --device=ens18 --ipv6=auto --activate
network  --hostname=localhost.localdomain
# Root password 123
rootpw --iscrypted $6$pMHeGp9Hq6AycxT5$G9ih2IXRle2Nbd5gn1jnVrIxs316qu8ZpPbZcoeJW.D1x.QevUr8Euni1NyyPHsRP1JbLh6elY.sIWqrfF0x51
# Run the Setup Agent on first boot
firstboot --enable
# Do not configure the X Window System
skipx
# System services
services --enabled="chronyd"
# System timezone
timezone Europe/Moscow --isUtc

%include /tmp/part-include

%pre --log=/root/install-pre.log
#!/bin/bash

# Clear drive
/sbin/wipefs --all --force /dev/sda

# GPT
/usr/sbin/parted -s /dev/sda mklabel gpt
/usr/sbin/partprobe /dev/sda

echo "ignoredisk --only-use=sda" > /tmp/part-include
# Partition clearing information
echo "clearpart --all --initlabel --drives=sda" >> /tmp/part-include
# Disk partitioning information
echo "part /boot/efi --fstype=\"efi\" --ondisk=sda --size=200 --fsoptions=\"umask=0077,shortname=winnt\"" >> /tmp/part-include
echo "part /boot --fstype=ext4 --size=1024" >> /tmp/part-include
echo "part swap --fstype="swap" --ondisk=sda --size=8192" >> /tmp/part-include
echo "part / --fstype=\"xfs\" --ondisk=sda --size 1024 --grow" >> /tmp/part-include
# echo "bootloader --location=partition" >> /tmp/part-include

%end

%packages
@^minimal-environment
@standard
mc
iptables
fping
net-snmp
net-snmp-utils
openssh
openssh-server
openssh-clients
geoip
git
mercurial

terminus-fonts
terminus-fonts-console
liberation-fonts
urw-fonts

%end

%addon com_redhat_kdump --disable --reserve-mb='auto'

%end

%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end

Настройка

# Update and utilites
dnf clean all
dnf -y update

/etc/init.d/ntpd stop
ntpdate -d ntp1.vniiftri.ru
chkconfig ntpd on
/etc/init.d/ntpd restart

sed -e "s/\e\[5~/\e\[A/g" /etc/inputrc > /tmp/inputrc
sed -e "s/\e\[6~/\e[B/g" /tmp/inputrc > /etc/inputrc

# SSH
perl -pi -e 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
perl -pi -e 's/UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
perl -pi -e 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config

# Tune sysctl
cat <<EOF >> /etc/sysctl.conf
net.core.somaxconn = 4096
net.ipv4.ip_local_port_range="1024 65000"
EOF

# Limits to opening files
echo "*               soft    nofile          8192" >> /etc/security/limits.conf
echo "*               hard    nofile          8192" >> /etc/security/limits.conf
echo "root            soft    nofile          8192" >> /etc/security/limits.conf
echo "root            hard    nofile          8192" >> /etc/security/limits.conf

cat <<EOF > /etc/vconsole.conf
LOCALE="ru_RU.UTF-8"
KEYMAP="ru"
HARDWARECLOCK="UTC"
TIMEZONE="Europe/Moscow"
FONT="cyr-sun16"
CONSOLEFONT="cyr-sun16"
CONSOLEMAP=""
EOF

cat <<EOF > /etc/locale.conf
LANG=ru_RU.UTF-8
LC_MESSAGES=ru_RU.UTF-8
EOF