X-Git-Url: http://git.grml.org/?a=blobdiff_plain;f=scripts%2Flive;h=ac2845cd15693a4d128f75bcf4af93f7d356d958;hb=8146bc4e2485566655d443f5b0d3b86df4e869b9;hp=c2ad14e1f8700214972a621ca905edeb323decf9;hpb=41112e3945280cb19dab1fed2b224a763e97fe55;p=live-boot-grml.git diff --git a/scripts/live b/scripts/live index c2ad14e..ac2845c 100755 --- a/scripts/live +++ b/scripts/live @@ -11,10 +11,11 @@ mountpoint="/live/image" alt_mountpoint="/media" LIVE_MEDIA_PATH="live" -root_persistence="live-rw" -home_persistence="home-rw" +root_overlay_label="full-ov" +custom_overlay_label="custom-ov" root_snapshot_label="live-sn" home_snapshot_label="home-sn" +persistence_list="live.persist" USERNAME="user" USERFULLNAME="Live user" @@ -244,28 +245,37 @@ Arguments () export PERSISTENT ;; - persistent=*) - PERSISTENT="${ARGUMENT#persistent=}" - if [ -z "${PERSISTENT}" ] - then - PERSISTENT="Yes" - fi - export PERSISTENT + persistent-encryption=*) + PERSISTENT_ENCRYPTION="${ARGUMENT#*=}" + export PERSISTENT_ENCRYPTION ;; persistent-media=*) PERSISTENT_MEDIA="${ARGUMENT#*=}" export PERSISTENT_MEDIA ;; + persistent-method=*) + PERSISTENT_METHOD="${ARGUMENT#*=}" + export PERSISTENT_METHOD + ;; persistent-path=*) PERSISTENT_PATH="${ARGUMENT#persistent-path=}" export PERSISTENT_PATH ;; + persistent-read-only) + PERSISTENT_READONLY="Yes" + export PERSISTENT_READONLY + ;; + + persistent-storage=*) + PERSISTENT_STORAGE="${ARGUMENT#persistent-storage=}" + export PERSISTENT_STORAGE + ;; persistent-subtext=*) - root_persistence="${root_persistence}-${ARGUMENT#persistent-subtext=}" - home_persistence="${home_persistence}-${ARGUMENT#persistent-subtext=}" + root_overlay_label="${root_overlay_label}-${ARGUMENT#persistent-subtext=}" + custom_overlay_label="${custom_overlay_label}-${ARGUMENT#persistent-subtext=}" root_snapshot_label="${root_snapshot_label}-${ARGUMENT#persistent-subtext=}" home_snapshot_label="${home_snapshot_label}-${ARGUMENT#persistent-subtext=}" ;; @@ -385,6 +395,39 @@ Arguments () UNIONTYPE="aufs" export UNIONTYPE fi + + if [ -z "${PERSISTENT_ENCRYPTION}" ] + then + PERSISTENT_ENCRYPTION="none" + export PERSISTENT_ENCRYPTION + elif echo ${PERSISTENT_ENCRYPTION} | grep -qe "\" + then + if ! modprobe dm-crypt + then + log_warning_msg "Unable to load module dm-crypt" + PERSISTENT_ENCRYPTION=$(echo ${PERSISTENT_ENCRYPTION} | sed -e 's/\= 174) + PATH_ID="/sbin/udevadm test-builtin path_id" + fi + + if ${PATH_ID} "${sysfs_path}" | egrep -q "ID_PATH=(usb|pci-[^-]*-(ide|sas|scsi|usb|virtio)|platform-sata_mv|platform-orion-ehci|platform-mmc|platform-mxsdhci)" then return 0 elif echo "${sysfs_path}" | grep -q '^/block/vd[a-z]$' @@ -803,7 +855,7 @@ do_iscsi() #modprobe ib_iser modprobe iscsi_tcp local debugopt="" - [ "${DEBUG}" == "Yes" ] && debugopt="-d 8" + [ "${DEBUG}" = "Yes" ] && debugopt="-d 8" #FIXME this name is supposed to be unique - some date + ifconfig hash? ISCSI_INITIATORNAME="iqn.1993-08.org.debian.live:01:$(echo "${HWADDR}" | sed -e s/://g)" export ISCSI_INITIATORNAME @@ -1033,26 +1085,6 @@ do_snap_copy () fi } -find_snap () -{ - # Look for ${snap_label}.* in block devices - snap_label="${1}" - black_listed_devices="${2}" - white_listed_devices="${3}" - - if [ "${PERSISTENT}" != "nofiles" ] - then - # search for image files - snapdata=$(find_files "${PERSISTENT_PATH}${snap_label}.squashfs ${PERSISTENT_PATH}${snap_label}.cpio.gz ${PERSISTENT_PATH}${snap_label}.ext2 ${PERSISTENT_PATH}${snap_label}.ext3 ${PERSISTENT_PATH}${snap_label}.ext4 ${PERSISTENT_PATH}${snap_label}.jffs2" "${black_listed_devices}" "${white_listed_devices}") - fi - - if [ -z "${snapdata}" ] - then - snapdata=$(find_cow_device "${snap_label}" "${black_listed_devices}" "${white_listed_devices}") - fi - echo "${snapdata}" -} - try_snap () { # copy the contents of previously found snapshot to ${snap_mount} @@ -1163,7 +1195,10 @@ try_snap () return 1 fi - echo "export ${snap_type}SNAP=${snap_relpath}:${snapdev}:${snapfile}" >> snapshot.conf # for resync on reboot/halt + if [ -z ${PERSISTENT_READONLY} ] + then + echo "export ${snap_type}SNAP=${snap_relpath}:${snapdev}:${snapfile}" >> snapshot.conf # for resync on reboot/halt + fi return 0 } @@ -1174,7 +1209,7 @@ setup_unionfs () addimage_directory="${3}" case ${UNIONTYPE} in - aufs|unionfs) + aufs|unionfs|overlayfs) modprobe -q -b ${UNIONTYPE} if ! cut -f2 /proc/filesystems | grep -q "^${UNIONTYPE}\$" && [ -x /bin/unionfs-fuse ] @@ -1204,7 +1239,7 @@ setup_unionfs () if [ "${UNIONTYPE}" = "aufs" ] then - roopt="rr" + roopt="rr+wh" noxino_opt="noxino," elif [ "${UNIONTYPE}" = "unionfs-fuse" ] then @@ -1326,7 +1361,7 @@ setup_unionfs () mkdir -p /cow - # Looking for "${root_persistence}" device or file + # Looking for persistent devices or files if [ -n "${PERSISTENT}" ] && [ -z "${NOPERSISTENT}" ] then @@ -1369,46 +1404,59 @@ setup_unionfs () ;; esac - # search for label and files (this could be hugely optimized) - cowprobe=$(find_cow_device "${root_persistence}" "${blacklistdev}" "${whitelistdev}") - if [ -b "${cowprobe}" ] + if echo ${PERSISTENT_METHOD} | grep -qe "\" then - # Blacklist /cow device, to avoid inconsistent setups for overlapping snapshots - # makes sense to have both persistence for /cow and /home mounted, maybe also with - # snapshots to be sure to really store some e.g key config files, - # but not on the same media - blacklistdev="${cowprobe}" - PERSISTENCE_IS_ON="1" - export PERSISTENCE_IS_ON + overlays="${root_overlay_label} ${custom_overlay_label}" fi - # homecow just mount something on /home, this should be generalized some way - homecow=$(find_cow_device "${home_persistence}" "${blacklistdev}" "${whitelistdev}") - if [ -b "${homecow}" ] + + if echo ${PERSISTENT_METHOD} | grep -qe "\" then - PERSISTENCE_IS_ON="1" - export PERSISTENCE_IS_ON + snapshots="${root_snapshot_label} ${home_snapshot_label}" fi - root_snapdata=$(find_snap "${root_snapshot_label}" "${blacklistdev}" "${whitelistdev}") - # This second type should be removed when snapshot will get smarter, - # hence when "/etc/live-snapshot*list" will be supported also by - # ext2|ext3|ext4|jffs2 snapshot types. - home_snapdata=$(find_snap "${home_snapshot_label}" "${blacklistdev}" "${whitelistdev}") - if [ -b "${cowprobe}" ] + overlay_devices="" + for media in $(find_persistent_media "${overlays}" "${snapshots}" "${blacklistdev}" "${whitelistdev}") + do + media="$(echo ${media} | tr ":" " ")" + case ${media} in + ${root_snapshot_label}=*) + root_snapdata="${media#*=}" + ;; + ${home_snapshot_label}=*) + # This second type should be removed when snapshot will get smarter, + # hence when "/etc/live-snapshot*list" will be supported also by + # ext2|ext3|ext4|jffs2 snapshot types. + home_snapdata="${media#*=}" + ;; + ${root_overlay_label}=*) + device="${media#*=}" + root_overlay_device="${device}" + ;; + ${custom_overlay_label}=*) + device="${media#*=}" + overlay_devices="${overlay_devices} ${device}" + ;; + esac + done + + if [ -b "${root_overlay_device}" ] then - cowdevice=${cowprobe} - cow_fstype=$(get_fstype "${cowprobe}") - cow_mountopt="rw,noatime" + PERSISTENCE_IS_ON="1" + export PERSISTENCE_IS_ON + + cowdevice=${root_overlay_device} + cow_fstype=$(get_fstype "${root_overlay_device}") + if [ -z "${PERSISTENT_READONLY}" ] + then + cow_mountopt="rw,noatime" + else + cow_mountopt="ro,noatime" + fi if [ "${FORCEPERSISTENTFSCK}" = "Yes" ] then fsck -y ${cowdevice} fi - else - log_warning_msg "Unable to find the persistent medium" - cowdevice="tmpfs" - cow_fstype="tmpfs" - cow_mountopt="rw,noatime,mode=755" fi elif [ -n "${NFS_COW}" ] && [ -z "${NOPERSISTENT}" ] then @@ -1421,6 +1469,12 @@ setup_unionfs () nfs_cow_opts="-o nolock" nfs_cow=${NFS_COW} fi + + if [ -n "${PERSISTENT_READONLY}" ] + then + nfs_cow_opts="${nfs_cow_opts},nocto,ro" + fi + mac="$(get_mac)" if [ -n "${mac}" ] then @@ -1429,7 +1483,10 @@ setup_unionfs () else panic "unable to determine mac address" fi - else + fi + + if [ -z "${cowdevice}" ] + then cowdevice="tmpfs" cow_fstype="tmpfs" cow_mountopt="rw,noatime,mode=755" @@ -1437,16 +1494,23 @@ setup_unionfs () if [ "${UNIONTYPE}" != "unionmount" ] then + if [ -n "${PERSISTENT_READONLY}" ] + then + persistent_root="/$(basename ${cowdevice})-backing" + mkdir -p ${persistent_root} + else + persistent_root="/cow" + fi if [ "${cow_fstype}" = "nfs" ] then log_begin_msg \ - "Trying nfsmount ${nfs_cow_opts} ${cowdevice} /cow" - nfsmount ${nfs_cow_opts} ${cowdevice} /cow || \ - panic "Can not mount ${cowdevice} (n: ${cow_fstype}) on /cow" + "Trying nfsmount ${nfs_cow_opts} ${cowdevice} ${persistent_root}" + nfsmount ${nfs_cow_opts} ${cowdevice} ${persistent_root} || \ + panic "Can not mount ${cowdevice} (n: ${cow_fstype}) on ${persistent_root}" else - mount -t ${cow_fstype} -o ${cow_mountopt} ${cowdevice} /cow || \ - panic "Can not mount ${cowdevice} (o: ${cow_fstype}) on /cow" + mount -t ${cow_fstype} -o ${cow_mountopt} ${cowdevice} ${persistent_root} || \ + panic "Can not mount ${cowdevice} (o: ${cow_fstype}) on ${persistent_root}" fi fi @@ -1504,9 +1568,19 @@ setup_unionfs () mount_full $unionmountopts "${unionmountpoint}" ;; + overlayfs) + unionmountopts="-o noatime,${noxino_opt},lowerdir=${unionro},upperdir=${unionrw}" + mount -t ${UNIONTYPE} ${unionmountopts} ${UNIONTYPE} "${unionmountpoint}" + ;; *) - unionmountopts="-o noatime,${noxino_opt}dirs=${unionrw}=rw:${unionro}=${roopt}" + if [ -n "${PERSISTENT_READONLY}" ] + then + mount -t tmpfs -o rw,noatime,mode=755 tmpfs "${unionrw}" + unionmountopts="-o noatime,${noxino_opt}dirs=${unionrw}=rw:${persistent_root}=${roopt}:${unionro}=${roopt}" + else + unionmountopts="-o noatime,${noxino_opt}dirs=${unionrw}=rw:${unionro}=${roopt}" + fi mount -t ${UNIONTYPE} ${unionmountopts} ${UNIONTYPE} "${unionmountpoint}" ;; esac || \ @@ -1524,16 +1598,193 @@ setup_unionfs () # Adding other custom mounts if [ -n "${PERSISTENT}" ] && [ -z "${NOPERSISTENT}" ] then - # directly mount /home - # FIXME: add a custom mounts configurable system + bindings="/bindings.list" + links="/links.list" + custom_mounts="/custom_mounts.list" + rm -f ${bindings} ${links} ${custom_mounts} >/dev/null 2>&1 + persistent_backing="${rootmnt}/live/persistent" - if [ -b "${homecow}" ] - then - mount -t $(get_fstype "${homecow}") -o rw,noatime "${homecow}" "${rootmnt}/home" - export HOMEMOUNTED=1 # used to proper calculate free space in do_snap_copy() - else - log_warning_msg "Unable to find the persistent home medium" - fi + # First we scan all media and gather all information about custom mounts + for device in ${overlay_devices} + do + if [ ! -b "${device}" ] + then + continue + fi + device_name="$(basename ${device})" + backing="${persistent_backing}/${device_name}" + mkdir -p "${backing}" + device_fstype="$(get_fstype ${device})" + if [ -z "${PERSISTENT_READONLY}" ] + then + device_mount_opts="rw,noatime" + else + device_mount_opts="ro,noatime" + fi + device_used="" + mount -t "${device_fstype}" -o "${device_mount_opts}" "${device}" "${backing}" + include_list="${backing}/${persistence_list}" + if [ ! -r "${include_list}" ] + then + umount "${backing}" + rmdir "${backing}" + continue + fi + + [ "${DEBUG}" = "Yes" ] && cp ${include_list} ${persistent_backing}/${persistence_list}.${device_name} + while read source dest options # < ${include_list} + do + if echo ${source} | grep -qe "^[[:space:]]*#" + then + # skipping commented line + continue + fi + + if echo ${dest} | grep -qe "^[^/]" + then + options="${dest}" + dest="${source}" + elif [ -z "${dest}" ] + then + dest="${source}" + fi + + if echo ${dest} | grep -qe "^/\+$\|^/\+live\(/.*\)\?$" + then + # mounting on / or /live could cause trouble + log_warning_msg "Skipping unsafe custom mount on ${dest}" + continue + fi + + for opt in $(echo ${options} | tr ',' ' '); + do + case "${opt}" in + "linkfiles") + ;; + *) + log_warning_msg "Skipping custom mount with unkown option: ${opt}" + continue + ;; + esac + done + + # FIXME: handle case: we already have /a/b in $bindings added from current $device, but now we find /a -- /a should replace /a/b in $bindings. + # FIXME: handle case: we have /a in $bindings from current $device, now we find /a/b, so we skip /a/b + + # ensure that no multiple-/ occur in paths + full_source="$(echo ${backing}/${source}/ | sed -e 's|/\+|/|g')" + full_dest="$(echo ${rootmnt}/${dest}/ | sed -e 's|/\+|/|g')" + device_used="yes" + if echo ${options} | grep -qe "\"; + then + echo "${full_source} ${full_dest} ${options}" >> ${links} + else + echo "${full_source} ${full_dest} ${options}" >> ${bindings} + fi + done < ${include_list} + + if [ -z "${device_used}" ] + then + # this device was not used for / earlier, or custom mount point now, so it's useless + umount "${backing}" + rmdir "${backing}" + fi + done + + # We sort the list according to destination so we're sure + # that we won't hide a previous mount. We also ignore + # duplicate destinations in a more or less arbitrary way. + [ -e "${bindings}" ] && sort -k2 -sbu ${bindings} >> ${custom_mounts} + rm ${bindings} + + # After all mounts are considered we add symlinks so they + # won't be hidden by some mount. + [ -e "${links}" ] && sort -k2 -sbu ${links} >> ${custom_mounts} + rm ${links} + + [ "${DEBUG}" = "Yes" ] && cp ${custom_mounts} ${persistent_backing} + + # Now we do the actual mounting (and symlinking) + while read source dest options # < ${custom_mounts} + do + if mountpoint -q "${dest}"; + then + log_warning_msg "Skipping custom mount ${source} on ${dest}: destination is already a mount point" + continue + fi + + # FIXME: we don't handle already existing non-directory files in the paths of both $source and $dest. + + if [ ! -d "${dest}" ] + then + # if ${dest} is in /home/$user, try fixing proper ownership + # FIXME: this should really be handled by live-config since we don't know for sure which uid a certain user has until then + if echo ${dest} | grep -qe "^${rootmnt}/*home/\+[^/]\+" + then + path="/" + for dir in $(echo ${dest} | sed -e 's|/\+| |g') + do + path=${path}/${dir} + if [ ! -e ${path} ] + then + mkdir -p ${path} + # assume that the intended user is the first, which is usually the case + chown 1000:1000 ${path} + fi + done + else + mkdir -p ${dest} + fi + fi + + # FIXME: could we instead only save the aufs-diff in the persistent media? implications? What about when there's changes in the live image? + + # if ${source} doesn't exist on our persistent media we + # bootstrap it with $dest from the live filesystem. + # this both makes sense and is critical if we're + # dealing with /etc or other system dir. + if [ ! -d "${source}" ] + then + if [ -n "${PERSISTENT_READONLY}" ] || echo ${options} | grep -qe "\" + then + continue + fi + # ensure that $dest is not copied *into* $source + mkdir -p "$(dirname ${source})" + cp -a "${dest}" "${source}" + fi + + if [ -z "${PERSISTENT_READONLY}" ] + then + if echo ${options} | grep -qe "\"; + then + links_source="${source}" + links_dest="${dest}" + else + mount --bind "${source}" "${dest}" + fi + else + if echo ${options} | grep -qe "\"; + then + links_dest="${dest}" + dest="$(mktemp -d ${persistent_backing}/links_source-XXXXXX)" + links_source="${dest}" + fi + unionrw="$(echo ${dest} | sed -e "s|${rootmnt}|/cow/|")" + mkdir -p ${unionrw} + unionmountopts="noatime,${noxino_opt}dirs=${unionrw}=rw:${source}=${roopt}" + mount -t "${UNIONTYPE}" -o "${unionmountopts}" "${UNIONTYPE}" "${dest}" + fi + + if echo $options | grep -qe "\"; + then + link_files "${links_source}" "${links_dest}" "${rootmnt}" + fi + + PERSISTENCE_IS_ON="1" + export PERSISTENCE_IS_ON + done < ${custom_mounts} + rm -f ${bindings} # Look for other snapshots to copy in try_snap "${root_snapdata}" "${rootmnt}" "ROOT" @@ -1683,7 +1934,7 @@ check_dev () echo ${mountpoint} return 0 else - umount ${mountpoint} + umount ${mountpoint} 2>/dev/null fi fi