Another Home Page Blog - RPMhttps://blog.anotherhomepage.org/2011-08-08T11:51:00+02:00Installation minimaliste d'une CentOS 62011-08-08T11:51:00+02:002011-08-08T11:51:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2011-08-08:/post/2011/08/08/Installation-minimaliste-d-une-CentOS-6/<p>Suite à un billet précédent <a href="/post/2011/06/20/Installation-d-un-domU-Xen-Enterprise-Linux-sur-un-dom0-NetBSD">sur l'installation d'un domU Enterprise Linux sur un dom0 NetBSD</a>, et à la sortie de <a href="http://lists.centos.org/pipermail/centos-announce/2011-July/017645.html">CentOS 6.0</a>, j'ai fait quelques essais d'installations de cette distribution.</p>
<p>Il n'y a pas d'énormes différences entre le billet cité et CentOS 6.0, juste quelques surprises. La première …</p><p>Suite à un billet précédent <a href="/post/2011/06/20/Installation-d-un-domU-Xen-Enterprise-Linux-sur-un-dom0-NetBSD">sur l'installation d'un domU Enterprise Linux sur un dom0 NetBSD</a>, et à la sortie de <a href="http://lists.centos.org/pipermail/centos-announce/2011-July/017645.html">CentOS 6.0</a>, j'ai fait quelques essais d'installations de cette distribution.</p>
<p>Il n'y a pas d'énormes différences entre le billet cité et CentOS 6.0, juste quelques surprises. La première est au niveau de l'installation en mode texte, qui perd en possibilités, il n'est par exemple plus possible de personnaliser son partitionnement ou la liste des packages. Il faudra préférer une installation via VNC, qui permet d'afficher l'interface graphique. Les limitations en mémoire de RHEL 6 sont d'ailleurs valable pour CentOS 6, attention donc à attribuer assez de mémoire vive, au moins lors de l'installation, pour obtenir l'interface graphique.</p>
<p>J'ai donc décidé de passer par Kickstart pour quelques installations, et là aussi, il y a quelques changements, comme par exemple certains champs optionnels devenus obligatoires. Voici donc un exemple de kickstart commenté pour une installation minimaliste (mais pas minimale) personnalisée :</p>
<div class="highlight"><pre><span></span><code><span class="cp"># Langue et zone horaire</span>
<span class="n">lang</span><span class="w"> </span><span class="n">fr_FR</span><span class="w"></span>
<span class="n">keyboard</span><span class="w"> </span><span class="n">fr</span><span class="w"> </span>
<span class="n">timezone</span><span class="w"> </span><span class="o">--</span><span class="n">utc</span><span class="w"> </span><span class="n">Europe</span><span class="o">/</span><span class="n">Paris</span><span class="w"></span>
<span class="cp"># J'utilise Xen, donc je shutdown pour modifier le noyau d'installation en pygrub</span>
<span class="n">shutdown</span><span class="w"></span>
<span class="n">text</span><span class="w"></span>
<span class="cp"># on peut chiffrer le mdp root</span>
<span class="n">rootpw</span><span class="w"> </span><span class="n">changemonmdprootsvp</span><span class="w"></span>
<span class="cp"># j'autorise quelques services du firewall, la configuration au premier boot mais pas de SELinux par contre </span>
<span class="n">firewall</span><span class="w"> </span><span class="o">--</span><span class="n">service</span><span class="o">=</span><span class="n">ssh</span><span class="w"> </span><span class="o">--</span><span class="n">service</span><span class="o">=</span><span class="n">smtp</span><span class="w"></span>
<span class="n">firstboot</span><span class="w"> </span><span class="o">--</span><span class="n">enable</span><span class="w"></span>
<span class="n">selinux</span><span class="w"> </span><span class="o">--</span><span class="n">disabled</span><span class="w"></span>
<span class="cp"># Configuration du réseau</span>
<span class="n">network</span><span class="w"> </span><span class="o">--</span><span class="n">device</span><span class="w"> </span><span class="n">eth0</span><span class="w"> </span><span class="o">--</span><span class="n">bootproto</span><span class="w"> </span><span class="n">dhcp</span><span class="w"></span>
<span class="cp"># Paramétrage du disque dur : bootloader et partitionnement. Attention, on efface tout !</span>
<span class="n">bootloader</span><span class="w"> </span><span class="o">--</span><span class="n">location</span><span class="o">=</span><span class="n">mbr</span><span class="w"> </span><span class="o">--</span><span class="n">driveorder</span><span class="o">=</span><span class="n">xvda</span><span class="w"></span>
<span class="n">authconfig</span><span class="w"> </span><span class="o">--</span><span class="n">enableshadow</span><span class="w"> </span><span class="o">--</span><span class="n">passalgo</span><span class="o">=</span><span class="n">sha512</span><span class="w"></span>
<span class="n">clearpart</span><span class="w"> </span><span class="o">--</span><span class="n">all</span><span class="w"> </span><span class="o">--</span><span class="n">initlabel</span><span class="w"> </span><span class="o">--</span><span class="n">drives</span><span class="o">=</span><span class="n">xvda</span><span class="w"></span>
<span class="n">part</span><span class="w"> </span><span class="o">/</span><span class="n">boot</span><span class="w"> </span><span class="o">--</span><span class="n">fstype</span><span class="w"> </span><span class="n">ext3</span><span class="w"> </span><span class="o">--</span><span class="n">size</span><span class="w"> </span><span class="mi">500</span><span class="w"> </span>
<span class="n">part</span><span class="w"> </span><span class="n">swap</span><span class="w"> </span><span class="o">--</span><span class="n">size</span><span class="w"> </span><span class="mi">512</span><span class="w"> </span>
<span class="n">part</span><span class="w"> </span><span class="o">/</span><span class="w"> </span><span class="o">--</span><span class="n">fstype</span><span class="w"> </span><span class="n">ext3</span><span class="w"> </span><span class="o">--</span><span class="n">size</span><span class="w"> </span><span class="mi">5000</span><span class="w"></span>
<span class="n">part</span><span class="w"> </span><span class="o">/</span><span class="n">home</span><span class="w"> </span><span class="o">--</span><span class="n">fstype</span><span class="w"> </span><span class="n">ext3</span><span class="w"> </span><span class="o">--</span><span class="n">size</span><span class="w"> </span><span class="mi">1200</span><span class="w"></span>
<span class="n">part</span><span class="w"> </span><span class="o">/</span><span class="n">var</span><span class="w"> </span><span class="o">--</span><span class="n">fstype</span><span class="w"> </span><span class="n">ext3</span><span class="w"> </span><span class="o">--</span><span class="n">size</span><span class="w"> </span><span class="mi">400</span><span class="w"> </span><span class="o">--</span><span class="n">grow</span><span class="w"></span>
<span class="cp"># On fait une installation par le réseau, pensez à modifier ces urls par celles qui vous correspondent</span>
<span class="cp"># De plus, les dépôts updates et extras sont ajoutés pour que le système soit à jour dès l'installation</span>
<span class="n">url</span><span class="w"> </span><span class="o">--</span><span class="n">url</span><span class="w"> </span><span class="n">http</span><span class="o">:</span><span class="c1">//monmiroirlocal/pub/CentOS/6/os/x86_64/</span>
<span class="n">repo</span><span class="w"> </span><span class="o">--</span><span class="n">name</span><span class="o">=</span><span class="n">updates</span><span class="w"> </span><span class="o">--</span><span class="n">baseurl</span><span class="o">=</span><span class="n">http</span><span class="o">:</span><span class="c1">//monmiroirlocal/pub/CentOS/6/updates/x86_64/</span>
<span class="n">repo</span><span class="w"> </span><span class="o">--</span><span class="n">name</span><span class="o">=</span><span class="n">extras</span><span class="w"> </span><span class="o">--</span><span class="n">baseurl</span><span class="o">=</span><span class="n">http</span><span class="o">:</span><span class="c1">//monmiroirlocal/pub/CentOS/6/extras/x86_64/</span>
<span class="cp"># C'est là qu'on s'amuse avec la liste des paquets.</span>
<span class="cp"># --nobase permet une installation très légère, mais il faut au moins le groupe @Core</span>
<span class="cp"># A noter que je refuse l'installation de nombreux firmwares matériels car je suis en VM.</span>
<span class="nf">%packages</span><span class="w"> </span><span class="o">--</span><span class="n">nobase</span><span class="w"></span>
<span class="err">@</span><span class="n">Core</span><span class="w"></span>
<span class="n">ntp</span><span class="w"></span>
<span class="n">openssh</span><span class="o">-</span><span class="n">clients</span><span class="w"></span>
<span class="n">wget</span><span class="w"></span>
<span class="n">vim</span><span class="o">-</span><span class="n">enhanced</span><span class="w"></span>
<span class="o">-</span><span class="n">b43</span><span class="o">-</span><span class="n">openfwwf</span><span class="w"></span>
<span class="o">-</span><span class="n">kernel</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">aic94xx</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">atmel</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">bfa</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">ipw2100</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">ipw2200</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">ivtv</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl1000</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl3945</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl4965</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl5000</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl5150</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl6000</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl6050</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">libertas</span><span class="o">-</span><span class="n">usb8388</span><span class="w"></span>
<span class="o">-</span><span class="n">ql2100</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">ql2200</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">ql23xx</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">ql2400</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">ql2500</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">rt61pci</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">rt73usb</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">xorg</span><span class="o">-</span><span class="n">x11</span><span class="o">-</span><span class="n">drv</span><span class="o">-</span><span class="n">ati</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">zd1211</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="cp"># La post-installation me permet de récupérer et d'appliquer des configurations spécifiques</span>
<span class="cp"># Très pratique pour déboguer, l'option --log :)</span>
<span class="nf">%post</span><span class="w"> </span><span class="o">--</span><span class="n">log</span><span class="o">=/</span><span class="n">root</span><span class="o">/</span><span class="n">postinstall</span><span class="p">.</span><span class="n">log</span><span class="w"></span>
<span class="n">wget</span><span class="w"> </span><span class="n">http</span><span class="o">:</span><span class="c1">//monmiroirlocal/pub/cfg/c6postinstall/prompt.sh -O /etc/profile.d/prompt.sh</span>
<span class="n">wget</span><span class="w"> </span><span class="n">http</span><span class="o">:</span><span class="c1">//monmiroirlocal/pub/cfg/c6postinstall/CentOS-Base.repo -O /etc/yum.repos.d/CentOS-Base.repo</span>
<span class="n">wget</span><span class="w"> </span><span class="n">http</span><span class="o">:</span><span class="c1">//monmiroirlocal/pub/cfg/c6postinstall/ntp.conf -O /etc/ntp.conf</span>
<span class="n">wget</span><span class="w"> </span><span class="n">http</span><span class="o">:</span><span class="c1">//monmiroirlocal/pub/cfg/c6postinstall/main.cf -O /etc/postfix/main.cf</span>
<span class="n">chkconfig</span><span class="w"> </span><span class="n">ntpd</span><span class="w"> </span><span class="n">on</span><span class="w"></span>
<span class="n">chkconfig</span><span class="w"> </span><span class="n">postfix</span><span class="w"> </span><span class="n">on</span><span class="w"></span>
</code></pre></div>
<p>Avec ce genre d'installation, on tombe à moins de 200 paquets installés :)</p>Installation de mod_gnutls sur CentOS 52008-05-24T10:30:00+02:002008-05-24T10:30:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2008-05-24:/post/2008/05/24/Installation-de-mod_gnutls-sur-CentOS-5/<p>petit lien à garder sous le coude au cas où</p>
<p>Il y a quelques jours je voulais mettre plusieurs sites Internet en <a href="http://fr.wikipedia.org/wiki/Http#HTTPS">HTTPS</a>, sur le même serveur dédié. Or, ceci n'est (presque) pas possible en utilisant <a href="http://www.modssl.org/">mod_ssl</a> avec <a href="http://httpd.apache.org/">Apache</a>. Toutefois, ceci est rendu possible via l'utilisation de <a href="http://www.outoforder.cc/projects/apache/mod_gnutls/">mod_gnutls …</a></p><p>petit lien à garder sous le coude au cas où</p>
<p>Il y a quelques jours je voulais mettre plusieurs sites Internet en <a href="http://fr.wikipedia.org/wiki/Http#HTTPS">HTTPS</a>, sur le même serveur dédié. Or, ceci n'est (presque) pas possible en utilisant <a href="http://www.modssl.org/">mod_ssl</a> avec <a href="http://httpd.apache.org/">Apache</a>. Toutefois, ceci est rendu possible via l'utilisation de <a href="http://www.outoforder.cc/projects/apache/mod_gnutls/">mod_gnutls</a>. Pour ceux qui ont CentOS 5, voici <a href="http://www.hughesjr.com/content/view/20/29/">un petit lien</a> pour l'installer facilement. je crois que mod_gnutls est aussi disponible pour Mandriva. Sinon, il reste à compiler les sources ;-)</p>
<p><strong>Mise à jour</strong> : certains auront pu remarquer que des liens de ce billet ne fonctionnent plus, et que les dernières versions de mod_gnutls nécessitent une version de gnutls plus récente que celle livrée sur CentOS. La petite astuce ne fonctionne donc plus vraiment, sauf à utiliser une autre distribution ou à installer un gnutls plus récent. Un ami s'y est essayé il y a quelques temps sous Gentoo, un ebuild étant disponible.</p>
<h2>Commentaires</h2>
<h3>Le 30/08/2011 00:55 par <a href="http://fakessh.eu">fakessh @</a></h3>
<p>j ai dernierement package les dernieres versions de gnutls et mod_gnutls</p>
<p>je fournis les rpm source sur la page de mon blog
recompiler les rpm et bonnes mises à jour</p>
<p>http://fakessh.eu/2011/08/28/last-release-gnutls-et-mod_gnutls-pour-centos-5-6/</p>RPMforge2008-01-19T22:40:00+01:002008-01-19T22:40:00+01:00Nils Ratuszniktag:blog.anotherhomepage.org,2008-01-19:/post/2008/01/19/RPMforge/<p>un dépôt qu'il est bien</p>
<p>Oui, il y a des dépôts tierce-partie pour les distribs Red Hat, telles que RHEL, CentOS et Fedora. Un que j'apprécie beaucoup c'est <a href="http://rpmforge.net/">RPMforge</a>. Il contient entre autres, <a href="http://htop.sourceforge.net/">Htop</a> et <a href="http://www.nagios.org/">Nagios</a>, ce qui fait que j'aime bien l'installer sur une machine CentOS ou Fedora (htop …</p><p>un dépôt qu'il est bien</p>
<p>Oui, il y a des dépôts tierce-partie pour les distribs Red Hat, telles que RHEL, CentOS et Fedora. Un que j'apprécie beaucoup c'est <a href="http://rpmforge.net/">RPMforge</a>. Il contient entre autres, <a href="http://htop.sourceforge.net/">Htop</a> et <a href="http://www.nagios.org/">Nagios</a>, ce qui fait que j'aime bien l'installer sur une machine CentOS ou Fedora (htop c'est vraiment du confort face à top). Pour l'installer, c'est très simple : il suffit d'aller récupérer le RPM qui installe le dépôt dans yum, ce qui évite de rajouter le dépôt à la main dans la configuration de ce dernier. Pour trouver le rpm "rpmforge-release", c'est <a href="http://dag.wieers.com/rpm/packages/rpmforge-release/">ici</a>. On l'installe via un bon vieux rpm -ivh, on fait un petit yum update, et c'est parti !</p>