Bug 1285519

Summary: RFE: provide a way to prevent creating artifacts with internal pathnames, e.g. anaconda-ks.cfg
Product: Red Hat Enterprise Linux 7 Reporter: Mike Burns <mburns>
Component: anacondaAssignee: Martin Kolman <mkolman>
Status: CLOSED ERRATA QA Contact: Release Test Team <release-test-team-automation>
Severity: unspecified Docs Contact:
Priority: medium    
Version: 7.3CC: fdeutsch, jikortus, jstodola, jwalter, mbanas, mburns, mkolman, salmy, sbueno
Target Milestone: rcKeywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: anaconda-21.48.22.81-1 Doc Type: Enhancement
Doc Text:
Feature: Make it possible to prevent installation logs and input/output kickstart from being stored on the installed system (this includes image installation). Reason: In some cases (and especially during image installations) it make sense to not save installation logs and kickstarts to the installed system - mostly due to internal URLs and possibly other sensitive information they might contain. Unfortunately the kickstart %post scripts run *before* the logs and kickstarts are copied to the system, so some other way of getting rid of them was needed. Result: The inst.nosave boot & --nosave command line option has been added, which makes it possible to prevent logs & kickstarts from reached the installed system. The nosave option takes the following keywords: input_ks - Disables saving of the input kickstart (if any). output_ks - Disables saving of the output kickstart generated by Anaconda. all_ks -Disables saving of both input and output kickstarts. logs - Disables saving of all installation logs. all - Disables saving of all kickstarts and all logs. At least one keyword is expected and multiple keywords can be provided, delimited by a ",", for example: input_ks,logs
 Story Points: ---
Clone Of:
: 1340477 (view as bug list) Environment:
Last Closed: 2016-11-03 23:19:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1284582, 1295926, 1313485, 1340477, 1340490    

Description Mike Burns 2015-11-25 20:03:28 UTC 
Description of problem:
It would be useful to have a flag or option that prevents creating the anaconda-ks.cfg file under /root.  There is currently no way to avoid this file since the file is written after %post.

The use case that I'm trying to solve is delivering image builds that are initially generated from kickstarts.  These image builds all contain the anaconda-ks.cfg file today because we can't remove it without post-processing using something like guestfish or virt-customize.  This results in internal build locations and other internal information being included in the images.
Comment 1 Jan Stodola 2015-11-26 10:17:13 UTC 
I guess that not only anaconda-ks.cfg, but also installation logs should not be copied to /var/log/anaconda/, since they also contain internal locations.
Comment 2 Martin Kolman 2015-11-26 10:37:21 UTC 
(In reply to Jan Stodola from comment #1)
> I guess that not only anaconda-ks.cfg, but also installation logs should not
> be copied to /var/log/anaconda/, since they also contain internal locations.
Yeah, that also makes sense, but I guess it should probably be a separate option so that we don't lump them together with kickstarts.

So maybe inst.save_kickstart and inst.save_logs ? 

And if "inst.save_kickstart=0 inst.save_kickstart=0" would be added to boot command line both kickstarts and logs would not be saved to the system.
Comment 3 Jan Stodola 2015-11-26 11:36:56 UTC 
ok, two options make sense.
Comment 4 Martin Kolman 2015-12-02 16:01:19 UTC 
A patch[0] adding this for Fedora has been posted for review.

[0] https://lists.fedorahosted.org/archives/list/anaconda-patches%40lists.fedorahosted.org/message/W4WDSKJ6OUKBSE2SXFWCP6A2M6OZL37X/
Comment 5 Fabian Deutsch 2015-12-09 15:47:19 UTC 
We should also consider dropping other caches liek yum's cache or so.
Basically this has quite a bit of overlap with virt-sysprep IMO.
Comment 6 Martin Kolman 2015-12-14 13:40:38 UTC 
(In reply to Fabian Deutsch from comment #5)
> We should also consider dropping other caches liek yum's cache or so.
> Basically this has quite a bit of overlap with virt-sysprep IMO.
We are thinking about making a single boot option that users can use to provide a comma separated list of things Anaconda should not save on the installed system.

For example:

inst.nosave=logs,kickstarts

or

inst.nosave=all

To disable saving of all the "artifacts" that can be specified by the nosave option.

This should be quite easy to extend to various kinds of things as needed.
Comment 7 Fabian Deutsch 2015-12-14 13:48:04 UTC 
That sounds like a nice approach.

Please consider to put this in a somewhat isolated library, maybe this can be pulled into a separate tool for existing images.
Comment 12 David Shea 2016-06-03 19:58:16 UTC 
*** Bug 1342663 has been marked as a duplicate of this bug. ***
Comment 15 errata-xmlrpc 2016-11-03 23:19:20 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-2158.html