X-Git-Url: http://git.grml.org/?a=blobdiff_plain;f=scripts%2Flive;h=84924c96c7abbafc2b7e136bb90bd4029b2b69fb;hb=38757eb448bd7e7725085047434df1a4664ddfe2;hp=608084193b297a359c8b6c5275b7fe46f30b793a;hpb=b532cab8c4c56226854c70553902a6e295d68650;p=live-boot-grml.git

diff --git a/scripts/live b/scripts/live
index 6080841..84924c9 100755
--- a/scripts/live
+++ b/scripts/live
@@ -11,10 +11,11 @@ mountpoint="/live/image"
 alt_mountpoint="/media"
 LIVE_MEDIA_PATH="live"
 
-root_persistence="live-rw"
-home_persistence="home-rw"
+root_overlay_label="full-ov"
+custom_overlay_label="custom-ov"
 root_snapshot_label="live-sn"
 home_snapshot_label="home-sn"
+persistence_list="live.persist"
 
 USERNAME="user"
 USERFULLNAME="Live user"
@@ -244,28 +245,37 @@ Arguments ()
 				export PERSISTENT
 				;;
 
-			persistent=*)
-				PERSISTENT="${ARGUMENT#persistent=}"
-				if [ -z "${PERSISTENT}" ]
-				then
-					PERSISTENT="Yes"
-				fi
-				export PERSISTENT
+			persistent-encryption=*)
+				PERSISTENT_ENCRYPTION="${ARGUMENT#*=}"
+				export PERSISTENT_ENCRYPTION
 				;;
 
 			persistent-media=*)
 				PERSISTENT_MEDIA="${ARGUMENT#*=}"
 				export PERSISTENT_MEDIA
 				;;
+			persistent-method=*)
+				PERSISTENT_METHOD="${ARGUMENT#*=}"
+				export PERSISTENT_METHOD
+				;;
 
 			persistent-path=*)
 				PERSISTENT_PATH="${ARGUMENT#persistent-path=}"
 				export PERSISTENT_PATH
 				;;
+			persistent-read-only)
+				PERSISTENT_READONLY="Yes"
+				export PERSISTENT_READONLY
+				;;
+
+			persistent-storage=*)
+				PERSISTENT_STORAGE="${ARGUMENT#persistent-storage=}"
+				export PERSISTENT_STORAGE
+				;;
 
 			persistent-subtext=*)
-				root_persistence="${root_persistence}-${ARGUMENT#persistent-subtext=}"
-				home_persistence="${home_persistence}-${ARGUMENT#persistent-subtext=}"
+				root_overlay_label="${root_overlay_label}-${ARGUMENT#persistent-subtext=}"
+				custom_overlay_label="${custom_overlay_label}-${ARGUMENT#persistent-subtext=}"
 				root_snapshot_label="${root_snapshot_label}-${ARGUMENT#persistent-subtext=}"
 				home_snapshot_label="${home_snapshot_label}-${ARGUMENT#persistent-subtext=}"
 				;;
@@ -385,6 +395,39 @@ Arguments ()
 		UNIONTYPE="aufs"
 		export UNIONTYPE
 	fi
+
+	if [ -z "${PERSISTENT_ENCRYPTION}" ]
+	then
+		PERSISTENT_ENCRYPTION="none"
+		export PERSISTENT_ENCRYPTION
+	elif echo ${PERSISTENT_ENCRYPTION} | grep -qe "\<luks\>"
+	then
+		if ! modprobe dm-crypt
+		then
+			log_warning_msg "Unable to load module dm-crypt"
+			PERSISTENT_ENCRYPTION=$(echo ${PERSISTENT_ENCRYPTION} | sed -e 's/\<luks,\|,\?luks$//g')
+			export PERSISTENT_ENCRYPTION
+		fi
+
+		if [ ! -x /lib/cryptsetup/askpass ] || [ ! -x /sbin/cryptsetup ]
+		then
+			log_warning_msg "cryptsetup in unavailable"
+			PERSISTENT_ENCRYPTION=$(echo ${PERSISTENT_ENCRYPTION} | sed -e 's/\<luks,\|,\?luks$//g')
+			export PERSISTENT_ENCRYPTION
+		fi
+	fi
+
+	if [ -n "${PERSISTENT}" ] && [ -z "${PERSISTENT_METHOD}" ]
+	then
+		PERSISTENT_METHOD="snapshot,overlay"
+		export PERSISTENT_METHOD
+	fi
+
+	if [ -n "${PERSISTENT}" ] && [ -z "${PERSISTENT_STORAGE}" ]
+	then
+		PERSISTENT_STORAGE="filesystem,file"
+		export PERSISTENT_STORAGE
+	fi
 }
 
 is_live_path ()
@@ -494,7 +537,7 @@ is_nice_device ()
 		PATH_ID="/sbin/udevadm test-builtin path_id"
 	fi
 
-	if "${PATH_ID}" "${sysfs_path}" | egrep -q "ID_PATH=(usb|pci-[^-]*-(ide|sas|scsi|usb|virtio)|platform-sata_mv|platform-orion-ehci|platform-mmc|platform-mxsdhci)"
+	if ${PATH_ID} "${sysfs_path}" | egrep -q "ID_PATH=(usb|pci-[^-]*-(ide|sas|scsi|usb|virtio)|platform-sata_mv|platform-orion-ehci|platform-mmc|platform-mxsdhci)"
 	then
 		return 0
 	elif echo "${sysfs_path}" | grep -q '^/block/vd[a-z]$'
@@ -812,7 +855,7 @@ do_iscsi()
 	#modprobe ib_iser
 	modprobe iscsi_tcp
 	local debugopt=""
-	[ "${DEBUG}" == "Yes" ] && debugopt="-d 8"
+	[ "${DEBUG}" = "Yes" ] && debugopt="-d 8"
 	#FIXME this name is supposed to be unique - some date + ifconfig hash?
 	ISCSI_INITIATORNAME="iqn.1993-08.org.debian.live:01:$(echo "${HWADDR}" | sed -e s/://g)"
 	export ISCSI_INITIATORNAME
@@ -945,9 +988,9 @@ do_nfsmount ()
 
 	modprobe -q nfs
 
-	if [ -z "${NFSOPTS}" ]
+	if [ -n "${NFSOPTS}" ]
 	then
-		NFSOPTS=""
+		NFSOPTS="-o ${NFSOPTS}"
 	fi
 
 	log_begin_msg "Trying nfsmount -o nolock -o ro ${NFSOPTS} ${NFSROOT} ${mountpoint}"
@@ -974,7 +1017,7 @@ do_cifsmount ()
 		then
 			CIFSOPTS="-ouser=root,password="
 		else
-			CIFSOPTS="${NFSOPTS}"
+			CIFSOPTS="-o ${NFSOPTS}"
 		fi
 
 		log_begin_msg "Trying mount.cifs ${NFSROOT} ${mountpoint} ${CIFSOPTS}"
@@ -1042,26 +1085,6 @@ do_snap_copy ()
 	fi
 }
 
-find_snap ()
-{
-	# Look for ${snap_label}.* in block devices
-	snap_label="${1}"
-	black_listed_devices="${2}"
-	white_listed_devices="${3}"
-
-	if [ "${PERSISTENT}" != "nofiles" ]
-	then
-		# search for image files
-		snapdata=$(find_files "${PERSISTENT_PATH}${snap_label}.squashfs ${PERSISTENT_PATH}${snap_label}.cpio.gz ${PERSISTENT_PATH}${snap_label}.ext2 ${PERSISTENT_PATH}${snap_label}.ext3 ${PERSISTENT_PATH}${snap_label}.ext4 ${PERSISTENT_PATH}${snap_label}.jffs2" "${black_listed_devices}" "${white_listed_devices}")
-	fi
-
-	if [ -z "${snapdata}" ]
-	then
-		snapdata=$(find_cow_device "${snap_label}" "${black_listed_devices}" "${white_listed_devices}")
-	fi
-	echo "${snapdata}"
-}
-
 try_snap ()
 {
 	# copy the contents of previously found snapshot to ${snap_mount}
@@ -1172,7 +1195,10 @@ try_snap ()
 		return 1
 	fi
 
-	echo "export ${snap_type}SNAP=${snap_relpath}:${snapdev}:${snapfile}" >> snapshot.conf # for resync on reboot/halt
+	if [ -z ${PERSISTENT_READONLY} ]
+	then
+		echo "export ${snap_type}SNAP=${snap_relpath}:${snapdev}:${snapfile}" >> snapshot.conf # for resync on reboot/halt
+	fi
 	return 0
 }
 
@@ -1183,7 +1209,7 @@ setup_unionfs ()
 	addimage_directory="${3}"
 
 	case ${UNIONTYPE} in
-		aufs|unionfs)
+		aufs|unionfs|overlayfs)
 			modprobe -q -b ${UNIONTYPE}
 
 			if ! cut -f2 /proc/filesystems | grep -q "^${UNIONTYPE}\$" && [ -x /bin/unionfs-fuse ]
@@ -1211,17 +1237,6 @@ setup_unionfs ()
 	# Let's just mount the read-only file systems first
 	rofslist=""
 
-	if [ "${UNIONTYPE}" = "aufs" ]
-	then
-		roopt="rr+wh"
-		noxino_opt="noxino,"
-	elif [ "${UNIONTYPE}" = "unionfs-fuse" ]
-	then
-		roopt="RO"
-	else
-		roopt="ro"
-	fi
-
 	if [ -z "${PLAIN_ROOT}" ]
 	then
 		# Read image names from ${MODULE}.module if it exists
@@ -1335,7 +1350,7 @@ setup_unionfs ()
 
 	mkdir -p /cow
 
-	# Looking for "${root_persistence}" device or file
+	# Looking for persistent devices or files
 	if [ -n "${PERSISTENT}" ] && [ -z "${NOPERSISTENT}" ]
 	then
 
@@ -1378,46 +1393,71 @@ setup_unionfs ()
 				;;
 		esac
 
-		# search for label and files (this could be hugely optimized)
-		cowprobe=$(find_cow_device "${root_persistence}" "${blacklistdev}" "${whitelistdev}")
-		if [ -b "${cowprobe}" ]
+		if echo ${PERSISTENT_METHOD} | grep -qe "\<overlay\>"
 		then
-			# Blacklist /cow device, to avoid inconsistent setups for overlapping snapshots
-			# makes sense to have both persistence for /cow and /home mounted, maybe also with
-			# snapshots to be sure to really store some e.g key config files,
-			# but not on the same media
-			blacklistdev="${cowprobe}"
-			PERSISTENCE_IS_ON="1"
-			export PERSISTENCE_IS_ON
+			overlays="${root_overlay_label} ${custom_overlay_label}"
 		fi
-		# homecow just mount something on /home, this should be generalized some way
-		homecow=$(find_cow_device "${home_persistence}" "${blacklistdev}" "${whitelistdev}")
-		if [ -b "${homecow}" ]
+
+		if echo ${PERSISTENT_METHOD} | grep -qe "\<snapshot\>"
 		then
-			PERSISTENCE_IS_ON="1"
-			export PERSISTENCE_IS_ON
+			snapshots="${root_snapshot_label} ${home_snapshot_label}"
 		fi
-		root_snapdata=$(find_snap "${root_snapshot_label}" "${blacklistdev}" "${whitelistdev}")
-		# This second type should be removed when snapshot will get smarter,
-		# hence when "/etc/live-snapshot*list" will be supported also by
-		# ext2|ext3|ext4|jffs2 snapshot types.
-		home_snapdata=$(find_snap "${home_snapshot_label}" "${blacklistdev}" "${whitelistdev}")
 
-		if [ -b "${cowprobe}" ]
+		local root_snapdata=""
+		local home_snapshot_label=""
+		local root_overlay_label=""
+		local overlay_devices=""
+		for media in $(find_persistent_media "${overlays}" "${snapshots}" "${blacklistdev}" "${whitelistdev}")
+		do
+			media="$(echo ${media} | tr ":" " ")"
+			case ${media} in
+				${root_snapshot_label}=*)
+					if [ -z "${root_snapdata}" ]
+					then
+						root_snapdata="${media#*=}"
+					fi
+					;;
+				${home_snapshot_label}=*)
+					# This second type should be removed when snapshot will get smarter,
+					# hence when "/etc/live-snapshot*list" will be supported also by
+					# ext2|ext3|ext4|jffs2 snapshot types.
+					if [ -z "${home_snapdata}" ]
+					then
+						home_snapdata="${media#*=}"
+					fi
+					;;
+				${root_overlay_label}=*)
+					if [ -z "${root_overlay_device}" ]
+					then
+						device="${media#*=}"
+						root_overlay_device="${device}"
+					fi
+					;;
+				${custom_overlay_label}=*)
+					device="${media#*=}"
+					overlay_devices="${overlay_devices} ${device}"
+					;;
+			 esac
+		done
+
+		if [ -b "${root_overlay_device}" ]
 		then
-			cowdevice=${cowprobe}
-			cow_fstype=$(get_fstype "${cowprobe}")
-			cow_mountopt="rw,noatime"
+			PERSISTENCE_IS_ON="1"
+			export PERSISTENCE_IS_ON
+
+			cowdevice=${root_overlay_device}
+			cow_fstype=$(get_fstype "${root_overlay_device}")
+			if [ -z "${PERSISTENT_READONLY}" ]
+			then
+				cow_mountopt="rw,noatime"
+			else
+				cow_mountopt="ro,noatime"
+			fi
 
 			if [ "${FORCEPERSISTENTFSCK}" = "Yes" ]
 			then
 				fsck -y ${cowdevice}
 			fi
-		else
-			log_warning_msg "Unable to find the persistent medium"
-			cowdevice="tmpfs"
-			cow_fstype="tmpfs"
-			cow_mountopt="rw,noatime,mode=755"
 		fi
 	elif [ -n "${NFS_COW}" ] && [ -z "${NOPERSISTENT}" ]
 	then
@@ -1430,6 +1470,12 @@ setup_unionfs ()
 			nfs_cow_opts="-o nolock"
 			nfs_cow=${NFS_COW}
 		fi
+
+		if [ -n "${PERSISTENT_READONLY}" ]
+		then
+			nfs_cow_opts="${nfs_cow_opts},nocto,ro"
+		fi
+
 		mac="$(get_mac)"
 		if [ -n "${mac}" ]
 		then
@@ -1438,7 +1484,10 @@ setup_unionfs ()
 		else
 			panic "unable to determine mac address"
 		fi
-	else
+	fi
+
+	if [ -z "${cowdevice}" ]
+	then
 		cowdevice="tmpfs"
 		cow_fstype="tmpfs"
 		cow_mountopt="rw,noatime,mode=755"
@@ -1446,21 +1495,30 @@ setup_unionfs ()
 
 	if [ "${UNIONTYPE}" != "unionmount" ]
 	then
+		if [ -n "${PERSISTENT_READONLY}" ]
+		then
+			mount -t tmpfs -o rw,noatime,mode=755 tmpfs "/cow"
+			root_backing="${rootmnt}/live/persistent/$(basename ${cowdevice})-root"
+			mkdir -p ${root_backing}
+		else
+			root_backing="/cow"
+		fi
 
 		if [ "${cow_fstype}" = "nfs" ]
 		then
 			log_begin_msg \
-				"Trying nfsmount ${nfs_cow_opts} ${cowdevice} /cow"
-			nfsmount ${nfs_cow_opts} ${cowdevice} /cow || \
-				panic "Can not mount ${cowdevice} (n: ${cow_fstype}) on /cow"
+				"Trying nfsmount ${nfs_cow_opts} ${cowdevice} ${root_backing}"
+			nfsmount ${nfs_cow_opts} ${cowdevice} ${root_backing} || \
+				panic "Can not mount ${cowdevice} (n: ${cow_fstype}) on ${root_backing}"
 		else
-			mount -t ${cow_fstype} -o ${cow_mountopt} ${cowdevice} /cow || \
-				panic "Can not mount ${cowdevice} (o: ${cow_fstype}) on /cow"
+			mount -t ${cow_fstype} -o ${cow_mountopt} ${cowdevice} ${root_backing} || \
+				panic "Can not mount ${cowdevice} (o: ${cow_fstype}) on ${root_backing}"
 		fi
 	fi
 
 	rofscount=$(echo ${rofslist} |wc -w)
 
+	# XXX: we now ensure that there can only be one read-only filesystem. Should this be inside the EXPOSED_ROOT if?
 	if [ ${rofscount} -ne 1 ]
 	then
 		panic "only one RO file system supported with exposedroot: ${rofslist}"
@@ -1488,38 +1546,26 @@ setup_unionfs ()
 		#panic "unionmount does not support subunions (${cow_dirs})."
 	fi
 
-	unionmountopts=""
-	unionmountpoint=""
-
 	for dir in ${cow_dirs}; do
-		mkdir -p /cow${dir}
-
 		unionmountpoint="${rootmnt}${dir}"
-		unionrw="/cow${dir}"
-		unionro="${rofs}${dir}"
-		# We don't handle spaces and other junk gracefully here, hopefully not needed.
-		case "${UNIONTYPE}" in
-			unionfs-fuse)
-				unionmountopts="-o cow -o noinitgroups -o default_permissions -o allow_other -o use_ino -o suid"
-				unionmountopts="${unionmountopts} ${unionrw}=RW:${unionro}=RO"
-				( sysctl -w fs.file-max=391524 ; ulimit -HSn 16384
-				unionfs-fuse ${unionmountopts} "${unionmountpoint}" ) && \
-				( mkdir -p /run/sendsigs.omit.d
-				pidof unionfs-fuse >> /run/sendsigs.omit.d/unionfs-fuse || true )
-				;;
-
-			unionmount)
-				unionmountopts="-t ${cow_fstype} -o noatime,union,${cow_mountopt} ${cowdevice}"
-				mount_full $unionmountopts "${unionmountpoint}"
-				;;
-
-
-			*)
-				unionmountopts="-o noatime,${noxino_opt}dirs=${unionrw}=rw:${unionro}=${roopt}"
-				mount -t ${UNIONTYPE} ${unionmountopts} ${UNIONTYPE} "${unionmountpoint}"
-				;;
-		esac || \
-			panic "mount ${UNIONTYPE} on ${unionmountpoint} failed with option ${unionmountopts}"
+		mkdir -p ${unionmountpoint}
+		if [ "${UNIONTYPE}" = "unionmount" ]
+		then
+			# FIXME: handle PERSISTENT_READONLY
+			unionmountopts="-t ${cow_fstype} -o noatime,union,${cow_mountopt} ${cowdevice}"
+			mount_full $unionmountopts "${unionmountpoint}"
+		else
+			cow_dir="/cow${dir}"
+			rofs_dir="${rofs}${dir}"
+			mkdir -p ${cow_dir}
+			if [ -n "${PERSISTENT_READONLY}" ] && [ "${cowdevice}" != "tmpfs" ]
+			then
+				#mount -t tmpfs -o rw,noatime,mode=755 tmpfs "${cow_dir}"
+				do_union ${unionmountpoint} ${cow_dir} ${root_backing} ${rofs_dir}
+			else
+				do_union ${unionmountpoint} ${cow_dir} ${rofs_dir}
+			fi
+		fi || panic "mount ${UNIONTYPE} on ${unionmountpoint} failed with option ${unionmountopts}"
 	done
 
 	# Correct the permissions of /:
@@ -1530,45 +1576,28 @@ setup_unionfs ()
 	mkdir -p "${rootmnt}/live"
 	mount -t tmpfs tmpfs ${rootmnt}/live
 
-	# Adding other custom mounts
-	if [ -n "${PERSISTENT}" ] && [ -z "${NOPERSISTENT}" ]
-	then
-		# directly mount /home
-		# FIXME: add a custom mounts configurable system
-
-		if [ -b "${homecow}" ]
-		then
-			mount -t $(get_fstype "${homecow}") -o rw,noatime "${homecow}" "${rootmnt}/home"
-			export HOMEMOUNTED=1 # used to proper calculate free space in do_snap_copy()
-		else
-			log_warning_msg "Unable to find the persistent home medium"
-		fi
-
-		# Look for other snapshots to copy in
-		try_snap "${root_snapdata}" "${rootmnt}" "ROOT"
-		# This second type should be removed when snapshot grow smarter
-		try_snap "${home_snapdata}" "${rootmnt}" "HOME" "/home"
-	fi
-
-	if [ -n "${SHOWMOUNTS}" ]
+	live_rofs_list=""
+	# SHOWMOUNTS is necessary for custom mounts with the union option
+	# Since we may want to do custom mounts in user-space it's best to always enable SHOWMOUNTS
+	if true #[ -n "${SHOWMOUNTS}" ] || ( [ -n "${PERSISTENT}" ] && [ -z "${NOPERSISTENT}" ] 1)
 	then
+		# XXX: is the for loop really necessary? rofslist can only contain one item (see above XXX about EXPOSEDROOT) and this is also assumed elsewhere above (see use of $rofs above).
 		for d in ${rofslist}
 		do
-			mkdir -p "${rootmnt}/live/${d##*/}"
-
+			live_rofs="${rootmnt}/live/rofs/${d##*/}"
+			live_rofs_list="${live_rofs_list} ${live_rofs}"
+			mkdir -p "${live_rofs}"
 			case d in
 				*.dir)
-					# do nothing # mount -o bind "${d}" "${rootmnt}/live/${d##*/}"
+					# do nothing # mount -o bind "${d}" "${live_rofs}"
 					;;
-
 				*)
 					case "${UNIONTYPE}" in
 						unionfs-fuse)
-							mount -o bind "${d}" "${rootmnt}/live/${d##*/}"
+							mount -o bind "${d}" "${live_rofs}"
 							;;
-
 						*)
-							mount -o move "${d}" "${rootmnt}/live/${d##*/}"
+							mount -o move "${d}" "${live_rofs}"
 							;;
 					esac
 					;;
@@ -1576,6 +1605,27 @@ setup_unionfs ()
 		done
 	fi
 
+	# Adding custom persistent
+	if [ -n "${PERSISTENT}" ] && [ -z "${NOPERSISTENT}" ]
+	then
+		local custom_mounts="/custom_mounts.list"
+		rm -rf ${custom_mounts} 2> /dev/null
+
+		# Gather information about custom mounts from devies detected as overlays
+		get_custom_mounts ${overlay_devices} ${custom_mounts} ${rootmnt}
+
+		[ "${DEBUG}" = "Yes" ] && cp ${custom_mounts} "${rootmnt}/live/persistent"
+
+		# Now we do the actual mounting (and symlinking)
+		do_custom_mounts ${custom_mounts} ${rootmnt}
+		rm ${custom_mounts}
+
+		# Look for other snapshots to copy in
+		try_snap "${root_snapdata}" "${rootmnt}" "ROOT"
+		# This second type should be removed when snapshot grow smarter
+		try_snap "${home_snapdata}" "${rootmnt}" "HOME" "/home"
+	fi
+
 	# shows cow fs on /cow for use by live-snapshot
 	mkdir -p "${rootmnt}/live/cow"
 	mount -o move /cow "${rootmnt}/live/cow" >/dev/null 2>&1 || mount -o bind /cow "${rootmnt}/live/cow" || log_warning_msg "Unable to move or bind /cow to ${rootmnt}/live/cow"