NCentral Passwords Hashes

install
lang en_US
keyboard --vckeymap=us
rootpw --iscrypted $6$YRAXZQzRZiNOAKTA$QR5GS7fZtCSu12tm4INLfZMGzUDCE90..P3MNiQgi7SU4cmamjh3f7qJY7WFYLfBWJ9BK5m4gtntZWSWsE0h31
sshpw --username=root --iscrypted $6$YRAXZQzRZiNOAKTA$QR5GS7fZtCSu12tm4INLfZMGzUDCE90..P3MNiQgi7SU4cmamjh3f7qJY7WFYLfBWJ9BK5m4gtntZWSWsE0h31
sshpw --username=admin --iscrypted $6$485Sl9PbOA0A0mdc$spYYSMQlkSH93gtbtjWmePYKAtMQ0dmvl4fIZywDNtkGfkPyJucwIEH7JrFStVkl/GBS5sPC/J.1TEFd45Msz.
sshpw --username=install --iscrypted $6$485Sl9PbOA0A0mdc$spYYSMQlkSH93gtbtjWmePYKAtMQ0dmvl4fIZywDNtkGfkPyJucwIEH7JrFStVkl/GBS5sPC/J.1TEFd45Msz.
firewall --disabled
auth --useshadow --passalgo=sha512
skipx
selinux --disabled
user --name=admin --password=$6$485Sl9PbOA0A0mdc$spYYSMQlkSH93gtbtjWmePYKAtMQ0dmvl4fIZywDNtkGfkPyJucwIEH7JrFStVkl/GBS5sPC/J.1TEFd45Msz. --iscrypted --uid=500 --gid=500
user --name=config --password=$6$FYIe22HWzKaqeMMk$UA/A7uSPbu6m9py6..zvLjxqJ1/fMxLAOMKLmJfifvi7UdGd9USKddIb3sqrUhVjYnbMeTqntOm6oajIjOmGt1 --iscrypted --uid=501 --gid=501
user --name=saveme --password=$6$ob7aul1FbRkm59MO$jent.miffmXL/hQPCiQMrZ/Pxn5ffJuTXfKbajj8wLKGT1bFaTkU3eMIBXoDcaEWxQueQPaS2AIVfBNg0UiTo1 --iscrypted --uid=502 --gid=502
user --name=nable --shell=/sbin/nologin --uid=503 --gid=503 --lock
reboot --eject

bootloader --location=mbr --append="modprobe.blacklist=floppy consoleblank=0" --iscrypted --password=grub.pbkdf2.sha512.10000.90A45AF1862AD593958F332D0883997726D8C63B379954F8B41E953FFE2E17D120E8F83577AA9477554F9DDF8D4F2D6D2F45AABC15F77282B80E625C6FD25382.CCD29256C7E19CDB60FF052107643EB7DC93E447F16F7EE5E7EF6FA426F3A3211F14356497399F28E2313F13182D3232C8A95D78FA7E5432136ED8A3AFFB6BA0
%include /tmp/timezone
%include /tmp/network
%include /tmp/partinfo

%pre --interpreter=/usr/bin/python --erroronfail --log=/tmp/kspre.log
"""Configure Kickstart parameters that vary on disk size and devmode install."""
import math
import os
import stat
import subprocess
import sys
import parted
import multiprocessing

def check_device(device):
    """Check for valid Device types for disk storage."""
    if stat.S_ISBLK(os.stat(device.path).st_mode):
        # exclude device mapper devices
        if device.type == parted.DEVICE_DM:
            return False
        # Include common and AWS disks.
        elif device.path in ('/dev/hda', '/dev/sda', '/dev/xvda', '/dev/nvme0n1', '/dev/vda'):
            return True
        # the remaining block devices should be fine
        return False
    # ignore everything that is not a block device
    return False

CPU_COUNT = multiprocessing.cpu_count()
TOT_MEM = (os.sysconf('SC_PAGE_SIZE') * os.sysconf('SC_PHYS_PAGES')/(1024.**3))
DEVICES = filter(check_device, parted.getAllDevices())
DEV_LEN = len(DEVICES)

if DEV_LEN == 0:
    ## Hyper-V may have hidden itself as a USB drive
    DEVICES = [DEV for DEV in parted.getAllDevices() if DEV.readOnly is False and DEV.model == "Msft Virtual Disk"] # pylint: disable=line-too-long

if DEV_LEN != 1:
    print("Detected %i hard drive types, SolarWinds N-central can only be installed on systems with one hard drive type (SAS/SATA/SCSI, NVMe, IDE, Virtual Disk, etc.)." % DEV_LEN) # pylint: disable=line-too-long
    ERR_CMD = "/usr/bin/openvt -f -c 7 -w -s -- " \
            + "/bin/bash -c \"/usr/bin/dialog --create-rc $HOME/.dialogrc && " \
            + "sed -i \'s/^screen_color.*$/screen_color = (WHITE,RED,ON)/g\' $HOME/.dialogrc && " \
            + "chvt 7 && " \
            + "/usr/bin/dialog --msgbox \'Detected " \
            + str(DEV_LEN) \
            + " hard drives,\\n\\nN-central can only be installed on systems with one hard drive.\' 10 50 >/dev/tty7 && " \
            + "sed -i \'s/^screen_color.*$/screen_color = (WHITE,YELLOW,ON)/g\' $HOME/.dialogrc && " \
            + "/usr/bin/dialog --pause \'Rebooting in 60 seconds.\' 10 50 60 >/dev/tty7 && " \
            + "chvt 1\""
    subprocess.call(str(ERR_CMD), shell=True)
    print("Rebooting")
    os.system('reboot')
    sys.exit(1)
else:
    DEV = DEVICES[0]

DEV_NAME = DEVICES[0].path.split("/", 2)[-1]
DISK_GB = (DEV.getSize()/(1024))
SIZE_MB = DEV.getSize() - 10
SIZE_MB_I = int(math.floor(SIZE_MB))
BACKUP_SIZE = int(math.floor(float(SIZE_MB * .15)))

if int(math.floor(float(SIZE_MB * .05))) < 1024:
    LOG_SIZE = 1024
elif int(math.floor(float(SIZE_MB * .05))) > 5192:
    LOG_SIZE = 5192
else:
    LOG_SIZE = int(math.floor(float(SIZE_MB * .05)))

print("/var/log size is %i " % LOG_SIZE)
print("/backup size is %i " % BACKUP_SIZE)
ROOT_SIZE = (SIZE_MB_I - BACKUP_SIZE - LOG_SIZE - 1034 - 2048 - 200) # Extra 200MB is for the EFI partition.
print("/ size is %i " % ROOT_SIZE)
PTEXT = """zerombr
clearpart --all --initlabel
part /boot/efi --fstype=efi --size=200 --ondisk=%s --fsoptions=umask=0077,shortname=winnt
part /boot --fstype=xfs --size=1034 --ondisk=%s
part pv.01 --size=1 --grow --ondisk=%s
volgroup VolGroup pv.01
logvol /backup --vgname=VolGroup --fstype=xfs --size=%i --name=lv_backup
logvol /var/log --vgname=VolGroup --fstype=xfs --size=%i --name=lv_log
logvol swap --vgname=VolGroup --fstype=swap --size=2048 --name=lv_swap
logvol / --vgname=VolGroup --fstype=xfs --size=%i --name=lv_root --grow
""" % (DEV_NAME, DEV_NAME, DEV_NAME, BACKUP_SIZE, LOG_SIZE, ROOT_SIZE)
print(PTEXT)
PART_INFO = open("/tmp/partinfo", 'w')
PART_INFO.write(PTEXT)
PART_INFO.close()

CMDLINE = open("/proc/cmdline").read().split()
if 'devmode' in CMDLINE:
    F = open("/tmp/network", 'w')
    F.write("network --device=eth0 --bootproto=dhcp --ipv6=auto\n")
    F.close()
    F = open("/tmp/timezone", 'w')
    F.write("timezone America/New_York --isUtc\n")
    F.close()
else:
    if DISK_GB < 75:
        print("Detected %i GB hard drive, N-central can only be installed on systems with at least a 75 GB hard drive." % DISK_GB) # pylint: disable=line-too-long
        ERR_CMD = "/usr/bin/openvt -f -c 7 -w -s -- " \
                + "/bin/bash -c \"/usr/bin/dialog --create-rc $HOME/.dialogrc && " \
                + "sed -i \'s/^screen_color.*$/screen_color = (WHITE,RED,ON)/g\' $HOME/.dialogrc && " \
                + "chvt 7 && " \
                + "/usr/bin/dialog --msgbox \'Detected " \
                + str(DISK_GB) \
                + " GB hard drive,\\n\\nN-central can only be installed on systems with at least a 75 GB hard drive.\' 10 50 >/dev/tty7 && " \
                + "sed -i \'s/^screen_color.*$/screen_color = (WHITE,YELLOW,ON)/g\' $HOME/.dialogrc && " \
                + "/usr/bin/dialog --pause \'Rebooting in 60 seconds.\' 10 50 60 >/dev/tty7 && " \
                + "chvt 1\""
        subprocess.call(str(ERR_CMD), shell=True)
        print("Rebooting")
        os.system('reboot')
        sys.exit(1)
    else:
        print("Minimum Disk space requirements met.")

    if CPU_COUNT < 2:
        print("Detected %i CPU cores, N-central can only be installed on systems with at least 2 CPU cores." % CPU_COUNT)
        ERR_CMD = "/usr/bin/openvt -f -c 7 -w -s -- " \
                + "/bin/bash -c \"/usr/bin/dialog --create-rc $HOME/.dialogrc && " \
                + "sed -i \'s/^screen_color.*$/screen_color = (WHITE,RED,ON)/g\' $HOME/.dialogrc && " \
                + "chvt 7 && " \
                + "/usr/bin/dialog --msgbox \'Detected " \
                + str(CPU_COUNT) \
                + " CPU cores,\\n\\nN-central can only be installed on systems with at least 2 CPU cores.\' 10 50 >/dev/tty7 && " \
                + "sed -i \'s/^screen_color.*$/screen_color = (WHITE,YELLOW,ON)/g\' $HOME/.dialogrc && " \
                + "/usr/bin/dialog --pause \'Rebooting in 60 seconds.\' 10 50 60 >/dev/tty7 && " \
                + "chvt 1\""
        subprocess.call(str(ERR_CMD), shell=True)
        print("Rebooting")
        os.system('reboot')
        sys.exit(1)
    else:
        print("Minimum CPU requirements met.")

    if TOT_MEM < 3.6:
        print("Detected %.2f GB Total RAM, N-central can only be installed on systems with at least 4 GB total RAM." % TOT_MEM)
        ERR_CMD = "/usr/bin/openvt -f -c 7 -w -s -- " \
                + "/bin/bash -c \"/usr/bin/dialog --create-rc $HOME/.dialogrc && " \
                + "sed -i \'s/^screen_color.*$/screen_color = (WHITE,RED,ON)/g\' $HOME/.dialogrc && " \
                + "chvt 7 && " \
                + "/usr/bin/dialog --msgbox \'Detected " \
                + "{:.2f}".format(TOT_MEM) \
                + " GB Total RAM,\\n\\nN-central can only be installed on systems with at least 4 GB total RAM.\' 10 50 >/dev/tty7 && " \
                + "sed -i \'s/^screen_color.*$/screen_color = (WHITE,YELLOW,ON)/g\' $HOME/.dialogrc && " \
                + "/usr/bin/dialog --pause \'Rebooting in 60 seconds.\' 10 50 60 >/dev/tty7 && " \
                + "chvt 1\""
        subprocess.call(str(ERR_CMD), shell=True)
        print("Rebooting")
        os.system('reboot')
        sys.exit(1)
    else:
        print("Minimum RAM requirements met.")

    subprocess.check_output("/usr/bin/openvt -f -c 7 -w -s -- bash /run/install/repo/configure.sh", shell=True) # pylint: disable=line-too-long

%end

%packages --ignoremissing
@Core
%end

%post --interpreter=/usr/bin/bash --log=/tmp/kspost.log
set -x

touch /tmp/initial_install

# For QA Installs from .iso
if grep -q devmode /proc/cmdline; then
    mkdir /home/admin/.ssh
    cat <<EODM >>/home/admin/.ssh/authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2fXUvNunHyGbs1R1oGGuWEWsT3mCocraoDc2jp2dn8+AAz+LNyN5sjo2bdTzQS5tJMbvScCWV+AcFxa7TX+T8Mn6H31nHhfMHQPR87yuX60H3F1Bqd4dDDkYXlPwfP1gWX+CMLHlKf6EiaNcp5DkUngupamUX8Docj3IFFGCy9U/sfYL75vH1hw2FapO1/9nJvUhON/vxPBwTNQIzLmPccfe9YoiSUKTwjEi1nTGwzYNfoWilXw66sAqQ5TbtbzheoMRd4bzAaZSS/xSV7rF+ZLZ3K4RjcNxcVSljn0sq+Y3TM+4pss7WATWPcU+VSWHLP/n/gJEdcsI0yyLkPRPt MSPEngTeam@solarwinds.com
EODM
    chown -R admin:admin /home/admin/.ssh
    chmod 600 /home/admin/.ssh/authorized_keys
    chmod 700 /home/admin/.ssh
    echo "admin	ALL = (ALL) NOPASSWD: ALL" >/etc/sudoers.d/QA-Internal
    chown root:root /etc/sudoers.d/QA-Internal
    chmod 0644 /etc/sudoers.d/QA-Internal
    while IFS= read -r line; do
        for param in $line; do
            if [[ "$param" =~ ^email=.* ]]; then
                echo "${param//email=/}" >/var/tmp/email_internal
            fi
        done
    done < <(cat /proc/cmdline)
    touch /var/tmp/internal
    sed -i s/^DS$/DSsmtp.swdev.local/ /etc/mail/sendmail.cf
    touch /tmp/jetty_debug
    HP_TOTAL=0
fi

# Add config to load the connection tracking module.
echo "ip_conntrack" >/etc/modules-load.d/n-central.conf

# Link OpenJDK to expected location for Oracle Java.
if [[ ! -d /usr/java ]]; then
    mkdir /usr/java
fi
ln -s /etc/alternatives/java_sdk /usr/java/current

### Initialize the postgresql database and log to /var/log/postgres.log
ln -sf /usr/lib/systemd/system/postgresql-10.service /usr/lib/systemd/system/postgresql.service
ln -sf /usr/lib/systemd/system/postgresql-10.service /usr/lib/systemd/system/postgresql-current.service
ln -sf /usr/pgsql-10 /usr/pgsql-current
ln -sf /var/lib/pgsql/10 /var/lib/pgsql/current

cat <<EOSyslog >/etc/rsyslog.d/postgresql.conf
local2.*                                                -/var/log/postgres.log
EOSyslog

# Add pg logging to logrotate
if ! grep -q postgres.log /etc/logrotate.d/syslog; then
    sed -i -e '1s!^!/var/log/postgres.log\n!' /etc/logrotate.d/syslog
fi
sed -i -e 's/\(*.info;mail.none;authpriv.none;cron.none\)/\1;local2.none/' /etc/rsyslog.conf

# Configure NTP
{
    echo "0.pool.ntp.org"
    echo "1.pool.ntp.org"
    echo "2.pool.ntp.org"
} >>/etc/ntp/step-tickers

cat >>/etc/N-OS-version <<ENDOFPART
SVNREV
ENDOFPART

printf "N-centralOS Linux 7 (Core)\\nPlease go to:\\nhttps://%s/ to configure N-central\\n" "$(ip addr show eth0 | grep "inet " | awk '{print $2}' | sed -e 's/\/.*$//g')" >/etc/issue

cat >/etc/dhcp/dhclient-exit-hooks.d/N-central.sh <<'EODHC'
#!/usr/bin/env bash

printf "N-centralOS Linux 7 (Core)\\nPlease go to:\\nhttps://%s/ to configure N-central\\n" "$(ip addr show eth0 | grep "inet " | awk '{print $2}' | sed -e 's/\/.*$//g')" >/etc/issue

EODHC

chmod 755 /etc/dhcp/dhclient-exit-hooks.d/N-central.sh

# Network Manager doesn't play nice with DHCP exit hooks.
cat >>/etc/NetworkManager/dispatcher.d/11-dhclient <<'EONM'
#!/usr/bin/env bash

if [ "$2" = "up" ]; then
    /bin/bash /etc/dhcp/dhclient-exit-hooks.d/N-central.sh
elif [ "$2" = "dhcp4-change" ]; then
    /bin/bash /etc/dhcp/dhclient-exit-hooks.d/N-central.sh
fi

EONM

touch /tmp/started

mkdir -p /opt/nable/etc/logrotate.d/
mkdir -p /opt/nable/etc/rc.d/init.d/

cat >>/etc/sysconfig/init <<'EOIN'
JAVA_HOME=/usr/java/current
PATH="$PATH":"$JAVA_HOME"bin:"$JAVA_HOME"lib:/opt/nable/sbin:/opt/nable/usr/sbin
EOIN

rm -rf /var/log/btmp

cat >/etc/profile.d/nable.sh <<'EONS'
#!/usr/bin/env bash

JAVA_HOME=/usr/java/current/
export JAVA_HOME
PATH="$PATH":"$JAVA_HOME"bin:"$JAVA_HOME"lib:/opt/nable/sbin:/opt/nable/usr/sbin:/usr/pgsql-current/bin
export PATH
JAVA_OPTS="-Xmx512m -Xms512m -Djava.awt.headless=true"
export JAVA_OPTS
if [ -e /opt/nable/etc/n-central-release ]; then
    PS1="[\\u@\\h $(cut -d"-" -f1 </opt/nable/etc/n-central-release) \\W]\\$ "
    export PS1
fi
if [ -e /opt/nable/etc/last-upgrade-failed ]; then
    echo '*** ERROR: The last N-central Install or Upgrade FAILED. ***'
fi
export HISTTIMEFORMAT="%y/%m/%d %T "
shopt -s histappend

EONS

sed -rie 's/com2sec\s+notConfigUser\s+default\s+public/com2sec notConfigUser default     N-central_SNMP/g' /etc/snmp/snmpd.conf

mkdir -p /var/log/n-central/install/

# Bug in CentOS 7 where base install tries to install kernel-firmware before coreutils is installed. Simply reinstall it here.
## Not as easy as just pulling the file, we are in a chroot. We need to mount the cd first.
mount /dev/cdrom /mnt
rpm -ivh --force /mnt/Packages/linux-firmware-*.rpm  2>/dev/null
umount /mnt

# Disable the "piix4_smbus 0000:00:07.3: SMBus base address uninitialized - upgrade BIOS or use force_addr=0xaddr" error on VMs.
if [[ $(virt-what | wc -l) -gt 0 ]]; then
    echo "blacklist i2c_piix4" >/etc/modprobe.d/blacklist-smbus.conf
fi

# Fix an issue with Dracut on Hyper-V Gen2 UEFI VMs. CentOS bug 0014409.
cat <<EODRACUT >>/lib/dracut/dracut.conf.d/55-n-central-uefi.conf
# Missing dracut module needed for Hyper-V Gen2 devices.

add_dracutmodules+=" uefi-lib "
EODRACUT

kVer="$(rpm -q --qf "%{VERSION}-%{RELEASE}.%{ARCH}\\n" kernel)"
for kv in $kVer; do
    depmod "$kv" &>/dev/null || :
    dracut --force --kver "$kv" &>/dev/null || :
done

# Bootloder installs after grub2 theme and packages. Rebuild the custom config here.
if [ -e /etc/default/grub ]; then
    sed -i 's/GRUB_TERMINAL_OUTPUT="console"/GRUB_TERMINAL_OUTPUT="gfxterm"/g' /etc/default/grub
    if [ "$(grep -c -e 'GRUB_THEME=' /etc/default/grub)" -ne 0 ]; then
        sed -i 's/^GRUB_THEME=.*/GRUB_THEME="\/boot\/efi\/EFI\/centos\/themes\/ncentral\/theme.txt"/g' /etc/default/grub
    else
        echo "GRUB_THEME=\"/boot/efi/EFI/centos/themes/ncentral/theme.txt\"" >>/etc/default/grub
    fi
else
    echo "GRUB_TERMINAL_OUTPUT=\"gfxterm\"" >/etc/default/grub
    echo "GRUB_THEME=\"/boot/efi/EFI/centos/themes/ncentral/theme.txt\"" >>/etc/default/grub
fi
grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
set +x

%end

%post --nochroot --interpreter=/usr/bin/bash --log=/mnt/sysimage/tmp/kspost-nochroot.log
set -x

# Move the platform specific packages to the backup partition.
mkdir $ANA_INSTALL_PATH/root/Platform
cp -f /run/install/repo/Platform/*.rpm $ANA_INSTALL_PATH/root/Platform/

# Move the CentOS 7 Signing keys over.
cp -f /run/install/repo/RPM-GPG-KEY-* $ANA_INSTALL_PATH/root/Platform/
cp -f /run/install/repo/Platform/RPM-GPG-KEY-* $ANA_INSTALL_PATH/root/Platform/

# Move the platform specific repo configs over.
cp -f /run/install/repo/Platform/*.repo $ANA_INSTALL_PATH/root/Platform/

# Move our custom dialogrc to the new system.
cp /etc/dialogrc $ANA_INSTALL_PATH/etc/dialogrc

# From anaconda 99-copy-logs.ks
NOSAVE_INPUT_KS_FILE=/tmp/NOSAVE_INPUT_KS
NOSAVE_LOGS_FILE=/tmp/NOSAVE_LOGS
PRE_ANA_LOGS=/tmp/pre-anaconda-logs

if [ -e ${NOSAVE_LOGS_FILE} ]; then
    rm -f ${NOSAVE_LOGS_FILE}
else
    mkdir -p $ANA_INSTALL_PATH/var/log/anaconda
    for log in anaconda.log kspre.log kspost.log network syslog X.log partinfo program.log packaging.log storage.log timezone ifcfg.log lvm.log yum.log; do
        [ -e /tmp/$log ] && cp /tmp/$log $ANA_INSTALL_PATH/var/log/anaconda/
    done
    for log in anaconda.log kspre.log kspost.log network syslog X.log partinfo program.log packaging.log storage.log timezone ifcfg.log lvm.log yum.log; do
        [ -e $ANA_INSTALL_PATH/tmp/$log ] && mv $ANA_INSTALL_PATH/tmp/$log $ANA_INSTALL_PATH/var/log/anaconda/
    done
    [ -e /tmp/pre-anaconda-logs ] && mkdir -p $ANA_INSTALL_PATH/var/log/anaconda/pre && mv $PRE_ANA_LOGS/* $ANA_INSTALL_PATH/var/log/anaconda/pre
    cp /tmp/ks-script* $ANA_INSTALL_PATH/var/log/anaconda/
    mv $ANA_INSTALL_PATH/tmp/ks-script* $ANA_INSTALL_PATH/var/log/anaconda/
    journalctl -b >$ANA_INSTALL_PATH/var/log/anaconda/journal.log
    chmod -R 0600 $ANA_INSTALL_PATH/var/log/anaconda/*

    # Copy over any rhsm logs
    if [ -d /var/log/rhsm ] && [ "$(find /var/log/anaconda/rhsm/ -type f 2>/dev/null | wc -l)" -gt 0 ]; then
        mkdir -p $ANA_INSTALL_PATH/var/log/anaconda/rhsm
        cp /var/log/rhsm/* $ANA_INSTALL_PATH/var/log/anaconda/rhsm/ &>/dev/null || :
    fi
fi

if [ -e ${NOSAVE_INPUT_KS_FILE} ]; then
    rm -f ${NOSAVE_INPUT_KS_FILE}
else
    [ -e /run/install/ks.cfg ] && cp /run/install/ks.cfg $ANA_INSTALL_PATH/var/log/anaconda/original-ks.cfg
fi

"${ANA_INSTALL_PATH}"/bin/eject --force &>/dev/null || :
set +x

%end

%addon com_redhat_kdump --disable --reserve-mb='auto'

%end