Appendix – kickstart options
The following table covers the most popular options that control the installation and their syntax:
| Option Name | authselect | ||||
| Description | It configures the authentication options for the system using the authselect command. authselect options are the same as the authselect command. They are passed directly to the command. | ||||
| Options | See the authselect command. | ||||
| Option Name | autostep | ||||
| Description | This option is not recommended for production use. It is more of a troubleshooting command that makes the installer step through every screen, displaying them for a short amount of time. | ||||
| Options | –autoscreenshot will take an automated screenshot of every install screen. The images are stored in /tmp/anaconda-screenshots/ during the installation and then moved over to /root/anaconda-screenshots when the installation completes. This is helpful for troubleshooting because if you missed a required kickstart option and the installation does not automatically run, you will be at the screen with missing data, and can manually enter the missing configuration data. Then, when you click to continue, the screen is automatically captured with the data you manually entered. | ||||
| Option Name | cmdline | ||||
| Description | When used, the install runs in a non-interactive command-line mode. Any prompt from Anaconda for input stops the installation. Make sure to test with the autostep option first. | ||||
| Options | None | ||||
| Option Name | eula | ||||
| Description | If used, the –-agreed option is required. This option allows you to automatically accept the End User License Agreement (EULA). When this option is used, the installer will not prompt for acceptance of the EULA on the first reboot of the system. This is very useful for environments that use a PXE boot as part of the auto-scaling strategy. | ||||
| Options | –agreed forces the EULA to be accepted and must be used. If the option is not used, the EULA parameter is ignored. | ||||
| Option Name | firewall | ||||
| Description | This configures the firewall on the installed system. | ||||
| Options | –enabled or –enable is required. It enables or disables the firewall.–disabled or –disable is required. If disabled, iptables rules are not configured.–trust sets a trusted network device, allowing all traffic to pass through the firewall. To configure multiple devices, list each one as its own entry with no commas, such as –trust eth0 –trust eth8.–incoming adds each of the following tags to allow incoming traffic for these common services:–ssh–smtp–http–ftp–port= specifies a specific port to allow access to the server. You can use ports from /etc/service for specific port:protocol combinations. Multiple ports are comma delimited. An example is ldap:tcp, 1521:tcp.–service= allows an easy way to enable specific services, such as CUPS, or services that require multiple UDP/TCP ports to be opened. This enables an easy way to open these ports in a readable format.–use-system-defaults does not configure the firewall. If other options are specified, they are ignored. | ||||
| Option Name | firstboot | ||||
| Description | This option can disable the running of the setup application when the system boots. If enabled, make sure you have initial-setup.rpm (initial-setup-gui.rpm if a GUI is required) installed. This option is disabled by default. | ||||
| Options | –enable or –enabled starts the setup the first time the system boots.–disable or –disabled does not start the setup the first time the system boots.–reconfig enables the setup to start at boot time in reconfiguration mode. This enables the networking configuration, root password, time zone, language, mouse, and keyboard options to be set in addition to the default options. | ||||
| Option Name | graphical | ||||
| Description | The graphical command is the default, if not set. The installation continues with a fully graphical install. | ||||
| Options | –non-interactive performs the installation in a completely non-interactive mode. This mode will terminate the installation when user interaction is required. | ||||
| Option Name | group | ||||
| Description | This option creates a user group on the system. | ||||
| Options | –name= is required and sets the name of the group.–gid= is an optional parameter and will set the GID of the group. | ||||
| Option Name | halt | ||||
| Description | If used, the system with halt after the installation is completed. This is the default completion method if no other method is set. Other completion methods are poweroff, reboot, and shutdown. | ||||
| Options | None | ||||
| Option Name | logging | ||||
| Description | This is useful for troubleshooting PXE installs. It controls the logging from the installer during the installation. It does not configure logging on the system being installed. | ||||
| Options | –host= is the syslog host logs are sent to.–port= is the port used for syslog on the remote syslog host. If not set, the default port (UDP 514) is used.–level= specifies the minimum level of messages sent to device tty3. Regardless of this level, all messages are still sent to the log host and file. Valid values are critical, debug, error, info, and warning. | ||||
| Syntax | logging [–host=host] [–port=port] [–level=critical|debug|error|info] | ||||
| Option Name | poweroff | ||||
| Description | When used, a shutdown and power-off are performed on the system after the installation completes. | ||||
| Options | None | ||||
| Option Name | reboot | ||||
| Description | It reboots the system after the install completes. | ||||
| Options | –eject ejects bootable media (DVD, USB, etc.) before rebooting the system. | ||||
| Option Name | repo | ||||
| Description | Enables additional DNF/YUM repos as installation sources. Each repo will need its own line. | ||||
| Options | –name= is required and sets both the repo name and URL. If a name conflicts with an existing repo, it will be ignored. The format is –name=repoid [–baseurl=url|–mirrorlist=url|–metalink=url] [options]. The following additional options can be added to the URL. As a warning, variables that can be used in yum repository config files are not supported. However, you can use $releasever and $basearch:–baseurl: This is the URL of the repo–mirrorlist: This is a list of mirrors for a repo–metalink: This is the URL with metalink for the repo–proxy=[protocol://][username[:password]@]host[:port] sets the proxy for the repo.–noverifyssl disables SSL verification of an HTTPS server. | ||||
| Option Name | selinux | ||||
| Description | Used to configure the initial policy and state of selinux. The default policy is enforcing. | ||||
| Options | –enforcing enables SELinux with the policy set to enforcing. This is the default setting.–permissive enables SELinux with the policy set to permissive. This allows warnings to output to console of syslog without enforcing the policy.–disabled disables SELinux. | ||||
| Option Name | shutdown | ||||
| Description | Runs the shutdown command on the system after the installation has completed. | ||||
| Options | None | ||||
| Option Name | sshkey | ||||
| Description | This adds an SSH key to the authorized keys files for the specified user. | ||||
| Options | –username is mandatory. It is used with the following syntax: sshkey —username=user KEY | ||||
| Option Name | text | ||||
| Description | When used, the installation runs in text mode. By default, the installer runs the GUI install method. Only one of the text/graphical options can be used. | ||||
| Options | –non-interactive does the install in a non-interactive mode. If a user action is required, the mode will terminate the install. | ||||
| Option Name | url | ||||
| Description | When used, it will use the URL specified for the install files from an ISO. URLs can be formatted for FTP, HTTP, or HTTPS. | ||||
| Options | –url is required. This is the URL used for the source files. An example of the syntax is as follows: http://server/direcort ftp://username:password@server/path –mirrorlist is an optional parameter that sets the mirror URL to install from.–proxy is an optional parameter that sets a proxy to use while performing the install from an HTTP/HTTPS or FTP server.–noverifyssl is an optional parameter that disables SSL verification when using an HTTPS server.–metalink is an optional parameter that sets the ULN/metalink URL to install from. Variable substitution is done for $releasever and $basearch. | ||||
| Option Name | user | ||||
| Description | Creates a new user on the system | ||||
| Options | –name is a required parameter and is the username.–uid is the user’s User ID (UID).–gid the user’s Group ID (GID).–groups is a comma-separated list of group names the user should belong to.–homedir is the home directory for the user.–lock will, if used, lock a new user’s account by default.–password is the password for the new user.–iscrypted, if used, means that the password argument is the encrypted password. You can get this from the /etc/shadow file on a running system.–plaintext, if used, means that the password argument is the plain text password.–shell is the path to the user’s default shell. | ||||
Table 2.1 – Kickstart options