From: Michael Prokop Date: Tue, 5 Jan 2016 13:45:30 +0000 (+0100) Subject: Systemd support, providing backwards compatibility via FILE_RC class [Closes: issue1015] X-Git-Tag: v0.28.0~16 X-Git-Url: https://git.grml.org/?p=grml-live.git;a=commitdiff_plain;h=1aec7397965ee3164b455cfb763bcc936f65377e Systemd support, providing backwards compatibility via FILE_RC class [Closes: issue1015] Support for file-rc is still available and can be enabled via FILE_RC class. --- diff --git a/docs/grml-live.txt b/docs/grml-live.txt index ad6b8fb..25c2b47 100644 --- a/docs/grml-live.txt +++ b/docs/grml-live.txt @@ -335,6 +335,14 @@ selected. The following classes are predefined: * DEBORPHAN: get rid of all packages listed in output of deborphan +* FILE_RC: instead of using systemd as init system use file-rc instead. file-rc +was the init system used by Grml until and including stable release 2014.11, +starting with beginning of 2016 Grml switched to systemd instead. If you want to +build a live system in the old style using file-rc instead of systemd then enable +this class. Please notice that support for file-rc is no longer being actively +maintained (the Grml team happily accepts patches though) and file-rc (upstream +wise) might disappear too. + * FRESHCLAM: execute freshclam (if it's present) to update clamav definitions (increases resulting ISO size ~70MB). By default it's skipped to avoid bigger ISO size. diff --git a/etc/grml/fai/config/files/etc/systemd/logind.conf/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/logind.conf/GRMLBASE new file mode 100644 index 0000000..4e62482 --- /dev/null +++ b/etc/grml/fai/config/files/etc/systemd/logind.conf/GRMLBASE @@ -0,0 +1,25 @@ +# See logind.conf(5) for details + +# This file was deployed via grml-live's +# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/15-initsetup, using +# ${GRML_FAI_CONFIG}/config/files/etc/systemd/logind.conf/GRMLBASE + +[Login] +NAutoVTs=12 +#ReserveVT=6 +#KillUserProcesses=no +#KillOnlyUsers= +#KillExcludeUsers=root +#InhibitDelayMaxSec=5 +#HandlePowerKey=poweroff +#HandleSuspendKey=suspend +#HandleHibernateKey=hibernate +#HandleLidSwitch=suspend +#PowerKeyIgnoreInhibited=no +#SuspendKeyIgnoreInhibited=no +#HibernateKeyIgnoreInhibited=no +#LidSwitchIgnoreInhibited=yes +#IdleAction=ignore +#IdleActionSec=30min +#RuntimeDirectorySize=10% +#RemoveIPC=yes diff --git a/etc/grml/fai/config/files/etc/systemd/system-preset/10-grml.preset/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system-preset/10-grml.preset/GRMLBASE new file mode 100644 index 0000000..55b81d0 --- /dev/null +++ b/etc/grml/fai/config/files/etc/systemd/system-preset/10-grml.preset/GRMLBASE @@ -0,0 +1,9 @@ +# enable TTY logins +enable getty@.service + +# enable grml-specific services +enable grml-autoconfig.service +enable debug-shell.service +enable resolvconf.service + +disable * diff --git a/etc/grml/fai/config/files/etc/systemd/system/getty@tty1.service.d/override.conf/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system/getty@tty1.service.d/override.conf/GRMLBASE new file mode 100644 index 0000000..90fee36 --- /dev/null +++ b/etc/grml/fai/config/files/etc/systemd/system/getty@tty1.service.d/override.conf/GRMLBASE @@ -0,0 +1,6 @@ +[Service] +Type=idle +ExecStart= +ExecStart=-/sbin/grml-runtty /dev/tty1 /usr/share/grml-scripts/run-welcome root +# ExecStart=-/sbin/agetty --autologin $USERNAME --noclear %I 38400 linux +TTYVTDisallocate=no diff --git a/etc/grml/fai/config/files/etc/systemd/system/getty@tty10.service.d/override.conf/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system/getty@tty10.service.d/override.conf/GRMLBASE new file mode 100644 index 0000000..babd2e3 --- /dev/null +++ b/etc/grml/fai/config/files/etc/systemd/system/getty@tty10.service.d/override.conf/GRMLBASE @@ -0,0 +1,4 @@ +[Service] +Type=idle +ExecStart= +ExecStart=-/sbin/agetty --noclear %I 38400 linux diff --git a/etc/grml/fai/config/files/etc/systemd/system/getty@tty11.service.d/override.conf/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system/getty@tty11.service.d/override.conf/GRMLBASE new file mode 100644 index 0000000..6122734 --- /dev/null +++ b/etc/grml/fai/config/files/etc/systemd/system/getty@tty11.service.d/override.conf/GRMLBASE @@ -0,0 +1,4 @@ +[Service] +Type=idle +ExecStart= +ExecStart=-/sbin/grml-runtty /dev/tty11 /usr/bin/htop root diff --git a/etc/grml/fai/config/files/etc/systemd/system/getty@tty12.service.d/override.conf/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system/getty@tty12.service.d/override.conf/GRMLBASE new file mode 100644 index 0000000..cecc28a --- /dev/null +++ b/etc/grml/fai/config/files/etc/systemd/system/getty@tty12.service.d/override.conf/GRMLBASE @@ -0,0 +1,4 @@ +[Service] +Type=idle +ExecStart= +ExecStart=-/sbin/grml-runtty /dev/tty12 /usr/share/grml-scripts/run-journalctl root diff --git a/etc/grml/fai/config/files/etc/systemd/system/getty@tty2.service.d/override.conf/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system/getty@tty2.service.d/override.conf/GRMLBASE new file mode 100644 index 0000000..5d50c22 --- /dev/null +++ b/etc/grml/fai/config/files/etc/systemd/system/getty@tty2.service.d/override.conf/GRMLBASE @@ -0,0 +1,4 @@ +[Service] +Type=idle +ExecStart= +ExecStart=-/sbin/grml-runtty /dev/tty2 /usr/share/grml-scripts/run-screen root diff --git a/etc/grml/fai/config/files/etc/systemd/system/getty@tty3.service.d/override.conf/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system/getty@tty3.service.d/override.conf/GRMLBASE new file mode 100644 index 0000000..d3f6f10 --- /dev/null +++ b/etc/grml/fai/config/files/etc/systemd/system/getty@tty3.service.d/override.conf/GRMLBASE @@ -0,0 +1,4 @@ +[Service] +Type=idle +ExecStart= +ExecStart=-/sbin/grml-runtty /dev/tty3 /usr/share/grml-scripts/run-screen root diff --git a/etc/grml/fai/config/files/etc/systemd/system/getty@tty4.service.d/override.conf/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system/getty@tty4.service.d/override.conf/GRMLBASE new file mode 100644 index 0000000..cf45598 --- /dev/null +++ b/etc/grml/fai/config/files/etc/systemd/system/getty@tty4.service.d/override.conf/GRMLBASE @@ -0,0 +1,4 @@ +[Service] +Type=idle +ExecStart= +ExecStart=-/sbin/grml-runtty /dev/tty4 /usr/share/grml-scripts/run-screen $USERNAME diff --git a/etc/grml/fai/config/files/etc/systemd/system/getty@tty5.service.d/override.conf/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system/getty@tty5.service.d/override.conf/GRMLBASE new file mode 100644 index 0000000..fc22376 --- /dev/null +++ b/etc/grml/fai/config/files/etc/systemd/system/getty@tty5.service.d/override.conf/GRMLBASE @@ -0,0 +1,4 @@ +[Service] +Type=idle +ExecStart= +ExecStart=-/sbin/grml-runtty /dev/tty5 /bin/zsh $USERNAME diff --git a/etc/grml/fai/config/files/etc/systemd/system/getty@tty6.service.d/override.conf/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system/getty@tty6.service.d/override.conf/GRMLBASE new file mode 100644 index 0000000..f066922 --- /dev/null +++ b/etc/grml/fai/config/files/etc/systemd/system/getty@tty6.service.d/override.conf/GRMLBASE @@ -0,0 +1,4 @@ +[Service] +Type=idle +ExecStart= +ExecStart=-/sbin/grml-runtty /dev/tty6 /bin/zsh $USERNAME diff --git a/etc/grml/fai/config/files/etc/systemd/system/ssh-bootoption.service/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system/ssh-bootoption.service/GRMLBASE new file mode 100644 index 0000000..fafa20f --- /dev/null +++ b/etc/grml/fai/config/files/etc/systemd/system/ssh-bootoption.service/GRMLBASE @@ -0,0 +1,20 @@ +# This file was deployed via grml-live's +# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/15-initsetup, using +# ${GRML_FAI_CONFIG}/config/files/etc/systemd/system/ssh-bootoption.service/GRMLBASE + +[Unit] +Description=OpenBSD Secure Shell server +After=ssh-keygen network.target auditd.service +ConditionKernelCommandLine=ssh +ConditionPathExists=!/etc/ssh/sshd_not_to_be_run + +[Service] +EnvironmentFile=-/etc/default/ssh +ExecStart=/usr/sbin/sshd -D $SSHD_OPTS +ExecReload=/bin/kill -HUP $MAINPID +KillMode=process +Restart=on-failure + +[Install] +WantedBy=multi-user.target +Alias=sshd.service diff --git a/etc/grml/fai/config/files/etc/systemd/system/ssh-keygen.service/GRMLBASE b/etc/grml/fai/config/files/etc/systemd/system/ssh-keygen.service/GRMLBASE new file mode 100644 index 0000000..b39cb47 --- /dev/null +++ b/etc/grml/fai/config/files/etc/systemd/system/ssh-keygen.service/GRMLBASE @@ -0,0 +1,14 @@ +# This file was deployed via grml-live's +# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/15-initsetup, using +# ${GRML_FAI_CONFIG}/config/files/etc/systemd/system/ssh-keygen.service/GRMLBASE + +[Unit] +Description=SSH keygen +Before=ssh.service + +[Service] +ExecStart=/usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -C '' -N '' +ExecStart=/usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -C '' -N '' +ExecStart=/usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -C '' -N '' +ExecStart=/usr/bin/ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -C '' -N '' +Type=oneshot diff --git a/etc/grml/fai/config/hooks/instsoft.GRMLBASE b/etc/grml/fai/config/hooks/instsoft.GRMLBASE index 620c101..eb0204a 100755 --- a/etc/grml/fai/config/hooks/instsoft.GRMLBASE +++ b/etc/grml/fai/config/hooks/instsoft.GRMLBASE @@ -6,6 +6,11 @@ # License: This file is licensed under the GPL v2 or any later version. ################################################################################ +FILE_RC=false +if ifclass FILE_RC ; then + FILE_RC=true +fi + set -u set -e @@ -59,14 +64,17 @@ EOF # install software. $ROOTCMD apt-get update + if $FILE_RC ; then + echo "Installing file-rc as FILE_RC class is enabled." + # newer aptitude versions won't remove essential packages using + # 'aptitude -f -y install file-rc' anymore, therefore force it: + $ROOTCMD aptitude -o Aptitude::ProblemResolver::Keep-All-Tier=60000 -f -y install file-rc systemd-sysv- + fi + if ! $ROOTCMD test -x /usr/bin/aptitude ; then $ROOTCMD apt-get -y install aptitude fi - # newer aptitude versions won't remove essential packages using - # 'aptitude -f -y install file-rc' anymore, therefore force it: - $ROOTCMD aptitude -o Aptitude::ProblemResolver::Keep-All-Tier=60000 -f -y install file-rc systemd-sysv- - # make sure we can upgrade automatically, # even with unsigned repos, but only if user wants it if [ "${FAI_ALLOW_UNSIGNED:-}" = "1" ] ; then @@ -118,9 +126,12 @@ if ! $ROOTCMD apt-get update ; then echo "Warning: there was an error executing apt-get update, continuing anyway." >&2 fi -# newer aptitude versions won't remove essential packages using -# 'aptitude -f -y install file-rc' anymore, therefore force it via: -$ROOTCMD aptitude -o Aptitude::ProblemResolver::Keep-All-Tier=60000 -f -y install file-rc systemd-sysv- +if $FILE_RC ; then + echo "Installing file-rc as FILE_RC class is enabled." + # newer aptitude versions won't remove essential packages using + # 'aptitude -f -y install file-rc' anymore, therefore force it via: + $ROOTCMD aptitude -o Aptitude::ProblemResolver::Keep-All-Tier=60000 -f -y install file-rc systemd-sysv- +fi # }}} # we definitely don't want to fail running fai dirinstall just diff --git a/etc/grml/fai/config/package_config/FILE_RC b/etc/grml/fai/config/package_config/FILE_RC new file mode 100644 index 0000000..c1cd57e --- /dev/null +++ b/etc/grml/fai/config/package_config/FILE_RC @@ -0,0 +1,4 @@ +PACKAGES aptitude + +file-rc +multitail diff --git a/etc/grml/fai/config/package_config/GRMLBASE b/etc/grml/fai/config/package_config/GRMLBASE index c3a5db9..b9d46c7 100644 --- a/etc/grml/fai/config/package_config/GRMLBASE +++ b/etc/grml/fai/config/package_config/GRMLBASE @@ -9,7 +9,6 @@ deborphan dmidecode eject file -file-rc gpm grml2hd grml2hd-utils @@ -40,7 +39,6 @@ less live-boot-grml live-boot-grml-doc lvm2 mdadm -multitail nfs-common openssh-client openssh-server diff --git a/etc/grml/fai/config/package_config/SYSTEMD b/etc/grml/fai/config/package_config/SYSTEMD new file mode 100644 index 0000000..657b06d --- /dev/null +++ b/etc/grml/fai/config/package_config/SYSTEMD @@ -0,0 +1,7 @@ +PACKAGES aptitude + +network-manager + +# network-manager-openvpn +# network-manager-pptp +# network-manager-vpnc diff --git a/etc/grml/fai/config/scripts/GRMLBASE/15-initsetup b/etc/grml/fai/config/scripts/GRMLBASE/15-initsetup index f7ebd82..f94cd3f 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/15-initsetup +++ b/etc/grml/fai/config/scripts/GRMLBASE/15-initsetup @@ -10,33 +10,98 @@ set -u set -e . "$GRML_LIVE_CONFIG" -if ! [ -r $target/etc/runlevel.conf ] ; then - echo 'Warning: /etc/runlevel.conf does not exist...' - echo '... assuming we do not have file-rc, skipping 15-initsetup' - exit 0 -fi +systemd_setup() { + fcopy -i -B -v -r /etc/systemd + + echo "Enabling user '$USERNAME' for autologin" + sed -i "s/\$USERNAME/$USERNAME/" "$target"/etc/systemd/system/getty@tty*.service.d/override.conf + + # enable TTY logins + local service + for file in "${target}"/etc/systemd/system/getty@tty*.service.d ; do + service=$(basename "$file" .d) + $ROOTCMD systemctl enable "$service" || echo "failed to enable $service" + done + unset service + + # FIXME - ssh-keygen isn't executed yet before ssh-bootoption + ssh services + $ROOTCMD systemctl enable ssh-bootoption.service || echo "failed to enable ssh-bootoption.service" + $ROOTCMD systemctl enable ssh-keygen.service || echo "failed to enable ssh-keygen.service" + + # fails on overlayfs with + # "Failed to unmount transient /etc/machine-id file in our private namespace: Invalid argument" + $ROOTCMD systemctl mask systemd-machine-id-commit.service || echo "failed to mask $systemd-machine-id-commit.service" + + # disable unwanted services + local service + for service in \ + cron.service \ + lvm2-lvmetad.service \ + lvm2-lvmetad.socket \ + lvm2-lvmpolld.socket \ + lvm2-monitor.service \ + mdadm-raid.service \ + smartd.service \ + ssh.service \ + swap.target \ + systemd-timesyncd.service \ + uuidd.service + do + $ROOTCMD systemctl disable ${service} || echo "failed to disable $service" + done + unset service + + # TODO -> -# keep a backup of the original runlevel.conf file for reference -if [ -r $target/etc/runlevel.conf.original ] ; then - # make sure to store old backup files if they differ as well - if ! cmp $target/etc/runlevel.conf $target/etc/runlevel.conf.original >/dev/null ; then - cp $target/etc/runlevel.conf.original $target/etc/runlevel.conf.original."$(date +%Y%m%d_%k:%M:%S)" + # * *proper* integration for grml-autoconfig + $ROOTCMD systemctl enable grml-autoconfig.service || echo "failed to enable grml-autoconfig.service" + ln -sf /etc/systemd/system/grml-autoconfig.service "${target}"/etc/systemd/system/multi-user.target.wants/grml-autoconfig.service + + # * avoid startup of any LSB scripts; NOTE: jessie doesn't support that + # system-generators approach yet, only >=stretch + mkdir -p "${target}"/etc/systemd/system-generators/ + ln -sf /dev/null "${target}"/etc/systemd/system-generators/systemd-sysv-generator + # -> revert /etc/systemd/system-generators/systemd-sysv-generator && systemctl daemon-reload during *bootup* + # + possibly move this into startup so it's always executed on bootup, even with persistency enabled + # where the change towards systemd-sysv-generator might persist across + # reboots -> LSB scripts executed on reboots +} + +file_rc_setup() { + if ! [ -r "${target}"/etc/runlevel.conf ] ; then + echo 'Warning: /etc/runlevel.conf does not exist...' + echo '... assuming we do not have file-rc, skipping 15-initsetup' + exit 0 fi -fi -cp $target/etc/runlevel.conf $target/etc/runlevel.conf.original + # keep a backup of the original runlevel.conf file for reference + if [ -r "${target}"/etc/runlevel.conf.original ] ; then + # make sure to store old backup files if they differ as well + if ! cmp "${target}"/etc/runlevel.conf "${target}"/etc/runlevel.conf.original >/dev/null ; then + cp "${target}"/etc/runlevel.conf.original "${target}/etc/runlevel.conf.original.$(date +%Y%m%d_%k:%M:%S)" + fi + fi -# provide Grml's default file-rc configuration -fcopy -v /etc/runlevel.conf + cp "${target}"/etc/runlevel.conf "${target}"/etc/runlevel.conf.original -# provide Grml's inittab configuration -fcopy -v /etc/inittab -sed -i "s/\$USERNAME\$/${USERNAME}/" $target/etc/inittab + # provide Grml's default file-rc configuration + fcopy -v /etc/runlevel.conf -# provide Grml's bootlocal init scripts -fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.first -fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.middle -fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.last + # provide Grml's inittab configuration + fcopy -v /etc/inittab + sed -i "s/\$USERNAME\$/${USERNAME}/" "${target}"/etc/inittab + + # provide Grml's bootlocal init scripts + fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.first + fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.middle + fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.last +} + +if ifclass FILE_RC ; then + file_rc_setup +else + systemd_setup +fi ## END OF FILE ################################################################# # vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2 diff --git a/etc/grml/fai/config/scripts/GRMLBASE/98-clean-chroot b/etc/grml/fai/config/scripts/GRMLBASE/98-clean-chroot index 1d18dd3..88cba00 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/98-clean-chroot +++ b/etc/grml/fai/config/scripts/GRMLBASE/98-clean-chroot @@ -219,5 +219,10 @@ else $ROOTCMD updatedb --prunepaths='/tmp /usr/tmp /var/tmp /grml /root /proc /sys' fi +if [ -r "${target}/etc/machine-id" ] ; then + echo "Removing /etc/machine-id generated by systemd" + rm -f "$target/etc/machine-id" +fi + ## END OF FILE ################################################################# # vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2