# Authors: grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
# Bug-Reports: see http://grml.org/bugs/
# License: This file is licensed under the GPL v2.
-# Latest change: Mon Apr 16 14:48:41 CEST 2007 [mika]
+# Latest change: Mon Apr 16 18:39:21 CEST 2007 [mika]
################################################################################
set -e # exit on any error
[ -r /proc/1 ] || mount -t proc none /proc
+# variable checks {{{
+
# use aptitude only if it's available
if [ -x /usr/bin/aptitude ] ; then
APTINSTALL='aptitude -y install '
APTUPDATE='apt-get update'
fi
-# variable checks {{{
if [ -z "$STAGES" ] ; then
STAGES='/etc/debootstrap/stages'
[ -d "$STAGES" ] || mkdir -p "$STAGES"
echo "$2" > "$STAGES/$1"
return 0
elif grep -q done "$STAGES/$1" 2>/dev/null ; then
- ewarn "Notice: stage $1 has been executed already, skipping execution therefore." ; eend 0
+ echo "Notice: stage $1 has been executed already, skipping execution therefore.">&2
return 1
fi
}
exit 1
else
$APTUPDATE
- $APTINSTALL $(cat /etc/debootstrap/packages) $GRMLPACKAGES
+ DEBIAN_FRONTEND=$DEBIAN_FRONTEND $APTINSTALL $(cat /etc/debootstrap/packages) $GRMLPACKAGES
fi
fi
}
else
KERNELPACKAGES="linux-image-$KERNEL linux-headers-$KERNEL"
fi
- $APTINSTALL $KERNELPACKAGES
+ DEBIAN_FRONTEND=$DEBIAN_FRONTEND $APTINSTALL $KERNELPACKAGES
fi
}
# }}}
reconfigure() {
if [ -n "$RECONFIGURE" ] ; then
for package in $RECONFIGURE ; do
- dpkg --list $package 1>/dev/null 2>/dev/null && dpkg-reconfigure $package || echo "Warning: $package does not exist, can not reconfigure it."
+ dpkg --list $package 1>/dev/null 2>/dev/null && \
+ DEBIAN_FRONTEND=$DEBIAN_FRONTEND dpkg-reconfigure $package || \
+ echo "Warning: $package does not exist, can not reconfigure it."
done
fi
}
# }}}
# set password of user root {{{
+setpassword() {
+# Set a password, via chpasswd.
+# Use perl rather than echo, to avoid the password
+# showing in the process table. (However, this is normally
+# only called when first booting the system, when root has no
+# password at all, so that should be an unnecessary precaution).
+#
+# Pass in three arguments: the user, the password, and 'true' if the
+# password has been pre-crypted (by preseeding).
+#
+# Taken from /var/lib/dpkg/info/passwd.config
+ SETPASSWD_PW="$2"
+ export SETPASSWD_PW
+
+ # This is very annoying. chpasswd cannot handle generating md5
+ # passwords as it is not PAM-aware. Thus, I have to work around
+ # that by crypting the password myself if md5 is used.
+ USE_MD5=1
+ export USE_MD5
+
+ if [ "$3" = true ]; then
+ PRECRYPTED=1
+ else
+ PRECRYPTED=''
+ fi
+ export PRECRYPTED
+ LC_ALL=C LANGUAGE=C LANG=C perl -e '
+ sub CreateCryptSalt {
+ my $md5 = shift;
+
+ my @valid = split(//, "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ");
+ my ($in, $out);
+
+ my $cryptsaltlen = ($md5 ? 8 : 2);
+
+ open (F, "</dev/urandom") || die "No /dev/urandom found!";
+ foreach (1..$cryptsaltlen) {
+ read(F, $in, 1);
+ $out .= $valid[ord($in) % ($#valid + 1)];
+ }
+ close F;
+ return ($md5 ? "\$1\$$out\$" : $out);
+ }
+
+ open(P,"| chpasswd -e");
+ if ($ENV{PRECRYPTED}) {
+ print P shift().":$ENV{SETPASSWD_PW}\n";
+ } else {
+ print P shift().":".
+ crypt($ENV{SETPASSWD_PW}, CreateCryptSalt($ENV{USE_MD5})).
+ "\n";
+ }
+ close P;
+ ' "$1"
+ SETPASSWD_PW=''
+ USE_MD5=''
+ PRECRYPTED=''
+}
+
passwords() {
echo "Activating shadow passwords."
shadowconfig on
- echo "Setting password for user root:"
- set +e # do not exit if passwd returns error due to missmatching passwords
- passwd
- echo ""
- set -e # restore default behaviour again
+
+ if [ -n "$ROOTPASSWORD" ] ; then
+ setpassword root "$ROOTPASSWD" false
+ export ROOTPASSWD=''
+ else
+ echo "Setting password for user root:"
+ set +e # do not exit if passwd returns error due to missmatching passwords
+ passwd
+ echo ""
+ set -e # restore default behaviour again
+ fi
}
# }}}
# unmount all filesystems in chroot, make sure nothing is left {{{
finalize() {
+ # make sure we don't leave any sensible data
+ rm -f /etc/debootstrap/variables
umount -a 1>/dev/null 2>/dev/null || true
umount /proc 1>/dev/null 2>/dev/null || true
umount /proc 1>/dev/null 2>/dev/null || true
stage mkinitrd && mkinitrd && stage mkinitrd done
stage kernel && kernel && stage kernel done
stage reconfigure && reconfigure && stage reconfigure done
- stage passwords && passwords && stage passwords done
stage hosts && hosts && stage hosts done
stage interfaces && interfaces && stage interfaces done
stage timezone && timezone && stage timezone done
stage hostname && hostname && stage hostname done
stage initrd && initrd && stage initrd done
stage grub && grub && stage grub done
+ stage passwords && passwords && stage passwords done
stage services && services && stage services done
stage finalize && finalize && stage finalize done
# }}}