search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bumped the size of the node image to 700M.
[ovirt-node-image.git] / common-blacklist.ks
blob0dd0332cc6b49ab3bc40fc236ba629fac0a5053c
1 # -*-Shell-script-*-
2 %post
3
4 echo "Removing excess RPMs"
5
6 # kernel pulls in mkinitrd which pulls in isomd5sum which pulls in python,
7 # and livecd-tools needs lokkit to configure SELinux.
8 # However, this is just an install-time dependency; we can remove
9 # it afterwards, which we do here
10 RPMS="system-config-firewall-tui system-config-network-tui rhpl \
11     rpm-python kudzu libsemanage-python"
12
13 RPMS="$RPMS kpartx mkinitrd isomd5sum dmraid checkpolicy"
14
15 # Remove additional RPMs forcefully
16 RPMS="$RPMS gamin pm-utils kbd usermode vbetool ConsoleKit hdparm \
17     efibootmgr linux-atm-libs fedora-release-notes \
18     psmisc cryptsetup-luks pciutils mtools syslinux \
19     wireless-tools radeontool libicu gnupg2 \
20     fedora-logos"
21
22 # cronie pulls in exim (sendmail) which pulls in all kinds of perl deps
23 RPMS="$RPMS exim perl-version perl-Pod-Simple perl-libs perl-Module-Pluggable \
24     perl-Pod-Escapes perl"
25
26 RPMS="$RPMS sysklogd"
27
28 # workaround for gpxe issue with the virt-preview qemu on F11 host kernel
29 # https://bugzilla.redhat.com/show_bug.cgi?id=512358
30 RPMS="$RPMS gpxe-roms-qemu"
31 ln -snf ../etherboot/e1000-82542.zrom /usr/share/qemu/pxe-e1000.bin
32 ln -snf ../etherboot/ne.zrom          /usr/share/qemu/pxe-ne2k_pci.bin
33 ln -snf ../etherboot/pcnet32.zrom     /usr/share/qemu/pxe-pcnet.bin
34 ln -snf ../etherboot/rtl8139.zrom     /usr/share/qemu/pxe-rtl8139.bin
35 ln -snf ../etherboot/virtio-net.zrom  /usr/share/qemu/pxe-virtio.bin
36
37 # Things we could probably remove if libvirt didn't link against them
38 #RPMS="$RPMS avahi PolicyKit xen-libs"
39
40 # Things we could probably remove if qemu-kvm didn't link against them
41 #RPMS="$RPMS SDL alsa-lib"
42
43 # Pam complains when this is missing
44 #RPMS="$RPM ConsoleKit-libs"
45
46 for rpm in $RPMS; do
47     rpm -v -e --nodeps $rpm 2> /dev/null
48 done
49
50 # the following are lists of kernel modules we are pretty sure we won't need;
51 # note that these can be single files or whole directories.  They are specified
52 # starting at $MODULES; so if you want to remove the NLS stuff from the
53 # fs subdir, your mods entry would be "fs/nls"
54 fs_mods="fs/nls fs/9p fs/affs fs/autofs fs/autofs4 fs/befs fs/bfs fs/cifs \
55        fs/coda fs/cramfs fs/dlm fs/ecryptfs fs/efs fs/exportfs fs/ext4 \
56        fs/freevxfs fs/gfs2 fs/hfs fs/hfsplus fs/jbd2 fs/jffs \
57        fs/jffs2 fs/jfs fs/minix fs/ncpfs fs/ocfs2 fs/qnx4 fs/reiserfs \
58        fs/romfs fs/sysv fs/udf fs/ufs fs/xfs"
59
60 net_mods="net/9p net/appletalk net/atm net/ax25 \
61        net/bluetooth net/dccp net/decnet net/ieee80211 net/ipx net/irda \
62        net/mac80211 net/netrom net/rfkill net/rose net/sched net/tipc \
63        net/wanrouter net/wireless"
64
65 driver_mods="drivers/auxdisplay drivers/net/appletalk \
66        drivers/net/hamradio drivers/net/pcmcia drivers/net/tokenring \
67        drivers/net/wireless drivers/net/irda drivers/atm drivers/usb/atm \
68        drivers/acpi drivers/char/drm drivers/char/mwave \
69        drivers/char/ipmp drivers/char/pcmcia drivers/crypto drivers/dca \
70        drivers/firmware drivers/memstick drivers/mmc drivers/mfs \
71        drivers/parport drivers/video drivers/watchdog drivers/net/ppp* \
72        drivers/usb/serial drivers/usb/misc drivers/usb/class \
73        drivers/usb/image drivers/rtc drivers/char/lp*"
74
75 misc_mods="drivers/bluetooth drivers/firewire drivers/i2c drivers/isdn \
76        drivers/media drivers/misc drivers/leds drivers/mtd drivers/w1 sound \
77        drivers/input drivers/pcmcia drivers/scsi/pcmcia"
78
79 echo "Removing excess kernel modules"
80 MODULES="/lib/modules/*/kernel"
81 RM="rm -rf"
82
83 for mods in $fs_mods $net_mods $misc_mods $driver_mods ; do
84     $RM $MODULES/$mods
85 done
86
87 echo "Removing all timezones except for UTC"
88 find /usr/share/zoneinfo -regextype egrep -type f \
89   ! -regex ".*/UTC|.*/GMT" -exec $RM {} \;
90
91 echo "Removing blacklisted files and directories"
92 blacklist="/etc/alsa /etc/pki /usr/share/hwdata/MonitorsDB \
93     /usr/share/hwdata/oui.txt /usr/share/hwdata/videoaliases \
94     /usr/share/firstboot /usr/share/lua /usr/share/kde4 /usr/share/pixmaps \
95     /usr/share/hwdata/videodrivers /usr/share/icons /usr/share/fedora-release \
96     /usr/share/tabset /usr/share/libvirt /usr/share/augeas/lenses/tests \
97     /usr/share/tc /usr/share/emacs /usr/share/info \
98     /usr/src /usr/etc /usr/games /usr/include /usr/local \
99     /usr/sbin/{dell*,sasldblistusers2,build-locale-archive,glibc_post_upgrade.*}"
100 blacklist_lib="/usr/{,lib64}/tc \
101     /usr/lib{,64}/tls /usr/lib{,64}/sse2 \
102     /usr/lib{,64}/pkgconfig /usr/lib{,64}/nss \
103     /usr/lib{,64}/games /usr/lib{,64}/alsa-lib /usr/lib{,64}/fs/reiserfs \
104     /usr/lib{,64}/krb5 /usr/lib{,64}/hal /usr/lib{,64}/gio \
105     /usr/lib/locale /usr/lib/syslinux"
106 blacklist_pango="/usr/lib{,64}/pango /usr/lib{,64}/libpango* \
107     /etc/pango /usr/bin/pango*"
108 blacklist_hal="/usr/bin/hal-disable-polling \
109     /usr/bin/hal-is-caller-locked-out /usr/bin/hal-is-caller-privileged \
110     /usr/bin/hal-lock /usr/bin/hal-set-property /usr/bin/hal-setup-keymap"
111 blacklist_ssh="/usr/bin/sftp /usr/bin/slogin /usr/bin/ssh /usr/bin/ssh-add \
112     /usr/bin/ssh-agent /usr/bin/ssh-copy-id /usr/bin/ssh-keyscan"
113 blacklist_docs="/usr/share/omf /usr/share/gnome /usr/share/doc \
114     /usr/share/locale /usr/share/libthai /usr/share/man \
115     /usr/share/X11 /usr/share/i18n"
116
117 eval $RM $blacklist $blacklist_lib $blacklist_pango $blacklist_hal \
118     $blacklist_ssh $blacklist_docs
119
120 echo "Cleanup empty directory structures in /usr/share"
121 find /usr/share -type d -exec rmdir {} \; > /dev/null 2>&1
122
123 echo "Cleanup excess selinux modules"
124 $RM /usr/share/selinux
125
126 echo "Removing python source files"
127 find / -name '*.py' -exec rm -f {} \;
128 find / -name '*.pyo' -exec rm -f {} \;
129
130 echo "Running image-minimizer..."
131 %end
132
133 %post --nochroot --interpreter image-minimizer
134 drop /usr/lib/libboost*
135 keep /usr/lib/libboost_program_options.so*
136 keep /usr/lib/libboost_filesystem.so*
137 keep /usr/lib/libboost_thread-mt.so*
138 keep /usr/lib/libboost_system.so*
139 drop /usr/lib64/libboost*
140 keep /usr/lib64/libboost_program_options.so*
141 keep /usr/lib64/libboost_filesystem.so*
142 keep /usr/lib64/libboost_thread-mt.so*
143 keep /usr/lib64/libboost_system.so*
144 drop /usr/kerberos
145 keep /usr/kerberos/bin/kinit
146 keep /usr/kerberos/bin/klist
147 drop /lib/firmware
148 keep /lib/firmware/3com
149 keep /lib/firmware/acenic
150 keep /lib/firmware/adaptec
151 keep /lib/firmware/advansys
152 keep /lib/firmware/bnx2
153 keep /lib/firmware/cxgb3
154 keep /lib/firmware/e100
155 keep /lib/firmware/myricom
156 keep /lib/firmware/qlogic
157 keep /lib/firmware/sun
158 keep /lib/firmware/tehuti
159 keep /lib/firmware/tigon
160 %end
161
Bootable oVirt Node in ISO and PXE image formats