#!/bin/sh # Filename: /etc/grml/fai/config/hooks/instsoft.GRML # Purpose: grml specific Debian installation in the chroot # Authors: grml-team (grml.org), (c) Michael Prokop # Bug-Reports: see http://grml.org/bugs/ # License: This file is licensed under the GPL v2 or any later version. ################################################################################ set -u set -e # visualize chroot inside zsh: echo grml_chroot > $target/etc/debian_chroot HOSTNAME='' [ -r /etc/grml/grml-live.conf ] && . /etc/grml/grml-live.conf [ -r /etc/grml/grml-live.local ] && . /etc/grml/grml-live.local [ -n "$HOSTNAME" ] || HOSTNAME=grml echo "$HOSTNAME" > $target/etc/hostname if [ "$FAI_ACTION" = "softupdate" ] ; then echo "Softupdate of FAI via grml-live running" if [ -r /etc/resolv.conf ] ; then if [ -r $target/etc/resolvconf/run/resolv.conf ] ; then cat /etc/resolv.conf >> $target/etc/resolvconf/run/resolv.conf else cat /etc/resolv.conf >> $target/etc/resolv.conf fi fi if [ -r $target/etc/policy-rc.d.conf ] ; then sed -i "s/EXITSTATUS=.*/EXITSTATUS='101'/" $target/etc/policy-rc.d.conf fi # we definitely don't want to fail running fai sofupdate just # because of some well known bugs: [ -d $target/etc/apt/apt.conf.d ] || mkdir $target/etc/apt/apt.conf.d cat > $target/etc/apt/apt.conf.d/10apt-listbugs << EOF // Check all packages whether they has critical bugs before they are installed. // If you don't like it, comment it out. //DPkg::Pre-Install-Pkgs {"/usr/sbin/apt-listbugs apt || exit 10"}; //DPkg::Tools::Options::/usr/sbin/apt-listbugs ""; //DPkg::Tools::Options::/usr/sbin/apt-listbugs::Version "2"; EOF # make sure we can handle kernel upgrades: if [ -r $target/etc/kernel-img.conf ] ; then if ! grep -q "silent_modules = Yes" $target/etc/kernel-img.conf ; then echo "silent_modules = Yes" >> $target/etc/kernel-img.conf fi fi # FAI softupdate executes upgrade only with the sources.list being # present in the chroot :-/ - so let's do it on our own: if [ -r /etc/grml/fai/apt/sources.list ] ; then if [ -L $target/etc/apt/sources.list ] ; then rm $target/etc/apt/sources.list fi cp /etc/grml/fai/apt/sources.list $target/etc/apt/sources.list fi # run it on our own, as updatebase is used at the wrong stage for our needs, # see /etc/grml/fai/config/hooks/updatebase.GRMLBASE $ROOTCMD apt-get update if ! [ -x $target/usr/bin/aptitude ] ; then $ROOTCMD apt-get -y install aptitude fi if [ -x $target/usr/bin/aptitude ] ; then if $ROOTCMD aptitude --help | grep -q safe-upgrade ; then $ROOTCMD aptitude -y safe-upgrade else $ROOTCMD aptitude -y upgrade fi else $ROOTCMD apt-get -y upgrade fi else # no softupdate but fresh installation # install all apt related files if [ -r /etc/grml/fai/files/etc/apt ] ; then cp -a /etc/grml/fai/files/etc/apt/* $target/etc/apt/ fi # install all present (but at least the grml) gpg keys: if [ -r /etc/grml/fai/files/etc/apt/grml.key ] ; then for file in /etc/grml/fai/files/etc/apt/*.key ; do FILE="$(basename $file)" # installed via 'cp -a /etc/grml/fai/files/etc/apt/* $target/etc/apt/' above already # cp $file $target/etc/apt/"$FILE" $ROOTCMD apt-key add /etc/apt/"$FILE" done else gpg --keyserver subkeys.pgp.net --recv-keys F61E2E7CECDEA787 || \ gpg --keyserver blackhole.pca.dfn.de --recv-keys F61E2E7CECDEA787 gpg --export F61E2E7CECDEA787 > $target/etc/apt/grml.key $ROOTCMD apt-key add /etc/apt/grml.key fi # work around http://trac.lighttpd.net/trac/ticket/657 if ! grep -q 'Acquire::http::Pipeline-Depth.*0' $target/etc/apt/apt.conf ; then echo "Acquire::http::Pipeline-Depth 0; // added by grml-live" >> $target/etc/apt/apt.conf fi # Recommends just pull in way tooooo much packages, so disable it: if ! grep -q 'APT::Install-Recommends.*false' $target/etc/apt/apt.conf ; then echo "APT::Install-Recommends false; // added by grml-live" >> $target/etc/apt/apt.conf fi # Notice: deprecated with aptitude (0.4.11-1): if ! grep -q 'Aptitude::Recommends-Important.*false' $target/etc/apt/apt.conf ; then echo "Aptitude::Recommends-Important false; // added by grml-live" >> $target/etc/apt/apt.conf fi # make sure we have file-rc available before # package_config/GRML is being executed: $ROOTCMD apt-get update $ROOTCMD aptitude -f -y install file-rc # Workaround #443481 of snort for Debian/etch: mkdir -p $target/etc/snort echo 'LOGDIR=/var/log/snort' >> $target/etc/snort/snort.common.parameters # we definitely don't want to fail running fai dirinstall just # because of some well known bugs: [ -d $target/etc/apt/apt.conf.d ] || mkdir $target/etc/apt/apt.conf.d cat > $target/etc/apt/apt.conf.d/10apt-listbugs << EOF // Check all packages whether they has critical bugs before they are installed. // If you don't like it, comment it out. //DPkg::Pre-Install-Pkgs {"/usr/sbin/apt-listbugs apt || exit 10"}; //DPkg::Tools::Options::/usr/sbin/apt-listbugs ""; //DPkg::Tools::Options::/usr/sbin/apt-listbugs::Version "2"; EOF # make sure /dev/MAKEDEV is available: if [ -x "$target"/sbin/MAKEDEV ] && ! [ -r "$target"/dev/MAKEDEV ] ; then ln -s /sbin/MAKEDEV "$target"/dev/MAKEDEV fi # we don't need the invoke-rc.d.d diversion (we have grml-policyrcd :)): if [ -L "$target"/usr/sbin/invoke-rc.d ] ; then rm -f "$target"/usr/sbin/invoke-rc.d $ROOTCMD dpkg-divert --package fai --rename --remove /usr/sbin/invoke-rc.d fi fi # end of FAI_ACTION = softupdate ## END OF FILE ################################################################# # vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=3