Skip to content

Instantly share code, notes, and snippets.

@markcaudill

markcaudill/centos8-sysprep.sh

Created November 23, 2021 15:42
Show Gist options
  • Save markcaudill/d47ad5331b55fcbe55529fd30965c257 to your computer and use it in GitHub Desktop.
Save markcaudill/d47ad5331b55fcbe55529fd30965c257 to your computer and use it in GitHub Desktop.
Download ZIP
An approximation of virt-sysprep
Raw
centos8-sysprep.sh
#!/bin/bash
systemctl stop rsyslog
# Cleanup (approximating the defaults of https://libguestfs.org/virt-sysprep.1.html#operations)
# Remove the crash data generated by ABRT
rm -rfv /var/spool/abrt/*
# Remove editor backup files from the guest
find /etc /root /srv /tmp /var -name "*.bak" -delete -print 2>/dev/null
find /etc /root /srv /tmp /var -name "*~" -delete -print 2>/dev/null
# Remove the bash history in the guest
find /root /home -name ".bash_history" -delete -print 2>/dev/null
# Remove blkid tab in the guest
rm -rfv /var/run/blkid.tab /var/run/blkid.tab.old \
/etc/blkid/blkid.tab /etc/blkid/blkid.tab.old \
/etc/blkid.tab /etc/blkid.tab.old \
/dev/.blkid.tab /dev/.blkid.tab.old
# Remove the crash data generated by kexec-tools
rm -rfv /var/crash/* /var/log/dump/*
# Remove user at-jobs and cron-jobs
find /var/spool/cron -type f -delete -print 2>/dev/null
test -f /var/spool/cron/atjobs/.SEQ && true > /var/spool/cron/atjobs/.SEQ
rm -fv /var/spool/atjobs/*
test -f /var/spool/atjobs/.SEQ && true > /var/spool/atjobs/.SEQ
rm -fv /var/spool/atspool/*
find /var/spool/at -type f -delete -print 2>/dev/null
test -f /var/spool/at/.SEQ && true > /var/spool/at/.SEQ
# Remove DHCP client leases
rm -rfv /var/lib/dhclient/* /var/lib/dhcp/*
# Remove DHCP server leases
rm -rfv /var/lib/dhcpd/*
# Remove Dovecot (mail server) data
rm -rfv /var/lib/dovecot/*
# Remove many log files from the guest
rm -rfv \
/var/log/*.log* \
/var/log/audit/* \
/var/log/btmp* \
/var/log/cron* \
/var/log/dmesg* \
/var/log/lastlog* \
/var/log/maillog* \
/var/log/mail/* \
/var/log/messages* \
/var/log/secure* \
/var/log/spooler* \
/var/log/tallylog* \
/var/log/wtmp* \
/var/log/apache2/*_log \
/var/log/apache2/*_log-* \
/var/log/ntp \
/var/log/tuned/tuned.log \
/var/log/debug* \
/var/log/syslog* \
/var/log/faillog* \
/var/log/firewalld* \
/var/log/grubby* \
/var/log/xferlog* \
/var/log/BackupPC/LOG \
/var/log/ceph/*.log \
/var/log/chrony/*.log \
/var/log/cups/*_log* \
/var/log/glusterfs/*glusterd.vol.log \
/var/log/glusterfs/glusterfs.log \
/var/log/httpd/*log \
/var/log/jetty/jetty-console.log \
/var/log/libvirt/libxl/*.log \
/var/log/libvirt/libvirtd.log \
/var/log/libvirt/lxc/*.log \
/var/log/libvirt/qemu/*.log \
/var/log/libvirt/uml/*.log \
/var/named/data/named.run \
/var/log/ppp/connect-errors \
/var/log/setroubleshoot/*.log \
/var/log/squid/*.log \
/var/lib/logrotate.status \
/root/install.log \
/root/install.log.syslog \
/root/anaconda-ks.cfg \
/root/anaconda-post.log \
/root/initial-setup-ks.cfg \
/root/original-ks.cfg \
/var/log/anaconda.syslog \
/var/log/anaconda/* \
/var/log/installer/* \
/var/cache/gdm/* \
/var/lib/AccountService/users/* \
/var/lib/fprint/* \
/var/cache/fontconfig/* \
/var/cache/man/* \
/var/log/sa/* \
/var/log/gdm/* \
/var/log/lightdm/* \
/var/log/ntpstats/* \
/etc/Pegasus/*.cnf \
/etc/Pegasus/*.crt \
/etc/Pegasus/*.csr \
/etc/Pegasus/*.pem \
/etc/Pegasus/*.srl \
/var/log/rhsm/* \
/var/log/journal/* \
/var/log/aptitude* \
/var/log/apt/* \
/var/log/exim4/* \
/var/log/ConsoleKit/*
# Change LVM2 PV and VG UUIDs
# TODO
# Remove the local machine ID
find /etc/machine-id /var/lib/dbus/machine-id -type f -exec truncate -s 0 {} \; -print 2>/dev/null
# Remove email from the local mail spool directory
rm -rfv /var/spool/mail/* /var/mail/*
# Remove HOSTNAME and DHCP_HOSTNAME in network interface configuration
sed -i '/^(HOSTNAME=|DHCP_HOSTNAME=)/d' /etc/sysconfig/network-scripts/ifcfg-*
# Remove HWADDR (hard-coded MAC address) configuration
sed -i '/^HWADDR=/d' /etc/sysconfig/network-scripts/ifcfg-*
# Remove the process accounting log files
rm -rfv /var/account/pacct*
touch /var/account/pacct 2>/dev/null
# Remove package manager cache
find /var/cache/yum/ /var/cache/dnf/ -type f -delete -print 2>/dev/null
# Remove the PAM data in the guest
rm -fv /var/run/console/* /var/run/faillock/* /var/run/sepermit/*
# Remove /etc/passwd- and similar backup files
rm -fv /etc/group- /etc/gshadow- /etc/passwd- /etc/shadow- /etc/subuid- /etc/subgid-
# Remove the data and log files of puppet
rm -fv /var/log/puppet/* /var/lib/puppet/*/* /var/lib/puppet/*/*/*
# Remove the RH subscription manager files
rm -rfv /etc/pki/consumer/* /etc/pki/entitlement/*
# Remove the RHN system ID
rm -fv /etc/sysconfig/rhn/systemid /etc/sysconfig/rhn/osad-auth.conf
# Remove host-specific RPM database files
rm -fv /var/lib/rpm/__db.*
# Remove the database and log files of Samba
rm -fv /var/log/samba/old/* /var/log/samba/* /var/lib/samba/*/* /var/lib/samba/*
# Remove the Smolt hardware UUID
rm -fv /etc/sysconfig/hw-uuid /etc/smolt/uuid /etc/smolt/hw-uuid
# Remove the SSH host keys in the guest
rm -fv /etc/ssh/*_host_*
# Remove ".ssh" directories in the guest
rm -rfv /home/*/.ssh /root/.ssh
# Remove the database and log files of sssd
rm -fv /var/log/sssd/* /var/lib/sss/db/*
# Remove temporary files
rm -rfv /tmp/* /var/tmp/*
# Remove udev persistent net rules
rm -fv /etc/udev/rules.d/70-persistent-net.rules
# Remove the utmp file
rm -fv /var/run/utmp
# Remove the yum UUID
rm -fv /var/lib/yum/uuid
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment