rpm warehouse construction and kickstart in linux

First, let's build an experimental environment and download several installation packages to facilitate command demonstration:

[root@localhost ~]# cd /mnt/
[root@localhost mnt]# ls
[root@localhost mnt]# mkdir software   将软件包归纳到software
[root@localhost mnt]# ls
software
[root@localhost mnt]# cd software/
[root@localhost software]# ls
从桌面文件夹内将安装包传到虚拟机的/mnt/software/路径下面。
[kiosk@foundation84 Desktop]$ scp /home/kiosk/Desktop/1234/* root@172.25.254.121:/mnt/software
root@172.25.254.121's password: 
FluffyMcAwesome-A-6.4.0-11.r19335.x86_64.rpm  100%   29KB  29.2KB/s   00:00    
FluffyMcAwesome-B-6.4.0-11.r19335.x86_64.rpm  100%   29KB  29.1KB/s   00:00    
linuxqq-v1.0.2-beta1.i386.rpm                 100% 4928KB   4.8MB/s   00:00    
wps-office-10.1.0.5672-1.a21.x86_64.rpm       100%   78MB  78.4MB/s   00:01    
[root@localhost software]# ls    传递过去的安装包
FluffyMcAwesome-A-6.4.0-11.r19335.x86_64.rpm
FluffyMcAwesome-B-6.4.0-11.r19335.x86_64.rpm
linuxqq-v1.0.2-beta1.i386.rpm
wps-office-10.1.0.5672-1.a21.x86_64.rpm

The specific command demonstration is relatively simple. The remote transmission using scp is a simple command.

The format and parameters of the rpm command:

rpm
rpm       -ivh name.rpm                 安装，-v显示过程，-h指定加密方式为hash
rpm        -e name                          卸载,卸载写的是软件名字而不是安装包名字
rpm       -ql                          表示在系统哪些位置安装了软件
rpm       -qc                          查询软件的配置文件
rpm       -qd                          查询软件的文档，以及说明文件
rpm       -qlp  name.rpm                   软件包如果安装了在系统安装位置
rpm       -qa | grep httpd                     查看安装了那些软件，| 表示过滤
rpm       -q                                   查看软件安装了没有
rpm       -qa |grep name                       查看软件是否安装
rpm       -qp   name.rpm                       查询软件包安装在系统之后叫什么名字
rpm       -qf   filename                       查询某个文件属于哪个安装包
rpm       -qi   name                           表示查看软件信息
rpm        -p                                  表示查看软件包时加p
rpm        -qp  name.rpm --scripts             查询软件在安装或卸载过程中执行的动作
rpm        -ivh   name.rpm --force             强制安装，但不能忽略依赖性
rpm        -ivh   name.rpm --force --nodeps    忽略依赖性并强制安装
rpm        -Kv    name.rpm                     检测软件包是否被篡改

A few points to note:
--nodeps means ignore dependencies.
–force stands for force, only for forced installation.
The difference between -qa and -q is that the former is vague and the latter is an exact match.
Demonstration of rpm command:

[root@localhost software]# rpm -ivh linuxqq-v1.0.2-beta1.i386.rpm --nodeps 忽略依赖性安装
Preparing...                          ################################# [100%]
    file /usr/bin from install of linuxqq-v1.0.2-beta1.i386 conflicts with file from package filesystem-3.2-18.el7.x86_64
[root@localhost software]# rpm -ivh linuxqq-v1.0.2-beta1.i386.rpm --nodeps --force 忽略依赖性强制安装
Preparing...                          ################################# [100%]
Updating / installing...
   1:linuxqq-v1.0.2-beta1             ################################# [100%]
[root@localhost software]# rpm -qc openssh-server    查看软件的配置文件
/etc/pam.d/sshd
/etc/ssh/sshd_config
/etc/sysconfig/sshd
[root@localhost software]# rpm -qd openssh-server    查看软件的说明文档
/usr/share/man/man5/moduli.5.gz
/usr/share/man/man5/sshd_config.5.gz
/usr/share/man/man8/sftp-server.8.gz
/usr/share/man/man8/sshd.8.gz
[root@localhost software]# rpm -Kv linuxqq-v1.0.2-beta1.i386.back.rpm    检测软件包是否被篡改
linuxqq-v1.0.2-beta1.i386.rpm:
    Header SHA1 digest: OK (9893064ebb5d9966a7e061e1c2017d189f5a8100)
    MD5 digest: OK (5b35ffaf802861b72c0f2a615effdfdc)
[ro[root@localhost software]# ls
FluffyMcAwesome-A-6.4.0-11.r19335.x86_64.rpm
FluffyMcAwesome-B-6.4.0-11.r19335.x86_64.rpm
linuxqq-v1.0.2-beta1.i386.rpm
wps-office-10.1.0.5672-1.a21.x86_64.rpm
[root@localhost software]# cp linuxqq-v1.0.2-beta1.i386.rpm linuxqq-v1.0.2-beta1.i386.back.rpm  复制一个安装包改名字进行篡改实验
[root@localhost software]# ls
FluffyMcAwesome-A-6.4.0-11.r19335.x86_64.rpm
FluffyMcAwesome-B-6.4.0-11.r19335.x86_64.rpm
linuxqq-v1.0.2-beta1.i386.back.rpm
linuxqq-v1.0.2-beta1.i386.rpm
wps-office-10.1.0.5672-1.a21.x86_64.rpm
[root@localhost software]# echo hello >>linuxqq-v1.0.2-beta1.i386.back.rpm 将hello重定向到安装包里面
[root@localhost software]# rpm -Kv linuxqq-v1.0.2-beta1.i386.back.rpm  检测安装包已经被损坏
linuxqq-v1.0.2-beta1.i386.back.rpm:
    Header SHA1 digest: OK (9893064ebb5d9966a7e061e1c2017d189f5a8100)
    MD5 digest: BAD Expected(5b35ffaf802861b72c0f2a615effdfdc) != (859a597856638c57ea82ed3056f2dcad)
ot@localhost software]# rpm -qf /bin/ls    查看文件属于哪个软件包
coreutils-8.22-11.el7.x86_64

Installation:

Change the contents of the installation package to tamper with:

The construction of third-party software warehouses, gpgcheck represents third-party software.
Put all rpm software packages in one directory, which can only store
rpm
files
vim /etc/yum.repos.d/xxx.repo (file content)
[software]
name=software
baseurl=file:///rpm storage directory
gpgcheck=0
yum clean all
Build network source, install httpd, close firewall, disable Turn off the firewall and enable httpd to start automatically at boot

[root@localhost software]# ls
FluffyMcAwesome-A-6.4.0-11.r19335.x86_64.rpm
FluffyMcAwesome-B-6.4.0-11.r19335.x86_64.rpm
linuxqq-v1.0.2-beta1.i386.rpm
wps-office-10.1.0.5672-1.a21.x86_64.rpm
[root@localhost software]# createrepo  .  生成软件数据包
Spawning worker 0 with 4 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@localhost software]# ls
FluffyMcAwesome-A-6.4.0-11.r19335.x86_64.rpm
FluffyMcAwesome-B-6.4.0-11.r19335.x86_64.rpm
linuxqq-v1.0.2-beta1.i386.rpm
repodata                                 已经生成
wps-office-10.1.0.5672-1.a21.x86_64.rpm
[root@localhost software]# cd repodata/  
[root@localhost software]# vim /etc/yum.repos.d/rhel_dvd.repo   编辑文件
[root@localhost software]# yum clean all
Loaded plugins: langpacks
Cleaning repos: software source7.0
Cleaning up everything
[root@localhost software]# yum repolist
Loaded plugins: langpacks
source7.0                                                | 4.1 kB     00:00     
(1/2): source7.0/group_gz                                  | 134 kB   00:00     
(2/2): source7.0/primary_db                                | 3.4 MB   00:00     
repo id                              repo name                            status
source7.0                            source7.0                            4,305
repolist: 4,305
[root@localhost software]# cp -r /mnt/software/ /var/www/html/
cp: cannot create directory ‘/var/www/html/’: No such file or directory  复制不了的原因就是我们必须下载共享然后打开httpd关闭防火墙

[root@localhost software]# yum install httpd -y    安装后就可以共享

Complete!

[root@localhost software]# systemctl start httpd   开启服务
[root@localhost software]# systemctl enable httpd  开机自启动
ln -s '/usr/lib/systemd/system/httpd.service' '/etc/systemd/system/multi-user.target.wants/httpd.service'
[root@localhost software]# systemctl stop firewalld  关闭防火墙
[root@localhost software]# systemctl disable firewalld 开机关闭
rm '/etc/systemd/system/basic.target.wants/firewalld.service'
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
[root@localhost software]# cp -r /mnt/software/  /var/www/html/  这样就可以复制

Generate software data package:

Build a third-party software source repository:

File content: To

build a network source, first install Apache
yum install httpd -y, and you can copy it after the build is complete.

Test whether it is set up well:
Since these operations are done on the virtual machine, we test on the real machine, open the Firefox browser and enter 172.25.254.121/software/ The ip entered here is the virtual machine.

If we don't want to view the software that we don't need when the software comes out, we need to shield some software in the yum repository.

[root@localhost ~]# yum list 内容较多不展示
[root@localhost ~]# vim /etc/yum.conf
写入exclude=*.i686
[root@localhost ~]# yum list 查看时就没有了32位的安装包
[root@localhost ~]# yum list linuxqq  查看Linuxqq的安装包
Loaded plugins: langpacks
Installed Packages
linuxqq.i386                                     v1.0.2-beta1                                     installed
[root@localhost ~]# vim /etc/yum.conf
写入exclude=*.i686 *.i386
[root@localhost ~]# yum list linuxqq  出来包的原因是linuxqq已经被我安装
Loaded plugins: langpacks
Installed Packages
linuxqq.i386                                     v1.0.2-beta1                                     installed
[root@localhost ~]# rpm -e linuxqq  卸载linuxqq
[root@localhost ~]# yum list linuxqq  查看包的时候已经被屏蔽
Loaded plugins: langpacks
Error: No matching Packages to list

Shielding 32-bit installation package file writing:

shielding linuxqq file writing:

Operation demonstration:

Kickstart Overview
Using kickstart, a system administrator can create a file that contains answers to all frequently asked questions during installation so that a virtual machine can be installed directly.
package system-config-kickstart
install yum install syatem-config-kickstart

[root@localhost software]# yum install httpd system-config-kickstart -y    安装阿帕奇和kickstart
Complete!
[root@localhost ~]# system-config-kickstart  打开设置问题答案界面，进行配置以保证虚拟机可以自动安装。(用真机连接虚拟机时必须加-X开启图形以显示界面)
[root@localhost mnt]# systemctl start httpd   打开阿帕奇
[root@localhost mnt]# systemctl stop firewalld  关闭防火墙
然后在真机输入172.25.254.121/ks.cfg就可以看到自己刚才的操作。
[root@localhost ~]# cd /var/www/html/
[root@localhost html]# ls
ks.cfg  software
[root@localhost html]# vim ks.cfg
%packages
@base
lftp
%end 
[root@localhost html]# ksvalidator ks.cfg  只可以检查语法

Install Apache and kickstart, open the setting problem interface:
add -X when connecting to the virtual machine to open the graphics.

Set the first step, password:

set the second step, set the http

setting The third step:

set the fourth step:

click add at the bottom to add a partition:



set the fifth step, add a dynamic network:

set the sixth step, default:

set the seventh step, turn off the firewall.

The latter are all defaults, and then click the file to save it to /var/www/html, and then close.

Open Apache, close the firewall:

enter 172.25.254.121/ks.cfg on the real machine to test: the

virtual machine operation is completed:

edit the file content:

Next, operate on the real machine: this must be configured with dhcp before the experiment can be performed.

在真机：回去必须在有dhcp情况下实验。
[root@foundation21 mnt]# vim westos.sh 编辑脚本
#!/bin/bash
virt-install \
--ram 1024 \
--cpus 1 \
--disk /var/lib/libvirt/images/$1.qcow2,size=8,bus=virtio \
--name $1 \
--network source=br0,model=virtio \
--location http://172.25.254.21/source7.2 \
--extra-args "ks=http://172.25.254.121/ks.cfg" &
[root@foundation21 mnt]# chmod +x /mnt/westos.sh  赋予权限
[root@foundation21 mnt]# /mnt/westos.sh srr  调用

We can see that it will install itself by calling it.

My real machine is version 7.1, so the script writes 7.1.

Because it has been permanently mounted before, it can be viewed through the df command.

[root@foundation84 mnt]# df  查看挂载
Filesystem     1K-blocks     Used Available Use% Mounted on
/dev/sda12     124457600 56178124  68279476  46% /
devtmpfs         3863288        0   3863288   0% /dev
tmpfs            3873420      504   3872916   1% /dev/shm
tmpfs            3873420     9372   3864048   1% /run
tmpfs            3873420        0   3873420   0% /sys/fs/cgroup
/dev/sda10        198380   105644     92736  54% /boot
/dev/sda9         204580     9700    194880   5% /boot/efi
/dev/loop0       3654720  3654720         0 100% /var/www/html/source7.0
/dev/loop1       3798292  3798292         0 100% /var/www/html/source7.1

View Mount: The

installation process:

The login user password can enter the virtual machine, and the virtual machine is successfully established.