Linux Instances Clean-up to Create OMIs

This page lists the elements of a Linux instance you can clean up before creating an OUTSCALE machine image (OMI), especially if you want to share this OMI with other users or to make it public.

An OMI created from an instance or from a snapshot has the same characteristics as this instance or the instance the snapshot is created from. Moreover, an instance can contain sensitive information that you do not want to share.

It is therefore strongly recommended to clean up these elements from your instance, or the instance the snapshot is created from, before creating the OMI.

This page provides command samples for CentOS 7 Linux instances, but the list of elements is the same for other Linux instances.

  • Clean the user information at the very end. To clean the information related to all users, you need to repeat the commands for each user (as explained in the table).

  • After cleaning your instance, it is recommenced to immediately stop it to create the OMI. You can then start it again if you want to keep it, but the cleanup has to be done again if you want to create another OMI.

You must execute these commands as the root user of the instance. To switch to the root user, type: sudo -s

Elements Action CentOS 7 commands

Logs

rsyslog

Prevent from creating new logs

$ service rsyslog stop

Logs

Clean the logs and logs history

$ find /var/log -type f | while read f; do echo -ne '' > $f; done

Temporary files

Clean the temporary files on your instance

You need to enter both of the following commands:

$ /bin/rm -Rf /tmp/*
$ /bin/rm -Rf /var/tmp/*

Instance Configuration

Route configuration and network map

Clean the route configuration and network map obtained when launching the instance

$ /bin/rm -f /etc/sysconfig/network-scripts/{ifcfg,route}-eth[1-9]

DHCP lease

Clean the lease obtained when launching the instance

$ /bin/rm -f /var/lib/dhclient/dhclient*.lease

NTP servers

Clean the list of the servers obtained when launching the instance

$ sed -i '/dhclient-script/d' /etc/ntp.conf

Launch information

Clean the information related to the first launch of an instance

$ /bin/rm -f /var/osc/*

User password

Clean the passwords

To check if there is any password, use the following command:

$ cat /etc/shadow

To delete the passwords, use the following command:

$ passwd -d User_Name

Packages

Packages

Clean the packages

$ yum -y clean all

Note

By default, the yum command is not installed on Ubuntu.

User

Keypairs

Clean the public part of the keypair present on the root device of the instance

To clean the keypairs of the root user, of the outscale user, and of any other user created in the instance, use the following commands:

$ /bin/rm -f ~/.ssh/authorized_keys
$ /bin/rm -f $HOME/outscale/.ssh/authorized_keys
$ /bin/rm -f $HOME/User_Name/.ssh/authorized_keys

User configuration information

Clean the configuration set up by a user

To clean the configuration information of root user, of the outscale user, and of any other user created in the instance, use the following commands:

$ /bin/rm -f ~/.viminfo
$ /bin/rm -f $HOME/outscale/.viminfo
$ /bin/rm -f $HOME/User_Name/.viminfo

Emails

Clean the emails you received on the instance

$ /bin/rm -f /var/spool/mail/*

User history

Clean the history of the user

To clean the history of the root user, of the outscale user, and of any other user created in the instance, use the following commands:

$ /bin/rm -f ~/.bash_history
$ /bin/rm -f $HOME/outscale/.bash_history
$ /bin/rm -f $HOME/User_Name/.bash_history
$ history -c

Related Pages