X-Git-Url: http://git.grml.org/?p=grml-autoconfig.git;a=blobdiff_plain;f=autoconfig.functions;h=7fdb4beb731bfdca5b5f8d9b5c82c9a3df5459ce;hp=2a3dd66359c8bb000aa3db6d7428112ddd623549;hb=a64a1f09d039ac261ea3d8cba8add283ae61b3c2;hpb=412906c21d0e9176e79dbecbfd1eef46162790c9

diff --git a/autoconfig.functions b/autoconfig.functions
index 2a3dd66..7fdb4be 100755
--- a/autoconfig.functions
+++ b/autoconfig.functions
@@ -15,8 +15,10 @@ umask 022
 
 # old linuxrc version:
 [ -d /cdrom ]      && export LIVECD_PATH=/cdrom
-# new initramfs layout:
+# initramfs layout until around December 2012:
 [ -d /live/image ] && export LIVECD_PATH=/live/image
+# initramfs layout since around December 2012:
+[ -d /lib/live/mount/medium ] && export LIVECD_PATH=/lib/live/mount/medium
 
 # Ignore these signals in non-interactive mode: INT, TERM, SEGV
 [ -z "$PS1" ] && trap "" 2 3 11
@@ -38,13 +40,12 @@ if [ -z "$CMDLINE" ]; then
   # if CMDLINE was set from the outside, we're debugging.
   # otherwise, take CMDLINE from Kernel and config files.
   CMDLINE="$(cat /proc/cmdline)"
-  [ -d /cdrom/bootparams/ ]      && CMDLINE="$CMDLINE $(cat /cdrom/bootparams/* | tr '\n' ' ')"
-  [ -d /live/image/bootparams/ ] && CMDLINE="$CMDLINE $(cat /live/image/bootparams/* | tr '\n' ' ')"
+  [ -d ${LIVECD_PATH}/bootparams/ ] && CMDLINE="$CMDLINE $(cat ${LIVECD_PATH}/bootparams/* | tr '\n' ' ')"
   modprobe 9p 2>/dev/null || true
   if grep -q 9p /proc/filesystems ; then
-      local TAG="grml-parameters"
+      TAG="grml-parameters"
       if grep -q "$TAG" /sys/bus/virtio/devices/*/mount_tag 2>/dev/null ; then
-          local MOUNTDIR="$(mktemp -d)"
+          MOUNTDIR="$(mktemp -d)"
           mount -t 9p -o trans=virtio,ro "$TAG" "$MOUNTDIR"
           CMDLINE="$CMDLINE $(cat "$MOUNTDIR"/* 2>/dev/null | tr '\n' ' ')"
           umount "$MOUNTDIR"
@@ -109,6 +110,28 @@ checkgrmlsmall(){
   grep -q small /etc/grml_version 2>>$DEBUG && return 0 || return 1
 }
 
+# if no password is set return a random password
+set_passwd() {
+  [ -n "$PASSWD" ] && return 0
+
+  if [ -x /usr/bin/apg ] ; then
+    PASSWD="$(apg -M NL -a 0 -m 8 -x 12 -n 1)"
+  elif [ -x /usr/bin/gpw ] ; then
+    PASSWD="$(gpw 1)"
+  elif [ -x /usr/bin/pwgen ] ; then
+    PASSWD="$(pwgen -1 8)"
+  elif [ -x /usr/bin/hexdump ] ; then
+    PASSWD="$(dd if=/dev/urandom bs=14 count=1 2>/dev/null | hexdump | awk '{print $3 $4}')"
+  elif [ -n "$RANDOM" ] ; then
+    PASSWD="grml${RANDOM}"
+  else
+    PASSWD=''
+    eerror "Empty passphrase and neither apg, gpw, pwgen, hexdump nor \$RANDOM available. Skipping."
+    eend 1
+    return 1
+  fi
+}
+
 ### }}}
 
 # {{{ filesystems (proc, pts, sys) and fixes
@@ -476,7 +499,7 @@ config_time(){
     [ -z "$KTZ" ] && [ -r /etc/timezone ] && KTZ=$(cat /etc/timezone)
     if [ ! -f "/usr/share/zoneinfo/$KTZ" ] ; then
        ewarn "Warning: unknown timezone $KTZ" ; eend 1
-       KTZ="Europe/Vienna"
+       KTZ="UTC"
        ewarn "Falling back to timezone $KTZ" ; eend 0
     fi
 
@@ -500,10 +523,10 @@ config_time(){
 
 # {{{ print kernel info
 config_kernel(){
-  if $VIRTUAL ; then
-    einfo "Running Linux Kernel $KERNEL $VMWARE" ; eend 0
-  else
+  if $VIRTUAL && [ -n "$VIRTUAL_ENV" ] ; then
     einfo "Running Linux Kernel $KERNEL inside $VIRTUAL_ENV" ; eend 0
+  else
+    einfo "Running Linux Kernel $KERNEL" ; eend 0
   fi
 
   if [ -r /proc/cpuinfo ] ; then
@@ -690,40 +713,44 @@ config_fix_passwd(){
 # {{{ CD Checker
 config_testcd(){
 if checkbootparam 'testcd' ; then
-   einfo "Checking CD data integrity as requested by '${WHITE}testcd${NORMAL}' boot option."
+  einfo "Checking CD data integrity as requested by '${WHITE}testcd${NORMAL}' boot option."
+  eindent
 
-   ERROR=0
-   FOUND_FILE=0
+  local ERROR=true
+  local FOUND_FILE=false
+  local logfile='/tmp/md5sum.log'
 
-   rm -f /tmp/md5sum.log
-   for md5 in $(find "${LIVECD_PATH}" -name md5sums) ; do
-      einfo "Checking files against $md5, this may take a while..."
+  rm -f "$logfile"
 
-      FOUND_FILE=1
-      ( cd $(dirname "$md5") && md5sum -c $(basename "$md5") ; RC=$?)  |& tee -a /tmp/md5sum.log
+  for md5 in $(find "${LIVECD_PATH}" -name md5sums) ; do
+    einfo "Checking files against $md5, this may take a while..."
 
-      if [ $RC -ne 0 ] ; then
-         ERROR=1
-      fi
-   done
+    FOUND_FILE=true
+    OLD_PWD=$(pwd)
+    cd $(dirname "$md5")
+    md5sum -c $(basename "$md5") |& tee -a "${logfile}"
+    if [ $pipestatus[1] -eq 0 ] ; then
+      ERROR=false
+    fi
+    cd "${OLD_PWD}"
+  done
 
-   if [ $FOUND_FILE -eq 0 ] ; then
-      echo "${RED} *** Error: Could not find md5sum file.                           ***"
-      return
-   fi
+  if ! $FOUND_FILE ; then
+    eerror 'Error: Could not find md5sum file' ; eend 1
+    return
+  fi
 
-   if [ "$ERROR" -eq 0 ]; then
-      einfo "Everything looks OK" ; eend 0
-   else
-      eerror 'Checksum failed for theses files:' ; eend 1
-      egrep -v '(^md5sum:|OK$)' /tmp/md5sum.log
-      eerror 'Data on the grml medium is possibly incomplete/damaged or...'
-      eerror '... RAM of your computer is broken.' ; eend 1
-      einfon "Hit return to continue, or press the reset button to quit."
-     read a
-   fi
+  if ! $ERROR ; then
+    einfo "Everything looks OK" ; eend 0
+  else
+    eerror 'Checksum failed for theses files:' ; eend 1
+    egrep -v '(^md5sum:|OK$)' "${logfile}"
+    eerror 'Data on the medium is possibly incomplete/damaged or RAM of your system is broken.' ; eend 1
+    einfon "Hit return to continue, or press the power button to shut down system."
+    read a
+  fi
 
-   eend 0
+  eoutdent
 fi
 }
 # }}}
@@ -1067,44 +1094,31 @@ fi
 # {{{ autostart of ssh
 config_ssh(){
 if checkbootparam 'ssh' ; then
-   SSH_PASSWD=''
-   SSH_PASSWD="$(getbootparam 'ssh' 2>>$DEBUG)"
+   local PASSWD
+   PASSWD="$(getbootparam 'ssh' 2>>$DEBUG)"
+
    config_userlocal
    einfo "Bootoption ssh found, trying to set password for root and user $localuser"
    [ -z "$localuser" ] && eend 1
-   eindent
-   if [ -z "$SSH_PASSWD" ] ; then
-      if [ -x /usr/bin/apg ] ; then
-         SSH_PASSWD="$(apg -M NL -a 0 -m 8 -x 12 -n 1)"
-      elif [ -x /usr/bin/gpw ] ; then
-         SSH_PASSWD="$(gpw 1)"
-      elif [ -x /usr/bin/pwgen ] ; then
-         SSH_PASSWD="$(pwgen -1 8)"
-      elif [ -x /usr/bin/hexdump ] ; then
-         SSH_PASSWD="$(dd if=/dev/urandom bs=14 count=1 2>/dev/null | hexdump | awk '{print $3 $4}')"
-      elif [ -n "$RANDOM" ] ; then
-         SSH_PASSWD="grml${RANDOM}"
-      else
-         SSH_PASSWD=''
-         eerror "Empty passphrase and neither pwgen nor hexdump nor \$RANDOM found. Skipping."
-         eend 1
-      fi
 
-      if [ -n "$SSH_PASSWD" ] ; then
-         ewarn "No given password for ssh found. Using random password: $SSH_PASSWD" ; eend 0
-      fi
+   eindent
+   if [ -z "$PASSWD" ] ; then
+     set_passwd && ewarn "No given password for found. Using random password: $PASSWD" && eend 0
    fi
    eoutdent
 
-   # finally check if we have a password we can use:
-   if [ -n "$SSH_PASSWD" ] ; then
-      # chpasswd sucks, seriously.
+   if [ -n "$PASSWD" ] ; then
       chpass_options=""
       if chpasswd --help 2>&1 | grep -q -- '-m,' ; then
         chpass_options="-m"
       fi
-      echo "$localuser:$SSH_PASSWD" | chpasswd $chpass_options
-      echo "root:$SSH_PASSWD" | chpasswd $chpass_options
+
+      echo "$localuser:$PASSWD" | chpasswd $chpass_options
+      echo "root:$PASSWD" | chpasswd $chpass_options
+
+      eindent
+      ewarn "Warning: please change the password for root and user $localuser as soon as possible!"
+      eoutdent
    fi
 
    einfo "Starting secure shell server in background for root and user $localuser"
@@ -1112,11 +1126,24 @@ if checkbootparam 'ssh' ; then
    /etc/init.d/ssh start >>$DEBUG 2>>$DEBUG &
    eend $?
 
-   eindent
-   ewarn "Warning: please change the password for root and user $localuser as soon as possible!"
-   eoutdent
 fi
 }
+
+# }}}
+
+# {{{ display hostkeys of SSH server
+config_display_ssh_fingerprints() {
+  if ! ls /etc/ssh/ssh_host_\*_key >/dev/null 2>&1 ; then
+    return 0 # no SSH host keys present
+  fi
+
+  einfo "SSH key fingerprints:"
+  for file in /etc/ssh/ssh_host_*_key ; do
+    einfon
+    ssh-keygen -l -f $file
+  done | column -t
+  eend $?
+}
 # }}}
 
 # {{{ autostart of x11vnc
@@ -1177,21 +1204,63 @@ fi
 }
 # }}}
 
-# {{{ set password for default user
+# {{{ set password for root and default user
 config_passwd(){
 if checkbootparam 'passwd' >>$DEBUG 2>&1; then
+  local PASSWD
   PASSWD="$(getbootparam 'passwd' 2>>$DEBUG)"
+
   config_userlocal
-  einfo "Bootoption passwd found, change password for user '$localuser'."
+  einfo "Bootoption passwd found, trying to set password for root and user $localuser"
   [ -z "$localuser" ] && eend 1
-  if [ -n "$PASSWD" ] ; then
-    echo "$localuser:$PASSWD" | chpasswd -m ; eend $?
-  else
-    eerror "No given password for ssh found. Autostart of SSH will not work." ; eend 1
-  fi
+
   eindent
-    ewarn "Warning: please change the password for user grml set via bootparameter as soon as possible!"
+  if [ -z "$PASSWD" ] ; then
+    set_passwd && ewarn "No given password for found. Using random password: $PASSWD" && eend 0
+  fi
   eoutdent
+
+  if [ -n "$PASSWD" ] ; then
+    chpass_options=""
+    if chpasswd --help 2>&1 | grep -q -- '-m,' ; then
+      chpass_options="-m"
+    fi
+
+    echo "$localuser:$PASSWD" | chpasswd $chpass_options
+    echo "root:$PASSWD" | chpasswd $chpass_options
+
+    eindent
+    ewarn "Warning: please change the password for root and user $localuser as soon as possible!"
+    eoutdent
+  fi
+
+fi
+
+if checkbootparam 'encpasswd' >>$DEBUG 2>&1; then
+  local PASSWD
+  PASSWD="$(getbootparam 'encpasswd' 2>>$DEBUG)"
+
+  if [ -z "$PASSWD" ] ; then
+    eerror "No hashed password found, can not set password."
+    eend 1
+    return
+  fi
+
+  config_userlocal
+  einfo "Bootoption encpasswd found, trying to set hashed password for root and user $localuser"
+  [ -z "$localuser" ] && eend 1
+
+  if [ -n "$PASSWD" ] ; then
+    chpass_options="-e"
+
+    echo "$localuser:$PASSWD" | chpasswd $chpass_options
+    echo "root:$PASSWD" | chpasswd $chpass_options
+
+    eindent
+    ewarn "Warning: please change the password for root and user $localuser as soon as possible!"
+    eoutdent
+  fi
+
 fi
 }
 # }}}
@@ -1248,6 +1317,9 @@ config_mixer () {
             IFS='
 '
             for CONTROL in ${=CONTROLS} ; do
+               # such devices can not be controlled with amixer ... unmute
+               [[ "$CONTROL" == *Console* ]] && continue
+
                if ! echo "${CONTROL}" | grep -q -i "mic" ; then
                    if amixer -c $card sget "${CONTROL}" | grep -q 'Capabilities:.*pswitch' ; then
                       amixer -c $card -q set "${CONTROL}" unmute
@@ -1469,6 +1541,7 @@ config_stats() {
  fi
 }
 # }}}
+
 # {{{ fix/workaround for unionfs
 fix_unionfs(){
   if [ -z "$INSTALLED" ]; then
@@ -1549,6 +1622,7 @@ DCSMP="/mnt/grml"
 GRMLCFG="$(getbootparam 'autoconfig' 2>>$DEBUG)"
 [ -n "$GRMLCFG" ] || GRMLCFG="GRMLCFG"
 if checkbootparam 'noautoconfig' || checkbootparam 'forensic' ; then
+  DCSDIR="${LIVECD_PATH}" # set default so it works for "scripts" boot option as expected
   ewarn "Skipping running automount of device(s) labeled $GRMLCFG as requested." ; eend 0
 else
   if [ -z "$INSTALLED" ] ; then
@@ -1560,13 +1634,6 @@ else
     elif checkvalue $CONFIG_MYCONFIG; then # checkbootparam myconfig
       einfo "Searching for device(s) labeled with $GRMLCFG. (Disable this via boot option: noautoconfig)" ; eend 0
       eindent
-      # We do need the following fix so floppy disk is available to blkid in any case :-/
-      if [ -r /dev/fd0 ] ; then
-        einfo "Floppy device detected. Trying to access floppy disk."
-        if timeout 4 dd if=/dev/fd0 of=/dev/null bs=512 count=1 >>$DEBUG 2>&1 ; then
-           blkid /dev/fd0 >>$DEBUG 2>&1
-        fi
-      fi
       DCSDEVICE=$(blkid -t LABEL=$GRMLCFG | head -1 | awk -F: '{print $1}')
 
       modprobe 9p 2>/dev/null || true
@@ -1587,7 +1654,7 @@ else
 
     # if not specified/present then assume default:
     if [ -z "$DCSDEVICE" ]; then
-      DCSDIR="/live/image"
+      DCSDIR="${LIVECD_PATH}"
     else
       eindent
       einfo "debs, config, scripts are read from $DCSDEVICE." ; eend 0
@@ -1610,7 +1677,7 @@ else
   fi
 fi
 
-if [ -n "$DCSDIR" -a "$DCSDIR" != "/live/image" ] ; then
+if [ -n "$DCSDIR" -a "$DCSDIR" != "${LIVECD_PATH}" ] ; then
   einfo "Debs, config, scripts (if present) will be read from $DCSDIR." ; eend 0
 elif checkbootparam 'debs' || checkbootparam 'config' || checkbootparam 'scripts'; then
   einfo "Debs, config, scripts will be read from the live image directly." ; eend 0
@@ -1680,12 +1747,15 @@ if checkbootparam 'scripts' || [ "$DCSMP" = "/mnt/grmlcfg" ]; then
      if [ "$DCSMP" = "/mnt/grmlcfg" ]; then
        einfo "Trying to execute ${SCRIPTS}"
        sh -c $SCRIPTS
+       eend $?
      elif [ -d "$SCRIPTS" ]; then
        einfo "Bootparameter scripts found. Trying to execute from directory ${SCRIPTS}:"
-       run-parts $SCRIPTS
+       run-parts --regex '.*' $SCRIPTS
+       eend $?
      else
        einfo "Bootparameter scripts found. Trying to execute ${SCRIPTS}:"
        sh -c $SCRIPTS
+       eend $?
      fi
    fi
 fi
@@ -2060,7 +2130,7 @@ config_tohd()
 
      if mount -o rw "$TARGET" "$MOUNTDIR" ; then
         einfo "Copyring live system to $TARGET - this might take a while"
-        rsync -a --progress /live/image/live $MOUNTDIR
+        rsync -a --progress ${LIVECD_PATH}/live $MOUNTDIR
         sync
         umount "$MOUNTDIR"
         eend $?