Websitetemplate.org

Welcome > Linux > Miscellaneous > Kickstart Server Build

Kickstart Server Build

Here's a script that manages PXE-boot kickstart server installations.  It is well-suited for non-enterprise organizations and LUG InstallFests.

Introductory slide show providing overview of how it works.


Build Instructions

Insert CentOS 4.4 Server CD and boot
Text install
Skip media check
Language: English
Keyboard :us
Autopartition
Initialize this drive: Yes
Remove all partitions
Are you sure: Yes
Partitioning: OK
Boot Loader Configuration: Use GRUB; OK; OK; Master Boot Record
Network Configuration: set for your network, but make it static
Hostname Configuration: enter FQDN
Firewall: No
Warning - No Firewall: Proceed
Security Enhanced Linux: Disabled
Language Support: English
Time Zone Selection: America/Phoenix
Root Password: Enter it
Package Defaults: Customize software selection
Package Group Selection: Administration Tools;     Package Group Details: system-config-kickstart
Package Group Selection: Web Server
Package Group Selection: DNS Server
Unselect all others
Installation to begin: OK

Log in as root

Turn on time daemon:
chkconfig ntpd on
service ntpd start

Install dhcp, tftp-server, and system-config-netboot:
yum -y install dhcp tftp-server system-config-netboot
-or-
# Insert Centos 4 CD#1
mount /media/cdrecorder/ # NOTE: May be /media/cdrom/
cd /media/cdrecorder/CentOS/RPMS/
rpm -ivh hicolor-icon-theme-0.3-3.noarch.rpm
cd ~
umount /media/cdrecorder/
eject  /media/cdrecorder/
# Insert Centos 4 CD#3
mount /media/cdrecorder/
cd /media/cdrecorder/CentOS/RPMS/
rpm -ivh dhcp-3.0.1-58.EL4.i386.rpm tftp-server-0.39-1.i386.rpm system-config-netboot-0.1.40-1_EL4.i386.rpm
cd ~
umount /media/cdrecorder/
eject  /media/cdrecorder/

Remove packages that are not necessary:
yum -y remove isdn4k-utils pcmcia-cs
chkconfig cups off
chkconfig iptables off
init 6

After the reboot, login as root and copy ksman to /tmp on new server and run it:
cd /tmp
wget http://georgetoft.com/downloads/ksman
sh ksman


Post Installation Tasks

There is a script in /usr/local/bin called ks_postinstall that you should edit to customize the system for your environment.  A limitation in kickstart (RHEL/CentOS 4 and earlier) is that it only allows one DNS server - your post-install script should fix /etc/resolv.conf to include two name servers.

What I use in this script is an adaptation of the Center for Internet Security Red Hat Enterprise Linux Security Benchmark.  I copied all of the bold-courier font commands and pasted them into this script, which delivers a locked-down server even before anyone ever logs into it.


Content Copyright 2003-2014 George Toft