Wednesday, 1 April 2015

Build your RPM

Since, I had an local repository file where I wanted to distribute it to the YUM repository, so had to created an RPM file as explained below

Objective: Demonstrate a simple scenario on how to build RPM. 


Environment: CentOS 6.6 (X86_64) 

Install required RPM 

#yum install -y rpm-build rpmdevtools

Create user for RPM build

# useradd -m rpmbld
# passwd rpmbld

Build RPM

login with the rpmbld account and from the home directory create the directory structure.
Creates the directory rpmbuild with several sub-directories.

~]$ id
uid=501(rpmbld) gid=501(rpmbld) groups=501(rpmbld)
~]$ rpmdev-setuptree 
~]$ echo $?

~]$ cd rpmbuild/
~]$ ls

Create compressed content with RPM content

Change to the SOURCE directory, representing directory structure with RPM name,version and target file system. here, I use /etc/yum.repos.d copy desired repo file into the rpms structure. Once after that gzip all of that.

~]$ cd rpmbuild/SOURCES/
~/rpmbuild/SOURCES]$ ls
~/rpmbuild/SOURCES]$ mkdir -p localrepo-1/etc/yum.repos.d
~/rpmbuild/SOURCES]$ cp /tmp/centos66.repo localrepo-1/etc/yum.repos.d

~]$ ls

~/rpmbuild/SOURCES]$ tar -zcvf localrepo-1.tar.gz localrepo-1/

SPEC skeleton

Instructions for the build process are created in the rpmbuild/SPECS directory. rpmdev-newspec <filename> used to create a sample file in your current directory.Edit as required.

~]$ cd rpmbuild/SPECS/

~/rpmbuild/SPECS]$ rpmdev-newspec localrepo.spec
Skeleton specfile (minimal) has been created to "localrepo.spec".

~/rpmbuild/SPECS]$ ls

:~]$ cat rpmbuild/SPECS/localrepo.spec 
Name:           localrepo
Version:        1 
Release:        0
Summary:        Centos repository
Group:          System Environment/Base
License:        GPL
source0:        localrepo-1.tar.gz
buildarch:      noarch
BuildRoot:      %{_tmppath}/%{name}-buildroot

 Create YUM repository pointing to local centos/redhat repository.

%setup -q

mkdir -p "$RPM_BUILD_ROOT"




you can now use the rpmbuild process to create RPM with -bb for binary rpm without src rpm.

:~]$ rpmbuild -v -bb rpmbuild/SPECS/localrepo.spec 
Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.RjS32s
+ umask 022
+ cd /home/rpmbld/rpmbuild/BUILD
+ cd /home/rpmbld/rpmbuild/BUILD
+ rm -rf localrepo-1
+ /bin/tar -xf -
+ /usr/bin/gzip -dc /home/rpmbld/rpmbuild/SOURCES/localrepo-1.tar.gz
+ '[' 0 -ne 0 ']'
+ cd localrepo-1
+ /bin/chmod -Rf a+rX,u+w,g-w,o-w .
+ exit 0
Executing(%install): /bin/sh -e /var/tmp/rpm-tmp.qqYUfq
+ umask 022
+ cd /home/rpmbld/rpmbuild/BUILD
+ cd localrepo-1
+ mkdir -p /home/rpmbld/rpmbuild/BUILDROOT/localrepo-1-0.i386
+ cp -R etc /home/rpmbld/rpmbuild/BUILDROOT/localrepo-1-0.i386
+ /usr/lib/rpm/check-rpaths /usr/lib/rpm/check-buildroot
+ /usr/lib/rpm/brp-compress
+ /usr/lib/rpm/brp-strip
+ /usr/lib/rpm/brp-strip-static-archive
+ /usr/lib/rpm/brp-strip-comment-note
Processing files: localrepo-1-0.noarch
Requires(rpmlib): rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1
Checking for unpackaged file(s): /usr/lib/rpm/check-files /home/rpmbld/rpmbuild/BUILDROOT/localrepo-1-0.i386
Wrote: /home/rpmbld/rpmbuild/RPMS/noarch/localrepo-1-0.noarch.rpm
Executing(%clean): /bin/sh -e /var/tmp/rpm-tmp.lBmbql
+ umask 022
+ cd /home/rpmbld/rpmbuild/BUILD
+ cd localrepo-1
+ rm -rf /home/rpmbld/rpmbuild/BUILDROOT/localrepo-1-0.i386
+ exit 0

Test your build custom RPM's:

:~]# rpm -qiaf /home/rpmbld/rpmbuild/RPMS/noarch/localrepo-1-0.noarch.rpm
Name        : localrepo                    Relocations: (not relocatable)
Version     : 1                                 Vendor: (none)
Release     : 0                             Build Date: Wednesday 01 April 2015 05:18:03 AM IST
Install Date: (not installed)               Build Host: redhat
Group       : System Environment/Base       Source RPM: localrepo-1-0.src.rpm
Size        : 110                              License: GPL
Signature   : (none)
URL         :
Summary     : Centos repository
Description :
 Create YUM repository pointing to local centos repository.

:~]# rpm -ivh /home/rpmbld/rpmbuild/RPMS/noarch/localrepo-1-0.noarch.rpm
Preparing...                ########################################### [100%]
   1:localrepo              ########################################### [100%]

:~]# ls -l /etc/yum.repos.d/centos66.repo 
-rw-r--r-- 1 root root 110 Apr  1 05:18 /etc/yum.repos.d/centos66.repo

this is how the custom RPM's are build, hope this tutorial can help you all for your custom RPM builds.
sharing in public, re-share for all. 

Monday, 23 March 2015

SLE 11 SP3 to SLE 12 - upgrade methods explained

SLE allows to update an existing system to the new version, for example, going from SLE 11 SP3 to SLE 12. No new installation is needed. Existing data, such as home and data directories and system configuration, is kept intact. You can update from a local CD or DVD drive or from a central network installation source.

Note: Before updating, copy existing configuration files to a separate medium (such as tape device, removable hard disk, etc.) to back up the data. This primarily applies to files stored in /etc as well as some of the directories and files in /var and /opt. You may also want to write the user data in /home (the HOME directories) to a backup medium.

Environment: SLES 11 SP3
Kernel sles11sp3: 3.0.76-0.11(before up-gradation)
kernel sles12sp0: 3.12.28-4 (after up-gradation)

To upgrade your system this way, you need to boot from an installation source, like you would do for a fresh installation. However, when the boot screen appears, you need to select Upgrade (instead of Installation). The installation source to boot from can be one of the following:
- Local installation medium -(like a DVD, or an ISO image on a USB mass storage device)
- Network installation source -You can either boot from the local medium (like a DVD, or an ISO image)and then select the respective network installation type, or boot via PXE.

- Upgrade using network installation source using CDROM.
- Upgrade using network installation source using PXE.
- Perform an automated migration.

If you want to start an upgrade from a network installation source, make sure that the following below requirements are met, and I would leave it to reader to configure accordingly as it was already explained in previous posts (pxe-installation-on-sles-11)

Network Installation Source - network installation source should be setup.
Network Connection and Network Services - Both the installation server and the target machine have a functioning network connection. The network must provide the following services: a name service, DHCP(optional, but needed for booting via PXE)

Upgrade using network installation source using CDROM:

- Insert DVD 1 of the SUSE Linux Enterprise 12 installation media and boot your machine. A Welcome screen is displayed, followed by the boot screen.
- Select the type of network installation source you want to use (FTP, HTTP, NFS, SMB, or SLP). Since I had configured using HTTP, I would select HTTP to serve installations.

              Fig 1
               Fig 2

Upgrade using network installation source using PXE:
- Adjust the setup of your DHCP server to provide the address information needed for booting via PXE.
- Set up a TFTP server to hold the boot image needed for booting via PXE.
- Prepare PXE Boot and Wake-on-LAN on the target machine.

              Fig 3

- Once you get your screen as (Fig 2)Proceed with the upgrade process, steps are self-explanatory.

Perform an automated migration:

Copy the installation Kernel linux and the file initrd from /boot/x86_64/loader/ of your first installation DVD to your system's /boot directory

#cp -vi DVDROOT/boot/x86_64/loader/linux /boot/linux.upgrade
#cp -vi DVDROOT/boot/x86_64/loader/initrd /boot/initrd.upgrade
where, DVDROOT denotes the path where your system mounts the DVD

Open the GRUB legacy configuration file /boot/grub/menu.lst and add another section. For other boot loaders, edit the respective configuration file(s). Adjust device names accordingly to your /boot partition.

title Linux Upgrade Kernel
kernel (hd0,0)/boot/linux.upgrade root=/dev/sda1 upgrade=1   
initrd (hd0,0)/boot/initrd.upgrade

Reboot your machine and select the newly added section from the boot menu (here: Linux Upgrade Kernel).

                 Fig 4

- Once you get your screen as (Fig 2)Proceed with the upgrade process, steps are self-explanatory.

- After the upgrade process was finished successfully, remove the installation Kernel and initrd files (/boot/linux.upgrade and /boot/initrd.upgrade). They are useless now and are not needed anymore.

Once the up-gradation is completed, system would be rebooted and booted with new kernel. 

                  Fig 5                                             Fig 6

Up-gradations completed successfully.

Friday, 13 March 2015

Installation and Configuring FTPS - Redhat/CentOS

'vsftpd' is a very popular package for FTP, but poses a security threat because it transfers username,passwords etc in plain text, I would explain in this article as how FTP offers encryption with the help of SSL and TLS protocols.

FTP defines a client-server architecture that uses two ports in-order to establish connectivity between server and the client.
1. Port # 20 : data transfer
2. Port # 21 : autentication connnections.

as a security measure, we have two options that offer secure file transfer capabilities, which are SFTP and FTPS.
SFTP uses a SSH connection to run file transfers over a secure channel, while FTPS uses cryptographic protocols such as SSL( Secure Socket Layer) and TLS (Transport Layer Security).

I would elobrate SFTP protocol in order to setup a secure FTP server using SSL certificates.

Environment: CentOS 6.6/Redhat 6.6 (x86_64)
Packages : vsftpd-2.2.2-12.el6_5.1.i686 / openssl-1.0.1e-30.el6.i686

Install openssl and vsftpd based on your distros:

sudo apt-get install vsftpd openssl  -> Debian
yum install vsftpd openssl           -> Redhat
zypper install vsftpd openssl        -> SuSE

For, data encryption purpose we need to create a SSL certificate(rsa_cert_file)and RSA key file(rsa_private_key) which is used by 'vsftpd' in the configuration file (/etc/vsftpd/vsftpd.conf).

[root@centnode1]# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/vsftpd/vsftpd.pem -out /etc/vsftpd/vsftpd.pem
Generating a 2048 bit RSA private key
writing new private key to '/etc/vsftpd/vsftpd.pem'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [XX]:IN
State or Province Name (full name) []:Karnataka
Locality Name (eg, city) [Default City]:Bangalore
Organization Name (eg, company) [Default Company Ltd]:testlabs
Organizational Unit Name (eg, section) []:OperatingSystems
Common Name (eg, your name or your server's hostname) []:centnode1
Email Address []

We need to instruct vsftpd to use that SSL certificate to carry encryption process for data and authentication:

[root@centnode1]# vi /etc/vsftpd/vsftpd.conf

#Turn on SSL

#Mention the certificate and key file location

#Enable TLS as it is more secure than SSL

#allow local users added to the system to use FTP

#Prevent anonymous logins

#accept FTP write command

#chroot users

start/restart your 'vsftpd' to take effect and make sure it start's during the boot time.

[root@centnode1]# service vsftpd start
[root@centnode1]# chkconfig vsftpd on

Now, your FTP server is ready and can add users who can access it. every user will get a separate home directory and with chroot jail activated users are forced to work within their home directories.

[root@centnode1 ~]# useradd ftpuser
[root@centnode1 ~]# passwd ftpuser

Test your SSL connection over 'vsftpd'

when you first try to connect using plain ftp, it must fail asking for encryption.

[root@centnode1 ~]# ftp
Connected to (
220 (vsFTPd 2.2.2)
Name ( ftpuser
530 Non-anonymous sessions must use encryption.  <<<=====================
Login failed.

create few files in 'ftpuser' home directory and get them listed using 'curl' 

[root@centnode1 ~]# curl --ftp-ssl --insecure --user ftpuser:password ftp://ftpserver
-rw-rw-r--    1 500      500             0 Mar 13 06:15 ftptestfile
[root@centnode1 ~]#

ftp-ssl  : tells curl to use ftps
insecure : tells curl not to use any ssl certificate to authenticate and instead just connect.
user     : specifies the username and password

Now, the user 'ftpuser' will be able to use the FTPS services with any FTP clients that supports SSL/TLS such as filezilla. If you want to limit access to FTPS server, but allow people to use FTPS services at the same time, by changing their shell to /sbin/nologin.

Sunday, 4 January 2015

RHEL/CentOS - [Errno 14] PYCURL ERROR 7 - "couldn't connect to host" - FTP

​I had an ERROR which was mentioned in the subject line, I would like to share with you all as how did I troubleshoot.

I had an YUM server repository on which I had installed firewall in recent times, I had set all my INPUT rules to make sure that port 21 is allowed to communicate between the clients. However, FTP client's were able to connect the FTP server on port 21, where as YUM was unable to fetch the repository file and was failing with below ERROR.

# yum list all
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile [Errno 14] PYCURL ERROR 7 - "couldn't connect to host"
Trying other mirror.
Error: Cannot retrieve repository metadata (repomd.xml) for repository: centos66. Please verify its path and try again

I tried to download one of the file from the FTP server and I was known that when client is trying for passive connection to the FTP, there was no route to the host to connect.

230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (192,168,156,107,54,76).
ftp: connect: No route to host

I thought to get the reader to know the below as basic information, hence describing about active/passive methods.

Active mode:

In an active mode configuration, the server will attempt to connect to a random client-side port. So chances are, that port wouldn't be one of those predefined ports. As a result, an attempt to connect to it will be blocked by the firewall and no connection will be established. 

Passive mode:

A passive configuration will not have this problem since the client will be the one initiating the connection.So it would be best for you to configure server to support passive mode FTP. However, passive mode would make your system vulnerable to attacks because clients are supposed to connect to random server ports. To mitigate the risks, a good solution would be to specify a range of ports on your server and then to allow only that range of ports on your firewall.

Firewall was not allowing my passive FTP connection, below steps were been performed to resolve this issue.

-create a file and reboot the server so that Kernel module would be loaded and will be persistent across reboots.

# cat  /etc/sysconfig/modules/iptables.modules 
exec /sbin/modprobe ip_conntrack_ftp >/dev/null 2>&1

#chmod +x /etc/sysconfig/modules/iptables.modules

# lsmod | grep ftp
nf_conntrack_ftp       10475  0 
nf_conntrack           66229  6 ipt_MASQUERADE,iptable_nat,nf_nat,nf_conntrack_ipv4,xt_state,nf_conntrack_ftp

I am now able to connect to my YUM repository with FTP as a protocol.

# ftp ftpserver
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> !ls
anaconda-ks.cfg  install.log  install.log.syslog  
ftp> bye

# yum list all | wc -l

sharing this article publicly as this could save time for anyone who is facing this ERROR.

Wednesday, 31 December 2014

strace & system call tracing

I had written this as few of my colleagues had requested to know how strace works, hope below articles helps out.

Today being the last day of 2014, I thought to share publicly and wishing all readers HAPPY  NEW  YEAR - 2015 " 

The strace tool is one of the most powerful problem determination tools available for Linux. It traces the thin layer (the system calls) between a process and the Linux kernel. System call tracing is particularly useful as a first investigation tool or for problems that involve a call to the operating system.

A system call is a special type of function that is run inside the kernel. It provides fair and secure access to system resources such as disk, network, and memory. System calls also provide access to kernel services such as inter-process communication and system information.

When to use ?

The strace tool should be used as a first investigation tool or for problems that are related or involved  at the operating system level. the system call trace will clearly show the cause of problem. Experienced users might use strace either way until they narrow down the scope of a problem.

The following example uses a simple program to show how to use strace, I would try to open an file which doesn't exist.

root@localhost]# cat main.c 


int main()

int fd;
int i=0;

fd = open( "/tmp/foo", O_RDONLY);

if (fd < 0)

return i;

# gcc main.c -o ./main
# strace -o main.strace ./main
# cat -n ./main.strace 
     1 execve("./main", ["./main"], [/* 21 vars */]) = 0
     2 brk(0)                                  = 0x8697000
     3 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7774000
     4 access("/etc/", R_OK)      = -1 ENOENT (No such file or directory)
     5 open("/etc/", O_RDONLY)      = 3
     6 fstat64(3, {st_mode=S_IFREG|0644, st_size=28116, ...}) = 0
     7 mmap2(NULL, 28116, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb776d000
     8 close(3)                                = 0
     9 open("/lib/", O_RDONLY)        = 3
    10 read(3, "\177ELF\1\1\1\3\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\220\356\300\0004\0\0\0"..., 512) = 512
    11 fstat64(3, {st_mode=S_IFREG|0755, st_size=1906308, ...}) = 0
    12 mmap2(0xbf8000, 1661356, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xbf8000
    13 mmap2(0xd88000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x190) = 0xd88000
    14 mmap2(0xd8b000, 10668, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xd8b000
    15 close(3)                                = 0
    16 mprotect(0xd88000, 8192, PROT_READ)     = 0
    17 mprotect(0xbe6000, 4096, PROT_READ)     = 0
    18 munmap(0xb776d000, 28116)               = 0
    19 open("/tmp/foo", O_RDONLY)              = -1 ENOENT (No such file or directory)
    20 exit_group(5)                           = ?

In this strace output, the vast majority of the system calls are actually for process initialization. In fact, the only system call (on line 19) from the actual program code is open("/tmp/foo", O _ RDONLY ). Also notice that there are no system calls from the if statement or any other code in the program because the if statement does not invoke a system call.

Below would be detail how above code works line by line: 

Line #1:  The execve system call (or one of the exec system calls) is always the first system call in the strace output if strace is used to trace a program off the command line. The strace tool forks, executes the program, and the exec system call actually returns as the first system call in the new process.

Line #2: The brk system call is called with an argument of zero to find the current "break point." This is the beginning of memory management for the process.

Line #3: The mmap call is used to create an anonymous 4KB page. The address of this page is at 0xb7774000

Line #4: This line attempts to open the file. This file contains a list of ELF shared libraries that are to be pre-loaded before a program is able to run.

Line #5-#9: These lines involve finding and loading the libc library.

Line #10: Loads in the ELF header for the libc library.

Line #11: Gets more information (including size) for the libc library file.

Line #12:  This line actually loads ( mmaps ) the contents of libc into memory at address at 0xbf8000

Line #13: This line loads the data section at address 0xd88000 for 12288 bytes, from the beginning of memory segment (0x00d88000). According to the ELF layout of, the data section starts at 0x00d881c8 , but that section must be aligned on 0x1000 boundaries (hence the offset of 0x00d88000 )

# readelf -l /lib/

Elf file type is DYN (Shared object file) Entry point 0xc0ee90 There are 10 program headers, starting at offset 52

Program Headers:
  Type           Offset   VirtAddr   PhysAddr   FileSiz MemSiz  Flg Align
  PHDR           0x000034 0x00bf8034 0x00bf8034 0x00140 0x00140 R E 0x4
  INTERP         0x15c2c8 0x00d542c8 0x00d542c8 0x00013 0x00013 R   0x1
      [Requesting program interpreter: /lib/]
  LOAD           0x000000 0x00bf8000 0x00bf8000 0x18ff98 0x18ff98 R E 0x1000
  LOAD           0x1901c8 0x00d881c8 0x00d881c8 0x027d4 0x057e4 RW  0x1000
  DYNAMIC        0x191d7c 0x00d89d7c 0x00d89d7c 0x000f8 0x000f8 RW  0x4

Line #14: Creates an anonymous memory segment for the bss section This is a special section of a loaded executable or shared library for uninitialized data. Because the data is not initialized, the storage for it is not included in an ELF object like a shared library (there are no real data values to store). Instead, memory is allocated(0xd8b000)for the bss section when the library is loaded.

Line #15: Closes the file descriptor for libc.

Line #16-#17: This removes any protection for a region of memory at 0xd88000

Line #18: unmap files or devices into memory

Line #19: The only system call from the actual program code.

Line #20: Exits the process with a return code of 5.

It can also be useful to time both the difference between system call entries and the time spent in the system calls. With this information, it is possible to get the time spent in the user code between the system calls.

# strace -Tr ./main
     0.000000 execve("./main", ["./main"], [/* 21 vars */]) = 0 <0.000169>
     0.000406 brk(0)                    = 0x8b26000 <0.000014>
     0.000194 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb77e3000 <0.000028>
     0.000111 access("/etc/", R_OK) = -1 ENOENT (No such file or directory) <0.000022>
     0.000117 open("/etc/", O_RDONLY) = 3 <0.000022>
     0.000068 fstat64(3, {st_mode=S_IFREG|0644, st_size=28116, ...}) = 0 <0.000000>

Another useful way to time system calls is with the -c switch. This switch summarizes the output in tabular form:

# strace -c ./main
% time     seconds  usecs/call     calls    errors syscall
------ ----------- ----------- --------- --------- ----------------
  -nan    0.000000           0         1           read
  -nan    0.000000           0         3         1 open
  -nan    0.000000           0         2           close
  -nan    0.000000           0         1           execve
  -nan    0.000000           0         1         1 access

Sometimes it is necessary to trace an existing process that is running, such as a Web daemon (such as apache) or xinetd. The strace tool provides a simple way to attach to running processes with the -p switch:

# strace -p <PID>

I would conclude this article, by letting everyone know that strace when used effectively can narrow the scope of the problem analysis.  

Tuesday, 23 December 2014

automate kickstart installations in spacewalk #Redhat 6 / CentOS 6

In my previous article ( ), I had written on how to configure and install spacewalk. Here, I would let you know on how to automate the installations using spacewalk.

My Environment:
Hostname: spacewalk
Environment: CentOS 6.6 x86_64
Spacewalk version: 2.2​

For automating the installation of a Linux system a method called kickstart can be used. First, we have to setup a directory structure on the spacewalk server, copy the directory of the below from your CentOS/Redhat DVD to /var/distro-trees/CentOS6.6-x86_64.

- images
- isolinux
- repodata

Next, open the spacewalk console and navigate to the following location:

systems -> kickstart -> distributions -> new distribution.

Next step is to create a kickstart profile for the channel and distribution. Open the spacewalk console and navigate to the following location:

systems -> kickstart -> create new kickstart profile

Enter the following parameters for the new kickstart profile:

Label: CentOS66-minimal
Base channel: CentOS 6.6 Base - x86_64
Kickstartable tree: CentOS6.6-x86_64
Virtualization type: none

Also, have a look at the other tabs to have an idea of the configuration options which are available, possible interesting areas are provided as below snap where it is self-explanatory reader could work themselves.

We are now creating a new virtual machine, so make sure that your spacewalk server is able to resolve the name resolution. I would leave this to reader to configure DNS.

Next, build an ISO image as described below, on which your ISO image(generated.iso) from where you executed the command.

[root@spacewalk ~]# cobbler buildiso
task started: 2014-12-23_112833_buildiso
task started (id=Build Iso, time=Tue Dec 23 11:28:33 2014)
using/creating buildisodir: /var/cache/cobbler/buildiso
building tree for isolinux
copying miscellaneous files
copying kernels and initrds for profiles
generating a isolinux.cfg
generating profile list
done writing config
running: mkisofs -o /root/generated.iso -r -b isolinux/isolinux.bin -c isolinux/ -no-emul-boot -boot-load-size 4 -boot-info-table -V Cobbler\ Install -R -J -T /var/cache/cobbler/buildiso
received on stdout: 
received on stderr: I: -input-charset not specified, using utf-8 (detected in locale settings)
Size of boot image is 4 sectors -> No emulation
 26.00% done, estimate finish Tue Dec 23 11:28:34 2014
 51.90% done, estimate finish Tue Dec 23 11:28:34 2014
 77.89% done, estimate finish Tue Dec 23 11:28:34 2014
Total translation table size: 4029
Total rockridge attributes bytes: 1320
Total directory bytes: 4700
Path table size(bytes): 40
Max brk space used 1b000
19272 extents written (37 MB)

ISO build complete
You may wish to delete: /var/cache/cobbler/buildiso
The output file is: /root/generated.iso
[root@spacewalk ~]#

[root@spacewalk ~]# ls -l generated.iso
-rw-r--r-- 1 root root 39469056 Dec 23 11:28 generated.iso
[root@spacewalk ~]# 

On your host, create a new virtual machine and provide it with the generated.iso file to boot from. Upon boot you will see a menu allowing you to specify the Centos66-minimal setup to be installed.

Select this entry and the setup will install a base 64 bit CentOS 6.6 Linux system. If all goes well, this will happen completely automated, without any user intervention whatsoever.

I, would configure new server as a client to the spacewalk server in coming articles.