# Authors: grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
# Bug-Reports: see http://grml.org/bugs/
# License: This file is licensed under the GPL v2.
-# Latest change: Mon Apr 16 18:39:21 CEST 2007 [mika]
+# Latest change: Tue Aug 26 20:59:31 CEST 2008 [mika]
################################################################################
set -e # exit on any error
. /etc/debootstrap/config || exit 1
. /etc/debootstrap/variables || exit 1
-[ -r /proc/1 ] || mount -t proc none /proc
+[ -r /proc/1 ] || mount -t proc none /proc
# variable checks {{{
echo "$2" > "$STAGES/$1"
return 0
elif grep -q done "$STAGES/$1" 2>/dev/null ; then
- echo "Notice: stage $1 has been executed already, skipping execution therefore.">&2
+ echo "[*] Notice: stage $1 has been executed already, skipping execution therefore.">&2
return 1
fi
}
# define chroot mirror {{{
chrootmirror() {
- if [ -n "$CHROOTMIRROR" ] ; then
- echo "deb $CHROOTMIRROR $RELEASE main contrib non-free" > /etc/apt/sources.list
+ if [ -n "$ISO" ] ; then
+ echo "deb $ISO $RELEASE main contrib" > /etc/apt/sources.list
+ [ -n "$CHROOTMIRROR" ] && echo "deb $CHROOTMIRROR $RELEASE main contrib non-free" >> /etc/apt/sources.list
+ else
+ if [ -n "$CHROOTMIRROR" ] ; then
+ echo "deb $CHROOTMIRROR $RELEASE main contrib non-free" > /etc/apt/sources.list
+ fi
fi
}
# }}}
grmlrepos() {
if [ -n "$GRMLREPOS" ] ; then
cat >> /etc/apt/sources.list << EOF
-# stable repository:
+
+# grml: stable repository:
deb http://deb.grml.org/ grml-stable main
deb-src http://deb.grml.org/ grml-stable main
-# testing/development repository:
+# grml: testing/development repository:
deb http://deb.grml.org/ grml-testing main
deb-src http://deb.grml.org/ grml-testing main
-'
+
+EOF
+ # make sure we have the keys available for aptitude
+ gpg --keyserver subkeys.pgp.net --recv-keys F61E2E7CECDEA787
+ gpg --export F61E2E7CECDEA787 | apt-key add - || /bin/true # not yet sure
+ # why it's necessary, sometimes we get an error even though it works [mika]
+
+ # make sure we install packages from grml's pool only if not available
+ # from Debian!
+ if ! grep -q grml /etc/apt/preferences 2>/dev/null ; then
+ cat >> /etc/apt/preferences << EOF
+// debian pool (default):
+Package: *
+Pin: release o=Debian
+Pin-Priority: 996
+
+// main grml-repository:
+Package: *
+Pin: origin deb.grml.org
+Pin-Priority: 991
EOF
+ fi
fi
}
# }}}
}
# }}}
+# make sure services do not start up {{{
+install_policy_rcd() {
+ if ! [ -r /usr/sbin/policy-rc.d ] ; then
+ export POLICYRCD=1
+ cat > /usr/sbin/policy-rc.d << EOF
+#!/bin/sh
+exit 101
+EOF
+ chmod 775 /usr/sbin/policy-rc.d
+ fi
+}
+# }}}
+
# install additional packages {{{
packages() {
if [ "$PACKAGES" = 'yes' ] ; then
# install extra packages {{{
extrapackages() {
- if [ "$EXTRAPACKAGES" = 'yes' ] ; then
+ if [ "$EXTRAPACKAGES" = 'yes' ] ; then
PACKAGELIST=$(find /etc/debootstrap/extrapackages -type f -name '*.deb')
if [ -n "$PACKAGELIST" ]; then
dpkg -i $PACKAGELIST
- # run apt again to resolve any deps
+ # run apt again to resolve any deps
DEBIAN_FRONTEND=$DEBIAN_FRONTEND $APTINSTALL
fi
fi
# }}}
# set password of user root {{{
-setpassword() {
-# Set a password, via chpasswd.
-# Use perl rather than echo, to avoid the password
-# showing in the process table. (However, this is normally
-# only called when first booting the system, when root has no
-# password at all, so that should be an unnecessary precaution).
-#
-# Pass in three arguments: the user, the password, and 'true' if the
-# password has been pre-crypted (by preseeding).
-#
-# Taken from /var/lib/dpkg/info/passwd.config
- SETPASSWD_PW="$2"
- export SETPASSWD_PW
-
- # This is very annoying. chpasswd cannot handle generating md5
- # passwords as it is not PAM-aware. Thus, I have to work around
- # that by crypting the password myself if md5 is used.
- USE_MD5=1
- export USE_MD5
-
- if [ "$3" = true ]; then
- PRECRYPTED=1
- else
- PRECRYPTED=''
- fi
- export PRECRYPTED
- LC_ALL=C LANGUAGE=C LANG=C perl -e '
- sub CreateCryptSalt {
- my $md5 = shift;
-
- my @valid = split(//, "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ");
- my ($in, $out);
-
- my $cryptsaltlen = ($md5 ? 8 : 2);
-
- open (F, "</dev/urandom") || die "No /dev/urandom found!";
- foreach (1..$cryptsaltlen) {
- read(F, $in, 1);
- $out .= $valid[ord($in) % ($#valid + 1)];
- }
- close F;
- return ($md5 ? "\$1\$$out\$" : $out);
- }
-
- open(P,"| chpasswd -e");
- if ($ENV{PRECRYPTED}) {
- print P shift().":$ENV{SETPASSWD_PW}\n";
- } else {
- print P shift().":".
- crypt($ENV{SETPASSWD_PW}, CreateCryptSalt($ENV{USE_MD5})).
- "\n";
- }
- close P;
- ' "$1"
- SETPASSWD_PW=''
- USE_MD5=''
- PRECRYPTED=''
-}
-
passwords() {
echo "Activating shadow passwords."
shadowconfig on
if [ -n "$ROOTPASSWORD" ] ; then
- setpassword root "$ROOTPASSWD" false
+ echo root:"$ROOTPASSWD" | chpasswd -m
export ROOTPASSWD=''
else
echo "Setting password for user root:"
- set +e # do not exit if passwd returns error due to missmatching passwords
- passwd
- echo ""
- set -e # restore default behaviour again
+ echo -n "Enter new UNIX password for user root: "
+ read -s a
+ echo root:"$a" | chpasswd -m
+ unset a
+ echo
fi
}
# }}}
# set up /etc/network/interfaces {{{
interfaces() {
- if ! [ -f /etc/network/interfaces ] ; then
+ if ! [ -r /etc/network/interfaces ] ; then
echo "Setting up /etc/network/interfaces"
cat >> /etc/network/interfaces << EOF
+
+# loopback device:
iface lo inet loopback
-iface eth0 inet dhcp
auto lo
-auto eth0
+
+# eth0:
+# iface eth0 inet dhcp
+# auto eth0
+
EOF
fi
}
echo "Setting up /etc/fstab"
cat > /etc/fstab << EOF
$TARGET / auto defaults,errors=remount-ro 0 1
-/sys /sys sysfs rw,nosuid,nodev,noexec 0 0
-proc /proc proc defaults 0 0
-/dev/cdrom /mnt/cdrom0 iso9660 ro,user,noauto 0 0
+proc /proc proc defaults 0 0
+/sys /sys sysfs noauto,rw,nosuid,nodev,noexec 0 0
+/dev/cdrom /mnt/cdrom0 iso9660 ro,user,noauto 0 0
# some other examples:
# /dev/sda2 none swap sw 0 0
# /dev/hda1 /Grml ext3 dev,suid,user,noauto 0 2
# make sure we don't have any running processes left {{{
services() {
for service in ssh mdadm mdadm-raid ; do
- [ -x "/etc/init.d/$service" ] && "/etc/init.d/$service" stop
+ if [ -x /etc/init.d/"$service" ] ; then
+ /etc/init.d/"$service" stop || /bin/true
+ fi
done
}
# }}}
finalize() {
# make sure we don't leave any sensible data
rm -f /etc/debootstrap/variables
+ [ -n "$POLICYRCD" ] && rm -f /usr/sbin/policy-rc.d
umount -a 1>/dev/null 2>/dev/null || true
umount /proc 1>/dev/null 2>/dev/null || true
umount /proc 1>/dev/null 2>/dev/null || true
# }}}
# execute the functions {{{
- stage chrootmirror && chrootmirror && stage chrootmirror done
- stage grmlrepos && grmlrepos && stage grmlrepos done
- stage kernelimg_conf && kernelimg_conf && stage kernelimg_conf done
- stage makedev && makedev && stage makedev done
- stage packages && packages && stage packages done
- stage extrapackages && extrapackages && stage extrapackages done
- stage mkinitrd && mkinitrd && stage mkinitrd done
- stage kernel && kernel && stage kernel done
- stage reconfigure && reconfigure && stage reconfigure done
- stage hosts && hosts && stage hosts done
- stage interfaces && interfaces && stage interfaces done
- stage timezone && timezone && stage timezone done
- stage fstab && fstab && stage fstab done
- stage hostname && hostname && stage hostname done
- stage initrd && initrd && stage initrd done
- stage grub && grub && stage grub done
- stage passwords && passwords && stage passwords done
- stage services && services && stage services done
- stage finalize && finalize && stage finalize done
+ for i in chrootmirror grmlrepos kernelimg_conf makedev install_policy_rcd \
+ packages extrapackages mkinitrd kernel reconfigure hosts interfaces \
+ timezone fstab hostname initrd grub passwords services finalize ; do
+ if stage $i ; then
+ $i && stage $i done || exit 1
+ fi
+ done
# }}}
# finally exit the chroot {{{
projects / grml-debootstrap.git / blobdiff