#!/bin/bash
-# Filename: /etc/grml/fai/config/hooks/instsoft.GRMLBASE
+# Filename: ${GRML_FAI_CONFIG}/hooks/instsoft.GRMLBASE
# Purpose: Grml specific software installation in the chroot, executed after updatebase
# Authors: grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
# Bug-Reports: see http://grml.org/bugs/
set -u
set -e
+# if hooks/updatebase.GRMLBASE fails for whatever reason
+# and can't skip instsoft.GRMLBASE we have to make sure
+# we exit here as well
+if [ -n "$BUILD_ONLY" ] ; then
+ "Exiting hooks/instsoft.GRMLBASE as BUILD_ONLY environment is set."
+ exit 0
+fi
+
if [ "$FAI_ACTION" = "softupdate" ] ; then
echo "Action $FAI_ACTION of FAI (hooks/instsoft.GRMLBASE) via grml-live running"
if [ -r /etc/resolv.conf ] ; then
- if [ -r $target/etc/resolvconf/run/resolv.conf ] ; then
+ if [ -d $target/etc/resolvconf/run ] ; then # resolvconf without /run
+ # sanity check to avoid "input file is output file",
+ # see http://bts.grml.org/grml/issue984
+ if ! [ -L $target/etc/resolvconf/run/resolv.conf ] ; then
cat /etc/resolv.conf >> $target/etc/resolvconf/run/resolv.conf
- else
+ else
+ echo "Error: /etc/resolvconf/run/resolv.conf in chroot should not be a symlink." >&2
+ echo " Looks like something is wrong, please fix manually." >&2
+ exit 1
+ fi
+ elif [ -L $target/etc/resolvconf/run ] ; then # resolvconf with /run
+ # /etc/resolvconf/run symlinks to /run/resolvconf
+ mkdir -p $target/run/resolvconf
+ cat /etc/resolv.conf >> $target/run/resolvconf/resolv.conf
+ else # no resolvconf installed in chroot
+ if ! [ -L $target/etc/resolv.conf ] ; then
cat /etc/resolv.conf >> $target/etc/resolv.conf
- fi
+ else
+ echo "Error: /etc/resolv.conf in chroot should not be a symlink (resolvconf not installed)." >&2
+ exit 1
+ fi
+ fi
fi
if [ -r $target/etc/policy-rc.d.conf ] ; then
//DPkg::Tools::Options::/usr/sbin/apt-listbugs::Version "2";
EOF
- # FAI softupdate executes upgrade only with the sources.list being
- # present in the chroot - so let's do it on our own:
- if [ -r /etc/grml/fai/apt/sources.list ] ; then
- if [ -L $target/etc/apt/sources.list ] ; then
- rm $target/etc/apt/sources.list
- fi
-
- # install grml-live's (on the fly adjusted) sources.list config
- cp /etc/grml/fai/apt/sources.list $target/etc/apt/sources.list.d/grml-live.list
-
- # when re-running grml-live with the -u option we do not want to use the
- # sources.list config of the live system but grml-live's config instead,
- # therefore temporarly move known files and restore them again later on
- # through /etc/grml/fai/config/scripts/GRMLBASE/33-aptsetup:
- if [ -r $target/etc/apt/sources.list.d/grml.list ] ; then
- mv $target/etc/apt/sources.list.d/grml.list $target/etc/apt/sources.list.d/grml.unused
- fi
- if [ -r $target/etc/apt/sources.list.d/debian.list ] ; then
- mv $target/etc/apt/sources.list.d/debian.list $target/etc/apt/sources.list.d/debian.unused
- fi
- fi
-
# run it on our own, as updatebase is used at the wrong stage for our needs,
- # see /etc/grml/fai/config/hooks/updatebase.GRMLBASE
+ # see ${GRML_FAI_CONFIG}/hooks/updatebase.GRMLBASE
# the apt-get update might return an error if there's for example
# a hashsum mismatch on Debian mirror sources, we might want to continue
# but should warn the user
echo "Warning: there was an error executing apt-get update, continuing anyway."
fi
+ # work around /etc/kernel/postinst.d/zz-update-grub failing
+ # inside openvz environment, see #597084
+ if ! $ROOTCMD dpkg-divert --list | grep -q '/usr/sbin/update-grub' ; then
+ echo "Diverting update-grub executable"
+ $ROOTCMD dpkg-divert --rename --add /usr/sbin/update-grub
+ $ROOTCMD ln -s /bin/true /usr/sbin/update-grub
+ fi
+
# newer aptitude versions won't remove essential packages using
# 'aptitude -f -y install file-rc' anymore, therefore force it:
$ROOTCMD aptitude -o Aptitude::ProblemResolver::Keep-All-Tier=60000 -f -y install file-rc
- if ! [ -x $target/usr/bin/aptitude ] ; then
+ if ! $ROOTCMD test -x /usr/bin/aptitude ; then
$ROOTCMD apt-get -y install aptitude
fi
- if [ -x $target/usr/bin/aptitude ] ; then
+ # make sure we can upgrade automatically,
+ # even with unsigned repos, but only if user wants it
+ if [ "${FAI_ALLOW_UNSIGNED:-}" = "1" ] ; then
+ APTGET_OPTS="${APTGET_OPTS:-} --allow-unauthenticated"
+ APTITUDE_OPTS="${APTITUDE_OPTS:-} --allow-untrusted"
+ fi
+
+ if $ROOTCMD test -x /usr/bin/aptitude ; then
if $ROOTCMD aptitude --help | grep -q safe-upgrade ; then
- APT_LISTCHANGES_FRONTEND=none APT_LISTBUGS_FRONTEND=none $ROOTCMD aptitude -y safe-upgrade
+ APT_LISTCHANGES_FRONTEND=none APT_LISTBUGS_FRONTEND=none $ROOTCMD aptitude -y $APTITUDE_OPTS safe-upgrade
else
- APT_LISTCHANGES_FRONTEND=none APT_LISTBUGS_FRONTEND=none $ROOTCMD aptitude -y upgrade
+ APT_LISTCHANGES_FRONTEND=none APT_LISTBUGS_FRONTEND=none $ROOTCMD aptitude -y $APTITUDE_OPTS upgrade
fi
else
- APT_LISTCHANGES_FRONTEND=none APT_LISTBUGS_FRONTEND=none $ROOTCMD apt-get -y upgrade
+ APT_LISTCHANGES_FRONTEND=none APT_LISTBUGS_FRONTEND=none $ROOTCMD apt-get -y $APTGET_OPTS --force-yes upgrade
fi
exit # make sure we don't continue behind the following "fi"
fi
## END OF FILE #################################################################
-# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=3
+# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2