Merge upstream version 1.173.2-1.
authorMichael Prokop <mika@grml.org>
Sat, 20 Feb 2010 11:44:46 +0000 (12:44 +0100)
committerMichael Prokop <mika@grml.org>
Sat, 20 Feb 2010 15:19:53 +0000 (16:19 +0100)
17 files changed:
bin/live-snapshot
docs/ChangeLog.casper
hooks/live
manpages/live-initramfs.en.7.txt
scripts/init-premount/select_eth_device [new file with mode: 0755]
scripts/live
scripts/live-bottom/10adduser
scripts/live-bottom/12fstab
scripts/live-bottom/19keyboard
scripts/live-bottom/20xconfig
scripts/live-bottom/22sslcert [new file with mode: 0755]
scripts/live-bottom/30accessibility
scripts/live-bottom/34disable_kde_services [new file with mode: 0755]
scripts/live-bottom/43disable_updateinitramfs
scripts/live-bottom/99hook
scripts/live-helpers
scripts/live-premount/readonly [new file with mode: 0755]

index 18b067b..55673bb 100755 (executable)
@@ -443,10 +443,10 @@ Do_snapshot ()
                                        grep -F -v -f "${EXCLUDE_LIST}" | \
                                        tr '\n' '\0' | \
                                        tr '\1' '\n' | \
-                                       $COPY_CMD || exit 1
+                                       eval $COPY_CMD || exit 1
                        else
                                cat "${TMP_FILELIST}" | \
-                                       $COPY_CMD || exit 1
+                                       eval $COPY_CMD || exit 1
                        fi
                        cd "${OLDPWD}"
                        ;;
index 31d5e92..8fd98ea 100644 (file)
@@ -1,3 +1,156 @@
+casper (1.173) jaunty; urgency=low
+
+  * Don't use head -n1 in where_is_mounted, we don't have head in the
+    initramfs.  LP: #363038.
+
+ -- Steve Langasek <steve.langasek@ubuntu.com>  Fri, 17 Apr 2009 22:22:06 -0700
+
+casper (1.172) jaunty; urgency=low
+
+  * 43disable_updateinitramfs: The /cdrom mount has been moved to
+    /root/cdrom by the time this script runs, so check that instead.
+
+ -- Colin Watson <cjwatson@ubuntu.com>  Thu, 09 Apr 2009 18:30:29 +0100
+
+casper (1.171) jaunty; urgency=low
+
+  * Set MP_QUIET to -q instead of -Q on Ubuntu as well, and not just for
+    Debian as the modprobe in the latest upstream release of module-init-tools
+    doesn't accept -Q anymore.
+
+ -- Loic Minier <lool@dooz.org>  Wed, 08 Apr 2009 17:31:40 +0200
+
+casper (1.170) jaunty; urgency=low
+
+  * is_nice_device(): allow devices with an ID_PATH of platform-mmc* as well
+    as used for instance for SD cards on the ARM iMX51 Babbage board;
+    LP: #357700.
+
+ -- Loic Minier <lool@dooz.org>  Wed, 08 Apr 2009 15:34:01 +0200
+
+casper (1.169) jaunty; urgency=low
+
+  * [ -w /cdrom ] turns out not to be a sufficient test for files under
+    /cdrom being writable; with busybox, it always returns true even for
+    read-only filesystems. Explicitly check for the read-only flag in mount
+    output to work around this.
+  * Fix where_is_mounted helper function to actually produce output (thanks,
+    Steve Dodd; LP: #346941).
+  * Add a comment to find_cow_device explaining why the choice of
+    filesystems is restricted (I asked for this comment in LP #230703 but it
+    apparently never got written).
+
+ -- Colin Watson <cjwatson@ubuntu.com>  Tue, 07 Apr 2009 01:47:05 +0100
+
+casper (1.168) jaunty; urgency=low
+
+  * Fix writing of "$@" to diverted update-initramfs script (here-documents
+    perform parameter expansion unless the delimiter is quoted).
+  * Don't bring up a temporary network interface while fetching the preseed
+    file when netbooting, as that will disconnect our root filesystem
+    (LP: #351982).
+
+ -- Colin Watson <cjwatson@ubuntu.com>  Tue, 31 Mar 2009 15:39:29 +0100
+
+casper (1.167) jaunty; urgency=low
+
+  * Disable kwallet from KDE 4 in 34disable_kde_services
+
+ -- Jonathan Riddell <jriddell@ubuntu.com>  Fri, 27 Mar 2009 18:40:35 +0000
+
+casper (1.166) jaunty; urgency=low
+
+  [ Emmet Hikory ]
+  * Show the ubiquity icon in kourou (LP: #338730)
+
+  [ Timo Jyrinki ]
+  * Move examples.desktop to Desktop/ if it exists, as an alternative to
+    Examples (LP: #45489).
+
+  [ Luke Yelavich ]
+  * scripts/casper-bottom/30accessibility && ubiquity-hooks/30accessibility:
+    - Make the special case disabling of pulseaudio per user, and not system
+      wide.
+    - Also disable PulseAudio for the Braille profile.
+    - Fix incorrect paths when chowning files.
+    - Don't use /root for the ubiquity hook accessibility script, /target is
+      where the installed system is located.
+    - Remove laptop detect code. Its not currently working, and getting it to
+      work requires invasive changes.
+    - Only set pulseaudio settings and create the .orca directory if sed
+      packages are installed on the live filesystem and installed system.
+  * ubiquity-hooks/30accessibility: Copy orca settings to the installed system.
+
+ -- Luke Yelavich <themuso@ubuntu.com>  Fri, 27 Mar 2009 14:38:20 +1100
+
+casper (1.165) jaunty; urgency=low
+
+  * scripts/casper-bottom/30accessibility && ubiquity-hooks/30accessibility:
+    - When the blindness accessibility profile is chosen, create the .orca
+      directory in the live user's home directory. This seems to allow orca
+      to properly reload and use settings in the live session without needing
+      to be restarted. This is only needed for the blindness profile, due to
+      the other profiles that use orca already creating the .orca directory.
+      (LP: #194992)
+
+ -- Luke Yelavich <themuso@ubuntu.com>  Fri, 20 Mar 2009 08:37:20 +1100
+
+casper (1.164) jaunty; urgency=low
+
+  * Update 34disable_kde_services to not start
+    update-notifier-kde or plasma's contact plugin which uses akonadi
+
+ -- Jonathan Riddell <jriddell@ubuntu.com>  Wed, 18 Mar 2009 18:07:52 +0000
+
+casper (1.163) jaunty; urgency=low
+
+  * 34disable_kwallet moved to 34disable_kde_services and disables
+    various services not needed by live CDs
+
+ -- Jonathan Riddell <jriddell@ubuntu.com>  Fri, 13 Mar 2009 14:33:13 +0000
+
+casper (1.162) jaunty; urgency=low
+
+  * If /cdrom is writable, call the diverted update-initramfs and copy
+    the resulting kernel and initrd to /cdrom/casper (LP: #292159).
+
+ -- Evan Dandrea <evand@ubuntu.com>  Tue, 10 Mar 2009 14:36:30 +0000
+
+casper (1.161) jaunty; urgency=low
+
+  [ Juanje Ojeda ]
+  * Regenerate SSL certificate at boot so that it isn't the same for all
+    live CD users (LP: #337723).
+
+ -- Colin Watson <cjwatson@ubuntu.com>  Tue, 10 Mar 2009 10:39:21 +0000
+
+casper (1.160) jaunty; urgency=low
+
+  * scripts/casper-bottom/30accessibility && ubiquity-hooks/30accessibility:
+    - Adjust sudoers file to allow ORBIT_SOCKET_DIR, XDG_SESSION_COOKIE and
+      GTK_MODULES environment variables through to root, for v2, v3, and
+      braille profiles. This allows users to use administrative GTK/GNOME
+      applications executed by gksudo with accessibility tools like orca.
+
+ -- Luke Yelavich <themuso@ubuntu.com>  Tue, 10 Mar 2009 15:38:17 +1100
+
+casper (1.159) jaunty; urgency=low
+
+  * scripts/casper-bottom/30accessibility && ubiquity-hooks/30accessibility:
+    - Disable pulseaudio for the blindness profile, as pulseaudio and espeak
+      and portaudio v19 do not play very well with each other, lots of
+      crackling, cut of speech. At least espeak via ALSA natively is usable,
+      and latency is relatively low.
+
+ -- Luke Yelavich <themuso@ubuntu.com>  Tue, 10 Mar 2009 09:03:06 +1100
+
+casper (1.158) jaunty; urgency=low
+
+  * scripts/casper-bottom/30accessibility && ubiquity-hooks/30accessibility:
+    - use laptop_detect function in blindness profile as well
+
+ -- Luke Yelavich <themuso@ubuntu.com>  Mon, 09 Mar 2009 14:07:17 +1100
+
 casper (1.157) jaunty; urgency=low
 
   [ Emmet Hikory ]
index d78da1e..6862407 100755 (executable)
@@ -100,6 +100,11 @@ manual_add_modules ext4
 # Filesystem: jffs2
 manual_add_modules jffs2
 
+if [ -x /usr/bin/rsync ]
+then
+       copy_exec /usr/bin/rsync /bin
+fi
+
 # Filesystem: squashfs
 copy_exec /sbin/losetup /sbin
 manual_add_modules loop
@@ -172,6 +177,12 @@ then
        copy_exec /usr/bin/wget /bin
 fi
 
+# Program: blockdev
+if [ -x /sbin/blockdev ]
+then
+       copy_exec /sbin/blockdev /sbin
+fi
+
 # FUSE kernel module
 manual_add_modules fuse
 
index 4a70f27..f68e87c 100644 (file)
@@ -192,7 +192,7 @@ been installed with persistent enabled.
 
   noprompt
 
-Do not prompt to eject the CD on reboot.
+Do not prompt to eject the CD or remove the USB flash drive on reboot.
 
   nosudo::
 
diff --git a/scripts/init-premount/select_eth_device b/scripts/init-premount/select_eth_device
new file mode 100755 (executable)
index 0000000..6ab8bfe
--- /dev/null
@@ -0,0 +1,77 @@
+#!/bin/sh
+
+# Original script by Andreas Teuchert <ant+dl@hsg-kl.de>
+# Modified by Frédéric Boiteux <fboiteux@calistel.com>
+
+
+
+PREREQ="blacklist udev"
+
+prereqs()
+{
+       echo "$PREREQ"
+}
+
+case $1 in
+# get pre-requisites
+prereqs)
+       prereqs
+       exit 0
+       ;;
+esac
+
+# Boot type in initramfs's config
+bootconf=$(egrep '^BOOT=' /conf/initramfs.conf | tail -1)
+
+# can be superseded by command line (used by Debian-Live's netboot for example)
+for ARGUMENT in $(cat /proc/cmdline); do
+    case "${ARGUMENT}" in
+        netboot=*)
+        NETBOOT="${ARGUMENT#netboot=}"
+        ;;
+    esac
+done
+
+if [ "$bootconf" != "BOOT=nfs" ] && [ "$NETBOOT" = "" ]; then
+    # Not a net boot : nothing to do
+    exit 0
+fi
+
+# we want to do some basic IP
+modprobe -q af_packet
+
+# Available Ethernet interfaces ?
+l_interfaces=$(cd /sys/class/net/ && ls -d eth* 2>/dev/null)
+
+if [ $(echo $l_interfaces | wc -w) -lt 2 ]; then
+    # only one interface : no choice
+    echo "DEVICE=$l_interfaces" >> /conf/param.conf
+    exit 0
+fi
+
+while true; do
+        echo -n "Looking for a connected Ethernet interface ..."
+
+       for interface in $l_interfaces; do
+               # ATTR{carrier} is not set if this is not done
+                echo -n " $interface ?"
+               ipconfig -c none -d $interface -t 1 >/dev/null 2>&1
+        done
+        echo ''
+
+        for step in 1 2 3 4 5; do
+               for interface in $l_interfaces; do
+                        carrier=$(cat /sys/class/net/$interface/carrier \
+                                  2>/dev/null)
+                        # link detected
+                        if [ "$carrier" = 1 ]; then
+                                echo " found $interface."
+                                # inform initrd's init script :
+                                echo "DEVICE=$interface" >> /conf/param.conf
+                                exit 0
+                       fi
+               done
+                # wait a bit
+                sleep 1
+        done
+done
index ab2db29..e2e0d09 100755 (executable)
@@ -49,6 +49,35 @@ Arguments ()
        for ARGUMENT in $(cat /proc/cmdline)
        do
                case "${ARGUMENT}" in
+                       skipconfig)
+                               NOACCESSIBILITY="Yes"
+                               NOAPPARMOR="Yes"
+                               NOAPTCDROM="Yes"
+                               NOAUTOLOGIN="Yes"
+                               NOCONSOLEKEYBOARD="Yes"
+                               NOFASTBOOT="Yes"
+                               NOFSTAB="Yes"
+                               NOGNOMEPANEL="Yes"
+                               NOHOSTS="Yes"
+                               NOJOCKEY="Yes"
+                               NOKPERSONALIZER="Yes"
+                               NOLANGUAGESELECTOR="Yes"
+                               NOLOCALES="Yes"
+                               NONETWORKING="Yes"
+                               NOPOLKITCONF="Yes"
+                               NOPOWERMANAGEMENT="Yes"
+                               NOPROGRAMCRASHES="Yes"
+                               NOSUDO="Yes"
+                               NOTIMEZONE="Yes"
+                               NOUPDATENOTIFIER="Yes"
+                               NOUSER="Yes"
+                               NOXAUTOCONFIG="Yes"
+                               NOXAUTOLOGIN="Yes"
+                               NOXSCREENSAVER="Yes"
+
+                               export NOACCESSIBILITY NOAPPARMOR NOAPTCDROM NOAUTOLOGIN NOCONSOLEKEYBOARD NOFASTBOOT NOFSTAB NOGNOMEPANEL NOHOSTS NOJOCKEY NOKPERSONALIZER NOLANGUAGESELECTOR NOLOCALES NONETWORKING NOPOLKITCONF NOPOWERMANAGEMENT NOPROGRAMCRASHES NOSUDO NOTIMEZONE NOUPDATENOTIFIER NOUSER NOXAUTOCONFIG NOXAUTOLOGIN NOXSCREENSAVER
+                               ;;
+
                        access=*)
                                ACCESS="${ARGUMENT#access=}"
                                export ACCESS
@@ -66,6 +95,11 @@ Arguments ()
                                set -x
                                ;;
 
+                       ethdevice=*)
+                               DEVICE="${ARGUMENT#ethdevice=}"
+                               export DEVICE
+                               ;;
+
                        fetch=*)
                                 FETCH="${ARGUMENT#fetch=}"
                                 export FETCH
@@ -97,6 +131,11 @@ Arguments ()
                                export HOSTNAME LIVECONF
                                ;;
 
+                       isofrom=*|fromiso=*)
+                               FROMISO="${ARGUMENT#*=}"
+                               export FROMISO
+                               ;;
+
                        username=*)
                                USERNAME="${ARGUMENT#username=}"
                                LIVECONF="changed"
@@ -362,6 +401,11 @@ Arguments ()
                                export NOPERSISTENT
                                ;;
 
+                       quickusbmodules)
+                               QUICKUSBMODULES="Yes"
+                               export QUICKUSBMODULES
+                               ;;
+
                        preseed/file=*|file=*)
                                LOCATION="${ARGUMENT#*=}"
                                export LOCATION
@@ -380,9 +424,9 @@ Arguments ()
                                mount -o bind /dev /root/dev
 
                                mkdir -p /root/var/run/network
-                               chroot /root dhclient eth0
+                               [ "${NETBOOT}" ] || chroot /root dhclient eth0
                                chroot /root wget -P /tmp "${location}"
-                               chroot /root ifconfig eth0 down
+                               [ "${NETBOOT}" ] || chroot /root ifconfig eth0 down
 
                                umount /root/sys
                                umount /root/proc
@@ -611,7 +655,7 @@ is_nice_device ()
 {
        sysfs_path="${1#/sys}"
 
-       if /lib/udev/path_id "${sysfs_path}" | grep -E -q "ID_PATH=(usb|pci-[^-]*-(ide|scsi|usb))"
+       if /lib/udev/path_id "${sysfs_path}" | grep -E -q "ID_PATH=(usb|pci-|platform-mmc)"
        then
                return 0
        elif echo "${sysfs_path}" | grep -q '^/block/vd[a-z]$'
@@ -686,10 +730,22 @@ copy_live_to ()
        else
                if [ -n "${MODULETORAMFILE}" ]
                then
-                       cp ${MODULETORAMFILE} ${copyto} # copy only the filesystem module
+                       if [ -x /bin/rsync ]
+                       then
+                               echo " * Copying $MODULETORAMFILE to RAM" 1>/dev/console
+                               rsync -a --progress ${MODULETORAMFILE} ${copyto} 1>/dev/console # copy only the filesystem module
+                       else
+                               cp ${MODULETORAMFILE} ${copyto} # copy only the filesystem module
+                       fi
                else
-                       mkdir -p ${copyto}/${LIVE_MEDIA_PATH}
-                       cp -a ${copyfrom}/${LIVE_MEDIA_PATH}/* ${copyto}/${LIVE_MEDIA_PATH}   # "cp -a" from busybox also copies hidden files
+                       if [ -x /bin/rsync ]
+                       then
+                               echo " * Copying whole medium to RAM" 1>/dev/console
+                               rsync -a --progress ${copyfrom}/* ${copyto} 1>/dev/console  # "cp -a" from busybox also copies hidden files
+                       else
+                               mkdir -p ${copyto}/${LIVE_MEDIA_PATH}
+                               cp -a ${copyfrom}/${LIVE_MEDIA_PATH}/* ${copyto}/${LIVE_MEDIA_PATH}   # "cp -a" from busybox also copies hidden files
+                       fi
                fi
 
                umount ${copyfrom}
@@ -1050,15 +1106,10 @@ setup_unionfs ()
        # Let's just mount the read-only file systems first
        rofsstring=""
        rofslist=""
-       minor_kernel_version=$(uname -r|cut -c 5-|sed 's/[^0-9].*//')
 
-       if [ "${NETBOOT}" = "nfs" ] && [ "${minor_kernel_version}" -lt 22 ]
-       then
-               # go aroung a bug in nfs-unionfs locking for unionfs <= 1.4
-               roopt="nfsro"
-       elif [ "${UNIONTYPE}" = "aufs" ]
+       if [ "${UNIONTYPE}" = "aufs" ]
        then
-               roopt="rr"
+               roopt="rr,xino=/tmp/aufs.xino"
        else
                roopt="ro"
        fi
@@ -1172,37 +1223,40 @@ setup_unionfs ()
        # Looking for "${root_persistence}" device or file
        if [ -n "${PERSISTENT}" ] && [ -z "${NOPERSISTENT}" ]
        then
-               # Load USB modules
-               num_block=$(ls -l /sys/block | wc -l)
-               for module in sd_mod uhci-hcd ehci-hcd ohci-hcd usb-storage
-               do
-                       modprobe -q -b ${module}
-               done
-
-               if [ -x /sbin/udevadm ]
+               if [ -z "${QUICKUSBMODULES}" ]
                then
-                       # lenny
-                       udevadm trigger
-                       udevadm settle
-               else
-                       # etch
-                       udevtrigger
-                       udevsettle
-               fi
-
-               # For some reason, udevsettle does not block in this scenario,
-               # so we sleep for a little while.
-               #
-               # See https://bugs.launchpad.net/ubuntu/+source/casper/+bug/84591
-               for timeout in 5 4 3 2 1
-               do
-                       sleep 1
+                       # Load USB modules
+                       num_block=$(ls -l /sys/block | wc -l)
+                       for module in sd_mod uhci-hcd ehci-hcd ohci-hcd usb-storage
+                       do
+                               modprobe -q -b ${module}
+                       done
 
-                       if [ $(ls -l /sys/block | wc -l) -gt ${num_block} ]
+                       if [ -x /sbin/udevadm ]
                        then
-                               break
+                               # lenny
+                               udevadm trigger
+                               udevadm settle
+                       else
+                               # etch
+                               udevtrigger
+                               udevsettle
                        fi
-               done
+
+                       # For some reason, udevsettle does not block in this scenario,
+                       # so we sleep for a little while.
+                       #
+                       # See https://bugs.launchpad.net/ubuntu/+source/casper/+bug/84591
+                       for timeout in 5 4 3 2 1
+                       do
+                               sleep 1
+
+                               if [ $(ls -l /sys/block | wc -l) -gt ${num_block} ]
+                               then
+                                       break
+                               fi
+                       done
+               fi
 
                # search for label and files (this could be hugely optimized)
                cowprobe=$(find_cow_device "${root_persistence}")
@@ -1372,6 +1426,17 @@ check_dev ()
        devname="${2}"
        skip_uuid_check="${3}"
 
+       # support for fromiso=.../isofrom=....
+       if [ -n "$FROMISO" ]
+       then
+               mkdir /isofrom
+               ISO_DEVICE="$(echo $FROMISO | sed 's|\(/dev/[a-z]*[0-9]*\).*|\1|')"
+               mount "$ISO_DEVICE" /isofrom
+               ISO_NAME="$(echo $FROMISO | sed 's|/dev/[a-z]*[0-9]*/||')"
+               loopdevname=$(setup_loop "/isofrom/${ISO_NAME}" "loop" "/sys/block/loop*" "" '')
+               devname="${loopdevname}"
+       fi
+
        if [ -z "${devname}" ]
        then
                devname=$(sys2dev "${sysdev}")
@@ -1453,6 +1518,7 @@ find_livefs ()
                                        fi
                                fi
                        done
+                       return 1
                        ;;
 
                removable)
@@ -1469,6 +1535,7 @@ find_livefs ()
                                        done
                                fi
                        done
+                       return 1
                        ;;
 
                *)
@@ -1643,6 +1710,15 @@ mountroot ()
                log_end_msg
        fi
 
+       # if we do not unmount the ISO we can't run "fsck /dev/ice" later on
+       # because the mountpoint is left behind in /proc/mounts, so let's get
+       # rid of it when running from RAM
+       if [ -n "$FROMISO" ] && [ "${TORAM}" ]
+       then
+         losetup -d /dev/loop0
+         grep -q /isofrom /proc/mounts && umount /isofrom
+       fi
+
        if [ -n "${MODULETORAMFILE}" ] || [ -n "${PLAIN_ROOT}" ]
        then
                setup_unionfs "${livefs_root}" "${rootmnt}"
index bdb972c..c7adad2 100755 (executable)
@@ -117,6 +117,11 @@ then
        mv /root/home/${USERNAME}/Examples /root/home/${USERNAME}/Desktop/
 fi
 
+if [ -f /root/home/$USERNAME/examples.desktop ]; then
+    chroot /root install -o $USERNAME -g $USERNAME -d /home/$USERNAME/Desktop/
+    mv /root/home/$USERNAME/examples.desktop /root/home/$USERNAME/Desktop/
+fi
+
 if [ -e /root/usr/share/applications/live-installer-launcher.desktop ]
 then
        chroot /root install -D -o ${USERNAME} -g ${USERNAME} /usr/share/applications/live-installer-launcher.desktop /home/${USERNAME}/Desktop/live-installer-launcher.desktop
index 22c11a0..f1dc2e3 100755 (executable)
@@ -55,7 +55,7 @@ then
        echo "tmpfs /tmp tmpfs nosuid,nodev 0 0" >> "${FSTAB}"
 fi
 
-if [ -z "${NOSWAP}" ]
+if [ -n "${SWAPON}" ]
 then
        devices=""
 
@@ -66,7 +66,10 @@ then
                        continue
                fi
 
-               /lib/udev/vol_id ${device%%[0-9]*} 2>/dev/null | grep -q "^ID_FS_USAGE=raid" && continue
+               if [ -x /lib/udev/vol_id ]
+               then
+                       /lib/udev/vol_id ${device%%[0-9]*} 2>/dev/null | grep -q "^ID_FS_USAGE=raid" && continue
+               fi
 
                magic=$(/bin/dd if="${device}" bs=4086 skip=1 count=1 2>/dev/null | /bin/dd bs=10 count=1 2>/dev/null) || continue
 
index d465698..52a6a58 100755 (executable)
@@ -61,38 +61,54 @@ then
        csmodel="${KMODEL}"
 fi
 
-if [ -x /root/bin/setupcon ] && [ -f /root/etc/default/console-setup ]
+if [ -x /root/bin/setupcon ]
 then
-       if [ "${cslayout}" ]
+       if [ -f /root/etc/default/keyboard ]
        then
-               chroot /root sed -i "s/^XKBLAYOUT=.*/XKBLAYOUT=\"${cslayout}\"/" \
-               /etc/default/console-setup
+               # squeeze
+               KEYBOARD_FILE="/etc/default/keyboard"
+       elif [ -f /root/etc/default/console-setup ]
+       then
+               # lenny
+               KEYBOARD_FILE="/etc/default/console-setup"
+       fi
 
-               if [ "${csvariant}" ]
+       if [ -n "/root${KEYBOARD_FILE}" ]
+       then
+               if [ "${cslayout}" ]
                then
-                       chroot /root sed -i "s/^XKBVARIANT=.*/XKBVARIANT=\"${csvariant}\"/" \
-                       /etc/default/console-setup
+                       chroot /root sed -i "s/^XKBLAYOUT=.*/XKBLAYOUT=\"${cslayout}\"/" \
+                       ${KEYBOARD_FILE}
+
+                       if [ "${csvariant}" ]
+                       then
+                               chroot /root sed -i "s/^XKBVARIANT=.*/XKBVARIANT=\"${csvariant}\"/" \
+                               ${KEYBOARD_FILE}
+                       else
+                               live-preseed /root console-setup/variantcode '' false
+                       fi
+
+                       if [ "${csmodel}" ]
+                       then
+                               chroot /root sed -i "s/^XKBMODEL=.*/XKBMODEL=\"${csmodel}\"/" \
+                               ${KEYBOARD_FILE}
+                       else
+                               live-preseed /root console-setup/modelcode '' false
+                       fi
                else
+                       live-preseed /root console-setup/layoutcode '' false
                        live-preseed /root console-setup/variantcode '' false
+                       live-preseed /root console-setup/modelcode '' false
                fi
 
-               if [ "${csmodel}" ]
+               live-preseed /root console-setup/optionscode '' false
+               live-preseed /root console-setup/codesetcode '' false
+
+               if [ -f /root/etc/init.d/usplash ]
                then
-                       chroot /root sed -i "s/^XKBMODEL=.*/XKBMODEL=\"${csmodel}\"/" \
-                       /etc/default/console-setup
-               else
-                       live-preseed /root console-setup/modelcode '' false
+                       sed -i 's/CONSOLE_SCREEN=$/CONSOLE_SCREEN=setupcon/; t END; b; : END; n; b END' /root/etc/init.d/usplash
                fi
-       else
-               live-preseed /root console-setup/layoutcode '' false
-               live-preseed /root console-setup/variantcode '' false
-               live-preseed /root console-setup/modelcode '' false
        fi
-
-       live-preseed /root console-setup/optionscode '' false
-       live-preseed /root console-setup/codesetcode '' false
-
-       sed -i 's/CONSOLE_SCREEN=$/CONSOLE_SCREEN=setupcon/; t END; b; : END; n; b END' /root/etc/init.d/usplash
 elif [ -e /root/usr/sbin/install-keymap ]
 then
        chroot /root /usr/sbin/install-keymap ${kbd}
index f6a3f8d..d06b2d6 100755 (executable)
@@ -75,8 +75,13 @@ then
        setmodel="set xserver-xorg/config/inputdevice/keyboard/model ${KMODEL}"
 fi
 
+if [ -n "${KLAYOUT}" ]
+then
+       setlayout="set xserver-xorg/config/inputdevice/keyboard/layout ${KLAYOUT}"
+fi
+
 chroot /root debconf-communicate -fnoninteractive live-initramfs > /dev/null << EOF
-set xserver-xorg/config/inputdevice/keyboard/layout ${kbd}
+${setlayout}
 ${setvariant}
 ${setmodel}
 ${setoptions}
diff --git a/scripts/live-bottom/22sslcert b/scripts/live-bottom/22sslcert
new file mode 100755 (executable)
index 0000000..1950eef
--- /dev/null
@@ -0,0 +1,34 @@
+#!/bin/sh
+
+#set -e
+
+# initramfs-tools header
+
+PREREQ=""
+
+prereqs()
+{
+       echo "${PREREQ}"
+}
+
+case "${1}" in
+       prereqs)
+               prereqs
+               exit 0
+               ;;
+esac
+
+# live-initramfs header
+
+. /scripts/live-functions
+
+log_begin_msg "Regenerating SSL certificate..."
+
+# live-initramfs script
+
+if [ -x /root/usr/sbin/make-ssl-cert ]
+then
+       chroot /root /usr/sbin/make-ssl-cert generate-default-snakeoil --force-overwrite
+fi
+
+log_end_msg
index 3ff3fda..3c51fa0 100755 (executable)
@@ -47,15 +47,6 @@ gct ()
        fi
 }
 
-laptop_detect ()
-{
-       if chroot /root /usr/sbin/laptop-detect
-       then
-               echo "orca.settings.orcaModifierKeys = orca.settings.LAPTOP_MODIFIER_KEYS" >> /root/home/$USERNAME/.orca/user-settings.py
-               echo "orca.settings.keyboardLayout = orca.settings.GENERAL_KEYBOARD_LAYOUT_LAPTOP" >> /root/home/$USERNAME/.orca/user-settings.py
-       fi
-}
-
 remove_applet ()
 {
        # Code to remove an applet from the default panel setup
@@ -98,6 +89,7 @@ case ${ACCESS} in
                gct -s -t string /desktop/gnome/applications/at/visual/exec orca
                gct -s -t bool /apps/gksu/disable-grab true
                gct -s -t string /desktop/gnome/applications/window_manager/default /usr/bin/metacity
+               sed -i -e 's/# Host alias specification/Defaults\tenv_keep = "ORBIT_SOCKETDIR XDG_SESSION_COOKIE GTK_MODULES"\n\n# Host alias specification/g' /root/etc/sudoers
 
                if [ -x /root/usr/bin/orca ]
                then
@@ -105,7 +97,6 @@ case ${ACCESS} in
                        echo "import orca.settings" >> /root/home/${USERNAME}/.orca/user-settings.py
                        echo "orca.settings.enableSpeech = False" >> /root/home/${USERNAME}/.orca/user-settings.py
                        echo "orca.settings.enableMagnifier = True" >> /root/home/${USERNAME}/.orca/user-settings.py
-                       laptop_detect
                        chroot /root chown -R ${USERNAME}:${USERNAME} /home/${USERNAME}/.orca
                fi
                ;;
@@ -119,8 +110,22 @@ case ${ACCESS} in
                gct -s -t string /desktop/gnome/applications/at/visual/exec orca
                gct -s -t bool /apps/gksu/disable-grab true
                gct -s -t string /desktop/gnome/applications/window_manager/default /usr/bin/metacity
+               sed -i -e 's/# Host alias specification/Defaults\tenv_keep = "ORBIT_SOCKETDIR XDG_SESSION_COOKIE GTK_MODULES"\n\n# Host alias specification/g' /root/etc/sudoers
 
                remove_applet fast_user_switch
+               if [ -x /root/usr/bin/pulse-session ]
+               then
+                       touch /root/home/$USERNAME/.pulse_a11y_nostart
+                       chroot /root chown $USERNAME.$USERNAME /home/$USERNAME/.pulse_a11y_nostart
+                       mkdir -p /root/home/$USERNAME/.pulse
+                       echo "autospawn = no" > /root/home/$USERNAME/.pulse/client.conf
+                       chroot /root chown -R $USERNAME.$USERNAME /home/$USERNAME/.pulse
+               fi
+               if [ -x /root/usr/bin/orca ]
+               then
+                       mkdir -p /root/home/$USERNAME/.orca
+                       chroot /root chown -R $USERNAME.$USERNAME /home/$USERNAME/.orca
+               fi
                ;;
 
        braille=ask)
@@ -130,6 +135,7 @@ case ${ACCESS} in
                gct -s -t string /desktop/gnome/applications/at/visual/exec orca
                gct -s -t bool /apps/gksu/disable-grab true
                gct -s -t string /desktop/gnome/applications/window_manager/default /usr/bin/metacity
+               sed -i -e 's/# Host alias specification/Defaults\tenv_keep = "ORBIT_SOCKETDIR XDG_SESSION_COOKIE GTK_MODULES"\n\n# Host alias specification/g' /root/etc/sudoers
 
                if [ -x /root/usr/bin/orca ]
                then
@@ -141,6 +147,15 @@ case ${ACCESS} in
                        chroot /root chown -R ${USERNAME}:${USERNAME} /home/${USERNAME}/.orca
                fi
 
+               if [ -x /root/usr/bin/pulse-session ]
+               then
+                       touch /root/home/$USERNAME/.pulse_a11y_nostart
+                       chroot /root chown $USERNAME.$USERNAME /home/$USERNAME/.pulse_a11y_nostart
+                       mkdir -p /root/home/$USERNAME/.pulse
+                       echo "autospawn = no" > /root/home/$USERNAME/.pulse/client.conf
+                       chroot /root chown -R $USERNAME.$USERNAME /home/$USERNAME/.pulse
+               fi
+
                remove_applet fast_user_switch
                ;;
 
diff --git a/scripts/live-bottom/34disable_kde_services b/scripts/live-bottom/34disable_kde_services
new file mode 100755 (executable)
index 0000000..3350d61
--- /dev/null
@@ -0,0 +1,41 @@
+#!/bin/sh
+
+#set -e
+
+# initramfs-tools header
+
+PREREQ=""
+
+prereqs()
+{
+       echo "${PREREQ}"
+}
+
+case "${1}" in
+       prereqs)
+               prereqs
+               exit 0
+               ;;
+esac
+
+# live-initramfs header
+
+. /scripts/live-functions
+
+log_begin_msg "Disabling unnecessary KDE services..."
+
+# live-initramfs script
+
+rm -f /root/usr/share/services/kded/kwalletd.desktop
+rm -f /root/usr/share/kde4/services/kwalletd.desktop
+rm -f /root/usr/share/autostart/kab2kabc.desktop
+rm -f /root/usr/share/autostart/kabcdistlistupdater.desktop
+rm -f /root/usr/share/autostart/korgac.desktop
+rm -f /root/usr/share/autostart/printer-applet.desktop
+rm -f /root/usr/share/autostart/nepomukserver.desktop
+rm -f /root/usr/share/kde4/services/kded/kpackagekitd.desktop
+rm -f /root/usr/share/kde4/services/kded/susefreespacenotifier.desktop
+rm -f /root/usr/share/kde4/services/plasma-runner-contacts.desktop  # starts akonadi
+rm -f /root/etc/xdg/autostart/update-notifier-kde.desktop
+
+log_end_msg
index 0a434ed..6ceeacf 100755 (executable)
@@ -22,20 +22,38 @@ esac
 
 . /scripts/live-functions
 
-log_begin_msg "Disabling update-initramfs"
+log_begin_msg "Possibly disabling update-initramfs (useless on a live CD)..."
 
 # live-initramfs script
 
 chroot /root dpkg-divert --add --rename --quiet \
        /usr/sbin/update-initramfs
 
-cat > /root/usr/sbin/update-initramfs <<EOF
+# Running off a USB disk or other writable media.
+if [ -w /root/cdrom ] && \
+   ! grep -q '^[^ ]* /root/cdrom [^ ]* [^ ]*\<ro\>' /proc/mounts
+then
+
+cat > /root/usr/sbin/update-initramfs << 'EOF'
+#!/bin/sh
+
+update-initramfs.distrib "$@"
+cp /initrd.img /cdrom/live/initrd.gz
+cp /vmlinuz /cdrom/live/vmlinuz
+exit 0
+EOF
+
+else
+
+cat > /root/usr/sbin/update-initramfs << EOF
 #!/bin/sh
 
-echo "update-initramfs is disabled since running on a live CD"
+echo "update-initramfs is disabled since running on read-only media"
 exit 0
 EOF
 
+fi
+
 chmod 0755 /root/usr/sbin/update-initramfs
 
 log_end_msg
index 17895ca..8809800 100755 (executable)
@@ -32,7 +32,14 @@ log_begin_msg "Executing custom hook script"
 # live-initramfs script
 
 cd /root
-chroot /root wget "${HOOK}"
+
+if [ $(echo "${HOOK}" | grep file:\/\/) ]
+then
+       LOCALFILE=$(echo ${HOOK} | sed "s/file\:\/\///")
+       cp ${LOCALFILE} /root
+else
+       chroot /root wget "${HOOK}"
+fi
 
 FILE="$(basename ${HOOK})"
 
index d5ad29f..6edd51c 100644 (file)
@@ -76,25 +76,17 @@ is_supported_fs ()
 
 get_fstype ()
 {
-       local FSTYPE
-       local FSSIZE
-
-       # fstype misreports LUKS devices
-       if is_luks "${1}"
-       then
-           /lib/udev/vol_id -t ${1} 2>/dev/null
-           return
-       fi
-
-       eval $(fstype ${1} 2>/dev/null)
-
-       if [ "${FSTYPE}" != "unknown" ]
+       # udev >=146-1 no longer provides vol_id:
+       if [ -x /lib/udev/vol_id ]
        then
-               echo ${FSTYPE}
-               return 0
+               /lib/udev/vol_id -t ${1} 2>/dev/null
+       else
+               eval $(blkid -o udev "${1}")
+               if [ -n "$ID_FS_TYPE" ]
+               then
+                       echo "${ID_FS_TYPE}"
+               fi
        fi
-
-       /lib/udev/vol_id -t ${1} 2>/dev/null
 }
 
 where_is_mounted ()
@@ -295,7 +287,8 @@ try_mount ()
                then
                        fstype=$(get_fstype "${dev}")
                fi
-               mount -t "${fstype}" -o "${opts}" "${dev}" "${mountp}" || panic "Cannot mount ${dev} on ${mountp}, fstype=${fstype}, options=${opts}"
+               mount -t "${fstype}" -o "${opts}" "${dev}" "${mountp}" || \
+               ( echo "SKIPPING: Cannot mount ${dev} on ${mountp}, fstype=${fstype}, options=${opts}" > live.log && return 0 )
        fi
 }
 
@@ -357,10 +350,21 @@ find_cow_device ()
                                done
                        fi
 
-                       if [ "$(/lib/udev/vol_id -l ${devname} 2>/dev/null)" = "${pers_label}" ]
+                       # udev >=146-1 no longer provides vol_id:
+                       if [ -x /lib/udev/vol_id ]
                        then
-                               echo "${devname}"
-                               return 0
+                               if [ "$(/lib/udev/vol_id -l ${devname} 2>/dev/null)" = "${pers_label}" ]
+                               then
+                                       echo "${devname}"
+                                       return 0
+                               fi
+                       else
+                               eval $(blkid -o udev "${devname}")
+                               if [ "$ID_FS_LABEL" = "${pers_label}" ]
+                               then
+                                       echo "${devname}"
+                                       return 0
+                               fi
                        fi
 
                        if [ "${PERSISTENT}" = "nofiles" ]
@@ -373,17 +377,15 @@ find_cow_device ()
                        case "$(get_fstype ${devname})" in
                                vfat|ext2|ext3|ext4|jffs2)
                                        mkdir -p "${cow_backing}"
-                                       if ! try_mount "${devname}" "${cow_backing}" "rw"
-                                       then
-                                               break
-                                       fi
-
-                                       if [ -f "${pers_fpath}" ]
+                                       if try_mount "${devname}" "${cow_backing}" "rw"
                                        then
-                                               echo $(setup_loop "${pers_fpath}" "loop" "/sys/block/loop*")
-                                               return 0
-                                       else
-                                               umount ${cow_backing}
+                                               if [ -f "${pers_fpath}" ]
+                                               then
+                                                       echo $(setup_loop "${pers_fpath}" "loop" "/sys/block/loop*")
+                                                       return 0
+                                               else
+                                                       umount ${cow_backing} > /dev/null 2>&1 || true
+                                               fi
                                        fi
                                        ;;
                                *)
diff --git a/scripts/live-premount/readonly b/scripts/live-premount/readonly
new file mode 100755 (executable)
index 0000000..8bed733
--- /dev/null
@@ -0,0 +1,35 @@
+#!/bin/sh
+
+#set -e
+
+# initramfs-tools header
+
+PREREQ="udev"
+
+prereqs()
+{
+       echo "${PREREQ}"
+}
+
+case "${1}" in
+       prereqs)
+               prereqs
+               exit 0
+               ;;
+esac
+
+# live-initramfs script
+
+# make sure all harddisk devices are read-only
+# this is important for forensic investigations
+if grep -qe forensic -qe readonly /proc/cmdline
+then
+       for device in /dev/hd* /dev/sd* /dev/vd*
+       do
+               if [ -b "$device" ]
+               then
+                       printf " * Setting device %-9s to read-only mode: " $device >/dev/console
+                       blockdev --setro $device && printf "done [ execute \"blockdev --setrw %-9s\" to unlock]\n" $device >/dev/console || printf "failed\n" >/dev/console
+               fi
+       done
+fi