Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

32.4. Kickstart Options

The following options can be placed in a kickstart file. If you prefer to use a graphical interface for creating your kickstart file, use the Kickstart Configurator application. Refer to Chapter 33, Kickstart Configurator for details.

Note

If the option is followed by an equals mark (=), a value must be specified after it. In the example commands, options in square brackets ([ ]) are optional arguments for the command.

Important

Device names are not guaranteed to be consistent across reboots, which can complicate usage in kickstart scripts. When a kickstart option calls for a device node name (such as sda), you can instead use any item from /dev/disk. For example, instead of: 
part / --fstype=ext4 --onpart=sda1
You could use an entry similar to one of the following: 
part / --fstype=ext4 --onpart=/dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:0-part1
part / --fstype=ext4 --onpart=/dev/disk/by-id/ata-ST3160815AS_6RA0C882-part1
This provides a consistent way to refer to disks that is more meaningful than just sda. This is especially useful in large storage environments.
auth or authconfig (required)
Sets up the authentication options for the system. It is similar to the authconfig command, which can be run after the installation - see the authconfig(8) man page for more information.
Passwords are shadowed by default.

Warning

The authconfig command requires the authconfig package, which is not included when using the minimal package group. Add authconfig to the %packages section as described in Section 32.5, “Package Selection”, if you are using the minimal package group and want to use this command in your Kickstart file.

Warning

When using OpenLDAP with the SSL protocol for security, make sure that the SSLv2 and SSLv3 protols are disabled in the server configuration. This is due to the POODLE SSL vulnerability (CVE-2014-3566). See https://access.redhat.com/solutions/1234843 for details.
  • --enablenis — Turns on NIS support. By default, --enablenis uses whatever domain it finds on the network. A domain should almost always be set by hand with the --nisdomain= option.
  • --nisdomain= — NIS domain name to use for NIS services.
  • --nisserver= — Server to use for NIS services (broadcasts by default).
  • --useshadow or --enableshadow — Use shadow passwords. This option is enabled by default.
  • --enableldap — Turns on LDAP support in /etc/nsswitch.conf, allowing your system to retrieve information about users (for example, their UIDs, home directories, and shells) from an LDAP directory. To use this option, you must install the nss-pam-ldapd package. You must also specify a server and a base DN (distinguished name) with --ldapserver= and --ldapbasedn=.
  • --enableldapauth — Use LDAP as an authentication method. This enables the pam_ldap module for authentication and changing passwords, using an LDAP directory. To use this option, you must have the nss-pam-ldapd package installed. You must also specify a server and a base DN with --ldapserver= and --ldapbasedn=. If your environment does not use TLS (Transport Layer Security), use the --disableldaptls switch to ensure that the resulting configuration file works.
  • --ldapserver= — If you specified either --enableldap or --enableldapauth, use this option to specify the name of the LDAP server to use. This option is set in the /etc/ldap.conf file.
  • --ldapbasedn= — If you specified either --enableldap or --enableldapauth, use this option to specify the DN in your LDAP directory tree under which user information is stored. This option is set in the /etc/ldap.conf file.
  • --enableldaptls — Use TLS (Transport Layer Security) lookups. This option allows LDAP to send encrypted usernames and passwords to an LDAP server before authentication.
  • --disableldaptls — Do not use TLS (Transport Layer Security) lookups in an environment that uses LDAP for authentication.
  • --enablekrb5 — Use Kerberos 5 for authenticating users. Kerberos itself does not know about home directories, UIDs, or shells. If you enable Kerberos, you must make users' accounts known to this workstation by enabling LDAP, NIS, or Hesiod or by using the /usr/sbin/useradd command. If you use this option, you must have the pam_krb5 package installed.
  • --krb5realm= — The Kerberos 5 realm to which your workstation belongs.
  • --krb5kdc= — The KDC (or KDCs) that serve requests for the realm. If you have multiple KDCs in your realm, separate their names with commas (,).
  • --krb5adminserver= — The KDC in your realm that is also running kadmind. This server handles password changing and other administrative requests. This server must be run on the master KDC if you have more than one KDC.
  • --enablehesiod — Enable Hesiod support for looking up user home directories, UIDs, and shells. More information on setting up and using Hesiod on your network is in /usr/share/doc/glibc-2.x.x/README.hesiod, which is included in the glibc package. Hesiod is an extension of DNS that uses DNS records to store information about users, groups, and various other items.
  • --hesiodlhs and --hesiodrhs — The Hesiod LHS (left-hand side) and RHS (right-hand side) values, set in /etc/hesiod.conf. The Hesiod library uses these values to search DNS for a name, similar to the way that LDAP uses a base DN.
    To look up user information for the username jim, the Hesiod library looks up jim.passwd<LHS><RHS>, which should resolve to a TXT record that contains a string identical to an entry for that user in the passwd file: jim:*:501:501:Jungle Jim:/home/jim:/bin/bash. To look up groups, the Hesiod library looks up jim.group<LHS><RHS> instead.
    To look up users and groups by number, make 501.uid a CNAME for jim.passwd, and 501.gid a CNAME for jim.group. Note that the library does not place a period (.) in front of the LHS and RHS values when performing a search. Therefore, if the LHS and RHS values need to have a period placed in front of them, you must include the period in the values you set for --hesiodlhs and --hesiodrhs.
  • --enablesmbauth — Enables authentication of users against an SMB server (typically a Samba or Windows server). SMB authentication support does not know about home directories, UIDs, or shells. If you enable SMB, you must make users' accounts known to the workstation by enabling LDAP, NIS, or Hesiod or by using the /usr/sbin/useradd command.
  • --smbservers= — The name of the servers to use for SMB authentication. To specify more than one server, separate the names with commas (,).
  • --smbworkgroup= — The name of the workgroup for the SMB servers.
  • --enablecache — Enables the nscd service. The nscd service caches information about users, groups, and various other types of information. Caching is especially helpful if you choose to distribute information about users and groups over your network using NIS, LDAP, or Hesiod.
  • --passalgo= — specify sha256 to set up the SHA-256 hashing algorithm or sha512 to set up the SHA-512 hashing algorithm.
autopart (optional)
Automatically creates partitions — a root (/) partition (1 GB or bigger), a swap partition, and an appropriate boot partition for the architecture.

Note

Note that the autopart option cannot be used together with the part/partition, raid, logvol, or volgroup options in the same kickstart file.
  • --encrypted — Should all devices with support be encrypted by default? This is equivalent to checking the Encrypt checkbox on the initial partitioning screen.
  • --cipher= — Specifies which type of encryption will be used if the anaconda default aes-xts-plain64 is not satisfactory. You must use this option together with the --encrypted option; by itself it has no effect. Available types of encryption are listed in the Red Hat Enterprise Linux Security Guide, but Red Hat strongly recommends using either aes-xts-plain64 or aes-cbc-essiv:sha256.
  • --passphrase= — Provide a default system-wide passphrase for all encrypted devices.
  • --escrowcert=URL_of_X.509_certificate — Store data encryption keys of all encrypted volumes as files in /root, encrypted using the X.509 certificate from the URL specified with URL_of_X.509_certificate. The keys are stored as a separate file for each encrypted volume. This option is only meaningful if --encrypted is specified.
  • --backuppassphrase= — Add a randomly-generated passphrase to each encrypted volume. Store these passphrases in separate files in /root, encrypted using the X.509 certificate specified with --escrowcert. This option is only meaningful if --escrowcert is specified.
autostep (optional)
Similar to interactive except it goes to the next screen for you. It is used mostly for debugging and should not be used when deploying a system because it may disrupt package installation.
  • --autoscreenshot — Take a screenshot at every step during installation and copy the images over to /root/anaconda-screenshots after installation is complete. This is most useful for documentation.
bootloader (required)
Specifies how the boot loader should be installed. This option is required for both installations and upgrades.

Important

If you select text mode for a kickstart installation, make sure that you specify choices for the partitioning, bootloader, and package selection options. These steps are automated in text mode, and anaconda cannot prompt you for missing information. If you do not provide choices for these options, anaconda will stop the installation process.

Important

It is highly recommended to set up a boot loader password on every machine. An unprotected boot loader can allow a potential attacker to modify the system's boot options and gain access to the system. See the chapter titled Workstation Security in the Red Hat Enterprise Linux Security Guide for more information on boot loader passwords and password security in general.
  • --append= — Specifies kernel parameters. To specify multiple parameters, separate them with spaces. For example: 
    bootloader --location=mbr --append="hdd=ide-scsi ide=nodma"
  • --driveorder — Specify which drive is first in the BIOS boot order. For example: 
    bootloader --driveorder=sda,hda
  • --disabled — This option is a stronger version of --location=none. While --location=none simply disables bootloader installation, --disabled disables bootloader installation and also disables installation of the bootloader package, thus saving space.
  • --location= — Specifies where the boot record is written. Valid values are the following: mbr (the default), partition (installs the boot loader on the first sector of the partition containing the kernel — necessary for UEFI), or none (do not install the boot loader).

    Important

    64-bit AMD and Intel systems with UEFI firmware require the boot loader to be installed in an EFI system partition on a disk labeled with a GUID Partition Table (GPT). Using a disk with a Master Boot Record (MBR) label requires that the disk be relabeled using the clearpart and zerombr commands. Relabeling a disk will render all data on that disk inaccessible and it will require creating a new partition layout.
  • --password= — If using GRUB, sets the GRUB boot loader password to the one specified with this option. This should be used to restrict access to the GRUB shell, where arbitrary kernel options can be passed.
  • --iscrypted — If using GRUB, should be included if the password is already encrypted. The encryption method is detected automatically based on the password.
    To create an encrypted password, use the following command: 
    python -c 'import crypt; print(crypt.crypt("My Password"))'
    This will create a sha512 crypt of your password.
  • --upgrade — Upgrade the existing boot loader configuration, preserving the old entries. This option is only available for upgrades.
clearpart (optional)
Removes partitions from the system, prior to creation of new partitions. By default, no partitions are removed.

Note

If the clearpart command is used, then the --onpart command cannot be used on a logical partition.
  • --all — Erases all partitions from the system.

    Warning

    This option will erase all disks which can be reached by the installer, including any attached network storage. Use this option with caution.
    You can prevent clearpart from wiping storage you want to preserve by using the --drives= option and specifying only the drives you want to clear, by attaching network storage later (for example, in the %post section of the Kickstart file), or by blacklisting the kernel modules used to access network storage.

    Important

    The clearpart cannot clear an existing BIOS RAID setup. For this, the command wipefs -a must be added to your %pre script. Note that this will wipe all metadata from the RAID.
  • --drives= — Specifies which drives to clear partitions from. For example, the following clears all the partitions on the first two drives on the primary IDE controller: 
    clearpart --drives=hda,hdb --all
    To clear a multipath device, use the format disk/by-id/scsi-WWID, where WWID is the world-wide identifier for the device. For example, to clear a disk with WWID 58095BEC5510947BE8C0360F604351918, use: 
    clearpart --drives=disk/by-id/scsi-58095BEC5510947BE8C0360F604351918
    This format is preferable for all multipath devices, but if errors arise, multipath devices that do not use logical volume management (LVM) can also be cleared using the format disk/by-id/dm-uuid-mpath-WWID, where WWID is the world-wide identifier for the device. For example, to clear a disk with WWID 2416CD96995134CA5D787F00A5AA11017, use: 
    clearpart --drives=disk/by-id/dm-uuid-mpath-2416CD96995134CA5D787F00A5AA11017

    Warning

    Never specify multipath devices by device names like mpatha. Device names like mpatha are not specific to a particular disk. The disk named /dev/mpatha during installation might not be the one that you expect it to be. Therefore, the clearpart command could target the wrong disk.
  • --initlabel — Initializes a disk (or disks) by creating a default disk label for all disks in their respective architecture that have been designated for formatting (for example, msdos for x86). Because --initlabel can see all disks, it is important to ensure only those drives that are to be formatted are connected. 
    clearpart --initlabel --drives=names_of_disks
    For example: 
    clearpart --initlabel --drives=dasda,dasdb,dasdc
  • --linux — Erases all Linux partitions.
  • --none (default) — Do not remove any partitions.
  • --cdl — Reformat all detected LDL (Linux Disk Layout) disks to CDL (Compatible Disk Layout). Only available on IBM System z.

Note

Using the clearpart --all command in a Kickstart file to remove all existing partitions during the installation will cause Anaconda to pause and prompt you for a confirmation. If you need to perform the installation automatically with no interaction, add the zerombr command to your Kickstart file.
cmdline (optional)
Perform the installation in a completely non-interactive command line mode. Any prompts for interaction halts the install. This mode is useful on IBM System z systems with the 3270 terminal under z/VM and operating system messages applet on LPAR. The recommended use is in conjunction with RUNKS=1 and ks=. Refer to Section 26.6, “Parameters for Kickstart Installations”.
device (optional)
On most PCI systems, the installation program autoprobes for Ethernet and SCSI cards properly. On older systems and some PCI systems, however, kickstart needs a hint to find the proper devices. The device command, which tells the installation program to install extra modules, is in this format: 
device <moduleName> --opts=<options>
  • <moduleName> — Replace with the name of the kernel module which should be installed.
  • --opts= — Options to pass to the kernel module. For example: 
    --opts="aic152x=0x340 io=11"
driverdisk (optional)
Driver disks can be used during kickstart installations. You must copy the driver disks's contents to the root directory of a partition on the system's hard drive. Then you must use the driverdisk command to tell the installation program where to look for the driver disk. 
driverdisk <partition> --source=<url> --biospart=<biospart> [--type=<fstype>]
Alternatively, a network location can be specified for the driver disk: 
driverdisk --source=ftp://path/to/dd.img
driverdisk --source=http://path/to/dd.img
driverdisk --source=nfs:host:/path/to/img
  • <partition> — Partition containing the driver disk.
  • <url> — URL for the driver disk. NFS locations can be given in the form nfs:host:/path/to/img.
  • <biospart> — BIOS partition containing the driver disk (for example, 82p2).
  • --type= — File system type (for example, vfat or ext2).
fcoe (optional)
Specify which FCoE devices should be activated automatically in addition to those discovered by Enhanced Disk Drive Services (EDD).
  • --nic= (mandatory) — The name of the device to be activated.
  • --dcb= — Establish Data Center Bridging (DCB) settings.
  • --autovlan — Discover VLANs automatically.
firewall (optional)
This option corresponds to the Firewall Configuration screen in the installer. 
firewall --enabled|--disabled [--trust=] <device> <incoming> [--port=]

Warning

The firewall command requires the system-config-firewall-base package, which is not included when using the minimal package group. Add system-config-firewall-base to the %packages section as described in Section 32.5, “Package Selection”, if you are using the minimal package group and you want to use this command in your Kickstart file.
  • --enabled or --enable — Reject incoming connections that are not in response to outbound requests, such as DNS replies or DHCP requests. If access to services running on this machine is needed, you can choose to allow specific services through the firewall.
  • --disabled or --disable — Do not configure any iptables rules.
  • --trust= — Listing a device here, such as eth0, allows all traffic coming to and from that device to go through the firewall. To list more than one device, use --trust eth0 --trust eth1. Do NOT use a comma-separated format such as --trust eth0, eth1.
  • <incoming> — Replace with one or more of the following to allow the specified services through the firewall.
    • --ssh
    • --telnet
    • --smtp
    • --http
    • --ftp
  • --port= — You can specify that ports be allowed through the firewall using the port:protocol format. For example, to allow IMAP access through your firewall, specify imap:tcp. Numeric ports can also be specified explicitly; for example, to allow UDP packets on port 1234 through, specify 1234:udp. To specify multiple ports, separate them by commas.
firstboot (optional)
Determine whether the firstboot starts the first time the system is booted. If enabled, the firstboot package must be installed. If not specified, this option is disabled by default.
  • --enable or --enabled — The Setup Agent is started the first time the system boots.
  • --disable or --disabled — The Setup Agent is not started the first time the system boots.
  • --reconfig — Enable the Setup Agent to start at boot time in reconfiguration mode. This mode enables the language, mouse, keyboard, root password, security level, and time zone configuration options in addition to the default ones.
graphical (optional)
Perform the kickstart installation in graphical mode. This is the default.
group (optional)
Creates a new user group on the system. If a group with the given name or GID already exists, this command will fail. In addition, the user command can be used to create a new group for the newly created user. 
group --name=name [--gid=gid]
  • --name= - Provides the name of the group.
  • --gid= - The group's GID. If not provided, defaults to the next available non-system GID.
halt (optional)
Halt the system after the installation has successfully completed. This is similar to a manual installation, where anaconda displays a message and waits for the user to press a key before rebooting. During a kickstart installation, if no completion method is specified, this option is used as the default.
The halt option is equivalent to the shutdown -h command.
For other completion methods, refer to the poweroff, reboot, and shutdown kickstart options.
ignoredisk (optional)
Causes the installer to ignore the specified disks. This is useful if you use autopartition and want to be sure that some disks are ignored. For example, without ignoredisk, attempting to deploy on a SAN-cluster the kickstart would fail, as the installer detects passive paths to the SAN that return no partition table.
The syntax is: 
ignoredisk --drives=drive1,drive2,...
where driveN is one of sda, sdb,..., hda,... etc.
To ignore a multipath device that does not use logical volume management (LVM), use the format disk/by-id/dm-uuid-mpath-WWID, where WWID is the world-wide identifier for the device. For example, to ignore a disk with WWID 2416CD96995134CA5D787F00A5AA11017, use: 
ignoredisk --drives=disk/by-id/dm-uuid-mpath-2416CD96995134CA5D787F00A5AA11017
Multipath devices that use LVM are not assembled until after anaconda has parsed the kickstart file. Therefore, you cannot specify these devices in the format dm-uuid-mpath. Instead, to ignore a multipath device that uses LVM, use the format disk/by-id/scsi-WWID, where WWID is the world-wide identifier for the device. For example, to ignore a disk with WWID 58095BEC5510947BE8C0360F604351918, use: 
ignoredisk --drives=disk/by-id/scsi-58095BEC5510947BE8C0360F604351918

Warning

Never specify multipath devices by device names like mpatha. Device names like mpatha are not specific to a particular disk. The disk named /dev/mpatha during installation might not be the one that you expect it to be. Therefore, the clearpart command could target the wrong disk.
  • --only-use — specifies a list of disks for the installer to use. All other disks are ignored. For example, to use disk sda during installation and ignore all other disks: 
    ignoredisk --only-use=sda
    To include a multipath device that does not use LVM: 
    ignoredisk --only-use=disk/by-id/dm-uuid-mpath-2416CD96995134CA5D787F00A5AA11017
    To include a multipath device that uses LVM: 
    ignoredisk --only-use=disk/by-id/scsi-58095BEC5510947BE8C0360F604351918
install (optional)
Tells the system to install a fresh system rather than upgrade an existing system. This is the default mode. For installation, you must specify the type of installation from cdrom, harddrive, nfs, or url (for FTP, HTTP, or HTTPS installations). The install command and the installation method command must be on separate lines.
  • cdrom — Install from the first optical drive on the system.
  • harddrive — Install from a Red Hat installation tree on a local drive, which must be either vfat or ext2.
    • --biospart=
      BIOS partition to install from (such as 82).
    • --partition=
      Partition to install from (such as sdb2).
    • --dir=
      Directory containing the variant directory of the installation tree.
    For example: 
    harddrive --partition=hdb2 --dir=/tmp/install-tree
  • nfs — Install from the NFS server specified.
    • --server=
      Server from which to install (hostname or IP).
    • --dir=
      Directory containing the variant directory of the installation tree.
    • --opts=
      Mount options to use for mounting the NFS export. (optional)
    For example: 
    nfs --server=nfsserver.example.com --dir=/tmp/install-tree
  • url — Install from an installation tree on a remote server using the FTP, HTTP, or HTTPS protocol. You can only specify one URL.
    For example: 
    url --url http://<server>/<dir>
    or: 
    url --url ftp://<username>:<password>@<server>/<dir>
interactive (optional)
Perform an interactive installation, but use the information in the kickstart file to provide defaults. During the installation, anaconda still prompts you at every stage. Either accept the values from the kickstart file by clicking Next or change the values and click Next to continue. Refer also to the autostep command.
iscsi (optional) 
iscsi --ipaddr=<ipaddr> [options]
Specifies additional iSCSI storage to be attached during installation. If you use the iscsi parameter, you must also assign a name to the iSCSI node, using the iscsiname parameter earlier in the kickstart file.
We recommend that wherever possible you configure iSCSI storage in the system BIOS or firmware (iBFT for Intel systems) rather than use the iscsi parameter. Anaconda automatically detects and uses disks configured in BIOS or firmware and no special configuration is necessary in the kickstart file.
If you must use the iscsi parameter, ensure that networking is activated at the beginning of the installation, and that the iscsi parameter appears in the kickstart file before you refer to iSCSI disks with parameters such as clearpart or ignoredisk.
  • --port= (mandatory) — the port number (typically, --port=3260)
  • --user= — the username required to authenticate with the target
  • --password= — the password that corresponds with the username specified for the target
  • --reverse-user= — the username required to authenticate with the initiator from a target that uses reverse CHAP authentication
  • --reverse-password= — the password that corresponds with the username specified for the initiator
iscsiname (optional)
Assigns a name to an iSCSI node specified by the iscsi parameter. If you use the iscsi parameter in your kickstart file, you must specify iscsiname earlier in the kickstart file.
keyboard (required)
Sets the default keyboard type for the system. The available keyboard types are:
  • be-latin1 — Belgian
  • bg_bds-utf8 — Bulgarian
  • bg_pho-utf8 — Bulgarian (Phonetic)
  • br-abnt2 — Brazilian (ABNT2)
  • cf — French Canadian
  • croat — Croatian
  • cz-us-qwertz — Czech
  • cz-lat2 — Czech (qwerty)
  • de — German
  • de-latin1 — German (latin1)
  • de-latin1-nodeadkeys — German (latin1 without dead keys)
  • dvorak — Dvorak
  • dk — Danish
  • dk-latin1 — Danish (latin1)
  • es — Spanish
  • et — Estonian
  • fi — Finnish
  • fi-latin1 — Finnish (latin1)
  • fr — French
  • fr-latin9 — French (latin9)
  • fr-latin1 — French (latin1)
  • fr-pc — French (pc)
  • fr_CH — Swiss French
  • fr_CH-latin1 — Swiss French (latin1)
  • gr — Greek
  • hu — Hungarian
  • hu101 — Hungarian (101 key)
  • is-latin1 — Icelandic
  • it — Italian
  • it-ibm — Italian (IBM)
  • it2 — Italian (it2)
  • jp106 — Japanese
  • ko — Korean
  • la-latin1 — Latin American
  • mk-utf — Macedonian
  • nl — Dutch
  • no — Norwegian
  • pl2 — Polish
  • pt-latin1 — Portuguese
  • ro — Romanian
  • ru — Russian
  • sr-cy — Serbian
  • sr-latin — Serbian (latin)
  • sv-latin1 — Swedish
  • sg — Swiss German
  • sg-latin1 — Swiss German (latin1)
  • sk-qwerty — Slovak (qwerty)
  • slovene — Slovenian
  • trq — Turkish
  • uk — United Kingdom
  • ua-utf — Ukrainian
  • us-acentos — U.S. International
  • us — U.S. English
The file /usr/lib/python2.6/site-packages/system_config_keyboard/keyboard_models.py on 32-bit systems or /usr/lib64/python2.6/site-packages/system_config_keyboard/keyboard_models.py on 64-bit systems also contains this list and is part of the system-config-keyboard package.
lang (required)
Sets the language to use during installation and the default language to use on the installed system. For example, to set the language to English, the kickstart file should contain the following line: 
lang en_US
The file /usr/share/system-config-language/locale-list provides a list of the valid language codes in the first column of each line and is part of the system-config-language package.
Certain languages (for example, Chinese, Japanese, Korean, and Indic languages) are not supported during text-mode installation. If you specify one of these languages with the lang command, the installation process continues in English, but the installed system uses your selection as its default language.
langsupport (deprecated)
The langsupport keyword is deprecated and its use will cause an error message to be printed to the screen and installation to halt. Instead of using the langsupport keyword, you should now list the support package groups for all languages you want supported in the %packages section of your kickstart file. For instance, adding support for French means you should add the following to %packages: 
@french-support
logging (optional)
This command controls the error logging of anaconda during installation. It has no effect on the installed system. 
logging [--host=<host>] [--port=<port>] [--level=debug|info|error|critical]
  • --host= — Send logging information to the given remote host, which must be running a syslogd process configured to accept remote logging.
  • --port= — If the remote syslogd process uses a port other than the default, it may be specified with this option.
  • --level= — One of debug, info, warning, error, or critical.
    Specify the minimum level of messages that appear on tty3. All messages will still be sent to the log file regardless of this level, however.
logvol (optional)
Create a logical volume for Logical Volume Management (LVM) with the syntax: 
logvol <mntpoint> --vgname=<name> --size=<size> --name=<name> [options]

Important

Do not use the dash ("-") character in logical volume or volume group names when installing Red Hat Enterprise Linux using Kickstart. If you do, the installation will finish normally, but the character will be removed from all newly created volume and volume group names. For example, if you create a volume group named volgrp-01, its name will be changed to volgrp01.
This limitation only applies to new installations. If you are upgrading or reinstalling an existing installation and use the --noformat option described below, dashes used in volume and volume group names will be preserved.
  • The <mntpoint> is where the partition is mounted and must be of one of the following forms:
    • /<path>
      For example, /, /usr, /home
    • swap
      The partition is used as swap space.
      To determine the size of the swap partition automatically, use the --recommended option: 
      swap --recommended
      The size assigned will be effective but not precisely calibrated for your system.
      To determine the size of the swap partition automatically but also allow extra space for your system to hibernate, use the --hibernation option: 
      swap --hibernation
      The size assigned will be equivalent to the swap space assigned by --recommended plus the amount of RAM on your system.
      For the swap sizes assigned by these commands, refer to Section 9.15.5, “Recommended Partitioning Scheme” for x86, AMD64, and Intel 64 Architecture and Section 16.17.5, “Recommended Partitioning Scheme” for IBM Power Systems servers.

      Important

      Swap space recommendations were updated in Red Hat Enterprise Linux 6.3. Previously, systems with large amounts of RAM were assigned huge swap spaces. This delayed the Out-of-Memory Killer (oom_kill) in addressing critical memory shortages, even if a process was malfunctioning.
      Consequently, if you are using an earlier version of Red Hat Enterprise Linux 6, swap --recommended will generate larger swap spaces than those described in the Recommended Partitioning Scheme, even on systems with large amounts of RAM. This may negate the need to allow extra space for hibernation.
      However, these updated swap space values are nonetheless recommended for earlier versions of Red Hat Enterprise Linux 6 and can be set manually using the swap --size= option.
The options are as follows:
  • --noformat — Use an existing logical volume and do not format it.
  • --useexisting — Use an existing logical volume and reformat it.
  • --fstype= — Sets the file system type for the logical volume. Valid values are xfs, ext2, ext3, ext4, swap, vfat, hfs, and efi.
  • --fsoptions= — Specifies a free form string of options to be used when mounting the filesystem. This string will be copied into the /etc/fstab file of the installed system and should be enclosed in quotes.
  • --fsprofile — Specifies a usage type to be passed to the program that makes a filesystem on this partition. A usage type defines a variety of tuning parameters to be used when making a filesystem. For this option to work, the filesystem must support the concept of usage types and there must be a configuration file that lists valid types. For ext2, ext3, and ext4, this configuration file is /etc/mke2fs.conf.
  • --grow= — Tells the logical volume to grow to fill available space (if any), or up to the maximum size setting.
  • --maxsize= — The maximum size in megabytes when the logical volume is set to grow. Specify an integer value here such as 500 (do not include the unit).
  • --recommended= — Determine the size of the logical volume automatically.
  • --percent= — Specify the amount by which to grow the logical volume, as a percentage of the free space in the volume group after any statically-sized logical volumes are taken into account. This option must be used in conjunction with the --size and --grow options for logvol.
  • --encrypted — Specifies that this logical volume should be encrypted, using the passphrase provided in the --passphrase option. If you do not specify a passphrase, anaconda uses the default, system-wide passphrase set with the autopart --passphrase command, or stops the installation and prompts you to provide a passphrase if no default is set.
  • --cipher= — Specifies which type of encryption will be used if the anaconda default aes-xts-plain64 is not satisfactory. You must use this option together with the --encrypted option; by itself it has no effect. Available types of encryption are listed in the Red Hat Enterprise Linux Security Guide, but Red Hat strongly recommends using either aes-xts-plain64 or aes-cbc-essiv:sha256.
  • --passphrase= — Specifies the passphrase to use when encrypting this logical volume. You must use this option together with the --encrypted option; by itself it has no effect.
  • --escrowcert=URL_of_X.509_certificate — Store data encryption keys of all encrypted volumes as files in /root, encrypted using the X.509 certificate from the URL specified with URL_of_X.509_certificate. The keys are stored as a separate file for each encrypted volume. This option is only meaningful if --encrypted is specified.
  • --backuppassphrase= — Add a randomly-generated passphrase to each encrypted volume. Store these passphrases in separate files in /root, encrypted using the X.509 certificate specified with --escrowcert. This option is only meaningful if --escrowcert is specified.
Create the partition first, create the logical volume group, and then create the logical volume. For example: 
part pv.01 --size 3000
volgroup myvg pv.01
logvol / --vgname=myvg --size=2000 --name=rootvol
Create the partition first, create the logical volume group, and then create the logical volume to occupy 90% of the remaining space in the volume group. For example: 
part pv.01 --size 1 --grow
volgroup myvg pv.01
logvol / --vgname=myvg --size=1 --name=rootvol --grow --percent=90
mediacheck (optional)
If given, this will force anaconda to run mediacheck on the installation media. This command requires that installs be attended, so it is disabled by default.
monitor (optional)
If the monitor command is not given, anaconda will use X to automatically detect your monitor settings. Please try this before manually configuring your monitor. 
monitor --monitor=<monitorname>|--hsync|vsync=<frequency> [--noprobe]
  • --hsync= — Specifies the horizontal sync frequency of the monitor.
  • --monitor= — Use specified monitor; monitor name should be from the list of monitors in /usr/share/hwdata/MonitorsDB from the hwdata package. The list of monitors can also be found on the X Configuration screen of the Kickstart Configurator. This is ignored if --hsync or --vsync is provided. If no monitor information is provided, the installation program tries to probe for it automatically.
  • --noprobe= — Do not try to probe the monitor.
  • --vsync= — Specifies the vertical sync frequency of the monitor.
mouse (deprecated)
The mouse keyword is deprecated.
network (optional)
Configures network information for the target system and activates network devices in the installer environment. The device specified in the first network command is activated automatically if network access is required during installation, for example, during a network installation or installation over VNC. From Red Hat Enterprise Linux 6.1 onwards, you can also explicitly require device to activate in the installer environment with the --activate option.

Important

If you need to manually specify network settings during an otherwise-automated kickstart installation, do not use network. Instead, boot the system with the asknetwork option (refer to Section 32.11, “Starting a Kickstart Installation”), which will prompt anaconda to ask you for network settings rather than use the default settings. anaconda will ask this before fetching the kickstart file.
Once the network connection is established, you can only reconfigure network settings with those specified in your kickstart file.

Note

You will only be prompted for information about your network:
  • before fetching the kickstart file if you are using the asknetwork boot option
  • when the network is first accessed once the kickstart file has been fetched, if the network was not used to fetch it and you have provided no kickstart network commands
  • --activate — activate this device in the installer environment.
    If you use the --activate option on a device that has already been activated (for example, an interface you configured with boot options so that the system could retrieve the kickstart file) the device is reactivated to use the details specified in the kickstart file.
    Use the --nodefroute option to prevent the device from using the default route.
    The activate option is new in Red Hat Enterprise Linux 6.1.
  • --bootproto= — One of dhcp, bootp, ibft, or static.
    The ibft option is new in Red Hat Enterprise Linux 6.1.
    The bootproto option defaults to dhcp. bootp and dhcp are treated the same.
    The DHCP method uses a DHCP server system to obtain its networking configuration. As you might guess, the BOOTP method is similar, requiring a BOOTP server to supply the networking configuration. To direct a system to use DHCP: 
    network --bootproto=dhcp
    To direct a machine to use BOOTP to obtain its networking configuration, use the following line in the kickstart file: 
    network --bootproto=bootp
    To direct a machine to use the configuration specified in iBFT, use: 
    network --bootproto=ibft
    The static method requires that you specify the IP address, netmask, gateway, and nameserver in the kickstart file. As the name implies, this information is static and is used during and after the installation.
    All static networking configuration information must be specified on one line; you cannot wrap lines using a backslash as you can on a command line. A line that specifies static networking in a kickstart file is therefore more complex than lines that specify DHCP, BOOTP, or iBFT. Note that the examples on this page have line breaks in them for presentation reasons; they would not work in an actual kickstart file. 
    network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0
 --gateway=10.0.2.254 --nameserver=10.0.2.1
    You can also configure multiple nameservers here. To do so, specify them as a comma-delimited list in the command line. 
    network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0
 --gateway=10.0.2.254 --nameserver 192.168.2.1,192.168.3.1
  • --device= — specifies the device to be configured (and eventually activated) with the network command. For the first network command, --device= defaults (in order of preference) to one of:
    • the device specified by the ksdevice boot option
    • the device activated automatically to fetch the kickstart file
    • the device selected in the Networking Devices dialog
    The behavior of any subsequent network command is unspecified if its --device option is missing. Take care to specify a --device option for any network command beyond the first.
    You can specify a device in one of five ways:
    • the device name of the interface, for example, eth0
    • the MAC address of the interface, for example, 00:12:34:56:78:9a
    • the keyword link, which specifies the first interface with its link in the up state
    • the keyword bootif, which uses the MAC address that pxelinux set in the BOOTIF variable. Set IPAPPEND 2 in your pxelinux.cfg file to have pxelinux set the BOOTIF variable.
    • the keyword ibft, which uses the MAC address of the interface specified by iBFT 
    network --bootproto=dhcp --device=eth0
  • --ip= — IP address of the device.
  • --ipv6= — IPv6 address of the device. Use auto for automatic configuration, or dhcp for DHCPv6 only configuration (no router advertisements).
  • --gateway= — Default gateway as a single IPv4 address.
  • --ipv6gateway= — Default gateway as a single IPv6 address.
  • --nameserver= — Primary nameserver, as an IP address. Multiple nameservers must each be separated by a comma.
  • --nodefroute — Prevents the interface being set as the default route. Use this option when you activate additional devices with the --activate= option, for example, a NIC on a separate subnet for an iSCSI target.
    The nodefroute option is new in Red Hat Enterprise Linux 6.1.
  • --nodns — Do not configure any DNS server.
  • --netmask= — Network mask of the device.
  • --hostname= — Hostname for the installed system.
  • --ethtool= — Specifies additional low-level settings for the network device which will be passed to the ethtool program.
  • --onboot= — Whether or not to enable the device at boot time.
  • --dhcpclass= — The DHCP class.
  • --mtu= — The MTU of the device.
  • --noipv4 — Disable configuration of IPv4 on this device.
  • --noipv6 — Disable configuration of IPv6 on this device.

    Note

    The --noipv6 kickstart option does not currently disable IPv6 configuration of individual devices, due to a bug. However, disabling ipv6 system-wide is possible by using the --noipv6 option on every network device and using the noipv6 boot parameter. See Section 32.11, “Starting a Kickstart Installation” for more information about the noipv6 boot option, and the Knowledgebase article at https://access.redhat.com/solutions/1565723 for more information on disabling IPv6 system-wide.
  • --vlanid= — Specifies virtual LAN ID number (802.1q tag).
  • --bondslaves= — Specifies which network interfaces will be bonded as a comma-separated list.
  • --bondopts= — a list of optional parameters for a bonded interface, which is specified using the --bondslaves= and --device= options. Options in this list must be separated by commas (",") or semicolons (";"). If an option itself contains a comma, use a semicolon to separate the options. For example: 
    network --bondopts=mode=active-backup,balance-rr;primary=eth1
    Available optional parameters are listed in the Working with Kernel Modules chapter of the Red Hat Enterprise Linux Deployment Guide.

    Important

    The --bondopts=mode= parameter only supports full mode names such as balance-rr or broadcast, not their numerical representations such as 0 or 3.
part or partition (required for installs, ignored for upgrades)
Creates a partition on the system.
If more than one Red Hat Enterprise Linux installation exists on the system on different partitions, the installation program prompts the user and asks which installation to upgrade.

Warning

All partitions created are formatted as part of the installation process unless --noformat and --onpart are used.

Important

If you select text mode for a kickstart installation, make sure that you specify choices for the partitioning, bootloader, and package selection options. These steps are automated in text mode, and anaconda cannot prompt you for missing information. If you do not provide choices for these options, anaconda will stop the installation process.
For a detailed example of part in action, refer to Section 32.4.1, “Advanced Partitioning Example”. 
part|partition <mntpoint> --name=<name> --device=<device> --rule=<rule> [options]
  • <mntpoint> — Where the partition is mounted. The value must be of one of the following forms:
    • /<path>
      For example, /, /usr, /home
    • swap
      The partition is used as swap space.
      To determine the size of the swap partition automatically, use the --recommended option: 
      swap --recommended
      The size assigned will be effective but not precisely calibrated for your system.
      To determine the size of the swap partition automatically but also allow extra space for your system to hibernate, use the --hibernation option: 
      swap --hibernation
      The size assigned will be equivalent to the swap space assigned by --recommended plus the amount of RAM on your system.
      For the swap sizes assigned by these commands, refer to Section 9.15.5, “Recommended Partitioning Scheme” for x86, AMD64, and Intel 64 Architecture and Section 16.17.5, “Recommended Partitioning Scheme” for IBM Power Systems servers.

      Important

      Swap space recommendations were updated in Red Hat Enterprise Linux 6.3. Previously, systems with large amounts of RAM were assigned huge swap spaces. This delayed the Out-of-Memory Killer (oom_kill) in addressing critical memory shortages, even if a process was malfunctioning.
      Consequently, if you are using an earlier version of Red Hat Enterprise Linux 6, swap --recommended will generate larger swap spaces than those described in the Recommended Partitioning Scheme, even on systems with large amounts of RAM. This may negate the need to allow extra space for hibernation.
      However, these updated swap space values are nonetheless recommended for earlier versions of Red Hat Enterprise Linux 6 and can be set manually using the swap --size= option.
    • raid.<id>
      The partition is used for software RAID (refer to raid).
    • pv.<id>
      The partition is used for LVM (refer to logvol).
  • --size= — The minimum partition size in megabytes. Specify an integer value here such as 500 (do not include the unit).

    Important

    If the --size value is too small, the installation will fail. Set the --size value as the minimum amount of space you require. For size recommendations, refer to Section 9.15.5, “Recommended Partitioning Scheme”.
  • --grow — Tells the partition to grow to fill available space (if any), or up to the maximum size setting.

    Note

    If you use --grow= without setting --maxsize= on a swap partition, Anaconda will limit the maximum size of the swap partition. For systems that have less than 2GB of physical memory, the imposed limit is twice the amount of physical memory. For systems with more than 2GB, the imposed limit is the size of physical memory plus 2GB.
  • --maxsize= — The maximum partition size in megabytes when the partition is set to grow. Specify an integer value here such as 500 (do not include the unit).
  • --noformat — Specifies that the partition should not be formatted, for use with the --onpart command.
  • --onpart= or --usepart= — Specifies the device on which to place the partition. For example: 
    partition /home --onpart=hda1
    puts /home on /dev/hda1.
    These options can also add a partition to a logical volume. For example: 
    partition pv.1 --onpart=hda2
    The device must already exist on the system; the --onpart option will not create it.
  • --ondisk= or --ondrive= — Forces the partition to be created on a particular disk. For example, --ondisk=sdb puts the partition on the second SCSI disk on the system.
    To specify a multipath device that does not use logical volume management (LVM), use the format disk/by-id/dm-uuid-mpath-WWID, where WWID is the world-wide identifier for the device. For example, to specify a disk with WWID 2416CD96995134CA5D787F00A5AA11017, use: 
    part / --fstype=ext3 --grow --asprimary --size=100 --ondisk=disk/by-id/dm-uuid-mpath-2416CD96995134CA5D787F00A5AA11017
    Multipath devices that use LVM are not assembled until after anaconda has parsed the kickstart file. Therefore, you cannot specify these devices in the format dm-uuid-mpath. Instead, to specify a multipath device that uses LVM, use the format disk/by-id/scsi-WWID, where WWID is the world-wide identifier for the device. For example, to specify a disk with WWID 58095BEC5510947BE8C0360F604351918, use: 
    part / --fstype=ext3 --grow --asprimary --size=100 --ondisk=disk/by-id/scsi-58095BEC5510947BE8C0360F604351918

    Warning

    Never specify multipath devices by device names like mpatha. Device names like mpatha are not specific to a particular disk. The disk named /dev/mpatha during installation might not be the one that you expect it to be. Therefore, the clearpart command could target the wrong disk.
  • --asprimary — Forces automatic allocation of the partition as a primary partition, or the partitioning fails.
  • --type= (replaced by fstype) — This option is no longer available. Use fstype.
  • --fsoptions — Specifies a free form string of options to be used when mounting the filesystem. This string will be copied into the /etc/fstab file of the installed system and should be enclosed in quotes.
  • --fsprofile — Specifies a usage type to be passed to the program that makes a filesystem on this partition. A usage type defines a variety of tuning parameters to be used when making a filesystem. For this option to work, the filesystem must support the concept of usage types and there must be a configuration file that lists valid types. For ext2, ext3, and ext4, this configuration file is /etc/mke2fs.conf.
  • --fstype= — Sets the file system type for the partition. Valid values are xfs, ext2, ext3, ext4, swap, vfat, hfs, and efi.
  • --recommended — Determine the size of the partition automatically.
  • --onbiosdisk — Forces the partition to be created on a particular disk as discovered by the BIOS.
  • --encrypted — Specifies that this partition should be encrypted, using the passphrase provided in the --passphrase option. If you do not specify a passphrase, anaconda uses the default, system-wide passphrase set with the autopart --passphrase command, or stops the installation and prompts you to provide a passphrase if no default is set.
  • --cipher= — Specifies which type of encryption will be used if the anaconda default aes-xts-plain64 is not satisfactory. You must use this option together with the --encrypted option; by itself it has no effect. Available types of encryption are listed in the Red Hat Enterprise Linux Security Guide, but Red Hat strongly recommends using either aes-xts-plain64 or aes-cbc-essiv:sha256.
  • --passphrase= — Specifies the passphrase to use when encrypting this partition. You must use this option together with the --encrypted option; by itself it has no effect.
  • --escrowcert=URL_of_X.509_certificate — Store data encryption keys of all encrypted partitions as files in /root, encrypted using the X.509 certificate from the URL specified with URL_of_X.509_certificate. The keys are stored as a separate file for each encrypted partition. This option is only meaningful if --encrypted is specified.
  • --backuppassphrase= — Add a randomly-generated passphrase to each encrypted partition. Store these passphrases in separate files in /root, encrypted using the X.509 certificate specified with --escrowcert. This option is only meaningful if --escrowcert is specified.
  • --label= — assign a label to an individual partition.

Note

If partitioning fails for any reason, diagnostic messages appear on virtual console 3.
poweroff (optional)
Shut down and power off the system after the installation has successfully completed. Normally during a manual installation, anaconda displays a message and waits for the user to press a key before rebooting. During a kickstart installation, if no completion method is specified, the halt option is used as default.
The poweroff option is equivalent to the shutdown -p command.

Note

The poweroff option is highly dependent on the system hardware in use. Specifically, certain hardware components such as the BIOS, APM (advanced power management), and ACPI (advanced configuration and power interface) must be able to interact with the system kernel. Contact your manufacturer for more information on you system's APM/ACPI abilities.
For other completion methods, refer to the halt, reboot, and shutdown kickstart options.
raid (optional)
Assembles a software RAID device. This command is of the form: 
raid <mntpoint> --level=<level> --device=<mddevice> <partitions*>
  • <mntpoint> — Location where the RAID file system is mounted. If it is /, the RAID level must be 1 unless a boot partition (/boot) is present. If a boot partition is present, the /boot partition must be level 1 and the root (/) partition can be any of the available types. The <partitions*> (which denotes that multiple partitions can be listed) lists the RAID identifiers to add to the RAID array.

    Important

    If a RAID device has been prepared and has not been reformatted during installation, ensure that the RAID metadata version is 0.90 if you intend to put the /boot and PReP partitions on the RAID device.
    The default Red Hat Enterprise Linux 6 mdadm metadata version is not supported for the boot device.
  • --level= — RAID level to use (0, 1, or 5).
  • --device= — Name of the RAID device to use (such as md0 or md1). RAID devices range from md0 to md15, and each may only be used once.
  • --spares= — Specifies the number of spare drives allocated for the RAID array. Spare drives are used to rebuild the array in case of drive failure.
  • --fsprofile — Specifies a usage type to be passed to the program that makes a filesystem on this partition. A usage type defines a variety of tuning parameters to be used when making a filesystem. For this option to work, the filesystem must support the concept of usage types and there must be a configuration file that lists valid types. For ext2, ext3, and ext4, this configuration file is /etc/mke2fs.conf.
  • --fstype= — Sets the file system type for the RAID array. Valid values are xfs, ext2, ext3, ext4, swap, vfat, and hfs.
  • --fsoptions= — Specifies a free form string of options to be used when mounting the filesystem. This string will be copied into the /etc/fstab file of the installed system and should be enclosed in quotes.
  • --noformat — Use an existing RAID device and do not format the RAID array.
  • --useexisting — Use an existing RAID device and reformat it.
  • --encrypted — Specifies that this RAID device should be encrypted, using the passphrase provided in the --passphrase option. If you do not specify a passphrase, anaconda uses the default, system-wide passphrase set with the autopart --passphrase command, or stops the installation and prompts you to provide a passphrase if no default is set.
  • --cipher= — Specifies which type of encryption will be used if the anaconda default aes-xts-plain64 is not satisfactory. You must use this option together with the --encrypted option; by itself it has no effect. Available types of encryption are listed in the Red Hat Enterprise Linux Security Guide, but Red Hat strongly recommends using either aes-xts-plain64 or aes-cbc-essiv:sha256.
  • --passphrase= — Specifies the passphrase to use when encrypting this RAID device. You must use this option together with the --encrypted option; by itself it has no effect.
  • --escrowcert=URL_of_X.509_certificate — Store the data encryption key for this device in a file in /root, encrypted using the X.509 certificate from the URL specified with URL_of_X.509_certificate. This option is only meaningful if --encrypted is specified.
  • --backuppassphrase= — Add a randomly-generated passphrase to this device. Store the passphrase in a file in /root, encrypted using the X.509 certificate specified with --escrowcert. This option is only meaningful if --escrowcert is specified.
The following example shows how to create a RAID level 1 partition for /, and a RAID level 5 for /usr, assuming there are three SCSI disks on the system. It also creates three swap partitions, one on each drive. 
part raid.01 --size=60 --ondisk=sda
part raid.02 --size=60 --ondisk=sdb
part raid.03 --size=60 --ondisk=sdc
part swap --size=128 --ondisk=sda
part swap --size=128 --ondisk=sdb
part swap --size=128 --ondisk=sdc
part raid.11 --size=1 --grow --ondisk=sda
part raid.12 --size=1 --grow --ondisk=sdb
part raid.13 --size=1 --grow --ondisk=sdc
raid / --level=1 --device=md0 raid.01 raid.02 raid.03
raid /usr --level=5 --device=md1 raid.11 raid.12 raid.13
For a detailed example of raid in action, refer to Section 32.4.1, “Advanced Partitioning Example”.
reboot (optional)
Reboot after the installation is successfully completed (no arguments). Normally, kickstart displays a message and waits for the user to press a key before rebooting.
The reboot option is equivalent to the shutdown -r command.
Specify reboot to automate installation fully when installing in cmdline mode on System z.
For other completion methods, refer to the halt, poweroff, and shutdown kickstart options.
The halt option is the default completion method if no other methods are explicitly specified in the kickstart file.

Note

Use of the reboot option may result in an endless installation loop, depending on the installation media and method.
repo (optional)
Configures additional yum repositories that may be used as sources for package installation. Multiple repo lines may be specified. 
repo --name=<repoid> [--baseurl=<url>| --mirrorlist=<url>]
  • --name= — The repo id. This option is required.
  • --baseurl= — The URL for the repository. The variables that may be used in yum repo config files are not supported here. You may use one of either this option or --mirrorlist, not both.
  • --mirrorlist= — The URL pointing at a list of mirrors for the repository. The variables that may be used in yum repo config files are not supported here. You may use one of either this option or --baseurl, not both.

Important

Repositories used for installation must be stable. The installation may fail if a repository is modified before the installation concludes.
rootpw (required)
Sets the system's root password to the <password> argument. 
rootpw [--iscrypted] <password>
  • --iscrypted — If this is present, the password argument is assumed to already be encrypted. To create an encrypted password, use the following command: 
    python -c 'import crypt; print(crypt.crypt("My Password"))'
    This will create a sha512 crypt of your password.
selinux (optional)
Sets the state of SELinux on the installed system. SELinux defaults to enforcing in anaconda. 
selinux [--disabled|--enforcing|--permissive]
  • --enforcing — Enables SELinux with the default targeted policy being enforced.

    Note

    If the selinux option is not present in the kickstart file, SELinux is enabled and set to --enforcing by default.
  • --permissive — Outputs warnings based on the SELinux policy, but does not actually enforce the policy.
  • --disabled — Disables SELinux completely on the system.
For more information regarding SELinux for Red Hat Enterprise Linux, refer to the Red Hat Enterprise Linux 6.9 Deployment Guide.
services (optional)
Modifies the default set of services that will run under the default runlevel. The list of disabled services is processed before the list of enabled services. Therefore, if a service appears on both lists, it is enabled.
  • --disabled — Disable the services given in the comma separated list.
  • --enabled — Enable the services given in the comma separated list.

Important

Do not include spaces in the list of services. If you do, kickstart will enable or disable only the services up to the first space. For example:
services --disabled auditd, cups,smartd, nfslock
will disable only the auditd service. To disable all four services, this entry should include no spaces between services:
services --disabled auditd,cups,smartd,nfslock
shutdown (optional)
Shut down the system after the installation has successfully completed. During a kickstart installation, if no completion method is specified, the halt option is used as default.
The shutdown option is equivalent to the shutdown command.
For other completion methods, refer to the halt, poweroff, and reboot kickstart options.
skipx (optional)
If present, X is not configured on the installed system.

Important

If you install a display manager among your package selection options, this package will create an X configuration, and the installed system will default to run level 5. The effect of the skipx option will be overridden.
sshpw (optional)
During installation, you can interact with anaconda and monitor its progress over an SSH connection. Use the sshpw command to create temporary accounts through which to log on. Each instance of the command creates a separate account that exists only in the installation environment. These accounts are not transferred to the installed system. 
sshpw --username=<name> <password> [--iscrypted|--plaintext] [--lock]
  • --username — Provides the name of the user. This option is required.
  • --iscrypted — Specifies that the password is already encrypted.
  • --plaintext — Specifies that the password is in plain text and not encrypted.
  • --lock — If this is present, the new user account is locked by default. That is, the user will not be able to login from the console.

Important

By default, the ssh server is not started during installation. To make ssh available during installation, boot the system with the kernel boot option sshd=1. Refer to Section 28.2.3, “Enabling Remote Access with ssh” for details of how to specify this kernel option at boot time.

Note

If you want to disable root ssh access to your hardware during installation, run: 
sshpw --username=root --lock
text (optional)
Perform the kickstart installation in text mode. Kickstart installations are performed in graphical mode by default.

Important

If you select text mode for a kickstart installation, make sure that you specify choices for the partitioning, bootloader, and package selection options. These steps are automated in text mode, and anaconda cannot prompt you for missing information. If you do not provide choices for these options, anaconda will stop the installation process.
timezone (required)
Sets the system time zone to <timezone> which may be any of the time zones listed in the /usr/share/zoneinfo directory. 
timezone [--utc] <timezone>
  • --utc — If present, the system assumes the hardware clock is set to UTC (Greenwich Mean) time.
unsupported_hardware (optional)
Tells the installer to suppress the Unsupported Hardware Detected alert. If this command is not included and unsupported hardware is detected, the installation will stall at this alert.
upgrade (optional)
Tells the system to upgrade an existing system rather than install a fresh system. You must specify one of cdrom, harddrive, nfs, or url (for FTP, HTTP, and HTTPS) as the location of the installation tree. Refer to install for details.
user (optional)
Creates a new user on the system. 
user --name=<username> [--groups=<list>] [--homedir=<homedir>] [--password=<password>] [--iscrypted] [--shell=<shell>] [--uid=<uid>]
  • --name= — Provides the name of the user. This option is required.
  • --groups= — In addition to the default group, a comma separated list of group names the user should belong to. The groups must exist before the user account is created.
  • --homedir= — The home directory for the user. If not provided, this defaults to /home/<username>.
  • --password= — The new user's password. If not provided, the account will be locked by default.
  • --iscrypted= — Is the password provided by --password already encrypted or not?
  • --shell= — The user's login shell. If not provided, this defaults to the system default.
  • --uid= — The user's UID. If not provided, this defaults to the next available non-system UID.
vnc (optional)
Allows the graphical installation to be viewed remotely via VNC. This method is usually preferred over text mode, as there are some size and language limitations in text installs. With no options, this command will start a VNC server on the machine with no password and will print out the command that needs to be run to connect a remote machine. 
vnc [--host=<hostname>] [--port=<port>] [--password=<password>]
  • --host= — Instead of starting a VNC server on the install machine, connect to the VNC viewer process listening on the given hostname.
  • --port= — Provide a port that the remote VNC viewer process is listening on. If not provided, anaconda will use the VNC default.
  • --password= — Set a password which must be provided to connect to the VNC session. This is optional, but recommended.
volgroup (optional)
Use to create a Logical Volume Management (LVM) group with the syntax: 
volgroup <name> <partition> [options]

Important

Do not use the dash ("-") character in logical volume or volume group names when installing Red Hat Enterprise Linux using Kickstart. If you do, the installation will finish normally, but the character will be removed from all newly created volume and volume group names. For example, if you create a volume group named volgrp-01, its name will be changed to volgrp01.
This limitation only applies to new installations. If you are upgrading or reinstalling an existing installation and use the --noformat option described below, dashes used in volume and volume group names will be preserved.
Create the partition first, create the logical volume group, and then create the logical volume. For example: 
part pv.01 --size 3000
volgroup myvg pv.01
logvol / --vgname=myvg --size=2000 --name=rootvol
For a detailed example of volgroup in action, refer to Section 32.4.1, “Advanced Partitioning Example”.
The options are as follows:
  • --noformat — Use an existing volume group and do not format it.
  • --useexisting - Use an existing volume group and reformat it. If you use this option, do not specify a partition. For example: 
    volgroup rhel00 --useexisting --noformat
  • --pesize= — Set the size of the physical extents. The default size for Kickstart installations is 4 MiB.
  • --reserved-space= — Specify an amount of space to leave unused in a volume group, in megabytes. Only usable when creating a new volume group.
  • --reserved-percent= — Specify a percentage of total volume group space to leave unused. Only usable when creating a new volume group.

Note

The --reserved-space= and --reserved-percent= options allow you to leave a part of the total volume group space unused by any volumes. This allows you to reserve space for LVM snapshots, even if the logvol --grow command is used during partitioning.
winbind (optional)
Configures the system to connect to a Windows Active Directory or a Windows domain controller. User information from the specified directory or domain controller can then be accessed and server authentication options can be configured.
  • --enablewinbind — Enable winbind for user account configuration.
  • --disablewinbind — Disable winbind for user account configuration.
  • --enablewinbindauth — Enable windbindauth for authentication.
  • --disablewinbindauth — Disable windbindauth for authentication.
  • --enablewinbindoffline — Configures winbind to allow offline login.
  • --disablewinbindoffline — Configures winbind to prevent offline login.
  • --enablewinbindusedefaultdomain — Configures winbind to assume that users with no domain in their usernames are domain users.
  • --disablewinbindusedefaultdomain — Configures winbind to assume that users with no domain in their usernames are not domain users.
xconfig (optional)
Configures the X Window System. If you install the X Window System with a kickstart file that does not include the xconfig command, you must provide the X configuration manually during installation.
Do not use this command in a kickstart file that does not install the X Window System.
  • --driver — Specify the X driver to use for the video hardware.
  • --videoram= — Specifies the amount of video RAM the video card has.
  • --defaultdesktop= — Specify either GNOME or KDE to set the default desktop (assumes that GNOME Desktop Environment and/or KDE Desktop Environment has been installed through %packages).
  • --startxonboot — Use a graphical login on the installed system.
zerombr (optional)
If zerombr is specified any invalid partition tables found on disks are initialized. This destroys all of the contents of disks with invalid partition tables. This command is required when performing an unattended installation on a system with previously initialized disks.
Specific to System z: If zerombr is specified, any DASD visible to the installer which is not already low-level formatted gets automatically low-level formatted with dasdfmt. The command also prevents user choice during interactive installations. If zerombr is not specified and there is at least one unformatted DASD visible to the installer, a non-interactive kickstart installation will exit unsuccessfully. If zerombr is not specified and there is at least one unformatted DASD visible to the installer, an interactive installation exits if the user does not agree to format all visible and unformatted DASDs. To circumvent this, only activate those DASDs that you will use during installation. You can always add more DASDs after installation is complete.

Note

That this command was previously specified as zerombr yes. This form is now deprecated; you should now simply specify zerombr in your kickstart file instead.
zfcp (optional)
Define a Fiber channel device (IBM System z).
zfcp [--devnum=<devnum>] [--wwpn=<wwpn>] [--fcplun=<fcplun>]
%include (optional)
Use the %include /path/to/file command to include the contents of another file in the kickstart file as though the contents were at the location of the %include command in the kickstart file.

32.4.1. Advanced Partitioning Example

The following is a single, integrated example showing the clearpart, raid, part, volgroup, and logvol kickstart options in action: 
clearpart --drives=hda,hdc
zerombr
# Raid 1 IDE config
part raid.11    --size 1000     --asprimary     --ondrive=hda
part raid.12    --size 1000     --asprimary     --ondrive=hda
part raid.13    --size 2000     --asprimary     --ondrive=hda
part raid.14    --size 8000                     --ondrive=hda
part raid.15    --size 16384 --grow             --ondrive=hda
part raid.21    --size 1000     --asprimary     --ondrive=hdc
part raid.22    --size 1000     --asprimary     --ondrive=hdc
part raid.23    --size 2000     --asprimary     --ondrive=hdc
part raid.24    --size 8000                     --ondrive=hdc
part raid.25    --size 16384 --grow             --ondrive=hdc

# You can add --spares=x
raid /          --fstype ext3 --device md0 --level=RAID1 raid.11 raid.21
raid /safe      --fstype ext3 --device md1 --level=RAID1 raid.12 raid.22
raid swap       --fstype swap --device md2 --level=RAID1 raid.13 raid.23
raid /usr       --fstype ext3 --device md3 --level=RAID1 raid.14 raid.24
raid pv.01      --fstype ext3 --device md4 --level=RAID1 raid.15 raid.25

# LVM configuration so that we can resize /var and /usr/local later
volgroup sysvg pv.01
logvol /var             --vgname=sysvg  --size=8000     --name=var
logvol /var/freespace   --vgname=sysvg  --size=8000     --name=freespacetouse
logvol /usr/local       --vgname=sysvg  --size=1 --grow --name=usrlocal
This advanced example implements LVM over RAID, as well as the ability to resize various directories for future growth.