# Authors: grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
# Bug-Reports: see http://grml.org/bugs/
# License: This file is licensed under the GPL v2.
-# Latest change: Mon Apr 16 15:26:11 CEST 2007 [mika]
+# Latest change: Mit Dez 19 10:10:50 CET 2007 [mika]
################################################################################
set -e # exit on any error
[ -r /proc/1 ] || mount -t proc none /proc
+# variable checks {{{
+
# use aptitude only if it's available
if [ -x /usr/bin/aptitude ] ; then
APTINSTALL='aptitude -y install '
APTUPDATE='apt-get update'
fi
-# variable checks {{{
if [ -z "$STAGES" ] ; then
STAGES='/etc/debootstrap/stages'
[ -d "$STAGES" ] || mkdir -p "$STAGES"
echo "$2" > "$STAGES/$1"
return 0
elif grep -q done "$STAGES/$1" 2>/dev/null ; then
- echo "Notice: stage $1 has been executed already, skipping execution therefore.">&2
+ echo "[*] Notice: stage $1 has been executed already, skipping execution therefore.">&2
return 1
fi
}
# define chroot mirror {{{
chrootmirror() {
- if [ -n "$CHROOTMIRROR" ] ; then
- echo "deb $CHROOTMIRROR $RELEASE main contrib non-free" > /etc/apt/sources.list
+ if [ -n "$ISO" ] ; then
+ echo "deb $ISO $RELEASE main contrib" > /etc/apt/sources.list
+ [ -n "$CHROOTMIRROR" ] && echo "deb $CHROOTMIRROR $RELEASE main contrib non-free" >> /etc/apt/sources.list
+ else
+ if [ -n "$CHROOTMIRROR" ] ; then
+ echo "deb $CHROOTMIRROR $RELEASE main contrib non-free" > /etc/apt/sources.list
+ fi
fi
}
# }}}
# set up grml repository {{{
grmlrepos() {
if [ -n "$GRMLREPOS" ] ; then
- echo 'deb http://grml.org/repos/ ./' >> /etc/apt/sources.list
+ cat >> /etc/apt/sources.list << EOF
+
+# grml: stable repository:
+ deb http://deb.grml.org/ grml-stable main
+ deb-src http://deb.grml.org/ grml-stable main
+
+# grml: testing/development repository:
+ deb http://deb.grml.org/ grml-testing main
+ deb-src http://deb.grml.org/ grml-testing main
+
+EOF
+ # make sure we have the keys available for aptitude
+ gpg --keyserver subkeys.pgp.net --recv-keys F61E2E7CECDEA787
+ gpg --export F61E2E7CECDEA787 | apt-key add - || /bin/true # not yet sure
+ # why it's necessary, sometimes we get an error even though it works [mika]
+
+ # make sure we install packages from grml's pool only if not available
+ # from Debian!
+ if ! grep -q grml /etc/apt/preferences 2>/dev/null ; then
+ cat >> /etc/apt/preferences << EOF
+// debian pool (default):
+Package: *
+Pin: release o=Debian
+Pin-Priority: 996
+
+// main grml-repository:
+Package: *
+Pin: origin deb.grml.org
+Pin-Priority: 991
+EOF
+ fi
fi
}
# }}}
}
# }}}
-# sarge specific stuff: mkinitrd {{{
+# install extra packages {{{
+extrapackages() {
+ if [ "$EXTRAPACKAGES" = 'yes' ] ; then
+ PACKAGELIST=$(find /etc/debootstrap/extrapackages -type f -name '*.deb')
+ if [ -n "$PACKAGELIST" ]; then
+ dpkg -i $PACKAGELIST
+ # run apt again to resolve any deps
+ DEBIAN_FRONTEND=$DEBIAN_FRONTEND $APTINSTALL
+ fi
+ fi
+}
+# }}}
+
+# sarge specific stuff: mkinitrd {{{
mkinitrd() {
if [ "$RELEASE" = 'sarge' ] ; then
sed -i "s#ROOT=probe#ROOT=$TARGET#" /etc/mkinitrd/mkinitrd.conf
# }}}
# set password of user root {{{
+setpassword() {
+# Set a password, via chpasswd.
+# Use perl rather than echo, to avoid the password
+# showing in the process table. (However, this is normally
+# only called when first booting the system, when root has no
+# password at all, so that should be an unnecessary precaution).
+#
+# Pass in three arguments: the user, the password, and 'true' if the
+# password has been pre-crypted (by preseeding).
+#
+# Taken from /var/lib/dpkg/info/passwd.config
+ SETPASSWD_PW="$2"
+ export SETPASSWD_PW
+
+ # This is very annoying. chpasswd cannot handle generating md5
+ # passwords as it is not PAM-aware. Thus, I have to work around
+ # that by crypting the password myself if md5 is used.
+ USE_MD5=1
+ export USE_MD5
+
+ if [ "$3" = true ]; then
+ PRECRYPTED=1
+ else
+ PRECRYPTED=''
+ fi
+ export PRECRYPTED
+ LC_ALL=C LANGUAGE=C LANG=C perl -e '
+ sub CreateCryptSalt {
+ my $md5 = shift;
+
+ my @valid = split(//, "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ");
+ my ($in, $out);
+
+ my $cryptsaltlen = ($md5 ? 8 : 2);
+
+ open (F, "</dev/urandom") || die "No /dev/urandom found!";
+ foreach (1..$cryptsaltlen) {
+ read(F, $in, 1);
+ $out .= $valid[ord($in) % ($#valid + 1)];
+ }
+ close F;
+ return ($md5 ? "\$1\$$out\$" : $out);
+ }
+
+ open(P,"| chpasswd -e");
+ if ($ENV{PRECRYPTED}) {
+ print P shift().":$ENV{SETPASSWD_PW}\n";
+ } else {
+ print P shift().":".
+ crypt($ENV{SETPASSWD_PW}, CreateCryptSalt($ENV{USE_MD5})).
+ "\n";
+ }
+ close P;
+ ' "$1"
+ SETPASSWD_PW=''
+ USE_MD5=''
+ PRECRYPTED=''
+}
+
passwords() {
echo "Activating shadow passwords."
shadowconfig on
- echo "Setting password for user root:"
- set +e # do not exit if passwd returns error due to missmatching passwords
- passwd
- echo ""
- set -e # restore default behaviour again
+
+ if [ -n "$ROOTPASSWORD" ] ; then
+ setpassword root "$ROOTPASSWD" false
+ export ROOTPASSWD=''
+ else
+ echo "Setting password for user root:"
+ set +e # do not exit if passwd returns error due to missmatching passwords
+ until passwd; do echo "Please try again to set the password:" ; done
+ echo
+ set -e # restore default behaviour again
+ fi
}
# }}}
# set up /etc/network/interfaces {{{
interfaces() {
- if ! [ -f /etc/network/interfaces ] ; then
+ touch /etc/network/interfaces
+ # make sure we add the entries only once
+ if ! grep -q eth0 /etc/network/interfaces ; then
echo "Setting up /etc/network/interfaces"
cat >> /etc/network/interfaces << EOF
+
+# loopback device:
iface lo inet loopback
-iface eth0 inet dhcp
auto lo
-auto eth0
+
+# eth0:
+# iface eth0 inet dhcp
+# auto eth0
+
EOF
fi
}
$UPDATEGRUB -y
if [ -f /boot/grub/menu.lst ] ; then
sed -i "s/^# groot=.*/# groot=(${GROOT})/g" /boot/grub/menu.lst
- sed -i "s|^# kopt=root=.*|# kopt=root=${TARGET} ro|g" /boot/grub/menu.lst
+ sed -i "s|^# kopt=root=.*|# kopt=root=${TARGET} ro ${BOOT_APPEND}|g" /boot/grub/menu.lst
# not sure why savedefault does not work for me; any ideas?
sed -i "s/^savedefault.*/# &/g" /boot/grub/menu.lst
$UPDATEGRUB -y
# make sure we don't have any running processes left {{{
services() {
for service in ssh mdadm mdadm-raid ; do
- [ -x "/etc/init.d/$service" ] && "/etc/init.d/$service" stop
+ if [ -x /etc/init.d/"$service" ] ; then
+ /etc/init.d/"$service" stop || /bin/true
+ fi
done
}
# }}}
# unmount all filesystems in chroot, make sure nothing is left {{{
finalize() {
+ # make sure we don't leave any sensible data
+ rm -f /etc/debootstrap/variables
umount -a 1>/dev/null 2>/dev/null || true
umount /proc 1>/dev/null 2>/dev/null || true
umount /proc 1>/dev/null 2>/dev/null || true
# }}}
# execute the functions {{{
- stage chrootmirror && chrootmirror && stage chrootmirror done
- stage grmlrepos && grmlrepos && stage grmlrepos done
- stage kernelimg_conf && kernelimg_conf && stage kernelimg_conf done
- stage makedev && makedev && stage makedev done
- stage packages && packages && stage packages done
- stage mkinitrd && mkinitrd && stage mkinitrd done
- stage kernel && kernel && stage kernel done
- stage reconfigure && reconfigure && stage reconfigure done
- stage passwords && passwords && stage passwords done
- stage hosts && hosts && stage hosts done
- stage interfaces && interfaces && stage interfaces done
- stage timezone && timezone && stage timezone done
- stage fstab && fstab && stage fstab done
- stage hostname && hostname && stage hostname done
- stage initrd && initrd && stage initrd done
- stage grub && grub && stage grub done
- stage services && services && stage services done
- stage finalize && finalize && stage finalize done
+ for i in chrootmirror grmlrepos kernelimg_conf makedev packages extrapackages \
+ mkinitrd kernel reconfigure hosts interfaces timezone fstab hostname \
+ initrd grub passwords services finalize ; do
+ if stage $i ; then
+ $i && stage $i done || exit 1
+ fi
+ done
# }}}
# finally exit the chroot {{{