/etc/crypttab
/etc/fstab
Note
auth
or authconfig
(required) authconfig
command, which can be run after the install. By default, passwords are normally encrypted and are not shadowed.
--enablenis
— Turns on NIS support. By default, --enablenis
uses whatever domain it finds on the network. A domain should almost always be set by hand with the --nisdomain=
option.
--nisdomain=
— NIS domain name to use for NIS services.
--nisserver=
— Server to use for NIS services (broadcasts by default).
--useshadow
or --enableshadow
— Use shadow passwords.
--enableldap
— Turns on LDAP support in /etc/nsswitch.conf
, allowing your system to retrieve information about users (for example, their UIDs, home directories, and shells) from an LDAP directory. To use this option, you must install the nss-pam-ldapd
package. You must also specify a server and a base DN (distinguished name) with --ldapserver=
and --ldapbasedn=
.
--enableldapauth
— Use LDAP as an authentication method. This enables the pam_ldap
module for authentication and changing passwords, using an LDAP directory. To use this option, you must have the nss-pam-ldapd
package installed. You must also specify a server and a base DN with --ldapserver=
and --ldapbasedn=
. If your environment does not use TLS (Transport Layer Security), use the --disableldaptls
switch to ensure that the resulting configuration file works.
--ldapserver=
— If you specified either --enableldap
or --enableldapauth
, use this option to specify the name of the LDAP server to use. This option is set in the /etc/ldap.conf
file.
--ldapbasedn=
— If you specified either --enableldap
or --enableldapauth
, use this option to specify the DN in your LDAP directory tree under which user information is stored. This option is set in the /etc/ldap.conf
file.
--enableldaptls
— Use TLS (Transport Layer Security) lookups. This option allows LDAP to send encrypted usernames and passwords to an LDAP server before authentication.
--disableldaptls
— Do not use TLS (Transport Layer Security) lookups in an environment that uses LDAP for authentication.
--enablekrb5
— Use Kerberos 5 for authenticating users. Kerberos itself does not know about home directories, UIDs, or shells. If you enable Kerberos, you must make users' accounts known to this workstation by enabling LDAP, NIS, or Hesiod or by using the /usr/sbin/useradd
command. If you use this option, you must have the pam_krb5
package installed.
--krb5realm=
— The Kerberos 5 realm to which your workstation belongs.
--krb5kdc=
— The KDC (or KDCs) that serve requests for the realm. If you have multiple KDCs in your realm, separate their names with commas (,).
--krb5adminserver=
— The KDC in your realm that is also running kadmind. This server handles password changing and other administrative requests. This server must be run on the master KDC if you have more than one KDC.
--enablehesiod
— Enable Hesiod support for looking up user home directories, UIDs, and shells. More information on setting up and using Hesiod on your network is in /usr/share/doc/glibc/README.hesiod
, which is included in the glibc
package. Hesiod is an extension of DNS that uses DNS records to store information about users, groups, and various other items.
--hesiodlhs
and --hesiodrhs
— The Hesiod
LHS (left-hand side) and RHS (right-hand side) values, set in /etc/hesiod.conf
. The Hesiod
library uses these values to search DNS for a name, similar to the way that LDAP uses a base DN.
jim
, the Hesiod library looks up jim.passwd<LHS><RHS>
, which should resolve to a TXT record that contains a string identical to an entry for that user in the passwd
file: jim:*:501:501:Jungle Jim:/home/jim:/bin/bash
. To look up groups, the Hesiod library looks up jim.group<LHS><RHS>
instead.
501.uid
a CNAME for jim.passwd
, and 501.gid
a CNAME for jim.group
. Note that the library does not place a period (.
) in front of the LHS and RHS values when performing a search. Therefore, if the LHS and RHS values need to have a period placed in front of them, you must include the period in the values you set for --hesiodlhs
and --hesiodrhs
.
--enablesmbauth
— Enables authentication of users against an SMB server (typically a Samba or Windows server). SMB authentication support does not know about home directories, UIDs, or shells. If you enable SMB, you must make users' accounts known to the workstation by enabling LDAP, NIS, or Hesiod or by using the /usr/sbin/useradd
command.
--smbservers=
— The name of the servers to use for SMB authentication. To specify more than one server, separate the names with commas (,).
--smbworkgroup=
— The name of the workgroup for the SMB servers.
--enablecache
— Enables the nscd
service. The nscd
service caches information about users, groups, and various other types of information. Caching is especially helpful if you choose to distribute information about users and groups over your network using NIS, LDAP, or Hesiod.
--passalgo=
— specify sha256
to set up the SHA-256 hashing algorithm or sha512
to set up the SHA-512 hashing algorithm.
autopart
(optional) /
) partition (1 GB or bigger), a /swap
partition, and an appropriate /boot
partition for the architecture. On large enough drives, this also creates a /home
partition.
Note
autopart
option cannot be used together with the part/partition
, raid
, logvol
, or volgroup
options in the same kickstart file.
--encrypted
— Should all devices with support be encrypted by default? This is equivalent to checking the Encrypt checkbox on the initial partitioning screen.
--cipher=
— Specifies which type of encryption will be used if the anaconda default aes-xts-plain64 is not satisfactory. You must use this option together with the --encrypted
option; by itself it has no effect. Available types of encryption are listed in the Red Hat Enterprise Linux Security Guide, but Red Hat strongly recommends using either aes-xts-plain64 or aes-cbc-essiv:sha256.
--passphrase=
— Provide a default system-wide passphrase for all encrypted devices.
--escrowcert=URL_of_X.509_certificate
— Store data encryption keys of all encrypted volumes as files in /root
, encrypted using the X.509 certificate from the URL specified with URL_of_X.509_certificate. The keys are stored as a separate file for each encrypted volume. This option is only meaningful if --encrypted
is specified.
--backuppassphrase=
— Add a randomly-generated passphrase to each encrypted volume. Store these passphrases in separate files in /root
, encrypted using the X.509 certificate specified with --escrowcert
. This option is only meaningful if --escrowcert
is specified.
--type=
— Select one of the predefined automatic partitioning scheme you want to use. Accepts the following values:
lvm
: The LVM partitioning scheme.
btrfs
: The BTRFS partitioning scheme.
thinp
: The LVM Thin Provisioning partitioning scheme.
plain
: Regular partitions with no LVM or BTRFS.
--nolvm
— Do not use LVM or BTRFS for automatic partitioning. This option is equal to --type=plain
.
autostep
(optional) --autoscreenshot
— Take a screenshot at every step during installation and copy the images over to /root/anaconda-screenshots
after installation is complete. This is most useful for documentation.
bootloader
(required)Important
--append=
— Specifies kernel parameters. To specify multiple parameters, separate them with spaces. For example:
bootloader --location=mbr --append="hdd=ide-scsi ide=nodma"
--driveorder
— Specify which drive is first in the BIOS boot order. For example:
bootloader --driveorder=sda,hda
--boot-drive=
— Specifies which drive the bootloader is installed to.
--location=
— Specifies where the boot record is written. Valid values are the following: mbr
(the default), partition
(installs the boot loader on the first sector of the partition containing the kernel), or none
(do not install the boot loader).
--leavebootorder=
— Boot the drives in their existing order, to override the default of booting into the newly installed drive on Power Systems servers and EFI systems. This is useful for systems that, for example, should network boot first before falling back to a local boot.
--md5pass=
— If using GRUB, similar to --password=
except the password should already be encrypted.
--password=
— If using GRUB, sets the GRUB boot loader password to the one specified with this option. This should be used to restrict access to the GRUB shell, where arbitrary kernel options can be passed.
--timeout=
— Specify the number of seconds before the bootloader times out and boots the default option. Specifying 0 will tell GRUB not to display these menus.
--upgrade
— Upgrade the existing boot loader configuration, preserving the old entries. This option is only available for upgrades.
--extlinux
— install and use the extlinux bootloader.
btrfs
(optional) btrfs <mntpoint> --data=<level> --metadata=<level> --label=<label> <partitions>
btrfs <mntpoint> --subvol --name=<path> <parent>
--data=
— RAID level to use for filesystem data (such as 0, 1, or 10).
--metadata=
— RAID level to use for filesystem/volume metadata (such as 0, 1, or 10).
--label=
— Specify a label for the BTRFS filesystem.
--noformat
— Use an existing BTRFS volume and do not reformat the filesystem.
clearpart
(optional) Note
clearpart
command is used, then the --onpart
command cannot be used on a logical partition.
--all
— Erases all partitions from the system.
--drives=
— Specifies which drives to clear partitions from. For example, the following clears all the partitions on the first two drives on the primary IDE controller:
clearpart --drives=hda,hdb --all
disk/by-id/dm-uuid-mpath-WWID
, where WWID is the world-wide identifier for the device. For example, to clear a disk with WWID 2416CD96995134CA5D787F00A5AA11017
, use:
clearpart --drives=disk/by-id/dm-uuid-mpath-2416CD96995134CA5D787F00A5AA11017
dm-uuid-mpath
. Instead, to clear a multipath device that uses LVM, use the format disk/by-id/scsi-WWID
, where WWID is the world-wide identifier for the device. For example, to clear a disk with WWID 58095BEC5510947BE8C0360F604351918
, use:
clearpart --drives=disk/by-id/scsi-58095BEC5510947BE8C0360F604351918
Warning — Never specify multipath devices by device names like mpatha
mpatha
are not specific to a particular disk. The disk named /dev/mpatha
during installation might not be the one that you expect it to be. Therefore, the clearpart
command could target the wrong disk.
--list=
— Specifies individual partitions to be removed. For example, the following removes the first partition on the hda
drive and the second partition on the hdb
drive:
clearpart --list=hda1,hdb2
--initlabel
— Initializes the disk label to the default for your architecture (for example msdos
for x86). It is useful so that the installation program does not ask if it should initialize the disk label if installing to a brand new hard drive.
--linux
— Erases all Linux partitions.
--none
(default) — Do not remove any partitions.
cmdline
(optional) device
(optional) device
command, which tells the installation program to install extra modules, is in this format:
device <moduleName> --opts=<options>
--opts=
— Mount options to use for mounting the NFS export. Any options that can be specified in /etc/fstab
for an NFS mount are allowed. The options are listed in the nfs(5)
man page. Multiple options are separated with a comma.
driverdisk
(optional) driverdisk
command to tell the installation program where to look for the driver disk.
driverdisk <partition> --source=<url> --biospart=<biospart> [--type=<fstype>]
driverdisk --source=ftp://path/to/dd.img driverdisk --source=http://path/to/dd.img driverdisk --source=nfs:host:/path/to/img
nfs:host:/path/to/img
.
82p2
).
--type=
— File system type (for example, vfat or ext2).
firewall
(optional) firewall --enabled|--disabled [--trust=] <device> [--port=]
--enabled
or --enable
— Reject incoming connections that are not in response to outbound requests, such as DNS replies or DHCP requests. If access to services running on this machine is needed, you can choose to allow specific services through the firewall.
--disabled
or --disable
— Do not configure any iptables rules.
--trust=
— Listing a device here, such as eth0, allows all traffic coming from that device to go through the firewall. To list more than one device, use --trust eth0 --trust eth1
. Do NOT use a comma-separated format such as --trust eth0, eth1
.
--ssh
--smtp
--http
--ftp
--port=
— You can specify that ports be allowed through the firewall using the port:protocol format. For example, to allow IMAP access through your firewall, specify imap:tcp
. Numeric ports can also be specified explicitly; for example, to allow UDP packets on port 1234 through, specify 1234:udp
. To specify multiple ports, separate them by commas.
graphical
(optional) halt
(optional) halt
option is equivalent to the shutdown -h
command.
poweroff
, reboot
, and shutdown
kickstart options.
ignoredisk
(optional) ignoredisk
, attempting to deploy on a SAN-cluster the kickstart would fail, as the installer detects passive paths to the SAN that return no partition table.
ignoredisk --drives=drive1,drive2,...
sda
, sdb
,..., hda
,... etc.
disk/by-id/dm-uuid-mpath-WWID
, where WWID is the world-wide identifier for the device. For example, to ignore a disk with WWID 2416CD96995134CA5D787F00A5AA11017
, use:
ignoredisk --drives=disk/by-id/dm-uuid-mpath-2416CD96995134CA5D787F00A5AA11017
dm-uuid-mpath
. Instead, to ignore a multipath device that uses LVM, use the format disk/by-id/scsi-WWID
, where WWID is the world-wide identifier for the device. For example, to ignore a disk with WWID 58095BEC5510947BE8C0360F604351918
, use:
ignoredisk --drives=disk/by-id/scsi-58095BEC5510947BE8C0360F604351918
Warning — Never specify multipath devices by device names like mpatha
mpatha
are not specific to a particular disk. The disk named /dev/mpatha
during installation might not be the one that you expect it to be. Therefore, the ignoredisk
command could target the wrong disk.
--only-use
— specifies a list of disks for the installer to use. All other disks are ignored. For example, to use disk sda
during installation and ignore all other disks:
ignoredisk --only-use=sda
ignoredisk --only-use=disk/by-id/dm-uuid-mpath-2416CD96995134CA5D787F00A5AA11017
ignoredisk --only-use=disk/by-id/scsi-58095BEC5510947BE8C0360F604351918
install
(optional) cdrom
, harddrive
, nfs
, or url
(for FTP or HTTP installations). The install
command and the installation method command must be on separate lines.
cdrom
— Install from the first optical drive on the system.
harddrive
— Install from a Fedora installation tree on a local drive, which must be either vfat or ext2.
--biospart=
--partition=
--dir=
variant
directory of the installation tree.
harddrive --partition=hdb2 --dir=/tmp/install-tree
liveimg
— Install a disk image instead of packages. The image can be the squashfs.img
file from a live image or a bare image from any existing filesystem mountable by the installation media, such as ext4. The image will be downloaded to the target drive after it has been partitioned.
--url=<url>
— specify where the live image should be downloaded from. HTTP, HTTPS, FTP, and local file access are all supported.
--proxy=[protocol://][username[:password]@]host[:port]
— specify a HTTP, HTTPS, or FTP proxy, if desired.
--checksum=
— pass the optional sha256 image checksum before files are copied to the target system.
--noverifyssl
— skip checking the SSL certificate if downloading via HTTPS.
liveimg --url=https://<server>/<dir> [--checksum=sha256] [--noverifyssl]
Important
nfs
— Install from the NFS server specified.
--server=
--dir=
variant
directory of the installation tree.
--opts=
nfs --server=nfsserver.example.com --dir=/tmp/install-tree
url
— Install from an installation tree on a remote server via FTP or HTTP.
url --url http://<server>/<dir>
url --url ftp://<username>:<password>@<server>/<dir>
iscsi
(optional)iscsi
parameter, you must also assign a name to the iSCSI node, using the iscsiname
parameter earlier in the kickstart file.
iscsi
parameter. Anaconda automatically detects and uses disks configured in BIOS or firmware and no special configuration is necessary in the kickstart file.
iscsi
parameter, ensure that networking is activated at the beginning of the installation, and that the iscsi
parameter appears in the kickstart file before you refer to iSCSI disks with parameters such as clearpart
or ignoredisk
.
--port=
(mandatory) — the port number (typically, --port=3260
)
--user=
— the username required to authenticate with the target
--password=
— the password that corresponds with the username specified for the target
--reverse-user=
— the username required to authenticate with the initiator from a target that uses reverse CHAP authentication
--reverse-password=
— the password that corresponds with the username specified for the initiator
iscsiname
(optional) iscsi
parameter in your kickstart file, you must specify iscsiname
earlier in the kickstart file.
keyboard
(required) keyboard --vckeymap=<keymap>|--xlayouts=<layout1>,...,<layoutN>|<layout> [--switch=<option1>,...<optionN>]
--vckeymap=<keymap>
— specify a VConsole keymap to serve as the keyboard layout. Available keymap names are listed in /usr/lib/kbd/keymaps/architecture
with the .map.gz
extension removed.
--xlayouts=
— specify a list of X layouts as a comma-separated list with no spaces. Layouts come in one of the following formats: layout and 'layout (variant)'. For example:
keyboard --xlayouts=cz,'cz (qwerty)'
<layout>
— an earlier format for specifying the keyboard layout. This format is still supported and accepts both VConsole keymap names and X layouts.
--switch=
— specify keyboard shortcuts for switching between layouts. The list should be comma-separated with no spaces. Refer to https://fedoraproject.org/wiki/Anaconda/Kickstart for the available options.
lang
(required) lang en_US
/usr/share/system-config-language/locale-list
provides a list of the valid language codes in the first column of each line and is part of the system-config-language
package.
lang
command, the installation process continues in English, but the installed system uses your selection as its default language.
--addsupport
— Set additional languages to be supported on the installed system.
langsupport
(deprecated) %packages
section of your kickstart file. For instance, adding support for French means you should add the following to %packages
:
@french-support
logvol
(optional) logvol <mntpoint> --vgname=<name> --size=<size> --name=<name> <options>
--noformat
— Use an existing logical volume and do not format it.
--useexisting
— Use an existing logical volume and reformat it.
--fstype=
— Sets the file system type for the logical volume. Valid values are xfs
, ext2
, ext3
, ext4
, swap
, vfat
, and hfs
.
--fsoptions=
— Specifies a free form string of options to be used when mounting the filesystem. This string will be copied into the /etc/fstab
file of the installed system and should be enclosed in quotes.
--grow=
— Tells the logical volume to grow to fill available space (if any), or up to the maximum size setting.
--maxsize=
— The maximum size in megabytes when the logical volume is set to grow. Specify an integer value here such as 500
(do not include the unit).
--recommended=
— Determine the size of the logical volume automatically.
--percent=
— Specify the amount by which to grow the logical volume, as a percentage of the free space in the volume group after any statically-sized logical volumes are taken into account. This option must be used in conjunction with the --size
and --grow
options for logvol
.
--encrypted
— Specifies that this logical volume should be encrypted, using the passphrase provided in the --passphrase
option. If you do not specify a passphrase, anaconda uses the default, system-wide passphrase set with the autopart --passphrase
command, or stops the installation and prompts you to provide a passphrase if no default is set.
--passphrase=
— Specifies the passphrase to use when encrypting this logical volume. You must use this option together with the --encrypted
option; by itself it has no effect.
--escrowcert=URL_of_X.509_certificate
— Store data encryption keys of all encrypted volumes as files in /root
, encrypted using the X.509 certificate from the URL specified with URL_of_X.509_certificate. The keys are stored as a separate file for each encrypted volume. This option is only meaningful if --encrypted
is specified.
--backuppassphrase=
— Add a randomly-generated passphrase to each encrypted volume. Store these passphrases in separate files in /root
, encrypted using the X.509 certificate specified with --escrowcert
. This option is only meaningful if --escrowcert
is specified.
--thinpool=
— Create a thin pool logical volume. (Use a mountpoint of "none")
--metadatasize=size
— Specify the metadata area size (in MiB) for a new thin pool device.
--chunksize=size
— Specify the chunk size (in KiB) for a new thin pool device.
--thin
— Create a thin logical volume. (Requires use of --poolname)
--poolname=name
— Specify the name of the thin pool in which to create a thin logical volume. (Requires --thin)
--resize
— Resize an existing partition. This option must be used in conjunction with the --size=
to specify the new size and --useexisting
.
part pv.01 --size 3000 volgroup myvg pv.01 logvol / --vgname=myvg --size=2000 --name=rootvol
part pv.01 --size 1 --grow volgroup myvg pv.01 logvol / --vgname=myvg --size=1 --name=rootvol --grow --percent=90
logging
(optional) --host=
— Send logging information to the given remote host, which must be running a syslogd process configured to accept remote logging.
--port=
— If the remote syslogd process uses a port other than the default, it may be specified with this option.
--level=
— One of debug, info, warning, error, or critical.
mediacheck
(optional) monitor
(optional) --hsync=
— Specifies the horizontal sync frequency of the monitor.
--monitor=
— Use specified monitor; monitor name should be from the list of monitors in /usr/share/hwdata/MonitorsDB from the hwdata package. The list of monitors can also be found on the X Configuration screen of the Kickstart Configurator. This is ignored if --hsync or --vsync is provided. If no monitor information is provided, the installation program tries to probe for it automatically.
--noprobe=
— Do not try to probe the monitor.
--vsync=
— Specifies the vertical sync frequency of the monitor.
mouse
(deprecated) network
(optional) network
command is activated automatically if network access is required during installation, for example, during a network installation or installation over VNC. You can also explicitly require device to activate in the installer environment with the --activate
option.
How to manually input network settings
network
. Instead, enter your network settings at the boot prompt (refer to Section 15.10, “Starting a Kickstart Installation” for available boot options).
Note
asknetwork
boot option
--activate
— activate this device in the installer environment.
--activate
option on a device that has already been activated (for example, an interface you configured with boot options so that the system could retrieve the kickstart file) the device is reactivated to use the details specified in the kickstart file.
--nodefroute
option to prevent the device from using the default route.
activate
option is new in Fedora 16.
--biosdevname=0
— disables consistent network device naming (refer to Appendix A in the Fedora System Administrators Guide).
--bootproto=
— One of dhcp
, bootp
, ibft
, or static
.
ibft
option is new in Fedora 16.
bootproto
option defaults to dhcp
. bootp
and dhcp
are treated the same.
network --bootproto=dhcp
network --bootproto=bootp
network --bootproto=ibft
network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver=10.0.2.1
network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
--device=
— specifies the device to be configured (and eventually activated) with the network
command. For the first network
command, --device=
defaults (in order of preference) to one of:
ksdevice
boot option
network
command is unspecified if its --device
option is missing. Take care to specify a --device
option for any network command beyond the first.
eth0
00:12:34:56:78:9a
link
, which specifies the first interface with its link in the up
state
bootif
, which uses the MAC address that pxelinux set in the BOOTIF
variable. Set IPAPPEND 2
in your pxelinux.cfg
file to have pxelinux set the BOOTIF
variable.
ibft
, which uses the MAC address of the interface specified by iBFT
network --bootproto=dhcp --device=eth0
--ip=
— IP address of the device.
--ipv6=
— IPv6 address of the device, or auto
to use automatic neighbor discovery, or dhcp
to use DHCPv6.
--gateway=
— Default gateway as a single IPv4 address.
--ipv6gateway=
— Default gateway as a single IPv6 address.
--nameserver=
— Primary nameserver, as an IP address. Multiple nameservers must each be separated by a comma.
--nodefroute
— Prevents the interface being set as the default route. Use this option when you activate additional devices with the --activate=
option, for example, a NIC on a separate subnet for an iSCSI target.
nodefroute
option is new in Fedora 16.
--nodns
— Do not configure any DNS server.
--netmask=
— Network mask of the device.
--hostname=
— Hostname for the installed system.
--ethtool=
— Specifies additional low-level settings for the network device which will be passed to the ethtool program.
--onboot=
— Whether or not to enable the device at boot time.
--dhcpclass=
— The DHCP class.
--mtu=
— The MTU of the device.
--noipv4
— Disable IPv4 on this device.
--noipv6
— Disable IPv6 on this device.
--vlanid
— Specifies virtual LAN ID number (802.1q tag).
part
or partition
(required for installs, ignored for upgrades) Warning
part biosboot --fstype=biosboot --size=1
.
"part biosboot"
option is unnecessary.
Warning
--noformat
and --onpart
are used.
Important
part
in action, refer to Section 15.4.1, “Advanced Partitioning Example”.
/<path>
/
, /usr
, /home
swap
--recommended
option:
swap --recommended
--hibernation
option:
swap --hibernation
--recommended
plus the amount of RAM on your system.
raid.<id>
raid
).
pv.<id>
logvol
).
--size=
— The minimum partition size in megabytes. Specify an integer value here such as 500
(do not include the unit).
Important - --size
value must be high
--size
value is too small, the installation will fail. Set the --size
value as the minimum amount of space you require. For size recommendations, refer to Section 9.14.5, “Recommended Partitioning Scheme”.
--grow
— Tells the partition to grow to fill available space (if any), or up to the maximum size setting.
Note
--grow=
without setting --maxsize=
on a swap partition, Anaconda will limit the maximum size of the swap partition. For systems that have less than 2GB of physical memory, the imposed limit is twice the amount of physical memory. For systems with more than 2GB, the imposed limit is the size of physical memory plus 2GB.
--maxsize=
— The maximum partition size in megabytes when the partition is set to grow. Specify an integer value here such as 500
(do not include the unit).
--resize
— Resize an existing partition. This option must be used in conjunction with the --size=
to specify the new size and --onpart=
to specify the partition.
--noformat
— Specifies that the partition should not be formatted, for use with the --onpart
command.
--onpart=
or --usepart=
— Specifies the device on which to place the partition. For example:
partition /home --onpart=hda1
/home
on /dev/hda1
.
--onpart
option will not create it.
--ondisk=
or --ondrive=
— Forces the partition to be created on a particular disk. For example, --ondisk=sdb
puts the partition on the second SCSI disk on the system.
disk/by-id/dm-uuid-mpath-WWID
, where WWID is the world-wide identifier for the device. For example, to specify a disk with WWID 2416CD96995134CA5D787F00A5AA11017
, use:
part / --fstype=ext3 --grow --asprimary --size=100 --ondisk=disk/by-id/dm-uuid-mpath-2416CD96995134CA5D787F00A5AA11017
dm-uuid-mpath
. Instead, to specify a multipath device that uses LVM, use the format disk/by-id/scsi-WWID
, where WWID is the world-wide identifier for the device. For example, to specify a disk with WWID 58095BEC5510947BE8C0360F604351918
, use:
part / --fstype=ext3 --grow --asprimary --size=100 --ondisk=disk/by-id/scsi-58095BEC5510947BE8C0360F604351918
Warning — Never specify multipath devices by device names like mpatha
mpatha
are not specific to a particular disk. The disk named /dev/mpatha
during installation might not be the one that you expect it to be. Therefore, the part
command could target the wrong disk or partition.
--asprimary
— Forces automatic allocation of the partition as a primary partition, or the partitioning fails.
--type=
(replaced by fstype
) — This option is no longer available. Use fstype
.
--fsoptions
— Specifies a free form string of options to be used when mounting the filesystem. This string will be copied into the /etc/fstab
file of the installed system and should be enclosed in quotes.
--fsprofile
— Specifies a usage type to be passed to the program that makes a filesystem on this partition. A usage type defines a variety of tuning parameters to be used when making a filesystem. For this option to work, the filesystem must support the concept of usage types and there must be a configuration file that lists valid types. For ext2, ext3, and ext4, this configuration file is /etc/mke2fs.conf
.
--fstype=
— Sets the file system type for the partition. Valid values are xfs
, ext2
, ext3
, ext4
, swap
, vfat
, and hfs
.
--recommended
— Determine the size of the partition automatically.
--onbiosdisk
— Forces the partition to be created on a particular disk as discovered by the BIOS.
--encrypted
— Specifies that this partition should be encrypted, using the passphrase provided in the --passphrase
option. If you do not specify a passphrase, anaconda uses the default, system-wide passphrase set with the autopart --passphrase
command, or stops the installation and prompts you to provide a passphrase if no default is set.
--passphrase=
— Specifies the passphrase to use when encrypting this partition. You must use this option together with the --encrypted
option; by itself it has no effect.
--escrowcert=URL_of_X.509_certificate
— Store data encryption keys of all encrypted partitions as files in /root
, encrypted using the X.509 certificate from the URL specified with URL_of_X.509_certificate. The keys are stored as a separate file for each encrypted partition. This option is only meaningful if --encrypted
is specified.
--backuppassphrase=
— Add a randomly-generated passphrase to each encrypted partition. Store these passphrases in separate files in /root
, encrypted using the X.509 certificate specified with --escrowcert
. This option is only meaningful if --escrowcert
is specified.
--label=
— assign a label to an individual partition.
Note
poweroff
(optional) halt
option is used as default.
poweroff
option is equivalent to the shutdown -p
command.
Note
poweroff
option is highly dependent on the system hardware in use. Specifically, certain hardware components such as the BIOS, APM (advanced power management), and ACPI (advanced configuration and power interface) must be able to interact with the system kernel. Contact your manufacturer for more information on you system's APM/ACPI abilities.
halt
, reboot
, and shutdown
kickstart options.
raid
(optional) raid <mntpoint> --level=<level> --device=<mddevice> <partitions*>
/
, the RAID level must be 1 unless a boot partition (/boot
) is present. If a boot partition is present, the /boot
partition must be level 1 and the root (/
) partition can be any of the available types. The <partitions*> (which denotes that multiple partitions can be listed) lists the RAID identifiers to add to the RAID array.
--level=
— RAID level to use (0, 1, or 5).
--device=
— Name of the RAID device to use (such as md0 or md1). RAID devices range from md0 to md15, and each may only be used once.
--spares=
— Specifies the number of spare drives allocated for the RAID array. Spare drives are used to rebuild the array in case of drive failure.
--grow=
— Only supported for RAID0. Tells the RAID device to grow to fill available space (if any), or up to the maximum size setting.
--fsprofile
— Specifies a usage type to be passed to the program that makes a filesystem on this partition. A usage type defines a variety of tuning parameters to be used when making a filesystem. For this option to work, the filesystem must support the concept of usage types and there must be a configuration file that lists valid types. For ext2, ext3, and ext4, this configuration file is /etc/mke2fs.conf
.
--fstype=
— Sets the file system type for the RAID array. Valid values are xfs
, ext2
, ext3
, ext4
, swap
, vfat
, and hfs
.
--fsoptions=
— Specifies a free form string of options to be used when mounting the filesystem. This string will be copied into the /etc/fstab file of the installed system and should be enclosed in quotes.
--noformat
— Use an existing RAID device and do not format the RAID array.
--useexisting
— Use an existing RAID device and reformat it.
--encrypted
— Specifies that this RAID device should be encrypted, using the passphrase provided in the --passphrase
option. If you do not specify a passphrase, anaconda uses the default, system-wide passphrase set with the autopart --passphrase
command, or stops the installation and prompts you to provide a passphrase if no default is set.
--passphrase=
— Specifies the passphrase to use when encrypting this RAID device. You must use this option together with the --encrypted
option; by itself it has no effect.
--escrowcert=URL_of_X.509_certificate
— Store the data encryption key for this device in a file in /root
, encrypted using the X.509 certificate from the URL specified with URL_of_X.509_certificate. This option is only meaningful if --encrypted
is specified.
--backuppassphrase=
— Add a randomly-generated passphrase to this device. Store the passphrase in a file in /root
, encrypted using the X.509 certificate specified with --escrowcert
. This option is only meaningful if --escrowcert
is specified.
/
, and a RAID level 5 for /usr
, assuming there are three SCSI disks on the system. It also creates three swap partitions, one on each drive.
part raid.01 --size=60 --ondisk=sda part raid.02 --size=60 --ondisk=sdb part raid.03 --size=60 --ondisk=sdc
part swap --size=128 --ondisk=sda part swap --size=128 --ondisk=sdb part swap --size=128 --ondisk=sdc
part raid.11 --size=1 --grow --ondisk=sda part raid.12 --size=1 --grow --ondisk=sdb part raid.13 --size=1 --grow --ondisk=sdc
raid / --level=1 --device=md0 raid.01 raid.02 raid.03 raid /usr --level=5 --device=md1 raid.11 raid.12 raid.13
raid
in action, refer to Section 15.4.1, “Advanced Partitioning Example”.
realm
(optional) realm join <options> <domain>
--client-software=
— Only join realms that can run this client software. Valid values include sssd
or winbind
. Not all realms support all values. By default, the client software is chosen automatically.
--server-software=
— Only join realms that can run this server software. Possible values include active-directory
or freeipa
.
--membership-software=
— Use this software when joining the realm. Valid values include samba
and adcli
. Not all realms support all values. By default, the membership software is chosen automatically.
--one-time-password=
— Join using a one-time password. This is not possible with all types of realm.
--no-password
— Join automatically without a password.
--computer-ou OU=
— provide the distinguished name of an organizational unit in order to create the computer account. The exact format of the distinguished name depends on the client software and membership software. The root DSE portion of the distinguished name can typically be left out.
reboot
(optional) reboot
option is equivalent to the shutdown -r
command.
halt
, poweroff
, and shutdown
kickstart options.
halt
option is the default completion method if no other methods are explicitly specified in the kickstart file.
Note
reboot
option may result in an endless installation loop, depending on the installation media and method.
repo
(optional) repo --name=<repoid> [--baseurl=<url>| --mirrorlist=<url>]
--name=
— The repo id. This option is required.
--baseurl=
— The URL for the repository. The variables that may be used in yum repo config files are not supported here. You may use one of either this option or --mirrorlist, not both.
--mirrorlist=
— The URL pointing at a list of mirrors for the repository. The variables that may be used in yum repo config files are not supported here. You may use one of either this option or --baseurl, not both.
--cost=
— An integer value to assign a cost to this repository. If multiple repositories provide the same packages, this number will be used to prioritize which repository will be used before another. Repositories with a lower cost take priority over repositories with higher cost.
--excludepkgs=
— A comma-separated list of package names and globs that must not be pulled from this repository. This is useful if multiple repositories provide the same package and you want to make sure it comes from a particular repository.
--include=
— A comma-separated list of package names and globs that must be pulled from this repository. This is useful if multiple repositories provide the same package and you want to make sure it comes from this repository.
--proxy=[protocol://][username[:password]@]host[:port]
— Specify an HTTP/HTTPS/FTP proxy to use just for this repository. This setting does not affect any other repositories, nor how the install.img is fetched on HTTP installs. The various parts of the argument act like you would expect.
--ignoregroups=true
— This option is used when composing installation trees and has no effect on the installation process itself. It tells the compose tools to not look at the package group information when mirroring trees so as to avoid mirroring large amounts of unnecessary data.
--noverifyssl
— For a https repo do not check the server's certificate with what well-known CA validate and do not check the server's hostname matches the certificate's domain name.
Important
rootpw
(required) rootpw [--iscrypted|--allow-changes|--frozen] <password>
--iscrypted
— If this is present, the password argument is assumed to already be encrypted.
--allow-changes
— If this is present, the password argument can be changed with no additional actions required.
--frozen
— If this is present, the password argument cannot be changed.
selinux
(optional) selinux [--disabled|--enforcing|--permissive]
--enforcing
— Enables SELinux with the default targeted policy being enforced.
Note
selinux
option is not present in the kickstart file, SELinux is enabled and set to --enforcing
by default.
--permissive
— Outputs warnings based on the SELinux policy, but does not actually enforce the policy.
--disabled
— Disables SELinux completely on the system.
services
(optional) --disabled
— Disable the services given in the comma separated list.
--enabled
— Enable the services given in the comma separated list.
Do not include spaces in the list of services
services --disabled auditd, cups,smartd, nfslock
services --disabled auditd,cups,smartd,nfslock
shutdown
(optional) halt
option is used as default.
shutdown
option is equivalent to the shutdown
command.
halt
, poweroff
, and reboot
kickstart options.
skipx
(optional) Package selection might configure X
sshpw
(optional) sshpw
command to create temporary accounts through which to log on. Each instance of the command creates a separate account that exists only in the installation environment. These accounts are not transferred to the installed system.
sshpw --username=<name> <password> [--iscrypted|--plaintext] [--lock]
--username
— Provides the name of the user. This option is required.
--iscrypted
— Specifies that the password is already encrypted.
--plaintext
— Specifies that the password is in plain text and not encrypted.
--lock
— If this is present, the new user account is locked by default. That is, the user will not be able to login from the console.
Important — You must boot with sshd=1
ssh
available during installation, boot the system with the kernel boot option sshd=1
. Refer to Console, Environment and Display Options for details of how to specify this kernel option at boot time.
text
(optional) Important
timezone
(required) timezone [--utc] [--nontp] [--ntpservers=<server1>,<server2>,...,<serverN>] <timezone>
--utc
— If present, the system assumes the hardware clock is set to UTC (Greenwich Mean) time.
--nontp
— Disable the automatic activation of the NTP service.
--ntpservers=
— Specify a list of NTP servers to be used, separated by commas without spaces.
upgrade
(optional) user
(optional) user --name=<username> [--groups=<list>] [--homedir=<homedir>] [--password=<password>] [--iscrypted] [--shell=<shell>] [--uid=<uid>]
--name=
— Provides the name of the user. This option is required.
--groups=
— In addition to the default group, a comma separated list of group names the user should belong to. The groups must exist before the user account is created.
--homedir=
— The home directory for the user. If not provided, this defaults to /home/<username>.
--password=
— The new user's password. If not provided, the account will be locked by default.
--iscrypted=
— Is the password provided by --password already encrypted or not?
--shell=
— The user's login shell. If not provided, this defaults to the system default.
--uid=
— The user's UID. If not provided, this defaults to the next available non-system UID.
vnc
(optional) vnc [--host=<hostname>] [--port=<port>] [--password=<password>]
--host=
— Instead of starting a VNC server on the install machine, connect to the VNC viewer process listening on the given hostname.
--port=
— Provide a port that the remote VNC viewer process is listening on. If not provided, anaconda will use the VNC default.
--password=
— Set a password which must be provided to connect to the VNC session. This is optional, but recommended.
volgroup
(optional) volgroup <name> <partition> <options>
--noformat
— Use an existing volume group and do not format it.
--useexisting
— Use an existing volume group and reformat it.
--pesize=
— Set the size of the physical extents.
part pv.01 --size 3000 volgroup myvg pv.01 logvol / --vgname=myvg --size=2000 --name=rootvol
volgroup
in action, refer to Section 15.4.1, “Advanced Partitioning Example”.
xconfig
(optional) xconfig
command, you must provide the X configuration manually during installation.
--driver
— Specify the X driver to use for the video hardware.
--videoram=
— Specifies the amount of video RAM the video card has.
--defaultdesktop=
— Specify either GNOME or KDE to set the default desktop (assumes that GNOME Desktop Environment and/or KDE Desktop Environment has been installed through %packages
).
--startxonboot
— Use a graphical login on the installed system.
zerombr
(optional) zerombr
is specified any invalid partition tables found on disks are initialized. This destroys all of the contents of disks with invalid partition tables.
zerombr yes
. This form is now deprecated; you should now simply specify zerombr
in your kickstart file instead.
%include
(optional)clearpart
, raid
, part
, volgroup
, and logvol
kickstart options in action:
clearpart --drives=hda,hdc --initlabel # Raid 1 IDE config part raid.11 --size 1000 --asprimary --ondrive=hda part raid.12 --size 1000 --asprimary --ondrive=hda part raid.13 --size 2000 --asprimary --ondrive=hda part raid.14 --size 8000 --ondrive=hda part raid.15 --size 16384 --grow --ondrive=hda part raid.21 --size 1000 --asprimary --ondrive=hdc part raid.22 --size 1000 --asprimary --ondrive=hdc part raid.23 --size 2000 --asprimary --ondrive=hdc part raid.24 --size 8000 --ondrive=hdc part raid.25 --size 16384 --grow --ondrive=hdc # You can add --spares=x raid / --fstype ext3 --device md0 --level=RAID1 raid.11 raid.21 raid /safe --fstype ext3 --device md1 --level=RAID1 raid.12 raid.22 raid swap --fstype swap --device md2 --level=RAID1 raid.13 raid.23 raid /usr --fstype ext3 --device md3 --level=RAID1 raid.14 raid.24 raid pv.01 --fstype ext3 --device md4 --level=RAID1 raid.15 raid.25 # LVM configuration so that we can resize /var and /usr/local later volgroup sysvg pv.01 logvol /var --vgname=sysvg --size=8000 --name=var logvol /var/freespace --vgname=sysvg --size=8000 --name=freespacetouse logvol /usr/local --vgname=sysvg --size=1 --grow --name=usrlocal