Tested on CentOS.
The original article is Preparing Linux Template VMs, please read that first! This article is for preservation and my own personal use.
Step 1: Clean out yum and apt caches.
/usr/bin/yum clean all
Step 2: Force the logs to rotate.
/usr/sbin/logrotate –f /etc/logrotate.conf
/bin/rm –f /var/log/-???????? /var/log/.gz
Step 3: Clear the audit log & wtmp.
/bin/cat /dev/null > /var/log/audit/audit.log
/bin/cat /dev/null > /var/log/wtmp
This whole /dev/null business is also a trick that lets you clear a file without restarting the process associated with it, useful in many more situations than just template-building.
Step 4: Remove the udev persistent device rules.
/bin/rm -f /etc/udev/rules.d/70*
Step 5: Remove the traces of the template MAC address and UUIDs.
/bin/sed -i ‘/^(HWADDR|UUID)=/d’ /etc/sysconfig/network-scripts/ifcfg-eth0
Just removing unique identifiers from the template so the cloned VM gets its own.
Step 6: Clean /tmp out.
/bin/rm –rf /tmp/*
/bin/rm –rf /var/tmp/*
Under normal, non-template circumstances you really don’t ever want to run rm on /tmp like this. Use tmpwatch or any manner of safer ways to do this, since there are attacks people can use by leaving symlinks and whatnot in /tmp that rm might traverse (“whoops, I don’t have an /etc/passwd anymore!”). Plus, users and processes might actually be using /tmp, and it’s impolite to delete their files. However, this is your template image, and if there are people attacking your template you should reconsider how you’re doing business. Really.
Step 7: Remove the SSH host keys.
/bin/rm –f /etc/ssh/key
If you don’t do this all your VMs will have all the same keys, which has negative security implications.
Step 8: Remove the root user’s shell history
/bin/rm -f ~root/.bash_history
No sense in keeping this history around, it’s irrelevant to the cloned VM.