8 files changed, 132 insertions, 0 deletions

diff --git a/builder/files/cleanup.sh b/builder/files/cleanup.sh
new file mode 100644
index 0000000..765b343
--- /dev/null
+++ b/builder/files/cleanup.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+# Do some cleanup..
+rm -f ~root/.bash_history
+#rm -r "$(gem env gemdir)"/doc/*
+yum clean all
+
diff --git a/builder/files/epel-release-6-8.noarch.rpm b/builder/files/epel-release-6-8.noarch.rpm
new file mode 100644
index 0000000..588a577
--- /dev/null
+++ b/builder/files/epel-release-6-8.noarch.rpm
diff --git a/builder/files/network.sh b/builder/files/network.sh
new file mode 100644
index 0000000..404bb9a
--- /dev/null
+++ b/builder/files/network.sh
@@ -0,0 +1,40 @@
+#!/bin/bash
+
+# Disable firewall
+chkconfig iptables off
+chkconfig ip6tables off
+chkconfig sshd on
+
+# Networking setup...
+# Don't fix ethX names to hw address.
+#rm -f /etc/udev/rules.d/*persistent-net.rules
+#rm -f /etc/udev/rules.d/*-net.rules
+rm -rf /var/lib/dhclient/*	# remove any old leases that could be around...
+
+# XXX: unsure if this will help, but we'll try it out:
+# Problem situation: Two interfaces are connected to same network. One interface
+# wants to renew DHCP lease and asks server for address. DHCPACK message from
+# server arrives, client moves to BOUND state. The client performs a check on
+# the suggested address to ensure that the address is not already in use. On
+# arping for specified IP address, other interface replies and that's why
+# dhclient-script replies with DHCPDECLINE message. (See RFC2131, 4.4.1.).
+# Solution: Set sysctl to reply only if the target IP address is local address
+# configured on the incoming interface. (See kernel documentation
+# Documentation/networking/ip-sysctl.txt)
+set_sysctl() {
+	grep "$1" /etc/sysctl.conf > /dev/null
+	[ $? -eq 0 ] && sed -i '/'$1'/d' /etc/sysctl.conf
+	echo "$1 = $2" >> /etc/sysctl.conf
+}
+set_sysctl 'net.ipv4.conf.all.arp_ignore' 1
+set_sysctl 'net.ipv4.conf.all.arp_announce' 2
+set_sysctl 'net.ipv4.conf.all.rp_filter' 3
+
+# Interface eth0 should get IP address via dhcp.
+#cat > /etc/sysconfig/network-scripts/ifcfg-eth0 << EOF
+#DEVICE="eth0"
+#BOOTPROTO="dhcp"
+#ONBOOT="yes"
+#NM_CONTROLLED="no"
+#EOF
+
diff --git a/builder/files/password b/builder/files/password
new file mode 100644
index 0000000..d6a9762
--- /dev/null
+++ b/builder/files/password
@@ -0,0 +1 @@
+vagrant
diff --git a/builder/files/puppetlabs-release-el-6.noarch.rpm b/builder/files/puppetlabs-release-el-6.noarch.rpm
new file mode 100644
index 0000000..0e99d19
--- /dev/null
+++ b/builder/files/puppetlabs-release-el-6.noarch.rpm
diff --git a/builder/files/selinux b/builder/files/selinux
new file mode 100644
index 0000000..8237483
--- /dev/null
+++ b/builder/files/selinux
@@ -0,0 +1,10 @@
+# This file controls the state of SELinux on the system.
+# SELINUX= can take one of these three values:
+#	enforcing - SELinux security policy is enforced.
+#	permissive - SELinux prints warnings instead of enforcing.
+#	disabled - SELinux is fully disabled.
+SELINUX=disabled
+# SELINUXTYPE= type of policy in use. Possible values are:
+#	targeted - Only targeted network daemons are protected.
+#	strict - Full SELinux protection.
+SELINUXTYPE=targeted
diff --git a/builder/files/ssh.sh b/builder/files/ssh.sh
new file mode 100644
index 0000000..b2b4366
--- /dev/null
+++ b/builder/files/ssh.sh
@@ -0,0 +1,58 @@
+#!/bin/bash
+
+# SSH setup
+# Add Vagrant ssh key for root and vagrant accouts.
+sed -i 's/.*UseDNS.*/UseDNS no/' /etc/ssh/sshd_config
+
+[ -d ~root/.ssh ] || mkdir ~root/.ssh
+chmod 700 ~root/.ssh
+cat > ~root/.ssh/authorized_keys << EOF
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
+EOF
+chmod 600 ~root/.ssh/authorized_keys
+
+# allow interhost communication
+cat > ~root/.ssh/id_rsa << EOF
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzI
+w+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoP
+kcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2
+hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NO
+Td0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcW
+yLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQIBIwKCAQEA4iqWPJXtzZA68mKd
+ELs4jJsdyky+ewdZeNds5tjcnHU5zUYE25K+ffJED9qUWICcLZDc81TGWjHyAqD1
+Bw7XpgUwFgeUJwUlzQurAv+/ySnxiwuaGJfhFM1CaQHzfXphgVml+fZUvnJUTvzf
+TK2Lg6EdbUE9TarUlBf/xPfuEhMSlIE5keb/Zz3/LUlRg8yDqz5w+QWVJ4utnKnK
+iqwZN0mwpwU7YSyJhlT4YV1F3n4YjLswM5wJs2oqm0jssQu/BT0tyEXNDYBLEF4A
+sClaWuSJ2kjq7KhrrYXzagqhnSei9ODYFShJu8UWVec3Ihb5ZXlzO6vdNQ1J9Xsf
+4m+2ywKBgQD6qFxx/Rv9CNN96l/4rb14HKirC2o/orApiHmHDsURs5rUKDx0f9iP
+cXN7S1uePXuJRK/5hsubaOCx3Owd2u9gD6Oq0CsMkE4CUSiJcYrMANtx54cGH7Rk
+EjFZxK8xAv1ldELEyxrFqkbE4BKd8QOt414qjvTGyAK+OLD3M2QdCQKBgQDtx8pN
+CAxR7yhHbIWT1AH66+XWN8bXq7l3RO/ukeaci98JfkbkxURZhtxV/HHuvUhnPLdX
+3TwygPBYZFNo4pzVEhzWoTtnEtrFueKxyc3+LjZpuo+mBlQ6ORtfgkr9gBVphXZG
+YEzkCD3lVdl8L4cw9BVpKrJCs1c5taGjDgdInQKBgHm/fVvv96bJxc9x1tffXAcj
+3OVdUN0UgXNCSaf/3A/phbeBQe9xS+3mpc4r6qvx+iy69mNBeNZ0xOitIjpjBo2+
+dBEjSBwLk5q5tJqHmy/jKMJL4n9ROlx93XS+njxgibTvU6Fp9w+NOFD/HvxB3Tcz
+6+jJF85D5BNAG3DBMKBjAoGBAOAxZvgsKN+JuENXsST7F89Tck2iTcQIT8g5rwWC
+P9Vt74yboe2kDT531w8+egz7nAmRBKNM751U/95P9t88EDacDI/Z2OwnuFQHCPDF
+llYOUI+SpLJ6/vURRbHSnnn8a/XG+nzedGH5JGqEJNQsz+xT2axM0/W/CRknmGaJ
+kda/AoGANWrLCz708y7VYgAtW2Uf1DPOIYMdvo6fxIB5i9ZfISgcJ/bbCUkFrhoH
++vq/5CIWxCPp0f85R4qxxQ5ihxJ0YDQT9Jpx4TMss4PSavPaBH3RXow5Ohe+bYoQ
+NE5OgEXk2wVfZczCZpigBKbKZHNYcelXtTt/nP3rsCuGcM4h53s=
+-----END RSA PRIVATE KEY-----
+EOF
+chmod 600 ~root/.ssh/id_rsa
+
+cat > ~root/.ssh/id_rsa.pub << EOF
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
+EOF
+
+# vagrant user ssh
+[ -d ~vagrant/.ssh ] || mkdir ~vagrant/.ssh
+chmod 700 ~vagrant/.ssh
+cat > ~vagrant/.ssh/authorized_keys << EOF
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key
+EOF
+chmod 600 ~vagrant/.ssh/authorized_keys
+chown -R vagrant:vagrant ~vagrant/.ssh/
+
diff --git a/builder/files/user.sh b/builder/files/user.sh
new file mode 100644
index 0000000..224a058
--- /dev/null
+++ b/builder/files/user.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+echo 'vagrant' | passwd --stdin root
+grep 'vagrant' /etc/passwd > /dev/null
+if [ $? -ne 0 ]; then
+	echo '* Creating user vagrant.'
+	useradd vagrant
+	echo 'vagrant' | passwd --stdin vagrant
+fi
+grep '^admin:' /etc/group > /dev/null || groupadd admin
+usermod -G admin vagrant
+
+#echo 'Defaults    env_keep += "SSH_AUTH_SOCK"' >> /etc/sudoers
+echo '%admin ALL=NOPASSWD: ALL' >> /etc/sudoers
+sed -i 's/Defaults\s*requiretty/Defaults !requiretty/' /etc/sudoers
+