Fix urls

Drop yandex-browser-release
Fix typo
23 changed files with 1218 additions and 4245 deletions
--- a/MSVSphere-9-ARM-NexTouch.ks
+++ b/MSVSphere-9-ARM-NexTouch.ks
@ -0,0 +1,824 @@
 # Generated by pykickstart v3.36
 #version=DEVEL
 # X Window System configuration information
 xconfig  --startxonboot
 # Keyboard layouts
 keyboard --vckeymap=ru --xlayouts='us','ru' --switch='grp:alt_shift_toggle','grp_led:scroll'
 # Root password
 rootpw --iscrypted --lock locked
 # System language (DO NOT CHANGE IF LIVEMEDIA-CREATOR IN USE)
 lang en_US.UTF-8 --addsupport=ru_RU.UTF-8
 # Shutdown after installation
 shutdown
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Firewall configuration
 firewall --enabled --service=mdns,samba,samba-client
 # Use network installation
 url --url="https://rsync.inferitos.ru/msvsphere/9/BaseOS/$basearch/os/"
 repo --name="BaseOS" --baseurl=https://rsync.inferitos.ru/msvsphere/9/BaseOS/x86_64/os/ --cost=200
 repo --name="AppStream" --baseurl=https://rsync.inferitos.ru/msvsphere/9/AppStream/x86_64/os/ --cost=200
 repo --name="Extras" --baseurl=https://rsync.inferitos.ru/msvsphere/9/Extras/x86_64/os/ --cost=200
 repo --name="Draw" --baseurl=http://jupiter.tigro.info/alma/draw/ --cost=200
 #repo --name="yandex-browser" --baseurl=https://repo.yandex.ru/yandex-browser/rpm/stable/x86_64/ --cost=200
 # System timezone
 timezone Europe/Moscow
 # SELinux configuration
 selinux --enforcing
 # System services
 services --disabled="sshd" --enabled="NetworkManager,ModemManager"
 # System bootloader configuration
 bootloader --location=none
 # Clear the Master Boot Record
 zerombr
 # Partition clearing information
 clearpart --all
 # Disk partitioning information
 part / --fstype="ext4" --size=5120
 part / --size=7750
 %post
 # FIXME: it'd be better to get this installed from a package
 cat > /etc/rc.d/init.d/livesys << EOF
 #!/bin/bash
 #
 # live: Init script for live image
 #
 # chkconfig: 345 00 99
 # description: Init script for live image.
 ### BEGIN INIT INFO
 # X-Start-Before: display-manager chronyd
 ### END INIT INFO
 . /etc/init.d/functions
 if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then
    exit 0
 fi
 if [ -e /.liveimg-configured ] ; then
    configdone=1
 fi
 exists() {
    which \$1 >/dev/null 2>&1 || return
    \$*
 }
 livedir="LiveOS"
 for arg in \`cat /proc/cmdline\` ; do
  if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then
    livedir=\${arg##rd.live.dir=}
    continue
  fi
  if [ "\${arg##live_dir=}" != "\${arg}" ]; then
    livedir=\${arg##live_dir=}
  fi
 done
 # Enable swap unless requested otherwise
 swaps=\`blkid -t TYPE=swap -o device\`
 if ! strstr "\`cat /proc/cmdline\`" noswap && [ -n "\$swaps" ] ; then
  for s in \$swaps ; do
    action "Enabling swap partition \$s" swapon \$s
  done
 fi
 if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then
  action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img
 fi
 # Support for persistent homes
 mountPersistentHome() {
  # support label/uuid
  if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then
    homedev=\`/sbin/blkid -o device -t "\$homedev"\`
  fi
  # if we're given a file rather than a blockdev, loopback it
  if [ "\${homedev##mtd}" != "\${homedev}" ]; then
    # mtd devs don't have a block device but get magic-mounted with -t jffs2
    mountopts="-t jffs2"
  elif [ ! -b "\$homedev" ]; then
    loopdev=\`losetup -f\`
    if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then
      action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live
    fi
    losetup \$loopdev \$homedev
    homedev=\$loopdev
  fi
  # if it's encrypted, we need to unlock it
  if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then
    echo
    echo "Setting up encrypted /home device"
    plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome"
    homedev=/dev/mapper/EncHome
  fi
  # and finally do the mount
  mount \$mountopts \$homedev /home
  # if we have /home under what's passed for persistent home, then
  # we should make that the real /home.  useful for mtd device on olpc
  if [ -d /home/home ]; then mount --bind /home/home /home ; fi
  [ -x /sbin/restorecon ] && /sbin/restorecon /home
  if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi
 }
 # Help locate persistent homes
 findPersistentHome() {
  for arg in \`cat /proc/cmdline\` ; do
    if [ "\${arg##persistenthome=}" != "\${arg}" ]; then
      homedev=\${arg##persistenthome=}
    fi
  done
 }
 if strstr "\`cat /proc/cmdline\`" persistenthome= ; then
  findPersistentHome
 elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then
  homedev=/run/initramfs/live/\${livedir}/home.img
 fi
 # Mount the persistent home if it's available
 if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then
  action "Mounting persistent /home" mountPersistentHome
 fi
 if [ -n "\$configdone" ]; then
  exit 0
 fi
 # Create the liveuser (no password) so automatic logins and sudo works
 action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser
 passwd -d liveuser > /dev/null
 usermod -aG wheel liveuser > /dev/null
 # Same for root
 passwd -d root > /dev/null
 # Turn off firstboot (similar to a DVD/minimal install, where it asks
 # for the user to accept the EULA before bringing up a TTY)
 systemctl --no-reload disable firstboot-text.service 2> /dev/null || :
 systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || :
 systemctl stop firstboot-text.service 2> /dev/null || :
 systemctl stop firstboot-graphical.service 2> /dev/null || :
 # Prelinking damages the images
 sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || :
 # Turn off mdmonitor by default
 systemctl --no-reload disable mdmonitor.service 2> /dev/null || :
 systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || :
 systemctl stop mdmonitor.service 2> /dev/null || :
 systemctl stop mdmonitor-takeover.service 2> /dev/null || :
 # Even if there isn't gnome, this doesn't hurt.
 gsettings set org.gnome.software download-updates 'false' || :
 # Disable cron
 systemctl --no-reload disable crond.service 2> /dev/null || :
 systemctl --no-reload disable atd.service 2> /dev/null || :
 systemctl stop crond.service 2> /dev/null || :
 systemctl stop atd.service 2> /dev/null || :
 # Disable abrt
 systemctl --no-reload disable abrtd.service 2> /dev/null || :
 systemctl stop abrtd.service 2> /dev/null || :
 # Don't sync the system clock when running live (RHBZ #1018162)
 sed -i 's/rtcsync//' /etc/chrony.conf
 # Mark things as configured
 touch /.liveimg-configured
 # add static hostname to work around xauth bug
 # https://bugzilla.redhat.com/show_bug.cgi?id=679486
 # the hostname must be something else than 'localhost'
 # https://bugzilla.redhat.com/show_bug.cgi?id=1370222
 echo "localhost-live" > /etc/hostname
 ## add us,ru layouts by default
 cat > /usr/share/glib-2.0/schemas/org.gnome.desktop.input-sources.gschema.override << FOE
 [org.gnome.desktop.input-sources]
 sources=[('xkb', 'us'), ('xkb', 'ru')]
 mru-sources=[('xkb', 'us'), ('xkb', 'ru')]
 xkb-options=['grp:alt_shift_toggle', 'grp_led:scroll']
 FOE
 # rebuild schema cache with any overrides we installed
 glib-compile-schemas /usr/share/glib-2.0/schemas
 EOF
 # HAL likes to start late.
 cat > /etc/rc.d/init.d/livesys-late << EOF
 #!/bin/bash
 #
 # live: Late init script for live image
 #
 # chkconfig: 345 99 01
 # description: Late init script for live image.
 . /etc/init.d/functions
 if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then
    exit 0
 fi
 exists() {
    which \$1 >/dev/null 2>&1 || return
    \$*
 }
 touch /.liveimg-late-configured
 # Read some stuff out of the kernel cmdline
 for o in \`cat /proc/cmdline\` ; do
    case \$o in
    ks=*)
        ks="--kickstart=\${o#ks=}"
        ;;
    xdriver=*)
        xdriver="\${o#xdriver=}"
        ;;
    esac
 done
 # If liveinst or textinst is given, start installer
 if strstr "\`cat /proc/cmdline\`" liveinst ; then
   plymouth --quit
   /usr/sbin/liveinst \$ks
 fi
 if strstr "\`cat /proc/cmdline\`" textinst ; then
   plymouth --quit
   /usr/sbin/liveinst --text \$ks
 fi
 # Configure X, allowing user to override xdriver
 if [ -n "\$xdriver" ]; then
   cat > /etc/X11/xorg.conf.d/00-xdriver.conf <<FOE
 Section "Device"
 	Identifier	"Videocard0"
 	Driver	"\$xdriver"
 EndSection
 FOE
 fi
 EOF
 chmod 755 /etc/rc.d/init.d/livesys
 /sbin/restorecon /etc/rc.d/init.d/livesys
 /sbin/chkconfig --add livesys
 chmod 755 /etc/rc.d/init.d/livesys-late
 /sbin/restorecon /etc/rc.d/init.d/livesys-late
 /sbin/chkconfig --add livesys-late
 # Enable tmpfs for /tmp - this is a good idea
 systemctl enable tmp.mount
 # make it so that we don't do writing to the overlay for things which
 # are just tmpdirs/caches
 # note https://bugzilla.redhat.com/show_bug.cgi?id=1135475
 cat >> /etc/fstab << EOF
 vartmp   /var/tmp    tmpfs   defaults   0  0
 EOF
 # PackageKit likes to play games. Let's fix that.
 rm -f /var/lib/rpm/__db*
 releasever=$(rpm -q --qf '%{version}\n' --whatprovides system-release)
 basearch=$(uname -i)
 rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-MSVSphere-9
 echo "Packages within this LiveCD"
 rpm -qa
 # Note that running rpm recreates the rpm db files which aren't needed or wanted
 rm -f /var/lib/rpm/__db*
 # go ahead and pre-make the man -k cache (#455968)
 /usr/bin/mandb
 # make sure there aren't core files lying around
 rm -f /core*
 # remove random seed, the newly installed instance should make it's own
 rm -f /var/lib/systemd/random-seed
 # convince readahead not to collect
 # FIXME: for systemd
 echo 'File created by kickstart. See systemd-update-done.service(8).' \
    | tee /etc/.updated >/var/.updated
 # Drop the rescue kernel and initramfs, we don't need them on the live media itself.
 # See bug 1317709
 rm -f /boot/*-rescue*
 # Disable network service here, as doing it in the services line
 # fails due to RHBZ #1369794 - the error is expected
 /sbin/chkconfig network off
 # Remove machine-id on generated images
 rm -f /etc/machine-id
 touch /etc/machine-id
 %end
 %post --nochroot
 cp $INSTALL_ROOT/usr/share/licenses/*-release/* $LIVE_ROOT/
 # This only works on x86_64
 if [ "$(uname -i)" = "i386" -o "$(uname -i)" = "x86_64" ]; then
    # For livecd-creator builds
    if [ ! -d $LIVE_ROOT/LiveOS ]; then mkdir -p $LIVE_ROOT/LiveOS ; fi
    cp /usr/bin/livecd-iso-to-disk $LIVE_ROOT/LiveOS
    # For lorax/livemedia-creator builds
    sed -i '
    /## make boot.iso/ i\
    # Add livecd-iso-to-disk script to .iso filesystem at /LiveOS/\
    <% f = "usr/bin/livecd-iso-to-disk" %>\
    %if exists(f):\
        install ${f} ${LIVEDIR}/${f|basename}\
    %endif\
    ' /usr/share/lorax/templates.d/99-generic/live/x86.tmpl
 fi
 %end
 %post
 cat >> /etc/rc.d/init.d/livesys << EOF
 # disable gnome-software automatically downloading updates
 cat >> /usr/share/glib-2.0/schemas/org.gnome.software.gschema.override << FOE
 [org.gnome.software]
 allow-updates=false
 download-updates=false
 FOE
 # don't autostart gnome-software session service
 rm -f /etc/xdg/autostart/gnome-software-service.desktop
 # disable the gnome-software shell search provider
 cat >> /usr/share/gnome-shell/search-providers/org.gnome.Software-search-provider.ini << FOE
 DefaultDisabled=true
 FOE
 # don't run gnome-initial-setup
 mkdir ~liveuser/.config
 touch ~liveuser/.config/gnome-initial-setup-done
 # suppress anaconda spokes redundant with gnome-initial-setup
 cat >> /etc/sysconfig/anaconda << FOE
 [NetworkSpoke]
 visited=1
 [PasswordSpoke]
 visited=1
 [UserSpoke]
 visited=1
 FOE
 # make the installer show up
 if [ -f /usr/share/applications/liveinst.desktop ]; then
  # Show harddisk install in shell dash
  sed -i -e 's/NoDisplay=true/NoDisplay=false/' /usr/share/applications/liveinst.desktop ""
  # need to move it to anaconda.desktop to make shell happy
  mv /usr/share/applications/liveinst.desktop /usr/share/applications/anaconda.desktop
  cat > /usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override << FOE
 [org.gnome.shell]
 favorite-apps=['chromium-browser.desktop', 'evolution.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop', 'anaconda.desktop']
 enabled-extensions=['background-logo@fedorahosted.org', 'appindicatorsupport@rgcjonas.gmail.com', 'dash-to-panel@jderose9.github.com', 'ding@rastersoft.com', 'arcmenu@arcmenu.com', 'no-overview@fthx', 'notification-banner-reloaded@marcinjakubowski.github.com', 'disable-gestures-2021@verycrazydog.gmail.com']
 FOE
  # Make the welcome screen show up
  if [ -f /usr/share/anaconda/gnome/fedora-welcome.desktop ]; then
    mkdir -p ~liveuser/.config/autostart
    cp /usr/share/anaconda/gnome/fedora-welcome.desktop /usr/share/applications/
    cp /usr/share/anaconda/gnome/fedora-welcome.desktop ~liveuser/.config/autostart/
  fi
  # Disable GNOME welcome tour so it doesn't overlap with Fedora welcome screen
  cat >> /usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override << FOE
 welcome-dialog-last-shown-version='4294967295'
 FOE
  # Copy Anaconda branding in place
  if [ -d /usr/share/lorax/product/usr/share/anaconda ]; then
    cp -a /usr/share/lorax/product/* /
  fi
 fi
 # rebuild schema cache with any overrides we installed
 glib-compile-schemas /usr/share/glib-2.0/schemas
 # set up auto-login
 cat > /etc/gdm/custom.conf << FOE
 [daemon]
 WaylandEnable=false
 DefaultSession=gnome-xorg.desktop
 AutomaticLoginEnable=True
 AutomaticLogin=liveuser
 FOE
 # Turn off PackageKit-command-not-found while uninstalled
 if [ -f /etc/PackageKit/CommandNotFound.conf ]; then
  sed -i -e 's/^SoftwareSourceSearch=true/SoftwareSourceSearch=false/' /etc/PackageKit/CommandNotFound.conf
 fi
 # make sure to set the right permissions and selinux contexts
 chown -R liveuser:liveuser /home/liveuser/
 restorecon -R /home/liveuser/
 restorecon -R /
 EOF
 %end
 %post
 ## fix dns to update ffmpeg
 #echo "nameserver 8.8.8.8" >> /etc/resolv.conf
 ## update yandex-browser multimedia
 ## /opt/yandex/browser/update-ffmpeg
 ## add flathub
 #flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
 ## drop resolve.conf
 #rm -f /etc/resolv.conf
 # fix Samba overview
 #firewall-cmd --set-default-zone=internal
 # set Russian locale (hot fix for livemedia-creator bug)
 cat > /etc/locale.conf << FOE
 LANG="ru_RU.UTF-8"
 FOE
 cat > /etc/gdm/custom.conf << FOE
 # GDM configuration storage
 [daemon]
 # Uncomment the line below to force the login screen to use Xorg
 WaylandEnable=false
 DefaultSession=gnome-xorg.desktop
 [security]
 [xdmcp]
 [chooser]
 [debug]
 # Uncomment the line below to turn on debugging
 #Enable=true
 FOE
 # Enable selinuxuser_execmod bool
 /usr/sbin/setsebool -P selinuxuser_execmod 1
 %end
 %post
 cat > /usr/bin/clean-home << FOE
 #!/bin/sh
 if zenity --question --title "Очистить домашний каталог?" --text="Если выберете Да, то после выхода из системы все файлы в домашнем каталоге пользователя будут удалены."; then
    if id | grep -q panelusers; then
            shopt -s dotglob
            rm -rf \$HOME/*
            cp -r /etc/skel/* \$HOME/
    fi
 fi
 /usr/bin/gnome-session-quit --logout --no-prompt
 FOE
 cat > /usr/share/applications/gnome-clean-session.desktop << FOE
 [Desktop Entry]
 Name=Quit Session
 Name[ru]=Выйти из сеанса
 Comment[ru]=Выход из сеанса GNOME
 Comment=Qiit GNOME Session
 Exec=/usr/bin/clean-home
 Icon=gnome-shutdown
 Terminal=false
 Type=Application
 StartupNotify=true
 Categories=GNOME;GTK;System;
 Keywords=clean;clear;logout;exit;delete;remove;
 Keywords[ru]=очистить;выход;выйти;удалить;
 FOE
 cat > /usr/bin/gnome-auto-config << FOE
 #!/bin/sh
 if [ -f "\$HOME/.firststart" ]; then
    if id | grep -q panelusers; then
        dconf load -f / < /etc/default-gnome-settings
        rm -f \$HOME/.firststart
    fi
 fi
 FOE
 cat > /etc/default-gnome-settings << FOE
 [ca/desrt/dconf-editor]
 saved-pathbar-path='/desktop/gnome/crypto/cache/'
 saved-view='/desktop/gnome/crypto/cache/'
 show-warning=false
 window-height=1119
 window-is-maximized=false
 window-width=1272
 [org/gnome/control-center]
 last-panel='keyboard'
 [org/gnome/desktop/app-folders]
 folder-children=['Utilities', 'YaST']
 [org/gnome/desktop/app-folders/folders/Utilities]
 apps=['gnome-abrt.desktop', 'gnome-system-log.desktop', 'nm-connection-editor.desktop', 'org.gnome.baobab.desktop', 'org.gnome.Connections.desktop', 'org.gnome.DejaDup.desktop', 'org.gnome.Dictionary.desktop', 'org.gnome.DiskUtility.desktop', 'org.gnome.eog.desktop', 'org.gnome.Evince.desktop', 'org.gnome.FileRoller.desktop', 'org.gnome.fonts.desktop', 'org.gnome.seahorse.Application.desktop', 'org.gnome.tweaks.desktop', 'org.gnome.Usage.desktop', 'vinagre.desktop']
 categories=['X-GNOME-Utilities']
 name='X-GNOME-Utilities.directory'
 translate=true
 [org/gnome/desktop/app-folders/folders/YaST]
 categories=['X-SuSE-YaST']
 name='suse-yast.directory'
 translate=true
 [org/gnome/desktop/input-sources]
 mru-sources=[('xkb', 'us'), ('xkb', 'ru')]
 per-window=false
 sources=[('xkb', 'us'), ('xkb', 'ru')]
 xkb-options=['grp:alt_shift_toggle', 'lv3:ralt_switch']
 [org/gnome/desktop/notifications]
 application-children=['drawviewc', 'org-gnome-terminal', 'org-gnome-nautilus']
 [org/gnome/desktop/notifications/application/drawviewc]
 application-id='drawviewc.desktop'
 [org/gnome/desktop/notifications/application/org-gnome-nautilus]
 application-id='org.gnome.Nautilus.desktop'
 [org/gnome/desktop/notifications/application/org-gnome-terminal]
 application-id='org.gnome.Terminal.desktop'
 [org/gnome/desktop/peripherals/touchpad]
 natural-scroll=false
 speed=0.49264705882352944
 two-finger-scrolling-enabled=true
 [org/gnome/desktop/wm/keybindings]
 panel-main-menu=@as []
 panel-run-dialog=@as []
 [org/gnome/evolution-data-server]
 migrated=true
 network-monitor-gio-name=''
 [org/gnome/gnome-session]
 logout-prompt=false
 [org/gnome/login-screen]
 enable-fingerprint-authentication=true
 enable-password-authentication=true
 enable-smartcard-authentication=false
 [org/gnome/mutter]
 overlay-key=''
 [org/gnome/nautilus/preferences]
 default-folder-viewer='list-view'
 search-filter-time-type='last_modified'
 search-view='list-view'
 [org/gnome/nautilus/window-state]
 initial-size=(1124, 797)
 maximized=false
 [org/gnome/shell]
 command-history=['r']
 disable-user-extensions=false
 disabled-extensions=['appindicatorsupport@rgcjonas.gmail.com', 'arcmenu@arcmenu.com', 'ding@rastersoft.com', 'window-list@gnome-shell-extensions.gcampax.github.com', 'drive-menu@gnome-shell-extensions.gcampax.github.com', 'apps-menu@gnome-shell-extensions.gcampax.github.com']
 enabled-extensions=['no-overview@fthx', 'background-logo@fedorahosted.org', 'Hide_Activities@shay.shayel.org', 'notification-banner-reloaded@marcinjakubowski.github.com', 'dash-to-panel@jderose9.github.com', 'disable-background-menu@git.wongwanchap.mo', 'disable-gestures-2021@verycrazydog.gmail.com']
 favorite-apps=['gnome-clean-session.desktop', 'chromium-browser.desktop', 'org.gnome.Nautilus.desktop', 'io.github.celluloid_player.Celluloid.desktop', 'com.github.xournalpp.xournalpp.desktop', 'drawviewc.desktop']
 welcome-dialog-last-shown-version='40.10'
 [org/gnome/shell/extensions/arcmenu]
 available-placement=[false, true, false]
 pinned-app-list=['Веб-браузер Chromium', '', 'chromium-browser.desktop', 'Files', '', 'org.gnome.Nautilus.desktop', 'Terminal', '', 'org.gnome.Terminal.desktop', 'ArcMenu Settings', 'ArcMenu_ArcMenuIcon', 'gnome-extensions prefs arcmenu@arcmenu.com']
 [org/gnome/shell/extensions/dash-to-panel]
 animate-appicon-hover-animation-extent={'RIPPLE': 4, 'PLANK': 4, 'SIMPLE': 1}
 appicon-margin=8
 appicon-padding=4
 available-monitors=[0]
 hotkeys-overlay-combo='TEMPORARILY'
 leftbox-padding=-1
 panel-anchors='{"0":"MIDDLE"}'
 panel-element-positions='{"0":[{"element":"showAppsButton","visible":false,"position":"stackedTL"},{"element":"activitiesButton","visible":false,"position":"stackedTL"},{"element":"leftBox","visible":true,"position":"stackedTL"},{"element":"taskbar","visible":true,"position":"stackedTL"},{"element":"centerBox","visible":true,"position":"stackedBR"},{"element":"rightBox","visible":true,"position":"stackedBR"},{"element":"dateMenu","visible":true,"position":"stackedBR"},{"element":"systemMenu","visible":false,"position":"stackedBR"},{"element":"desktopButton","visible":true,"position":"stackedBR"}],"1":[{"element":"showAppsButton","visible":false,"position":"stackedTL"},{"element":"activitiesButton","visible":false,"position":"stackedTL"},{"element":"leftBox","visible":true,"position":"stackedTL"},{"element":"taskbar","visible":true,"position":"stackedTL"},{"element":"centerBox","visible":true,"position":"stackedBR"},{"element":"rightBox","visible":true,"position":"stackedBR"},{"element":"dateMenu","visible":true,"position":"stackedBR"},{"element":"systemMenu","visible":true,"position":"stackedBR"},{"element":"desktopButton","visible":true,"position":"stackedBR"}]}'
 panel-lengths='{"0":100}'
 panel-sizes='{"0":48}'
 show-appmenu=false
 show-apps-icon-file=''
 show-favorites=true
 show-running-apps=true
 status-icon-padding=-1
 tray-padding=-1
 window-preview-title-position='TOP'
 [org/gnome/shell/keybindings]
 toggle-application-view=['<Primary><Shift>a']
 [org/gnome/software]
 check-timestamp=int64 1697017645
 [org/gnome/terminal/legacy/profiles:/:b1dcc9dd-5262-4d8d-a863-c897e6d979b9]
 audible-bell=false
 [org/gnome/tweaks]
 show-extensions-notice=false
 [org/gtk/gtk4/settings/file-chooser]
 date-format='regular'
 location-mode='path-bar'
 show-hidden=false
 show-size-column=true
 show-type-column=true
 sidebar-width=184
 sort-column='name'
 sort-directories-first=false
 sort-order='ascending'
 type-format='category'
 window-size=(1027, 356)
 FOE
 cat > /var/lib/polkit-1/localauthority/10-vendor.d/20-disk.pkla << FOE
 [Disable mount]
 Identity=unix-group:panelusers
 Action=org.freedesktop.udisks2.filesystem-mount
 ResultAny=no
 ResultInactive=no
 ResultActive=no
 FOE
 cat > /etc/xdg/autostart/gnome-auto-config.desktop << FOE
 [Desktop Entry]
 Type=Application
 Name=Auto Config GNOME
 TryExec=gnome-auto-config
 Exec=gnome-auto-config
 StartupNotify=false
 NoDisplay=true
 X-GNOME-Autostart-Phase=Initialization
 X-KDE-autostart-phase=1
 FOE
 cat > /usr/bin/nextouch-addusers << FOE
 #!/bin/bash
 if grep panelusers /etc/group;
    then echo OK &> /dev/null;
    else groupadd -g 12012 panelusers &> /dev/null ;
 fi
 echo "
 Введите имя пользователя, наприимер user, в конечном результате имена пользователей будут выглядеть user1, user2...user60.
 "
 read username
 for ((i=1;i<61;i++)); do 
    userdel -r \$username\$i &> /dev/null
    adduser \$username\$i -G panelusers &> /dev/null
    passwd -d \$username\$i &> /dev/null
 done
 FOE
 chmod +x /usr/bin/gnome-auto-config /usr/bin/clean-home /usr/bin/nextouch-addusers
 touch /etc/skel/.firststart
 %end
 %packages
@anaconda-tools
@base-x
@core
@fonts
@gnome-desktop
@guest-desktop-agents
@hardware-support
@internet-browser
@multimedia
@networkmanager-submodules
@print-client
@workstation-product
 aajohan-comfortaa-fonts
 anaconda
 anaconda-install-env-deps
 anaconda-live
 chkconfig
 dracut-live
 glibc-all-langpacks
 initscripts
 kernel
 kernel-modules
 kernel-modules-extra
 libreoffice-calc
 libreoffice-emailmerge
 libreoffice-graphicfilter
 libreoffice-impress
 libreoffice-writer
 memtest86+
 syslinux
 efi-filesystem
 efivar-libs
 efibootmgr
 grub2-common
 grub2-efi-*64
 grub2-efi-*64-cdboot
 grub2-pc-modules
 grub2-tools
 grub2-tools-efi
 grub2-tools-extra
 grub2-tools-minimal
 grubby
 shim-*64
 -shim-unsigned-*64
 -@dial-up
 -@input-methods
 -@standard
 -gfs2-utils
 -reiserfs-utils
 -firefox
 -mozilla-openh264
 gnome-shell-extension-dash-to-panel
 gnome-shell-extension-appindicator
 gnome-shell-extension-places-menu
 gnome-shell-extension-desktop-icons-ng
 gnome-shell-extension-top-icons
 gnome-shell-extension-drive-menu
 gnome-shell-extension-arcmenu
 gnome-shell-extension-no-overview
 gnome-extensions-app
 #yandex-browser-stable
 kora-icon-theme
 gnome-tweaks
 remmina
 hardinfo
 fontconfig-enhanced-defaults
 fontconfig-font-replacements
 google-roboto-condensed-fonts
 msvsphere-configs-gnome
 mc
 samba-common-tools
 samba-client
 realmd
 oddjob
 oddjob-mkhomedir
 sssd
 adcli
 krb5-workstation
 chromium
 samba-winbind-clients
 pipewire-module-xrdp
 gparted
 mpv
 liberation-narrow-fonts
 totem-video-thumbnailer
 -totem
 yandex-browser-release
 sphere-release-identity-arm
 NetworkManager-l2tp-gnome
 NetworkManager-openvpn-gnome
 NetworkManager-openconnect-gnome
 NetworkManager-libreswan-gnome
 NetworkManager-pptp-gnome
 system-config-printer
 hplip
 simple-scan
 ntfs-3g
 ntfs-3g-system-compression
 alsa-firmware
 compat-openssl11
 gnome-calendar
 # Russian Staff
 autocorr-ru
 glibc-langpack-ru
 hunspell-ru
 hyphen-ru
 langpacks-ru
 libreoffice-help-ru
 libreoffice-langpack-ru
 mythes-ru
 # Next Touch
 drawviewc
 xournalpp
 gnome-shell-extension-disable-background-menu
 gnome-shell-extension-disable-gestures-2021
 %end
--- a/Rocky-9-Workstation-Lite.ks
+++ b/Rocky-9-Workstation-Lite.ks
@ -3,25 +3,25 @@
 # X Window System configuration information
 xconfig  --startxonboot
 # Keyboard layouts
-keyboard 'us'
+keyboard --vckeymap=ru --xlayouts='us','ru' --switch='grp:alt_shift_toggle','grp_led:scroll'
 # Root password
 rootpw --iscrypted --lock locked
-# System language
+# System language (DO NOT CHANGE IF LIVEMEDIA-CREATOR IN USE)
-lang en_US.UTF-8
+lang en_US.UTF-8 --addsupport=ru_RU.UTF-8
 # Shutdown after installation
 shutdown
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Firewall configuration
-firewall --enabled --service=mdns
+firewall --enabled --service=mdns,samba,samba-client
 # Use network installation
-url --url="http://dl.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/"
+url --url="https://build.msvsphere.test/kojifiles/pungi/compose/latest-MSVSphere-9/compose/BaseOS/x86_64/os/"
-repo --name="BaseOS" --baseurl=http://dl.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/ --cost=200
+repo --name="BaseOS" --baseurl=https://build.msvsphere.test/kojifiles/pungi/compose/latest-MSVSphere-9/compose/BaseOS/x86_64/os/ --cost=200
-repo --name="AppStream" --baseurl=http://dl.rockylinux.org/stg/rocky/9/AppStream/$basearch/os/ --cost=200
+repo --name="AppStream" --baseurl=https://build.msvsphere.test/kojifiles/pungi/compose/latest-MSVSphere-9/compose/AppStream/x86_64/os/ --cost=200
-repo --name="CRB" --baseurl=http://dl.rockylinux.org/stg/rocky/9/CRB/$basearch/os/ --cost=200
+repo --name="Extras" --baseurl=https://build.msvsphere.test/kojifiles/pungi/compose/latest-MSVSphere-9/compose/Extras/x86_64/os/ --cost=200
-repo --name="extras" --baseurl=http://dl.rockylinux.org/stg/rocky/9/extras/$basearch/os --cost=200
+#repo --name="yandex-browser" --baseurl=https://repo.yandex.ru/yandex-browser/rpm/stable/x86_64/ --cost=200
 # System timezone
-timezone US/Eastern
+timezone Europe/Moscow
 # SELinux configuration
 selinux --enforcing
 # System services
@ -196,6 +196,17 @@ touch /.liveimg-configured
 # https://bugzilla.redhat.com/show_bug.cgi?id=1370222
 echo "localhost-live" > /etc/hostname
 ## add us,ru layouts by default
 cat > /usr/share/glib-2.0/schemas/org.gnome.desktop.input-sources.gschema.override << FOE
 [org.gnome.desktop.input-sources]
 sources=[('xkb', 'us'), ('xkb', 'ru')]
 mru-sources=[('xkb', 'us'), ('xkb', 'ru')]
 xkb-options=['grp:alt_shift_toggle', 'grp_led:scroll']
 FOE
 # rebuild schema cache with any overrides we installed
 glib-compile-schemas /usr/share/glib-2.0/schemas
 EOF
 # HAL likes to start late.
@ -276,7 +287,7 @@ EOF
 rm -f /var/lib/rpm/__db*
 releasever=$(rpm -q --qf '%{version}\n' --whatprovides system-release)
 basearch=$(uname -i)
-rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
+rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-MSVSphere-9
 echo "Packages within this LiveCD"
 rpm -qa
 # Note that running rpm recreates the rpm db files which aren't needed or wanted
@ -334,13 +345,13 @@ fi
 %end
 %post
 cat >> /etc/rc.d/init.d/livesys << EOF
 # disable gnome-software automatically downloading updates
 cat >> /usr/share/glib-2.0/schemas/org.gnome.software.gschema.override << FOE
 [org.gnome.software]
 allow-updates=false
 download-updates=false
 FOE
@ -375,9 +386,10 @@ if [ -f /usr/share/applications/liveinst.desktop ]; then
  # need to move it to anaconda.desktop to make shell happy
  mv /usr/share/applications/liveinst.desktop /usr/share/applications/anaconda.desktop
-  cat >> /usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override << FOE
+  cat > /usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override << FOE
 [org.gnome.shell]
-favorite-apps=['firefox.desktop', 'evolution.desktop', 'org.gnome.Nautilus.desktop', 'anaconda.desktop']
+favorite-apps=['chromium-browser.desktop', 'evolution.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop', 'anaconda.desktop']
 enabled-extensions=['background-logo@fedorahosted.org', 'appindicatorsupport@rgcjonas.gmail.com', 'dash-to-panel@jderose9.github.com', 'ding@rastersoft.com', 'arcmenu@arcmenu.com', 'no-overview@fthx', 'notification-banner-reloaded@marcinjakubowski.github.com']
 FOE
  # Make the welcome screen show up
@ -404,6 +416,8 @@ glib-compile-schemas /usr/share/glib-2.0/schemas
 # set up auto-login
 cat > /etc/gdm/custom.conf << FOE
 [daemon]
 WaylandEnable=false
 DefaultSession=gnome-xorg.desktop
 AutomaticLoginEnable=True
 AutomaticLogin=liveuser
 FOE
@ -422,6 +436,48 @@ EOF
 %end
 %post
 ## fix dns to update ffmpeg
 #echo "nameserver 8.8.8.8" >> /etc/resolv.conf
 ## update yandex-browser multimedia
 ## /opt/yandex/browser/update-ffmpeg
 ## add flathub
 #flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
 ## drop resolve.conf
 #rm -f /etc/resolv.conf
 # fix Samba overview
 #firewall-cmd --set-default-zone=internal
 # set Russian locale (hot fix for livemedia-creator bug)
 cat > /etc/locale.conf << FOE
 LANG="ru_RU.UTF-8"
 FOE
 cat > /etc/gdm/custom.conf << FOE
 # GDM configuration storage
 [daemon]
 # Uncomment the line below to force the login screen to use Xorg
 WaylandEnable=false
 DefaultSession=gnome-xorg.desktop
 [security]
 [xdmcp]
 [chooser]
 [debug]
 # Uncomment the line below to turn on debugging
 #Enable=true
 FOE
 # Enable selinuxuser_execmod bool
 /usr/sbin/setsebool -P selinuxuser_execmod 1
 %end
 %packages
@anaconda-tools
@base-x
@ -430,9 +486,11 @@ EOF
@gnome-desktop
@guest-desktop-agents
@hardware-support
-@internet-browser
+@internet-browser-chromium
@multimedia
@networkmanager-submodules
@print-client
@workstation-product
 aajohan-comfortaa-fonts
 anaconda
 anaconda-install-env-deps
@ -445,11 +503,13 @@ kernel
 kernel-modules
 kernel-modules-extra
 libreoffice-calc
 libreoffice-draw
 libreoffice-emailmerge
 libreoffice-graphicfilter
 libreoffice-impress
 libreoffice-writer
 memtest86+
 syslinux
 shim-*64
 grub2-efi
 efi-filesystem
 efivar-libs
 efibootmgr
@ -469,5 +529,65 @@ shim-*64
 -@standard
 -gfs2-utils
 -reiserfs-utils
-
+-firefox
 -mozilla-openh264
 gnome-shell-extension-dash-to-panel
 gnome-shell-extension-appindicator
 gnome-shell-extension-places-menu
 gnome-shell-extension-desktop-icons-ng
 gnome-shell-extension-top-icons
 gnome-shell-extension-drive-menu
 gnome-shell-extension-arcmenu
 gnome-shell-extension-no-overview
 gnome-extensions-app
 #yandex-browser-stable
 kora-icon-theme
 gnome-tweaks
 remmina
 hardinfo
 fontconfig-enhanced-defaults
 fontconfig-font-replacements
 google-roboto-condensed-fonts
 msvsphere-configs-gnome
 mc
 samba-common-tools
 samba-client
 realmd
 oddjob
 oddjob-mkhomedir
 sssd
 adcli
 krb5-workstation
 chromium
 samba-winbind-clients
 pipewire-module-xrdp
 gparted
 mpv
 liberation-narrow-fonts
 totem-video-thumbnailer
 -totem
 sphere-release-identity-arm
 NetworkManager-l2tp-gnome
 NetworkManager-openvpn-gnome
 NetworkManager-openconnect-gnome
 NetworkManager-libreswan-gnome
 NetworkManager-pptp-gnome
 system-config-printer
 hplip
 simple-scan
 ntfs-3g
 ntfs-3g-system-compression
 alsa-firmware
 compat-openssl11
 gnome-calendar
 # Russian Staff
 autocorr-ru
 glibc-langpack-ru
 hunspell-ru
 hyphen-ru
 langpacks-ru
 libreoffice-help-ru
 libreoffice-langpack-ru
 mythes-ru
 -gnome-tour
 %end
--- a/MSVSphere-9-Cinnamon.ks
+++ b/MSVSphere-9-Cinnamon.ks
@ -1,20 +1,23 @@
 # Generated by pykickstart v3.41
 #version=DEVEL
 # Firewall configuration
-firewall --enabled --service=mdns
+firewall --enabled --service=mdns,samba,samba-client
 # Keyboard layouts
-keyboard 'us'
+keyboard --vckeymap=ru --xlayouts='us','ru' --switch='grp:alt_shift_toggle','grp_led:scroll'
-# System language
+# System language --addsupport=ru_RU.UTF-8
-lang en_US.UTF-8
+lang en_US.UTF-8 --addsupport=ru_RU.UTF-8
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Shutdown after installation
 shutdown
-repo --name="BaseOS" --baseurl=http://dl.rockylinux.org/pub/rocky/9/BaseOS/$basearch/os/ --cost=200
+# Use network installation
-repo --name="AppStream" --baseurl=http://dl.rockylinux.org/pub/rocky/9/AppStream/$basearch/os/ --cost=200
+url --url="https://rsync.inferitos.ru/msvsphere/9/BaseOS/$basearch/os/"
-repo --name="CRB" --baseurl=http://dl.rockylinux.org/pub/rocky/9/CRB/$basearch/os/ --cost=200
+repo --name="BaseOS" --baseurl=https://rsync.inferitos.ru/msvsphere/9/BaseOS/x86_64/os/ --cost=200
-repo --name="extras" --baseurl=http://dl.rockylinux.org/pub/rocky/9/extras/$basearch/os --cost=200
+repo --name="AppStream" --baseurl=https://rsync.inferitos.ru/msvsphere/9/AppStream/x86_64/os/ --cost=200
-repo --name="epel" --baseurl=https://dl.fedoraproject.org/pub/epel/9/Everything/$basearch/ --cost=200
+repo --name="Extras" --baseurl=https://rsync.inferitos.ru/msvsphere/9/Extras/x86_64/os/ --cost=200
 repo --name="CRB" --baseurl=https://rsync.inferitos.ru/msvsphere/9/CRB/x86_64/os/ --cost=200
 # Third-party repo
 repo --name="Epel" --baseurl=https://dl.fedoraproject.org/pub/epel/9/Everything/$basearch/ --cost=200
 # Root password
 rootpw --iscrypted --lock locked
 # SELinux configuration
@ -22,9 +25,7 @@ selinux --enforcing
 # System services
 services --disabled="sshd" --enabled="NetworkManager,ModemManager"
 # System timezone
-timezone US/Eastern
+timezone Europe/Moscow
 # Use network installation
 url --url="http://dl.rockylinux.org/pub/rocky/9/BaseOS/$basearch/os/"
 # X Window System configuration information
 xconfig  --startxonboot
 # System bootloader configuration
@ -277,7 +278,7 @@ EOF
 rm -f /var/lib/rpm/__db*
 releasever=$(rpm -q --qf '%{version}\n' --whatprovides system-release)
 basearch=$(uname -i)
-rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
+rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-MSVSphere-9
 echo "Packages within this LiveCD"
 rpm -qa
 # Note that running rpm recreates the rpm db files which aren't needed or wanted
@ -476,7 +477,7 @@ pipewire-alsa
 pipewire-pulseaudio
 powerline
 redshift-gtk
-rocky-backgrounds
+sphere-backgrounds
 sane-backends-drivers-scanners
 setroubleshoot
 shim-*64
@ -499,5 +500,83 @@ xreader
 -shim-unsigned-*64
 -xane-gimp
 -xsane
 kora-icon-theme
 gnome-tweaks
 remmina
 hardinfo
 fontconfig-enhanced-defaults
 fontconfig-font-replacements
 google-roboto-condensed-fonts
 msvsphere-configs-gnome
 mc
 samba-common-tools
 samba-client
 realmd
 oddjob
 oddjob-mkhomedir
 sssd
 adcli
 krb5-workstation
 chromium
 samba-winbind-clients
 pipewire-module-xrdp
 gparted
 mpv
 liberation-narrow-fonts
 totem-video-thumbnailer
 -totem
 yandex-browser-release
 sphere-release-identity-cinnamon
 NetworkManager-initscripts-updown
 NetworkManager-l2tp-gnome
 NetworkManager-openvpn-gnome
 NetworkManager-openconnect-gnome
 NetworkManager-libreswan-gnome
 NetworkManager-pptp-gnome
 yubioath-desktop
 ykocli
 # Russian Staff
 autocorr-ru
 glibc-langpack-ru
 hunspell-ru
 hyphen-ru
 langpacks-ru
 libreoffice-help-ru
 libreoffice-langpack-ru
 mythes-ru
 %end
 %post
 cat > /etc/locale.conf << FOE
 LANG="ru_RU.UTF-8"
 FOE
 cat > /usr/share/glib-2.0/schemas/org.cinnamon.desktop.background.gschema.override << FOE
 [org.cinnamon.desktop.background]
 picture-uri='file:///usr/share/backgrounds/Inferit-MSVSphere-b2.xml'
 FOE
 ## add us,ru layouts by default
 cat > /usr/share/glib-2.0/schemas/org.cinnamon.desktop.input-sources.gschema.override << FOE
 [org.cinnamon.desktop.input-sources]
 layouts=['us', 'ru']
 options=['grp\tgrp:alt_shift_toggle', 'grp_led\tgrp_led:scroll']
 FOE
 ## set icons
 cat > /usr/share/glib-2.0/schemas/org.cinnamon.desktop.interface.gschema.override << FOE
 [org.cinnamon.desktop.interface]
 icon-theme='kora-pgrey'
 FOE
 glib-compile-schemas /usr/share/glib-2.0/schemas
 # Custom settings for livecd
 cat >> /etc/rc.d/init.d/livesys << EOF
 # set system keymaps
 localectl set-x11-keymap us,ru pc105 , grp:alt_shift_toggle
 EOF
 %end
--- a/MSVSphere-9-KDE.ks
+++ b/MSVSphere-9-KDE.ks
@ -3,27 +3,27 @@
 # X Window System configuration information
 xconfig  --startxonboot
 # Keyboard layouts
-keyboard 'us'
+keyboard --vckeymap=ru --xlayouts='us','ru' --switch='grp:alt_shift_toggle','grp_led:scroll'
 # Root password
 rootpw --iscrypted --lock locked
 # System language
-lang en_US.UTF-8
+lang en_US.UTF-8 --addsupport=ru_RU.UTF-8
 # Shutdown after installation
 shutdown
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Firewall configuration
-firewall --enabled --service=mdns
+firewall --enabled --service=mdns,samba,samba-client
 # Use network installation
-url --url="http://dl.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/"
+url --url="https://rsync.inferitos.ru/msvsphere/9/BaseOS/$basearch/os/"
-repo --name="BaseOS" --baseurl=http://dl.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/ --cost=200
+repo --name="BaseOS" --baseurl=https://rsync.inferitos.ru/msvsphere/9/BaseOS/x86_64/os/ --cost=200
-repo --name="AppStream" --baseurl=http://dl.rockylinux.org/stg/rocky/9/AppStream/$basearch/os/ --cost=200
+repo --name="AppStream" --baseurl=https://rsync.inferitos.ru/msvsphere/9/AppStream/x86_64/os/ --cost=200
-repo --name="CRB" --baseurl=http://dl.rockylinux.org/stg/rocky/9/CRB/$basearch/os/ --cost=200
+repo --name="Extras" --baseurl=https://rsync.inferitos.ru/msvsphere/9/Extras/x86_64/os/ --cost=200
-repo --name="extras" --baseurl=http://dl.rockylinux.org/stg/rocky/9/extras/$basearch/os --cost=200
+repo --name="CRB" --baseurl=https://rsync.inferitos.ru/msvsphere/9/CRB/x86_64/os/ --cost=200
-repo --name="epel" --baseurl=https://dl.fedoraproject.org/pub/epel/9/Everything/$basearch/ --cost=200
+# Third-party repo
-#repo --name="epel-modular" --baseurl=https://dl.fedoraproject.org/pub/epel/8/Modular/$basearch/ --cost=200
+repo --name="Epel" --baseurl=https://dl.fedoraproject.org/pub/epel/9/Everything/$basearch/ --cost=200
 # System timezone
-timezone US/Eastern
+timezone Europe/Moscow
 # SELinux configuration
 selinux --enforcing
 # System services
@ -278,7 +278,7 @@ EOF
 rm -f /var/lib/rpm/__db*
 releasever=$(rpm -q --qf '%{version}\n' --whatprovides system-release)
 basearch=$(uname -i)
-rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
+rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-MSVSphere-9
 echo "Packages within this LiveCD"
 rpm -qa
 # Note that running rpm recreates the rpm db files which aren't needed or wanted
@ -516,5 +516,11 @@ shim-*64
 -system-config-users
 -xsane
 -xsane-gimp
 sphere-release-identity-kde
 %end
 %post
 cat > /etc/locale.conf << FOE
 LANG="ru_RU.UTF-8"
 FOE
 %end
--- a/MSVSphere-9-Workstation.ks
+++ b/MSVSphere-9-Workstation.ks
@ -3,25 +3,25 @@
 # X Window System configuration information
 xconfig  --startxonboot
 # Keyboard layouts
-keyboard 'us'
+keyboard --vckeymap=ru --xlayouts='us','ru' --switch='grp:alt_shift_toggle','grp_led:scroll'
 # Root password
 rootpw --iscrypted --lock locked
-# System language
+# System language (DO NOT CHANGE IF LIVEMEDIA-CREATOR IN USE)
-lang en_US.UTF-8
+lang en_US.UTF-8 --addsupport=ru_RU.UTF-8
 # Shutdown after installation
 shutdown
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Firewall configuration
-firewall --enabled --service=mdns
+firewall --enabled --service=mdns,samba,samba-client
 # Use network installation
-url --url="http://dl.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/"
+url --url="https://rsync.inferitos.ru/msvsphere/9/BaseOS/$basearch/os/"
-repo --name="BaseOS" --baseurl=http://dl.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/ --cost=200
+repo --name="BaseOS" --baseurl=https://rsync.inferitos.ru/msvsphere/9/BaseOS/x86_64/os/ --cost=200
-repo --name="AppStream" --baseurl=http://dl.rockylinux.org/stg/rocky/9/AppStream/$basearch/os/ --cost=200
+repo --name="AppStream" --baseurl=https://rsync.inferitos.ru/msvsphere/9/AppStream/x86_64/os/ --cost=200
-repo --name="CRB" --baseurl=http://dl.rockylinux.org/stg/rocky/9/CRB/$basearch/os/ --cost=200
+repo --name="Extras" --baseurl=https://rsync.inferitos.ru/msvsphere/9/Extras/x86_64/os/ --cost=200
-repo --name="extras" --baseurl=http://dl.rockylinux.org/stg/rocky/9/extras/$basearch/os --cost=200
+#repo --name="yandex-browser" --baseurl=https://repo.yandex.ru/yandex-browser/rpm/stable/x86_64/ --cost=200
 # System timezone
-timezone US/Eastern
+timezone Europe/Moscow
 # SELinux configuration
 selinux --enforcing
 # System services
@ -196,6 +196,16 @@ touch /.liveimg-configured
 # https://bugzilla.redhat.com/show_bug.cgi?id=1370222
 echo "localhost-live" > /etc/hostname
 ## add us,ru layouts by default
 cat > /usr/share/glib-2.0/schemas/org.gnome.libgnomekbd.keyboard.gschema.override << FOE
 [org.gnome.libgnomekbd.keyboard]
 layouts=['us', 'ru']
 options=['grp\tgrp:alt_shift_toggle', 'grp_led\tgrp_led:scroll']
 FOE
 # rebuild schema cache with any overrides we installed
 glib-compile-schemas /usr/share/glib-2.0/schemas
 EOF
 # HAL likes to start late.
@ -276,7 +286,7 @@ EOF
 rm -f /var/lib/rpm/__db*
 releasever=$(rpm -q --qf '%{version}\n' --whatprovides system-release)
 basearch=$(uname -i)
-rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
+rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-MSVSphere-9
 echo "Packages within this LiveCD"
 rpm -qa
 # Note that running rpm recreates the rpm db files which aren't needed or wanted
@ -334,7 +344,6 @@ fi
 %end
 %post
 cat >> /etc/rc.d/init.d/livesys << EOF
@ -376,9 +385,10 @@ if [ -f /usr/share/applications/liveinst.desktop ]; then
  # need to move it to anaconda.desktop to make shell happy
  mv /usr/share/applications/liveinst.desktop /usr/share/applications/anaconda.desktop
-  cat >> /usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override << FOE
+  cat > /usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override << FOE
 [org.gnome.shell]
-favorite-apps=['firefox.desktop', 'evolution.desktop', 'org.gnome.Nautilus.desktop', 'anaconda.desktop']
+favorite-apps=['chromium-browser.desktop', 'evolution.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop', 'anaconda.desktop']
 enabled-extensions=['background-logo@fedorahosted.org', 'appindicatorsupport@rgcjonas.gmail.com', 'dash-to-dock@gnome-shell-extensions.gcampax.github.com', 'no-overview@fthx']
 FOE
  # Make the welcome screen show up
@ -405,6 +415,8 @@ glib-compile-schemas /usr/share/glib-2.0/schemas
 # set up auto-login
 cat > /etc/gdm/custom.conf << FOE
 [daemon]
 WaylandEnable=false
 DefaultSession=gnome-xorg.desktop
 AutomaticLoginEnable=True
 AutomaticLogin=liveuser
 FOE
@ -423,6 +435,53 @@ EOF
 %end
 %post
 ## fix dns to update ffmpeg
 #echo "nameserver 8.8.8.8" >> /etc/resolv.conf
 ## update yandex-browser multimedia
 ## /opt/yandex/browser/update-ffmpeg
 ## add flathub
 #flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo
 ## drop resolve.conf
 #rm -f /etc/resolv.conf
 # fix Samba overview
 #firewall-cmd --set-default-zone=internal
 # set Russian locale (hot fix for livemedia-creator bug)
 cat > /etc/locale.conf << FOE
 LANG="ru_RU.UTF-8"
 FOE
 cat > /etc/gdm/custom.conf << FOE
 # GDM configuration storage
 [daemon]
 # Uncomment the line below to force the login screen to use Xorg
 WaylandEnable=false
 DefaultSession=gnome-xorg.desktop
 [security]
 [xdmcp]
 [chooser]
 [debug]
 # Uncomment the line below to turn on debugging
 #Enable=true
 FOE
 # Enable selinuxuser_execmod bool
 /usr/sbin/setsebool -P selinuxuser_execmod 1
 cat > /usr/share/glib-2.0/schemas/org.gnome.shell.extensions.dash-to-dock.gschema.override << FOE
 [org.gnome.shell.extensions.dash-to-dock]
 dock-fixed=true
 FOE
 %end
 %packages
@anaconda-tools
@base-x
@ -434,6 +493,7 @@ EOF
@internet-browser
@multimedia
@networkmanager-submodules
@print-client
@workstation-product
 aajohan-comfortaa-fonts
 anaconda
@ -472,5 +532,61 @@ shim-*64
 -@standard
 -gfs2-utils
 -reiserfs-utils
-
+-firefox
 -mozilla-openh264
 gnome-shell-extension-dash-to-panel
 gnome-shell-extension-dash-to-dock
 gnome-shell-extension-appindicator
 gnome-shell-extension-places-menu
 gnome-shell-extension-desktop-icons-ng
 gnome-shell-extension-top-icons
 gnome-shell-extension-drive-menu
 gnome-shell-extension-arcmenu
 gnome-shell-extension-no-overview
 gnome-extensions-app
 #yandex-browser-stable
 kora-icon-theme
 gnome-tweaks
 remmina
 hardinfo
 fontconfig-enhanced-defaults
 fontconfig-font-replacements
 google-roboto-condensed-fonts
 msvsphere-configs-gnome
 mc
 samba-common-tools
 samba-client
 realmd
 oddjob
 oddjob-mkhomedir
 sssd
 adcli
 krb5-workstation
 chromium
 samba-winbind-clients
 pipewire-module-xrdp
 gparted
 mpv
 liberation-narrow-fonts
 totem-video-thumbnailer
 -totem
 yandex-browser-release
 sphere-release-identity-arm
 NetworkManager-initscripts-updown
 NetworkManager-l2tp-gnome
 NetworkManager-openvpn-gnome
 NetworkManager-openconnect-gnome
 NetworkManager-libreswan-gnome
 NetworkManager-pptp-gnome
 yubioath-desktop
 ykocli
 # Russian Staff
 autocorr-ru
 glibc-langpack-ru
 hunspell-ru
 hyphen-ru
 langpacks-ru
 libreoffice-help-ru
 libreoffice-langpack-ru
 mythes-ru
 %end
--- a/MSVSphere-9-XFCE.ks
+++ b/MSVSphere-9-XFCE.ks
@ -3,26 +3,27 @@
 # X Window System configuration information
 xconfig  --startxonboot
 # Keyboard layouts
-keyboard 'us'
+keyboard --vckeymap=ru --xlayouts='us','ru' --switch='grp:alt_shift_toggle','grp_led:scroll'
 # Root password
 rootpw --iscrypted --lock locked
 # System language
-lang en_US.UTF-8
+lang en_US.UTF-8 --addsupport=ru_RU.UTF-8
 # Shutdown after installation
 shutdown
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Firewall configuration
-firewall --enabled --service=mdns
+firewall --enabled --service=mdns,samba,samba-client
 # Use network installation
-url --url="http://dl.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/"
+url --url="https://rsync.inferitos.ru/msvsphere/9/BaseOS/$basearch/os/"
-repo --name="BaseOS" --baseurl=http://dl.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/ --cost=200
+repo --name="BaseOS" --baseurl=https://rsync.inferitos.ru/msvsphere/9/BaseOS/x86_64/os/ --cost=200
-repo --name="AppStream" --baseurl=http://dl.rockylinux.org/stg/rocky/9/AppStream/$basearch/os/ --cost=200
+repo --name="AppStream" --baseurl=https://rsync.inferitos.ru/msvsphere/9/AppStream/x86_64/os/ --cost=200
-repo --name="CRB" --baseurl=http://dl.rockylinux.org/stg/rocky/9/CRB/$basearch/os/ --cost=200
+repo --name="Extras" --baseurl=https://rsync.inferitos.ru/msvsphere/9/Extras/x86_64/os/ --cost=200
-repo --name="extras" --baseurl=http://dl.rockylinux.org/stg/rocky/9/extras/$basearch/os --cost=200
+repo --name="CRB" --baseurl=https://rsync.inferitos.ru/msvsphere/9/CRB/x86_64/os/ --cost=200
-repo --name="epel" --baseurl=https://dl.fedoraproject.org/pub/epel/9/Everything/$basearch/ --cost=200
+# Third-party repo
 repo --name="Epel" --baseurl=https://dl.fedoraproject.org/pub/epel/9/Everything/$basearch/ --cost=200
 # System timezone
-timezone US/Eastern
+timezone Europe/Moscow
 # SELinux configuration
 selinux --enforcing
 # System services
@ -277,7 +278,7 @@ EOF
 rm -f /var/lib/rpm/__db*
 releasever=$(rpm -q --qf '%{version}\n' --whatprovides system-release)
 basearch=$(uname -i)
-rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
+rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-MSVSphere-9
 echo "Packages within this LiveCD"
 rpm -qa
 # Note that running rpm recreates the rpm db files which aren't needed or wanted
@ -468,7 +469,7 @@ network-manager-applet
 openssh-askpass
 pavucontrol
 pcp-selinux
-rocky-backgrounds
+sphere-backgrounds
 seahorse
 shim-*64
 syslinux
@ -510,5 +511,6 @@ xfce4-whiskermenu-plugin
 -xfce4-sensors-plugin
 -xsane
 -xsane-gimp
 sphere-release-identity-xfce
 %end
--- a/Rocky-9-Azure-Base.ks
+++ b/Rocky-9-Azure-Base.ks
@ -1,274 +0,0 @@
 #version=DEVEL
 # Keyboard layouts
 keyboard 'us'
 # Root password
 rootpw --iscrypted thereisnopasswordanditslocked
 # System language
 lang en_US.UTF-8
 # Shutdown after installation
 shutdown
 # System timezone
 timezone UTC --isUtc
 # Use text mode install
 text
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Use network installation
 url --url="https://download.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/"
 # System authorization information
 auth --enableshadow --passalgo=sha512
 # Firewall configuration
 firewall --enabled --service=ssh
 firstboot --disable
 # SELinux configuration
 selinux --enforcing
 # System services
 services --disabled="kdump,rhsmcertd" --enabled="NetworkManager,sshd,rsyslog,chronyd,cloud-init,cloud-init-local,cloud-config,cloud-final,rngd"
 # System bootloader configuration
 bootloader --append="rootdelay=300 console=ttyS0 earlyprintk=ttyS0  no_timer_check crashkernel=auto net.ifnames=0" --location=mbr --timeout=1
 # Disk partitioning information
 # NOTE(neil): 2023-05-12 NONE of reqpart, clearpart, zerombr can be used. We
 # are creating partitions manually in %pre to ensure proper ordering as
 # Anaconda does NOT ensure the ordering `part` commands.
 part /boot/efi --fstype="efi" --onpart=vda1
 part /boot --fstype="xfs" --label=boot --onpart=vda2
 part prepboot --fstype="prepboot" --onpart=vda3
 part biosboot --fstype="biosboot" --onpart=vda4
 part /         --size=8000 --fstype="xfs"    --mkfsoptions "-m bigtime=0,inobtcount=0" --grow --onpart=vda5
 %pre
 # Clear the Master Boot Record
 dd if=/dev/zero of=/dev/vda bs=512 count=1
 # Create a new GPT partition table
 parted /dev/vda mklabel gpt
 # Create a partition for /boot/efi
 parted /dev/vda mkpart primary fat32 1MiB 100MiB
 parted /dev/vda set 1 boot on
 # Create a partition for /boot
 parted /dev/vda mkpart primary xfs 100MiB 1100MiB
 # Create a partition for prep
 parted /dev/vda mkpart primary 1100MiB 1104MiB
 # Create a partition for bios_grub
 parted /dev/vda mkpart primary 1104MiB 1105MiB
 # Create a partition for LVM
 parted /dev/vda mkpart primary xfs 1106MiB 10.7GB
 %end
 %post --erroronfail
 passwd -d root
 passwd -l root
 systemctl enable waagent
 # Attempting to force legacy BIOS boot if we boot from UEFI
 if [ "$(arch)" = "x86_64"  ]; then
  dnf install grub2-pc-modules grub2-pc -y
  grub2-install --target=i386-pc /dev/vda
 fi
 # Ensure that the pmbr_boot flag is off
 parted /dev/vda disk_set pmbr_boot off
 # Common Cloud Tweaks
 # setup systemd to boot to the right runlevel
 rm -f /etc/systemd/system/default.target
 ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
 echo .
 # remove linux-firmware as we're virt and it's half a gig
 dnf -C -y remove linux-firmware
 # Remove firewalld; it is required to be present for install/image building.
 # but we dont ship it in cloud
 dnf -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
 dnf -C -y remove avahi\* 
 sed -i '/^#NAutoVTs=.*/ a\
 NAutoVTs=0' /etc/systemd/logind.conf
 echo "virtual-guest" > /etc/tuned/active_profile
 cat << EOF | tee -a /etc/NetworkManager/conf.d/dhcp-timeout.conf
 # Configure dhcp timeout to 300s by default
 [connection]
 ipv4.dhcp-timeout=300
 EOF
 cat > /etc/sysconfig/network << EOF
 NETWORKING=yes
 NOZEROCONF=yes
 EOF
 # Remove build-time resolvers to fix #16948
 truncate -s 0 /etc/resolv.conf
 # generic localhost names
 cat > /etc/hosts << EOF
 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
 ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
 EOF
 echo .
 # azure settings
 # Configure waagent for cloud-init
 sed -i 's/Provisioning.UseCloudInit=n/Provisioning.UseCloudInit=y/g' /etc/waagent.conf
 sed -i 's/Provisioning.Enabled=y/Provisioning.Enabled=n/g' /etc/waagent.conf
 # Azure: handle sr-iov and networkmanaeger
 cat << EOF | tee -a /etc/udev/rules.d/68-azure-sriov-nm-unmanaged.rules
 # Accelerated Networking on Azure exposes a new SRIOV interface to the VM.
 # This interface is transparently bonded to the synthetic interface,
 # so NetworkManager should just ignore any SRIOV interfaces.
 SUBSYSTEM=="net", DRIVERS=="hv_pci", ACTION=="add", ENV{NM_UNMANAGED}="1"
 EOF
 # Azure: Time sync for linux
 ## Setup udev rule for ptp_hyperv
 cat << EOF | tee -a /etc/udev/rules.d/98-hyperv-ptp.rules
 ## See: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/time-sync#check-for-ptp-clock-source
 SUBSYSTEM=="ptp", ATTR{clock_name}=="hyperv", SYMLINK += "ptp_hyperv"
 EOF
 # Configure chrony to use ptp_hyperv
 cat << EOF | tee -a /etc/chrony.conf
 # Setup hyperv PTP device as refclock
 refclock PHC /dev/ptp_hyperv poll 3 dpoll -2 offset 0 stratum 2
 EOF
 # Azure: Blacklist modules
 cat << EOF | tee -a /etc/modprobe.d/azure-blacklist.conf
 blacklist amdgpu
 blacklist nouveau
 blacklist radeon
 EOF
 # Azure: cloud-init customizations for Hyperv
 cat << EOF | tee /etc/cloud/cloud.cfg.d/10-azure-kvp.cfg
 # Enable logging to the Hyper-V kvp in Azure
 reporting:
  logging:
    type: log
  telemetry:
    type: hyperv
 EOF
 # Kernel and Drivers
 # Add drivers when building in VMWare, Vbox, or KVM (KVM)
 cat << EOF | tee -a /etc/dracut.conf.d/80-azure.conf
 add_drivers+=" hv_vmbus hv_netvsc hv_storvsc "
 EOF
 dracut -f -v
 cat <<EOL > /etc/sysconfig/kernel
 # UPDATEDEFAULT specifies if new-kernel-pkg should make
 # new kernels the default
 UPDATEDEFAULT=yes
 # DEFAULTKERNEL specifies the default kernel package type
 DEFAULTKERNEL=kernel
 EOL
 # make sure firstboot doesn't start
 echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
 # rocky cloud user
 sed -i '1i # Modified for cloud image' /etc/cloud/cloud.cfg
 sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
 echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
 # this shouldn't be the case, but we'll do it anyway
 sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/product-id.conf
 sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/subscription-manager.conf
 dnf clean all
 truncate -c -s 0 /var/log/dnf.log
 # XXX instance type markers - MUST match Rocky Infra expectation
 echo 'azure' > /etc/yum/vars/infra
 # Azure Cleanup
 sudo rm -f /var/log/waagent.log
 sudo cloud-init clean
 waagent -force -deprovision+user
 # Common cleanup
 rm -f ~/.bash_history
 export HISTSIZE=0
 rm -f /var/lib/systemd/random-seed
 rm -rf /root/anaconda-ks.cfg
 rm -rf /root/install.log
 rm -rf /root/install.log.syslog
 rm -rf "/var/lib/yum/*"
 rm -rf "/var/log/anaconda*"
 rm -rf /var/log/yum.log
 # Wipe machineid
 cat /dev/null > /etc/machine-id
 # Fix selinux
 touch /var/log/cron
 touch /var/log/boot.log
 mkdir -p /var/cache/yum
 /usr/sbin/fixfiles -R -a restore
 true
 %end
 %packages
@core
 NetworkManager
 WALinuxAgent
 chrony
 cloud-init
 cloud-utils-growpart
 dhcp-client
 dnf-utils
 dracut-config-generic
 firewalld
 gdisk
 grub2
 hyperv-daemons
 kernel
 rng-tools
 rocky-release
 rsync
 tar
 yum-utils
 -aic94xx-firmware
 -alsa-firmware
 -alsa-lib
 -alsa-tools-firmware
 -biosdevname
 -iprutils
 -ivtv-firmware
 -iwl100-firmware
 -iwl1000-firmware
 -iwl105-firmware
 -iwl135-firmware
 -iwl2000-firmware
 -iwl2030-firmware
 -iwl3160-firmware
 -iwl3945-firmware
 -iwl4965-firmware
 -iwl5000-firmware
 -iwl5150-firmware
 -iwl6000-firmware
 -iwl6000g2a-firmware
 -iwl6000g2b-firmware
 -iwl6050-firmware
 -iwl7260-firmware
 -langpacks-*
 -langpacks-en
 -libertas-sd8686-firmware
 -libertas-sd8787-firmware
 -libertas-usb8388-firmware
 -plymouth
 -qemu-guest-agent
 %end
--- a/Rocky-9-Azure-LVM.ks
+++ b/Rocky-9-Azure-LVM.ks
@ -1,280 +0,0 @@
 #version=DEVEL
 # Keyboard layouts
 keyboard 'us'
 # Root password
 rootpw --iscrypted thereisnopasswordanditslocked
 # System language
 lang en_US.UTF-8
 # Shutdown after installation
 shutdown
 # System timezone
 timezone UTC --isUtc
 # Use text mode install
 text
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Use network installation
 url --url="https://download.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/"
 # System authorization information
 auth --enableshadow --passalgo=sha512
 # Firewall configuration
 firewall --enabled --service=ssh
 firstboot --disable
 # SELinux configuration
 selinux --enforcing
 # System services
 services --disabled="kdump,rhsmcertd" --enabled="NetworkManager,sshd,rsyslog,chronyd,cloud-init,cloud-init-local,cloud-config,cloud-final,rngd"
 # System bootloader configuration
 bootloader --append="rootdelay=300 console=ttyS0 earlyprintk=ttyS0  no_timer_check crashkernel=auto net.ifnames=0" --location=mbr --timeout=1
 # Clear the Master Boot Record
 #zerombr
 # Partition clearing information
 #clearpart --all --initlabel --disklabel=gpt
 # Disk partitioning information
 part /boot/efi --fstype="efi" --onpart=vda1
 part /boot --fstype="xfs" --label=boot --onpart=vda2
 part prepboot --fstype="prepboot" --onpart=vda3
 part biosboot --fstype="biosboot" --onpart=vda4
 part pv.01 --grow --ondisk=vda --onpart=vda5
 volgroup rocky pv.01
 logvol / --grow --size=8000 --mkfsoptions="-m bigtime=0,inobtcount=0" --name=root --vgname=rocky
 %pre
 # Clear the Master Boot Record
 dd if=/dev/zero of=/dev/vda bs=512 count=1
 # Create a new GPT partition table
 parted /dev/vda mklabel gpt
 # Create a partition for /boot/efi
 parted /dev/vda mkpart primary fat32 1MiB 100MiB
 parted /dev/vda set 1 boot on
 # Create a partition for /boot
 parted /dev/vda mkpart primary xfs 100MiB 1100MiB
 # Create a partition for prep
 parted /dev/vda mkpart primary 1100MiB 1104MiB
 # Create a partition for bios_grub
 parted /dev/vda mkpart primary 1104MiB 1105MiB
 # Create a partition for LVM
 parted /dev/vda mkpart primary ext2 1106MiB 10.7GB
 parted /dev/vda set 5 lvm on
 %end
 %post --erroronfail
 passwd -d root
 passwd -l root
 systemctl enable waagent
 # Attempting to force legacy BIOS boot if we boot from UEFI
 if [ "$(arch)" = "x86_64"  ]; then
  dnf install grub2-pc-modules grub2-pc -y
  grub2-install --target=i386-pc /dev/vda
 fi
 # Ensure that the pmbr_boot flag is off
 parted /dev/vda disk_set pmbr_boot off
 # Common Cloud Tweaks
 # setup systemd to boot to the right runlevel
 rm -f /etc/systemd/system/default.target
 ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
 echo .
 # remove linux-firmware as we're virt and it's half a gig
 dnf -C -y remove linux-firmware
 # Remove firewalld; it is required to be present for install/image building.
 # but we dont ship it in cloud
 dnf -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
 dnf -C -y remove avahi\* 
 sed -i '/^#NAutoVTs=.*/ a\
 NAutoVTs=0' /etc/systemd/logind.conf
 echo "virtual-guest" > /etc/tuned/active_profile
 cat << EOF | tee -a /etc/NetworkManager/conf.d/dhcp-timeout.conf
 # Configure dhcp timeout to 300s by default
 [connection]
 ipv4.dhcp-timeout=300
 EOF
 cat > /etc/sysconfig/network << EOF
 NETWORKING=yes
 NOZEROCONF=yes
 EOF
 # Remove build-time resolvers to fix #16948
 truncate -s 0 /etc/resolv.conf
 # generic localhost names
 cat > /etc/hosts << EOF
 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
 ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
 EOF
 echo .
 # azure settings
 # Configure waagent for cloud-init
 sed -i 's/Provisioning.UseCloudInit=n/Provisioning.UseCloudInit=y/g' /etc/waagent.conf
 sed -i 's/Provisioning.Enabled=y/Provisioning.Enabled=n/g' /etc/waagent.conf
 # Azure: handle sr-iov and networkmanaeger
 cat << EOF | tee -a /etc/udev/rules.d/68-azure-sriov-nm-unmanaged.rules
 # Accelerated Networking on Azure exposes a new SRIOV interface to the VM.
 # This interface is transparently bonded to the synthetic interface,
 # so NetworkManager should just ignore any SRIOV interfaces.
 SUBSYSTEM=="net", DRIVERS=="hv_pci", ACTION=="add", ENV{NM_UNMANAGED}="1"
 EOF
 # Azure: Time sync for linux
 ## Setup udev rule for ptp_hyperv
 cat << EOF | tee -a /etc/udev/rules.d/98-hyperv-ptp.rules
 ## See: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/time-sync#check-for-ptp-clock-source
 SUBSYSTEM=="ptp", ATTR{clock_name}=="hyperv", SYMLINK += "ptp_hyperv"
 EOF
 # Configure chrony to use ptp_hyperv
 cat << EOF | tee -a /etc/chrony.conf
 # Setup hyperv PTP device as refclock
 refclock PHC /dev/ptp_hyperv poll 3 dpoll -2 offset 0 stratum 2
 EOF
 # Azure: Blacklist modules
 cat << EOF | tee -a /etc/modprobe.d/azure-blacklist.conf
 blacklist amdgpu
 blacklist nouveau
 blacklist radeon
 EOF
 # Azure: cloud-init customizations for Hyperv
 cat << EOF | tee /etc/cloud/cloud.cfg.d/10-azure-kvp.cfg
 # Enable logging to the Hyper-V kvp in Azure
 reporting:
  logging:
    type: log
  telemetry:
    type: hyperv
 EOF
 # Kernel and Drivers
 # Add drivers when building in VMWare, Vbox, or KVM (KVM)
 cat << EOF | tee -a /etc/dracut.conf.d/80-azure.conf
 add_drivers+=" hv_vmbus hv_netvsc hv_storvsc "
 EOF
 dracut -f -v
 cat <<EOL > /etc/sysconfig/kernel
 # UPDATEDEFAULT specifies if new-kernel-pkg should make
 # new kernels the default
 UPDATEDEFAULT=yes
 # DEFAULTKERNEL specifies the default kernel package type
 DEFAULTKERNEL=kernel
 EOL
 # make sure firstboot doesn't start
 echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
 # rocky cloud user
 sed -i '1i # Modified for cloud image' /etc/cloud/cloud.cfg
 sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
 echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
 # this shouldn't be the case, but we'll do it anyway
 sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/product-id.conf
 sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/subscription-manager.conf
 dnf clean all
 truncate -c -s 0 /var/log/dnf.log
 # XXX instance type markers - MUST match Rocky Infra expectation
 echo 'azure' > /etc/yum/vars/infra
 # Azure Cleanup
 sudo rm -f /var/log/waagent.log
 sudo cloud-init clean
 waagent -force -deprovision+user
 # Common cleanup
 rm -f ~/.bash_history
 export HISTSIZE=0
 rm -f /var/lib/systemd/random-seed
 rm -rf /root/anaconda-ks.cfg
 rm -rf /root/install.log
 rm -rf /root/install.log.syslog
 rm -rf "/var/lib/yum/*"
 rm -rf "/var/log/anaconda*"
 rm -rf /var/log/yum.log
 # Wipe machineid
 cat /dev/null > /etc/machine-id
 # Fix selinux
 touch /var/log/cron
 touch /var/log/boot.log
 mkdir -p /var/cache/yum
 /usr/sbin/fixfiles -R -a restore
 # LVM Variant Fix, remove system.devices
 rm -fv /etc/lvm/devices/system.devices
 true
 %end
 %packages
@core
 NetworkManager
 WALinuxAgent
 chrony
 cloud-init
 cloud-utils-growpart
 dhcp-client
 dnf-utils
 dracut-config-generic
 firewalld
 gdisk
 grub2
 hyperv-daemons
 kernel
 rng-tools
 rocky-release
 rsync
 tar
 yum-utils
 -aic94xx-firmware
 -alsa-firmware
 -alsa-lib
 -alsa-tools-firmware
 -biosdevname
 -iprutils
 -ivtv-firmware
 -iwl100-firmware
 -iwl1000-firmware
 -iwl105-firmware
 -iwl135-firmware
 -iwl2000-firmware
 -iwl2030-firmware
 -iwl3160-firmware
 -iwl3945-firmware
 -iwl4965-firmware
 -iwl5000-firmware
 -iwl5150-firmware
 -iwl6000-firmware
 -iwl6000g2a-firmware
 -iwl6000g2b-firmware
 -iwl6050-firmware
 -iwl7260-firmware
 -langpacks-*
 -langpacks-en
 -libertas-sd8686-firmware
 -libertas-sd8787-firmware
 -libertas-usb8388-firmware
 -plymouth
 -qemu-guest-agent
 %end
--- a/Rocky-9-Container-Base.ks
+++ b/Rocky-9-Container-Base.ks
@ -1,109 +0,0 @@
 # This is a minimal Rocky kickstart designed for docker.
 # It will not produce a bootable system
 # To use this kickstart, run make
 # Basic setup information
 url --url https://download.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/
 text
 bootloader --disable
 firewall --disabled
 network --bootproto=dhcp --device=link --activate --onboot=on
 rootpw --lock --iscrypted locked
 selinux --disabled
 shutdown
 keyboard us
 lang en_US.UTF-8
 timezone --utc --nontp UTC
 # Disk setup
 zerombr
 clearpart --all --initlabel
 autopart --noboot --nohome --noswap --nolvm --fstype=ext4
 # This breaks everything, apparently
 %addon com_redhat_kdump --disable
 %end
 # Package setup
 %packages --excludedocs --inst-langs=en --nocore --exclude-weakdeps
 bash
 binutils
 coreutils-single
 crypto-policies-scripts
 curl-minimal
 findutils
 glibc-minimal-langpack
 gzip
 hostname
 libcurl-minimal
 libusbx
 less
 rocky-release
 rootfiles
 tar
 usermode
 vim-minimal
 yum
 -dosfstools
 -kexec-tools
 -e2fsprogs
 -firewalld
 -fuse-libs
 -gettext*
 -gnupg2-smime
 -grub\*
 -iptables
 -kernel
 -libss
 -langpacks-*
 -langpacks-en
 -os-prober*
 -pinentry
 -qemu-guest-agent
 -shared-mime-info
 -trousers
 -xfsprogs
 -xkeyboard-config
 %end
 %post --erroronfail --log=/root/anaconda-post.log
 # container customizations inside the chroot
 # Stay compatible
 echo 'container' > /etc/dnf/vars/infra
 #Generate installtime file record
 /bin/date +%Y%m%d_%H%M > /etc/BUILDTIME
 # Limit languages to help reduce size.
 LANG="en_US"
 echo "%_install_langs $LANG" > /etc/rpm/macros.image-language-conf
 # https://bugzilla.redhat.com/show_bug.cgi?id=1727489
 echo 'LANG="C.UTF-8"' >  /etc/locale.conf
 # systemd fixes
 :> /etc/machine-id
 umount /run
 systemd-tmpfiles --create --boot
 # mask mounts and login bits
 systemctl mask \
    console-getty.service \
    dev-hugepages.mount \
    getty.target \
    sys-fs-fuse-connections.mount \
    systemd-logind.service \
    systemd-remount-fs.service
 # Cleanup the image
 rm -f /etc/udev/hwdb.bin
 rm -rf /usr/lib/udev/hwdb.d/ \
       /boot /var/lib/dnf/history.* \
       "/tmp/*" "/tmp/.*" || true
 %end
--- a/Rocky-9-Container-Minimal.ks
+++ b/Rocky-9-Container-Minimal.ks
@ -1,103 +0,0 @@
 # This is a minimal Rocky kickstart designed for docker.
 # It will not produce a bootable system
 # To use this kickstart, run make
 # Basic setup information
 text
 bootloader --disable
 firewall --disabled
 network --bootproto=dhcp --device=link --activate --onboot=on
 rootpw --lock --iscrypted locked
 selinux --disabled
 shutdown
 keyboard us
 lang en_US.UTF-8
 timezone --utc --nontp UTC
 # Disk setup
 zerombr
 clearpart --all --initlabel
 autopart --noboot --nohome --noswap --nolvm --fstype=ext4
 # This breaks everything, apparently
 %addon com_redhat_kdump --disable
 %end
 # Package setup
 %packages --excludedocs --inst-langs=en --nocore --exclude-weakdeps
 bash
 coreutils-single
 glibc-minimal-langpack
 microdnf
 rocky-release
 util-linux
 -brotli
 -dosfstools
 -e2fsprogs
 -firewalld
 -fuse-libs
 -gettext*
 -gnupg2-smime
 -grub\*
 -hostname
 -iptables
 -iputils
 -kernel
 -kexec-tools
 -less
 -libss
 -os-prober*
 -pinentry
 -qemu-guest-agent
 -rootfiles
 -shared-mime-info
 -tar
 -trousers
 -vim-minimal
 -xfsprogs
 -xkeyboard-config
 -yum
 %end
 %post --erroronfail --log=/root/anaconda-post.log
 # container customizations inside the chroot
 rpm --rebuilddb
 /bin/date +%Y-%m-%d_%H:%M:%S > /etc/BUILDTIME
 echo 'container' > /etc/dnf/vars/infra
 LANG="en_US"
 echo '%_install_langs en_US.UTF-8' > /etc/rpm/macros.image-language-conf
 echo 'LANG="C.UTF-8"' >  /etc/locale.conf
 rm -f /var/lib/dnf/history.* 
 rm -fr "/var/log/*" "/tmp/*" "/tmp/.*"
 for dir in $(ls -d "/usr/share/{locale,i18n}/*" | grep -v 'en_US\|all_languages\|locale\.alias'); do rm -fr $dir; done
 # systemd fixes
 umount /run
 systemd-tmpfiles --create --boot
 # mask mounts and login bits
 systemctl mask \
    console-getty.service \
    dev-hugepages.mount \
    getty.target \
    sys-fs-fuse-connections.mount \
    systemd-logind.service \
    systemd-remount-fs.service
 # Cleanup the image
 rm -f /etc/udev/hwdb.bin
 rm -rf /usr/lib/udev/hwdb.d/ \
       /boot /var/lib/dnf/history.* \
      "/tmp/*" "/tmp/.*" || true
 %end
--- a/Rocky-9-Container-UBI.ks
+++ b/Rocky-9-Container-UBI.ks
@ -1,112 +0,0 @@
 # This is a minimal Rocky kickstart designed for docker.
 # It will not produce a bootable system
 # To use this kickstart, run make
 # Basic setup information
 url --url https://download.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/
 text
 bootloader --disable
 firewall --disabled
 network --bootproto=dhcp --device=link --activate --onboot=on
 rootpw --lock --iscrypted locked
 selinux --disabled
 shutdown
 keyboard us
 lang en_US.UTF-8
 timezone --utc --nontp Etc/UTC
 # Disk setup
 zerombr
 clearpart --all --initlabel
 autopart --noboot --nohome --noswap --nolvm --fstype=ext4
 # This breaks everything, apparently
 %addon com_redhat_kdump --disable
 %end
 # Package setup
 %packages --ignoremissing --excludedocs --inst-langs=en --nocore --exclude-weakdeps
 bash
 coreutils-single
 crypto-policies-scripts
 curl-minimal
 findutils
 gdb-gdbserver
 glibc-minimal-langpack
 gzip
 libcurl-minimal
 systemd
 rocky-release
 rootfiles
 tar
 util-linux
 vim-minimal
 which
 yum
 -dosfstools
 -kexec-tools
 -e2fsprogs
 -firewalld
 -fuse-libs
 -gettext*
 -gnupg2-smime
 -grub\*
 -iptables
 -kernel
 -libss
 -os-prober*
 -pinentry
 -qemu-guest-agent
 -shared-mime-info
 -trousers
 -xfsprogs
 -xkeyboard-config
 %end
 %post --erroronfail --log=/root/anaconda-post.log
 set -eux
 # container customizations inside the chroot
 # Stay compatible
 echo 'container' > /etc/dnf/vars/infra
 #Generate installtime file record
 /bin/date +%Y%m%d_%H%M > /etc/BUILDTIME
 # Limit languages to help reduce size.
 LANG="en_US"
 echo "%_install_langs $LANG" > /etc/rpm/macros.image-language-conf
 # https://bugzilla.redhat.com/show_bug.cgi?id=1727489
 echo 'LANG="C.UTF-8"' >  /etc/locale.conf
 # systemd fixes
 :> /etc/machine-id
 umount /run
 systemd-tmpfiles --create --boot
 # mask mounts and login bits
 systemctl mask \
    console-getty.service \
    dev-hugepages.mount \
    getty.target \
    sys-fs-fuse-connections.mount \
    systemd-logind.service \
    systemd-remount-fs.service
 # Remove network configuration files leftover from anaconda installation
 # https://bugzilla.redhat.com/show_bug.cgi?id=1713089
 rm -f /etc/sysconfig/network-scripts/ifcfg-*
 # Cleanup the image
 rm -f /etc/udev/hwdb.bin
 rm -rf /usr/lib/udev/hwdb.d/ \
       /boot /var/lib/dnf/history.* \
       /var/cache/* /var/log/* \
       "/tmp/*" "/tmp/.*" || true
 %end
--- a/Rocky-9-EC2-Base.ks
+++ b/Rocky-9-EC2-Base.ks
@ -1,226 +0,0 @@
 text
 lang en_US.UTF-8
 keyboard us
 timezone UTC --utc
 # Disk
 bootloader --append="console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295" --location=mbr --timeout=1
 auth --enableshadow --passalgo=sha512
 selinux --enforcing
 firewall --enabled --service=ssh
 firstboot --disable
 # Network information
 network  --bootproto=dhcp --device=link --activate --onboot=on
 # Root password
 services --disabled="kdump,rhsmcertd" --enabled="NetworkManager,sshd,rsyslog,chronyd,cloud-init,cloud-init-local,cloud-config,cloud-final,rngd"
 rootpw --iscrypted thereisnopasswordanditslocked
 # Disk partitioning information
 # NOTE(neil): 2023-05-12 NONE of reqpart, clearpart, zerombr can be used. We
 # are creating partitions manually in %pre to ensure proper ordering as
 # Anaconda does NOT ensure the ordering `part` commands.
 part /boot/efi --fstype="efi" --onpart=vda1
 part /boot --fstype="xfs" --label=boot --onpart=vda2
 part prepboot --fstype="prepboot" --onpart=vda3
 part biosboot --fstype="biosboot" --onpart=vda4
 part /         --size=8000 --fstype="xfs"    --mkfsoptions "-m bigtime=0,inobtcount=0" --grow --onpart=vda5
 shutdown
 %pre
 # Clear the Master Boot Record
 dd if=/dev/zero of=/dev/vda bs=512 count=1
 # Create a new GPT partition table
 parted /dev/vda mklabel gpt
 # Create a partition for /boot/efi
 parted /dev/vda mkpart primary fat32 1MiB 100MiB
 parted /dev/vda set 1 boot on
 # Create a partition for /boot
 parted /dev/vda mkpart primary xfs 100MiB 1100MiB
 # Create a partition for prep
 parted /dev/vda mkpart primary 1100MiB 1104MiB
 # Create a partition for bios_grub
 parted /dev/vda mkpart primary 1104MiB 1105MiB
 # Create a partition for LVM
 parted /dev/vda mkpart primary xfs 1106MiB 10.7GB
 %end
 %packages
@core
 rocky-release
 kernel
 yum-utils
 -aic94xx-firmware
 -alsa-firmware
 -alsa-lib
 -alsa-tools-firmware
 -ivtv-firmware
 -iwl1000-firmware
 -iwl100-firmware
 -iwl105-firmware
 -iwl135-firmware
 -iwl2000-firmware
 -iwl2030-firmware
 -iwl3160-firmware
 -iwl3945-firmware
 -iwl4965-firmware
 -iwl5000-firmware
 -iwl5150-firmware
 -iwl6000-firmware
 -iwl6000g2a-firmware
 -iwl6000g2b-firmware
 -iwl6050-firmware
 -iwl7260-firmware
 -libertas-sd8686-firmware
 -libertas-sd8787-firmware
 -libertas-usb8388-firmware
 cloud-init
 cloud-utils-growpart
 gdisk
 dracut-config-generic
 grub2
 firewalld
 # some stuff that's missing from core or things we want
 tar
 rsync
 dhcp-client
 NetworkManager
 rng-tools
 -biosdevname
 -plymouth
 -iprutils
 -langpacks-*
 -langpacks-en
 %end
 %post --erroronfail
 passwd -d root
 passwd -l root
 # Attempting to force legacy BIOS boot if we boot from UEFI
 if [ "$(arch)" = "x86_64" ]; then
  dnf install grub2-pc-modules grub2-pc -y
  grub2-install --target=i386-pc /dev/vda
 fi
 # Ensure that the pmbr_boot flag is off
 parted /dev/vda disk_set pmbr_boot off
 # setup systemd to boot to the right runlevel
 rm -f /etc/systemd/system/default.target
 ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
 echo .
 dnf -C -y remove linux-firmware
 # Remove firewalld; it is required to be present for install/image building.
 # but we dont ship it in cloud
 dnf -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
 dnf -C -y remove avahi\* 
 sed -i '/^#NAutoVTs=.*/ a\
 NAutoVTs=0' /etc/systemd/logind.conf
 cat > /etc/sysconfig/network << EOF
 NETWORKING=yes
 NOZEROCONF=yes
 EOF
 # this should *really* be an empty file - gotta make anaconda happy
 truncate -s 0 /etc/resolv.conf
 # For cloud images, 'eth0' _is_ the predictable device name, since
 # we don't want to be tied to specific virtual (!) hardware
 rm -f /etc/udev/rules.d/70*
 ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
 # simple eth0 config, again not hard-coded to the build hardware
 cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
 DEVICE="eth0"
 BOOTPROTO="dhcp"
 ONBOOT="yes"
 TYPE="Ethernet"
 USERCTL="yes"
 PEERDNS="yes"
 IPV6INIT="no"
 PERSISTENT_DHCLIENT="1"
 EOF
 # generic localhost names
 cat > /etc/hosts << EOF
 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
 ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
 EOF
 echo .
 cat <<EOL > /etc/sysconfig/kernel
 # UPDATEDEFAULT specifies if new-kernel-pkg should make
 # new kernels the default
 UPDATEDEFAULT=yes
 # DEFAULTKERNEL specifies the default kernel package type
 DEFAULTKERNEL=kernel
 EOL
 # make sure firstboot doesn't start
 echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
 if ! grep -q growpart /etc/cloud/cloud.cfg; then
  sed -i 's/ - resizefs/ - growpart\n - resizefs/' /etc/cloud/cloud.cfg
 fi
 # rocky cloud user
 sed -i '1i # Modified for cloud image' /etc/cloud/cloud.cfg
 sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
 echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
 # this shouldn't be the case, but we'll do it anyway
 sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/product-id.conf
 sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/subscription-manager.conf
 dnf clean all
 truncate -c -s 0 /var/log/dnf.log
 # XXX instance type markers - MUST match Rocky Infra expectation
 echo 'ec2' > /etc/yum/vars/infra
 rm -rf /var/log/yum.log
 rm -rf /var/lib/yum/*
 rm -rf /root/install.log
 rm -rf /root/install.log.syslog
 rm -rf /root/anaconda-ks.cfg
 rm -rf /var/log/anaconda*
 touch /var/log/cron
 touch /var/log/boot.log
 mkdir -p /var/cache/yum
 /usr/sbin/fixfiles -R -a restore
 # remove these for ec2 debugging
 sed -i -e 's/ rhgb quiet//' /boot/grub/grub.conf
 cat > /etc/modprobe.d/blacklist-nouveau.conf << EOL
 blacklist nouveau
 EOL
 # enable resizing on copied AMIs
 echo 'install_items+=" sgdisk "' > /etc/dracut.conf.d/sgdisk.conf
 echo 'add_drivers+=" xen-netfront xen-blkfront "' > /etc/dracut.conf.d/xen.conf
 # Rerun dracut for the installed kernel (not the running kernel):
 KERNEL_VERSION=$(rpm -q kernel --qf '%{V}-%{R}.%{arch}\n')
 dracut -f /boot/initramfs-$KERNEL_VERSION.img $KERNEL_VERSION
 cat /dev/null > /etc/machine-id
 cat >> /etc/chrony.conf << EOF
 # Amazon Time Sync Service
 server 169.254.169.123 prefer iburst minpoll 4 maxpoll 4
 EOF
 %end
--- a/Rocky-9-EC2-LVM.ks
+++ b/Rocky-9-EC2-LVM.ks
@ -1,231 +0,0 @@
 text
 lang en_US.UTF-8
 keyboard us
 timezone UTC --utc
 # Disk
 bootloader --append="console=ttyS0,115200n8 console=tty0 net.ifnames=0 rd.blacklist=nouveau nvme_core.io_timeout=4294967295" --location=mbr --timeout=1
 auth --enableshadow --passalgo=sha512
 selinux --enforcing
 firewall --enabled --service=ssh
 firstboot --disable
 # Network information
 network  --bootproto=dhcp --device=link --activate --onboot=on
 # Root password
 services --disabled="kdump,rhsmcertd" --enabled="NetworkManager,sshd,rsyslog,chronyd,cloud-init,cloud-init-local,cloud-config,cloud-final,rngd"
 rootpw --iscrypted thereisnopasswordanditslocked
 # Partition stuff - Should work for x86 and aarch64
 #zerombr
 #clearpart --all --initlabel --disklabel=gpt
 #reqpart
 part /boot/efi --fstype=efi   --asprimary --onpart=vda1
 part /boot     --fstype=xfs   --label=boot --onpart=vda2
 part prepboot  --fstype=prepboot --asprimary --onpart=vda3
 part biosboot  --fstype=biosboot --asprimary --onpart=vda4
 part pv.01     --grow --onpart=vda5
 volgroup rocky pv.01
 logvol / --vgname=rocky --size=8000 --name=root --grow --mkfsoptions "-m bigtime=0,inobtcount=0"
 shutdown
 %pre
 # Clear the Master Boot Record
 dd if=/dev/zero of=/dev/vda bs=512 count=1
 # Create a new GPT partition table
 parted /dev/vda mklabel gpt
 # Create a partition for /boot/efi
 parted /dev/vda mkpart primary fat32 1MiB 100MiB
 parted /dev/vda set 1 boot on
 # Create a partition for /boot
 parted /dev/vda mkpart primary xfs 100MiB 1100MiB
 # Create a partition for prep
 parted /dev/vda mkpart primary 1100MiB 1104MiB
 # Create a partition for bios_grub
 parted /dev/vda mkpart primary 1104MiB 1105MiB
 # Create a partition for LVM
 parted /dev/vda mkpart primary ext2 1106MiB 10.7GB
 parted /dev/vda set 5 lvm on
 %end
 %packages
@core
 rocky-release
 kernel
 yum-utils
 -aic94xx-firmware
 -alsa-firmware
 -alsa-lib
 -alsa-tools-firmware
 -ivtv-firmware
 -iwl1000-firmware
 -iwl100-firmware
 -iwl105-firmware
 -iwl135-firmware
 -iwl2000-firmware
 -iwl2030-firmware
 -iwl3160-firmware
 -iwl3945-firmware
 -iwl4965-firmware
 -iwl5000-firmware
 -iwl5150-firmware
 -iwl6000-firmware
 -iwl6000g2a-firmware
 -iwl6000g2b-firmware
 -iwl6050-firmware
 -iwl7260-firmware
 -libertas-sd8686-firmware
 -libertas-sd8787-firmware
 -libertas-usb8388-firmware
 cloud-init
 cloud-utils-growpart
 gdisk
 dracut-config-generic
 grub2
 firewalld
 # some stuff that's missing from core or things we want
 tar
 rsync
 dhcp-client
 NetworkManager
 rng-tools
 -biosdevname
 -plymouth
 -iprutils
 -langpacks-*
 -langpacks-en
 %end
 %post --erroronfail
 passwd -d root
 passwd -l root
 # Attempting to force legacy BIOS boot if we boot from UEFI
 if [ "$(arch)" = "x86_64" ]; then
  dnf install grub2-pc-modules grub2-pc -y
  grub2-install --target=i386-pc /dev/vda
 fi
 # Ensure that the pmbr_boot flag is off
 parted /dev/vda disk_set pmbr_boot off
 # setup systemd to boot to the right runlevel
 rm -f /etc/systemd/system/default.target
 ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
 echo .
 dnf -C -y remove linux-firmware
 # Remove firewalld; it is required to be present for install/image building.
 # but we dont ship it in cloud
 dnf -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
 dnf -C -y remove avahi\* 
 sed -i '/^#NAutoVTs=.*/ a\
 NAutoVTs=0' /etc/systemd/logind.conf
 cat > /etc/sysconfig/network << EOF
 NETWORKING=yes
 NOZEROCONF=yes
 EOF
 # this should *really* be an empty file - gotta make anaconda happy
 truncate -s 0 /etc/resolv.conf
 # For cloud images, 'eth0' _is_ the predictable device name, since
 # we don't want to be tied to specific virtual (!) hardware
 rm -f /etc/udev/rules.d/70*
 ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
 # simple eth0 config, again not hard-coded to the build hardware
 cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
 DEVICE="eth0"
 BOOTPROTO="dhcp"
 ONBOOT="yes"
 TYPE="Ethernet"
 USERCTL="yes"
 PEERDNS="yes"
 IPV6INIT="no"
 PERSISTENT_DHCLIENT="1"
 EOF
 # generic localhost names
 cat > /etc/hosts << EOF
 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
 ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
 EOF
 echo .
 cat <<EOL > /etc/sysconfig/kernel
 # UPDATEDEFAULT specifies if new-kernel-pkg should make
 # new kernels the default
 UPDATEDEFAULT=yes
 # DEFAULTKERNEL specifies the default kernel package type
 DEFAULTKERNEL=kernel
 EOL
 # make sure firstboot doesn't start
 echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
 if ! grep -q growpart /etc/cloud/cloud.cfg; then
  sed -i 's/ - resizefs/ - growpart\n - resizefs/' /etc/cloud/cloud.cfg
 fi
 # rocky cloud user
 sed -i '1i # Modified for cloud image' /etc/cloud/cloud.cfg
 sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
 echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
 # this shouldn't be the case, but we'll do it anyway
 sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/product-id.conf
 sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/subscription-manager.conf
 dnf clean all
 truncate -c -s 0 /var/log/dnf.log
 # XXX instance type markers - MUST match Rocky Infra expectation
 echo 'ec2' > /etc/yum/vars/infra
 rm -rf /var/log/yum.log
 rm -rf /var/lib/yum/*
 rm -rf /root/install.log
 rm -rf /root/install.log.syslog
 rm -rf /root/anaconda-ks.cfg
 rm -rf /var/log/anaconda*
 touch /var/log/cron
 touch /var/log/boot.log
 mkdir -p /var/cache/yum
 /usr/sbin/fixfiles -R -a restore
 # remove these for ec2 debugging
 sed -i -e 's/ rhgb quiet//' /boot/grub/grub.conf
 cat > /etc/modprobe.d/blacklist-nouveau.conf << EOL
 blacklist nouveau
 EOL
 # enable resizing on copied AMIs
 echo 'install_items+=" sgdisk "' > /etc/dracut.conf.d/sgdisk.conf
 echo 'add_drivers+=" xen-netfront xen-blkfront "' > /etc/dracut.conf.d/xen.conf
 # Rerun dracut for the installed kernel (not the running kernel):
 KERNEL_VERSION=$(rpm -q kernel --qf '%{V}-%{R}.%{arch}\n')
 dracut -f /boot/initramfs-$KERNEL_VERSION.img $KERNEL_VERSION
 cat /dev/null > /etc/machine-id
 cat >> /etc/chrony.conf << EOF
 # Amazon Time Sync Service
 server 169.254.169.123 prefer iburst minpoll 4 maxpoll 4
 EOF
 # LVM Variant Fix, remove system.devices
 rm -fv /etc/lvm/devices/system.devices
 %end
--- a/Rocky-9-GenericArm-Minimal.ks
+++ b/Rocky-9-GenericArm-Minimal.ks
@ -1,188 +0,0 @@
 # Generated by pykickstart v3.41
 #version=DEVEL
 # Firewall configuration
 firewall --enabled --port=22:tcp
 # Keyboard layouts
 # old format: keyboard us
 # new format:
 keyboard --vckeymap=us --xlayouts='us'
 # System language
 lang en_US.UTF-8
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Shutdown after installation
 shutdown
 repo --name="rocky9-baseos" --baseurl=https://download.rockylinux.org/stg/rocky/9/BaseOS/aarch64/os/
 repo --name="rocky9-appstream" --baseurl=https://download.rockylinux.org/stg/rocky/9/AppStream/aarch64/os/
 repo --name="rocky9-powertools" --baseurl=https://download.rockylinux.org/stg/rocky/9/CRB/aarch64/os/
 repo --name="instKern" --baseurl=https://rockyrepos.gnulab.org/gen_aarch64_el9/ --cost=100 --install
 #Root password
 rootpw --lock
 # SELinux configuration
 selinux --enforcing
 # System services
 services --enabled="sshd,NetworkManager,chronyd"
 # System timezone
 timezone UTC --utc --nontp
 # Use network installation
 url --url="https://download.rockylinux.org/stg/rocky/9/BaseOS/aarch64/os/"
 # System bootloader configuration
 bootloader --location=mbr --driveorder="sda"
 # Partition clearing information
 clearpart --all --initlabel
 # Disk partitioning information
 part /boot/efi --asprimary --fstype="efi" --size=512
 part /boot --asprimary --fstype="ext4" --size=1024 --label=boot
 part swap --asprimary --fstype="swap" --size=512 --label=swap
 part / --asprimary --fstype="ext4" --size=3072 --label=rootfs
 %pre
 #End of Pre script for partitions
 %end
 %post
 # Mandatory README file
 cat >/root/README << EOF
 == Rocky Linux 9 ==
 If you want to automatically resize your / partition, just type the following (as root user):
 rootfs-expand
 EOF
 %end
 %post
 # Setting correct yum variable to use raspberrypi kernel repo
 #echo "generic" > /etc/dnf/vars/kvariant
 #
 # Creating rocky user and add to wheel group
 /sbin/useradd -c "Rocky Linux default user" -G wheel -m -U rocky
 echo "rockylinux" | passwd --stdin  rocky
 # Generic efi filename for VMs
 mkdir -p /boot/efi/EFI/BOOT
 if [ -d /boot/efi/EFI/rocky/ ] && [ -f /boot/efi/EFI/rocky/grubaa64.efi ];then
    for j in grub.cfg grubenv;do
        mv -f /boot/grub2/${j} /boot/efi/EFI/rocky/
        ln -s ../efi/EFI/rocky/${j} /boot/grub2/${j}
    done
    cp -f /boot/efi/EFI/rocky/grubaa64.efi /boot/efi/EFI/BOOT/BOOTAA64.EFI
 fi
 cp -f /usr/share/uboot/rpi_3/u-boot.bin /boot/efi/rpi3-u-boot.bin
 cp -f /usr/share/uboot/rpi_4/u-boot.bin /boot/efi/rpi4-u-boot.bin
 rpm -e dracut-config-generic
 #setup dtb link by running "creating 10-devicetree.install"
 if [ -x /lib/kernel/install.d/10-devicetree.install ];then
    /lib/kernel/install.d/10-devicetree.install remove
 fi
 ### Write /etc/sysconfig/kernel
 cat << EOF > /etc/sysconfig/kernel
 # Written by image installer
 # UPDATEDEFAULT specifies if new-kernel-pkg should make new kernels the default
 UPDATEDEFAULT=yes
 # DEFAULTKERNEL specifies the default kernel package type
 DEFAULTKERNEL=kernel-core
 EOF
 chmod 644 /etc/sysconfig/kernel
 ### Write grub defaults, turn off OS probing as it is always wrong for image creation
 cat << EOF > /etc/default/grub
 GRUB_TIMEOUT=5
 GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
 GRUB_DEFAULT=saved
 GRUB_DISABLE_SUBMENU=true
 GRUB_TERMINAL_OUTPUT="console"
 GRUB_CMDLINE_LINUX=""
 GRUB_DISABLE_RECOVERY="true"
 GRUB_DISABLE_OS_PROBER="true"
 GRUB_ENABLE_BLSCFG="false"
 EOF
 chmod 644 /etc/default/grub
 # fixing the rpmdb
 rpm --rebuilddb
 # remove /boot/dtb for some rpi to boot
 rm -f /boot/dtb
 %end
 %post
 # Remove ifcfg-link on pre generated images
 rm -f /etc/sysconfig/network-scripts/ifcfg-link
 # Remove machine-id on pre generated images
 rm -f /etc/machine-id
 touch /etc/machine-id
 %end
 %post
 cat >/usr/local/bin/rootfs-expand << EOF
 #!/bin/bash
 clear
 part=\$(mount |grep '^/dev.* / ' |awk '{print \$1}')
 if [ -z "\$part" ];then
    echo "Error detecting rootfs"
    exit -1
 fi
 dev=\$(echo \$part|sed 's/[0-9]*\$//g')
 devlen=\${#dev}
 num=\${part:\$devlen}
 if [[ "\$dev" =~ ^/dev/mmcblk[0-9]*p\$ ]];then
    dev=\${dev:0:-1}
 fi
 if [ ! -x /usr/bin/growpart ];then
    echo "Please install cloud-utils-growpart (sudo yum install cloud-utils-growpart)"
    exit -2
 fi
 if [ ! -x /usr/sbin/resize2fs ];then
    echo "Please install e2fsprogs (sudo yum install e2fsprogs)"
    exit -3
 fi
 echo \$part \$dev \$num
 echo "Extending partition \$num to max size ...."
 growpart \$dev \$num
 echo "Resizing ext4 filesystem ..."
 resize2fs \$part
 echo "Done."
 df -h |grep \$part
 EOF
 chmod +x /usr/local/bin/rootfs-expand
 %end
 %packages
@core
 NetworkManager-wifi
 bash-completion
 bcm2711-firmware
 bcm2835-firmware
 bcm283x-firmware
 bcm283x-overlays
 chrony
 cloud-utils-growpart
 dracut-config-generic
 efibootmgr
 glibc-langpack-en
 grub2-common
 grub2-efi-aa64
 grub2-efi-aa64-modules
 grubby
 kernel
 kernel-core
 nano
 net-tools
 shim-aa64
 systemd-udev
 uboot-images-armv8
 uboot-tools
 -dracut-config-rescue
 -java-11-*
 %end
--- a/Rocky-9-GenericCloud-Base.ks
+++ b/Rocky-9-GenericCloud-Base.ks
@ -1,227 +0,0 @@
 text
 lang en_US.UTF-8
 keyboard us
 timezone --utc UTC
 # Disk
 bootloader --append="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0" --location=mbr --timeout=1
 auth --enableshadow --passalgo=sha512
 selinux --enforcing
 firewall --enabled --service=ssh
 firstboot --disable
 # Network information
 network  --bootproto=dhcp --device=link --activate --onboot=on
 # Root password
 services --disabled="kdump,rhsmcertd" --enabled="NetworkManager,sshd,rsyslog,chronyd,cloud-init,cloud-init-local,cloud-config,cloud-final,rngd"
 rootpw --iscrypted thereisnopasswordanditslocked
 # Disk partitioning information
 # NOTE(neil): 2023-05-12 NONE of reqpart, clearpart, zerombr can be used. We
 # are creating partitions manually in %pre to ensure proper ordering as
 # Anaconda does NOT ensure the ordering `part` commands.
 part /boot/efi --fstype="efi" --onpart=vda1
 part /boot --fstype="xfs" --label=boot --onpart=vda2
 part prepboot --fstype="prepboot" --onpart=vda3
 part biosboot --fstype="biosboot" --onpart=vda4
 part /         --size=8000 --fstype="xfs"    --mkfsoptions "-m bigtime=0,inobtcount=0" --grow --onpart=vda5
 shutdown
 %pre
 # Clear the Master Boot Record
 dd if=/dev/zero of=/dev/vda bs=512 count=1
 # Create a new GPT partition table
 parted /dev/vda mklabel gpt
 # Create a partition for /boot/efi
 parted /dev/vda mkpart primary fat32 1MiB 100MiB
 parted /dev/vda set 1 boot on
 # Create a partition for /boot
 parted /dev/vda mkpart primary xfs 100MiB 1100MiB
 # Create a partition for prep
 parted /dev/vda mkpart primary 1100MiB 1104MiB
 # Create a partition for bios_grub
 parted /dev/vda mkpart primary 1104MiB 1105MiB
 # Create a partition for LVM
 parted /dev/vda mkpart primary xfs 1106MiB 10.7GB
 %end
 %packages
@core
 rocky-release
 dnf
 kernel
 yum
 nfs-utils
 dnf-utils
 hostname
 -aic94xx-firmware
 -alsa-firmware
 -alsa-lib
 -alsa-tools-firmware
 -ivtv-firmware
 -iwl1000-firmware
 -iwl100-firmware
 -iwl105-firmware
 -iwl135-firmware
 -iwl2000-firmware
 -iwl2030-firmware
 -iwl3160-firmware
 -iwl3945-firmware
 -iwl4965-firmware
 -iwl5000-firmware
 -iwl5150-firmware
 -iwl6000-firmware
 -iwl6000g2a-firmware
 -iwl6000g2b-firmware
 -iwl6050-firmware
 -iwl7260-firmware
 -libertas-sd8686-firmware
 -libertas-sd8787-firmware
 -libertas-usb8388-firmware
 cloud-init
 cloud-utils-growpart
 python3-jsonschema
 dracut-config-generic
 -dracut-config-rescue
 firewalld
 # some stuff that's missing from core or things we want
 tar
 tcpdump
 rsync
 rng-tools
 cockpit-ws
 cockpit-system
 qemu-guest-agent
 virt-what
 -biosdevname
 -plymouth
 -iprutils
 # Fixes an s390x issue
 #-langpacks-*
 -langpacks-en
 %end
 %post --erroronfail
 passwd -d root
 passwd -l root
 # Attempting to force legacy BIOS boot if we boot from UEFI
 if [ "$(arch)" = "x86_64" ]; then
  dnf install grub2-pc-modules grub2-pc -y
  grub2-install --target=i386-pc /dev/vda
 fi
 # Ensure that the pmbr_boot flag is off
 parted /dev/vda disk_set pmbr_boot off
 # setup systemd to boot to the right runlevel
 rm -f /etc/systemd/system/default.target
 ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
 echo .
 # we don't need this in virt
 dnf -C -y remove linux-firmware
 # Remove firewalld; it is required to be present for install/image building.
 # but we dont ship it in cloud
 dnf -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
 dnf -C -y remove avahi\* 
 sed -i '/^#NAutoVTs=.*/ a\
 NAutoVTs=0' /etc/systemd/logind.conf
 cat > /etc/sysconfig/network << EOF
 NETWORKING=yes
 NOZEROCONF=yes
 EOF
 # this should *really* be an empty file - gotta make anaconda happy
 truncate -s 0 /etc/resolv.conf
 # For cloud images, 'eth0' _is_ the predictable device name, since
 # we don't want to be tied to specific virtual (!) hardware
 rm -f /etc/udev/rules.d/70*
 ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
 rm -f /etc/sysconfig/network-scripts/ifcfg-*
 # simple eth0 config, again not hard-coded to the build hardware
 cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
 DEVICE="eth0"
 BOOTPROTO="dhcp"
 BOOTPROTOv6="dhcp"
 ONBOOT="yes"
 TYPE="Ethernet"
 USERCTL="yes"
 PEERDNS="yes"
 IPV6INIT="yes"
 PERSISTENT_DHCLIENT="1"
 EOF
 echo "virtual-guest" > /etc/tuned/active_profile
 # generic localhost names
 cat > /etc/hosts << EOF
 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
 ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
 EOF
 echo .
 #systemctl mask tmp.mount
 cat <<EOL > /etc/sysconfig/kernel
 # UPDATEDEFAULT specifies if new-kernel-pkg should make
 # new kernels the default
 UPDATEDEFAULT=yes
 # DEFAULTKERNEL specifies the default kernel package type
 DEFAULTKERNEL=kernel
 EOL
 # make sure firstboot doesn't start
 echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
 # just in case
 if ! grep -q growpart /etc/cloud/cloud.cfg; then
  sed -i 's/ - resizefs/ - growpart\n - resizefs/' /etc/cloud/cloud.cfg
 fi
 # temporary until 22.2
 sed -i 's/^system_info:/locale: C.UTF-8\nsystem_info:/' /etc/cloud/cloud.cfg
 # rocky cloud user
 sed -i '1i # Modified for cloud image' /etc/cloud/cloud.cfg
 echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
 sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
 # these shouldn't be enabled, but just in case
 sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/product-id.conf
 sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/subscription-manager.conf
 dnf clean all
 # XXX instance type markers - MUST match Rocky Infra expectation
 echo 'genclo' > /etc/yum/vars/infra
 rm -rf /var/log/yum.log
 rm -rf /var/lib/yum/*
 rm -rf /root/install.log
 rm -rf /root/install.log.syslog
 rm -rf /root/anaconda-ks.cfg
 rm -rf /var/log/anaconda*
 echo "Fixing SELinux contexts."
 touch /var/log/cron
 touch /var/log/boot.log
 mkdir -p /var/cache/yum
 /usr/sbin/fixfiles -R -a restore
 rm -f /var/lib/systemd/random-seed
 cat /dev/null > /etc/machine-id
 # reorder console entries
 #sed -i 's/console=tty0/console=tty0 console=ttyS0,115200n8/' /boot/grub2/grub.cfg
 true
 %end
--- a/Rocky-9-GenericCloud-LVM.ks
+++ b/Rocky-9-GenericCloud-LVM.ks
@ -1,236 +0,0 @@
 text
 lang en_US.UTF-8
 keyboard us
 timezone --utc UTC
 # Disk
 bootloader --append="console=ttyS0,115200n8 no_timer_check crashkernel=auto net.ifnames=0" --location=mbr --timeout=1
 auth --enableshadow --passalgo=sha512
 selinux --enforcing
 firewall --enabled --service=ssh
 firstboot --disable
 # Network information
 network  --bootproto=dhcp --device=link --activate --onboot=on
 # Root password
 services --disabled="kdump,rhsmcertd" --enabled="NetworkManager,sshd,rsyslog,chronyd,cloud-init,cloud-init-local,cloud-config,cloud-final,rngd"
 rootpw --iscrypted thereisnopasswordanditslocked
 # Partition stuff
 #zerombr
 #clearpart --all --initlabel --disklabel=gpt
 #reqpart
 # This should allow BIOS, UEFI, and PReP booting. Trying to be as universal as
 # possible. This is a similar setup to Fedora without the btrfs.
 part /boot/efi --fstype=efi      --asprimary  --onpart=vda1
 part /boot     --fstype=xfs      --label=boot  --onpart=vda2
 part prepboot  --fstype=prepboot --asprimary  --onpart=vda3
 part biosboot  --fstype=biosboot --asprimary  --onpart=vda4
 part pv.01     --grow  --onpart=vda5
 volgroup rocky pv.01
 logvol / --vgname=rocky --size=8000 --name=root --grow --mkfsoptions "-m bigtime=0,inobtcount=0"
 shutdown
 %pre
 # Clear the Master Boot Record
 dd if=/dev/zero of=/dev/vda bs=512 count=1
 # Create a new GPT partition table
 parted /dev/vda mklabel gpt
 # Create a partition for /boot/efi
 parted /dev/vda mkpart primary fat32 1MiB 100MiB
 parted /dev/vda set 1 boot on
 # Create a partition for /boot
 parted /dev/vda mkpart primary xfs 100MiB 1100MiB
 # Create a partition for prep
 parted /dev/vda mkpart primary 1100MiB 1104MiB
 # Create a partition for bios_grub
 parted /dev/vda mkpart primary 1104MiB 1105MiB
 # Create a partition for LVM
 parted /dev/vda mkpart primary ext2 1106MiB 10.7GB
 parted /dev/vda set 5 lvm on
 %end
 %packages
@core
 rocky-release
 dnf
 kernel
 yum
 nfs-utils
 dnf-utils
 hostname
 -aic94xx-firmware
 -alsa-firmware
 -alsa-lib
 -alsa-tools-firmware
 -ivtv-firmware
 -iwl1000-firmware
 -iwl100-firmware
 -iwl105-firmware
 -iwl135-firmware
 -iwl2000-firmware
 -iwl2030-firmware
 -iwl3160-firmware
 -iwl3945-firmware
 -iwl4965-firmware
 -iwl5000-firmware
 -iwl5150-firmware
 -iwl6000-firmware
 -iwl6000g2a-firmware
 -iwl6000g2b-firmware
 -iwl6050-firmware
 -iwl7260-firmware
 -libertas-sd8686-firmware
 -libertas-sd8787-firmware
 -libertas-usb8388-firmware
 cloud-init
 cloud-utils-growpart
 python3-jsonschema
 dracut-config-generic
 -dracut-config-rescue
 firewalld
 # some stuff that's missing from core or things we want
 tar
 tcpdump
 rsync
 rng-tools
 cockpit-ws
 cockpit-system
 qemu-guest-agent
 virt-what
 -biosdevname
 -plymouth
 -iprutils
 # Fixes an s390x issue
 #-langpacks-*
 -langpacks-en
 %end
 %post --erroronfail
 passwd -d root
 passwd -l root
 # Attempting to force legacy BIOS boot if we boot from UEFI
 if [ "$(arch)" = "x86_64" ]; then
  dnf install grub2-pc-modules grub2-pc -y
  grub2-install --target=i386-pc /dev/vda
 fi
 # Ensure that the pmbr_boot flag is off
 parted /dev/vda disk_set pmbr_boot off
 # setup systemd to boot to the right runlevel
 rm -f /etc/systemd/system/default.target
 ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
 echo .
 # we don't need this in virt
 dnf -C -y remove linux-firmware
 # Remove firewalld; it is required to be present for install/image building.
 # but we dont ship it in cloud
 dnf -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
 dnf -C -y remove avahi\* 
 sed -i '/^#NAutoVTs=.*/ a\
 NAutoVTs=0' /etc/systemd/logind.conf
 cat > /etc/sysconfig/network << EOF
 NETWORKING=yes
 NOZEROCONF=yes
 EOF
 # this should *really* be an empty file - gotta make anaconda happy
 truncate -s 0 /etc/resolv.conf
 # For cloud images, 'eth0' _is_ the predictable device name, since
 # we don't want to be tied to specific virtual (!) hardware
 rm -f /etc/udev/rules.d/70*
 ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
 rm -f /etc/sysconfig/network-scripts/ifcfg-*
 # simple eth0 config, again not hard-coded to the build hardware
 cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
 DEVICE="eth0"
 BOOTPROTO="dhcp"
 BOOTPROTOv6="dhcp"
 ONBOOT="yes"
 TYPE="Ethernet"
 USERCTL="yes"
 PEERDNS="yes"
 IPV6INIT="yes"
 PERSISTENT_DHCLIENT="1"
 EOF
 echo "virtual-guest" > /etc/tuned/active_profile
 # generic localhost names
 cat > /etc/hosts << EOF
 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
 ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
 EOF
 echo .
 #systemctl mask tmp.mount
 cat <<EOL > /etc/sysconfig/kernel
 # UPDATEDEFAULT specifies if new-kernel-pkg should make
 # new kernels the default
 UPDATEDEFAULT=yes
 # DEFAULTKERNEL specifies the default kernel package type
 DEFAULTKERNEL=kernel
 EOL
 # make sure firstboot doesn't start
 echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
 # just in case
 if ! grep -q growpart /etc/cloud/cloud.cfg; then
  sed -i 's/ - resizefs/ - growpart\n - resizefs/' /etc/cloud/cloud.cfg
 fi
 # temporary until 22.2
 sed -i 's/^system_info:/locale: C.UTF-8\nsystem_info:/' /etc/cloud/cloud.cfg
 # rocky cloud user
 sed -i '1i # Modified for cloud image' /etc/cloud/cloud.cfg
 echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
 sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
 # these shouldn't be enabled, but just in case
 sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/product-id.conf
 sed -i 's|^enabled=1|enabled=0|' /etc/yum/pluginconf.d/subscription-manager.conf
 dnf clean all
 # XXX instance type markers - MUST match Rocky Infra expectation
 echo 'genclo' > /etc/yum/vars/infra
 rm -rf /var/log/yum.log
 rm -rf /var/lib/yum/*
 rm -rf /root/install.log
 rm -rf /root/install.log.syslog
 rm -rf /root/anaconda-ks.cfg
 rm -rf /var/log/anaconda*
 echo "Fixing SELinux contexts."
 touch /var/log/cron
 touch /var/log/boot.log
 mkdir -p /var/cache/yum
 /usr/sbin/fixfiles -R -a restore
 rm -f /var/lib/systemd/random-seed
 cat /dev/null > /etc/machine-id
 # reorder console entries
 #sed -i 's/console=tty0/console=tty0 console=ttyS0,115200n8/' /boot/grub2/grub.cfg
 # LVM Variant Fix, remove system.devices
 rm -fv /etc/lvm/devices/system.devices
 true
 %end
--- a/Rocky-9-MATE.ks
+++ b/Rocky-9-MATE.ks
@ -1,558 +0,0 @@
 # Generated by pykickstart v3.36
 #version=DEVEL
 # X Window System configuration information
 xconfig  --startxonboot
 # Keyboard layouts
 keyboard 'us'
 # Root password
 rootpw --iscrypted --lock locked
 # System language
 lang en_US.UTF-8
 # Shutdown after installation
 shutdown
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Firewall configuration
 firewall --enabled --service=mdns
 # Use network installation
 url --url="http://dl.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/"
 repo --name="BaseOS" --baseurl=http://dl.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/ --cost=200
 repo --name="AppStream" --baseurl=http://dl.rockylinux.org/stg/rocky/9/AppStream/$basearch/os/ --cost=200
 repo --name="CRB" --baseurl=http://dl.rockylinux.org/stg/rocky/9/CRB/$basearch/os/ --cost=200
 repo --name="extras" --baseurl=http://dl.rockylinux.org/stg/rocky/9/extras/$basearch/os --cost=200
 repo --name="epel" --baseurl=https://dl.fedoraproject.org/pub/epel/9/Everything/$basearch/ --cost=200
 # System timezone
 timezone US/Eastern
 # SELinux configuration
 selinux --enforcing
 # System services
 services --disabled="sshd" --enabled="NetworkManager,ModemManager"
 # System bootloader configuration
 bootloader --location=none
 # Clear the Master Boot Record
 zerombr
 # Partition clearing information
 clearpart --all
 # Disk partitioning information
 part / --fstype="ext4" --size=5120
 part / --size=7168
 %post
 # FIXME: it'd be better to get this installed from a package
 cat > /etc/rc.d/init.d/livesys << EOF
 #!/bin/bash
 #
 # live: Init script for live image
 #
 # chkconfig: 345 00 99
 # description: Init script for live image.
 ### BEGIN INIT INFO
 # X-Start-Before: display-manager chronyd
 ### END INIT INFO
 . /etc/init.d/functions
 if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then
    exit 0
 fi
 if [ -e /.liveimg-configured ] ; then
    configdone=1
 fi
 exists() {
    which \$1 >/dev/null 2>&1 || return
    \$*
 }
 livedir="LiveOS"
 for arg in \`cat /proc/cmdline\` ; do
  if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then
    livedir=\${arg##rd.live.dir=}
    continue
  fi
  if [ "\${arg##live_dir=}" != "\${arg}" ]; then
    livedir=\${arg##live_dir=}
  fi
 done
 # Enable swap unless requested otherwise
 swaps=\`blkid -t TYPE=swap -o device\`
 if ! strstr "\`cat /proc/cmdline\`" noswap && [ -n "\$swaps" ] ; then
  for s in \$swaps ; do
    action "Enabling swap partition \$s" swapon \$s
  done
 fi
 if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then
  action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img
 fi
 # Support for persistent homes
 mountPersistentHome() {
  # support label/uuid
  if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then
    homedev=\`/sbin/blkid -o device -t "\$homedev"\`
  fi
  # if we're given a file rather than a blockdev, loopback it
  if [ "\${homedev##mtd}" != "\${homedev}" ]; then
    # mtd devs don't have a block device but get magic-mounted with -t jffs2
    mountopts="-t jffs2"
  elif [ ! -b "\$homedev" ]; then
    loopdev=\`losetup -f\`
    if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then
      action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live
    fi
    losetup \$loopdev \$homedev
    homedev=\$loopdev
  fi
  # if it's encrypted, we need to unlock it
  if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then
    echo
    echo "Setting up encrypted /home device"
    plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome"
    homedev=/dev/mapper/EncHome
  fi
  # and finally do the mount
  mount \$mountopts \$homedev /home
  # if we have /home under what's passed for persistent home, then
  # we should make that the real /home.  useful for mtd device on olpc
  if [ -d /home/home ]; then mount --bind /home/home /home ; fi
  [ -x /sbin/restorecon ] && /sbin/restorecon /home
  if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi
 }
 # Help locate persistent homes
 findPersistentHome() {
  for arg in \`cat /proc/cmdline\` ; do
    if [ "\${arg##persistenthome=}" != "\${arg}" ]; then
      homedev=\${arg##persistenthome=}
    fi
  done
 }
 if strstr "\`cat /proc/cmdline\`" persistenthome= ; then
  findPersistentHome
 elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then
  homedev=/run/initramfs/live/\${livedir}/home.img
 fi
 # Mount the persistent home if it's available
 if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then
  action "Mounting persistent /home" mountPersistentHome
 fi
 if [ -n "\$configdone" ]; then
  exit 0
 fi
 # Create the liveuser (no password) so automatic logins and sudo works
 action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser
 passwd -d liveuser > /dev/null
 usermod -aG wheel liveuser > /dev/null
 # Same for root
 passwd -d root > /dev/null
 # Turn off firstboot (similar to a DVD/minimal install, where it asks
 # for the user to accept the EULA before bringing up a TTY)
 systemctl --no-reload disable firstboot-text.service 2> /dev/null || :
 systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || :
 systemctl stop firstboot-text.service 2> /dev/null || :
 systemctl stop firstboot-graphical.service 2> /dev/null || :
 # Prelinking damages the images
 sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || :
 # Turn off mdmonitor by default
 systemctl --no-reload disable mdmonitor.service 2> /dev/null || :
 systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || :
 systemctl stop mdmonitor.service 2> /dev/null || :
 systemctl stop mdmonitor-takeover.service 2> /dev/null || :
 # Even if there isn't gnome, this doesn't hurt.
 gsettings set org.gnome.software download-updates 'false' || :
 # Disable cron
 systemctl --no-reload disable crond.service 2> /dev/null || :
 systemctl --no-reload disable atd.service 2> /dev/null || :
 systemctl stop crond.service 2> /dev/null || :
 systemctl stop atd.service 2> /dev/null || :
 # Disable abrt
 systemctl --no-reload disable abrtd.service 2> /dev/null || :
 systemctl stop abrtd.service 2> /dev/null || :
 # Don't sync the system clock when running live (RHBZ #1018162)
 sed -i 's/rtcsync//' /etc/chrony.conf
 # Mark things as configured
 touch /.liveimg-configured
 # add static hostname to work around xauth bug
 # https://bugzilla.redhat.com/show_bug.cgi?id=679486
 # the hostname must be something else than 'localhost'
 # https://bugzilla.redhat.com/show_bug.cgi?id=1370222
 echo "localhost-live" > /etc/hostname
 EOF
 # HAL likes to start late.
 cat > /etc/rc.d/init.d/livesys-late << EOF
 #!/bin/bash
 #
 # live: Late init script for live image
 #
 # chkconfig: 345 99 01
 # description: Late init script for live image.
 . /etc/init.d/functions
 if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then
    exit 0
 fi
 exists() {
    which \$1 >/dev/null 2>&1 || return
    \$*
 }
 touch /.liveimg-late-configured
 # Read some stuff out of the kernel cmdline
 for o in \`cat /proc/cmdline\` ; do
    case \$o in
    ks=*)
        ks="--kickstart=\${o#ks=}"
        ;;
    xdriver=*)
        xdriver="\${o#xdriver=}"
        ;;
    esac
 done
 # If liveinst or textinst is given, start installer
 if strstr "\`cat /proc/cmdline\`" liveinst ; then
   plymouth --quit
   /usr/sbin/liveinst \$ks
 fi
 if strstr "\`cat /proc/cmdline\`" textinst ; then
   plymouth --quit
   /usr/sbin/liveinst --text \$ks
 fi
 # Configure X, allowing user to override xdriver
 if [ -n "\$xdriver" ]; then
   cat > /etc/X11/xorg.conf.d/00-xdriver.conf <<FOE
 Section "Device"
 	Identifier	"Videocard0"
 	Driver	"\$xdriver"
 EndSection
 FOE
 fi
 EOF
 chmod 755 /etc/rc.d/init.d/livesys
 /sbin/restorecon /etc/rc.d/init.d/livesys
 /sbin/chkconfig --add livesys
 chmod 755 /etc/rc.d/init.d/livesys-late
 /sbin/restorecon /etc/rc.d/init.d/livesys-late
 /sbin/chkconfig --add livesys-late
 # Enable tmpfs for /tmp - this is a good idea
 systemctl enable tmp.mount
 # make it so that we don't do writing to the overlay for things which
 # are just tmpdirs/caches
 # note https://bugzilla.redhat.com/show_bug.cgi?id=1135475
 cat >> /etc/fstab << EOF
 vartmp   /var/tmp    tmpfs   defaults   0  0
 EOF
 # PackageKit likes to play games. Let's fix that.
 rm -f /var/lib/rpm/__db*
 releasever=$(rpm -q --qf '%{version}\n' --whatprovides system-release)
 basearch=$(uname -i)
 rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
 echo "Packages within this LiveCD"
 rpm -qa
 # Note that running rpm recreates the rpm db files which aren't needed or wanted
 rm -f /var/lib/rpm/__db*
 # go ahead and pre-make the man -k cache (#455968)
 /usr/bin/mandb
 # make sure there aren't core files lying around
 rm -f /core*
 # remove random seed, the newly installed instance should make it's own
 rm -f /var/lib/systemd/random-seed
 # convince readahead not to collect
 # FIXME: for systemd
 echo 'File created by kickstart. See systemd-update-done.service(8).' \
    | tee /etc/.updated >/var/.updated
 # Drop the rescue kernel and initramfs, we don't need them on the live media itself.
 # See bug 1317709
 rm -f /boot/*-rescue*
 # Disable network service here, as doing it in the services line
 # fails due to RHBZ #1369794 - the error is expected
 /sbin/chkconfig network off
 # Remove machine-id on generated images
 rm -f /etc/machine-id
 touch /etc/machine-id
 %end
 %post --nochroot
 cp $INSTALL_ROOT/usr/share/licenses/*-release/* $LIVE_ROOT/
 # only works on x86_64
 if [ "$(uname -i)" = "i386" -o "$(uname -i)" = "x86_64" ]; then
    # For livecd-creator builds
    if [ ! -d $LIVE_ROOT/LiveOS ]; then mkdir -p $LIVE_ROOT/LiveOS ; fi
    cp /usr/bin/livecd-iso-to-disk $LIVE_ROOT/LiveOS
    # For lorax/livemedia-creator builds
    sed -i '
    /## make boot.iso/ i\
    # Add livecd-iso-to-disk script to .iso filesystem at /LiveOS/\
    <% f = "usr/bin/livecd-iso-to-disk" %>\
    %if exists(f):\
        install ${f} ${LIVEDIR}/${f|basename}\
    %endif\
    ' /usr/share/lorax/templates.d/99-generic/live/x86.tmpl
 fi
 %end
 %post
 # mate configuration
 cat >> /etc/rc.d/init.d/livesys << EOF
 # make the installer show up
 if [ -f /usr/share/applications/liveinst.desktop  ]; then
  # Show harddisk install in shell dash
  sed -i -e 's/NoDisplay=true/NoDisplay=false/' /usr/share/applications/liveinst.desktop ""
 fi
 mkdir /home/liveuser/Desktop
 cp /usr/share/applications/liveinst.desktop /home/liveuser/Desktop
 chmod +x /home/liveuser/Desktop/liveinst.desktop
 # move to anaconda - probably not required for MATE.
 mv /usr/share/applications/liveinst.desktop /usr/share/applications/anaconda.desktop
 if [ -f /usr/share/anaconda/gnome/fedora-welcome.desktop  ]; then
  mkdir -p ~liveuser/.config/autostart
  cp /usr/share/anaconda/gnome/fedora-welcome.desktop /usr/share/applications/
  cp /usr/share/anaconda/gnome/fedora-welcome.desktop ~liveuser/.config/autostart/
 fi
 # rebuild schema cache with any overrides we installed
 glib-compile-schemas /usr/share/glib-2.0/schemas
 # set up lightdm autologin
 sed -i 's/^#autologin-user=.*/autologin-user=liveuser/' /etc/lightdm/lightdm.conf
 sed -i 's/^#autologin-user-timeout=.*/autologin-user-timeout=0/' /etc/lightdm/lightdm.conf
 sed -i 's/^#show-language-selector=.*/show-language-selector=true/' /etc/lightdm/lightdm-gtk-greeter.conf
 # set MATE as default session, otherwise login will fail
 sed -i 's/^#user-session=.*/user-session=mate/' /etc/lightdm/lightdm.conf
 # Turn off PackageKit-command-not-found while uninstalled
 if [ -f /etc/PackageKit/CommandNotFound.conf  ]; then
  sed -i -e 's/^SoftwareSourceSearch=true/SoftwareSourceSearch=false/' /etc/PackageKit/CommandNotFound.conf
 fi
 # The updater applet might or might not exist
 rm -f /etc/xdg/autostart/org.mageia.dnfdragora-updater.desktop
 # reset selinux contexts
 chown -R liveuser:liveuser /home/liveuser/
 restorecon -R /home/liveuser/
 restorecon -R /
 EOF
 # this doesn't come up automatically. not sure why.
 systemctl enable --force lightdm.service
 # CRB needs to be enabled for EPEL to function.
 dnf config-manager --set-enabled crb
 %end
 %packages
@anaconda-tools
@base-x
@core
@dial-up
@fonts
@guest-desktop-agents
@hardware-support
@input-methods
@multimedia
@standard
 NetworkManager-adsl
 NetworkManager-bluetooth
 NetworkManager-l2tp-gnome
 NetworkManager-libreswan-gnome
 NetworkManager-openconnect-gnome
 NetworkManager-openvpn-gnome
 NetworkManager-ovs
 NetworkManager-ppp
 NetworkManager-pptp-gnome
 NetworkManager-team
 NetworkManager-wifi
 NetworkManager-wwan
 aajohan-comfortaa-fonts
 anaconda
 anaconda-install-env-deps
 anaconda-live
 atril
 atril-caja
 atril-thumbnailer
 caja
 caja-actions
 chkconfig
 dconf-editor
 dracut-live
 efi-filesystem
 efibootmgr
 efivar-libs
 engrampa
 eom
 epel-release
 f36-backgrounds-extras-mate
 f36-backgrounds-mate
 filezilla
 firefox
 firewall-applet
 firewall-config
 glibc-all-langpacks
 gnome-disk-utility
 gnome-epub-thumbnailer
 gnome-themes-extra
 gparted
 grub2-common
 grub2-efi-*64
 grub2-efi-*64-cdboot
 grub2-pc-modules
 grub2-tools
 grub2-tools-efi
 grub2-tools-extra
 grub2-tools-minimal
 grubby
 gstreamer1-plugins-ugly-free
 gtk2-engines
 gucharmap
 gvfs-fuse
 gvfs-gphoto2
 gvfs-mtp
 gvfs-smb
 hexchat
 initial-setup-gui
 initscripts
 kernel
 kernel-modules
 kernel-modules-extra
 libmatekbd
 libmatemixer
 libmateweather
 libreoffice-calc
 libreoffice-emailmerge
 libreoffice-graphicfilter
 libreoffice-impress
 libreoffice-writer
 libsecret
 lightdm
 lm_sensors
 marco
 mate-applets
 mate-backgrounds
 mate-calc
 mate-control-center
 mate-desktop
 mate-dictionary
 mate-disk-usage-analyzer
 mate-icon-theme
 mate-media
 mate-menu
 mate-menus
 mate-menus-preferences-category-menu
 mate-notification-daemon
 mate-panel
 mate-polkit
 mate-power-manager
 mate-screensaver
 mate-screenshot
 mate-search-tool
 mate-sensors-applet
 mate-session-manager
 mate-settings-daemon
 mate-system-log
 mate-system-monitor
 mate-terminal
 mate-themes
 mate-user-admin
 mate-user-guide
 mate-utils
 memtest86+
 mozo
 network-manager-applet
 nm-connection-editor
 orca
 p7zip
 p7zip-plugins
 parole
 pavucontrol
 pipewire-alsa
 pipewire-pulseaudio
 pluma
 pluma-plugins
 rocky-backgrounds
 seahorse
 seahorse-caja
 setroubleshoot
 shim-*64
 slick-greeter-mate
 syslinux
 thunderbird
 tigervnc
 usermode-gtk
 vim-enhanced
 wireplumber
 xdg-user-dirs-gtk
 xmodmap
 xrdb
 yelp
 -@3d-printing
 -@admin-tools
 -audacious
 -brasero
 -evolution-help
 -fedora-icon-theme
 -gnome-icon-theme
 -gnome-icon-theme-symbolic
 -gnome-logs
 -gnome-software
 -gnome-user-docs
 -hplip
 -isdn4k-utils
 -mpage
 -sane-backends
 -shim-unsigned-*64
 -systemd-oomd-defaults
 -telnet
 -xane-gimp
 -xsane
 %end
--- a/Rocky-9-OCP-Base.ks
+++ b/Rocky-9-OCP-Base.ks
@ -1,458 +0,0 @@
 #version=DEVEL
 # Keyboard layouts
 keyboard 'us'
 # Root password
 rootpw --iscrypted thereisnopasswordanditslocked
 # System language
 lang en_US.UTF-8
 # Shutdown after installation
 shutdown
 # System timezone
 timezone UTC --isUtc
 # Use text mode install
 text
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Use network installation
 url --url="https://download.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/"
 repo --name "extras" --baseurl="https://dl.rockylinux.org/stg/rocky/9/extras/$basearch/os/"
 repo --name "crb" --baseurl="https://dl.rockylinux.org/stg/rocky/9/CRB/$basearch/os/"
 repo --name "sig-cloud-common" --baseurl="https://yumrepofs.build.resf.org/v1/projects/15016370-1410-4459-a1a2-a1576041fd19/repo/cloud-common/$basearch/" --includepkgs="oci-utils,python3-circuitbreaker,python3-daemon,python3-sdnotify,python39-oci-sdk" --cost=100
 repo --name=epel --cost=200 --baseurl="https://dl.fedoraproject.org/pub/epel/9/Everything/$basearch/"
 # System authorization information
 auth --enableshadow --passalgo=sha512
 # Firewall configuration
 firewall --enabled --service=ssh
 firstboot --disable
 # SELinux configuration
 selinux --enforcing
 # System services
 services --disabled="kdump,rhsmcertd" --enabled="NetworkManager,sshd,rsyslog,chronyd,cloud-init,cloud-init-local,cloud-config,cloud-final,rngd"
 # System bootloader configuration
 bootloader --append="console=ttyS0,115200n8 console=tty0 no_timer_check crashkernel=auto net.ifnames=0 LANG=en_US.UTF-8 transparent_hugepage=never rd.luks=0 rd.md=0 rd.dm=0 rd.lvm.vg=rocky rd.lvm.lv=rocky/root rd.net.timeout.dhcp=10 libiscsi.debug_libiscsi_eh=1 netroot=iscsi:169.254.0.2:::1:iqn.2015-02.oracle.boot:uefi ip=dhcp rd.iscsi.bypass rd.iscsi.param=node.session.timeo.replacement_timeout=6000" --location=mbr --timeout=1 --boot-drive=vda
 # Disk partitioning information
 # NOTE(neil): 2023-05-12 NONE of reqpart, clearpart, zerombr can be used. We
 # are creating partitions manually in %pre to ensure proper ordering as
 # Anaconda does NOT ensure the ordering `part` commands.
 part /boot/efi --fstype="efi" --onpart=vda1
 part /boot --fstype="xfs" --label=boot --onpart=vda2
 part prepboot --fstype="prepboot" --onpart=vda3
 part biosboot --fstype="biosboot" --onpart=vda4
 part pv.01 --grow --size=1 --onpart=vda5
 volgroup rocky pv.01
 logvol / --grow --size=8000 --mkfsoptions="-m bigtime=0,inobtcount=0" --name=root --vgname=rocky
 %pre
 # Clear the Master Boot Record
 dd if=/dev/zero of=/dev/vda bs=512 count=1
 # Create a new GPT partition table
 parted /dev/vda mklabel gpt
 # Create a partition for /boot/efi
 parted /dev/vda mkpart primary fat32 1MiB 100MiB
 parted /dev/vda set 1 boot on
 # Create a partition for /boot
 parted /dev/vda mkpart primary xfs 100MiB 1100MiB
 # Create a partition for prep
 parted /dev/vda mkpart primary 1100MiB 1104MiB 
 # Create a partition for bios_grub
 parted /dev/vda mkpart primary 1104MiB 1105MiB
 # Create a partition for LVM
 parted /dev/vda mkpart primary ext2 1106MiB 10.7GB
 parted /dev/vda set 5 lvm on
 %end
 %post --erroronfail
 # Attempting to force legacy BIOS boot if we boot from UEFI
 if [ "$(arch)" = "x86_64"  ]; then
  dnf install grub2-pc-modules grub2-pc -y
  grub2-install --target=i386-pc /dev/vda
 fi
 # Ensure that the pmbr_boot flag is off
 parted /dev/vda disk_set pmbr_boot off
 # setup systemd to boot to the right runlevel
 rm -f /etc/systemd/system/default.target
 ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
 echo .
 dnf -C -y remove linux-firmware
 # Remove firewalld; it is required to be present for install/image building.
 # but we dont ship it in cloud
 dnf -C -y remove firewalld --setopt="clean_requirements_on_remove=1"
 dnf -C -y remove avahi\* 
 sed -i '/^#NAutoVTs=.*/ a\
 NAutoVTs=0' /etc/systemd/logind.conf
 cat > /etc/sysconfig/network << EOF
 NETWORKING=yes
 NOZEROCONF=yes
 EOF
 # Remove build-time resolvers to fix #16948
 echo > /etc/resolv.conf
 # For cloud images, 'eth0' _is_ the predictable device name, since
 # we don't want to be tied to specific virtual (!) hardware
 rm -f /etc/udev/rules.d/70*
 ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules
 # simple eth0 config, again not hard-coded to the build hardware
 cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
 DEVICE="eth0"
 BOOTPROTO="dhcp"
 ONBOOT="yes"
 TYPE="Ethernet"
 USERCTL="yes"
 PEERDNS="yes"
 IPV6INIT="no"
 PERSISTENT_DHCLIENT="1"
 EOF
 echo "virtual-guest" > /etc/tuned/active_profile
 # generic localhost names
 cat > /etc/hosts << EOF
 127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
 ::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
 EOF
 echo .
 systemctl mask tmp.mount
 cat <<EOL > /etc/sysconfig/kernel
 # UPDATEDEFAULT specifies if new-kernel-pkg should make
 # new kernels the default
 UPDATEDEFAULT=yes
 # DEFAULTKERNEL specifies the default kernel package type
 DEFAULTKERNEL=kernel
 EOL
 # make sure firstboot doesn't start
 echo "RUN_FIRSTBOOT=NO" > /etc/sysconfig/firstboot
 # rocky cloud user
 sed -i '1i # Modified for cloud image' /etc/cloud/cloud.cfg
 echo -e 'rocky\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers
 sed -i 's/name: cloud-user/name: rocky/g' /etc/cloud/cloud.cfg
 # disable cloud kernel repo as it's not needed
 sed -i 's/enabled=1/enabled=0/' /etc/yum.repos.d/Rocky-SIG-Cloud-Kernel.repo
 dnf clean all
 # XXX instance type markers - MUST match Rocky Infra expectation
 echo 'oci' > /etc/yum/vars/infra
 # change dhcp client retry/timeouts to resolve #6866
 cat  >> /etc/dhcp/dhclient.conf << EOF
 timeout 300;
 retry 60;
 EOF
 # OCI - Import repo GPG key
 cat <<EOF > /tmp/key
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 mQINBGHncu8BEAC2dhocMZkdapnP9o/MvAnKOczaSpF4Cj9yqt49bxLPJCY57jz9
 2ZkJ5iGk6kpBt4rPTh18aAl30T+nPP8VMQjMhvHJKfZmBtaJJ5RpvvpK5mj1UgRJ
 4DQX7gqAbT0s/uZZcouZsJzXo3c7GNMrim1C+ScfGG6BoB6GVBK74jFeJNMsxZ2Y
 BwQhpE+KG+1zD94RZCySykJjNoKj+U4W5H2XdB/mNEc8icFqxjJGZ5BN0DA2Wqxn
 mwELTO3Q2ne1y9+sPn2YKhRqyihuZYaUPR/Jpdki93mk61MdaoTTxFPZ8FWAYrAW
 9KVdreT8K33SaTFFpmhbpndPEYesgCqDqiZG7Ywjgbf2nqSOzBr2ZX23PX7QUCvQ
 ar58bNbWENLhC3B950TK+r23kkPa3GICE9WP5TftWJdbJMWRBX3YhdNooNGGCbeB
 xM7B/UV9hSRx1S/US8HvDhJezZDuKrpPXrNWJTuW9Kty2WGwUkEDT2GBbcjx9ocJ
 fqyNJKhaLoYKCVlsmhJUi4xCY0CDDapekWLZOzHB2zgT49uIjawV5ex6pA7oLaPI
 hQGvTcCl7GFWOP/6feazzIpnsJ4V3B2DoLnAevpZlINo/bi3Hv/YmbvE6NyYzD6c
 1y90pc0+Om1trLPCAZpaO1I369ZhLl6T/mCd92hrCG1y8K3PFiRIKpEMVwARAQAB
 tDVPcmFjbGUgTGludXggKHJlbGVhc2Uga2V5IDEpIDxzZWNhbGVydF91c0BvcmFj
 bGUuY29tPokCVAQTAQoAPhYhBD5tgm0/urOJwvOONLxNBqCNi3VvBQJinlnsAhsD
 BQklmAYABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJELxNBqCNi3Vv3LEP/2au
 kXzbdA/T/7i+4AbGFfYnTWqmZy58wfteDNy1sk6cPmfOUqZQXUrJcSGqqeIDjPvl
 KNExpee/Ja4NGg2YfzkwH5IK5sXmEDKObXRCXGZh9/WyYpr4TBoDU2rSYBP4sbKm
 PsnVoRalt2Zb0qbQF8GilytoRabjI0gLzwhmoHBZMMc3MIO14KQ5yFbekaJZKcxE
 BxaDQ1NDZV1rOVbkg0yDLS9Nw89dDYWVn1wx0foRJcD277ExvmaB4vmC5yayo4ss
 cFldYLu7W9FHmh46flXQGfduORCbDFfjn92eB0jdrkuoEhVRpljAtMO15GMpuVbv
 HzbImI2f1MfydOa6dHbRAlzeV37fPz+1nO9IWdXqFeRG0nrH2gB02AfeoObMkK/a
 XYT9sq1mC5DaK6fbOPWlY+c2hIq0BhUpe+OBdDfmm7L+si9Ffj2sUdn4sHLN6Tj7
 BrJuWmJEz42+rblDNBkrdBC6XXDaRYILKSuGD65PVV+/pVl1c2EOqcktW00iiehb
 eLhj2sz6NaoO5Rhx0J3pMsaCaEBAm8P6UxQSx4iGhZ8Kh5O1SVVlqu3xOhSGOKRE
 sS8gIjeV/Jl3frR4eZG/BpzdTjKZmQV7dvJ4gDuDE+X7rZBzUm7nggyE2pV6UbTD
 5Qwy+ASQfYHfHK4lsHD4kbO/We6H1fEFPlzlr14UuQINBGHncu8BEADBG52gWRob
 VEsQIzAfq2obFnwMroxMupXrDBka7i6cUJw8HsqyHs9maGxAuRDlAma2MBPUYcbm
 DH3bmctaUR7CA1RouPkb6qbZXwSwpvgN4eh4naPX20/VEp/cd5DhKWjP9yC70weh
 r4LmGWV41jBAMK0G1l6+FDw2ITgsamZP+tw0swCKqzpIY2waiygCtPHCCCFMuZ6S
 7hzQpsKVFh8zqzRxMs6Mni9olk4+xwng0ahYfoe2esByR2M1kGX62Y6BOcIRX1cE
 zYFCUww5GrjZdJoObBtffUSz+q2LNOBcqg5huRd8BoC+k5yrXUq8ypspfV1kNEI3
 /ebFew6A8sdf2c+sOdTxTu4MI5iXM1fhCC6X4lAN8w1Ga3ML+k/kgL75mH62Yyzr
 OHXNkylTDfxz9qvq6qszVfWdzVaGXRfulW5nAbAXhuX1gmgZW+M7IQ22xyWC+I60
 UcaE2l9QtHFKuekdYnekTkSUA0ghVwuw+JCQZGQbq5LqbA5TkEYuibBOJD3MZYQ5
 C3DK4KHs/3wxf2aq+Pkf3mpSscC4B0Ba5tlpJawUWqnUmGd208sfUwD20MFfHM+1
 N+M6JYCv0tC0cyAV9Jq74bAUDXLMfkGKZyAWmlPaZBMMt4WaN0r2PAKp00T6PX6x
 jTM6/aNDvNTpsaaUpMXRzH13AiJ/1SjfZwARAQABiQI8BBgBCgAmAhsMFiEEPm2C
 bT+6s4nC8440vE0GoI2LdW8FAmKeWsgFCSRtulkACgkQvE0GoI2LdW/pig//Zi0a
 bmFJKTxku0/LMI31ZaLn9gzXjv2ugmJumfXAce+nlaheCNBa+IMLQdAmrbislzLs
 qXX2+6Eqh4Q/vqGLCkElIzT9ulkgwwEp0cVF6jnXqlWHa0a/T6oAq10jRneaQFCE
 t6hweJ9KTUQufp5aAiZr/GVpBJLJ8kfOx+5eHvDj+VFlFUhpzzns/NfN5N+bthJ/
 Wbt49tzmWaWoEFA0tlwMBPO3zEh/mo5lys0GqENPs4Yb4tL82qg+SG7jHSuH2lZk
 XLLyLQ6p63VZysL9+UTBtafs5jxnTopQFIXtzAOwdtQ8o7/6hhsUchRoUy23EIHT
 J25yA2Qtb8Z/1m/G0e3lz46xHBPIs8FKSOPToCT6E1+9lomnzJPRBCCDTZO5imfX
 4N4l7BodW9nb7zEMHCi2BUM+InpSsEkQkQFs0HIRI2KHSyY30uN0pVXJLOoVQIBr
 WdUzLTTkN9w43fLpkcFXGbpU+pZvK2uksC3O+eBhIpZA9E7iZDwfEaZlUKO5kFvS
 V5f8ZM1jbEb0sOZNNNEaEhTFTl8pQPc2GqgZ3rYt9mqH5OwhzKftV9PDYulIbY+Y
 AN6eJhHj8Eu/IlxG6iYCDmF2hOVPs9aLo9zqdxbu8B6rUyVPOwfNbOR1U7WMRCYm
 4QrtLe//99hXPcFVanIxgkdslnyYf4fjdbdlmNY=
 =xpaH
 -----END PGP PUBLIC KEY BLOCK-----
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 mQINBGHndDkBEACieeO8U0kcUTDMLGXGKrJ3nScZ4LN5hHSzWC1zuLPpkB0YQdik
 CrfSwodyp9LeEhaRsCSoGDc3cS5f5uGvsSUHMCZwEKjdT8LmZkF/dtvVDWawgaLS
 KjoT+AJpss+ws0d/qmwkIHeYExdvZFNdKxvvxycCNy9fNwarT4aNySW6Ax7ERDl8
 k0QSK7uvL1AaWQKSz9rX//KcLv5OXVUX3ITcwprJPD3H2yTOy4pE9gxs/qKfnP+U
 Pbb3pNaHP4PnCIQrjXhJxnH9cEJ7ef0kqBdliGPN7EObrP2uPg70WnVsXovYw/TF
 PrA4H2lvJ58RVhh3ocrSnR+SIne7Lgf1FRSrsE2mmNZAWD6rOxOzO4kUrcfv/pqZ
 f+sDs7KTFMO0noJ1Kt7JSV6xCQzeKGdOh9JxYI0/YIsquiHTF2xva3WHrpOG1sns
 xXcnrLKONisg4gEK36fjsliG4jJhcNyJaAf4sfDiTKDOE5om+BZ7kMNSrMn20wg4
 AdZJm6x8Z0OfjxGOzMQ8re4Cf73H5odrpUel7HFGXiLWtk/f4P5EjxUTznlMbNED
 gYi0H898Dz5Qfmtr97WQ8132fnKKtsPlXWNUNgJpYe+GvzmYOBAr4p5EZEWjB+q6
 EnfLDLpkaS+PbrpLCls5AnWnHjimBmlIMoO5GEsJdYLIQvVVvfKtEDJIBQARAQAB
 tDRPcmFjbGUgTGludXggKGJhY2t1cCBrZXkgMSkgPHNlY2FsZXJ0X3VzQG9yYWNs
 ZS5jb20+iQJUBBMBCgA+FiEEmCIxdZx0ZwZdDOmyp90HCItO++YFAmKewpICGwMF
 CSWYBgAFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQp90HCItO++bU+w//SFOe
 RBqWoA5kP4BN9z716LpgkCllMRQsRZ0kZm8Enbe5S9ENn2T5/f6zZca3TNU6Wbit
 ryToXuOlTsWy4BqAvQhQFeschg10Xgy6/VG3p5kCY4DIPOUjlb7/1r8k0xX6m/mH
 BXBf2MCVRx/zkyeRDtD3lYHyz4cwoHEZ2NuB+CCe5WA2owVhgsRuVmjidDeOa7Q6
 61eLhAJ53OVqsUt5JpQS0KrVeYVJxCiiZnKgJMqHp26Jq0WIKtgBV3sakxhUpRUf
 6ap7mnSAdh6Ae4r1+pTKd7trkxjIqLXH9RI0d7Xm+blRQVZJL9GLaLUaSvw4sfd/
 jfqENCBwAH7D488L1yvTqPfHC2+kRuUI3GU98RULCHveCISRGLVGwh1p88+9aok3
 DoV7/BUEIGbHzg3gcx8zFO2ZKKoJ7xS+vvNLAslPvHNDFH0XOwKBqlVztJprwWtA
 H33e6fti7BMRw1vgljC8yVATBTiKXj5aw+25zi70o1fIFxpwsx5mwMmqHc634ai2
 hPWNZid0Lu3MYBd8pDCvMMMGimfecoyEZKJR2KbO+pNBn7suol5XS3pCmbF3ldMa
 Atra+HvnxNBMxFVdxsqZhr/+ovQszYNIlWSYUDLbqk33HBmvbi3IuogAyxhLdw3T
 uIjjf0acjOsSgy79ju2NpKPVtJw4BmvJRFX0Rh25Ag0EYed0OQEQAJRhf7/ZIWhZ
 LpCX2vg8B4hjsEYeRvEAPUrUMHkqCuElmDaT7g76aPG0jvbMFVU/ykEt2mIi7EhW
 s0SZknT5G8HoHJM2MirkyGB26yp4IlkPyNlc5H9nmMhY7iz/utxQps8jDS8dvxeG
 1YAJGleGywGAet9vFfrLX9Xq9efTXozJfWOsRm+y2WklS+LblftaTUurStzLXRGT
 AsBYOyVaRX/6AMu+fZt7mvoM+bOFNGxMSDIZi93wBiCKp0P2Se1YJoFHTOcQ0M6V
 Fbl91ZcImPxAOX4DHfw4iuokiHCs//wV0DLZ3qtuqN2m/kV4JE9ak//BPVn4acH1
 Z6DQIzQpY66dIyLumGuCdPhl7MFHyAeKhBtLc7gp4+sli+zNUfYwwp55rTdZ9JDR
 G2LD/P2eNnrUXEsvOzqqQy48BmzOmTdgc2vef85Z23GczwX1PyTaGnrQKkReajN0
 IxIuFpTgRQFBoPHTB1VVjSsOu7McWx4Gy2zccSrXKIskj4sOBIYBjxBAR0U4Gi5h
 OAqplVGH3x3RoRb2swkc/LLb6WV6J7REmZ0+0dAE1ShBR8GmEb4wYc5BUgYXrhEn
 hK3nmNx65jZXSAwJOZU8ETLaMoa/I/+QkgPvAJ8gyTLbMQ/xB2kMNRdisphz0jiy
 PIXWlOf6I750VtbBNPHqfe0RHbBQJAl9ABEBAAGJAjwEGAEKACYCGwwWIQSYIjF1
 nHRnBl0M6bKn3QcIi0775gUCYp7C3AUJJG4hIwAKCRCn3QcIi0775nmYD/sEI0T4
 +MHIt5EzL+vBAzAbd23U2oF9KrJP49xmrLlm7qC6ghfuUVqoKwWyE24g8T4N3cxE
 xQWTZ8drqvE2E2tyKqVMjJ5PfiZjK/3WOOIq9YZHpNKljv9KaAAf5alpvMxn6IBj
 ZUhs775JcGWWngilBN9i3OEVFcQG9tFtfKqcYf8oRLPQlqhrH0pKOymFdqdL+NFX
 G/M2LquGrvyDwnT2Cyy4p4sw639BUyA4k1hESgK9KVZTrmJPYU8hCD7kcSOY25UT
 zDERLlXUsnGU9WHm/4aZ4TCs2h2qm29jHeWjfw0U/O8f4K5MV7WcJ0ZywdOk7SSf
 jOKUetPH01l22I6JXiH0jLlBU5uA/zAxd8aPpvcYcWm2Ti+mkpIB6/XWbjnPoYHh
 JmH8r9Pih1Z4dVR7qri/mdcsTZsKzLPuD6AITafJYuRCItCbMerhvGCwBaaR0oHS
 AdpSzwKk8mrLd4BQUSM5a3E010dDeKGL4TA5ttfZJuSe7RXbi4RdDd98XHKEiU3n
 N1ethSQNvEyrh0uA1U3FZvPMcbfYZa8zO85Nz9h/TGUNfmp5CyrZUHZLmvvGTOch
 lUjaIhAGBVJQR/y7+4aC3zzkyzbKyLOL3hCk0xie4LLbfTQ5BtT4+GqEAtzwRQqZ
 RgwnCPfIai7lLNx95bdwB8U2NpY11OXsoTLZAA==
 =UWTf
 -----END PGP PUBLIC KEY BLOCK-----
 EOF
 rpm --import /tmp/key
 rm -rf /var/log/yum.log
 rm -rf "/var/lib/yum/*"
 rm -rf /root/install.log
 rm -rf /root/install.log.syslog
 rm -rf /root/anaconda-ks.cfg
 rm -rf /var/log/anaconda*
 rm -f /var/lib/systemd/random-seed
 cat /dev/null > /etc/machine-id
 echo "Fixing SELinux contexts."
 touch /var/log/cron
 touch /var/log/boot.log
 mkdir -p /var/cache/yum
 /usr/sbin/fixfiles -R -a restore
 # remove these for debugging
 sed -i -e 's/ rhgb quiet//' /boot/grub/grub.conf
 # enable resizing on copied AMIs
 echo 'install_items+=" sgdisk "' > /etc/dracut.conf.d/sgdisk.conf
 # OCI - Need iscsi as a dracut module
 echo 'add_dracutmodules+=" iscsi "' > /etc/dracut.conf.d/iscsi.conf
 # OCI - Virtio drivers
 echo 'add_drivers+=" virtio virtio_blk virtio_net virtio_pci virtio_ring virtio_scsi virtio_console "' > /etc/dracut.conf.d/virtio.conf
 # OCI - YOLO
 mkdir -p /usr/lib/dracut/modules.d/95oci
 OCIDRACUT="H4sIAGtFHmMAA+2WWW/bOBCA/Vr+illZzQXoluPUhgMURYrmpS02fevuGpJIWYQVUiWpJoHr/15S
 crLZZBs3QA8U5QfYosQ5NUNSrRRBTfMAi6xoVXDOcVsT6ePg2YgXNBh8C0LNeDTqrpq7124cpfF4
 nIzT8fhwEEaj+HA8gNE38b6FVqpMAAwE5+ohuW3zvyjtw/UnLMtr4lFZSOrlV00mpS+rR/rYUv84
 StJBlIx10ZNREscD/SRNkwGE3yXjO/zm9R/+EeSUBbJCQ/AOPNANQCYgK1LXniwEbdQUKMOEKU9l
 ufT6eUbrqRby8kzSwuNlKYmaQDo1JrQhcjkBJWdHIC9mKUg9TIEoKGlN1FVDZtobGr7NVFFB11nm
 3YLikNU1v4A8ozXwVgEtQVUEullM5RKKjGkZQTJ8BTmBkrcMo6Eg5QTeiCxvFxMYJmESxWGYImRc
 wYLo8i7gOMDkY8Dauob4eCeCT5/Ah1uN7+mhbmx0+vrs5M93s10kZo67Mp6Hec2L5WTtIB1Oby3n
 vIYQBPa76P1+XcDODrwHj4DjCgf+nprYGSDQlFwA69KgDNy93ooERpR5uD8FzDs5w3utv+qEnz6d
 HKwdmIHTudE2TdgFZ4qyltwodGk2mZBk3snNO0dfTlh7vc722sQ9bcftInCMmiCqFQyiG+lN2HPC
 ipm7J5WYC9LUWUH+VXMC/fsrLp39TgtzRuAe3RQpKr5JcAJnS9o0lC3AveXD930HjnfiR4lDl/7y
 XC5uqUkjT7CZdgJ13gSdHbP+FcHebSNOr3VJFYSopGgXfWX1S21ZmgV109c3rYCuwzgxe6oJ+/Ts
 xdkpbPR5oyhn15l+leR/kuw13L6BdeFAEgwehd3gn7fP372a+QdusBK9ilSYmniq9RTc1eU0MBKB
 HnwI11P9n6x3/ycP3QsXme4E56VeoNr4g9GZt/az9zbLdrac//29p7f3tnn8wb9h2/dfchjdOf/D
 OIns+f8j2Jz/+iD/4V8ARUWK5d4+rNCTzRkTojVCmDSEYXl/gjJdqrruJ8zNvOJ8CY0gXqt3NTg6
 0vufjg5T8YXvVkeb+dkv3GKxWCwWi8VisVgsFovFYrFYLBaLxWL5jnwGdMMrBgAoAAA="
 base64 -d <<<"$OCIDRACUT" | tar -xz
 OCICLOUDCFG="IyBPQ0kgY2xvdWQtaW5pdCBjb25maWd1cmF0aW9uCmRhdGFzb3VyY2VfbGlzdDogWydPcmFjbGUn
 LCAnT3BlblN0YWNrJ10KZGF0YXNvdXJjZToKICBPcGVuU3RhY2s6CiAgICBtZXRhZGF0YV91cmxz
 OiBbJ2h0dHA6Ly8xNjkuMjU0LjE2OS4yNTQnXQogICAgdGltZW91dDogMTAKICAgIG1heF93YWl0
 OiAyMAoKIyBzd2FwIGZpbGUKc3dhcDoKICAgZmlsZW5hbWU6IC8uc3dhcGZpbGUKICAgc2l6ZTog
 ImF1dG8iCgpjbG91ZF9pbml0X21vZHVsZXM6CiMgT0NJOiBkaXNrX3NldHVwIGlzIGRpc2FibGVk
 CiMtIGRpc2tfc2V0dXAKIC0gbWlncmF0b3IKIC0gYm9vdGNtZAogLSB3cml0ZS1maWxlcwojIE9D
 STogVGhlIGdyb3dwYXJ0IG1vZHVsZSBpcyBkaXNhYmxlZCBieSBkZWZhdWx0LiBUbyBlbmFibGUg
 YXV0b21hdGljIGJvb3Qgdm9sdW1lIHJlc2l6aW5nLCB1bmNvbW1lbnQKIyB0aGUgYmVsb3cgZW50
 cnkgZm9yICctIGdyb3dwYXJ0JyBhbmQgcmVib290LiBBbGwgdGhlIGRlcGVuZGVudCBwYWNrYWdl
 cyBmb3IgdGhlIGdyb3dwYXJ0CiMgbW9kdWxlIHRvIHdvcmsgc3VjaCBhcyBjbG91ZC11dGlscy1n
 cm93cGFydCBhbmQgZ2Rpc2sgYXJlIGFscmVhZHkgaW5jbHVkZWQgaW4gdGhlIGltYWdlLgojLSBn
 cm93cGFydAogLSByZXNpemVmcwojIE9DSTogc2V0X2hvc3RuYW1lLCB1cGRhdGVfaG9zdG5hbWUs
 IHVwZGF0ZV9ldGNfaG9zdHMgYXJlIGRpc2FibGVkCiMtIHNldF9ob3N0bmFtZQojLSB1cGRhdGVf
 aG9zdG5hbWUKIy0gdXBkYXRlX2V0Y19ob3N0cwogLSByc3lzbG9nCiAtIHVzZXJzLWdyb3Vwcwog
 LSBzc2gKCmNsb3VkX2NvbmZpZ19tb2R1bGVzOgogLSBtb3VudHMKIC0gbG9jYWxlCiAtIHNldC1w
 YXNzd29yZHMKIyBPQ0k6IHJoX3N1YnNjcmlwdGlvbiBpcyBkaXNhYmxlZAojLSByaF9zdWJzY3Jp
 cHRpb24KIC0geXVtLWFkZC1yZXBvCiAtIHBhY2thZ2UtdXBkYXRlLXVwZ3JhZGUtaW5zdGFsbAog
 LSB0aW1lem9uZQogLSBudHAKIC0gcHVwcGV0CiAtIGNoZWYKIC0gc2FsdC1taW5pb24KIC0gbWNv
 bGxlY3RpdmUKIC0gZGlzYWJsZS1lYzItbWV0YWRhdGEKIC0gcnVuY21kCgpjbG91ZF9maW5hbF9t
 b2R1bGVzOgogLSByaWdodHNjYWxlX3VzZXJkYXRhCiAtIHNjcmlwdHMtcGVyLW9uY2UKIC0gc2Ny
 aXB0cy1wZXItYm9vdAogLSBzY3JpcHRzLXBlci1pbnN0YW5jZQogLSBzY3JpcHRzLXVzZXIKIC0g
 c3NoLWF1dGhrZXktZmluZ2VycHJpbnRzCiAtIGtleXMtdG8tY29uc29sZQogLSBwaG9uZS1ob21l
 CiAtIGZpbmFsLW1lc3NhZ2UKIyBPQ0k6IHBvd2VyLXN0YXRlLWNoYW5nZSBpcyBkaXNhYmxlZAoj
 LSBwb3dlci1zdGF0ZS1jaGFuZ2UKCg=="
 base64 -d <<<"$OCICLOUDCFG" >> /etc/cloud/cloud.cfg.d/99_oci.cfg
 # Remove system.devices because Oracle does things.
 rm -fv /etc/lvm/devices/system.devices
 # Start OCId
 systemctl enable ocid
 # Rerun dracut for the installed kernel (not the running kernel):
 KERNEL_VERSION=$(rpm -q kernel --qf '%%{V}-%%{R}.%%{arch}\n')
 dracut -f /boot/initramfs-$KERNEL_VERSION.img $KERNEL_VERSION
 passwd -d root
 passwd -l root
 # Copyright (C) 2020 Oracle Corp., Inc.  All rights reserved.
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl
 #
 # /usr/lib/oci-linux-config/cloud/scripts/initramfs-mod/net.sh
 #
 echo "$(date) - OCI initramfs network modification script started."
 # Symlink network config files where cloud-init >= 19.4 expects them
 DRACUT_CFG=/run/initramfs/state/etc/sysconfig/network-scripts
 CI_DIR=/run
 if [ -d $DRACUT_CFG  ]; then
    FILE_COUNT=`ls $DRACUT_CFG | wc -l`
    if [ $FILE_COUNT -eq 0  ]; then
        # Create dummy file if dracut did not create network device config
        dummycfg=$CI_DIR/net-dummy.conf
        echo "DEVICE=\"dummy\"" > $dummycfg
        echo "BOOTPROTO=dhcp" >> $dummycfg
        echo "$(date) - Creating dummy config $dummycfg."
    else
        for dcfg in $DRACUT_CFG/*; do
            filename=${dcfg##*/}
            devname=${filename##ifcfg-}
            cicfg=$CI_DIR/net-$devname.conf
            if [ ! -e $cicfg  ]; then
                echo "$(date) - Creating symlink from $dcfg to $cicfg."
                ln -s $dcfg $cicfg
            fi
        done
    fi
 fi
 echo "$(date) - OCI initramfs network modification script done."
 true
 %end
 %packages
@core
 NetworkManager
 chrony
 cloud-init
 cloud-utils-growpart
 cockpit-system
 cockpit-ws
 dhcp-client
 dnf
 dnf-utils
 dracut-config-generic
 firewalld
 gdisk
 grub2
 iscsi-initiator-utils
 kernel
 nfs-utils
 oci-utils
 python3-jsonschema
 qemu-guest-agent
 rng-tools
 rocky-release
 rocky-release-cloud
 rsync
 tar
 yum
 yum-utils
 -aic94xx-firmware
 -alsa-firmware
 -alsa-lib
 -alsa-tools-firmware
 -biosdevname
 -iprutils
 -ivtv-firmware
 -iwl100-firmware
 -iwl1000-firmware
 -iwl105-firmware
 -iwl135-firmware
 -iwl2000-firmware
 -iwl2030-firmware
 -iwl3160-firmware
 -iwl3945-firmware
 -iwl4965-firmware
 -iwl5000-firmware
 -iwl5150-firmware
 -iwl6000-firmware
 -iwl6000g2a-firmware
 -iwl6000g2b-firmware
 -iwl6050-firmware
 -iwl7260-firmware
 -langpacks-*
 -langpacks-en
 -libertas-sd8686-firmware
 -libertas-sd8787-firmware
 -libertas-usb8388-firmware
 -plymouth
 %end
--- a/Rocky-9-RPI-Base.ks
+++ b/Rocky-9-RPI-Base.ks
@ -1,168 +0,0 @@
 # Kickstart to build Rocky 8 image for Raspberry Pi 4 hardware (aarch64)
 #
 # Disk setup
 clearpart --initlabel --all
 part /boot --asprimary --fstype=vfat --size=300 --label=boot
 part swap --asprimary --fstype=swap --size=512 --label=swap
 part / --asprimary --fstype=ext4 --size=2800 --label=RPIROOT
 # Repos setup:
 url --url http://download.rockylinux.org/stg/rocky/9/BaseOS/aarch64/os/
 repo --name="BaseOS"     --baseurl=http://download.rockylinux.org/stg/rocky/9/BaseOS/aarch64/os/ --cost=100
 repo --name="AppStream"  --baseurl=http://download.rockylinux.org/stg/rocky/9/AppStream/aarch64/os/ --cost=200 --install
 repo --name="CRB" --baseurl=http://download.rockylinux.org/stg/rocky/9/CRB/aarch64/os/ --cost=300 --install
 # Rocky Rpi kernel repo, we need a more permanent place for this:
 repo --name="rockyrpi" --baseurl=https://download.rockylinux.org/stg/sig/9/altarch/aarch64/altarch-rockyrpi/ --cost=20
 repo --name="rockyextras" --baseurl=https://download.rockylinux.org/stg/rocky/9/extras/aarch64/os/  --cost=20
 # Install process:
 #text
 keyboard us --xlayouts=us --vckeymap=us
 rootpw --lock
 # FIXME user creation here does not work ?
 # user --name="rocky" --password="rockylinux" --plaintext --gecos="Rocky default user" --groups=wheel --uid=1000
 timezone --isUtc --nontp UTC
 selinux --enforcing
 firewall --enabled --port=22:tcp
 network --bootproto=dhcp --device=link --activate --onboot=on
 services --enabled=sshd,NetworkManager,chronyd,cpupower
 shutdown
 bootloader --location=none
 lang en_US.UTF-8
 skipx
 # Package selection:
 %packages
@core
 #-grub2-tools-minimal
 #-grub2-tools
 #-grubby
 #-grub2-common
 chrony
 cloud-utils-growpart
 net-tools
 NetworkManager-wifi
 vim
 bash-completion
 nano
 kernel-tools
 # Need these for setting default locale of en-US:
 langpacks-en
 glibc-all-langpacks
 # will enable rocky-release-rpi after full 9 release (and we have it in the -extras repo)
 rocky-release-rpi
 raspberrypi2-firmware
 raspberrypi2-kernel4
 %end
 # Post install scripts:
 %post
 # Write initial boot line to cmdline.txt (we will update the root partuuid further down)
 cat > /boot/cmdline.txt << EOF
 console=ttyAMA0,115200 console=tty1 root= rootfstype=ext4 elevator=deadline rootwait
 EOF
 # Apparently kickstart user was not working, attempt to do it here?
 /sbin/useradd -c "Rocky Linux default user" -G wheel -m -U rocky
 echo "rockylinux" | passwd --stdin  rocky
 # Need to write several files to help with various things here.
 # First, the all-important README :
 cat >/home/rocky/README << EOF
 == Rocky 9 Raspberry Pi Image ==
 This is a Rocky 9 install intended for Raspberry Pi 3b and 4 devices (architecture is aarch64).
 This image WILL NOT WORK on a Raspberry Pi 1 or 2 (1.1 or earlier), we are 64-bit only, and have no support for 32-bit ARM processors.  Sorry :-/.
 The newer Pi Zero devices should be supported, as well as the Raspberry Pi 2 version 1.2 boards, which are 64-bit
 IMAGE NOTES / DIFFERENCES FROM STOCK ROCKY 8:
  - Based on Rocky Linux 9, points to production Rocky 9 aarch64 repositories
  - Includes script that fixes the wifi.  Simple edit of a txt firmware settings file.  Will need to be run whenever linux-firmware gets upgraded
  - Includes @minimal-install , plus a few quality of life packages like vim, bash-completion, etc.
  - Initial User "rocky" (default password: "rockylinux").  Root password disabled, rocky user is a sudoer
  - Partitions are 300 MB /boot , 512 MB swap, 2800 MB rootfs.  Requires a 4 GB or larger storage device to serve as your disk
 GROW YOUR PARTITION: 
 If you want to automatically resize your root (/ ) partition, just type the following (as root user):
 sudo rootfs-expand
 It should fill your main rootfs partition to the end of the disk.
 Thanks for your interest on Rocky-on-Rpi, feel free to share your experience or contribute in our chat channel at:  https://chat.rockylinux.org/rocky-linux/channels/altarch  !
 -The Rocky Linux Team
 EOF
 # Run the fix-wifi script (extracts the .xz firmware) - should be installed via the rocky-release-rpi package
 # (shouldn't be needed anymore - fixed in newer rpi kernel builds)
 #fix-wifi-rpi.sh
 # Cleanup before shipping an image
 # Remove ifcfg-link on pre generated images
 rm -f /etc/sysconfig/network-scripts/ifcfg-link
 # Remove machine-id on pre generated images
 rm -f /etc/machine-id
 touch /etc/machine-id
 # Ensure no ssh keys are present
 rm -f "/etc/ssh/*_key*"
 # Clean yum cache
 yum clean all
 # Fix weird sssd bug, where it gets its folder owned by the unbound user:
 chown -R sssd:sssd /var/lib/sss/{db,pipes,mc,pubconf,gpo_cache}
 # Setting tuned profile to powersave by default -> sets the CPU governor to "ondemand".  This prevents overheating issues
 cat > /etc/sysconfig/cpupower << EOF
 # See 'cpupower help' and cpupower(1) for more info
 CPUPOWER_START_OPTS="frequency-set -g ondemand"
 CPUPOWER_STOP_OPTS="frequency-set -g ondemand"
 EOF
 %end
 # Add the PARTUUID of the rootfs partition to the kernel command line
 # We must do this *outside* of the chroot, by grabbing the UUID of the loopmounted rootfs
 %post --nochroot
 # Extract the UUID of the rootfs partition from /etc/fstab
 UUID_ROOTFS="$(/bin/cat $INSTALL_ROOT/etc/fstab | \
 /bin/awk -F'[ =]' '/\/ / {print $2}')"
 # Get the PARTUUID of the rootfs partition
 PART_UUID_ROOTFS="$(/sbin/blkid  "$(/sbin/blkid --uuid $UUID_ROOTFS)" | \
 /bin/awk '{print $NF}' | /bin/tr -d '"' )"
 # Configure the kernel commandline
 /bin/sed -i "s/root= /root=${PART_UUID_ROOTFS} /" $INSTALL_ROOT/boot/cmdline.txt
 echo "cmdline.txt looks like this, please review:"
 /bin/cat $INSTALL_ROOT/boot/cmdline.txt
 # Extract UUID of swap partition:
 UUID_SWAP=$(/bin/grep 'swap'  $INSTALL_ROOT/etc/fstab  | awk '{print $1}' | awk -F '=' '{print $2}')
 # Fix swap partition: ensure page size is 4096 (differs on the aarch64 AWS build host)
 /usr/sbin/mkswap -L "_swap" -p 4096  -U "${UUID_SWAP}"  /dev/disk/by-uuid/${UUID_SWAP}
 %end
 %post
 # WiFi fix on Pi 3 Model B(image wont boot on Pi 3B w/o this fix) 
 cd /lib/firmware/brcm
 xz -d -k brcmfmac43430-sdio.raspberrypi,3-model-b.txt.xz
 %end
--- a/Rocky-9-Vagrant-Libvirt.ks
+++ b/Rocky-9-Vagrant-Libvirt.ks
@ -1,175 +0,0 @@
 #version=DEVEL
 # Keyboard layouts
 keyboard --vckeymap=us
 # Root password
 rootpw --plaintext vagrant
 # System language
 lang en_US
 # Shutdown after installation
 shutdown
 user --name=vagrant --password=vagrant
 # System timezone
 timezone UTC --isUtc
 # Use text mode install
 text
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Use network installation
 url --url="https://download.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/"
 # Firewall configuration
 firewall --disabled
 # Do not configure the X Window System
 skipx
 # System services
 services --enabled="vmtoolsd"
 # System bootloader configuration
 bootloader --append="no_timer_check console=tty0 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0 elevator=noop" --location=mbr --timeout=1
 # Partition stuff
 zerombr
 clearpart --all --initlabel --disklabel=gpt
 #reqpart
 # This should allow BIOS, UEFI, and PReP booting. Trying to be as universal as
 # possible. This is a similar setup to Fedora without the btrfs.
 part prepboot  --size=4    --fstype=prepboot --asprimary
 part biosboot  --size=1    --fstype=biosboot --asprimary
 part /boot/efi --size=100  --fstype=efi      --asprimary
 part /boot     --size=1000 --fstype=xfs      --label=boot
 part /         --size=8000 --fstype="xfs"    --mkfsoptions "-m bigtime=0,inobtcount=0"
 %post
 # Attempting to force legacy BIOS boot if we boot from UEFI
 if [ "$(arch)" = "x86_64"  ]; then
  dnf install grub2-pc-modules grub2-pc -y
  grub2-install --target=i386-pc /dev/vda
 fi
 # Ensure that the pmbr_boot flag is off
 parted /dev/vda disk_set pmbr_boot off
 # configure swap to a file
 fallocate -l 2G /swapfile
 chmod 600 /swapfile
 mkswap /swapfile
 echo "/swapfile none swap defaults 0 0" >> /etc/fstab
 # sudo
 echo "%vagrant ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/vagrant
 chmod 0440 /etc/sudoers.d/vagrant
 # Fix for https://github.com/CentOS/sig-cloud-instance-build/issues/38
 cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
 DEVICE="eth0"
 BOOTPROTO="dhcp"
 ONBOOT="yes"
 TYPE="Ethernet"
 PERSISTENT_DHCLIENT="yes"
 EOF
 # sshd: disable password authentication and DNS checks
 ex -s /etc/ssh/sshd_config <<EOF
 :%substitute/^\(PasswordAuthentication\) yes$/\1 no/
 :%substitute/^#\(UseDNS\) yes$/&\r\1 no/
 :update
 :quit
 EOF
 cat >>/etc/sysconfig/sshd <<EOF
 # Decrease connection time by preventing reverse DNS lookups
 # (see https://lists.centos.org/pipermail/centos-devel/2016-July/014981.html
 #  and man sshd for more information)
 OPTIONS="-u0"
 EOF
 # Default insecure vagrant key
 mkdir -m 0700 -p /home/vagrant/.ssh
 echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" >> /home/vagrant/.ssh/authorized_keys
 chmod 600 /home/vagrant/.ssh/authorized_keys
 chown -R vagrant:vagrant /home/vagrant/.ssh
 # Fix for issue #76, regular users can gain admin privileges via su
 ex -s /etc/pam.d/su <<'EOF'
 # allow vagrant to use su, but prevent others from becoming root or vagrant
 /^account\s\+sufficient\s\+pam_succeed_if.so uid = 0 use_uid quiet$/
 :append
 account		[success=1 default=ignore] \\
 				pam_succeed_if.so user = vagrant use_uid quiet
 account		required	pam_succeed_if.so user notin root:vagrant
 .
 :update
 :quit
 EOF
 # systemd should generate a new machine id during the first boot, to
 # avoid having multiple Vagrant instances with the same id in the local
 # network. /etc/machine-id should be empty, but it must exist to prevent
 # boot errors (e.g.  systemd-journald failing to start).
 :>/etc/machine-id
 echo 'vag' > /etc/yum/vars/infra
 # Blacklist the floppy module to avoid probing timeouts
 echo blacklist floppy > /etc/modprobe.d/nofloppy.conf
 chcon -u system_u -r object_r -t modules_conf_t /etc/modprobe.d/nofloppy.conf
 # Customize the initramfs
 pushd /etc/dracut.conf.d
 # Enable VMware PVSCSI support for VMware Fusion guests.
 echo 'add_drivers+=" vmw_pvscsi "' > vmware-fusion-drivers.conf
 echo 'add_drivers+=" hv_netvsc hv_storvsc hv_utils hv_vmbus hid-hyperv "' > hyperv-drivers.conf
 # There's no floppy controller, but probing for it generates timeouts
 echo 'omit_drivers+=" floppy "' > nofloppy.conf
 popd
 # Fix the SELinux context of the new files
 restorecon -f - <<EOF
 /etc/sudoers.d/vagrant
 /etc/dracut.conf.d/vmware-fusion-drivers.conf
 /etc/dracut.conf.d/hyperv-drivers.conf
 /etc/dracut.conf.d/nofloppy.conf
 EOF
 # Rerun dracut for the installed kernel (not the running kernel):
 KERNEL_VERSION=$(rpm -q kernel --qf '%{version}-%{release}.%{arch}\n')
 dracut -f /boot/initramfs-${KERNEL_VERSION}.img ${KERNEL_VERSION}
 # Seal for deployment
 rm -rf /etc/ssh/ssh_host_*
 hostnamectl set-hostname localhost.localdomain
 rm -rf /etc/udev/rules.d/70-*
 %end
 %addon com_redhat_kdump --disable
 %end
 %packages --instLangs=en
 bash-completion
 bzip2
 chrony
 cifs-utils
 hyperv-daemons
 man-pages
 nfs-utils
 open-vm-tools
 rsync
 yum-utils
 -dracut-config-rescue
 -iwl100-firmware
 -iwl1000-firmware
 -iwl105-firmware
 -iwl135-firmware
 -iwl2000-firmware
 -iwl2030-firmware
 -iwl3160-firmware
 -iwl3945-firmware
 -iwl4965-firmware
 -iwl5000-firmware
 -iwl5150-firmware
 -iwl6000-firmware
 -iwl6000g2a-firmware
 -iwl6050-firmware
 -iwl7260-firmware
 -microcode_ctl
 -plymouth
 %end
--- a/Rocky-9-Vagrant-VMware.ks
+++ b/Rocky-9-Vagrant-VMware.ks
@ -1,165 +0,0 @@
 #version=DEVEL
 # Keyboard layouts
 keyboard --vckeymap=us
 # Root password
 rootpw --plaintext vagrant
 # System language
 lang en_US
 # Shutdown after installation
 shutdown
 user --name=vagrant --password=vagrant
 # System timezone
 timezone UTC --isUtc
 # Use text mode install
 text
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Use network installation
 url --url="https://download.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/"
 # Firewall configuration
 firewall --disabled
 # Do not configure the X Window System
 skipx
 # System services
 services --enabled="vmtoolsd"
 # System bootloader configuration
 bootloader --append="no_timer_check console=tty0 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0 elevator=noop" --location=mbr --timeout=1
 # Partition stuff
 zerombr
 clearpart --all --initlabel --disklabel=gpt
 #reqpart
 # This should allow BIOS, UEFI, and PReP booting. Trying to be as universal as
 # possible. This is a similar setup to Fedora without the btrfs.
 part prepboot  --size=4    --fstype=prepboot --asprimary
 part biosboot  --size=1    --fstype=biosboot --asprimary
 part /boot/efi --size=100  --fstype=efi      --asprimary
 part /boot     --size=1000 --fstype=xfs      --label=boot
 part /         --size=8000 --fstype="xfs"    --mkfsoptions "-m bigtime=0,inobtcount=0"
 %post
 # Attempting to force legacy BIOS boot if we boot from UEFI
 if [ "$(arch)" = "x86_64"  ]; then
  dnf install grub2-pc-modules grub2-pc -y
  grub2-install --target=i386-pc /dev/vda
 fi
 # Ensure that the pmbr_boot flag is off
 parted /dev/vda disk_set pmbr_boot off
 # configure swap to a file
 fallocate -l 2G /swapfile
 chmod 600 /swapfile
 mkswap /swapfile
 echo "/swapfile none swap defaults 0 0" >> /etc/fstab
 # sudo
 echo "%vagrant ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/vagrant
 chmod 0440 /etc/sudoers.d/vagrant
 # sshd: disable password authentication and DNS checks
 ex -s /etc/ssh/sshd_config <<EOF
 :%substitute/^\(PasswordAuthentication\) yes$/\1 no/
 :%substitute/^#\(UseDNS\) yes$/&\r\1 no/
 :update
 :quit
 EOF
 cat >>/etc/sysconfig/sshd <<EOF
 # Decrease connection time by preventing reverse DNS lookups
 # (see https://lists.centos.org/pipermail/centos-devel/2016-July/014981.html
 #  and man sshd for more information)
 OPTIONS="-u0"
 EOF
 # Default insecure vagrant key
 mkdir -m 0700 -p /home/vagrant/.ssh
 echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" >> /home/vagrant/.ssh/authorized_keys
 chmod 600 /home/vagrant/.ssh/authorized_keys
 chown -R vagrant:vagrant /home/vagrant/.ssh
 # Fix for issue #76, regular users can gain admin privileges via su
 ex -s /etc/pam.d/su <<'EOF'
 # allow vagrant to use su, but prevent others from becoming root or vagrant
 /^account\s\+sufficient\s\+pam_succeed_if.so uid = 0 use_uid quiet$/
 :append
 account		[success=1 default=ignore] \\
 				pam_succeed_if.so user = vagrant use_uid quiet
 account		required	pam_succeed_if.so user notin root:vagrant
 .
 :update
 :quit
 EOF
 # systemd should generate a new machine id during the first boot, to
 # avoid having multiple Vagrant instances with the same id in the local
 # network. /etc/machine-id should be empty, but it must exist to prevent
 # boot errors (e.g.  systemd-journald failing to start).
 :>/etc/machine-id
 echo 'vag' > /etc/yum/vars/infra
 # Blacklist the floppy module to avoid probing timeouts
 echo blacklist floppy > /etc/modprobe.d/nofloppy.conf
 chcon -u system_u -r object_r -t modules_conf_t /etc/modprobe.d/nofloppy.conf
 # Customize the initramfs
 pushd /etc/dracut.conf.d
 # Enable VMware PVSCSI support for VMware Fusion guests.
 echo 'add_drivers+=" vmw_pvscsi "' > vmware-fusion-drivers.conf
 echo 'add_drivers+=" hv_netvsc hv_storvsc hv_utils hv_vmbus hid-hyperv "' > hyperv-drivers.conf
 # There's no floppy controller, but probing for it generates timeouts
 echo 'omit_drivers+=" floppy "' > nofloppy.conf
 popd
 # Fix the SELinux context of the new files
 restorecon -f - <<EOF
 /etc/sudoers.d/vagrant
 /etc/dracut.conf.d/vmware-fusion-drivers.conf
 /etc/dracut.conf.d/nofloppy.conf
 EOF
 # Rerun dracut for the installed kernel (not the running kernel):
 KERNEL_VERSION=$(rpm -q kernel --qf '%{version}-%{release}.%{arch}\n')
 dracut -f /boot/initramfs-${KERNEL_VERSION}.img ${KERNEL_VERSION}
 # Seal for deployment
 rm -rf /etc/ssh/ssh_host_*
 hostnamectl set-hostname localhost.localdomain
 rm -rf /etc/udev/rules.d/70-*
 %end
 %addon com_redhat_kdump --disable
 %end
 %packages --instLangs=en
 bash-completion
 bzip2
 chrony
 cifs-utils
 man-pages
 nfs-utils
 open-vm-tools
 rsync
 yum-utils
 -dracut-config-rescue
 -iwl100-firmware
 -iwl1000-firmware
 -iwl105-firmware
 -iwl135-firmware
 -iwl2000-firmware
 -iwl2030-firmware
 -iwl3160-firmware
 -iwl3945-firmware
 -iwl4965-firmware
 -iwl5000-firmware
 -iwl5150-firmware
 -iwl6000-firmware
 -iwl6000g2a-firmware
 -iwl6050-firmware
 -iwl7260-firmware
 -microcode_ctl
 -plymouth
 %end
--- a/Rocky-9-Vagrant-Vbox.ks
+++ b/Rocky-9-Vagrant-Vbox.ks
@ -1,194 +0,0 @@
 #version=DEVEL
 # Keyboard layouts
 keyboard --vckeymap=us
 # Root password
 rootpw --plaintext vagrant
 # System language
 lang en_US
 # Reboot after installation
 reboot
 user --name=vagrant --password=vagrant
 # System timezone
 timezone UTC --isUtc
 # Use text mode install
 text
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Use network installation
 url --url="https://download.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/"
 # Firewall configuration
 firewall --disabled
 # Do not configure the X Window System
 skipx
 # System services
 services --enabled="vmtoolsd"
 # System bootloader configuration
 bootloader --append="no_timer_check console=tty0 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0 elevator=noop" --location=mbr --timeout=1
 # Partition stuff
 zerombr
 clearpart --all --initlabel --disklabel=gpt
 #reqpart
 # This should allow BIOS, UEFI, and PReP booting. Trying to be as universal as
 # possible. This is a similar setup to Fedora without the btrfs.
 part prepboot  --size=4    --fstype=prepboot --asprimary
 part biosboot  --size=1    --fstype=biosboot --asprimary
 part /boot/efi --size=100  --fstype=efi      --asprimary
 part /boot     --size=1000 --fstype=xfs      --label=boot
 part /         --size=8000 --fstype="xfs"    --mkfsoptions "-m bigtime=0,inobtcount=0"
 %post
 # Attempting to force legacy BIOS boot if we boot from UEFI
 if [ "$(arch)" = "x86_64"  ]; then
  dnf install grub2-pc-modules grub2-pc -y
  grub2-install --target=i386-pc /dev/vda
 fi
 # Ensure that the pmbr_boot flag is off
 parted /dev/vda disk_set pmbr_boot off
 # configure swap to a file
 fallocate -l 2G /swapfile
 chmod 600 /swapfile
 mkswap /swapfile
 echo "/swapfile none swap defaults 0 0" >> /etc/fstab
 # sudo
 echo "%vagrant ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/vagrant
 chmod 0440 /etc/sudoers.d/vagrant
 # Fix for https://github.com/CentOS/sig-cloud-instance-build/issues/38
 cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
 DEVICE="eth0"
 BOOTPROTO="dhcp"
 ONBOOT="yes"
 TYPE="Ethernet"
 PERSISTENT_DHCLIENT="yes"
 EOF
 # sshd: disable password authentication and DNS checks
 # for virtualbox we're disabling it after provisioning
 cat >>/etc/sysconfig/sshd <<EOF
 # Decrease connection time by preventing reverse DNS lookups
 # (see https://lists.centos.org/pipermail/centos-devel/2016-July/014981.html
 #  and man sshd for more information)
 OPTIONS="-u0"
 EOF
 # Default insecure vagrant key
 mkdir -m 0700 -p /home/vagrant/.ssh
 echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" >> /home/vagrant/.ssh/authorized_keys
 chmod 600 /home/vagrant/.ssh/authorized_keys
 chown -R vagrant:vagrant /home/vagrant/.ssh
 # Fix for issue #76, regular users can gain admin privileges via su
 ex -s /etc/pam.d/su <<'EOF'
 # allow vagrant to use su, but prevent others from becoming root or vagrant
 /^account\s\+sufficient\s\+pam_succeed_if.so uid = 0 use_uid quiet$/
 :append
 account		[success=1 default=ignore] \\
 				pam_succeed_if.so user = vagrant use_uid quiet
 account		required	pam_succeed_if.so user notin root:vagrant
 .
 :update
 :quit
 EOF
 # Install VBoxGuestAdditions for installed kernel
 kver=$(rpm -q --queryformat="%{VERSION}-%{RELEASE}.%{ARCH}" kernel)
 echo "stg/rocky" > /etc/dnf/vars/contentdir
 sed -i 's/^#baseurl/baseurl/g;s/^mirrorlist/#mirrorlist/g' /etc/yum.repos.d/rocky*repo
 dnf -y install kernel-headers-$kver kernel-devel gcc make perl elfutils-libelf-devel
 sed -i 's/^baseurl/#baseurl/g;s/^#mirrorlist/mirrorlist/g' /etc/yum.repos.d/rocky*repo
 echo "pub/rocky" > /etc/dnf/vars/contentdir
 curl -L -o /tmp/vboxadditions.iso https://download.virtualbox.org/virtualbox/6.1.40/VBoxGuestAdditions_6.1.40.iso
 mkdir -p /media/VBoxGuestAdditions
 mount -o loop,ro /tmp/vboxadditions.iso /media/VBoxGuestAdditions
 mkdir -p /tmp/VBoxGuestAdditions
 sh /media/VBoxGuestAdditions/VBoxLinuxAdditions.run --nox11 --noexec --keep --target /tmp/VBoxGuestAdditions
 pushd /tmp/VBoxGuestAdditions
 ./install.sh
 /sbin/rcvboxadd quicksetup all
 popd
 ls "/lib/modules/${kver}/misc/"
 modinfo "/lib/modules/${kver}/misc/vboxsf.ko"
 rm -rf /tmp/VBoxGuestAdditions
 umount /media/VBoxGuestAdditions
 rm -f /tmp/vboxadditions.iso
 rmdir /media/VBoxGuestAdditions
 dnf -y remove kernel-devel gcc make perl elfutils-libelf-devel
 # systemd should generate a new machine id during the first boot, to
 # avoid having multiple Vagrant instances with the same id in the local
 # network. /etc/machine-id should be empty, but it must exist to prevent
 # boot errors (e.g.  systemd-journald failing to start).
 :>/etc/machine-id
 echo 'vag' > /etc/yum/vars/infra
 # Blacklist the floppy module to avoid probing timeouts
 echo blacklist floppy > /etc/modprobe.d/nofloppy.conf
 chcon -u system_u -r object_r -t modules_conf_t /etc/modprobe.d/nofloppy.conf
 # Customize the initramfs
 pushd /etc/dracut.conf.d
 # Enable VMware PVSCSI support for VMware Fusion guests.
 echo 'add_drivers+=" vmw_pvscsi "' > vmware-fusion-drivers.conf
 echo 'add_drivers+=" hv_netvsc hv_storvsc hv_utils hv_vmbus hid-hyperv "' > hyperv-drivers.conf
 # There's no floppy controller, but probing for it generates timeouts
 echo 'omit_drivers+=" floppy "' > nofloppy.conf
 popd
 # Fix the SELinux context of the new files
 restorecon -f - <<EOF
 /etc/sudoers.d/vagrant
 /etc/dracut.conf.d/vmware-fusion-drivers.conf
 /etc/dracut.conf.d/hyperv-drivers.conf
 /etc/dracut.conf.d/nofloppy.conf
 EOF
 # Rerun dracut for the installed kernel (not the running kernel):
 KERNEL_VERSION=$(rpm -q kernel --qf '%{version}-%{release}.%{arch}\n')
 dracut -f /boot/initramfs-${KERNEL_VERSION}.img ${KERNEL_VERSION}
 # Seal for deployment
 rm -rf /etc/ssh/ssh_host_*
 hostnamectl set-hostname localhost.localdomain
 rm -rf /etc/udev/rules.d/70-*
 %end
 %addon com_redhat_kdump --disable
 %end
 %packages --instLangs=en
 bash-completion
 bzip2
 chrony
 cifs-utils
 hyperv-daemons
 man-pages
 nfs-utils
 open-vm-tools
 rsync
 yum-utils
 -dracut-config-rescue
 -iwl100-firmware
 -iwl1000-firmware
 -iwl105-firmware
 -iwl135-firmware
 -iwl2000-firmware
 -iwl2030-firmware
 -iwl3160-firmware
 -iwl3945-firmware
 -iwl4965-firmware
 -iwl5000-firmware
 -iwl5150-firmware
 -iwl6000-firmware
 -iwl6000g2a-firmware
 -iwl6050-firmware
 -iwl7260-firmware
 -microcode_ctl
 -plymouth
 %end
--- a/Rocky-9-Workstation-Mainline.ks
+++ b/Rocky-9-Workstation-Mainline.ks
@ -1,470 +0,0 @@
 # Generated by pykickstart v3.34
 #version=RHEL8
 # X Window System configuration information
 xconfig  --startxonboot
 # Keyboard layouts
 keyboard 'us'
 # Root password
 rootpw --iscrypted --lock locked
 # System language
 lang en_US.UTF-8
 # Shutdown after installation
 shutdown
 # System timezone
 timezone US/Eastern
 # Network information
 network  --bootproto=dhcp --device=link --activate
 # Firewall configuration
 firewall --enabled --service=mdns
 # SELinux configuration
 selinux --enforcing
 # System services
 services --disabled="sshd" --enabled="NetworkManager,ModemManager"
 repo --name="BaseOS" --baseurl=http://dl.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/ --cost=200
 repo --name="AppStream" --baseurl=http://dl.rockylinux.org/stg/rocky/9/AppStream/$basearch/os/ --cost=200
 repo --name="CRB" --baseurl=http://dl.rockylinux.org/stg/rocky/9/CRB/$basearch/os/ --cost=200
 repo --name="extras" --baseurl=http://dl.rockylinux.org/stg/rocky/9/extras/$basearch/os --cost=200
 repo --name="elrepo-kernel" --baseurl=https://elrepo.org/linux/kernel/el8/$basearch/ --cost=200
 # Use network installation
 url --url="http://dl.rockylinux.org/stg/rocky/9/BaseOS/$basearch/os/"
 # System bootloader configuration
 bootloader --location=none
 # Clear the Master Boot Record
 zerombr
 # Partition clearing information
 clearpart --all
 # Disk partitioning information
 part / --fstype="ext4" --size=5120
 part / --size=6656
 %post
 # FIXME: it'd be better to get this installed from a package
 cat > /etc/rc.d/init.d/livesys << EOF
 #!/bin/bash
 #
 # live: Init script for live image
 #
 # chkconfig: 345 00 99
 # description: Init script for live image.
 ### BEGIN INIT INFO
 # X-Start-Before: display-manager chronyd
 ### END INIT INFO
 . /etc/init.d/functions
 if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ]; then
    exit 0
 fi
 if [ -e /.liveimg-configured ] ; then
    configdone=1
 fi
 exists() {
    which \$1 >/dev/null 2>&1 || return
    \$*
 }
 livedir="LiveOS"
 for arg in \`cat /proc/cmdline\` ; do
  if [ "\${arg##rd.live.dir=}" != "\${arg}" ]; then
    livedir=\${arg##rd.live.dir=}
    continue
  fi
  if [ "\${arg##live_dir=}" != "\${arg}" ]; then
    livedir=\${arg##live_dir=}
  fi
 done
 # Enable swap unless requested otherwise
 swaps=\`blkid -t TYPE=swap -o device\`
 if ! strstr "\`cat /proc/cmdline\`" noswap && [ -n "\$swaps" ] ; then
  for s in \$swaps ; do
    action "Enabling swap partition \$s" swapon \$s
  done
 fi
 if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /run/initramfs/live/\${livedir}/swap.img ] ; then
  action "Enabling swap file" swapon /run/initramfs/live/\${livedir}/swap.img
 fi
 # Support for persistent homes
 mountPersistentHome() {
  # support label/uuid
  if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then
    homedev=\`/sbin/blkid -o device -t "\$homedev"\`
  fi
  # if we're given a file rather than a blockdev, loopback it
  if [ "\${homedev##mtd}" != "\${homedev}" ]; then
    # mtd devs don't have a block device but get magic-mounted with -t jffs2
    mountopts="-t jffs2"
  elif [ ! -b "\$homedev" ]; then
    loopdev=\`losetup -f\`
    if [ "\${homedev##/run/initramfs/live}" != "\${homedev}" ]; then
      action "Remounting live store r/w" mount -o remount,rw /run/initramfs/live
    fi
    losetup \$loopdev \$homedev
    homedev=\$loopdev
  fi
  # if it's encrypted, we need to unlock it
  if [ "\$(/sbin/blkid -s TYPE -o value \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then
    echo
    echo "Setting up encrypted /home device"
    plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome"
    homedev=/dev/mapper/EncHome
  fi
  # and finally do the mount
  mount \$mountopts \$homedev /home
  # if we have /home under what's passed for persistent home, then
  # we should make that the real /home.  useful for mtd device on olpc
  if [ -d /home/home ]; then mount --bind /home/home /home ; fi
  [ -x /sbin/restorecon ] && /sbin/restorecon /home
  if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi
 }
 # Help locate persistent homes
 findPersistentHome() {
  for arg in \`cat /proc/cmdline\` ; do
    if [ "\${arg##persistenthome=}" != "\${arg}" ]; then
      homedev=\${arg##persistenthome=}
    fi
  done
 }
 if strstr "\`cat /proc/cmdline\`" persistenthome= ; then
  findPersistentHome
 elif [ -e /run/initramfs/live/\${livedir}/home.img ]; then
  homedev=/run/initramfs/live/\${livedir}/home.img
 fi
 # Mount the persistent home if it's available
 if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then
  action "Mounting persistent /home" mountPersistentHome
 fi
 if [ -n "\$configdone" ]; then
  exit 0
 fi
 # Create the liveuser (no password) so automatic logins and sudo works
 action "Adding live user" useradd \$USERADDARGS -c "Live System User" liveuser
 passwd -d liveuser > /dev/null
 usermod -aG wheel liveuser > /dev/null
 # Same for root
 passwd -d root > /dev/null
 # Turn off firstboot (similar to a DVD/minimal install, where it asks
 # for the user to accept the EULA before bringing up a TTY)
 systemctl --no-reload disable firstboot-text.service 2> /dev/null || :
 systemctl --no-reload disable firstboot-graphical.service 2> /dev/null || :
 systemctl stop firstboot-text.service 2> /dev/null || :
 systemctl stop firstboot-graphical.service 2> /dev/null || :
 # Prelinking damages the images
 sed -i 's/PRELINKING=yes/PRELINKING=no/' /etc/sysconfig/prelink &>/dev/null || :
 # Turn off mdmonitor by default
 systemctl --no-reload disable mdmonitor.service 2> /dev/null || :
 systemctl --no-reload disable mdmonitor-takeover.service 2> /dev/null || :
 systemctl stop mdmonitor.service 2> /dev/null || :
 systemctl stop mdmonitor-takeover.service 2> /dev/null || :
 # Even if there isn't gnome, this doesn't hurt.
 gsettings set org.gnome.software download-updates 'false' || :
 # Disable cron
 systemctl --no-reload disable crond.service 2> /dev/null || :
 systemctl --no-reload disable atd.service 2> /dev/null || :
 systemctl stop crond.service 2> /dev/null || :
 systemctl stop atd.service 2> /dev/null || :
 # Disable abrt
 systemctl --no-reload disable abrtd.service 2> /dev/null || :
 systemctl stop abrtd.service 2> /dev/null || :
 # Don't sync the system clock when running live (RHBZ #1018162)
 sed -i 's/rtcsync//' /etc/chrony.conf
 # Mark things as configured
 touch /.liveimg-configured
 # add static hostname to work around xauth bug
 # https://bugzilla.redhat.com/show_bug.cgi?id=679486
 # the hostname must be something else than 'localhost'
 # https://bugzilla.redhat.com/show_bug.cgi?id=1370222
 echo "localhost" > /etc/hostname
 EOF
 # HAL likes to start late.
 cat > /etc/rc.d/init.d/livesys-late << EOF
 #!/bin/bash
 #
 # live: Late init script for live image
 #
 # chkconfig: 345 99 01
 # description: Late init script for live image.
 . /etc/init.d/functions
 if ! strstr "\`cat /proc/cmdline\`" rd.live.image || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then
    exit 0
 fi
 exists() {
    which \$1 >/dev/null 2>&1 || return
    \$*
 }
 touch /.liveimg-late-configured
 # Read some stuff out of the kernel cmdline
 for o in \`cat /proc/cmdline\` ; do
    case \$o in
    ks=*)
        ks="--kickstart=\${o#ks=}"
        ;;
    xdriver=*)
        xdriver="\${o#xdriver=}"
        ;;
    esac
 done
 # If liveinst or textinst is given, start installer
 if strstr "\`cat /proc/cmdline\`" liveinst ; then
   plymouth --quit
   /usr/sbin/liveinst \$ks
 fi
 if strstr "\`cat /proc/cmdline\`" textinst ; then
   plymouth --quit
   /usr/sbin/liveinst --text \$ks
 fi
 # Configure X, allowing user to override xdriver
 if [ -n "\$xdriver" ]; then
   cat > /etc/X11/xorg.conf.d/00-xdriver.conf <<FOE
 Section "Device"
 	Identifier	"Videocard0"
 	Driver	"\$xdriver"
 EndSection
 FOE
 fi
 EOF
 chmod 755 /etc/rc.d/init.d/livesys
 /sbin/restorecon /etc/rc.d/init.d/livesys
 /sbin/chkconfig --add livesys
 chmod 755 /etc/rc.d/init.d/livesys-late
 /sbin/restorecon /etc/rc.d/init.d/livesys-late
 /sbin/chkconfig --add livesys-late
 # Enable tmpfs for /tmp - this is a good idea
 systemctl enable tmp.mount
 # make it so that we don't do writing to the overlay for things which
 # are just tmpdirs/caches
 # note https://bugzilla.redhat.com/show_bug.cgi?id=1135475
 cat >> /etc/fstab << EOF
 vartmp   /var/tmp    tmpfs   defaults   0  0
 EOF
 # PackageKit likes to play games. Let's fix that.
 rm -f /var/lib/rpm/__db*
 releasever=$(rpm -q --qf '%{version}\n' --whatprovides system-release)
 basearch=$(uname -i)
 rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial
 echo "Packages within this LiveCD"
 rpm -qa
 # Note that running rpm recreates the rpm db files which aren't needed or wanted
 rm -f /var/lib/rpm/__db*
 # go ahead and pre-make the man -k cache (#455968)
 /usr/bin/mandb
 # make sure there aren't core files lying around
 rm -f /core*
 # remove random seed, the newly installed instance should make it's own
 rm -f /var/lib/systemd/random-seed
 # convince readahead not to collect
 # FIXME: for systemd
 echo 'File created by kickstart. See systemd-update-done.service(8).' \
    | tee /etc/.updated >/var/.updated
 # Drop the rescue kernel and initramfs, we don't need them on the live media itself.
 # See bug 1317709
 rm -f /boot/*-rescue*
 # Disable network service here, as doing it in the services line
 # fails due to RHBZ #1369794 - the error is expected
 /sbin/chkconfig network off
 # Remove machine-id on generated images
 rm -f /etc/machine-id
 touch /etc/machine-id
 %end
 %post --nochroot
 cp $INSTALL_ROOT/usr/share/licenses/*-release/* $LIVE_ROOT/
 # This only works on x86_64
 if [ "$(uname -i)" = "i386" -o "$(uname -i)" = "x86_64" ]; then
    # For livecd-creator builds
    if [ ! -d $LIVE_ROOT/LiveOS ]; then mkdir -p $LIVE_ROOT/LiveOS ; fi
    cp /usr/bin/livecd-iso-to-disk $LIVE_ROOT/LiveOS
    # For lorax/livemedia-creator builds
    sed -i '
    /## make boot.iso/ i\
    # Add livecd-iso-to-disk script to .iso filesystem at /LiveOS/\
    <% f = "usr/bin/livecd-iso-to-disk" %>\
    %if exists(f):\
        install ${f} ${LIVEDIR}/${f|basename}\
    %endif\
    ' /usr/share/lorax/templates.d/99-generic/live/x86.tmpl
 fi
 %end
 %post
 cat >> /etc/rc.d/init.d/livesys << EOF
 # disable gnome-software automatically downloading updates
 cat >> /usr/share/glib-2.0/schemas/org.gnome.software.gschema.override << FOE
 [org.gnome.software]
 download-updates=false
 FOE
 # don't autostart gnome-software session service
 rm -f /etc/xdg/autostart/gnome-software-service.desktop
 # disable the gnome-software shell search provider
 cat >> /usr/share/gnome-shell/search-providers/org.gnome.Software-search-provider.ini << FOE
 DefaultDisabled=true
 FOE
 # don't run gnome-initial-setup
 mkdir ~liveuser/.config
 touch ~liveuser/.config/gnome-initial-setup-done
 # suppress anaconda spokes redundant with gnome-initial-setup
 cat >> /etc/sysconfig/anaconda << FOE
 [NetworkSpoke]
 visited=1
 [PasswordSpoke]
 visited=1
 [UserSpoke]
 visited=1
 FOE
 # make the installer show up
 if [ -f /usr/share/applications/liveinst.desktop ]; then
  # Show harddisk install in shell dash
  #sed -i -e 's/NoDisplay=true/NoDisplay=false/' /usr/share/applications/liveinst.desktop ""
  # need to move it to anaconda.desktop to make shell happy
  mv /usr/share/applications/liveinst.desktop /usr/share/applications/anaconda.desktop
  cat >> /usr/share/glib-2.0/schemas/org.gnome.shell.gschema.override << FOE
 [org.gnome.shell]
 favorite-apps=['firefox.desktop', 'evolution.desktop', 'rhythmbox.desktop', 'shotwell.desktop', 'org.gnome.Nautilus.desktop', 'anaconda.desktop']
 FOE
  # Make the welcome screen show up
  if [ -f /usr/share/anaconda/gnome/fedora-welcome.desktop ]; then
    mkdir -p ~liveuser/.config/autostart
    #sed -i "s/Red Hat Enterprise/Rocky/g" /usr/share/anaconda/gnome/fedora-welcome.desktop
    #sed -i "s/RHEL/Rocky Linux/g" /usr/share/anaconda/gnome/fedora-welcome
    #sed -i "s/Red Hat Enterprise/Rocky/g" /usr/share/anaconda/gnome/fedora-welcome
    #sed -i "s/org.fedoraproject.AnacondaInstaller/fedora-logo-icon/g" /usr/share/anaconda/gnome/fedora-welcome
    #sed -i "s/org.fedoraproject.AnacondaInstaller/fedora-logo-icon/g" /usr/share/applications/anaconda.desktop
    cp /usr/share/anaconda/gnome/fedora-welcome.desktop /usr/share/applications/
    cp /usr/share/anaconda/gnome/fedora-welcome.desktop ~liveuser/.config/autostart/
  fi
  # Copy Anaconda branding in place
  if [ -d /usr/share/lorax/product/usr/share/anaconda ]; then
    cp -a /usr/share/lorax/product/* /
  fi
 fi
 # rebuild schema cache with any overrides we installed
 glib-compile-schemas /usr/share/glib-2.0/schemas
 # set up auto-login
 cat > /etc/gdm/custom.conf << FOE
 [daemon]
 AutomaticLoginEnable=True
 AutomaticLogin=liveuser
 FOE
 # Turn off PackageKit-command-not-found while uninstalled
 if [ -f /etc/PackageKit/CommandNotFound.conf ]; then
  sed -i -e 's/^SoftwareSourceSearch=true/SoftwareSourceSearch=false/' /etc/PackageKit/CommandNotFound.conf
 fi
 # switch default kernel
 sed -i 's/DEFAULTKERNEL=kernel/DEFAULTKERNEL=kernel-ml/g' /etc/sysconfig/kernel
 # enable elrepo kernel
 dnf config-manager --set-enabled elrepo-kernel
 # make sure to set the right permissions and selinux contexts
 chown -R liveuser:liveuser /home/liveuser/
 restorecon -R /home/liveuser/
 restorecon -R /
 EOF
 %end
 %packages
@anaconda-tools
@base-x
@core
@fonts
@gnome-desktop
@guest-desktop-agents
@hardware-support
@internet-browser
@multimedia
@networkmanager-submodules
@workstation-product
 aajohan-comfortaa-fonts
 anaconda
 anaconda-install-env-deps
 anaconda-live
 chkconfig
 dracut-live
 elrepo-release
 glibc-all-langpacks
 initscripts
 kernel-ml
 kernel-ml-modules
 kernel-ml-modules-extra
 libreoffice-calc
 libreoffice-emailmerge
 libreoffice-graphicfilter
 libreoffice-impress
 libreoffice-writer
 memtest86+
 syslinux
 -@dial-up
 -@input-methods
 -@standard
 -gfs2-utils
 -reiserfs-utils
 %end
Author	SHA1	Message	Date
Arkady L. Shane	38c0906c57	Fix urls	7 months ago
Arkady L. Shane	51b8ee61d7	Drop yandex-browser-release	8 months ago
Arkady L. Shane	41f9783e8c	Fix typo	8 months ago
Arkady L. Shane	9a5d10d9dc	Update repos url	8 months ago
Arkady L. Shane	95bdfa48f3	Rename internet-browser group to internet-browser-chromium	11 months ago
Arkady L. Shane	d22f9be72c	rename script	11 months ago
Arkady L. Shane	1c53bf6d7f	Drop gnome-tour	11 months ago
Arkady L. Shane	6f2aa38da8	Added libreoffice-draw	11 months ago
Arkady L. Shane	1fcc0c31de	Rename ks file	11 months ago
Arkady L. Shane	cefca37903	enable disable-gestures-2021@verycrazydog.gmail.com for temp users	11 months ago
Arkady L. Shane	f926bb7ba5	Fix script	11 months ago
Arkady L. Shane	338c5c6dc1	Update nexttouch-addusers script	11 months ago
Arkady L. Shane	4f0b8e42bb	Enable disable-gestures-2021 extension	11 months ago
Arkady L. Shane	c680b5b6a4	Fix gramma mistake	11 months ago
Arkady L. Shane	171d07d13d	Enable disable-background-menu@git.wongwanchap.mo extension	11 months ago
Arkady L. Shane	a0b4f6507c	No prompt for logout	11 months ago
Arkady L. Shane	38172b0b3f	Fix button text	11 months ago
Arkady L. Shane	ababcf513e	Added ARM NextTouch kickstart	11 months ago
Arkady L. Shane	3248c8c0bc	Added gnome-calendar	12 months ago
Arkady L. Shane	9e84b53c91	Use kickstart repos	12 months ago
Arkady L. Shane	70e0cffca9	Added compat-openssl11	1 year ago
Arkady L. Shane	7a23805980	Enable notification-banner-reloaded extension	1 year ago
Arkady L. Shane	c742836789	Added ntfs-3g and alsa-firmware	1 year ago
Arkady L. Shane	8bc3e9c2a7	Added simple-scan	1 year ago
Arkady L. Shane	b97adba7a0	Drop NetworkManager-initscripts-updown	1 year ago
Arkady L. Shane	908bf80064	set keyboard properties	1 year ago
Arkady L. Shane	84b665e023	Added hplip	1 year ago
Arkady L. Shane	3f2a1bbdcf	Added system-config-printer	1 year ago
Arkady L. Shane	1defaa183a	Added KDE config	1 year ago
Arkady L. Shane	8dc39820e6	Fix language and gpg key	1 year ago
Arkady L. Shane	537b440c49	Added KDE config	1 year ago
Arkady L. Shane	8eed2b693a	use sphere-release-identity-cinnamon	1 year ago
Arkady L. Shane	871cc31e79	Drop yubioath-desktop and ykocli	1 year ago
Arkady L. Shane	edf78d35be	Fix input-sources	1 year ago
Arkady L. Shane	a2b71c0582	Change schema to setup keyboard	1 year ago
Arkady L. Shane	59756f6fb1	Added missing %end	1 year ago
Arkady L. Shane	9328aade14	Apply new icons, background and layouts	1 year ago
Arkady L. Shane	28d25980bd	Set dock fixed	1 year ago
Arkady L. Shane	83e3c24be8	Fix dock extension	1 year ago
Arkady L. Shane	4f20b55295	Change backgrounds package	1 year ago
Arkady L. Shane	558d221198	Drop schemas override creation in favor of config packages	1 year ago
Arkady L. Shane	a7068486f7	Change repos	1 year ago
Arkady L. Shane	eac66c531b	Drop Rocky files	1 year ago
Arkady L. Shane	bdee92b65c	Rocky-9-Cinnamon.ks	1 year ago
Arkady L. Shane	307e055e00	added MSVSphere-9-Cinnamon.ks	1 year ago
Arkady L. Shane	b9de6b1f1c	Enable dash-to-dock extension, disable ArmMenu, Desktop Icons, Dash To Panel	1 year ago
Arkady L. Shane	7659ba4a09	Added MSVSphere-9-ARM.ks	1 year ago
Arkady L. Shane	134aefc6c7	Added samba-client, removed gnome-network-displays	1 year ago
Arkady L. Shane	0a048cbdb2	Added yubioath-desktop, ykocli, gnome-network-displays	1 year ago
Arkady L. Shane	729a6870a2	Fix language/keyboard layout and switchers	1 year ago
Arkady L. Shane	29a940a8fc	added more NM packages	1 year ago
Arkady L. Shane	40b15fe421	added NetworkManager-l2tp-gnome	1 year ago
Arkady L. Shane	63bdb5af55	added sphere-release-identity-arm	1 year ago
Arkady L. Shane	0d9bcf5a46	Final fix to use gnome-shell-extension-desktop-icons-ng	1 year ago
Arkady L. Shane	1eb47e6bf0	Drop mozilla-openh264	1 year ago
Arkady L. Shane	05bab65074	Host Fix for livemedia-creator	1 year ago
Arkady L. Shane	ca008cdfda	added package yandex-browser-release (not Yandex Browser)	1 year ago
Arkady L. Shane	8a331ebaa0	- Enable ding@rastersoft.com - Disable desktop-icons@gnome-shell-extensions.gcampax.github.com	1 year ago
Arkady L. Shane	d56b2925eb	drop totem	1 year ago
Arkady L. Shane	4c42c47dd4	added liberation-narrow-fonts	1 year ago
Arkady L. Shane	9fa8f5a389	enable cups	1 year ago
Arkady L. Shane	6b1d330329	added gparted	1 year ago
Arkady L. Shane	88e11af477	added @print-client	1 year ago
Arkady L. Shane	c7951e0bd3	added Russian langpacks	1 year ago
Arkady L. Shane	0057a7eb40	do not add flathub repo	1 year ago
Arkady L. Shane	8e4fb8d180	added mpv	1 year ago
Arkady L. Shane	92c38fb6c6	added Cinnamon config	1 year ago
Arkady L. Shane	1254ea2172	drop firefox	1 year ago
Arkady L. Shane	12b2892eb6	drop gnome-shell-extension-apps-menu	1 year ago
Arkady L. Shane	74696927b7	Enable tap to click	1 year ago
Arkady L. Shane	f36d62b426	- Enable firewall for samba and samba-client - Enable selinuxuser_execmod bool	1 year ago
Arkady L. Shane	15158f9395	Disable Yandex Browser repo	1 year ago
Arkady L. Shane	ec704dfb76	Validate gdm configuration	1 year ago
Arkady L. Shane	7783b4bb7c	Update repos list	1 year ago
Arkady L. Shane	893c9a2b5c	Switch firewall to internal zone	1 year ago
ashejn	745b148191	added pipewire-module-xrdp	1 year ago
Arkady L. Shane	b6ec83185d	Fix Samba overview. Revert rhbz#1966484	1 year ago
Arkady L. Shane	69ce53b5eb	- enable epel - set chromium icon to panel - disable Wayand by default - fix keyboard switcher - drop Terminal schema - add new packages	1 year ago
ashejn	963a39eee7	* use KOJI repos * added more extensions * added flathub * apply new fonts	1 year ago
Аркадий Шейн	95401bb28b	add flathub.flatpakrepo remote	1 year ago
ashejn	ee4c9b12e3	add MSVSphere-9-Workstation.ks	1 year ago