1 files changed, 271 insertions, 0 deletions

diff --git a/packer/files/scripts/linux/sysprep.sh b/packer/files/scripts/linux/sysprep.sh
new file mode 100644
index 0000000..d232a6f
--- /dev/null
+++ b/packer/files/scripts/linux/sysprep.sh
@@ -0,0 +1,271 @@
+#!/bin/bash
+# taken from https://github.com/DanHam/packer-virt-sysprep
+set -o errexit
+shopt -s nullglob dotglob
+
+function _clean_shell_history() {
+    root_hist="$(find /root -type f -name .bash_history)"
+    user_hist="$(find /home -type f -name .bash_history | tr -s '\n' ' ')"
+    rm -rf ${root_hist} ${user_hist}
+    
+    set +o errexit
+    if [[ -f /.dockerenv ]]; then
+        ln -sf /dev/null "/root/.bash_history"
+
+        while read user home; do
+            ln -sf /dev/null "${home}/.bash_history" || :
+            chown --no-dereference "${user}:${user}" "${home}/.bash_history" || :
+        done <<< $(getent passwd | grep -i home | awk -F ':' '($3>=1000) {print $1" "$6}')
+
+    fi
+    set -o errexit
+}
+
+function _clean_home_dirs() {
+    root_files="$(find /root -name .cache -o -name .zshrc -o -name .wget-hsts | tr -s '\n' ' ')"
+    user_files="$(find /home -name .cache -o -name go -o -name .zshrc -o -name .wget-hsts | tr -s '\n' ' ')"
+    rm -rf ${root_files} ${user_files}
+}
+
+function _clean_cloud_init() {
+    rm -rf /var/log/installer
+    rm -rf /var/lib/cloud/*
+    rm -rf /var/log/cloud-init.log
+}
+
+function _clean_logs() {
+    find /var/log -maxdepth 1 -type f -exec bash -c "echo > {}" \;
+}
+
+function _clean_crash_data() {
+    crash_data_location=(
+        "/var/crash/*"
+        "/var/log/dump/*"
+    )
+    for crash_data in ${crash_data_location[@]}; do rm -rf ${crash_data}; done
+}
+
+function _reset_dhcp_state() {
+    lease_data_locations=(
+        "/var/lib/dhclient/*"
+        "/var/lib/dhcp/*"
+    )
+    for lease_file in ${lease_data_locations[@]}; do rm -rf ${lease_file}; done
+}
+
+function _reset_fw_rules() {
+    if command -v ufw &>/dev/null; then
+        ufw --force reset &>/dev/null
+    fi
+
+    if command -v systemctl &>/dev/null; then
+        if systemctl is-active -q firewalld.service &>/dev/null; then
+            systemctl stop -q firewalld.service
+        fi
+
+        if systemctl is-active ufw.service &>/dev/null; then
+            systemctl stop -q ufw.service
+        fi
+    fi
+
+    fw_config_locations=(
+        "/etc/sysconfig/iptables"
+        "/etc/firewalld/services/*"
+        "/etc/firewalld/zones/*"
+        "/etc/ufw/user.rules.*"
+        "/etc/ufw/before.rules.*"
+        "/etc/ufw/after.rules.*"
+        "/etc/ufw/user6.rules.*"
+        "/etc/ufw/before6.rules.*"
+        "/etc/ufw/after6.rules.*"
+    )
+
+    for fw_config in ${fw_config_locations[@]}; do rm -rf ${fw_config}; done
+}
+
+function _reset_machine_id() {
+    sysd_id="/etc/machine-id"
+    dbus_id="/var/lib/dbus/machine-id"
+
+    if [[ -e ${sysd_id} ]]; then
+        rm -rf ${sysd_id} && touch ${sysd_id}
+    fi
+
+    if [[ -e ${dbus_id} && ! -h ${dbus_id} ]]; then
+        rm -rf ${dbus_id}
+    fi
+}
+
+function _clean_mail_spool() {
+    mta_list=(
+        "exim"
+        "postfix"
+        "sendmail"
+    )
+
+    mail_spool_locations=(
+        "/var/spool/mail/*"
+        "/var/mail/*"
+    )
+
+    for mta in ${mta_list[@]}; do
+        if command -v systemctl &>/dev/null ; then
+            mta_service="$(systemctl list-units --type service | grep ${mta} | cut -d' ' -f1)"
+            if [[ "x${mta_service}" != "x" ]]; then
+                if systemctl is-active ${mta_service} &>/dev/null; then
+                    systemctl stop ${mta_service}
+                fi
+            fi
+        else
+            mta_service="$(find /etc/init.d/ -iname "*${mta}*")"
+            if [[ "x${mta_service}" != "x" ]]; then
+                if ${mta_service} status | grep running &>/dev/null; then
+                    ${mta_service} stop
+                fi
+            fi
+        fi
+    done
+
+    for mail_spool in ${mail_spool_locations[@]}; do rm -rf ${mail_spool}; done
+}
+
+function _clean_package_manager_cache() {
+    cache_locations=(
+        "/var/cache/apt/"
+        "/var/cache/dnf/"
+        "/var/cache/yum/"
+        "/var/cache/zypp*"
+    )
+
+    for cache_dir in ${cache_locations[@]}; do
+        if [[ -d ${cache_dir} ]]; then
+            find ${cache_dir} -type f | xargs -I FILE rm -rf FILE
+        fi
+    done
+}
+
+function _clean_package_manager_db() {
+    rm -rf /var/lib/rpm/__db.*
+    apt_lists=/var/lib/apt/lists
+    if [[ -d "${apt_lists}" ]]; then
+        find "${apt_lists}" -type f | xargs rm -rf
+    fi
+}
+
+function _clean_tmp() {
+    tmp_locations=(
+        "/tmp"
+        "/var/tmp"
+    )
+
+    mntpnt_orig_tmp="/mnt/orig_tmp"
+
+    shopt -s dotglob
+
+    sum_tmp_space=0
+    for tmp in ${tmp_locations[@]}
+    do
+        if [[ -d ${tmp} ]]; then
+            tmp_space="$(du -sm ${tmp} | cut -f1)"
+        else
+            tmp_space=0
+        fi
+        sum_tmp_space=$(( ${sum_tmp_space} + ${tmp_space} ))
+        if [[ ${sum_tmp_space} -gt 128 ]]; then
+            echo "ERROR: Space for copying tmp into memory > 128mb. Exiting"
+            exit 1
+        fi
+    done
+
+    if ! mount -l -t tmpfs | grep /dev/shm &>/dev/null; then
+        [[ -d /dev/shm ]] || mkdir /dev/shm && chmod 1777 /dev/shm
+        mount -t tmpfs -o defaults,size=128m tmpfs /dev/shm
+    fi
+
+
+    for tmp in ${tmp_locations[@]}; do
+        tmp_path="${tmp}"
+        on_tmpfs=false
+
+        while [[ ${tmp_path:0:1} = "/" ]] && [[ ${#tmp_path} > 1 ]] && [[ ${on_tmpfs} = false ]]; do
+            defifs=${IFS}
+            IFS=$'\n'
+            for mountpoint in $(mount -l -t tmpfs | cut -d' ' -f3)
+            do
+                if [[ "${mountpoint}" == "${tmp_path}" ]]; then
+                    on_tmpfs=true
+                    continue
+                fi
+            done
+            IFS=${defifs}
+            tmp_path=${tmp_path%/*}
+        done
+
+        if [[ "${on_tmpfs}" = false ]]; then
+            tmp_located_on=""
+            defifs=${IFS} && IFS=$'\n'
+            for line in $(df | tr -s ' ')
+            do
+                if echo ${line} | cut -d' ' -f6 | grep ^${tmp}$ &>/dev/null; then
+                    tmp_located_on="$(echo ${line} | cut -d' ' -f1)"
+                fi
+            done
+            IFS=${defifs}
+            [[ "x${tmp_located_on}" = "x" ]] && tmp_located_on="/"
+
+            shmtmp="/dev/shm/${tmp}"
+            mkdir -p ${shmtmp}
+            chmod 1777 ${shmtmp}
+            files=(${tmp}/*)
+            [[ -e ${files} ]] && cp -pr ${tmp}/* ${shmtmp}
+            mount --bind ${shmtmp} ${tmp}
+
+            mkdir ${mntpnt_orig_tmp}
+            if [[ ${tmp_located_on} = "/" ]]; then
+                mount_opts="--bind"
+                tmp_path="${mntpnt_orig_tmp}/${tmp}"
+            else
+                mount_opts=""
+                tmp_path="${mntpnt_orig_tmp}"
+            fi
+            mount ${mount_opts} ${tmp_located_on} ${mntpnt_orig_tmp}
+
+            files=(${tmp_path}/*)
+            [[ -e ${files} ]] && rm -rf ${tmp_path}/*
+            umount ${mntpnt_orig_tmp} && rm -rf ${mntpnt_orig_tmp}
+        fi
+    done
+}
+
+function _clean_yum_uuid() {
+    uuid="/var/lib/yum/uuid"
+    [[ -e ${uuid} ]] && rm -rf ${uuid} || :
+}
+
+function _clean_logins() {
+    login_logs=(
+        "/var/log/lastlog"
+        "/var/log/wmtp"
+        "/var/log/btmp"
+        "/var/run/utmp"
+        "/var/run/utmp"
+    )
+    for login_log in ${login_logs[@]}; do ln -sfn /dev/null $login_log; done
+}
+
+_clean_shell_history
+_clean_home_dirs
+_clean_cloud_init
+_clean_logs
+_clean_crash_data
+_reset_dhcp_state
+_reset_fw_rules
+_reset_machine_id
+_clean_mail_spool
+_clean_package_manager_cache
+_clean_package_manager_db
+_clean_tmp
+_clean_yum_uuid
+_clean_logins
+
+exit 0