OS

Template using latest Centos 7 1804 Minimal failing to use Security Profile during installation

After multiple changes, upgrades and re-installs of my LAB severs and cloud POC some of my templates hosted externally were gone so decided to invest some time to create a new template using latest Centos 7 minimal version.

During the installation phase trying to use security profiles to put in place some useful configurations I came to an error experienced on some of the listed profiles.

Standard System Security Profile and C2S for Red Hat Enterprise Linux 7 are known to cause error “/dev/shm must be on a separate partition or logical volume”

This issue is marked as new with high priority under bug number 1570956 without any solution apart from avoid using mentioned profiles.

Complete catalog of security profiles can be found here
Each profile is fully documented explaining configurations, security risks and provides remediations to use in: Bash, Ansible, Puppet and Anaconda. Very useful to save time on remediations across the board post installation of OS.
Always read the profile document before implementation and test it to ensure will have desired effect on your servers and apps.

I wanted to first share the information about this bug and where to the profile details. Now back to creating my needed VM template.
Depending on what is used and needed a VM shell for the template could be created using vCenter WebClient or vCloud Director.

I am going to use latest vCloud Director 9.1 (at time of writing this) tenant HTML5 console to create my VM then install CentOS, prepare the installation to be used as template and lastly add the VM to my catalog.

Once logged into vCloud Director select desired OrgVCD where to create the VM in my case only one is visible.

Click create VM action button.

Fill the form as shown in below screenshot

After VM is created select Download VMRC from menu.