File config.sh of Package openSUSE-Leap-42.3-EC2-HVM-Guest

#!/bin/bash
#================
# FILE          : config.sh
#----------------
# PROJECT       : OpenSuSE KIWI Image System
# COPYRIGHT     : (c) 2015 SUSE LLC. All rights reserved
#               :
# AUTHOR        : Robert Schweikert <rjschwei@suse.com>
#               :
# BELONGS TO    : Operating System images
#               :
# DESCRIPTION   : configuration script for SUSE based
#               : operating systems
#               :
#               :
# STATUS        : BETA
#----------------
#======================================
# Functions...
#--------------------------------------
test -f /.kconfig && . /.kconfig
test -f /.profile && . /.profile

#======================================
# Greeting...
#--------------------------------------
echo "Configure image: [$kiwi_iname]..."

#======================================
# Setup baseproduct link
#--------------------------------------
suseSetupProduct

#======================================
# Setup the build keys
#--------------------------------------
suseImportBuildKey
# Cloud:Tools project key
rpm --import /opt/cloud-tools.key
rm /opt/cloud-tools.key

#=========================================
# Set sysconfig options
#-----------------------------------------

# These are all set by YaST but not by KIWI
baseUpdateSysConfig /etc/sysconfig/bootloader LOADER_TYPE grub2
baseUpdateSysConfig /etc/sysconfig/console CONSOLE_ENCODING "UTF-8"
baseUpdateSysConfig /etc/sysconfig/console CONSOLE_FONT "eurlatgr.psfu"
baseUpdateSysConfig /etc/sysconfig/console CONSOLE_SCREENMAP "none"
baseUpdateSysConfig /etc/sysconfig/kernel INITRD_MODULES "ext4"
baseUpdateSysConfig /etc/sysconfig/keyboard COMPOSETABLE "clear latin1.add"
baseUpdateSysConfig /etc/sysconfig/language INSTALLED_LANGUAGES ""
baseUpdateSysConfig /etc/sysconfig/language RC_LANG "en_US.UTF-8"
baseUpdateSysConfig /etc/sysconfig/mouse MOUSEDEVICE ""
baseUpdateSysConfig /etc/sysconfig/network/config NETCONFIG_MODULES_ORDER "cloud-netconfig dns-resolver dns-bind dns-dnsmasq nis ntp-runtime"
baseUpdateSysConfig /etc/sysconfig/network/dhcp DHCLIENT_SET_HOSTNAME no
baseUpdateSysConfig /etc/sysconfig/network/dhcp WRITE_HOSTNAME_TO_HOSTS no
baseUpdateSysConfig /etc/sysconfig/security POLKIT_DEFAULT_PRIVS restrictive
baseUpdateSysConfig /etc/sysconfig/suseconfig CWD_IN_USER_PATH no
baseUpdateSysConfig /etc/sysconfig/SuSEfirewall2 FW_LOAD_MODULES "nf_conntrack_netbios_ns"
baseUpdateSysConfig /etc/sysconfig/SuSEfirewall2 FW_DEV_EXT "any eth0"
baseUpdateSysConfig /etc/sysconfig/SuSEfirewall2 FW_LOG_DROP_CRIT yes
baseUpdateSysConfig /etc/sysconfig/SuSEfirewall2 FW_LOG_DROP_ALL no
baseUpdateSysConfig /etc/sysconfig/SuSEfirewall2 FW_LOG_ACCEPT_CRIT yes
baseUpdateSysConfig /etc/sysconfig/SuSEfirewall2 FW_LOG_ACCEPT_ALL no
baseUpdateSysConfig /etc/sysconfig/SuSEfirewall2 FW_ALLOW_FW_BROADCAST_EXT no
baseUpdateSysConfig /etc/sysconfig/SuSEfirewall2 FW_ALLOW_FW_BROADCAST_INT no
baseUpdateSysConfig /etc/sysconfig/SuSEfirewall2 FW_ALLOW_FW_BROADCAST_DMZ no
baseUpdateSysConfig /etc/sysconfig/SuSEfirewall2 FW_IGNORE_FW_BROADCAST_INT no
baseUpdateSysConfig /etc/sysconfig/SuSEfirewall2 FW_IGNORE_FW_BROADCAST_DMZ no
baseUpdateSysConfig /etc/sysconfig/SuSEfirewall2 FW_IPSEC_TRUST no
baseUpdateSysConfig /etc/sysconfig/windowmanager X_MOUSE_CURSOR ""
baseUpdateSysConfig /etc/sysconfig/windowmanager DEFAULT_WM ""

# New entries in sysconfig
echo 'DEFAULT_TIMEZONE="UTC"' >> /etc/sysconfig/clock

echo '
# The YaST-internal identifier of the attached keyboard.
#
YAST_KEYBOARD="english-us,pc104"' >> /etc/sysconfig/keyboard

echo '
# The full name of the attached mouse.
#
FULLNAME=""

# The YaST-internal identifier of the attached mouse.
#
YAST_MOUSE="none"

# Mouse device used for the X11 system.
#
XMOUSEDEVICE=""

# The number of buttons of the attached mouse.
#
BUTTONS="0"

# The number of wheels of the attached mouse.
#
WHEELS="0"' >> /etc/sysconfig/mouse

echo 'DISPLAYMANAGER_SHUTDOWN="root"
DISPLAYMANAGER=""
DISPLAYMANAGER_REMOTE_ACCESS="no"
DISPLAYMANAGER_ROOT_LOGIN_REMOTE="no"' > /etc/sysconfig/displaymanager

rm /etc/sysconfig/mcelog

# Setup policy kit
[ -x /sbin/set_polkit_default_privs ] && /sbin/set_polkit_default_privs

egrep -q '^xvc0$' /etc/securetty || echo xvc0 >> /etc/securetty

[ -f /etc/modprobe.d/unsupported-modules ] && sed -i -r -e 's/^(allow_unsupported_modules[[:space:]]*).*/\10/' /etc/modprobe.d/unsupported-modules

# Disable password based login via ssh
sed -i 's/#ChallengeResponseAuthentication yes/ChallengeResponseAuthentication no/' /etc/ssh/sshd_config

# Remove the password for root
# Note the string matches the password set in the config file
sed -i 's/$1$wYJUgpM5$RXMMeASDc035eX.NbYWFl0/*/' /etc/shadow

#========================================
# Files that may vary from build to build
#----------------------------------------

# Keep track of files with randomly created unique IDs or random numbers
function random_file() { true ; }
random_file /etc/ntp.keys
random_file /var/lib/dbus/machine-id
random_file /var/lib/zypp/AnonymousUniqueId

# Keep track of files with embedded timestamps
function timestamp_file() { true ; }
timestamp_file /etc/gconf/gconf.xml.schemas/%gconf-tree.xml

# These caches are based only on data on the filesystem (system independent)
function cache_file() { true ; }
cache_file filesonly /usr/share/info/dir


#======================================
# Activate services
#--------------------------------------
suseInsertService boot.device-mapper
#suseInsertService docker
suseInsertService cloud-init-local
suseInsertService cloud-init
suseInsertService cloud-config
suseInsertService cloud-final
suseInsertService haveged
suseInsertService sshd
suseRemoveService boot.efivars
suseRemoveService boot.lvm
suseRemoveService boot.md
suseRemoveService boot.multipath
suseRemoveService kbd
suseRemoveService acpid 

# Cleanup
rm /var/lib/rpm/__db.*

#======================================
# Umount kernel filesystems
#--------------------------------------
baseCleanMount

exit 0