Rocky Linux 9.6 repo issue kickstart with packer

Rocky Linux Help & Support
1

Hello Guys,

i’ve got an issue with kickstart for Rocky 9.6 with packer

here is the error in the attached file

{D50683C2-E54D-4460-B76D-059F0C76E66D}
{D50683C2-E54D-4460-B76D-059F0C76E66D}1444×834 203 KB

its seems that the url can’t fetch the data of baseos from the official public repository

here is my kickstart configuration

Anyone can help me ?

####################################################################

Kickstart ROCKY 9

####################################################################

Use text install

text

eula --agreed

firewall --disabled
bootloader --location=mbr

%packages
@^minimal-environment
%end

Keyboard layouts

keyboard --xlayouts=‘fr (oss)’

lang fr_FR.UTF-8

Network information

network --bootproto=static --device=ens192 --gateway=${build_vm_gateway} --ip=${build_vm_ipaddress} --nameserver=${build_vm_nameservers} --netmask=${build_vm_netmask} --onboot=true --noipv6

Use network installation

url --url=“Index of /pub/rocky/9.6/BaseOS/x86_64/” --proxy=“https://10.x.x.x” --noverifyssl

Run the Setup Agent on first boot

firstboot --enable

Create primary system partitions.

part /boot --fstype xfs --size=1024 --label=BOOTFS --fsoptions=“nodev,nosuid,noexec”
part /boot/efi --fstype vfat --size=1024 --label=EFIFS
part pv.01 --size=100 --grow

Create a logical volume management (LVM) group.

volgroup vg_root --pesize=4096 pv.01

Modify logical volume sizes for the virtual machine hardware.

Create logical volumes.

logvol swap --fstype swap --name=lv_swap --vgname=vg_root --size=1024 --label=SWAPFS
logvol / --fstype ext4 --name=lv_root --vgname=vg_root --size=8192 --label=ROOTFS
logvol /opt --fstype ext4 --name=lv_opt --vgname=vg_root --size=8192 --label=OPTFS --fsoptions=“nodev,nosuid”
logvol /tmp --fstype ext4 --name=lv_tmp --vgname=vg_root --size=4096 --label=TMPFS --fsoptions=“nodev,noexec,nosuid”
logvol /var --fstype ext4 --name=lv_var --vgname=vg_root --size=8192 --label=VARFS --fsoptions=“nodev,noexec,nosuid”
logvol /var/lib --fstype ext4 --name=lv_lib --vgname=vg_root --size=8192 --label=LIBFS --fsoptions=“nodev,nosuid”
logvol /var/log --fstype ext4 --name=lv_log --vgname=vg_root --size=8192 --label=LOGFS --fsoptions=“nodev,noexec,nosuid”

Partition clearing information

ignoredisk --only-use=sda
clearpart --none --initlabel

System timezone

timezone Europe/Paris --isUtc --ntpservers=${build_vm_ntp_server}

#Root password
rootpw --lock
user --groups=wheel --name=${build_builder_username} --password=${build_builder_password}

%post
sed -i ‘s/enabled=1/enabled=0/g’ /etc/yum/pluginconf.d/subscription-manager.conf
cat < /etc/yum.repos.d/${build_os_name}.repo
[rpm.test]
name=${build_os_name}.repo
baseurl=${build_os_repo}
gpgkey=${build_os_repo}/RPM-GPG-KEY-Rocky-9.gpg
repo_gpgcheck=1
sslverify=0
gpgcheck=0
enabled=1
EOF
/bin/dnf install -y sudo open-vm-tools perl python3-pip
echo “${build_builder_username} ALL=(ALL) EXEC:NOPASSWD: ALL” >> /etc/sudoers.d/${build_builder_username}
%end

reboot --eject

2

Looking at the very first error message in your print-screen, which is " “caused by SSLError: SSL record layer failure” a A.I. query gives me five possible reason for that error, could any of these five apply to you?

Common Causes of This Error

  1. Protocol Mismatch:
  • The client and server do not support a common SSL/TLS version.
  • For example, the client might be using TLS 1.3, but the server only supports TLS 1.0 (which is deprecated).
  1. Corrupted or Malformed SSL Packets:
  • The data received during the handshake is not in the expected format.
  • This could be due to a proxy, firewall, or load balancer interfering with the connection.
  1. Wrong Port:
  • Trying to establish an SSL connection on a port that doesn’t support SSL (e.g., connecting to HTTP on port 443).
  1. Certificate Issues:
  • The server’s SSL certificate might be expired, self-signed, or not trusted by the client.
  1. Man-in-the-Middle (MITM) Interference:
  • Some antivirus software or corporate proxies intercept SSL traffic and re-sign certificates, which can cause SSL errors.

Hopefully these ideas might give you a path forward…

Tony

3

Hello @R_O_C_K_Y_L_I_N_U_X

I just figured this out

Thank you for your help

4

For the benefit of others in the future who encounter the same message, can you provide the solution.

5

Yes of course @R_O_C_K_Y_L_I_N_U_X

for the repo issue i just use url --url and not the repo command
i used my own private registry

Use network installation

url --url=“https://rpm.x.x/rockylinux9/baseos_rockylinux9/” --noverifyssl
url --url=“https://rpm.x.x/rockylinux9/appstream_rockylinux9/” --noverifyssl

but now i’ve got another issue

{C579817B-7AC9-4EFC-8879-37FCE2FC7AEC}
{C579817B-7AC9-4EFC-8879-37FCE2FC7AEC}1084×451 189 KB

dependency packages conflict, i try to find a solution of this since 2 days, anyone have an idea ?