3 # vim: ts=4 sw=4 sts=4 et tw=72 :
5 # force any errors to cause the script and job to end in failure
9 # Handle the occurance where SELINUX is actually disabled
10 SELINUX=$(grep -E '^SELINUX=(disabled|permissive|enforcing)$' /etc/selinux/config)
11 MODE=$(echo "$SELINUX" | cut -f 2 -d '=')
14 echo "************************************"
15 echo "** SYSTEM ENTERING ENFORCING MODE **"
16 echo "************************************"
17 # make sure that the filesystem is properly labelled.
18 # it could be not fully labeled correctly if it was just switched
19 # from disabled, the autorelabel misses some things
20 # skip relabelling on /dev as it will generally throw errors
21 restorecon -R -e /dev /
23 # enable enforcing mode from the very start
26 # configure system for enforcing mode on next boot
27 sed -i 's/SELINUX=permissive/SELINUX=enforcing/' /etc/selinux/config
30 sed -i 's/SELINUX=disabled/SELINUX=permissive/' /etc/selinux/config
33 echo "*******************************************"
34 echo "** SYSTEM REQUIRES A RESTART FOR SELINUX **"
35 echo "*******************************************"
38 echo "*********************************"
39 echo "** SYSTEM IS IN ENFORCING MODE **"
40 echo "*********************************"
44 # Allow jenkins access to alternatives command to switch java version
45 cat <<EOF >/etc/sudoers.d/89-jenkins-user-defaults
46 Defaults:jenkins !requiretty
47 jenkins ALL = NOPASSWD: /usr/sbin/alternatives
50 echo "---> Updating operating system"
52 yum install -y deltarpm
55 # add in components we need or want on systems
56 echo "---> Installing base packages"
57 yum install -y @base https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
58 # separate group installs from package installs since a non-existing
59 # group with dnf based systems (F21+) will fail the install if such
60 # a group does not exist
61 yum install -y unzip xz puppet git git-review perl-XML-XPath
63 # All of our systems require Java (because of Jenkins)
64 # Install all versions of the OpenJDK devel but force 1.7.0 to be the
67 echo "---> Configuring OpenJDK"
68 yum install -y 'java-*-openjdk-devel'
70 FACTER_OS=$(/usr/bin/facter operatingsystem)
71 FACTER_OSVER=$(/usr/bin/facter operatingsystemrelease)
74 if [ "$FACTER_OSVER" -ge "21" ]
76 echo "---> not modifying java alternatives as OpenJDK 1.7.0 does not exist"
78 alternatives --set java /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java
79 alternatives --set java_sdk_openjdk /usr/lib/jvm/java-1.7.0-openjdk.x86_64
83 alternatives --set java /usr/lib/jvm/jre-1.7.0-openjdk.x86_64/bin/java
84 alternatives --set java_sdk_openjdk /usr/lib/jvm/java-1.7.0-openjdk.x86_64
88 # Needed to parse OpenStack commands used by opendaylight-infra stack commands
89 # to initialize Heat template based systems.
92 # install haveged to avoid low entropy rejecting ssh connections
93 yum install -y haveged
94 systemctl enable haveged.service
99 # Ignore SELinux since slamming that onto Ubuntu leads to
102 # Allow jenkins access to update-alternatives command to switch java version
103 cat <<EOF >/etc/sudoers.d/89-jenkins-user-defaults
104 Defaults:jenkins !requiretty
105 jenkins ALL = NOPASSWD: /usr/bin/update-alternatives
108 export DEBIAN_FRONTEND=noninteractive
109 cat <<EOF >> /etc/apt/apt.conf
113 allow-change-held-packages "true";
114 allow-downgrades "true";
115 allow-remove-essential "true";
126 echo "---> Updating operating system"
130 # add in stuff we know we need
131 echo "---> Installing base packages"
132 apt-get install unzip xz-utils puppet git git-review libxml-xpath-perl
135 echo "---> Configuring OpenJDK"
136 apt-get install openjdk-7-jdk
138 # make jdk8 available
139 add-apt-repository -y ppa:openjdk-r/ppa
141 # We need to force openjdk-8-jdk to install
142 apt-get install openjdk-8-jdk
144 # make sure that we still default to openjdk 7
145 update-alternatives --set java /usr/lib/jvm/java-7-openjdk-amd64/jre/bin/java
146 update-alternatives --set javac /usr/lib/jvm/java-7-openjdk-amd64/bin/javac
148 # Needed to parse OpenStack commands used by opendaylight-infra stack commands
149 # to initialize Heat template based systems.
152 # install haveged to avoid low entropy rejecting ssh connections
153 apt-get install haveged
154 update-rc.d haveged defaults
156 # disable unattended upgrades & daily updates
157 echo '---> Disabling automatic daily upgrades'
158 sed -ine 's/"1"/"0"/g' /etc/apt/apt.conf.d/10periodic
159 echo 'APT::Periodic::Unattended-Upgrade "0";' >> /etc/apt/apt.conf.d/10periodic
163 # To handle the prompt style that is expected all over the environment
164 # with how use use robotframework we need to make sure that it is
165 # consistent for any of the users that are created during dynamic spin
167 echo 'PS1="[\u@\h \W]> "' >> /etc/skel/.bashrc
169 # Do any Distro specific installations here
170 echo "Checking distribution"
171 FACTER_OS=$(/usr/bin/facter operatingsystem)
174 if [ "$(/usr/bin/facter operatingsystemrelease | /bin/cut -d '.' -f1)" = "7" ]; then
177 echo "No extra steps currently for CentOS 7"
181 echo "Installing ODL YUM repo"
182 yum install -y https://nexus.opendaylight.org/content/repositories/opendaylight-yum-epel-6-x86_64/rpm/opendaylight-release/0.1.0-1.el6.noarch/opendaylight-release-0.1.0-1.el6.noarch.rpm
186 echo "---> $FACTER_OS found"
187 echo "No extra steps for $FACTER_OS"
192 echo "---> Attempting to detect OS"
193 # upstream cloud images use the distro name as the initial user
194 ORIGIN=$(if [ -e /etc/redhat-release ]
203 fedora|centos|redhat)
204 echo "---> RH type system detected"
208 echo "---> Ubuntu system detected"
212 echo "---> Unknown operating system"
216 # execute steps for all systems