Custom boot ISO with latest patches applied

Latest response

I have the concept on how to download the latest RHEL 7.x ISO, and create my own custom boot ISO with a kickstart (ks.cfg) file. I need to know how to apply the latest package updates into the ISO. I tried just doing a copy of the latest packages to the Package directory, but the boot loader formats the disk, then fails on loading any of the packages (see attached screenshot).

Does anyone have any insight on what steps I need to perform to get this to work?

MB
Log in to join the conversation

Responses

MS Community Member 72 points
14 July 2018 2:35 AM

The only way I found to do this is not very elegant. I make an iso directory structure from an existing RHEL7 ISO (do this by loopback mounting the iso, copying the files to a new directory, and using genisoimage to make a new iso). Before I do the genisoimage, I make a second directory called "isoupdate" in the top of the new iso directory tree

mkdir isoupdate
reposync --repo=updates --downloadonly --forcearch x86_64  --download-path=./isoupdate
createrepo --update -g comps.xml  isoupdate/updates

The 'comps.xml' is taken from the original ISO Then I modify the kickstart file(s) to add code that copies the isoupdate/updates to somewhere on the installed OS at installation time to somewhere like /opt/yum/isoupdate and copy commands so it copies a isoupdate.repo file for the local repo to /etc/yum.repos.d/isoupdate.repo pointing to the isoupdate repo and does

yum update -y /opt/yum/isoupdate/updates/*rpm

The ISO is then built with genisoimage as usual You get a ton of warnings at ISO installation time about trying to update packages you don't have installed, but the relevant packages will update.

The negatives: 1) makes the ISO much larger than it needs to be, this is because isoupdate/updates is every package that's updated since the OS release, tons of those are packages you didn't install.

positives 1) The isoupdate/updates files can be useful to have later. If you have a standalone host with no network, you can install a base package from the iso, then update it using the files in /opt/yum/isoupdate/updates

MB Newbie 15 points
16 July 2018 8:36 PM

Mark, Thanks for the response, I did think about that approach, but then I would almost double the size of my ISO image, and that was not appealing. I will give this another week or so, and if no one else chimes in I will mark your answer as the "best response"

KD Pro 410 points
17 July 2018 11:12 AM

What could work - untested :) Put the repository somewhere inside the iso and then reference it in your kickstart as an additional repository (see repo in https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/installation_guide/sect-kickstart-syntax), --baseurl=file:///mnt/source/YOURDIR should work

and reposync only latest content, otherwise it'll blow up :)

Downside: afaik red hat recommends to use the kickstart repositories (ie dvdcontent) as is and update during post install. You could do the same -- just create a .repo file in post and run yum update -y

MS Community Member 72 points
30 July 2018 1:19 AM

you could take the baseline iso, install it to a VM, immediately do a "yum check-update" use that output to make a list of the rpms it would have needed to update a baseline to now. Then use 'yumdownloader' to download just those rpms, put those rpms in the same "isoupdate" I explained in my post and run the createrepo just like I showed. This should make the isoupdate a much smaller set of rpms.

cd isoupdate/Packages
yum check-update > listoffiles
//edit the listoffiles file to remove all lines that are not just the filenames
for file in `cat listoffiles`
do
      yumdownloader --resolve $file
done
createrepo --update -g comps.xml  .               (note dot is intended)

Hint to Redhat, it would be very useful to have a simulation mode, some way to query the update repo for simply a list of rpms to update to go from baseline to now something like:

yum check-update --osver=7.5 --now > filelist                  (note this is hypothetical)

so that you wouldn't have to do that VM install but could just run yum check-update with those flags from any version of the os

MB Newbie 15 points
30 July 2018 9:31 PM

I figured this out, without adding the extra repo inside the build. First I want to callout the 2 threads I pulled extra information from

http://xpt.sourceforge.net/techdocs/nix/distro/redhat/rh07-CustomizeRedHat7Installation/

http://www.frankreimer.de/?p=522

Neither one of the above gave the actual answer, but enough clues to get me where I want to be I referenced the "comps.xml" file from both, and it was the 2nd URL, that told me I had to do a createrepo based on the information.

rough steps 
mkdir   /mnt/ISO  /data/rhel   /data/local_repo  /data/new_ISO

mount -o loop /data/rhel-server-7.5-x86_64-dvd.iso  /mnt/ISO

rsync -a /mnt/ISO/*  /data/rhel
I created my own list of packages I wanted to install into the new ISO (trimmed down from the full base ISO) 
abattis-cantarell-fonts-[0-9]*.rpm
abrt-[0-9]*.rpm
abrt-addon-ccpp-[0-9]*.rpm
abrt-addon-kerneloops-[0-9]*.rpm
abrt-addon-pstoreoops-[0-9]*.rpm
abrt-addon-python-[0-9]*.rpm
abrt-addon-vmcore-[0-9]*.rpm
abrt-addon-xorg-[0-9]*.rpm
abrt-cli-[0-9]*.rpm
abrt-console-notification-[0-9]*.rpm
...
yum-plugin-tmprepo-[0-9]*.rpm
yum-plugin-verify-[0-9]*.rpm
yum-plugin-versionlock-[0-9]*.rpm
yum-rhn-plugin-[0-9]*.rpm
yum-utils-[0-9]*.rpm
zip-[0-9]*.rpm
zlib-[0-9]*.rpm
zlib-devel-[0-9]*.rpm
I created a /data/local_repo using the above list and yumdownloader to get the latest packages (this step takes hours to complete) 
cat /data/pkg_list |sed 's/.\{11\}$//'|awk '{print "/bin/yumdownloader --destdir /data/local_repo "$1}'|/bin/bash

rsync --exclude=Packages -a /data/rhel/* /data/new_ISO/.

mkdir /data/new_ISO/Packages

rsync -a /data/local_repo/*  /data/new_ISO/Packages/.
Now we get the current comps.xml file 
cp /data/rhel/repodata/*comps*.gz /data/comps.xml.gz

gunzip /data/comps.xml.gz

cd /data/new_ISO

createrepo -g  /data/comps.xml .
Copy in some other files I wanted in my image 
/bin/cp /data/grub.cfg /data/new_ISO/EFI/BOOT/grub.cfg

/bin/cp /data/isolinux.cfg /data/new_ISO/isolinux/isolinux.cfg

/bin/cp /data/splash.png /data/new_ISO/isolinux/splash.png

/bin/cp /data/ks.cfg /data/new_ISO/ks.cfg
Now I create my ISO with genisoimage 
cd ${DST}

ISOVA="MY_NEW_ISO"

genisoimage -U -r -v -J -joliet-long \
  -V "${ISOVA}" \
  -A "${ISOVA}" \
  -volset "${ISOVA}" \
  -b isolinux/isolinux.bin \
  -c isolinux/boot.cat \
  -no-emul-boot \
  -boot-load-size 4 \
  -boot-info-table \
  -eltorito-alt-boot \
  -e images/efiboot.img \
  -no-emul-boot \
  -o /data/NEW.ISO .
Once I install, I see all the new packages installed, and I did not even increase the size of my finished ISO image.
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.