#!/usr/bin/env sh # Script de l'initramfs pour le montage de la racine finale # --------------------------------------------------------- # Ce script est appelé par l'initramfs pour monter la racine finale # Ce script utilise les variables définies dans le fichier de configuration # d'un système virtuel. # Monte les répertoires de l'union mountUnionDirs_tgz2() { echo "=== Mount in TGZ2 mode..." #mdev -s #ls -l /dev #ls -l / #[ ! -d /root ] && mkdir /root #mount -t ext4 -o ro /dev/vda1 /root [ ! -d /root-ro ] && mkdir /root-ro [ ! -d /root-rw ] && mkdir /root-rw # readonly if ! mount | grep -q /root && [ "$EMULATOR" = "linux" ]; then ls -l /dev/ubd* mount -o ro,noload /dev/ubda1 /root #mount -o remount,ro /root fi #ls /root mount -o move /root /root-ro # aufs #mount -t tmpfs -o size=64m tmpfs /root-rw if [ -z "$AUFS_FILE" ]; then if [ -n "$AUFS_SIZE" ]; then mount -o size=$((1024*1024*$AUFS_SIZE)) \ -t tmpfs none /root-rw || exit 1 else mount -t tmpfs none /root-rw || exit 1 fi else mount -t ext4 $aufsDev /root-rw || exit 1 rm -Rf /root-rw/* fi # union mkdir /root-rw/data /root-rw/work if [ 1 = 1 ]; then modprobe overlay mount none -t overlay -o redirect_dir=on -o lowerdir=/root-ro,upperdir=/root-rw/data,workdir=/root-rw/work /root [ $? -eq 0 ] && { mkdir -p /root/overlays/ro /root/overlays/rw mount -o bind /root-ro /root/overlays/ro mount -o bind /root-rw /root/overlays/rw } else # aufs DEPRECATED, not functional modprobe aufs mount -v -t aufs -o br:/root-rw/data:/root-ro none /root #[ $? -eq 0 ] && { mkdir -p /root/overlays/ro /root/overlays/rw mount --move /root-ro /root/overlays/ro mount --move /root-rw /root/overlays/rw #} fi if [ ! -d /root/etc ]; then echo echo "Error in overlay (tgz mode) !" echo sh -i fi } mountUnionDirs_overlay() { echo "Mount in OVERLAY mode..." [ ! -d /root-ro ] && mkdir /root-ro [ ! -d /root-rw ] && mkdir /root-rw # readonly if ! mount | grep -q /root && [ "$EMULATOR" = "linux" ]; then ls -l /dev/ubd* mount -o ro,noload /dev/ubda1 /root #mount -o remount,ro /root fi #ls /root mount -o move /root /root-ro mount -t ext4 $saveDev /root-rw || exit 1 # union [ ! -d /root-rw/data ] && mkdir /root-rw/data [ ! -d /root-rw/work ] && mkdir /root-rw/work if [ 1 = 1 ]; then modprobe overlay #redirect_dir=on xino_auto metacopy=off mount none -t overlay -o redirect_dir=on -o lowerdir=/root-ro,upperdir=/root-rw/data,workdir=/root-rw/work /root #mount none -t overlay -o lowerdir=/root-ro,upperdir=/root-rw/data,workdir=/root-rw/work /root [ $? -eq 0 ] && { mkdir -p /root/overlays/ro /root/overlays/rw mount -o bind /root-ro /root/overlays/ro mount -o bind /root-rw /root/overlays/rw } else # deprecated, not fonctional ! modprobe aufs mount -v -t aufs -o br:/root-rw/data:/root-ro none /root #[ $? -eq 0 ] && { mkdir -p /root/overlays/ro /root/overlays/rw mount --move /root-ro /root/overlays/ro mount --move /root-rw /root/overlays/rw #} fi if [ ! -d /root/etc ]; then echo echo "Error in overlay (overlay mode) !" echo sh -i fi } setNetwork() { modprobe virtio_net NB_ETH=$(echo $NETWORKS | wc -w) for i in $(seq 0 $NB_ETH); do ifconfig eth$i up done ifconfig -a ifconfig eth$NB_ETH 10.0.2.15 netmask 255.255.255.0 #sh -i cat << EOF > /root/etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). source /etc/network/interfaces.d/* # The loopback network interface auto lo iface lo inet loopback EOF } cpSshIdentityOld() { # Copie de l'identité ssh authorized_keys=/root/.ssh/authorized_keys [ -n "$SSH_IDENTITY" ] && { [ ! -d /root//root/.ssh ] && mkdir -m 700 /root/root/.ssh for i in $SSH_IDENTITY; do f=/etc/vdn/.ssh/$(basename $i) if [ -e $f ]; then ident="$(cat $f)" grep -q "$ident" /root/root/.ssh/authorized_keys || \ cat $f >> /root/root/.ssh/authorized_keys chmod 600 /root/root/.ssh/authorized_keys echo "vdn : copie de $f" cat /root/root/.ssh/authorized_keys break fi done } } beforeExtractTgz() { # Copie de la conf [ ! -d /root/etc/vdn ] && mkdir -p /root/etc/vdn cp -a /etc/vdn/* /root/etc/vdn # extract files (host, all, guest) for d in /etc/vdn/host /etc/vdn/all /etc/vdn/guest; do if [ -d $d ]; then ( cd $d && tar czf - . ) | ( cd /root && tar --no-same-owner -xpzf - ) fi done if [ -e /etc/rc.local ]; then cp /etc/rc.local /root/etc/rc.local fi } extractSaveTgz() { echo "Extract save tgz" if [ -n "$saveDev" ]; then tar -C /root -xzpf $saveDev #2> /dev/null fi } setServices() { generated=" hddtemp isc-dhcp-server proftpd speech-dispatcher " base=" avahi-daemon console-setup cron inetd keyboard-setup networking rsyslog ssh sshd " cmd="systemctl list-unit-files --type service --no-legend --no-pager | egrep 'enabled|generated' | cut -d ' ' -f 1 | sed -re 's/\.service//'" all=$(eval chroot /root $cmd) all=$( { echo "$all"; echo "$generated"; } | tr ' ' '\n' | grep -v '^$' | sort ) base=$( echo "$base" | tr ' ' '\n' | grep -v '^$' | sort ) extra="$(echo $EXTRA_SERVICES | tr ' ' '\n' | grep -v '^$' | sort -u ) haveged" enable=$( { echo "$base"; echo "$extra"; } | tr ' ' '\n' | grep -v '^$' | sort -u ) echo "$all" > /root/tmp/all echo "$enable" > /root/tmp/enable badEnable=$(chroot /root comm -1 -3 /tmp/all /tmp/enable) disable=$(chroot /root comm -2 -3 /tmp/all /tmp/enable) #echo "==== all (file) ====" #cat /root/tmp/all #echo "==== enable (file) ====" #cat /root/tmp/enable #echo "================" echo echo "Services :" echo echo All services : $all echo echo Base services : $base echo echo Extra services : $extra echo echo enable : $enable echo echo disable : $disable echo echo mask : $EXCLUDE_SERVICES echo #if [ -n "$badEnable" ]; then # echo "!!! Invalid enable service(s) ! : $badEnable" # sleep 1 #fi export enable export disable OLDROOT=$ROOT unset ROOT for i in $enable; do chroot /root systemctl unmask $i chroot /root systemctl enable $i done for i in $disable; do chroot /root systemctl disable $i done chroot /root systemctl mask $EXCLUDE_SERVICES ROOT=$OLDROOT } updateHdb() { if [ $HDB_PART_FORMAT = 1 ]; then if ! fdisk -l /dev/vdb | grep -q vdb1; then #/bin/sh -i echo -e 'n\np\n1\n\n\np\nw\n' | fdisk /dev/vdb /root/sbin/mkfs.ext4 -j /dev/vdb1 #/bin/sh -i #mv \$mdir \$mdir.bak fi [ ! -d /root/mnt/vdb1 ] && mkdir /root/mnt/vdb1 mount -o errors=remount-ro /dev/vdb1 /root/mnt/vdb1 fi if [ -n "$HDB_DIRS" ]; then if ! mount | grep -q /root/mnt/vdb1 ; then echo echo "/root/mnt/vdb1 non monté ! Abandon du transfert des répertoires" echo sleep 3 fi for i in $HDB_DIRS; do if [ ! -d /root/mnt/vdb1/$i ]; then [ ! -d $(dirname /root/mnt/vdb1/$i) ] && mkdir -p $(dirname /root/mnt/vdb1/$i) if [ -d /root/$i ]; then cp -a /root/$i /root/mnt/vdb1/$i else mkdir -p /root/mnt/vdb1/$i fi fi mount -o bind /root/mnt/vdb1/$i /root/$i || echo "Error mount /mnt/vdb1/$i !" >&2 done fi } listDisks() { if [ "$EMULATOR" = "linux" ]; then ls /dev/ubd[[:lower:]] # | grep -E 'udb[:lower:]r?' else ls /dev/?d[[:lower:]] fi } echo echo "=== Start mount-root script..." echo #set -eu set -a . /etc/vdn/config set +a #cat /etc/vdn/config echo "EMULATOR=$EMULATOR" >&2 echo "MODE=$MODE" >&2 echo "NB_DISK=$NB_DISK" >&2 listDisks >&2 # Sauvegarde saveDev=$(listDisks | head -n $((1+$NB_DISK)) | tail -n 1 ) if [ $MODE = tgz2 ]; then if [ "$(dd if=$saveDev count=1 bs=512 2>/dev/null | wc -c)" = "0" ]; then saveDev="" fi fi #echo "saveDev=$saveDev" # Aufs (now : overlayfs) aufsDev="" if [ $MODE = tgz -o $MODE="tgz2" ]; then aufsDev=$(listDisks | head -n $((2+$NB_DISK)) | tail -n 1 ) fi echo "aufsDev=$aufsDev" mountUnionDirs_$MODE updateHdb beforeExtractTgz ###setServices ###setNetwork if [ $MODE = tgz -o $MODE = tgz2 ]; then extractSaveTgz fi if [ ! -e /root-rw/data/etc/hostname ]; then if [ $SET_HOSTNAME = 1 ]; then echo "$GUEST_NAME" > /root-rw/data/etc/hostname else echo "" > /root-rw/data/etc/hostname fi fi # disable halt reboot shutdown poweroff if [ $MODE = tgz -o $MODE = tgz2 ]; then for i in halt reboot shutdown poweroff; do [ -e /root/sbin/$i -a ! -e /root/sbin/.$i ] && mv /root/sbin/$i /root/sbin/.$i #/bin/rm -f /root/sbin/$i 2> /dev/null cat << EOF > /root/sbin/$i #!/bin/bash echo -e "\$0 is disable in TGZ mode !\nUse vdn-halt host command or halt in the GUI." >&2 exit 1 EOF chmod 755 /root/sbin/$i done fi #if [ ! -e /root/root/.vimrc ]; then # sed -re 's/"syntax on/syntax on/' /root/etc/vim/vimrc > /root/root/.vimrc #fi # runlevel chroot /root systemctl set-default $RUNLEVEL cat << EOF > /root/etc/rc.local.old #!/bin/sh -e # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other # value on error. # # In order to enable or disable this script just change the execution # bits. # # By default this script does nothing. mount -t tmpfs tmpfs /run -o remount,size=20M [ -x /root/firewall.sh ] && /root/firewall.sh [ -e /etc/start ] && bash /etc/start & exit 0 EOF #chmod 755 /root/etc/rc.local if [ -n "$HOSTS" ]; then #echo "Generate /etc/hosts" ( echo " 127.0.0.1 localhost 127.0.1.1 debian " echo "$HOSTS" | while read name; do if echo $name | grep -q PUB; then name=$(echo $name | sed -re 's/^[[:space:]]*PUB[^[:space:]]*[[:space:]]+([^[:space:]]+).*$/\1/') pub=$(echo $PUBLICS_IP | sed -re 's/^.*'$name':([0-9.]+).*$/\1/') echo "replace $name ($pub)..." >&2 name="$pub $name" fi echo "$name" done echo " # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters " ) > /root/etc/hosts cat /root/etc/hosts fi #cat /root/root/.ssh/authorized_keys #echo [ -e /root/etc/vdn/authorized-root.txt ] && { echo "Add authorized root(s)" >&2 cat /root/etc/vdn/authorized-root.txt | while read l; do echo " found $l" cat /root/root/.ssh/authorized_keys | grep -q "$l$" || { echo " add $l" echo "$l" >> /root/root/.ssh/authorized_keys } done } #echo #cat /root/root/.ssh/authorized_keys #echo "end of $0" #sleep 3 #/bin/sh -i #echo "###################################################################"