File clone-master-clean-up.1 of Package clone-master-clean-up.28030
.\"/* .\" * All rights reserved .\" * Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. .\" * Authors: Howard Guo <hguo@suse.com> .\" * .\" * This program is free software; you can redistribute it and/or .\" * modify it under the terms of the GNU General Public License .\" * as published by the Free Software Foundation; either version 2 .\" * of the License, or (at your option) any later version. .\" * .\" * This program is distributed in the hope that it will be useful, .\" * but WITHOUT ANY WARRANTY; without even the implied warranty of .\" * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the .\" * GNU General Public License for more details. .\" */ .\" .TH clone-master-clean-up "1" "September 2022" "" "Clean-Up For Cloning Preparation" .SH NAME clone\-master\-clean\-up - Clean up a system for cloning preparation. .SH OPTIONS The program does not accept command line options. .SH DESCRIPTION Clean up a system and delete all usage history to prepare it for being cloned. How to properly clean up a system to create a golden image is highly dependent on installed software, machine configuration, and how the image is supposed to be used. .RS 5 1. A golden image for fast and easy way to deploy a freshly installed base operating system (a so-called plain vanilla image). .PP 2. A golden image that is used during the life cycle management of a system or solution landscape. .PP .RE Life-cycle management images normally include custom additions beyond the base operating system which are needed on all rolled-out systems. This can include additional software, e.g. for backup, hardware support, or monitoring, and system configuration, e.g. the creation of additional local users and changes to configuration files such as 'sudoers' or 'pam'. .br Additionally, with the use case of a life cycle management image, there will be a very intensive test cycle of newly installed software and configuration before the golden image is created and rolled out. Such testing can lead a lot of additional log files and temporary data. .PP This means that the parts of the operating system which need to be cleaned up are different depending on the use case and that it can be counterproductive to remove some special files or directories. .PP For the use case of creating an clean operating system base installation, the standard scope of 'clone-master-clean-up' is generally sufficient. To allow customization for this use case, use the configuration file \fB/etc/sysconfig/clone-master-clean-up\fR. .br Here, you can configure the following behavior: .RS 5 /etc/sudoers is restored to original, and only root is allowed to run sudo. .RS 5 default: no .RE clean up user ids >= 1000 .RS 5 default: no .RE clean up all zypper repositories .RS 5 default: no .RE remove btrfs snapshots of root filesystem .RS 5 default: yes .RE (If the system is running on EC2) Allow ec2-user to run sudo password-less. .RS 5 default: no .RE .RE .PP For the use case of a life cycle management image, it's impossible to write a standard script which will fit all requirements. To enable this use case, clone-master-clean-up allows including a drop-in file containing paths to files and directories that are deleted in addition to doing the standard clean-ups. .PP For more information and examples, see \fB/usr/share/clone-master-clean-up/custom_remove.template\fR. Please copy the template file \fB/usr/share/clone-master-clean-up/custom_remove.template\fR to \fB/etc/clone-master-clean-up/custom_remove\fR and un-comment the parts you need or add additional parts which will fit your needs. .PP If the file \fB'/etc/clone-master-clean-up/custom_remove'\fR exists, all included files and directories will be picked up line by line and additionally removed from the golden image. .SH "CLEANED UP ITEMS" The program asks for confirmation before proceeding with cleanup. If you proceed by typing "YES" and enter, the following locations/items will be cleaned up (or deleted): .IP \[bu] SUSE registration, all software repositories. .IP \[bu] SSH host keys, root user SSH keys, root user authorized keys, root user shell history. .IP \[bu] User mails and user cron jobs. .IP \[bu] Temporary files under /tmp and /var/tmp. .IP \[bu] Log files and archived log files under /var/log. .IP \[bu] Auto-generated HANA firewall configuration script. .IP \[bu] System random seeds. .IP \[bu] Systemd journal. .IP \[bu] machine ID. .IP \[bu] Salt client ID. .IP \[bu] osad authentication configuration file and the system ID. .IP \[bu] Domain and host names. .IP \[bu] /etc/hostname, /etc/hosts, /etc/resolv.conf are restored to original. .IP \[bu] Persistent network interfaces (auto-generated 70-persistent-net.rules). .IP \[bu] YaST Firstboot is enabled if there is a firstboot.xml. .IP \[bu] Give root user a new password, optionally. .IP \[bu] Zypper anonymous ID .IP \[bu] Clean up postfix .IP \[bu] Swap the uuid strings with dev strings in /etc/fstab .IP \[bu] Clean up network files (except interfaces using dhcp boot protocol) .IP \[bu] Clean up collectd .IP \[bu] Clean up /root .IP \[bu] Clean up cache, crash and coredump .SH FILES .PP \fI/etc/sysconfig/clone-master-clean-up\fR .RS 4 Defines the behavior of clone-master-clean-up. .RE .PP \fI/usr/share/clone-master-clean-up/custom_remove.template\fR .RS 4 Template for a vendor/customer-specific drop-in file. Defines additional files and directories to clean up. .RE .PP \fI/etc/clone-master-clean-up/custom_remove\fR .RS 4 \'Operation-ready\' copy of the template file. If this file exists, clone-master-clean-up will remove files and directories that are listed in it. .RE .SH AUTHOR .NF Howard Guo <hguo@suse.com>, Angela Briel <abriel@suse.com>




