前言
在金融行業中我所接觸的操作系統主要是AIX
和SLES(SuSE Linux Enterprise Server)
,也許大家平時用得更多是CentOS
,雖然有部分差異但原理都是相通的,SMIT
和YaST
也是灰常實用的功能,推薦大家有機會嘗試體驗下。因爲網上關於SuSE自動化部署的參考文章較少,這套自動化部署方案已經被驗證並在生產系統使用了1年半,配置相對成熟和穩定。遵循Don't Repeat Yourself
原則,本文主要介紹基於AutoYaST實現半自動化SuSE定製光盤和PXE網絡全自動化安裝SuSE的實踐過程,如需瞭解更加詳細的參數說明可以參考擴展閱讀中的SuSE官網。
AutoYaST是自動化部署SuSE的黃金搭檔
更新歷史
2015年05月28日 - 初稿
閱讀原文 - http://wsgzao.github.io/post/autoyast/
擴展閱讀
- SuSE - https://www.suse.com/zh-cn/
- AutoYaST - http://doc.opensuse.org/projects/autoyast/
SuSE自動安裝光盤
定製版本
SUSE Linux Enterprise Server 11 (x86_64)
VERSION = 11
PATCHLEVEL = 2
下載地址 - https://www.suse.com/zh-cn/download-linux/
AutoYast簡介
AutoYast是SuSE Linux的自動安裝工具。通過AutoYast,在DHCP、TFTP、PXE服務的支持下,通過FTP、NFS等網絡安裝源可以實現SuSE Linux的完全無人值守自動安裝。但是,這種方式必須建立獨立的服務器且客戶端支持PXE網絡啓動,在現場沒有網絡或者系統不支持客戶端網卡的場景下不適合,通過AutoYast製作的SuSE Linux一鍵安裝光盤可以滿足上述場景。本文主要介紹SuSE Linux Enterprise Server 11(簡稱SLES11)一鍵安裝光盤的製作, 其他SuSE Linux僅供參考。
生成AutoYaST配置文件
AutoYast配置成功後,生成一個名爲autoinst.xml的XML配置文件,SuSE Linux通過這個文件控制操作系統的安裝。AutoYast生成配置文件有3種方式:
1. 系統安裝時自動生成
2. 系統安裝後通過運行命令生成
3. 直接編輯生成(偷懶最佳姿勢
)
系統安裝時生成配置文件
按照正常步驟安裝SLES11,把必須的軟件全部安裝。運行到最後一步“安裝已完成”,勾選“爲AutoYast複製此係統”,系統開始克隆系統生成配置文件,並彈出提示窗口。生成配置文件用時約2分鐘左右,生成的配置文件位於/root目錄下。
運行命令生成或者修改配置文件
如果在系統安裝時沒有生成配置文件,可以運行命令生成。在系統中打開終端,以root用戶運行命令yast2 autoyast
,打開AutoYast配置窗口,選擇“工具”->“創建參考配置文件”,彈出“創建參考控制文件”窗口。勾選需要配置的項目,如軟件包選擇、語言、分區、鍵盤佈局、防火牆、網絡設置等,AutoYast根據選擇的項目從系統獲取相關配置信息。選擇“文件”->“保存”,彈出“另存爲”窗口,輸入文件名“autoinst.xml”,選擇“保存”,系統提示文件保存到指定目錄下。
有時我們需要對模塊做些調整,比如磁盤分區、軟件包等。以調整磁盤分區爲例介紹配置文件的修改。
以root用戶運行yast2 autoyast
,打開AutoYast窗口,選擇“文件”->“打開”,選擇autoinst.xml文件,等系統讀取配置後,在AutoYast窗口顯示配置配件名稱,修改後保存即可。
製作安裝光盤
AutoYast配置文件生成後,可以開始製作一鍵安裝光盤了。製作一鍵安裝光盤需要用到SLES11的原安裝光盤的數據。
#首先複製SLES11原安裝光盤的數據到指定目錄
mkdir /tmp/sles11
cp -R /media/S*/* /tmp/sles11
#複製autoinst.xml
cp /root/autoinst.xml /tmp/sles11
#編輯isolinux.cfg文件,找到# install所在位置
cd boot/x86_64/loader/
vi isolinux.cfg
# install
append initrd=initrd autoyast=file:///autoinst.xml splash=silent showopts
:x!
#運行mkisofs命令生成自動安裝光盤
cd /tmp/sles11
mkisofs -R -o /tmp/SLES11-SP2-64-AUTO.iso -b boot/x86_64/loader/isolinux.bin -c boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table .
我的配置文件
預設分區
名稱 | 格式 | 大小 |
---|---|---|
swap | swap | 16G |
boot | ext3 | 120M |
LVM | ||
root | ext3 | 5G |
usr | ext3 | 10G |
var | ext3 | 5G |
opt | ext3 | 10G |
home | ext3 | 15G |
tmp | ext3 | 10G |
總計 | 71G |
預裝軟件包
KDE Desktop Environment
Oracle Server Base
C/C++ Compiler and Tools
nmap
java-1_6_0
libstdc++43-devel-32bit
預設語言
主要:英語
添加:中文
預設用戶名/密碼
root/如果你直接複用我的配置文件請私信我獲取密碼
預設網絡配置
禁用服務:防火牆,IPv6
autoinst.xml
<?xml version="1.0"?>
<!DOCTYPE profile>
<profile xmlns="http://www.suse.com/1.0/yast2ns" xmlns:config="http://www.suse.com/1.0/configns">
<bootloader>
<device_map config:type="list">
<device_map_entry>
<firmware>fd0</firmware>
<linux>/dev/fd0</linux>
</device_map_entry>
<device_map_entry>
<firmware>hd0</firmware>
<linux>/dev/sda</linux>
</device_map_entry>
</device_map>
<global>
<activate>true</activate>
<boot_boot>true</boot_boot>
<default>SUSE Linux Enterprise Server 11 SP2 - 3.0.13-0.27</default>
<generic_mbr>true</generic_mbr>
<gfxmenu>/boot/message</gfxmenu>
<lines_cache_id>3</lines_cache_id>
<timeout config:type="integer">8</timeout>
</global>
<initrd_modules config:type="list">
<initrd_module>
<module>mptspi</module>
</initrd_module>
<initrd_module>
<module>ata_piix</module>
</initrd_module>
<initrd_module>
<module>ata_generic</module>
</initrd_module>
</initrd_modules>
<loader_type>grub</loader_type>
<sections config:type="list">
<section>
<append>resume=/dev/sda1 splash=silent showopts</append>
<image>/boot/vmlinuz-3.0.13-0.27-default</image>
<initial>1</initial>
<initrd>/boot/initrd-3.0.13-0.27-default</initrd>
<lines_cache_id>0</lines_cache_id>
<name>SUSE Linux Enterprise Server 11 SP2 - 3.0.13-0.27</name>
<original_name>linux</original_name>
<root>/dev/system/root</root>
<type>image</type>
<vgamode>0x317</vgamode>
</section>
<section>
<append>showopts ide=nodma apm=off noresume edd=off powersaved=off nohz=off highres=off processor.max_cstate=1 nomodeset x11failsafe</append>
<image>/boot/vmlinuz-3.0.13-0.27-default</image>
<initrd>/boot/initrd-3.0.13-0.27-default</initrd>
<lines_cache_id>1</lines_cache_id>
<name>Failsafe -- SUSE Linux Enterprise Server 11 SP2 - 3.0.13-0.27</name>
<original_name>failsafe</original_name>
<root>/dev/system/root</root>
<type>image</type>
<vgamode>0x317</vgamode>
</section>
<section>
<blockoffset>1</blockoffset>
<chainloader>/dev/fd0</chainloader>
<lines_cache_id>2</lines_cache_id>
<name>Floppy</name>
<noverifyroot>true</noverifyroot>
<original_name>floppy</original_name>
<type>other</type>
</section>
</sections>
</bootloader>
<ca_mgm>
<CAName>YaST_Default_CA</CAName>
<ca_commonName>YaST Default CA (site)</ca_commonName>
<country>CN</country>
<password>ENTER PASSWORD HERE</password>
<server_email>postmaster@site</server_email>
<takeLocalServerName config:type="boolean">true</takeLocalServerName>
</ca_mgm>
<deploy_image>
<image_installation config:type="boolean">false</image_installation>
</deploy_image>
<firewall>
<FW_ALLOW_FW_BROADCAST_DMZ>no</FW_ALLOW_FW_BROADCAST_DMZ>
<FW_ALLOW_FW_BROADCAST_EXT>no</FW_ALLOW_FW_BROADCAST_EXT>
<FW_ALLOW_FW_BROADCAST_INT>no</FW_ALLOW_FW_BROADCAST_INT>
<FW_CONFIGURATIONS_DMZ></FW_CONFIGURATIONS_DMZ>
<FW_CONFIGURATIONS_EXT></FW_CONFIGURATIONS_EXT>
<FW_CONFIGURATIONS_INT></FW_CONFIGURATIONS_INT>
<FW_DEV_DMZ></FW_DEV_DMZ>
<FW_DEV_EXT>any eth0</FW_DEV_EXT>
<FW_DEV_INT></FW_DEV_INT>
<FW_FORWARD_ALWAYS_INOUT_DEV></FW_FORWARD_ALWAYS_INOUT_DEV>
<FW_FORWARD_MASQ></FW_FORWARD_MASQ>
<FW_IGNORE_FW_BROADCAST_DMZ>no</FW_IGNORE_FW_BROADCAST_DMZ>
<FW_IGNORE_FW_BROADCAST_EXT>yes</FW_IGNORE_FW_BROADCAST_EXT>
<FW_IGNORE_FW_BROADCAST_INT>no</FW_IGNORE_FW_BROADCAST_INT>
<FW_IPSEC_TRUST>no</FW_IPSEC_TRUST>
<FW_LOAD_MODULES>nf_conntrack_netbios_ns</FW_LOAD_MODULES>
<FW_LOG_ACCEPT_ALL>no</FW_LOG_ACCEPT_ALL>
<FW_LOG_ACCEPT_CRIT>yes</FW_LOG_ACCEPT_CRIT>
<FW_LOG_DROP_ALL>no</FW_LOG_DROP_ALL>
<FW_LOG_DROP_CRIT>yes</FW_LOG_DROP_CRIT>
<FW_MASQUERADE>no</FW_MASQUERADE>
<FW_PROTECT_FROM_INT>no</FW_PROTECT_FROM_INT>
<FW_ROUTE>no</FW_ROUTE>
<FW_SERVICES_ACCEPT_DMZ></FW_SERVICES_ACCEPT_DMZ>
<FW_SERVICES_ACCEPT_EXT></FW_SERVICES_ACCEPT_EXT>
<FW_SERVICES_ACCEPT_INT></FW_SERVICES_ACCEPT_INT>
<FW_SERVICES_ACCEPT_RELATED_DMZ></FW_SERVICES_ACCEPT_RELATED_DMZ>
<FW_SERVICES_ACCEPT_RELATED_EXT></FW_SERVICES_ACCEPT_RELATED_EXT>
<FW_SERVICES_ACCEPT_RELATED_INT></FW_SERVICES_ACCEPT_RELATED_INT>
<FW_SERVICES_DMZ_IP></FW_SERVICES_DMZ_IP>
<FW_SERVICES_DMZ_RPC></FW_SERVICES_DMZ_RPC>
<FW_SERVICES_DMZ_TCP></FW_SERVICES_DMZ_TCP>
<FW_SERVICES_DMZ_UDP></FW_SERVICES_DMZ_UDP>
<FW_SERVICES_EXT_IP></FW_SERVICES_EXT_IP>
<FW_SERVICES_EXT_RPC></FW_SERVICES_EXT_RPC>
<FW_SERVICES_EXT_TCP></FW_SERVICES_EXT_TCP>
<FW_SERVICES_EXT_UDP></FW_SERVICES_EXT_UDP>
<FW_SERVICES_INT_IP></FW_SERVICES_INT_IP>
<FW_SERVICES_INT_RPC></FW_SERVICES_INT_RPC>
<FW_SERVICES_INT_TCP></FW_SERVICES_INT_TCP>
<FW_SERVICES_INT_UDP></FW_SERVICES_INT_UDP>
<enable_firewall config:type="boolean">false</enable_firewall>
<start_firewall config:type="boolean">false</start_firewall>
</firewall>
<general>
<ask-list config:type="list"/>
<mode>
<confirm config:type="boolean">false</confirm>
</mode>
<mouse>
<id>none</id>
</mouse>
<proposals config:type="list"/>
<signature-handling>
<accept_file_without_checksum config:type="boolean">true</accept_file_without_checksum>
<accept_non_trusted_gpg_key config:type="boolean">true</accept_non_trusted_gpg_key>
<accept_unknown_gpg_key config:type="boolean">true</accept_unknown_gpg_key>
<accept_unsigned_file config:type="boolean">true</accept_unsigned_file>
<accept_verification_failed config:type="boolean">false</accept_verification_failed>
<import_gpg_key config:type="boolean">true</import_gpg_key>
</signature-handling>
<storage/>
</general>
<groups config:type="list">
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>100</gid>
<group_password>x</group_password>
<groupname>users</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>19</gid>
<group_password>x</group_password>
<groupname>floppy</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>1</gid>
<group_password>x</group_password>
<groupname>bin</groupname>
<userlist>daemon</userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>41</gid>
<group_password>x</group_password>
<groupname>xok</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>65533</gid>
<group_password>x</group_password>
<groupname>nobody</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>43</gid>
<group_password>x</group_password>
<groupname>modem</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>5</gid>
<group_password>x</group_password>
<groupname>tty</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>7</gid>
<group_password>x</group_password>
<groupname>lp</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>104</gid>
<group_password>!</group_password>
<groupname>uuidd</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>51</gid>
<group_password>!</group_password>
<groupname>postfix</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>115</gid>
<group_password>!</group_password>
<groupname>gdm</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>65534</gid>
<group_password>x</group_password>
<groupname>nogroup</groupname>
<userlist>nobody</userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>107</gid>
<group_password>!</group_password>
<groupname>oinstall</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>101</gid>
<group_password>!</group_password>
<groupname>messagebus</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>59</gid>
<group_password>!</group_password>
<groupname>maildrop</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>33</gid>
<group_password>x</group_password>
<groupname>video</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>3</gid>
<group_password>x</group_password>
<groupname>sys</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>15</gid>
<group_password>x</group_password>
<groupname>shadow</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>20</gid>
<group_password>x</group_password>
<groupname>cdrom</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>21</gid>
<group_password>x</group_password>
<groupname>console</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>42</gid>
<group_password>x</group_password>
<groupname>trusted</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>102</gid>
<group_password>!</group_password>
<groupname>haldaemon</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>106</gid>
<group_password>!</group_password>
<groupname>puppet</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>16</gid>
<group_password>x</group_password>
<groupname>dialout</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>110</gid>
<group_password>!</group_password>
<groupname>polkituser</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>10</gid>
<group_password>x</group_password>
<groupname>wheel</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>112</gid>
<group_password>!</group_password>
<groupname>pulse</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>8</gid>
<group_password>x</group_password>
<groupname>www</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>40</gid>
<group_password>x</group_password>
<groupname>games</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>6</gid>
<group_password>x</group_password>
<groupname>disk</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>17</gid>
<group_password>x</group_password>
<groupname>audio</groupname>
<userlist>pulse</userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>114</gid>
<group_password>!</group_password>
<groupname>suse-ncc</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>49</gid>
<group_password>x</group_password>
<groupname>ftp</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>103</gid>
<group_password>!</group_password>
<groupname>tape</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>25</gid>
<group_password>!</group_password>
<groupname>at</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>9</gid>
<group_password>x</group_password>
<groupname>kmem</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>32</gid>
<group_password>x</group_password>
<groupname>public</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>0</gid>
<group_password>x</group_password>
<groupname>root</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>12</gid>
<group_password>x</group_password>
<groupname>mail</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>2</gid>
<group_password>x</group_password>
<groupname>daemon</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>105</gid>
<group_password>!</group_password>
<groupname>sfcb</groupname>
<userlist>root</userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>111</gid>
<group_password>!</group_password>
<groupname>ntp</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>14</gid>
<group_password>x</group_password>
<groupname>uucp</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>113</gid>
<group_password>!</group_password>
<groupname>pulse-access</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>108</gid>
<group_password>!</group_password>
<groupname>dba</groupname>
<userlist>oracle</userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>71</gid>
<group_password>!</group_password>
<groupname>ntadmin</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>62</gid>
<group_password>x</group_password>
<groupname>man</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>109</gid>
<group_password>!</group_password>
<groupname>mysql</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>22</gid>
<group_password>x</group_password>
<groupname>utmp</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>13</gid>
<group_password>x</group_password>
<groupname>news</groupname>
<userlist></userlist>
</group>
<group>
<encrypted config:type="boolean">true</encrypted>
<gid>65</gid>
<group_password>!</group_password>
<groupname>sshd</groupname>
<userlist></userlist>
</group>
</groups>
<host>
<hosts config:type="list">
<hosts_entry>
<host_address>127.0.0.1</host_address>
<names config:type="list">
<name>localhost</name>
</names>
</hosts_entry>
<hosts_entry>
<host_address>::1</host_address>
<names config:type="list">
<name>localhost ipv6-localhost ipv6-loopback</name>
</names>
</hosts_entry>
<hosts_entry>
<host_address>addr:127.0.0.1</host_address>
<names config:type="list">
<name>n n</name>
</names>
</hosts_entry>
<hosts_entry>
<host_address>fe00::0</host_address>
<names config:type="list">
<name>ipv6-localnet</name>
</names>
</hosts_entry>
<hosts_entry>
<host_address>ff00::0</host_address>
<names config:type="list">
<name>ipv6-mcastprefix</name>
</names>
</hosts_entry>
<hosts_entry>
<host_address>ff02::1</host_address>
<names config:type="list">
<name>ipv6-allnodes</name>
</names>
</hosts_entry>
<hosts_entry>
<host_address>ff02::2</host_address>
<names config:type="list">
<name>ipv6-allrouters</name>
</names>
</hosts_entry>
<hosts_entry>
<host_address>ff02::3</host_address>
<names config:type="list">
<name>ipv6-allhosts</name>
</names>
</hosts_entry>
</hosts>
</host>
<iscsi-client>
<version>1.0</version>
</iscsi-client>
<kdump>
<add_crash_kernel config:type="boolean">false</add_crash_kernel>
<crash_kernel>128M-:64M</crash_kernel>
<general>
<KDUMP_CONTINUE_ON_ERROR>false</KDUMP_CONTINUE_ON_ERROR>
<KDUMP_COPY_KERNEL>yes</KDUMP_COPY_KERNEL>
<KDUMP_DUMPFORMAT>compressed</KDUMP_DUMPFORMAT>
<KDUMP_DUMPLEVEL>0</KDUMP_DUMPLEVEL>
<KDUMP_FREE_DISK_SIZE>64</KDUMP_FREE_DISK_SIZE>
<KDUMP_IMMEDIATE_REBOOT>yes</KDUMP_IMMEDIATE_REBOOT>
<KDUMP_KEEP_OLD_DUMPS>5</KDUMP_KEEP_OLD_DUMPS>
<KDUMP_NETCONFIG>auto</KDUMP_NETCONFIG>
<KDUMP_SAVEDIR>file:///var/crash</KDUMP_SAVEDIR>
<KDUMP_VERBOSE>3</KDUMP_VERBOSE>
</general>
</kdump>
<keyboard>
<keymap>english-us</keymap>
</keyboard>
<language>
<language>en_US</language>
<languages>zh_CN,en_US</languages>
</language>
<ldap>
<base_config_dn></base_config_dn>
<bind_dn></bind_dn>
<create_ldap config:type="boolean">false</create_ldap>
<file_server config:type="boolean">false</file_server>
<ldap_domain>dc=example,dc=com</ldap_domain>
<ldap_server>127.0.0.1</ldap_server>
<ldap_tls config:type="boolean">true</ldap_tls>
<ldap_v2 config:type="boolean">false</ldap_v2>
<login_enabled config:type="boolean">true</login_enabled>
<member_attribute>member</member_attribute>
<mkhomedir config:type="boolean">false</mkhomedir>
<nss_base_group></nss_base_group>
<nss_base_passwd></nss_base_passwd>
<nss_base_shadow></nss_base_shadow>
<pam_password>exop</pam_password>
<sssd config:type="boolean">false</sssd>
<start_autofs config:type="boolean">false</start_autofs>
<start_ldap config:type="boolean">false</start_ldap>
</ldap>
<login_settings/>
<networking>
<dhcp_options>
<dhclient_client_id></dhclient_client_id>
<dhclient_hostname_option>AUTO</dhclient_hostname_option>
</dhcp_options>
<dns>
<dhcp_hostname config:type="boolean">false</dhcp_hostname>
<resolv_conf_policy>auto</resolv_conf_policy>
</dns>
<interfaces config:type="list">
<interface>
<bootproto>dhcp</bootproto>
<device>eth0</device>
<prefixlen>16</prefixlen>
<startmode>onboot</startmode>
<usercontrol>no</usercontrol>
</interface>
<interface>
<bootproto>dhcp</bootproto>
<device>eth1</device>
<prefixlen>16</prefixlen>
<startmode>onboot</startmode>
<usercontrol>no</usercontrol>
</interface>
</interfaces>
<managed config:type="boolean">false</managed>
<routing>
<ip_forward config:type="boolean">false</ip_forward>
</routing>
</networking>
<nis>
<netconfig_policy>auto</netconfig_policy>
<nis_broadcast config:type="boolean">false</nis_broadcast>
<nis_broken_server config:type="boolean">false</nis_broken_server>
<nis_local_only config:type="boolean">false</nis_local_only>
<start_autofs config:type="boolean">false</start_autofs>
<start_nis config:type="boolean">false</start_nis>
</nis>
<ntp-client>
<ntp_policy>auto</ntp_policy>
<peers config:type="list">
<peer>
<address>127.127.1.0</address>
<comment>################################################################################
## /etc/ntp.conf
##
## Sample NTP configuration file.
## See package 'ntp-doc' for documentation, Mini-HOWTO and FAQ.
## Copyright (c) 1998 S.u.S.E. GmbH Fuerth, Germany.
##
## Author: Michael Andres, <[email protected]>
## Michael Skibbe, <[email protected]>
##
################################################################################
##
## Radio and modem clocks by convention have addresses in the
## form 127.127.t.u, where t is the clock type and u is a unit
## number in the range 0-3.
##
## Most of these clocks require support in the form of a
## serial port or special bus peripheral. The particular
## device is normally specified by adding a soft link
## /dev/device-u to the particular hardware device involved,
## where u correspond to the unit number above.
##
## Generic DCF77 clock on serial port (Conrad DCF77)
## Address: 127.127.8.u
## Serial Port: /dev/refclock-u
##
## (create soft link /dev/refclock-0 to the particular ttyS?)
##
# server 127.127.8.0 mode 5 prefer
##
## Undisciplined Local Clock. This is a fake driver intended for backup
## and when no outside source of synchronized time is available.
##
</comment>
<fudge_comment># local clock (LCL)
</fudge_comment>
<fudge_options> stratum 10</fudge_options>
<type>__clock</type>
</peer>
<peer>
<address>/var/lib/ntp/drift/ntp.drift </address>
<comment># LCL is unsynchronized
##
## Add external Servers using
## # rcntp addserver <yourserver>
##
##
## Miscellaneous stuff
##
</comment>
<type>driftfile</type>
</peer>
<peer>
<address>/var/log/ntp </address>
<comment># path for drift file
</comment>
<type>logfile</type>
</peer>
<peer>
<address>/etc/ntp.keys </address>
<comment># alternate log file
# logconfig =syncstatus + sysevents
# logconfig =all
# statsdir /tmp/ # directory for statistics files
# filegen peerstats file peerstats type day enable
# filegen loopstats file loopstats type day enable
# filegen clockstats file clockstats type day enable
#
# Authentication stuff
#
</comment>
<type>keys</type>
</peer>
<peer>
<address>1 </address>
<comment># path for keys file
</comment>
<type>trustedkey</type>
</peer>
<peer>
<address>1 </address>
<comment># define trusted keys
</comment>
<type>requestkey</type>
</peer>
</peers>
<start_at_boot config:type="boolean">false</start_at_boot>
<start_in_chroot config:type="boolean">true</start_in_chroot>
</ntp-client>
<partitioning config:type="list">
<drive>
<device>/dev/sda</device>
<initialize config:type="boolean">true</initialize>
<partitions config:type="list">
<partition>
<create config:type="boolean">true</create>
<crypt_fs config:type="boolean">false</crypt_fs>
<filesystem config:type="symbol">swap</filesystem>
<filesystem_id config:type="integer">130</filesystem_id>
<format config:type="boolean">true</format>
<fstopt>defaults</fstopt>
<loop_fs config:type="boolean">false</loop_fs>
<mount>swap</mount>
<mountby config:type="symbol">device</mountby>
<partition_id config:type="integer">130</partition_id>
<partition_nr config:type="integer">1</partition_nr>
<resize config:type="boolean">false</resize>
<size>32G</size>
</partition>
<partition>
<create config:type="boolean">true</create>
<crypt_fs config:type="boolean">false</crypt_fs>
<filesystem config:type="symbol">ext3</filesystem>
<filesystem_id config:type="integer">131</filesystem_id>
<format config:type="boolean">true</format>
<fstopt>acl,user_xattr</fstopt>
<loop_fs config:type="boolean">false</loop_fs>
<mount>/boot</mount>
<mountby config:type="symbol">device</mountby>
<partition_id config:type="integer">131</partition_id>
<partition_nr config:type="integer">2</partition_nr>
<resize config:type="boolean">false</resize>
<size>120M</size>
</partition>
<partition>
<create config:type="boolean">true</create>
<crypt_fs config:type="boolean">false</crypt_fs>
<filesystem config:type="symbol">ext3</filesystem>
<filesystem_id config:type="integer">142</filesystem_id>
<format config:type="boolean">false</format>
<loop_fs config:type="boolean">false</loop_fs>
<lvm_group>system</lvm_group>
<mountby config:type="symbol">device</mountby>
<partition_id config:type="integer">142</partition_id>
<partition_nr config:type="integer">3</partition_nr>
<resize config:type="boolean">false</resize>
<size>max</size>
</partition>
</partitions>
<type config:type="symbol">CT_DISK</type>
<use>all</use>
</drive>
<drive>
<device>/dev/system</device>
<initialize config:type="boolean">true</initialize>
<partitions config:type="list">
<partition>
<create config:type="boolean">true</create>
<crypt_fs config:type="boolean">false</crypt_fs>
<filesystem config:type="symbol">ext3</filesystem>
<filesystem_id config:type="integer">131</filesystem_id>
<format config:type="boolean">true</format>
<fstopt>acl,user_xattr</fstopt>
<loop_fs config:type="boolean">false</loop_fs>
<lv_name>home</lv_name>
<mount>/home</mount>
<mountby config:type="symbol">device</mountby>
<partition_id config:type="integer">131</partition_id>
<resize config:type="boolean">false</resize>
<size>15G</size>
</partition>
<partition>
<create config:type="boolean">true</create>
<crypt_fs config:type="boolean">false</crypt_fs>
<filesystem config:type="symbol">ext3</filesystem>
<filesystem_id config:type="integer">131</filesystem_id>
<format config:type="boolean">true</format>
<fstopt>acl,user_xattr</fstopt>
<loop_fs config:type="boolean">false</loop_fs>
<lv_name>opt</lv_name>
<mount>/opt</mount>
<mountby config:type="symbol">device</mountby>
<partition_id config:type="integer">131</partition_id>
<resize config:type="boolean">false</resize>
<size>10G</size>
</partition>
<partition>
<create config:type="boolean">true</create>
<crypt_fs config:type="boolean">false</crypt_fs>
<filesystem config:type="symbol">ext3</filesystem>
<filesystem_id config:type="integer">131</filesystem_id>
<format config:type="boolean">true</format>
<fstopt>acl,user_xattr</fstopt>
<loop_fs config:type="boolean">false</loop_fs>
<lv_name>root</lv_name>
<mount>/</mount>
<mountby config:type="symbol">device</mountby>
<partition_id config:type="integer">131</partition_id>
<resize config:type="boolean">false</resize>
<size>5G</size>
</partition>
<partition>
<create config:type="boolean">true</create>
<crypt_fs config:type="boolean">false</crypt_fs>
<filesystem config:type="symbol">ext3</filesystem>
<filesystem_id config:type="integer">131</filesystem_id>
<format config:type="boolean">true</format>
<fstopt>acl,user_xattr</fstopt>
<loop_fs config:type="boolean">false</loop_fs>
<lv_name>tmp</lv_name>
<mount>/tmp</mount>
<mountby config:type="symbol">device</mountby>
<partition_id config:type="integer">131</partition_id>
<resize config:type="boolean">false</resize>
<size>10G</size>
</partition>
<partition>
<create config:type="boolean">true</create>
<crypt_fs config:type="boolean">false</crypt_fs>
<filesystem config:type="symbol">ext3</filesystem>
<filesystem_id config:type="integer">131</filesystem_id>
<format config:type="boolean">true</format>
<fstopt>acl,user_xattr</fstopt>
<loop_fs config:type="boolean">false</loop_fs>
<lv_name>usr</lv_name>
<mount>/usr</mount>
<mountby config:type="symbol">device</mountby>
<partition_id config:type="integer">131</partition_id>
<resize config:type="boolean">false</resize>
<size>10G</size>
</partition>
<partition>
<create config:type="boolean">true</create>
<crypt_fs config:type="boolean">false</crypt_fs>
<filesystem config:type="symbol">ext3</filesystem>
<filesystem_id config:type="integer">131</filesystem_id>
<format config:type="boolean">true</format>
<fstopt>acl,user_xattr</fstopt>
<loop_fs config:type="boolean">false</loop_fs>
<lv_name>var</lv_name>
<mount>/var</mount>
<mountby config:type="symbol">device</mountby>
<partition_id config:type="integer">131</partition_id>
<resize config:type="boolean">false</resize>
<size>5G</size>
</partition>
</partitions>
<pesize>4M</pesize>
<type config:type="symbol">CT_LVM</type>
<use>all</use>
</drive>
</partitioning>
<printer>
<server_settings>
<BrowseAllow config:type="list">
<listentry>all</listentry>
</BrowseAllow>
<BrowseOrder config:type="list">
<listentry>allow,deny</listentry>
</BrowseOrder>
<Browsing config:type="list">
<listentry>On</listentry>
</Browsing>
<DefaultAuthType config:type="list">
<listentry>Basic</listentry>
</DefaultAuthType>
<DefaultPolicy config:type="list">
<listentry>default</listentry>
</DefaultPolicy>
<Listen config:type="list">
<listentry>localhost:631</listentry>
<listentry>/var/run/cups/cups.sock</listentry>
</Listen>
<LogLevel config:type="list">
<listentry>info</listentry>
</LogLevel>
<SystemGroup config:type="list">
<listentry>sys root</listentry>
</SystemGroup>
<sections config:type="list">
<section>
<Allow config:type="list">
<listentry>127.0.0.2</listentry>
</Allow>
<Key>Location</Key>
<Order config:type="list">
<listentry>allow,deny</listentry>
</Order>
<Value>/</Value>
</section>
<section>
<Encryption config:type="list">
<listentry>Required</listentry>
</Encryption>
<Key>Location</Key>
<Order config:type="list">
<listentry>allow,deny</listentry>
</Order>
<Value>/admin</Value>
</section>
<section>
<AuthType config:type="list">
<listentry>Default</listentry>
</AuthType>
<Key>Location</Key>
<Order config:type="list">
<listentry>allow,deny</listentry>
</Order>
<Require config:type="list">
<listentry>user @SYSTEM</listentry>
</Require>
<Value>/admin/conf</Value>
</section>
<section>
<Key>Policy</Key>
<Value>default</Value>
<sections config:type="list">
<section>
<Key>Limit</Key>
<Order config:type="list">
<listentry>deny,allow</listentry>
</Order>
<Require config:type="list">
<listentry>user @OWNER @SYSTEM</listentry>
</Require>
<Value>Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job</Value>
</section>
<section>
<AuthType config:type="list">
<listentry>Default</listentry>
</AuthType>
<Key>Limit</Key>
<Order config:type="list">
<listentry>deny,allow</listentry>
</Order>
<Require config:type="list">
<listentry>user @SYSTEM</listentry>
</Require>
<Value>CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default</Value>
</section>
<section>
<AuthType config:type="list">
<listentry>Default</listentry>
</AuthType>
<Key>Limit</Key>
<Order config:type="list">
<listentry>deny,allow</listentry>
</Order>
<Require config:type="list">
<listentry>user @SYSTEM</listentry>
</Require>
<Value>Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs</Value>
</section>
<section>
<Key>Limit</Key>
<Order config:type="list">
<listentry>deny,allow</listentry>
</Order>
<Require config:type="list">
<listentry>user @OWNER @SYSTEM</listentry>
</Require>
<Value>Cancel-Job CUPS-Authenticate-Job</Value>
</section>
<section>
<Key>Limit</Key>
<Order config:type="list">
<listentry>deny,allow</listentry>
</Order>
<Value>All</Value>
</section>
</sections>
</section>
<section>
<Key>Policy</Key>
<Value>easy</Value>
<sections config:type="list">
<section>
<Key>Limit</Key>
<Order config:type="list">
<listentry>allow,deny</listentry>
</Order>
<Satisfy config:type="list">
<listentry>any</listentry>
</Satisfy>
<Value>All</Value>
</section>
</sections>
</section>
<section>
<Key>Policy</Key>
<Value>paranoid</Value>
<sections config:type="list">
<section>
<Allow config:type="list">
<listentry>from 127.0.0.0/8</listentry>
</Allow>
<Key>Limit</Key>
<Order config:type="list">
<listentry>deny,allow</listentry>
</Order>
<Require config:type="list">
<listentry>user @OWNER</listentry>
</Require>
<Value>Send-Document Send-URI Hold-Job Release-Job Restart-Job Purge-Jobs Set-Job-Attributes Create-Job-Subscription Renew-Subscription Cancel-Subscription Get-Notifications Reprocess-Job Cancel-Current-Job Suspend-Current-Job Resume-Job CUPS-Move-Job</Value>
</section>
<section>
<Allow config:type="list">
<listentry>from 127.0.0.0/8</listentry>
</Allow>
<AuthType config:type="list">
<listentry>Default</listentry>
</AuthType>
<Key>Limit</Key>
<Order config:type="list">
<listentry>deny,allow</listentry>
</Order>
<Require config:type="list">
<listentry>user @SYSTEM</listentry>
</Require>
<Value>CUPS-Add-Modify-Printer CUPS-Delete-Printer CUPS-Add-Modify-Class CUPS-Delete-Class CUPS-Set-Default</Value>
</section>
<section>
<Allow config:type="list">
<listentry>from 127.0.0.0/8</listentry>
</Allow>
<AuthType config:type="list">
<listentry>Default</listentry>
</AuthType>
<Key>Limit</Key>
<Order config:type="list">
<listentry>deny,allow</listentry>
</Order>
<Require config:type="list">
<listentry>user @SYSTEM</listentry>
</Require>
<Value>Pause-Printer Resume-Printer Enable-Printer Disable-Printer Pause-Printer-After-Current-Job Hold-New-Jobs Release-Held-New-Jobs Deactivate-Printer Activate-Printer Restart-Printer Shutdown-Printer Startup-Printer Promote-Job Schedule-Job-After CUPS-Accept-Jobs CUPS-Reject-Jobs</Value>
</section>
<section>
<Allow config:type="list">
<listentry>from 127.0.0.0/8</listentry>
</Allow>
<Key>Limit</Key>
<Order config:type="list">
<listentry>deny,allow</listentry>
</Order>
<Require config:type="list">
<listentry>user @OWNER</listentry>
</Require>
<Value>Cancel-Job CUPS-Authenticate-Job</Value>
</section>
<section>
<Allow config:type="list">
<listentry>from 127.0.0.0/8</listentry>
</Allow>
<Key>Limit</Key>
<Order config:type="list">
<listentry>deny,allow</listentry>
</Order>
<Require config:type="list">
<listentry>user @OWNER @SYSTEM</listentry>
</Require>
<Value>All</Value>
</section>
</sections>
</section>
</sections>
</server_settings>
</printer>
<proxy>
<enabled config:type="boolean">false</enabled>
<ftp_proxy></ftp_proxy>
<http_proxy></http_proxy>
<https_proxy></https_proxy>
<no_proxy>localhost, 127.0.0.1</no_proxy>
<proxy_password></proxy_password>
<proxy_user></proxy_user>
</proxy>
<report>
<errors>
<log config:type="boolean">true</log>
<show config:type="boolean">true</show>
<timeout config:type="integer">0</timeout>
</errors>
<messages>
<log config:type="boolean">true</log>
<show config:type="boolean">true</show>
<timeout config:type="integer">0</timeout>
</messages>
<warnings>
<log config:type="boolean">true</log>
<show config:type="boolean">true</show>
<timeout config:type="integer">0</timeout>
</warnings>
<yesno_messages>
<log config:type="boolean">true</log>
<show config:type="boolean">true</show>
<timeout config:type="integer">0</timeout>
</yesno_messages>
</report>
<runlevel>
<default>5</default>
</runlevel>
<software>
<packages config:type="list">
<package>ConsoleKit-32bit</package>
<package>Mesa-32bit</package>
<package>PolicyKit-32bit</package>
<package>PolicyKit-gnome-libs-32bit</package>
<package>aspell-32bit</package>
<package>at-spi-32bit</package>
<package>audiofile-32bit</package>
<package>audit-libs-32bit</package>
<package>bind-libs-32bit</package>
<package>bison-32bit</package>
<package>cpufrequtils-32bit</package>
<package>cracklib-32bit</package>
<package>cryptconfig-32bit</package>
<package>cyrus-sasl-32bit</package>
<package>cyrus-sasl-gssapi-32bit</package>
<package>cyrus-sasl-plain-32bit</package>
<package>dbus-1-32bit</package>
<package>dbus-1-glib-32bit</package>
<package>device-mapper-32bit</package>
<package>evolution-data-server-32bit</package>
<package>fam-32bit</package>
<package>file-32bit</package>
<package>flex-32bit</package>
<package>freeglut-32bit</package>
<package>freetype-32bit</package>
<package>fribidi-32bit</package>
<package>gcc-32bit</package>
<package>gcc43-32bit</package>
<package>gconf2-32bit</package>
<package>gdbm-devel-32bit</package>
<package>gettext-runtime-32bit</package>
<package>giflib-32bit</package>
<package>glibc-devel-32bit</package>
<package>glibc-locale-32bit</package>
<package>gnome-keyring-32bit</package>
<package>gnome-panel-32bit</package>
<package>gnome-vfs2-32bit</package>
<package>gpm-32bit</package>
<package>hal-32bit</package>
<package>hunspell-32bit</package>
<package>java-1_6_0-ibm</package>
<package>java-1_6_0-ibm-fonts</package>
<package>jpackage-utils</package>
<package>libFLAC8-32bit</package>
<package>libHX13-32bit</package>
<package>libacl-32bit</package>
<package>libaio-32bit</package>
<package>libaio-devel-32bit</package>
<package>libart_lgpl-32bit</package>
<package>libattr-32bit</package>
<package>libavahi-client3-32bit</package>
<package>libavahi-common3-32bit</package>
<package>libavahi-glib1-32bit</package>
<package>libblkid1-32bit</package>
<package>libbonobo-32bit</package>
<package>libbonoboui-32bit</package>
<package>libbz2-1-32bit</package>
<package>libcanberra-gtk-32bit</package>
<package>libcanberra-gtk0-32bit</package>
<package>libcanberra0-32bit</package>
<package>libcap2-32bit</package>
<package>libcroco-0_6-3-32bit</package>
<package>libcurl4-32bit</package>
<package>libdnet1</package>
<package>libdrm-32bit</package>
<package>libesd0-32bit</package>
<package>libfreebl3-32bit</package>
<package>libgcrypt11-32bit</package>
<package>libglade2-32bit</package>
<package>libgnome-32bit</package>
<package>libgnome-desktop-2-11-32bit</package>
<package>libgnomecanvas-32bit</package>
<package>libgnutls26-32bit</package>
<package>libgomp46-32bit</package>
<package>libgpg-error0-32bit</package>
<package>libgsf-1-114-32bit</package>
<package>libgstreamer-0_10-0-32bit</package>
<package>libgthread-2_0-0-32bit</package>
<package>libgweather1-32bit</package>
<package>libical0-32bit</package>
<package>libidl-32bit</package>
<package>libidn-32bit</package>
<package>liblcms1-32bit</package>
<package>libldap-2_4-2-32bit</package>
<package>libltdl7-32bit</package>
<package>liblua5_1</package>
<package>liblzma5-32bit</package>
<package>libmng-32bit</package>
<package>libncurses6-32bit</package>
<package>libnetpbm10-32bit</package>
<package>libnscd-32bit</package>
<package>libnsssharedhelper0-32bit</package>
<package>libogg0-32bit</package>
<package>libopenct1-32bit</package>
<package>libopensc2-32bit</package>
<package>libpciaccess0-32bit</package>
<package>libproxy0-32bit</package>
<package>libproxy0-config-gnome</package>
<package>libproxy0-config-kde4</package>
<package>libpulse0-32bit</package>
<package>libpython2_6-1_0-32bit</package>
<package>libqt4-32bit</package>
<package>libqt4-qt3support-32bit</package>
<package>libqt4-sql-32bit</package>
<package>libqt4-x11-32bit</package>
<package>libreiserfs-32bit</package>
<package>librsvg-32bit</package>
<package>libsepol1-32bit</package>
<package>libsmbclient0-32bit</package>
<package>libsmbios2-32bit</package>
<package>libsndfile-32bit</package>
<package>libsoup-2_4-1-32bit</package>
<package>libsqlite3-0-32bit</package>
<package>libstdc++33-32bit</package>
<package>libstdc++43-devel-32bit</package>
<package>libtalloc2-32bit</package>
<package>libtasn1-3-32bit</package>
<package>libtdb1-32bit</package>
<package>libtool-32bit</package>
<package>libudev0-32bit</package>
<package>libvorbis-32bit</package>
<package>libwbclient0-32bit</package>
<package>libwnck-1-22-32bit</package>
<package>libxcrypt-32bit</package>
<package>libxml2-32bit</package>
<package>libxslt-32bit</package>
<package>mozilla-kde4-integration</package>
<package>mozilla-nspr-32bit</package>
<package>mozilla-nss-32bit</package>
<package>mozilla-xulrunner192-32bit</package>
<package>nautilus-32bit</package>
<package>nautilus-cd-burner-32bit</package>
<package>ncurses-devel-32bit</package>
<package>nmap</package>
<package>opensc-32bit</package>
<package>openslp-32bit</package>
<package>opie-32bit</package>
<package>orbit2-32bit</package>
<package>pam-32bit</package>
<package>pam-modules-32bit</package>
<package>pam_mount-32bit</package>
<package>parted-32bit</package>
<package>pciutils-32bit</package>
<package>pcsc-lite-32bit</package>
<package>popt-32bit</package>
<package>qt3-32bit</package>
<package>qtcurve-gtk2-32bit</package>
<package>rpm-32bit</package>
<package>samba-32bit</package>
<package>samba-client-32bit</package>
<package>startup-notification-32bit</package>
<package>strace-32bit</package>
<package>sysfsutils-32bit</package>
<package>tcl-32bit</package>
<package>tcpd-32bit</package>
<package>tk-32bit</package>
<package>utempter-32bit</package>
<package>xaw3d-32bit</package>
<package>xorg-x11-driver-video-radeonhd</package>
<package>yast2-trans-en_US</package>
<package>autoyast2-installation</package>
<package>autoyast2-installation</package>
</packages>
<patterns config:type="list">
<pattern>Basis-Devel</pattern>
<pattern>Minimal</pattern>
<pattern>WBEM</pattern>
<pattern>apparmor</pattern>
<pattern>base</pattern>
<pattern>documentation</pattern>
<pattern>gnome</pattern>
<pattern>kde</pattern>
<pattern>oracle_server</pattern>
<pattern>print_server</pattern>
<pattern>x11</pattern>
</patterns>
<remove-packages config:type="list">
<package>apache2</package>
<package>apache2-prefork</package>
<package>apache2-utils</package>
<package>apache2-worker</package>
<package>emacs-nox</package>
<package>libapr-util1</package>
<package>libapr1</package>
<package>libqt4-sql-sqlite</package>
<package>lprng</package>
<package>pcmciautils</package>
<package>portmap</package>
<package>rsyslog</package>
<package>sendmail</package>
<package>susehelp_de</package>
<package>open-iscsi</package>
</remove-packages>
</software>
<timezone>
<hwclock>localtime</hwclock>
<timezone>Asia/Shanghai</timezone>
</timezone>
<user_defaults>
<group>100</group>
<groups>video,dialout</groups>
<home>/home</home>
<inactive>-1</inactive>
<shell>/bin/bash</shell>
<skel>/etc/skel</skel>
<umask>022</umask>
</user_defaults>
<users config:type="list">
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>Games account</fullname>
<gid>100</gid>
<home>/var/games</home>
<password_settings>
<flag></flag>
<inact>-1</inact>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/bash</shell>
<uid>12</uid>
<user_password>*</user_password>
<username>games</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>bin</fullname>
<gid>1</gid>
<home>/bin</home>
<password_settings>
<flag></flag>
<inact>-1</inact>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/bash</shell>
<uid>1</uid>
<user_password>*</user_password>
<username>bin</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>nobody</fullname>
<gid>65533</gid>
<home>/var/lib/nobody</home>
<password_settings>
<flag></flag>
<inact>-1</inact>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/bash</shell>
<uid>65534</uid>
<user_password>*</user_password>
<username>nobody</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>Printing daemon</fullname>
<gid>7</gid>
<home>/var/spool/lpd</home>
<password_settings>
<flag></flag>
<inact>-1</inact>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/bash</shell>
<uid>4</uid>
<user_password>*</user_password>
<username>lp</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>User for uuidd</fullname>
<gid>104</gid>
<home>/var/run/uuidd</home>
<password_settings>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>102</uid>
<user_password>*</user_password>
<username>uuidd</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>Postfix Daemon</fullname>
<gid>51</gid>
<home>/var/spool/postfix</home>
<password_settings>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>51</uid>
<user_password>*</user_password>
<username>postfix</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>Novell Customer Center User</fullname>
<gid>114</gid>
<home>/var/lib/YaST2/suse-ncc-fakehome</home>
<password_settings>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/bash</shell>
<uid>107</uid>
<user_password>*</user_password>
<username>suse-ncc</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>FTP account</fullname>
<gid>49</gid>
<home>/srv/ftp</home>
<password_settings>
<flag></flag>
<inact>-1</inact>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/bash</shell>
<uid>40</uid>
<user_password>*</user_password>
<username>ftp</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>Gnome Display Manager daemon</fullname>
<gid>115</gid>
<home>/var/lib/gdm</home>
<password_settings>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>108</uid>
<user_password>*</user_password>
<username>gdm</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>Batch jobs daemon</fullname>
<gid>25</gid>
<home>/var/spool/atjobs</home>
<password_settings>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/bash</shell>
<uid>25</uid>
<user_password>*</user_password>
<username>at</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>root</fullname>
<gid>0</gid>
<home>/root</home>
<password_settings>
<flag></flag>
<inact>-1</inact>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/bash</shell>
<uid>0</uid>
<user_password>$2y$05$PgHRKTw9p..KhpR4r3bhF.8yFRP30eBTO6bQSfDspTz8J5/8yw.qW</user_password>
<username>root</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>Mailer daemon</fullname>
<gid>12</gid>
<home>/var/spool/clientmqueue</home>
<password_settings>
<flag></flag>
<inact>-1</inact>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>8</uid>
<user_password>*</user_password>
<username>mail</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>Daemon</fullname>
<gid>2</gid>
<home>/sbin</home>
<password_settings>
<flag></flag>
<inact>-1</inact>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/bash</shell>
<uid>2</uid>
<user_password>*</user_password>
<username>daemon</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>NTP daemon</fullname>
<gid>111</gid>
<home>/var/lib/ntp</home>
<password_settings>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>74</uid>
<user_password>*</user_password>
<username>ntp</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>Unix-to-Unix CoPy system</fullname>
<gid>14</gid>
<home>/etc/uucp</home>
<password_settings>
<flag></flag>
<inact>-1</inact>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/bash</shell>
<uid>10</uid>
<user_password>*</user_password>
<username>uucp</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>User for D-Bus</fullname>
<gid>101</gid>
<home>/var/run/dbus</home>
<password_settings>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>100</uid>
<user_password>*</user_password>
<username>messagebus</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>User for haldaemon</fullname>
<gid>102</gid>
<home>/var/run/hald</home>
<password_settings>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>101</uid>
<user_password>*</user_password>
<username>haldaemon</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>Oracle user</fullname>
<gid>107</gid>
<home>/opt/oracle</home>
<password_settings>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>104</uid>
<user_password>*</user_password>
<username>oracle</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>WWW daemon apache</fullname>
<gid>8</gid>
<home>/var/lib/wwwrun</home>
<password_settings>
<flag></flag>
<inact>-1</inact>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>30</uid>
<user_password>*</user_password>
<username>wwwrun</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>Puppet daemon</fullname>
<gid>106</gid>
<home>/var/lib/puppet</home>
<password_settings>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>103</uid>
<user_password>*</user_password>
<username>puppet</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>Manual pages viewer</fullname>
<gid>62</gid>
<home>/var/cache/man</home>
<password_settings>
<flag></flag>
<inact>-1</inact>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/bash</shell>
<uid>13</uid>
<user_password>*</user_password>
<username>man</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>MySQL database admin</fullname>
<gid>109</gid>
<home>/var/lib/mysql</home>
<password_settings>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>60</uid>
<user_password>*</user_password>
<username>mysql</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>PolicyKit</fullname>
<gid>110</gid>
<home>/var/run/PolicyKit</home>
<password_settings>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>105</uid>
<user_password>*</user_password>
<username>polkituser</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>News system</fullname>
<gid>13</gid>
<home>/etc/news</home>
<password_settings>
<flag></flag>
<inact>-1</inact>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/bash</shell>
<uid>9</uid>
<user_password>*</user_password>
<username>news</username>
</user>
<user>
<fullname>SSH daemon</fullname>
<gid>65</gid>
<home>/var/lib/sshd</home>
<password_settings>
<inact>-1</inact>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>71</uid>
<username>sshd</username>
</user>
<user>
<encrypted config:type="boolean">true</encrypted>
<fullname>PulseAudio daemon</fullname>
<gid>112</gid>
<home>/var/lib/pulseaudio</home>
<password_settings>
<max>99999</max>
<min>0</min>
<warn>7</warn>
</password_settings>
<shell>/bin/false</shell>
<uid>106</uid>
<user_password>*</user_password>
<username>pulse</username>
</user>
</users>
<x11>
<color_depth config:type="integer">24</color_depth>
<display_manager>gdm</display_manager>
<enable_3d config:type="boolean">true</enable_3d>
<monitor>
<display>
<max_hsync config:type="integer">48</max_hsync>
<max_vsync config:type="integer">60</max_vsync>
<min_hsync config:type="integer">31</min_hsync>
<min_vsync config:type="integer">50</min_vsync>
</display>
<monitor_device>1024X768@60HZ</monitor_device>
<monitor_vendor>--> VESA</monitor_vendor>
</monitor>
<resolution>1024x768 (XGA)</resolution>
<window_manager>gnome</window_manager>
</x11>
</profile>
SuSE自動化PXE網絡安裝
PXE基本原理
什麼是PXE
PXE(Pre-boot Execution Environment)是由Intel設計的協議,它可以使計算機通過網絡啓動。協議分爲client和server兩端,PXE client在網卡的ROM中,當計算機引導時,BIOS把PXE client調入內存執行,並顯示出命令菜單,經用戶選擇後,PXE client將放置在遠端的操作系統通過網絡下載到本地運行。
PXE協議的成功運行需要解決以下兩個問題:
1. 既然是通過網絡傳輸,那麼計算機在啓動時,它的IP地址由誰來配置;
2. 通過什麼協議下載Linux內核和根文件系統。
對於第一個問題,可以通過DHCP Server解決,由DHCP server來給PXE client分配一個IP地址,DHCP Server是用來給DHCP Client動態分配IP地址的協議,不過由於這裏是給PXE Client分配IP地址,所以在配置DHCP Server時,需要增加相應的PXE特有配置。
至於第二個問題,在PXE client所在的ROM中,已經存在了TFTP Client。PXE Client使用TFTP Client,通過TFTP協議到TFTP Server上下載所需的文件。
這樣,PXE協議運行的條件就具備了,下面我們就來看看PXE協議的工作過程。
工作過程
在下圖中,PXE client是需要安裝Linux的計算機,TFTP Server和DHCP Server運行在另外一臺Linux Server上。Bootstrap文件、配置文件、Linux內核以及Linux根文件系統都放置在Linux Server上TFTP服務器的根目錄下。
PXE client在工作過程中,需要三個二進制文件:bootstrap、Linux 內核和Linux根文件系統。Bootstrap文件是可執行程序,它向用戶提供簡單的控制界面,並根據用戶的選擇,下載合適的Linux內核以及Linux根文件系統。
方案介紹
這種方案需要首先設置一個啓動服務器和一個安裝服務器(可以配置在同一臺物理機上),然後通過網絡啓動存放在啓動服務器上的安裝程序。安裝程序會自動訪問存放在安裝服務器上的安裝配置文件和安裝介質來完成安裝。
涉及到的技術
該方案主要應用了三種技術:
1. 在PC上從網絡啓動SLES安裝程序的PXE協議
2. SLES安裝程序提供的網絡安裝功能(即指通過網絡訪問安裝介質)
3. SLES安裝程序提供的無人值守安裝功能(SuSE稱爲AutoYast)
軟硬件需求
要按本文介紹的方法完成自動化安裝,你需要如下軟硬件資源:
- 一臺PC機器作爲啓動和安裝服務器(其它架構機器也可以)
- 一臺待安裝的PC機器,它的網卡必須帶有PXE支持
- 一個建好的局域網,上述兩臺機器已經連接入同一子網
- 待安裝的SLES安裝介質
配置tftpd
爲了簡化步驟,我們在XP虛擬機下搭建DHCP和TFTP服務端,用tftpd工具來整合實現PXE網絡引導,注意服務端與客戶端要在同一局域網內。在Linux下配置服務的原理類似,具體方法可參考互聯網。
(1)下載tftpd
http://tftpd32.jounin.net/
(2)啓動tftpd32程序,選擇【Settings】
(3)按需勾選,這裏我們僅選擇【TFTP】和【DHCP】
(4)TFTP設置如下
Base Directory:對應存放Linux的引導文件
PXE Compatibility:增強對不同型號網卡的網絡啓動支持
Show Progress bar:在網絡引導過程中顯示進度
Translate Unix file names:轉化Unix文件名
Allow “\” As virtual root:允許虛擬路徑
其它高級選項:設置包括兼容性以及一些細節
(5)DHCP配置
重點注意Boot File引導文件的設置和DHCP綁定地址
(6)tftpboot目錄結構
file://D:\tftpboot (2 folders, 3 files, 35.86 MB, 36.46 MB in total.)
│ INITRD 32.20 MB
│ LINUX 3.64 MB
│ pxelinux.0 16.04 KB
├─pxelinux.cfg (0 folders, 1 files, 193 bytes, 193 bytes in total.)
│ default 193 bytes
└─tftpd32 (0 folders, 4 files, 620.33 KB, 620.33 KB in total.)
EUPL-EN.pdf 33.51 KB
tftpd32.chm 346.96 KB
tftpd32.exe 200.50 KB
tftpd32.ini 39.36 KB
INITRD和LINUX提取自Linux啓動引導鏡像
pxelinux.0是pxe啓動引導鏡像
pxelinux.cfg文件夾下的default文件爲啓動菜單配置項
編輯tftpboot\pxelinux.cfg
,可以自定義autoinst.xml文件的訪問方式和路徑
default linux
# Install Linux
label linux
kernel linux
append initrd=initrd autoyast=ftp://198.15.0.106/suse/autoinst.xml install=ftp://198.15.0.106/suse splash=silent showopts
配置FTP
(1)下載Filezilla Server
http://filezilla-project.org/
(2)設置ftp
允許匿名訪問帳戶即可,配置好ftp路徑
提取SLES鏡像內的安裝目錄至ftp目錄下
配置AutoYaST
使用SuSE中的AutoYaST工具生成autoinst.xml,複製到ftp任意目錄下,注意文件路徑與default配置相吻合
網絡啓動機器
前面的配置工作完成後,下面我們就在待安裝機器上通過網絡以無人值守的方式來安裝
(1)啓動待安裝機器,選擇從網卡啓動。具體方法因BIOS版本不同而異。下圖是從VMWare虛擬機上得到的選擇網絡啓動的屏幕截圖。
(2)網卡中的PXE代碼會聯繫DHCP服務器來獲取IP地址以及啓動鏡像,然後啓動鏡像被載入並運行。
(3)開始全自動安裝
安裝後添加自定義模塊
我這裏以添加Kernel內核補丁爲例
<scripts>
<init-scripts config:type="list">
<script>
<filename>instkernel.sh</filename>
<debug config:type="boolean">true</debug>
<location></location>
<interpreter>shell</interpreter>
<source><![CDATA[
#!/bin/bash
#
# After installation, the logfile from this script can be found in
# /var/adm/autoinstall/logs
#
echo "========================================="
echo "... Starting AutoYAST included script ..."
echo "========================================="
rpm -ivh --root=/ ftp://144.131.254.206/update/3.0.74-0.6.8/kernel-default-base-3.0.74-0.6.8.1.x86_64.rpm
rpm -ivh --root=/ ftp://144.131.254.206/update/3.0.74-0.6.8/kernel-default-3.0.74-0.6.8.1.x86_64.rpm
rpm -ivh --root=/ ftp://144.131.254.206/update/3.0.74-0.6.8/kernel-source-3.0.74-0.6.8.1.x86_64.rpm
rpm -ivh --root=/ ftp://144.131.254.206/update/3.0.74-0.6.8/kernel-default-devel-3.0.74-0.6.8.1.x86_64.rpm
]]>
</source>
</script>
</init-scripts>
</scripts>
小結
其實在研究自動化部署的過程中我們會遇到各種坑,只有踩過的人才能夠體會其中的不容易,如果大家在測試和使用SuSE自動化安裝時遇到任何問題,歡迎直接在原文下方留言,我們一起學習和成長^_^。