From 85fb3ef27157d4110482553454751e5da33afecd Mon Sep 17 00:00:00 2001 From: Michael Prokop Date: Mon, 16 Apr 2007 19:10:52 +0200 Subject: [PATCH] Support setting password for user root --- TODO | 2 +- chroot-script | 84 +++++++++++++++++++++++++++++++++++++++++++++++----- config | 6 +++- grml-debootstrap | 83 ++++++++++++++++++++++++++++++++++++++------------- grml-debootstrap.txt | 6 ++++ 5 files changed, 151 insertions(+), 30 deletions(-) diff --git a/TODO b/TODO index f362a6b..99b777b 100644 --- a/TODO +++ b/TODO @@ -6,7 +6,7 @@ TODO list for grml-debootstrap * grml-etc-core * grml-x + xserver-xorg [configuration of X] * support selection between DESKTOP/WORKSTATION and SERVER (provide default packages selection) -* support *full* automatic installation where not a single keypress is necessary (in progress) +* support *full* automatic installation where not a single keypress is necessary (done) -> support bootoption debian2hd for installation through bootoption on live-cd * support for LVM + SW-RAID [should work through installation into directory, needs testing though] * support rpmstrap (bootstrap a basic RPM-based system) diff --git a/chroot-script b/chroot-script index 0dc55be..d4ebff2 100644 --- a/chroot-script +++ b/chroot-script @@ -4,7 +4,7 @@ # Authors: grml-team (grml.org), (c) Michael Prokop # Bug-Reports: see http://grml.org/bugs/ # License: This file is licensed under the GPL v2. -# Latest change: Mon Apr 16 15:26:11 CEST 2007 [mika] +# Latest change: Mon Apr 16 18:39:21 CEST 2007 [mika] ################################################################################ set -e # exit on any error @@ -14,6 +14,8 @@ set -e # exit on any error [ -r /proc/1 ] || mount -t proc none /proc +# variable checks {{{ + # use aptitude only if it's available if [ -x /usr/bin/aptitude ] ; then APTINSTALL='aptitude -y install ' @@ -23,7 +25,6 @@ else APTUPDATE='apt-get update' fi -# variable checks {{{ if [ -z "$STAGES" ] ; then STAGES='/etc/debootstrap/stages' [ -d "$STAGES" ] || mkdir -p "$STAGES" @@ -139,14 +140,79 @@ reconfigure() { # }}} # set password of user root {{{ +setpassword() { +# Set a password, via chpasswd. +# Use perl rather than echo, to avoid the password +# showing in the process table. (However, this is normally +# only called when first booting the system, when root has no +# password at all, so that should be an unnecessary precaution). +# +# Pass in three arguments: the user, the password, and 'true' if the +# password has been pre-crypted (by preseeding). +# +# Taken from /var/lib/dpkg/info/passwd.config + SETPASSWD_PW="$2" + export SETPASSWD_PW + + # This is very annoying. chpasswd cannot handle generating md5 + # passwords as it is not PAM-aware. Thus, I have to work around + # that by crypting the password myself if md5 is used. + USE_MD5=1 + export USE_MD5 + + if [ "$3" = true ]; then + PRECRYPTED=1 + else + PRECRYPTED='' + fi + export PRECRYPTED + LC_ALL=C LANGUAGE=C LANG=C perl -e ' + sub CreateCryptSalt { + my $md5 = shift; + + my @valid = split(//, "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"); + my ($in, $out); + + my $cryptsaltlen = ($md5 ? 8 : 2); + + open (F, "/dev/null 2>/dev/null || true umount /proc 1>/dev/null 2>/dev/null || true umount /proc 1>/dev/null 2>/dev/null || true @@ -305,7 +373,6 @@ finalize() { stage mkinitrd && mkinitrd && stage mkinitrd done stage kernel && kernel && stage kernel done stage reconfigure && reconfigure && stage reconfigure done - stage passwords && passwords && stage passwords done stage hosts && hosts && stage hosts done stage interfaces && interfaces && stage interfaces done stage timezone && timezone && stage timezone done @@ -313,6 +380,7 @@ finalize() { stage hostname && hostname && stage hostname done stage initrd && initrd && stage initrd done stage grub && grub && stage grub done + stage passwords && passwords && stage passwords done stage services && services && stage services done stage finalize && finalize && stage finalize done # }}} diff --git a/config b/config index 8332b6c..9a66f30 100644 --- a/config +++ b/config @@ -3,7 +3,7 @@ # Authors: grml-team (grml.org), (c) Michael Prokop # Bug-Reports: see http://grml.org/bugs/ # License: This file is licensed under the GPL v2. -# Latest change: Mon Apr 16 14:17:19 CEST 2007 [mika] +# Latest change: Mon Apr 16 18:45:19 CEST 2007 [mika] ################################################################################ ################################################################################ @@ -76,6 +76,10 @@ HOSTNAME='grml' # use 2.6-686 for i386 and 2.6-amd64 for amd64 # KERNEL='2.6-686' +# set password of user root without prompting, please use with caution +# only, because you usually don't want to share your password(s) ;-) +# ROOTPASSWORD='' + # name of debootstrap executable # supported values: debootstrap cdebootstrap DEBOOTSTRAP='debootstrap' diff --git a/grml-debootstrap b/grml-debootstrap index 0f61061..2682e1e 100755 --- a/grml-debootstrap +++ b/grml-debootstrap @@ -4,7 +4,7 @@ # Authors: grml-team (grml.org), (c) Michael Prokop # Bug-Reports: see http://grml.org/bugs/ # License: This file is licensed under the GPL v2. -# Latest change: Mon Apr 16 15:42:34 CEST 2007 [mika] +# Latest change: Mon Apr 16 19:10:16 CEST 2007 [mika] ################################################################################ # http://www.debian.org/releases/stable/i386/index.html.en @@ -33,14 +33,32 @@ fi # cmdline handling {{{ usage() { - einfo "$0 - wrapper around debootstrap for installing plain Debian via grml" - einfo "Adjust /etc/debootstrap/config and invoke $0 afterwards." + einfo "$0 - version $VERSION" + echo " A wrapper around debootstrap for installing plain Debian via grml" + echo + einfo "Usage: $0 [options]" + echo " Adjust /etc/debootstrap/config and invoke $0 afterwards or use the cmdline option:" + echo + einfo "Valid options:" + echo " + -h|--help Print this usage information and exit. + -v|--version Show summary of options and exit. + + -t|--target Target partition (/dev/...) or directory. + -r|--release Specify release of new Debian system. Supported relases: sarge, etch, lenny and sid. + -m|--mirror Specify mirror which should be used for apt-get/aptitude. + -p|--mntpoint Specify mountpoint that should be used for mounting the target system. + --groot Specify root device for usage in grub (corresponds with \$TARGET). + --grub Where do you want to install grub to? Use grub syntax for specifying. + --password Use specified password as password for user root. Use with caution. + +" } while [ "$#" -gt "0" ] ; do case $1 in -v|--version) - einfo "$0 version $VERSION" + einfo "$0 - version $VERSION" einfo "Send bug reports to Michael Prokop ." eend 0 exit 0 @@ -65,6 +83,10 @@ while [ "$#" -gt "0" ] ; do shift MNTPOINT=$1 ;; + --password) + shift + ROOTPASSWORD=$1 + ;; -m|--mirror) shift MIRROR=$1 @@ -132,12 +154,15 @@ else fi # provide variables to chroot system -[ -n "$ARCH" ] && echo "ARCH=$ARCH" > /etc/debootstrap/variables +touch /etc/debootstrap/variables +chmod 600 /etc/debootstrap/variables # make sure nobody except root can read it +[ -n "$ARCH" ] && echo "ARCH=$ARCH" > /etc/debootstrap/variables [ -n "$GRUB" ] && echo "GRUB=$GRUB" >> /etc/debootstrap/variables [ -n "$GROOT" ] && echo "GROOT=$GROOT" >> /etc/debootstrap/variables [ -n "$TARGET" ] && echo "TARGET=$TARGET" >> /etc/debootstrap/variables [ -n "$MIRROR" ] && echo "MIRROR=$MIRROR" >> /etc/debootstrap/variables -[ -n "$CHROOTMIRROR" ] && echo "CHROOTMIRROR=$CHROOTMIRROR" >> /etc/debootstrap/variables +[ -n "$MIRROR" ] && echo "MIRROR=$MIRROR" >> /etc/debootstrap/variables +[ -n "$ROOTPASSWORD" ] && echo "ROOTPASSWORD=$ROOTPASSWORD" >> /etc/debootstrap/variables # make sure at least $TARGET is set [the partition for the new system] if [ -z "$TARGET" ] ; then @@ -182,20 +207,38 @@ stage() { # }}} # user should recheck his configuration {{{ -einfo "$0 - Please recheck configuration before execution:" -echo " - Target: $TARGET" - case "$MNTPOINT" in "$TARGET") ;; *) echo " Mount-point: $MNTPOINT" ;; esac - [ -n "$GRUB" ] && echo " Install grub to: $GROOT / $GRUB" - [ -n "$MIRROR" ] && echo " Using mirror: $MIRROR" - case "$MNTPOINT" in "$TARGET") ;; *) echo " Important! Continuing will delete all data from ${TARGET}!" ;; esac - echo -einfon "Is this ok for you? [y/N] " - -read a -if ! [ "$a" = 'y' -o "$a" = 'Y' ] ; then - eerror "Exiting as requested." ; eend 1 - exit 1 +# support full automatic installation: +checkforrun() { + dialog --timeout 10 --title "$0" \ + --yesno "Do you want to stop at this stage? + +Notice: you are running grml-debootstrap in non-interactive mode. +grml-debootstrap will install Debian ${RELEASE} on ${TARGET}. +Last chance to quit. Timeout of 10 seconds running.... + +Do you want to stop now?" 0 0 2>/dev/null +} + +if [ -n "$AUTOINSTALL" ] ; then + if checkforrun ; then + eerror "Exiting as requested" ; eend 0 + exit 1 + fi +else # if not running automatic installation display configuration and prompt for execution: + einfo "$0 - Please recheck configuration before execution:" + echo " + Target: $TARGET" + case "$MNTPOINT" in "$TARGET") ;; *) echo " Mount-point: $MNTPOINT" ;; esac + [ -n "$GRUB" ] && echo " Install grub to: $GROOT / $GRUB" + [ -n "$MIRROR" ] && echo " Using mirror: $MIRROR" + case "$MNTPOINT" in "$TARGET") ;; *) echo " Important! Continuing will delete all data from ${TARGET}!" ;; esac + echo + einfon "Is this ok for you? [y/N] " + read a + if ! [ "$a" = 'y' -o "$a" = 'Y' ] ; then + eerror "Exiting as requested." ; eend 1 + exit 1 + fi fi # }}} diff --git a/grml-debootstrap.txt b/grml-debootstrap.txt index e13cbe0..7f8f2ef 100644 --- a/grml-debootstrap.txt +++ b/grml-debootstrap.txt @@ -61,6 +61,12 @@ Corresponding with configuration variables MIRROR and CHROOTMIRROR. Specify mountpoint that should be used for mounting the target system. Corresponding with configuration variable MNTPOINT. + --password + +Use specified password as password for user root. Use with caution, as your +commandline might be visible in the process list and the shell history. +It's meant for automatic installation only. + -r, --release Specify release of new Debian system. Supported relases: sarge, etch, lenny and sid. -- 2.1.4