-#!/bin/sh
-# Filename: /etc/grml/fai/config/hooks/instsoft.GRML
-# Purpose: grml specific Debian installation in the chroot
+#!/bin/bash
+# Filename: ${GRML_FAI_CONFIG}/hooks/instsoft.GRMLBASE
+# Purpose: Grml specific software installation in the chroot, executed after updatebase
# Authors: grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
# Bug-Reports: see http://grml.org/bugs/
# License: This file is licensed under the GPL v2 or any later version.
-# Latest change: Sun Nov 04 11:01:20 CET 2007 [mika]
################################################################################
set -u
set -e
-# visualize chroot inside zsh:
-echo grml_chroot > $target/etc/debian_chroot
+# if hooks/updatebase.GRMLBASE fails for whatever reason
+# and can't skip instsoft.GRMLBASE we have to make sure
+# we exit here as well
+if [ -n "$BUILD_ONLY" ] ; then
+ "Exiting hooks/instsoft.GRMLBASE as BUILD_ONLY environment is set."
+ exit 0
+fi
if [ "$FAI_ACTION" = "softupdate" ] ; then
- echo "Softupdate of FAI via grml-live running"
+ echo "Action $FAI_ACTION of FAI (hooks/instsoft.GRMLBASE) via grml-live running"
if [ -r /etc/resolv.conf ] ; then
- cat /etc/resolv.conf >> $target/etc/resolv.conf
+ if [ -d $target/etc/resolvconf/run ] ; then # resolvconf without /run
+ # sanity check to avoid "input file is output file",
+ # see http://bts.grml.org/grml/issue984
+ if ! [ -L $target/etc/resolvconf/run/resolv.conf ] ; then
+ cat /etc/resolv.conf >> $target/etc/resolvconf/run/resolv.conf
+ else
+ echo "Error: /etc/resolvconf/run/resolv.conf in chroot should not be a symlink." >&2
+ echo " Looks like something is wrong, please fix manually." >&2
+ exit 1
+ fi
+ elif [ -L $target/etc/resolvconf/run ] ; then # resolvconf with /run
+ # /etc/resolvconf/run symlinks to /run/resolvconf
+ mkdir -p $target/run/resolvconf
+ cat /etc/resolv.conf >> $target/run/resolvconf/resolv.conf
+ else # no resolvconf installed in chroot
+ if ! [ -L $target/etc/resolv.conf ] ; then
+ cat /etc/resolv.conf >> $target/etc/resolv.conf
+ else
+ echo "Error: /etc/resolv.conf in chroot should not be a symlink (resolvconf not installed)." >&2
+ exit 1
+ fi
+ fi
fi
- # make sure we prefer grml repository:
- if [ -r /etc/grml/fai/apt/preferences ] ; then
- cp /etc/grml/fai/apt/preferences $target/etc/apt/preferences
+ if [ -r $target/etc/policy-rc.d.conf ] ; then
+ sed -i "s/EXITSTATUS=.*/EXITSTATUS='101'/" $target/etc/policy-rc.d.conf
fi
- if [ -r /etc/grml/fai/apt/sources.list ] ; then
- if [ -L $target/etc/apt/sources.list ] ; then
- rm $target/etc/apt/sources.list
- fi
- cp /etc/grml/fai/apt/sources.list $target/etc/apt/sources.list
+ # we definitely don't want to fail running fai sofupdate just
+ # because of some well known bugs:
+ [ -d $target/etc/apt/apt.conf.d ] || mkdir $target/etc/apt/apt.conf.d
+ cat > $target/etc/apt/apt.conf.d/10apt-listbugs << EOF
+// Check all packages whether they has critical bugs before they are installed.
+// If you don't like it, comment it out.
+//DPkg::Pre-Install-Pkgs {"/usr/sbin/apt-listbugs apt || exit 10"};
+//DPkg::Tools::Options::/usr/sbin/apt-listbugs "";
+//DPkg::Tools::Options::/usr/sbin/apt-listbugs::Version "2";
+EOF
+
+ # run it on our own, as updatebase is used at the wrong stage for our needs,
+ # see ${GRML_FAI_CONFIG}/hooks/updatebase.GRMLBASE
+ # the apt-get update might return an error if there's for example
+ # a hashsum mismatch on Debian mirror sources, we might want to continue
+ # but should warn the user
+ if ! $ROOTCMD apt-get update ; then
+ echo "Warning: there was an error executing apt-get update, continuing anyway."
fi
- $ROOTCMD apt-get update
+ # work around /etc/kernel/postinst.d/zz-update-grub failing
+ # inside openvz environment, see #597084
+ if ! $ROOTCMD dpkg-divert --list | grep -q '/usr/sbin/update-grub' ; then
+ echo "Diverting update-grub executable"
+ $ROOTCMD dpkg-divert --rename --add /usr/sbin/update-grub
+ $ROOTCMD ln -s /bin/true /usr/sbin/update-grub
+ fi
+
+ # newer aptitude versions won't remove essential packages using
+ # 'aptitude -f -y install file-rc' anymore, therefore force it:
+ $ROOTCMD aptitude -o Aptitude::ProblemResolver::Keep-All-Tier=60000 -f -y install file-rc
-else # no softupdate but fresh installation
+ if ! $ROOTCMD test -x /usr/bin/aptitude ; then
+ $ROOTCMD apt-get -y install aptitude
+ fi
-# work around http://trac.lighttpd.net/trac/ticket/657
-# should be removed later on:
-echo "Acquire::http::Pipeline-Depth "0"; // added by grml-live" >> $target/etc/apt/apt.conf
+ if $ROOTCMD test -x /usr/bin/aptitude ; then
+ if $ROOTCMD aptitude --help | grep -q safe-upgrade ; then
+ APT_LISTCHANGES_FRONTEND=none APT_LISTBUGS_FRONTEND=none $ROOTCMD aptitude -y safe-upgrade
+ else
+ APT_LISTCHANGES_FRONTEND=none APT_LISTBUGS_FRONTEND=none $ROOTCMD aptitude -y upgrade
+ fi
+ else
+ APT_LISTCHANGES_FRONTEND=none APT_LISTBUGS_FRONTEND=none $ROOTCMD apt-get -y --force-yes upgrade
+ fi
-# Recommends just pull in way tooooo much packages, so disable it:
-echo "APT::Install-Recommends "false"; // added by grml-live" >> $target/etc/apt/apt.conf
+ exit # make sure we don't continue behind the following "fi"
+fi
-# install grml keys:
-gpg --keyserver subkeys.pgp.net --recv-keys F61E2E7CECDEA787 || \
-gpg --keyserver blackhole.pca.dfn.de --recv-keys F61E2E7CECDEA787
-gpg --export F61E2E7CECDEA787 > $target/etc/apt/grml.key
-$ROOTCMD apt-key add /etc/apt/grml.key
+# no softupdate but fresh installation
+echo "Action $FAI_ACTION of FAI (hooks/instsoft.GRMLBASE) via grml-live running"
-# make sure we prefer grml repository:
-if [ -r /etc/grml/fai/files/etc/apt/preferences ] ; then
- cp /etc/grml/fai/apt/preferences $target/etc/apt/preferences
+# make sure we have file-rc available before package_config/GRML* is being executed {{{
+# the apt-get update might return an error if there's for example
+# a hashsum mismatch on Debian mirror sources, we might want to continue
+# but should warn the user
+if ! $ROOTCMD apt-get update ; then
+ echo "Warning: there was an error executing apt-get update, continuing anyway."
+ echo "Warning: there was an error executing apt-get update, continuing anyway." >&2
fi
-# make sure we have file-rc available before
-# package_config/GRML is being executed:
-$ROOTCMD apt-get update
-$ROOTCMD aptitude -f -y install file-rc
+# newer aptitude versions won't remove essential packages using
+# 'aptitude -f -y install file-rc' anymore, therefore force it via:
+$ROOTCMD aptitude -o Aptitude::ProblemResolver::Keep-All-Tier=60000 -f -y install file-rc
+# }}}
-# Workaround #443481 of snort for Debian/etch:
-mkdir -p $target/etc/snort
-echo 'LOGDIR=/var/log/snort' >> $target/etc/snort/snort.common.parameters
+# get rid of insserv:
+if $ROOTCMD dpkg --list insserv 2>/dev/null | grep -q '^ii' ; then
+ $ROOTCMD apt-get -y --purge remove insserv
+fi
# we definitely don't want to fail running fai dirinstall just
# because of some well known bugs:
$ROOTCMD dpkg-divert --package fai --rename --remove /usr/sbin/invoke-rc.d
fi
-fi # end of FAI_ACTION = softupdate
-
## END OF FILE #################################################################
-# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=3
+# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2
projects / grml-live.git / blobdiff