%packages --nobase
openssh-server
screen
mtr
nc
unzip
elinks
tcpdump
lsof
wget
stunnel
lftp
man
vim-enhanced
vixie-cron
ntp
tmpwatch
logwatch
traceroute
which
zip
unzip
jwhois
bind-utils

-setserial
-kudzu
-gnu-efi
-dhcpv6_client
-Deployment_Guide-en-US
-libhugetlbfs-lib
-libhugetlbfs
-iptables-ipv6
-setools
-hdparm
# not possible
-authconfig
-wireless-tools
-rhpl
-system-config-securitylevel-tui
-newt

%post

chvt 3
(

echo "Disabling IPv6"
sed -i -e 's/\(NETWORKING_IPV6=\).*/\1no/' /etc/sysconfig/network

cat << EOF >> /etc/modprobe.conf
# disable IPv6
alias net-pf-10 off
EOF

echo "Disabling Zeroconf"
grep -q '^NOZEROCONF=yes' /etc/sysconfig/network || sed -i -e '/^NETWORKING=yes/a NOZEROCONF=yes' /etc/sysconfig/network

# Running on x86_64? Remove i386 rpms
if [ "$(uname -m)" == "x86_64" ]; then
        echo "We're on x86_64, removing unwanted i386 libraries"
        rpm -qa --queryformat='%{n}-%{v}-%{r}.%{arch}\n' | grep '\.i[3456]86$' | xargs rpm -ev
        echo "done"
fi

# Adding ssh key
# You could add your ssh key here
#echo "Adding ssh key"
#mkdir -p /root/.ssh
#chmod 700 /root/.ssh
#echo 'your ssh key' > /root/.ssh/authorized_keys
#chmod 600 /root/.ssh/authorized_keys


# Running on XEN? Add serial console if not already configured
if [ -f /proc/xen/capabilities ] && [ $(cat /proc/xen/capabilities | wc -l) -eq 0 ]; then
        echo "Adding XEN serial console support"
        # Check it's not already configured and add it and allow root-logins
        grep -q xvc0 /etc/inittab || sed -i -e '/^# Run gettys/a co:2345:respawn:/sbin/agetty xvc0 9600 vt100-nav ' /etc/inittab
        grep -q xvc0 /etc/securetty || echo xvc0 >> /etc/securetty
fi



# something can only be removed later
rpm -e wireless-tools rhpl authconfig
rpm -e system-config-securitylevel-tui iptables-ipv6 newt

) 2>&1 | tee /root/ks-post.log
chvt 1