Vmware template creation : Centos 7

# some variables
export ADMIN_USER=“admin”
export ADMIN_PUBLIC_KEY=“your public ssh key”
# install necessary and helpful components
yum y install nettools nano deltarpm wget bashcompletion yumpluginremovewithleaves yumutils
# install VM tools and perl for VMware VM customizations
yum y install openvmtools perl
# Stop logging services
systemctl stop rsyslog
service auditd stop
# Remove old kernels
packagecleanup y oldkernels count=1
# Clean out yum
yum clean all
# Force the logs to rotate & remove old logs we don’t need
/usr/sbin/logrotate /etc/logrotate.conf force
rm f /var/log/*???????? /var/log/*.gz
rm f /var/log/dmesg.old
rm rf /var/log/anaconda
# Truncate the audit logs (and other logs we want to keep placeholders for)
cat /dev/null > /var/log/audit/audit.log
cat /dev/null > /var/log/wtmp
cat /dev/null > /var/log/lastlog
cat /dev/null > /var/log/grubby
# Remove the traces of the template MAC address and UUIDs
sed i ‘/^\(HWADDR\|UUID\)=/d’ /etc/sysconfig/networkscripts/ifcfge*
# enable network interface onboot
sed i e ‘s@^ONBOOT=”no@ONBOOT=”yes@’ /etc/sysconfig/networkscripts/ifcfge*
# Clean /tmp out
rm rf /tmp/*
rm rf /var/tmp/*
# Remove the SSH host keys
rm f /etc/ssh/*key*
# configure sshd_config to only allow Pubkey Authentication
sed i r ‘s/^#?(PermitRootLogin|PasswordAuthentication|PermitEmptyPasswords) (yes|no)/\1 no/’ /etc/ssh/sshd_config
sed i r ‘s/^#?(PubkeyAuthentication) (yes|no)/\1 yes/’ /etc/ssh/sshd_config
# add user ‘ADMIN_USER’
adduser $ADMIN_USER
# add public SSH key
mkdir m 700 /home/$ADMIN_USER/.ssh
echo $ADMIN_PUBLIC_KEY > /home/$ADMIN_USER/.ssh/authorized_keys
chmod 600 /home/$ADMIN_USER/.ssh/authorized_keys
chown $ADMIN_USER:$ADMIN_USER /home/$ADMIN_USER/.ssh/authorized_keys
# add support for ssh-add
echo ‘eval $(ssh-agent) > /dev/null’ >> /home/$ADMIN_USER/.bashrc
# add user ‘ADMIN_USER’ to sudoers
echo “$ADMIN_USER    ALL = NOPASSWD: ALL” > /etc/sudoers.d/$ADMIN_USER
chmod 0440 /etc/sudoers.d/$ADMIN_USER
# Remove the root user’s SSH history
rm rf ~root/.ssh/
rm f ~root/anacondaks.cfg
# remove the root password
passwd d root
# for support guest customization of CentOS 7 in vSphere 5.5 and vCloud Air
# mv /etc/redhat-release /etc/redhat-release.old && touch /etc/redhat-release && echo ‘Red Hat Enterprise Linux Server release 7.0 (Maipo)’ > /etc/redhat-release
# Remove the root user’s shell history
history cw
# shutdown
init 0
(Visited 1 times, 1 visits today)

Leave A Comment

Your email address will not be published. Required fields are marked *