El dom, 06-02-2022 a las 13:07 +0000, Jinesh Choksi escribió:
I've created an AutoYaST control file (autoinst.xml) which installs an openSUSE Tumbleweed system for use as a Virtual Machine OS. There are three issues I've not been able to fing a solution/workaround for:
Hi Jinesh,
1. There doesn't seem to be a way to specify which Linux Security Module is selected via autoinst.xml. This means that my attempts to remove apparmor related patterns / packages fail and it requires manual intervention. As far as I can tell, the LSM is specified in the control.xml file in the openSUSE installation media's /x86_64/openSUSE-release-*.rpm package and I don't know how I can override it.
Good news! This feature was introduced recently :-). It is included in yast2-security 4.4.10, so it will be available in openSUSE Leap 15.4 and it is already available in the latest Tumbleweed version (20220204). The LSM is selected within the <security/> section: <security> <lsm_select>selinux</lsm_select> </security> You can select "selinux", "apparmor" and "none". The documentation is being updated. Of course, you might need to remove the apparmor patterns/packages from the software section.
2. After looking at examples on how to prompt the user for a hostname, I believe I've configured the control file correctly but it never sets the machine's hostname to the value the user provides. It always sets it to the literal value of the <hostname>...</hostname> tag. Does anyone see anything wrong with the control file?
I can confirm this problem. I am having a look into it.
3. The following does not provide the user the ability to manually configure the network settings but they can configure customise the disk partitioning. Am I missing something?
<semi-automatic t="list"> <semi-automatic_entry>networking</semi-automatic_entry> <semi-automatic_entry>partitioning</semi-automatic_entry> </semi-automatic>
The networking client will not run in these situations: a) you already specified the interfaces configuration in the networking section of the AutoYaST profile. b) you are using NetworkManager. Now that we have basic support for NetworkManager, I would say that we should run the client *always*. In case we want to keep a), we need to improve the detection of such a situation (e.g., if your system is already connected to the network in order to read the AutoYaST profile, we consider the network as already configured -and perhaps we should not-). But maybe I am missing something. Knut/Michal, could you clarify?
regards,
Regards, Imo -- Imobach González Sosa YaST Team at SUSE LLC https://imobachgs.github.io/