* DEBORPHAN: get rid of all packages listed in output of deborphan
+* FILE_RC: instead of using systemd as init system use file-rc instead. file-rc
+was the init system used by Grml until and including stable release 2014.11,
+starting with beginning of 2016 Grml switched to systemd instead. If you want to
+build a live system in the old style using file-rc instead of systemd then enable
+this class. Please notice that support for file-rc is no longer being actively
+maintained (the Grml team happily accepts patches though) and file-rc (upstream
+wise) might disappear too.
+
* FRESHCLAM: execute freshclam (if it's present) to update clamav definitions
(increases resulting ISO size ~70MB). By default it's skipped to avoid bigger
ISO size.
--- /dev/null
+# See logind.conf(5) for details
+
+# This file was deployed via grml-live's
+# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/15-initsetup, using
+# ${GRML_FAI_CONFIG}/config/files/etc/systemd/logind.conf/GRMLBASE
+
+[Login]
+NAutoVTs=12
+#ReserveVT=6
+#KillUserProcesses=no
+#KillOnlyUsers=
+#KillExcludeUsers=root
+#InhibitDelayMaxSec=5
+#HandlePowerKey=poweroff
+#HandleSuspendKey=suspend
+#HandleHibernateKey=hibernate
+#HandleLidSwitch=suspend
+#PowerKeyIgnoreInhibited=no
+#SuspendKeyIgnoreInhibited=no
+#HibernateKeyIgnoreInhibited=no
+#LidSwitchIgnoreInhibited=yes
+#IdleAction=ignore
+#IdleActionSec=30min
+#RuntimeDirectorySize=10%
+#RemoveIPC=yes
--- /dev/null
+# enable TTY logins
+enable getty@.service
+
+# enable grml-specific services
+enable grml-autoconfig.service
+enable debug-shell.service
+enable resolvconf.service
+
+disable *
--- /dev/null
+[Service]
+Type=idle
+ExecStart=
+ExecStart=-/sbin/grml-runtty /dev/tty1 /usr/share/grml-scripts/run-welcome root
+# ExecStart=-/sbin/agetty --autologin $USERNAME --noclear %I 38400 linux
+TTYVTDisallocate=no
--- /dev/null
+[Service]
+Type=idle
+ExecStart=
+ExecStart=-/sbin/agetty --noclear %I 38400 linux
--- /dev/null
+[Service]
+Type=idle
+ExecStart=
+ExecStart=-/sbin/grml-runtty /dev/tty11 /usr/bin/htop root
--- /dev/null
+[Service]
+Type=idle
+ExecStart=
+ExecStart=-/sbin/grml-runtty /dev/tty12 /usr/share/grml-scripts/run-journalctl root
--- /dev/null
+[Service]
+Type=idle
+ExecStart=
+ExecStart=-/sbin/grml-runtty /dev/tty2 /usr/share/grml-scripts/run-screen root
--- /dev/null
+[Service]
+Type=idle
+ExecStart=
+ExecStart=-/sbin/grml-runtty /dev/tty3 /usr/share/grml-scripts/run-screen root
--- /dev/null
+[Service]
+Type=idle
+ExecStart=
+ExecStart=-/sbin/grml-runtty /dev/tty4 /usr/share/grml-scripts/run-screen $USERNAME
--- /dev/null
+[Service]
+Type=idle
+ExecStart=
+ExecStart=-/sbin/grml-runtty /dev/tty5 /bin/zsh $USERNAME
--- /dev/null
+[Service]
+Type=idle
+ExecStart=
+ExecStart=-/sbin/grml-runtty /dev/tty6 /bin/zsh $USERNAME
--- /dev/null
+# This file was deployed via grml-live's
+# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/15-initsetup, using
+# ${GRML_FAI_CONFIG}/config/files/etc/systemd/system/ssh-bootoption.service/GRMLBASE
+
+[Unit]
+Description=OpenBSD Secure Shell server
+After=ssh-keygen network.target auditd.service
+ConditionKernelCommandLine=ssh
+ConditionPathExists=!/etc/ssh/sshd_not_to_be_run
+
+[Service]
+EnvironmentFile=-/etc/default/ssh
+ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=on-failure
+
+[Install]
+WantedBy=multi-user.target
+Alias=sshd.service
--- /dev/null
+# This file was deployed via grml-live's
+# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/15-initsetup, using
+# ${GRML_FAI_CONFIG}/config/files/etc/systemd/system/ssh-keygen.service/GRMLBASE
+
+[Unit]
+Description=SSH keygen
+Before=ssh.service
+
+[Service]
+ExecStart=/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -C '' -N ''
+ExecStart=/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -C '' -N ''
+ExecStart=/usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -C '' -N ''
+ExecStart=/usr/bin/ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -C '' -N ''
+Type=oneshot
# License: This file is licensed under the GPL v2 or any later version.
################################################################################
+FILE_RC=false
+if ifclass FILE_RC ; then
+ FILE_RC=true
+fi
+
set -u
set -e
# install software.
$ROOTCMD apt-get update
+ if $FILE_RC ; then
+ echo "Installing file-rc as FILE_RC class is enabled."
+ # newer aptitude versions won't remove essential packages using
+ # 'aptitude -f -y install file-rc' anymore, therefore force it:
+ $ROOTCMD aptitude -o Aptitude::ProblemResolver::Keep-All-Tier=60000 -f -y install file-rc systemd-sysv-
+ fi
+
if ! $ROOTCMD test -x /usr/bin/aptitude ; then
$ROOTCMD apt-get -y install aptitude
fi
- # newer aptitude versions won't remove essential packages using
- # 'aptitude -f -y install file-rc' anymore, therefore force it:
- $ROOTCMD aptitude -o Aptitude::ProblemResolver::Keep-All-Tier=60000 -f -y install file-rc systemd-sysv-
-
# make sure we can upgrade automatically,
# even with unsigned repos, but only if user wants it
if [ "${FAI_ALLOW_UNSIGNED:-}" = "1" ] ; then
echo "Warning: there was an error executing apt-get update, continuing anyway." >&2
fi
-# newer aptitude versions won't remove essential packages using
-# 'aptitude -f -y install file-rc' anymore, therefore force it via:
-$ROOTCMD aptitude -o Aptitude::ProblemResolver::Keep-All-Tier=60000 -f -y install file-rc systemd-sysv-
+if $FILE_RC ; then
+ echo "Installing file-rc as FILE_RC class is enabled."
+ # newer aptitude versions won't remove essential packages using
+ # 'aptitude -f -y install file-rc' anymore, therefore force it via:
+ $ROOTCMD aptitude -o Aptitude::ProblemResolver::Keep-All-Tier=60000 -f -y install file-rc systemd-sysv-
+fi
# }}}
# we definitely don't want to fail running fai dirinstall just
--- /dev/null
+PACKAGES aptitude
+
+file-rc
+multitail
dmidecode
eject
file
-file-rc
gpm
grml2hd
grml2hd-utils
live-boot-grml live-boot-grml-doc
lvm2
mdadm
-multitail
nfs-common
openssh-client
openssh-server
--- /dev/null
+PACKAGES aptitude
+
+network-manager
+
+# network-manager-openvpn
+# network-manager-pptp
+# network-manager-vpnc
set -e
. "$GRML_LIVE_CONFIG"
-if ! [ -r $target/etc/runlevel.conf ] ; then
- echo 'Warning: /etc/runlevel.conf does not exist...'
- echo '... assuming we do not have file-rc, skipping 15-initsetup'
- exit 0
-fi
+systemd_setup() {
+ fcopy -i -B -v -r /etc/systemd
+
+ echo "Enabling user '$USERNAME' for autologin"
+ sed -i "s/\$USERNAME/$USERNAME/" "$target"/etc/systemd/system/getty@tty*.service.d/override.conf
+
+ # enable TTY logins
+ local service
+ for file in "${target}"/etc/systemd/system/getty@tty*.service.d ; do
+ service=$(basename "$file" .d)
+ $ROOTCMD systemctl enable "$service" || echo "failed to enable $service"
+ done
+ unset service
+
+ # FIXME - ssh-keygen isn't executed yet before ssh-bootoption + ssh services
+ $ROOTCMD systemctl enable ssh-bootoption.service || echo "failed to enable ssh-bootoption.service"
+ $ROOTCMD systemctl enable ssh-keygen.service || echo "failed to enable ssh-keygen.service"
+
+ # fails on overlayfs with
+ # "Failed to unmount transient /etc/machine-id file in our private namespace: Invalid argument"
+ $ROOTCMD systemctl mask systemd-machine-id-commit.service || echo "failed to mask $systemd-machine-id-commit.service"
+
+ # disable unwanted services
+ local service
+ for service in \
+ cron.service \
+ lvm2-lvmetad.service \
+ lvm2-lvmetad.socket \
+ lvm2-lvmpolld.socket \
+ lvm2-monitor.service \
+ mdadm-raid.service \
+ smartd.service \
+ ssh.service \
+ swap.target \
+ systemd-timesyncd.service \
+ uuidd.service
+ do
+ $ROOTCMD systemctl disable ${service} || echo "failed to disable $service"
+ done
+ unset service
+
+ # TODO ->
-# keep a backup of the original runlevel.conf file for reference
-if [ -r $target/etc/runlevel.conf.original ] ; then
- # make sure to store old backup files if they differ as well
- if ! cmp $target/etc/runlevel.conf $target/etc/runlevel.conf.original >/dev/null ; then
- cp $target/etc/runlevel.conf.original $target/etc/runlevel.conf.original."$(date +%Y%m%d_%k:%M:%S)"
+ # * *proper* integration for grml-autoconfig
+ $ROOTCMD systemctl enable grml-autoconfig.service || echo "failed to enable grml-autoconfig.service"
+ ln -sf /etc/systemd/system/grml-autoconfig.service "${target}"/etc/systemd/system/multi-user.target.wants/grml-autoconfig.service
+
+ # * avoid startup of any LSB scripts; NOTE: jessie doesn't support that
+ # system-generators approach yet, only >=stretch
+ mkdir -p "${target}"/etc/systemd/system-generators/
+ ln -sf /dev/null "${target}"/etc/systemd/system-generators/systemd-sysv-generator
+ # -> revert /etc/systemd/system-generators/systemd-sysv-generator && systemctl daemon-reload during *bootup*
+ # + possibly move this into startup so it's always executed on bootup, even with persistency enabled
+ # where the change towards systemd-sysv-generator might persist across
+ # reboots -> LSB scripts executed on reboots
+}
+
+file_rc_setup() {
+ if ! [ -r "${target}"/etc/runlevel.conf ] ; then
+ echo 'Warning: /etc/runlevel.conf does not exist...'
+ echo '... assuming we do not have file-rc, skipping 15-initsetup'
+ exit 0
fi
-fi
-cp $target/etc/runlevel.conf $target/etc/runlevel.conf.original
+ # keep a backup of the original runlevel.conf file for reference
+ if [ -r "${target}"/etc/runlevel.conf.original ] ; then
+ # make sure to store old backup files if they differ as well
+ if ! cmp "${target}"/etc/runlevel.conf "${target}"/etc/runlevel.conf.original >/dev/null ; then
+ cp "${target}"/etc/runlevel.conf.original "${target}/etc/runlevel.conf.original.$(date +%Y%m%d_%k:%M:%S)"
+ fi
+ fi
-# provide Grml's default file-rc configuration
-fcopy -v /etc/runlevel.conf
+ cp "${target}"/etc/runlevel.conf "${target}"/etc/runlevel.conf.original
-# provide Grml's inittab configuration
-fcopy -v /etc/inittab
-sed -i "s/\$USERNAME\$/${USERNAME}/" $target/etc/inittab
+ # provide Grml's default file-rc configuration
+ fcopy -v /etc/runlevel.conf
-# provide Grml's bootlocal init scripts
-fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.first
-fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.middle
-fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.last
+ # provide Grml's inittab configuration
+ fcopy -v /etc/inittab
+ sed -i "s/\$USERNAME\$/${USERNAME}/" "${target}"/etc/inittab
+
+ # provide Grml's bootlocal init scripts
+ fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.first
+ fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.middle
+ fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.last
+}
+
+if ifclass FILE_RC ; then
+ file_rc_setup
+else
+ systemd_setup
+fi
## END OF FILE #################################################################
# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2
$ROOTCMD updatedb --prunepaths='/tmp /usr/tmp /var/tmp /grml /root /proc /sys'
fi
+if [ -r "${target}/etc/machine-id" ] ; then
+ echo "Removing /etc/machine-id generated by systemd"
+ rm -f "$target/etc/machine-id"
+fi
+
## END OF FILE #################################################################
# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2