You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
510 lines
10 KiB
510 lines
10 KiB
#!/usr/bin/env sh
|
|
|
|
# Script de l'initramfs pour le montage de la racine finale
|
|
# ---------------------------------------------------------
|
|
|
|
# Ce script est appelé par l'initramfs pour monter la racine finale
|
|
# Ce script utilise les variables définies dans le fichier de configuration
|
|
# d'un système virtuel.
|
|
|
|
# Monte les répertoires de l'union
|
|
mountUnionDirs_tgz2() {
|
|
|
|
echo "=== Mount in TGZ2 mode..."
|
|
|
|
#mdev -s
|
|
#ls -l /dev
|
|
#ls -l /
|
|
|
|
#[ ! -d /root ] && mkdir /root
|
|
|
|
#mount -t ext4 -o ro /dev/vda1 /root
|
|
|
|
|
|
[ ! -d /root-ro ] && mkdir /root-ro
|
|
[ ! -d /root-rw ] && mkdir /root-rw
|
|
|
|
# readonly
|
|
if ! mount | grep -q /root && [ "$EMULATOR" = "linux" ]; then
|
|
ls -l /dev/ubd*
|
|
mount -o ro,noload /dev/ubda1 /root
|
|
#mount -o remount,ro /root
|
|
fi
|
|
#ls /root
|
|
mount -o move /root /root-ro
|
|
|
|
# aufs
|
|
#mount -t tmpfs -o size=64m tmpfs /root-rw
|
|
if [ -z "$AUFS_FILE" ]; then
|
|
if [ -n "$AUFS_SIZE" ]; then
|
|
mount -o size=$((1024*1024*$AUFS_SIZE)) \
|
|
-t tmpfs none /root-rw || exit 1
|
|
else
|
|
mount -t tmpfs none /root-rw || exit 1
|
|
fi
|
|
else
|
|
mount -t ext4 $aufsDev /root-rw || exit 1
|
|
rm -Rf /root-rw/*
|
|
fi
|
|
|
|
# union
|
|
|
|
mkdir /root-rw/data /root-rw/work
|
|
|
|
if [ 1 = 1 ]; then
|
|
modprobe overlay
|
|
mount none -t overlay -o redirect_dir=on -o lowerdir=/root-ro,upperdir=/root-rw/data,workdir=/root-rw/work /root
|
|
[ $? -eq 0 ] && {
|
|
mkdir -p /root/overlays/ro /root/overlays/rw
|
|
mount -o bind /root-ro /root/overlays/ro
|
|
mount -o bind /root-rw /root/overlays/rw
|
|
}
|
|
else
|
|
# aufs DEPRECATED, not functional
|
|
modprobe aufs
|
|
mount -v -t aufs -o br:/root-rw/data:/root-ro none /root
|
|
#[ $? -eq 0 ] && {
|
|
mkdir -p /root/overlays/ro /root/overlays/rw
|
|
mount --move /root-ro /root/overlays/ro
|
|
mount --move /root-rw /root/overlays/rw
|
|
#}
|
|
|
|
fi
|
|
|
|
if [ ! -d /root/etc ]; then
|
|
echo
|
|
echo "Error in overlay (tgz mode) !"
|
|
echo
|
|
sh -i
|
|
fi
|
|
}
|
|
|
|
mountUnionDirs_overlay() {
|
|
|
|
echo "Mount in OVERLAY mode..."
|
|
[ ! -d /root-ro ] && mkdir /root-ro
|
|
[ ! -d /root-rw ] && mkdir /root-rw
|
|
|
|
# readonly
|
|
if ! mount | grep -q /root && [ "$EMULATOR" = "linux" ]; then
|
|
ls -l /dev/ubd*
|
|
mount -o ro,noload /dev/ubda1 /root
|
|
#mount -o remount,ro /root
|
|
fi
|
|
#ls /root
|
|
mount -o move /root /root-ro
|
|
|
|
mount -t ext4 $saveDev /root-rw || exit 1
|
|
|
|
# union
|
|
|
|
[ ! -d /root-rw/data ] && mkdir /root-rw/data
|
|
[ ! -d /root-rw/work ] && mkdir /root-rw/work
|
|
|
|
|
|
|
|
if [ 1 = 1 ]; then
|
|
|
|
modprobe overlay #redirect_dir=on xino_auto metacopy=off
|
|
mount none -t overlay -o redirect_dir=on -o lowerdir=/root-ro,upperdir=/root-rw/data,workdir=/root-rw/work /root
|
|
#mount none -t overlay -o lowerdir=/root-ro,upperdir=/root-rw/data,workdir=/root-rw/work /root
|
|
|
|
|
|
[ $? -eq 0 ] && {
|
|
mkdir -p /root/overlays/ro /root/overlays/rw
|
|
mount -o bind /root-ro /root/overlays/ro
|
|
mount -o bind /root-rw /root/overlays/rw
|
|
}
|
|
|
|
else
|
|
# deprecated, not fonctional !
|
|
modprobe aufs
|
|
mount -v -t aufs -o br:/root-rw/data:/root-ro none /root
|
|
#[ $? -eq 0 ] && {
|
|
mkdir -p /root/overlays/ro /root/overlays/rw
|
|
mount --move /root-ro /root/overlays/ro
|
|
mount --move /root-rw /root/overlays/rw
|
|
#}
|
|
|
|
fi
|
|
|
|
if [ ! -d /root/etc ]; then
|
|
echo
|
|
echo "Error in overlay (overlay mode) !"
|
|
echo
|
|
sh -i
|
|
fi
|
|
|
|
}
|
|
|
|
setNetwork() {
|
|
|
|
modprobe virtio_net
|
|
|
|
NB_ETH=$(echo $NETWORKS | wc -w)
|
|
|
|
for i in $(seq 0 $NB_ETH); do
|
|
ifconfig eth$i up
|
|
done
|
|
ifconfig -a
|
|
ifconfig eth$NB_ETH 10.0.2.15 netmask 255.255.255.0
|
|
|
|
#sh -i
|
|
|
|
cat << EOF > /root/etc/network/interfaces
|
|
# This file describes the network interfaces available on your system
|
|
# and how to activate them. For more information, see interfaces(5).
|
|
|
|
source /etc/network/interfaces.d/*
|
|
|
|
# The loopback network interface
|
|
auto lo
|
|
iface lo inet loopback
|
|
EOF
|
|
|
|
}
|
|
|
|
cpSshIdentityOld() {
|
|
|
|
# Copie de l'identité ssh
|
|
|
|
authorized_keys=/root/.ssh/authorized_keys
|
|
[ -n "$SSH_IDENTITY" ] && {
|
|
[ ! -d /root//root/.ssh ] && mkdir -m 700 /root/root/.ssh
|
|
for i in $SSH_IDENTITY; do
|
|
f=/etc/vdn/.ssh/$(basename $i)
|
|
if [ -e $f ]; then
|
|
ident="$(cat $f)"
|
|
grep -q "$ident" /root/root/.ssh/authorized_keys || \
|
|
cat $f >> /root/root/.ssh/authorized_keys
|
|
chmod 600 /root/root/.ssh/authorized_keys
|
|
echo "vdn : copie de $f"
|
|
cat /root/root/.ssh/authorized_keys
|
|
break
|
|
fi
|
|
done
|
|
}
|
|
}
|
|
|
|
|
|
beforeExtractTgz() {
|
|
|
|
# Copie de la conf
|
|
|
|
[ ! -d /root/etc/vdn ] && mkdir -p /root/etc/vdn
|
|
cp -a /etc/vdn/* /root/etc/vdn
|
|
|
|
|
|
# extract files (host, all, guest)
|
|
for d in /etc/vdn/host /etc/vdn/all /etc/vdn/guest; do
|
|
if [ -d $d ]; then
|
|
( cd $d && tar czf - . ) | ( cd /root && tar --no-same-owner -xpzf - )
|
|
fi
|
|
done
|
|
|
|
if [ -e /etc/rc.local ]; then
|
|
cp /etc/rc.local /root/etc/rc.local
|
|
fi
|
|
|
|
}
|
|
|
|
extractSaveTgz() {
|
|
echo "Extract save tgz"
|
|
if [ -n "$saveDev" ]; then
|
|
tar -C /root -xzpf $saveDev #2> /dev/null
|
|
fi
|
|
}
|
|
|
|
setServices() {
|
|
|
|
generated="
|
|
hddtemp
|
|
isc-dhcp-server
|
|
proftpd
|
|
speech-dispatcher
|
|
"
|
|
|
|
base="
|
|
avahi-daemon
|
|
console-setup
|
|
cron
|
|
inetd
|
|
keyboard-setup
|
|
networking
|
|
rsyslog
|
|
ssh
|
|
sshd
|
|
"
|
|
|
|
cmd="systemctl list-unit-files --type service --no-legend --no-pager | egrep 'enabled|generated' | cut -d ' ' -f 1 | sed -re 's/\.service//'"
|
|
|
|
|
|
all=$(eval chroot /root $cmd)
|
|
all=$( { echo "$all"; echo "$generated"; } | tr ' ' '\n' | grep -v '^$' | sort )
|
|
|
|
base=$( echo "$base" | tr ' ' '\n' | grep -v '^$' | sort )
|
|
|
|
extra="$(echo $EXTRA_SERVICES | tr ' ' '\n' | grep -v '^$' | sort -u ) haveged"
|
|
|
|
enable=$( { echo "$base"; echo "$extra"; } | tr ' ' '\n' | grep -v '^$' | sort -u )
|
|
|
|
echo "$all" > /root/tmp/all
|
|
echo "$enable" > /root/tmp/enable
|
|
|
|
badEnable=$(chroot /root comm -1 -3 /tmp/all /tmp/enable)
|
|
|
|
disable=$(chroot /root comm -2 -3 /tmp/all /tmp/enable)
|
|
|
|
#echo "==== all (file) ===="
|
|
#cat /root/tmp/all
|
|
#echo "==== enable (file) ===="
|
|
#cat /root/tmp/enable
|
|
|
|
#echo "================"
|
|
echo
|
|
echo "Services :"
|
|
echo
|
|
echo All services : $all
|
|
echo
|
|
echo Base services : $base
|
|
echo
|
|
echo Extra services : $extra
|
|
echo
|
|
echo enable : $enable
|
|
echo
|
|
echo disable : $disable
|
|
echo
|
|
echo mask : $EXCLUDE_SERVICES
|
|
echo
|
|
|
|
#if [ -n "$badEnable" ]; then
|
|
# echo "!!! Invalid enable service(s) ! : $badEnable"
|
|
# sleep 1
|
|
#fi
|
|
|
|
export enable
|
|
export disable
|
|
|
|
OLDROOT=$ROOT
|
|
unset ROOT
|
|
|
|
for i in $enable; do
|
|
chroot /root systemctl unmask $i
|
|
chroot /root systemctl enable $i
|
|
done
|
|
|
|
for i in $disable; do
|
|
chroot /root systemctl disable $i
|
|
done
|
|
|
|
chroot /root systemctl mask $EXCLUDE_SERVICES
|
|
|
|
ROOT=$OLDROOT
|
|
|
|
}
|
|
|
|
updateHdb() {
|
|
|
|
if [ $HDB_PART_FORMAT = 1 ]; then
|
|
if ! fdisk -l /dev/vdb | grep -q vdb1; then
|
|
#/bin/sh -i
|
|
echo -e 'n\np\n1\n\n\np\nw\n' | fdisk /dev/vdb
|
|
/root/sbin/mkfs.ext4 -j /dev/vdb1
|
|
#/bin/sh -i
|
|
#mv \$mdir \$mdir.bak
|
|
fi
|
|
[ ! -d /root/mnt/vdb1 ] && mkdir /root/mnt/vdb1
|
|
mount -o errors=remount-ro /dev/vdb1 /root/mnt/vdb1
|
|
fi
|
|
|
|
|
|
|
|
if [ -n "$HDB_DIRS" ]; then
|
|
if ! mount | grep -q /root/mnt/vdb1 ; then
|
|
echo
|
|
echo "/root/mnt/vdb1 non monté ! Abandon du transfert des répertoires"
|
|
echo
|
|
sleep 3
|
|
fi
|
|
|
|
for i in $HDB_DIRS; do
|
|
if [ ! -d /root/mnt/vdb1/$i ]; then
|
|
[ ! -d $(dirname /root/mnt/vdb1/$i) ] && mkdir -p $(dirname /root/mnt/vdb1/$i)
|
|
if [ -d /root/$i ]; then
|
|
cp -a /root/$i /root/mnt/vdb1/$i
|
|
else
|
|
mkdir -p /root/mnt/vdb1/$i
|
|
fi
|
|
fi
|
|
|
|
mount -o bind /root/mnt/vdb1/$i /root/$i || echo "Error mount /mnt/vdb1/$i !" >&2
|
|
done
|
|
fi
|
|
}
|
|
|
|
listDisks() {
|
|
if [ "$EMULATOR" = "linux" ]; then
|
|
ls /dev/ubd[[:lower:]] # | grep -E 'udb[:lower:]r?'
|
|
else
|
|
ls /dev/?d[[:lower:]]
|
|
fi
|
|
}
|
|
|
|
|
|
echo
|
|
echo "=== Start mount-root script..."
|
|
echo
|
|
#set -eu
|
|
|
|
set -a
|
|
. /etc/vdn/config
|
|
set +a
|
|
|
|
#cat /etc/vdn/config
|
|
|
|
echo "EMULATOR=$EMULATOR" >&2
|
|
echo "MODE=$MODE" >&2
|
|
echo "NB_DISK=$NB_DISK" >&2
|
|
|
|
listDisks >&2
|
|
|
|
# Sauvegarde
|
|
saveDev=$(listDisks | head -n $((1+$NB_DISK)) | tail -n 1 )
|
|
|
|
if [ $MODE = tgz2 ]; then
|
|
if [ "$(dd if=$saveDev count=1 bs=512 2>/dev/null | wc -c)" = "0" ]; then
|
|
saveDev=""
|
|
fi
|
|
fi
|
|
|
|
#echo "saveDev=$saveDev"
|
|
|
|
# Aufs (now : overlayfs)
|
|
|
|
aufsDev=""
|
|
if [ $MODE = tgz -o $MODE="tgz2" ]; then
|
|
aufsDev=$(listDisks | head -n $((2+$NB_DISK)) | tail -n 1 )
|
|
fi
|
|
echo "aufsDev=$aufsDev"
|
|
|
|
|
|
mountUnionDirs_$MODE
|
|
|
|
updateHdb
|
|
beforeExtractTgz
|
|
###setServices
|
|
###setNetwork
|
|
|
|
if [ $MODE = tgz -o $MODE = tgz2 ]; then
|
|
extractSaveTgz
|
|
fi
|
|
|
|
if [ ! -e /root-rw/data/etc/hostname ]; then
|
|
if [ $SET_HOSTNAME = 1 ]; then
|
|
echo "$GUEST_NAME" > /root-rw/data/etc/hostname
|
|
else
|
|
echo "" > /root-rw/data/etc/hostname
|
|
fi
|
|
fi
|
|
|
|
# disable halt reboot shutdown poweroff
|
|
if [ $MODE = tgz -o $MODE = tgz2 ]; then
|
|
for i in halt reboot shutdown poweroff; do
|
|
[ -e /root/sbin/$i -a ! -e /root/sbin/.$i ] && mv /root/sbin/$i /root/sbin/.$i
|
|
#/bin/rm -f /root/sbin/$i 2> /dev/null
|
|
cat << EOF > /root/sbin/$i
|
|
#!/bin/bash
|
|
|
|
echo -e "\$0 is disable in TGZ mode !\nUse vdn-halt host command or halt in the GUI." >&2
|
|
|
|
exit 1
|
|
EOF
|
|
chmod 755 /root/sbin/$i
|
|
done
|
|
fi
|
|
|
|
#if [ ! -e /root/root/.vimrc ]; then
|
|
# sed -re 's/"syntax on/syntax on/' /root/etc/vim/vimrc > /root/root/.vimrc
|
|
#fi
|
|
|
|
# runlevel
|
|
|
|
chroot /root systemctl set-default $RUNLEVEL
|
|
|
|
cat << EOF > /root/etc/rc.local.old
|
|
#!/bin/sh -e
|
|
#
|
|
# rc.local
|
|
#
|
|
# This script is executed at the end of each multiuser runlevel.
|
|
# Make sure that the script will "exit 0" on success or any other
|
|
# value on error.
|
|
#
|
|
# In order to enable or disable this script just change the execution
|
|
# bits.
|
|
#
|
|
# By default this script does nothing.
|
|
|
|
mount -t tmpfs tmpfs /run -o remount,size=20M
|
|
|
|
[ -x /root/firewall.sh ] && /root/firewall.sh
|
|
[ -e /etc/start ] && bash /etc/start &
|
|
|
|
exit 0
|
|
EOF
|
|
|
|
#chmod 755 /root/etc/rc.local
|
|
|
|
if [ -n "$HOSTS" ]; then
|
|
#echo "Generate /etc/hosts"
|
|
|
|
(
|
|
echo "
|
|
127.0.0.1 localhost
|
|
127.0.1.1 debian
|
|
"
|
|
echo "$HOSTS" | while read name; do
|
|
if echo $name | grep -q PUB; then
|
|
name=$(echo $name | sed -re 's/^[[:space:]]*PUB[^[:space:]]*[[:space:]]+([^[:space:]]+).*$/\1/')
|
|
pub=$(echo $PUBLICS_IP | sed -re 's/^.*'$name':([0-9.]+).*$/\1/')
|
|
echo "replace $name ($pub)..." >&2
|
|
name="$pub $name"
|
|
fi
|
|
|
|
echo "$name"
|
|
done
|
|
|
|
echo "
|
|
# The following lines are desirable for IPv6 capable hosts
|
|
::1 localhost ip6-localhost ip6-loopback
|
|
ff02::1 ip6-allnodes
|
|
ff02::2 ip6-allrouters
|
|
"
|
|
) > /root/etc/hosts
|
|
cat /root/etc/hosts
|
|
|
|
fi
|
|
|
|
#cat /root/root/.ssh/authorized_keys
|
|
#echo
|
|
[ -e /root/etc/vdn/authorized-root.txt ] && {
|
|
echo "Add authorized root(s)" >&2
|
|
cat /root/etc/vdn/authorized-root.txt | while read l; do
|
|
echo " found $l"
|
|
cat /root/root/.ssh/authorized_keys | grep -q "$l$" || {
|
|
echo " add $l"
|
|
echo "$l" >> /root/root/.ssh/authorized_keys
|
|
}
|
|
done
|
|
}
|
|
#echo
|
|
#cat /root/root/.ssh/authorized_keys
|
|
#echo "end of $0"
|
|
|
|
#sleep 3
|
|
#/bin/sh -i
|
|
|
|
#echo "###################################################################"
|
|
|
|
|