diff options
Diffstat (limited to 'scripts')
34 files changed, 178 insertions, 3642 deletions
diff --git a/scripts/dns-forwarding/vyatta-dns-forwarding.pl b/scripts/dns-forwarding/vyatta-dns-forwarding.pl deleted file mode 100755 index 46e038b5..00000000 --- a/scripts/dns-forwarding/vyatta-dns-forwarding.pl +++ /dev/null @@ -1,268 +0,0 @@ -#!/usr/bin/perl -# -# Module: vyatta-dns-forwarding.pl -# -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2008 Vyatta, Inc. -# All Rights Reserved. -# -# Author: Mohit Mehta -# Date: August 2008 -# Description: Script to glue Vyatta CLI to dnsmasq daemon -# -# **** End License **** -# - -use lib "/opt/vyatta/share/perl5/"; -use Vyatta::Config; -use Vyatta::Misc; -use Getopt::Long; - -use strict; -use warnings; - -my $dnsforwarding_init = '/etc/init.d/dnsmasq'; -my $dnsforwarding_conf = '/etc/dnsmasq.conf'; - -sub dnsforwarding_restart { - system("$dnsforwarding_init restart >&/dev/null"); -} - -sub dnsforwarding_stop { - system("$dnsforwarding_init stop >&/dev/null"); -} - -sub dnsforwarding_get_constants { - my $output; - - my $date = `date`; - chomp $date; - $output = "#\n# autogenerated by vyatta-dns-forwarding.pl on $date\n#\n"; - $output .= "log-facility=/var/log/dnsmasq.log\n"; - $output .= "no-poll\n"; - $output .= "edns-packet-max=4096\n"; - system("rm -f /var/log/dnsmasq.log; touch /var/log/dnsmasq.log"); - return $output; -} - -sub dnsforwarding_get_values { - - my $outside_cli = shift; - - my $output = ''; - my $config = new Vyatta::Config; - my $use_dnsmasq_conf = 0; - my (@listen_interfaces, $cache_size, @use_nameservers, $use_system_nameservers, @use_dhcp_nameservers, @domains, $server, $ignore_hosts_file); - - $config->setLevel("service dns forwarding"); - - if ($outside_cli == 1) { - @listen_interfaces = $config->returnOrigValues("listen-on"); - $cache_size = $config->returnOrigValue("cache-size"); - @use_nameservers = $config->returnOrigValues("name-server"); - $use_system_nameservers = $config->existsOrig("system"); - @use_dhcp_nameservers = $config->returnOrigValues("dhcp"); - @domains = $config->listOrigNodes("domain"); - $ignore_hosts_file = $config->returnOrigValue("ignore-hosts-file"); - - } else { - @listen_interfaces = $config->returnValues("listen-on"); - $cache_size = $config->returnValue("cache-size"); - @use_nameservers = $config->returnValues("name-server"); - $use_system_nameservers = $config->exists("system"); - @use_dhcp_nameservers = $config->returnValues("dhcp"); - @domains = $config->listNodes("domain"); - $ignore_hosts_file = $config->exists("ignore-hosts-file"); - } - - if (@listen_interfaces != 0) { - foreach my $interface (@listen_interfaces) { - $output .= "interface=$interface\n"; - } - } - - if (defined $cache_size) { - $output .= "cache-size=$cache_size\n"; - } - - if (defined $ignore_hosts_file) { - $output .= "no-hosts\n"; - } - - if (@use_nameservers != 0) { - $use_dnsmasq_conf = 1; - foreach my $cli_nameserver (@use_nameservers) { - $output .= "server=$cli_nameserver\t# statically configured\n"; - } - } - - if (defined($use_system_nameservers)) { - $use_dnsmasq_conf = 1; - my $sys_config = new Vyatta::Config; - $sys_config->setLevel("system"); - my @system_nameservers; - if ($outside_cli == 1) { - @system_nameservers = $sys_config->returnOrigValues("name-server"); - } else { - @system_nameservers = $sys_config->returnValues("name-server"); - } - if (@system_nameservers > 0) { - foreach my $system_nameserver (@system_nameservers) { - $output .= "server=$system_nameserver\t# system\n"; - } - } - } - if (@domains != 0) { - foreach my $domain (@domains) { - my @domain_servers; - if ($outside_cli == 1) { - @domain_servers = $config->returnValues("domain $domain server"); - } else { - @domain_servers = $config->returnValues("domain $domain server"); - } - if (@domain_servers > 0) { - foreach my $domain_server (@domain_servers) { - $output .= "server=/$domain/$domain_server\t# domain-override\n"; - } - } - } - } - - if (@use_dhcp_nameservers != 0) { - $use_dnsmasq_conf = 1; - foreach my $interface (@use_dhcp_nameservers) { - my $dhcp_nameserver_count=`grep nameserver /etc/resolv.conf.dhclient-new-$interface 2>/dev/null | wc -l`; - if ($dhcp_nameserver_count > 0) { - my @dhcp_nameservers = `grep nameserver /etc/resolv.conf.dhclient-new-$interface`; - for my $each_nameserver (@dhcp_nameservers) { - my @nameserver = split(/ /, $each_nameserver, 2); - my $ns = $nameserver[1]; - chomp $ns; - $output .= "server=$ns\t# dhcp $interface\n"; - } - } - } - } - - if ($use_dnsmasq_conf == 1) { - $output .= "resolv-file=/etc/dnsmasq.conf\n"; - } - - return $output; -} - -sub dnsforwarding_write_file { - my ($config) = @_; - - open(my $fh, '>', $dnsforwarding_conf) || die "Couldn't open $dnsforwarding_conf - $!"; - print $fh $config; - close $fh; -} - -sub check_nameserver { - - my $cmd = `cat /etc/resolv.conf 2>/dev/null | awk {'print \$1'} | grep \^nameserver\$ | wc -l`; - return $cmd; -} - -sub check_system_nameserver { - - my $config = new Vyatta::Config; - $config->setLevel("system"); - my @system_nameservers = $config->returnValues("name-server"); - return(@system_nameservers); - -} - -sub check_dhcp_interface { - - my $interface = shift; - - die "DNS forwarding error: $interface is not using DHCP to get an IP address\n" - unless Vyatta::Misc::is_dhcp_enabled($interface); - - if (-e "/var/run/vyatta/dhclient/dhclient_release_$interface") { - - # dhcp released for the interface - print "DNS forwarding warning: DHCP lease for $interface has been released by user\n"; - } - - return 1; -} - -# -# main -# - -my ($update_dnsforwarding, $stop_dnsforwarding, $restart_dnsforwarding, $system_nameserver, $dhcp_interface, $outside_cli); - -GetOptions( - "update-dnsforwarding!" => \$update_dnsforwarding, - "stop-dnsforwarding!" => \$stop_dnsforwarding, - "restart-dnsforwarding!" => \$restart_dnsforwarding, - "system-nameserver!" => \$system_nameserver, - "outside-cli!" => \$outside_cli, - "dhcp-interface=s" => \$dhcp_interface -); - -if (defined $system_nameserver) { - my $system_nameserver_exists = check_system_nameserver(); - if ($system_nameserver_exists < 1){ - print "DNS forwarding warning: No name-servers set under 'system name-server'\n"; - } -} - -if (defined $dhcp_interface) { - if (!check_dhcp_interface($dhcp_interface)){ - exit 1; - } -} - -if (defined $update_dnsforwarding) { - my $config; - my $vyatta_config = new Vyatta::Config; - - $vyatta_config->setLevel("service dns forwarding"); - my $use_system_nameservers = $vyatta_config->exists("system"); - my @use_dhcp_nameservers = $vyatta_config->returnValues("dhcp"); - my @use_nameservers = $vyatta_config->returnValues("name-server"); - - if (!(defined $use_system_nameservers) && (@use_dhcp_nameservers == 0) && (@use_nameservers == 0)) { - my $nameserver_exists = check_nameserver(); - if ($nameserver_exists < 1){ - print "DNS forwarding warning: Currently, no name-servers to forward DNS queries\n"; - } - } - - my $called_from_outside_cli = 0; - if (defined $outside_cli){ - $called_from_outside_cli = 1; - } - $config = dnsforwarding_get_constants(); - $config .= dnsforwarding_get_values($called_from_outside_cli); - dnsforwarding_write_file($config); - dnsforwarding_restart(); -} - -if (defined $stop_dnsforwarding) { - dnsforwarding_stop(); -} - -if (defined $restart_dnsforwarding) { - dnsforwarding_restart(); -} - -exit 0; - -# end of file - diff --git a/scripts/install-system b/scripts/install-system deleted file mode 100755 index 71fe0de1..00000000 --- a/scripts/install-system +++ /dev/null @@ -1,1664 +0,0 @@ -#!/bin/bash -# -# Module: install-system -# -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2006, 2007 Vyatta, Inc. -# All Rights Reserved. -# -# Author: Robert Bays -# Date: 2006 -# Description: -# -# **** End License **** -# -# Vyatta system installer script. -# - -if [ `whoami` != 'root' ] ; then - echo "This script must be run with root privileges." - exit 1 -fi - -# If you set VYATTA_AUTO_INSTALL I will try to do an automated install for you - -if [ -e /etc/default/vyatta ] ; then - . /etc/default/vyatta -fi - -# get system manufactuer, Xen needs special treatment -MANUF=`/usr/sbin/dmidecode -s system-manufacturer` - -: ${vyatta_prefix:=/opt/vyatta} -: ${vyatta_exec_prefix:=$vyatta_prefix} -: ${vyatta_bindir:=${vyatta_exec_prefix}/bin} -: ${vyatta_sbindir:=${vyatta_exec_prefix}/sbin} -: ${vyatta_sysconfdir:=${vyatta_prefix}/etc} - -ofrconfdir=${vyatta_sysconfdir}/config -fdconfdir=/media/floppy/config -rootfsdir=/mnt/rootfs - -# By default this is not a union install -# UNION=false - -# install log file name -INSTALL_LOG=/tmp/install-$$.log -# Absolute minimum root partition size in MB. Below this, we won't let -# you install. -ROOT_MIN=1000 - -# the base install drive e.g. sda -if [ -n "$INSTALL_DRIVE" ]; then - INSTALL_DRIVE="" -fi -# the install partition e.g. sda1 -if [ -n "$ROOT_PARTITION" ]; then - ROOT_PARTITION="" -fi -# the config partition e.g. sda2 -if [ -n "$CONFIG_PARTITION" ]; then - CONFIG_PARTITION="" -fi -# the size of the root partition -if [ -n "$ROOT_PARTITION_SIZE" ]; then - ROOT_PARTITION_SIZE="" -fi -# global holding variable used in the select_partition sub -PARTITION='' - -# default file system type -if [ "$MANUF" = "Xen" ]; then - ROOT_FSTYPE="ext3" -else - ROOT_FSTYPE="ext4" -fi - -# start of root partition (64 sectors == 32K bytes) -ROOT_OFFSET="64S" - -# Process ID of this script for the lame marketing spinner -SPID=$$ - -# Grub options -GRUB_OPTIONS="quiet" - -# Enable Vesa framebuffer mode (comment out to disable) -VGA_LOGO="vga=0x314" # 800 x 600 (16bit colors) - -# trap signals so we can kill runaway progress indicators -trap 'progress_indicator stop; exit 1' 1 -trap 'progress_indicator stop; exit 1' 2 - -# turn off any mounted swap partitions -turnoffswap () { - if [ -f "/proc/swaps" ]; then - myresponse=$(cat /proc/swaps) - if [ -n "$myresponse" ]; then - echo "turning off swaps..." >> $INSTALL_LOG - swapoff -a - fi - fi -} - -tolower () { - echo "$*" | tr '[:upper:]' '[:lower:]' -} - -# Validates a user response. Returns the response if valid. -# Returns the default is the user just hits enter. -# Returns nothing if not valid. Default parameter is $1. -# Options are in $2. If options are defined return must be a member -# of the enum. -get_response () { - local ldefault=$(tolower "$1") - local loptions=$(tolower "$2") - - # get the response from the user - read myresponse - myresponse=$(tolower "$myresponse") - - # Check to see if the user accepts the default - if [ -z "$myresponse" ]; then - echo -n $ldefault - # if we are passing in options to check, make sure response is a valid option - elif [ -n "$loptions" ]; then - for token in $loptions - do - if [ "$token" == "$myresponse" ]; then - echo -n "$myresponse" - return 0 - fi - done - return 1 - else - echo -n "$myresponse" - fi - - return 0 -} - -# Return the size of the drive in MB -get_drive_size () { - local ldrive=$1 - - # Get size of disk in 1k blocks - local blocks=$(sfdisk -s /dev/$ldrive) - - # Translate to Megabytes (SI units) - local bytes=$(($blocks * 1024)) - local lsize=$(($bytes / 1000000)) - - echo $lsize -} - -# Probe hardrives not shown in /proc/partitions by default -probe_drives () { - # Find drives that may not be in /proc/partitions since not mounted - drive=$(ls /sys/block | grep '[hsv]d.') - - # now exclude all drives that are read-only - for drive in $drive - do - if [ $(cat /sys/block/$drive/ro) -ne 0 ] - then - output=$(mount | grep $drive) - if [ -z "$output" ]; then - output=$(parted -s /dev/$drive p) - fi - fi - done -} - - -warn_of_dire_consequences () { - # Give the user a requisite warning that we are about to nuke their drive - response='' - while [ -z "$response" ] - do - echo "This will destroy all data on /dev/$INSTALL_DRIVE." - echo -n "Continue? (Yes/No) [No]: " - response=$(get_response "No" "Yes No Y N") - - if [ "$response" == "no" ] || [ "$response" == "n" ]; then - echo "Ok then. Exiting..." - exit 1 - fi - done -} - - - -check_for_old_raid () { - # First, trigger construction of previously configured RAID groups - echo -n "Looking for pre-existing RAID groups..." - raid_config=`mdadm --examine --scan` - if [ -z "$raid_config" ]; then - echo "none found." - return - fi - - echo "found some." - echo "Trying to configure pre-existing RAID groups..." - mdadm --assemble --scan --auto=yes --symlink=no - - # Identify physical drives - raid_drives=$(cat /proc/partitions | awk '{ if ($4!="name") { print $4 } }' | grep "md" | egrep -v "^$") - - if [ -z "$raid_drives" ]; then - echo "Unable to configure any RAID groups." - return - fi - - numraids=`echo $raid_drives | wc -w` - - if [ $numraids -eq 1 ]; then - echo "The following RAID group is now configured:" - else - echo "The following RAID groups are now configured:" - fi - - for drive in $raid_drives - do - cat /proc/mdstat | grep --after-context 2 ^$drive | sed -e 's/^/\t/' - done - - if [ $numraids -eq 1 ]; then - echo -n "Would you like to use this one? (Yes/No) [Yes]:" - else - echo -n "Would you like to use one of these? (Yes/No) [Yes]:" - fi - - response=$(get_response "Yes" "Yes No Y N") - if [ "$response" == "no" ] || [ "$response" == "n" ]; then - echo - echo "Ok. Not using existing RAID groups." - echo - - # pick the first RAID group to be broken - raid_drive=$(echo $raid_drives | /usr/bin/awk '{ print $1 }') - - echo "Would you like to break RAID group $raid_drive so that its" - echo "members can be re-used for a new installation, understanding" - echo -n "that doing so will destroy all data on it? (Yes/No) [No]:" - destroy_raid=$(get_response "No" "Yes No Y N") - echo - - if [ "${destroy_raid:0:1}" = "y" ]; then - echo "OK. Breaking the RAID group $raid_drive." - - members=`ls /sys/block/$raid_drive/slaves` - - echo "First, stopping all existing RAID groups:" - mdadm --stop --scan - - for member in $members ; do - drive=${member:0:3} - part=${member:3:1} - echo "Re-setting partition ID for RAID group $raid_drive member /dev/${member}:" - sfdisk --change-id /dev/$drive $part 0x83 - echo "Clearing RAID superblock from RAID group $raid_drive member /dev/${member}." - mdadm --zero-superblock /dev/$member - done - else - echo "OK. Stopping, but not breaking, existing RAID groups:" - mdadm --stop --scan - fi - - echo - return - fi - - if [ $numraids -eq 1 ]; then - INSTALL_DRIVE=$raid_drives - else - # take the first drive as the default - INSTALL_DRIVE=$(echo $raid_drives | /usr/bin/awk '{ print $1 }') - echo -n "Which one would you like to use? ($raid_drives) [$INSTALL_DRIVE]: " - INSTALL_DRIVE=$(get_response "$INSTALL_DRIVE" "$drives") - fi - - echo "Using RAID partition $INSTALL_DRIVE" - - raid_degraded=`cat /sys/block/$INSTALL_DRIVE/md/degraded` - raid_sync_action=`cat /sys/block/$INSTALL_DRIVE/md/sync_action` - - if [ "$raid_degraded" = "1" ]; then - echo - if [ "$raid_sync_action" = "recover" ]; then - echo "Error: This RAID set is degraded and is in the process of" - echo "rebuilding. It is not safe to install onto it while the" - echo "rebuild is in progress. Please wait for the rebuild to" - echo "complete and then re-start the installation. You may" - echo "monitor the progress of the RAID rebuild with the" - echo "command:" - echo - echo " show raid $INSTALL_DRIVE" - echo - exit 1 - fi - echo "Warning: This RAID set is degraded, but is not in the" - echo "process of rebuilding. It is safe to perform the installation" - echo "onto a degraded RAID set that is not in the process of" - echo "rebuilding. You may stop the installation now and rebuild the" - echo "RAID set, or continue installing onto it. If you continue" - echo "installing, do not attempt to rebuild the RAID set until the" - echo "installation has completed and you have rebooted the system." - echo - fi - - warn_of_dire_consequences - - ROOT_PARTITION=$INSTALL_DRIVE - - # make sure we aren't working on a mounted part - unmount "$INSTALL_DRIVE" - - # check for an old config on the partition - check_config_partition "$ROOT_PARTITION" - - # create the filesystem on the part - make_filesystem "$ROOT_PARTITION" - - INSTALL_METHOD=RAID -} - -check_for_new_raid () { - # Identify physical drives - drives=$(cat /proc/partitions | awk '{ if ($4!="name") { print $4 } }' | egrep -v "[0-9]$" | egrep -v "^$") - - numdrives=`echo $drives | wc -w` - - # Need at least two drives for RAID-1. We don't yet have the code - # to handle selection of two from a set of 3 or more, so for now, we - # only support two drives. - # - if [ $numdrives -ne 2 ]; then - return - fi - - drive1=`echo $drives | awk '{ print $1 }'` - drive2=`echo $drives | awk '{ print $2 }'` - - drivesize1=$(get_drive_size $drive1) - drivesize2=$(get_drive_size $drive2) - - # Both drives must have enough space to hold our minimum root filesystem - # - if [ $drivesize1 -lt $ROOT_MIN -o $drivesize2 -lt $ROOT_MIN ]; then - return - fi - - - echo "You have two disk drives:" - echo -e "\t$drive1 \t$drivesize1 MB" - echo -e "\t$drive2 \t$drivesize2 MB" - - echo -n "Would you like to configure RAID-1 mirroring on them? (Yes/No) [Yes]:" - response=$(get_response "Yes" "Yes No Y N") - if [ "$response" == "no" ] || [ "$response" == "n" ]; then - echo "Ok. Not configuring RAID-1." - return - fi - - if [ $drivesize1 -ne $drivesize2 ]; then - echo "Since the disks are not the same size, we will use the smaller" - echo "of the two sizes in configuring the RAID-1 set. This will" - echo "waste some space on the larger drive." - echo "" - fi - - # Configure RAID-1 - echo "This process will erase all data on both drives." - echo -n "Are you sure you want to do this? (Yes/No) [No]: " - response=$(get_response "Yes" "Yes No Y N") - if [ "$response" == "no" ] || [ "$response" == "n" ]; then - echo "Ok. Not configuring RAID-1." - return - fi - - for drive in $drives - do - echo "Deleting old partitions on drive $drive" - # remove any existing partitions on that drive - delete_partitions "$drive" - done - - # Need to leave space on both disks between the MBR and the start - # of the first partition for grub. Grub needs to embed a large - # boot image there when booting off RAID devices. - # - # Partition creation variables are in units of megabytes. - part_start_offset=2 - part_diag_size=60 - - if [ $drivesize1 -lt $drivesize2 ]; then - root_size=$drivesize1 - else - root_size=$drivesize2 - fi - - let min_size_with_diag=${MIN_ROOT}+${part_diag_size} - if [ $root_size -ge $min_size_with_diag ]; then - echo "Would you like me to create a $part_diag_size MB partition for diagnostics?" - echo -n "(Yes/No) [No]: " - diag_response=$(get_response "No" "Yes No Y N") - if [ "$diag_response" == "yes" ] || [ "$diag_response" == "y" ]; then - for drive in $drives - do - echo "Creating diag partition on drive $drive" - create_partitions "$drive" $part_diag_size $part_start_offset "no" - sfdisk --change-id /dev/$drive 1 0x6 - done - data_dev=2 - let part_start_offset+=$part_diag_size - else - data_dev=1 - fi - fi - - let root_size-=$part_start_offset - - for drive in $drives - do - echo "Creating data partition: /dev/${drive}${data_dev}" - create_partitions "$drive" $root_size $part_start_offset "no" - sfdisk --change-id /dev/$drive $data_dev 0xfd - # mark data partition as bootable - echo "Marking /dev/$drive partition $data_dev bootable" >> $INSTALL_LOG - parted -s /dev/$drive set $data_dev boot on >> $INSTALL_LOG 2>&1 - done - - # Must give partition device time to settle - sleep 5 - echo - - for drive in $drives - do - echo "Erasing any previous RAID metadata that may exist on /dev/${drive}${data_dev}" - mdadm --zero-superblock /dev/${drive}${data_dev} - done - - echo "Creating RAID-1 group on partitions: /dev/${drive1}${data_dev} /dev/${drive2}${data_dev}" - - raid_dev=md0 - mdadm --create /dev/$raid_dev --level=1 --raid-disks=2 --metadata=0.90 /dev/${drive1}${data_dev} /dev/${drive2}${data_dev} - - if [ $? = 0 -a -e /dev/$raid_dev ]; then - echo "RAID-1 group created successfully:" - cat /proc/mdstat | grep --after-context 2 ^$raid_dev | sed -e 's/^/\t/' - else - echo "Unable to create RAID-1 group!" - return - fi - - INSTALL_DRIVE=$raid_dev - ROOT_PARTITION=$INSTALL_DRIVE - - # Give device time to settle... - sleep 5 - - # create the filesystem on the part - make_filesystem "$ROOT_PARTITION" - - INSTALL_METHOD=RAID -} - - -# Takes an argument to display text before choice -# Sets INSTALL_DRIVE. Note that select_drive should be wrapped -# in the verification loop, not the included get_response. -select_drive () { - # list the drives in /proc/partitions. Remove partitions and empty lines. - # the first grep pattern looks for devices named c0d0, hda, and sda. - drives=$(cat /proc/partitions | \ - awk '{ if ($4!="name") { print $4 } }' | \ - egrep "c[0-9]d[0-9]$|[hsv]d[a-z]$" | \ - egrep -v "^$") - - # take the first drive as the default - INSTALL_DRIVE=$(echo $drives | /usr/bin/awk '{ print $1 }') - - # Add the drive sizes to the display to help the user decide - display='' - for drive in $drives - do - size=$(get_drive_size $drive) - display="$display $drive\t$size"MB"\n" - done - - while true - do - # Display the drives and ask the user which one to install to - echo -e "$display" - echo - echo -n "$1 [$INSTALL_DRIVE]:" - response=$(get_response "$INSTALL_DRIVE" "$drives") && break - done - INSTALL_DRIVE="$response" - - echo -} - -# Allow the user to select a partition to work with -# sets the global PARTITION -# $1 is the text to display before prompt -select_partition () { - minsize=$1 - text=$2 - exclude=$3 - - echo -n "Looking for appropriate partitions: " - progress_indicator start - - # initialize out global var. using globals in this way is bad form. I know. - PARTITION='' - - # list only the partitions in /proc/partitions. - parts=$(cat /proc/partitions | awk '{ if ($4!="name") { print $4 " "} }' | egrep "[0-9]" | egrep -v "loop" | tr -d '\n') - - # remove any partitions we have already previously used - if [ -n "$exclude" ]; then - for part in $parts; - do - temp=$(echo $part | egrep -v $exclude) - parts_temp="$parts_temp $temp" - done - parts=$parts_temp - fi - - # Get the partition sizes for display - # only show linux partitions that have sizes, i.e. remove loops - display='' - myparts='' - for part in $parts - do - if [ ${part:0:2} = "md" ]; then - parttype="RAID" - else - rootdev=$(echo $part | sed 's/[0-9]//g') - parttype=$(fdisk -l /dev/$rootdev | grep $part | grep Linux) - fi - if [ -n "$parttype" ]; then - lsize=$(get_drive_size $part) - if [ "$lsize" -a $lsize -ge $minsize ]; then - display="$display $part\t\t$lsize"MB"\n" - myparts="$myparts $part" - fi - fi - done - - progress_indicator stop - echo "OK" - - if [ -n "$myparts" ]; then - lpartition='' - while [ -z "$lpartition" ] - do - # take the first partition as the default - lpartition=$(echo $myparts | /usr/bin/awk '{ print $1 }') - - echo "I found the following partitions suitable for the Vyatta image:" - echo -e "Partition\tSize" - echo -e "$display" - echo - echo -n "$text [$lpartition]: " - - lpartition=$(get_response "$lpartition" "$myparts") - echo - done - else - echo "No suitable partition sizes found. Exiting..." | tee $INSTALL_LOG - exit 1 - fi - PARTITION=$lpartition -} - -rename_old_config() { - files=$(find /mnt/config -mindepth 1 -type f | grep -v pre-glendale) - for f in $files; do - if grep -q '/\*XORP Configuration File, v1.0\*/' $f >&/dev/null; then - CURTIME=$(date +%F-%H%M%S) - mv $f $f.pre-glendale.$CURTIME - fi - done -} - -# copy old config file from /mnt/tmp -save_old_config() { - local response='' - while [ -z "$response" ] - do - echo "/dev/$lpart has an old configuration directory!" - echo -ne "Would you like me to save the data on it\nbefore I delete it? (Yes/No) [Yes]: " - response=$(get_response "Yes" "Yes No Y N") - done - - if [ "$response" == "yes" ] || [ "$response" == "y" ]; then - mkdir -p /mnt/config - if [ -d /mnt/tmp/opt/vyatta/etc/config ]; then - output=$(cp -pR /mnt/tmp/opt/vyatta/etc/config/* /mnt/config) - else - output=$(cp -pR /mnt/tmp/* /mnt/config) - fi - if [ -n "$output" ]; then - echo -e "Warning: error in copying the old config partition.\nSee $INSTALL_LOG for more details." - echo -e "Warning: error in copying the old config partition.\ncp -pR /mnt/tmp/* /mnt/config\n$output\n" >> $INSTALL_LOG - fi - rename_old_config - fi -} - -save_old_keys() { - local response='' - - while [ -z "$response" ] - do - echo "/dev/$lpart has SSH host keys" - echo -ne "Would you like me to keep SSH keys on new install? (Yes/No) [Yes]: " - response=$(get_response "Yes" "Yes No Y N") - done - - if [ "$response" == "yes" ] || [ "$response" == "y" ]; then - mkdir -p /mnt/ssh - output=$(cp -p /mnt/tmp/etc/ssh/ssh_host_* /mnt/ssh) - - if [ -n "$output" ]; then - echo -e "Warning: error in copying the old ssh keys." - echo -e "See $INSTALL_LOG for more details." - echo "Warning: error in copying the old ssh keys." >> $INSTALL_LOG - echo "cp -pR /mnt/tmp/etc/ssh/ssh_host_* /mnt/ssh" >> $INSTALL_LOG - echo "$output\n">> $INSTALL_LOG - fi - fi -} - -save_image_config() { - image_name=$1 - - # Cleanup from possible partial last run - rm -fr /mnt/config - mkdir /mnt/config - - output=$(cp -pR /mnt/tmp/boot/$image_name/live-rw/config/* /mnt/config) - - if [ -n "$output" ]; then - echo -e "Warning: error in copying the old config partition.\nSee $INSTALL_LOG for more details." - echo "Warning: error in copying the old config partition.\ncp -pR /mnt/tmp/* /mnt/config\n$output\n" - fi - rename_old_config -} - -save_image_keys() { - image_name=$1 - - if [ ! -d /mnt/tmp/boot/$image_name/live-rw/etc/ssh ]; then - echo "No SSH keys found on $image_name, so none can be saved." - return; - fi - - echo -n "Would you like to save SSH keys from $image_name too? (Yes/No) [Yes] " - - response=$(get_response "Yes" "Yes No Y N") - if [ "$response" != "yes" ] && [ "$response" != "y" ]; then - echo "OK. SSH keys not saved." - return - fi - - mkdir -p /mnt/ssh - output=$(cp -p /mnt/tmp/boot/$image_name/live-rw/etc/ssh/ssh_host_* /mnt/ssh) - - if [ -n "$output" ]; then - echo -e "Warning: error in copying the old ssh keys." - echo -e "See $INSTALL_LOG for more details." - echo "Warning: error in copying the old ssh keys." >> $INSTALL_LOG - echo "cp -pR /mnt/tmp/etc/ssh/ssh_host_* /mnt/ssh" >> $INSTALL_LOG - echo "$output\n">> $INSTALL_LOG - return - fi - - # reset modes on keys (should already be set) - chmod 600 /mnt/ssh/*_key 2>&1 - chmod 644 /mnt/ssh/*.pub 2>&1 - - echo "SSH keys have been saved." -} - - - -## check_config_partition -# look to see if this partition contains a config file -# and back it up -check_config_partition() { - lpart=$1 - copied=0 - - # Cleanup from possible partial last run - rm -fr /mnt/config - - # Look to see if this is a config partition - mkdir -p /mnt/tmp - output=$(mount -r /dev/$lpart /mnt/tmp 2>&1) - if [ $? != 0 ]; then - echo -e "Cannot mount /dev/$lpart"."\nmount /dev/$ldrive$part /mnt/tmp\nExiting..." >> $INSTALL_LOG - echo "$output" >> $INSTALL_LOG - return - fi - - # Look to see if there is a config partition there - if [ -f /mnt/tmp/opt/vyatta/etc/config/.vyatta_config ] || - [ -f /mnt/tmp/.vyatta_config ]; then - save_old_config - copied=1 - fi - - # Look to see if there are SSH host keys - if [ -d /mnt/tmp/etc/ssh ]; then - save_old_keys - copied=1 - fi - - if [ $copied -eq 0 ]; then - # Check for images - images=() - image_dirs=/mnt/tmp/boot/* - - for dir in $image_dirs; do - if [ -f $dir/live-rw/config/.vyatta_config ]; then - item=${dir##/mnt/tmp/boot/} - images=($item ${images[@]}) - fi - done - - num_images=${#images[@]} - - if [ $num_images -gt 0 ]; then - echo "I found the following installed system image(s) with config files on $part:" - for (( i = 0; i < $num_images; i++ )); do - echo " $((i + 1)): ${images[$i]}" - done - - if [ $num_images -eq 1 ]; then - echo -n "Would you like to save config information from it? (Yes/No) [Yes] " - else - echo -n "Would you like to save config information from one? (Yes/No) [Yes] " - fi - - response=$(get_response "Yes" "Yes No Y N") - if [ "$response" != "yes" ] && [ "$response" != "y" ]; then - echo "OK. Config information not saved." - umount /mnt/tmp - return - fi - - if [ $num_images -gt 1 ]; then - image_index=-1 - while [ $image_index -lt 0 -o $image_index -ge $num_images ]; do - echo -n "Which image would you like to use? (1 .. $num_images): " - read num - image_index=$((num - 1)) - done - else - image_index=0 - fi - - image_name=${images[$image_index]} - echo "Saving config information from image $image_name." - save_image_config $image_name - echo "Done." - save_image_keys $image_name - fi - fi - umount /mnt/tmp -} - -# Delete all existing partitions for an automated install -# $1 is the drive to delete partitions from -delete_partitions () { - ldrive=$1 - - # get the partitions on the drive - # in the first grep below we add the optional [p] in order to accomdate cciss drives - partitions=$(cat /proc/partitions | grep $ldrive[p]*[0-9] | awk '{ print $4 }' | sed 's/\(.*\)\([0-9]$\)/\2/g' | grep -v "^$") - - # now for each part, blow it away - for part in $partitions - do - # Look to see if this is a config partition - check_config_partition "$ldrive$part" - - echo "Removing partition $part on /dev/$ldrive" >> $INSTALL_LOG - output=$(parted -s /dev/$ldrive rm $part) - status=$? - if [ "$status" != 0 ]; then - echo -e "Warning: cannot delete partition $part on $ldrive.\nPlease see $INSTALL_LOG for more details." - echo -e "Warning: cannot delete partition $part on $ldrive.\nparted /dev/$ldrive rm $part\n$output" >> $INSTALL_LOG - fi - - # We add a bogus sleep here because the loop needs to wait for udev - sleep 5 - done -} - -# make a filesystem on the drive -# $1 is the drive to format -make_filesystem () { - ldrive=$1 - - echo -n "Creating filesystem on /dev/$ldrive: " - echo "Creating filesystem on /dev/$ldrive..." >> $INSTALL_LOG - - progress_indicator start - output=$(mkfs -t $ROOT_FSTYPE /dev/$ldrive 2>&1) - status=$? - if [ "$status" != 0 ]; then - echo -e "Error: couldn't create the root filesystem.\nSee $INSTALL_LOG for further details.\nExiting..." - echo -e "Error: couldn't create the root filesystem.\n/sbin/mke2fs -j /dev/$ldrive\n$output" - exit 1 - fi - progress_indicator stop - echo "OK" -} - -# create the root partition -# $1 is the install drive e.g. sda -# $2 is the partition size e.g. 512 -# This will set the global ROOT_PARTITION -create_partitions() { - ldrive=$1 - root_part_size=$2 - start_offset=$3 - initialize_fs=$4 - - # Make sure there is enough space on drive - size=$(get_drive_size "$ldrive") - if [ "$root_part_size" -gt "$size" ]; then - echo "Error: $ldrive is only $size"MB" large. Desired root is $root_part_size" - exit 1 - fi - - # Make sure you can print disk info using parted - parted --script /dev/$ldrive p >/dev/null 2>&1 - - # If unable to read disk, it's likely it needs a disklabel - if [ "$?" != "0" ]; then - echo "Creating a new disklabel on $ldrive" - echo "parted /dev/$ldrive mklabel msdos" - output=$(parted -s /dev/$ldrive mklabel msdos) - - parted --script /dev/$ldrive p >/dev/null 2>&1 - if [ "$?" != "0" ]; then - echo "Unable to read disk label. Exiting." - exit 1 - fi - fi - - echo "Creating root partition on /dev/$ldrive" >> $INSTALL_LOG - - # make the root partition - # align at optimal block boundary - output=$(parted -s /dev/$ldrive mkpart primary $start_offset $root_part_size) - status=$? - if [ "$status" != 0 ]; then - echo -e "Error creating primary partition on $ldrive.\nPlease see $INSTALL_LOG for more details.\nExiting..." - echo -e "Error creating primary partition on $ldrive.\nparted /dev/$ldrive mkpart primary $start_offset $root_part_size\n$output" >> $INSTALL_LOG - exit 1 - fi - - # set the partition number on the device. - if [ -n "$( echo $ldrive | grep -E "cciss|ida" )" ]; then - # if this is a cciss - ROOT_PARTITION=$ldrive"p1" - else - # else... the rest of the world - ROOT_PARTITION=$ldrive"1" - fi - # udev takes time to re-add the device file, so wait for it - while [ ! -b "/dev/$ROOT_PARTITION" ] - do - sleep 1 - done - - if [ "$initialize_fs" = "yes" ]; then - # make the root and config file systems. - make_filesystem "$ROOT_PARTITION" - fi -} - -# Copy directory with pretty progress bar -copy_filesystem() { - cp -r -v --preserve=all "$@" | awk '{ - ++files - if ((files % 100) == 0) { - percent = files / total_files * 100 - printf "%3d%% [", percent - for (i=0;i<percent; i+=2) - printf "=" - printf ">" - for (;i<100;i+=2) - printf " " - printf "]\r" - fflush() - } - }' total_files=$(find "$@" | wc -l) -} - -# Install the root filesystem -# $1 is the partition to install on -install_root_filesystem () { - ldrive=$1 - version=`dpkg-query --showformat='${Version}' --show vyatta-version` - - dpkg="/usr/bin/dpkg --force-all --root=$rootfsdir" - echo "Mounting /dev/$ldrive " - echo "Mounting /dev/$ldrive..." >> $INSTALL_LOG - - # make the mount point - output=$(/bin/mkdir -p $rootfsdir) - - # mount the partition - output=$(mount /dev/$ldrive $rootfsdir) - status=$? - - if [ "$status" != 0 ]; then - echo -e "Error trying to mount the new root partition.\nPlease see $INSTALL_LOG for details.\nExiting..." - echo -e "Error trying to mount the new root partition.\nmount /dev/$ldrive $rootfsdir\n$output" >> $INSTALL_LOG - exit 1 - fi - - if [ -z "$UNION" ]; then - echo "Copying system files to /dev/$ROOT_PARTITION: " - # Mount the squashfs for copying - output=$(mkdir -p /mnt/squashfs) - if [ -f /live/image/live/filesystem.squashfs ]; then - output=$(mount /live/image/live/filesystem.squashfs /mnt/squashfs -t squashfs -o loop) - status=$? - elif [ -f /live/image/boot/$version/$version.squashfs ]; then - output=$(mount /live/image/boot/$version/$version.squashfs /mnt/squashfs -t squashfs -o loop) - status=$? - else - echo -e "Error: Unable to find a squash image. To install natively\nthe install media must be a livecd or a union install.\nExiting...\n\n" - echo -e "Error: Unable to find a squash image. To install natively\nthe install media must be a livecd or a union install.\nExiting...\n\n" >> $INSTALL_LOG - exit 1 - fi - - if [ "$status" != 0 ]; then - echo -e "Error trying to mount the squashfs.\nPlease see install log for more details.\nExiting..." - echo -e "Error trying to mount the squashfs.\nmount /live/image/live/filesystem.squashfs /mnt/squashfs -t squashfs -o loop\n$output" >> $INSTALL_LOG - exit 1 - fi - - echo "Copying /mnt/squashfs/* to $rootfsddir" >>$INSTALL_LOG - copy_filesystem /mnt/squashfs/* $rootfsdir 2>>$INSTALL_LOG - status=$? - echo - - if [ "$status" != 0 ]; then - echo -e "Error trying to copy the rootfs.\nPlease see install log for more details.\nExiting..." - exit 1 - fi - - # unmount the squashfs. No big deal if it fails. - output=$(umount /mnt/squashfs) - - # create the fstab - local rootdev="/dev/$ROOT_PARTITION"; - uuid=$(dumpe2fs -h $rootdev 2>/dev/null | awk '/^Filesystem UUID/ {print $3}') - if [ -z "$uuid" ] - then - echo "Unable to read filesystem UUID. Exiting." - exit 1 - else - if [ "$MANUF" = "Xen" ]; then - #disable barriers explicitly (just incase) - echo -e "UUID=$uuid\t/\t$ROOT_FSTYPE\tnoatime,nobarrier\t0 1" >> $rootfsdir/etc/fstab - else - echo -e "UUID=$uuid\t/\t$ROOT_FSTYPE\tnoatime\t0 1" >> $rootfsdir/etc/fstab - fi - fi - - #setup the hostname file - cp /etc/hostname $rootfsdir/etc/ - cp /etc/hosts $rootfsdir/etc/ - - progress_indicator stop - echo "OK" - else - # UNION install - mkdir -p $rootfsdir/boot/$version - ## make dir for backing store - mkdir -p $rootfsdir/boot/$version/live-rw - if [ -f /live/image/live/filesystem.squashfs ]; then - echo Copying squashfs image... - cp /live/image/live/filesystem.squashfs $rootfsdir/boot/$version/$version.squashfs - echo Copying kernel and initrd images... - cp -a /boot/* $rootfsdir/boot/$version/ - else - echo Copying image files... - cp -ar /live/image/boot/$version $rootfsdir/boot/ - fi - fi -} - -# copy the configuration to the config partition -# $1 is the config partition device -copy_config () { - config_partition=$1 - lerror='' - config_default=$vyatta_sysconfdir/config.boot.default - tmp_config_default=/tmp/${vyatta_sysconfdir//\//__} - - # create the config directory on the union file system - mkdir -p $rootfsdir$ofrconfdir - - # create the proper perms on the new config partition - chgrp vyattacfg $rootfsdir$ofrconfdir - chmod 775 $rootfsdir$ofrconfdir - - # create our config partition marker - touch $rootfsdir$ofrconfdir/.vyatta_config - - if [ -d /mnt/config ]; then - echo "Copying old configurations to config partition." - cp -pR /mnt/config/* $rootfsdir$ofrconfdir - else - # Find the config files and give the user the option to copy config files - # TODO: this needs cleaned up - if [ -f $ofrconfdir/config.boot ]; then - config=$ofrconfdir/config.boot - fi - if [ -f $fdconfdir/config.boot ]; then - if [ -z "$config" ]; then - config="$fdconfdir/config.boot" - else - config="$config $fdconfdir/config.boot" - fi - fi - - if [ -n "$config" ]; then - echo "I found the following configuration files" - for file in $config - do - echo $file - done - - default=$(echo -e $config | awk '{ print $1 }') - - while [ -z "$configfile" ] - do - echo -n "Which one should I copy to $INSTALL_DRIVE? [$default]: " - configfile=$(get_response "$default" "$config") - done - - echo - output=$(cp $configfile $rootfsdir$ofrconfdir) - if [ -n "$output" ]; then - echo "Error copying file $configfile to config directory. Exiting..." >> $INSTALL_LOG - exit 1 - fi - fi - fi - - # set the permissions on the new config file - if [ -f $rootfsdir$ofrconfdir/config.boot ]; then - chgrp vyattacfg $rootfsdir$ofrconfdir/config.boot - chmod 775 $rootfsdir$ofrconfdir/config.boot - fi -} - -# copy the saved ssh host key to the new install -copy_sshkeys() { - if [ -d /mnt/ssh ]; then - echo "Copying SSH keys." - cp -p /mnt/ssh/* $rootfsdir/etc/ssh - fi -} - -set_encrypted_password() { - sed -i \ - -e "/ user $1 {/,/}/s/encrypted-password.*\$/encrypted-password \"$2\"/" $3 -} - -change_password() { - local user=$1 - local pwd1="1" - local pwd2="2" - - until [[ "$pwd1" == "$pwd2" ]] - do - read -p "Enter password for user '$user': " -r -s pwd1 <>/dev/tty 2>&0 - echo - if [[ "$pwd1" == "" ]]; then - echo "'' is not a valid password" - continue - fi - read -p "Retype password for user '$user':" -r -s pwd2 <>/dev/tty 2>&0 - echo - - if [ "$pwd1" != "$pwd2" ] - then - echo "Passwords do not match" - fi - done - - # escape any slashes in resulting password - local epwd=$(mkpasswd -H md5 "$pwd1" | sed 's:/:\\/:g') - set_encrypted_password $user $epwd $rootfsdir$ofrconfdir/config.boot -} - -# setup grub on the boot sector of a user queried drive -install_grub () { - # we now use INSTALL_DRIVE to reference the grub boot drive. - # that way I can re-use select_drive. I'm lazy that way. - - if [ ${INSTALL_DRIVE:0:2} != "md" ]; then - INSTALL_DRIVE='' - fi - - mkdir -p $rootfsdir/boot/grub - # Let the user choose the boot sector - - while [ -z "$INSTALL_DRIVE" ] - do - echo "I need to install the GRUB boot loader." - echo "I found the following drives on your system:" - select_drive "Which drive should GRUB modify the boot partition on?" - done - - echo -n "Setting up grub: " - echo "Setting up grub..." >> $INSTALL_LOG - - # Install grub in the boot sector of the primary drive - progress_indicator start - grub-install --no-floppy --recheck --root-directory=$rootfsdir /dev/$INSTALL_DRIVE >>$INSTALL_LOG 2>&1 - progress_indicator stop - - # Check if using aufs - if grep -q aufs /proc/filesystems - then - if [ -z "$grub_options" ] - then - grub_options="union=aufs" - else - grub_options="$grub_options union=aufs" - fi - fi - - version=`dpkg-query --showformat='${Version}' --show vyatta-version` - - # if union install tell vyatta-grub-setup - if [ -n "$UNION" ]; then - grub_args="-u $version" - else - grub_args="-v $version" - fi - - if /opt/vyatta/sbin/vyatta-grub-setup $grub_args "$ROOT_PARTITION" "$grub_options" /mnt/rootfs >>$INSTALL_LOG - then - echo "OK" - else - echo Grub failed to install! - exit 1 - fi -} - -# ask for user input on the parted and skip setup methods -# $1 is whether or not to run parted -# sets globals INSTALL_DRIVE, ROOT_PARTITION, CONFIG_PARTITION -setup_method_manual() { - parted=$1 - - echo "The VyOS install needs a minimum ${ROOT_MIN}MB root" - echo "with partiton type 83 (Linux)." - echo -e "\n\n" - - # if this is parted, let the user create the partitions - if [ "$INSTALL_METHOD" == "parted" ] || [ "$INSTALL_METHOD" == "p" ]; then - while [ -z "$INSTALL_DRIVE" ] - do - # TODO: right now we only run parted on a single drive - echo -e "\nI found the following drives on your system:" - select_drive "Which drive would you like to run parted on?" - - done - - # Unmount the install drive if it is mounted - unmount "$INSTALL_DRIVE" - - # Run parted and let the user configure - parted /dev/$INSTALL_DRIVE - fi - - # Ask for the root partition and make sure it's valid - while [ -z "$ROOT_PARTITION" ] - do - select_partition 500 "Which partition should I install the root on?" - # Note that PARTITION is defined in select partition - ROOT_PARTITION=$PARTITION - unmount "$ROOT_PARTITION" - vd=$(grep $ROOT_PARTITION /proc/partitions | awk '{ print $4 }') - - if [ -z "$vd" ]; then - echo - echo "$ROOT_PARTITION is an invalid partition. Please try again." - ROOT_PARTITION="" - fi - done - - # check for an old config on the partition - check_config_partition "$ROOT_PARTITION" - - # create the filesystem on the part - make_filesystem "$ROOT_PARTITION" - - # We need to set the INSTALL_DRIVE if it wasn't set when the user ran parted - # We assume that we will use the boot sector of the same drive that the - # partition is on. - # TODO: Allow different drives to function as the boot device - if [ -z "$INSTALL_DRIVE" ]; then - if [ ${ROOT_PARTITION:0:2} = "md" ]; then - INSTALL_DRIVE=$ROOT_PARTITION - else - INSTALL_DRIVE=$(echo $ROOT_PARTITION | sed 's/[0-9]//g') - fi - fi -} - -# Walk the user through the auto setup method -# sets globals INSTALL_DRIVE, ROOT_PARTITION, CONFIG_PARTITION -setup_method_auto() { - while [ -z "$INSTALL_DRIVE" ] - do - echo "I found the following drives on your system:" - select_drive "Install the image on?" - - # check to make sure the drive is large enough to hold the image - if [ -n "$INSTALL_DRIVE" ]; then - lsize=$(get_drive_size "$INSTALL_DRIVE") - total=$ROOT_MIN - if [ "$total" -gt "$lsize" ]; then - echo "Unfortunately, VyOS requires a total of at least $total"MB" to properly install." - echo "$INSTALL_DRIVE is below the minimum required capacity and therefore, cannot be used to" - echo -e "complete the installation.\n" - echo "If other drives are present" - echo -e "Please select another drive...\n" - - INSTALL_DRIVE='' - fi - fi - done - - warn_of_dire_consequences - - echo - - # make sure we aren't working on a mounted part - unmount "$INSTALL_DRIVE" - - # remove any existing partitions on that drive - delete_partitions "$INSTALL_DRIVE" - - # Enforce minimum partion size requirement. - ROOT_PARTITION_SIZE=0 - while [ $ROOT_MIN -gt $ROOT_PARTITION_SIZE ]; do - # Get the size of the drive - size=$(get_drive_size $INSTALL_DRIVE) - - # If drive is big, leave more space 512K bytes (1024 sectors) - # this is better for SSD - if (( $size > 10000 )); then - ROOT_OFFSET="1024S" - fi - - echo -n "How big of a root partition should I create? ($ROOT_MIN"MB" - $size"MB") [$size]MB: " - response=$(get_response "$size") - # TODO: need to have better error checking on this value - ROOT_PARTITION_SIZE=$(echo "$response" | sed 's/[^0-9]//g') - if [ $ROOT_PARTITION_SIZE -lt $ROOT_MIN ] || [ $ROOT_PARTITION_SIZE -gt $size ]; then - echo "Root partion must be between $ROOT_MIN"MB" and $size"MB"" - echo - ROOT_PARTITION_SIZE=0 - fi - done - - echo - - # now take the data and create the partitions - create_partitions "$INSTALL_DRIVE" "$ROOT_PARTITION_SIZE" "$ROOT_OFFSET" "yes" - # mark data partition as bootable - echo "Marking /dev/$INSTALL_DRIVE partition 1 as bootable" >> $INSTALL_LOG - parted -s /dev/$INSTALL_DRIVE set 1 boot on >> $INSTALL_LOG 2>&1 - # Must give partition device time to settle - sleep 5 -} - -# walk the user through a union setup -# sets globals INSTALL_DRIVE, ROOT_PARTITION, CONFIG_PARTITION -setup_method_union() { - UNION=1 - - echo "A union install requires an image partition of at least 250mbs." - echo "If you want to accomodate more than one image on the partition," - echo "it should be larger. Each image is roughly 200mbs. This " - echo "partition will be the bootable partition for this machine." - echo - - # Ask for the image partition and make sure it's valid - while [ -z "$ROOT_PARTITION" ] - do - select_partition 250 "Which partition should I install the images on?" - # Note that PARTITION is defined in select partition - ROOT_PARTITION=$PARTITION - unmount "$ROOT_PARTITION" - vd=$(grep $ROOT_PARTITION /proc/partitions | awk '{ print $4 }') - - if [ -z "$vd" ]; then - echo - echo "$ROOT_PARTITION is an invalid partition. Please try again." - ROOT_PARTITION="" - fi - done - - echo Creating filesystem on $ROOT_PARTITION - make_filesystem $ROOT_PARTITION - - echo - echo "An optional writable persistent root partition may also" - echo "be created. This partition will allow you to store " - echo "files between reboots and upgrade packages." - echo - echo -n "Would you like to create a persistent root partition? (Yes/No) [Yes]: " - response=$(get_response "Yes" "Yes No Y N") - if [ "$response" == "yes" ] || [ "$response" == "y" ]; then - echo "The persistent root partition should be a minimum of 50mbs" - echo "for log files. If you plan on adding any other software or" - echo "upgrading it, the root partition should be large enough to" - echo "accomodate those packages" - - # Ask for the union partition and make sure it's valid - while [ -z "$UNION_PARTITION" ] - do - select_partition 50 "Which partition should I install the binary images on?" "$ROOT_PARTITION" - # Note that PARTITION is defined in select partition - UNION_PARTITION=$PARTITION - unmount "$UNION_PARTITION" - vd=$(grep $UNION_PARTITION /proc/partitions | awk '{ print $4 }') - - if [ -z "$vd" ]; then - echo - echo "$UNION_PARTITION is an invalid partition. Please try again." - UNION_PARTITION="" - fi - done - - echo Creating filesystems on $ROOT_PARTITION - make_filesystem $UNION_PARTITION - - echo Labeling $UNION_PARTITION - e2label /dev/$UNION_PARTITION live-rw - fi -} - -unmount () { - # grab the list of mounted drives - # make sure to reverse sort so as to unmount up the tree - mounted=$(mount | grep "$1" | cut -f3 -d' ' | sort -r) - if [ -n "$mounted" ]; then - echo "I need to unmount: " - echo "$mounted" - - response='' - while [ -z "$response" ] - do - echo -n "Continue (Yes/No) [No]: " - response=$(get_response "No" "Yes No Y N") - if [ "$response" == "no" ] || [ "$response" == "n" ]; then - echo -e "Ok then. Need to unmount to continue.\nExiting..." - exit 1 - fi - done - - for parts in "$mounted" - do - echo "umount $parts" >> $INSTALL_LOG - output=$(umount $parts) - status=$? - if [ "$status" != 0 ]; then - echo -e "Exiting: error unmounting $parts.\nPlease see $INSTALL_LOG for more details." - echo -e "Exiting: error unmounting $parts.\numount $parts\n$output" >> $INSTALL_LOG - exit 1 - fi - done - fi -} - -setup_xen_partition_images () { - if [ -d "$rootfsdir/var/xen/" ]; then - echo Setting up Xen virtual machine images - compressed_images=$(ls $rootfsdir/var/xen/*.img.gz 2> /dev/null) - if [ -n "$compressed_images" ]; then - for cmp_img in $compressed_images; do - # uncompress the image - uncmp_img=$(echo $cmp_img | sed s'/.gz$//') - if [ ! -f "$uncmp_img" ]; then - echo decompressing $cmp_img - gzip -dc $cmp_img > $uncmp_img - fi - done - fi - echo - fi -} - -setup_xen_extras () { - echo "Setting up config files for Xen..." - # Set up /boot/grub/menu.lst for use by pygrub - grubfile=$rootfsdir/boot/grub/menu.lst - echo "timeout 5" >> $grubfile - echo "" >> $grubfile - echo "title vyos-virt" >> $grubfile - echo "root (hd0,0)" >> $grubfile - echo "kernel /boot/vmlinuz root=/dev/xvda1 ro console=hvc0" >> $grubfile - echo "initrd /boot/initrd.img" >> $grubfile - - # Add /proc/xen entry to fstab - echo "xenfs /proc/xen xenfs defaults 0 0" >> $rootfsdir/etc/fstab - - # Comment out serial port entry and add Xen console entry to inittab. - inittab=$rootfsdir/etc/inittab - sed -i -e 's/^T0/#T0/' $inittab - echo "" >> $inittab - echo "h0:12345:respawn:/sbin/getty 38400 hvc0" >> $inittab -} - -check_for_xen_extras () { - prod=`/usr/sbin/dmidecode -s system-product-name` - if [ "$MANUF" = "Xen" -a "$prod" = "HVM domU" ]; then - echo "You are installing to a $MANUF $prod virtual machine." - echo "Would you like to set up config files to prepare for the" - echo -n "conversion to PV domU? [No]: " - response=$(get_response "No" "Yes No Y N") - if [ "$response" == "yes" ] || [ "$response" == "y" ]; then - setup_xen_extras - fi - fi -} - -progress_indicator () { - case "$1" in - start) $vyatta_bindir/progress-indicator $SPID & - ;; - *) - if ! rm /tmp/pi.$SPID 2>/dev/null - then - sleep 1 - rm /tmp/pi.$SPID 2>/dev/null - fi - - sleep 1 - echo -n -e "\b" - ;; - esac -} - -##### Main -## -# turn off any mounted swap files -turnoffswap - -# Print welcome and instructions. -echo "Welcome to the VyOS install program. This script" -echo "will walk you through the process of installing the" -echo "VyOS image to a local hard drive." -echo - -response='' -while [ -z "$response" ] -do - echo -n "Would you like to continue? (Yes/No) [Yes]: " - response=$(get_response "Yes" "Yes No Y N") - if [ "$response" == "no" ] || [ "$response" == "n" ]; then - echo "Ok then. Exiting..." - exit 1 - fi -done - -# some drives don't show up in /proc/partitions so we need to bootstrap them -echo -n "Probing drives: " -progress_indicator start -probe_drives -progress_indicator stop -echo "OK" - -INSTALL_METHOD='' -check_for_old_raid -if [ -z "$INSTALL_METHOD" ]; then - check_for_new_raid -fi - -if [ -z "$INSTALL_METHOD" ]; then - echo "The VyOS image will require a minimum ${ROOT_MIN}MB root." - echo "Would you like me to try to partition a drive automatically" - echo "or would you rather partition it manually with parted? If" - echo "you have already setup your partitions, you may skip this step." - echo - - while [ -z "$INSTALL_METHOD" ] - do - echo -n "Partition (Auto/Union/Parted/Skip) [Auto]: " - INSTALL_METHOD=$(get_response "Auto" "Auto Parted Skip Union A P S U") - done - - echo -fi - -# Unless doing union install, must be from live cd -if [ $INSTALL_METHOD != "union" -a $INSTALL_METHOD != "u" ] && - [ -w /live/image -o ! -d /live/image ] -then - echo "install-system can only be run from livecd" - echo "(except if doing union install)" - exit 1 -fi - -# TODO: Note installs assume an LBA BIOS. So no boot partition currently. -# also note that we are not creating a swap partition right now. -if [ "$INSTALL_METHOD" == "parted" ] || [ "$INSTALL_METHOD" == "p" ]; then - setup_method_manual "parted" -elif [ "$INSTALL_METHOD" == "skip" ] || [ "$INSTALL_METHOD" == "s" ]; then - setup_method_manual "skip" -elif [ "$INSTALL_METHOD" == "auto" ] || [ "$INSTALL_METHOD" == "a" ]; then - setup_method_auto -elif [ "$INSTALL_METHOD" == "union" ] || [ "$INSTALL_METHOD" == "u" ]; then - echo "A union install requires an image partition of at least 250mbs." - echo "If you want to accomodate more than one image on the partition," - echo "it should be larger. Each image is roughly 200mbs. This " - echo "partition will be the bootable partition for this machine." - echo - - UNION=1 - setup_method_auto -elif [ "$INSTALL_METHOD" == "vyatta" ]; then - echo "Automated install..." - echo "unmounting $INSTALL_DRIVE" - unmount "$INSTALL_DRIVE" - echo "deleting partitions on $INSTALL_DRIVE" - delete_partitions "$INSTALL_DRIVE" - echo "creating config partition" - create_partitions "$INSTALL_DRIVE" "$ROOT_PARTITION_SIZE" "$ROOT_OFFSET" "yes" - # mark data partition as bootable - echo "Marking /dev/$INSTALL_DRIVE partition 1 as bootable" >> $INSTALL_LOG - parted -s /dev/$INSTALL_DRIVE set 1 boot on >> $INSTALL_LOG 2>&1 - # Must give partition device time to settle - sleep 5 -fi - -# Install the root filesystem -install_root_filesystem "$ROOT_PARTITION" - -# Copy the config files -copy_config "$CONFIG_PARTITION" - -# Modify config to match system -# Assume user wants to keep password from old config -if [ ! -d /mnt/config ]; then - # Disable root login - set_encrypted_password root "*" $rootfsdir$ofrconfdir/config.boot - - echo "Enter password for administrator account" - change_password vyos -fi - -# restore ssh host keys -copy_sshkeys - -# check for xen part images in /var/xen -setup_xen_partition_images - -# Install grub -install_grub - -check_for_xen_extras - -if [ -z "$UNION" ]; then - # Fix up PAM configuration for login so that invalid users are prompted - # for password - sed -i 's/requisite[ \t][ \t]*pam_securetty.so/required pam_securetty.so/' $rootfsdir/etc/pam.d/login -fi - -# -# Only start the mdadm daemon if we have the root filesystem running -# on a RAID set. Since this script is the only way that the root filesystem -# ever gets set up, we can do this configuration here. -# -MDADM_CONFIG_FILE=$rootfsdir/etc/default/mdadm -if [ -e $MDADM_CONFIG_FILE ]; then - if [ ${INSTALL_DRIVE:0:2} = "md" ]; then - sed -i -e 's/^START_DAEMON.*$/START_DAEMON=true/' \ - -e 's/^AUTOSTART=.*$/AUTOSTART=true/' $MDADM_CONFIG_FILE - else - sed -i -e 's/^START_DAEMON.*$/START_DAEMON=false/' \ - -e 's/^AUTOSTART=.*$/AUTOSTART=false/' $MDADM_CONFIG_FILE - fi -fi - -postinst_root=$rootfsdir -writable_root='' -if [ -n "$UNION" ]; then - # set up root for postinst - postinst_root=/mnt/postinst_root - writable_root=$rootfsdir - version=`dpkg-query --showformat='${Version}' --show vyatta-version` - rw_dir=$rootfsdir/boot/$version/live-rw - - mkdir -p $postinst_root /mnt/squashfs - mount -o loop,ro -t squashfs \ - $rootfsdir/boot/$version/$version.squashfs /mnt/squashfs - mount -t unionfs -o noatime,dirs=$rw_dir=rw:/mnt/squashfs=ro unionfs \ - $postinst_root - - # handle start-up config file - mkdir -p $postinst_root/$ofrconfdir - if [ -f $rootfsdir/$ofrconfdir/config.boot ]; then - cp -p $rootfsdir/$ofrconfdir/* $postinst_root/$ofrconfdir/ - fi - - # set up /var/run - pi_fstab=$postinst_root/etc/fstab - if ! grep -q 'tmpfs /var/run ' $pi_fstab >&/dev/null; then - # replace the fstab. the default one has header that will cause - # it to be wiped out on live boot. - echo 'tmpfs /var/run tmpfs nosuid,nodev 0 0' >$pi_fstab - fi -fi - -# postinst hook -if [ -e /opt/vyatta/etc/install-system/postinst ]; then - echo "running post-install script" - /opt/vyatta/etc/install-system/postinst $postinst_root $writable_root \ - >>$INSTALL_LOG -fi - -if [ -n "$UNION" ]; then - umount $postinst_root - umount /mnt/squashfs -fi - -cp $INSTALL_LOG $rootfsdir/install.log - -umount $rootfsdir - -echo "Done!" -echo "Done!" >> $INSTALL_LOG - -exit 0 diff --git a/scripts/install/install-functions b/scripts/install/install-functions index 1551fbb0..d241e040 100755 --- a/scripts/install/install-functions +++ b/scripts/install/install-functions @@ -43,9 +43,6 @@ CD_SQUASH_ROOT=/mnt/cdsquash VYATTA_CFG_DIR=${vyatta_sysconfdir}/config VYATTA_NEW_CFG_DIR=/config -# the floppy config dir -FD_CFG_DIR=/media/floppy/config - # PROGRESS_PID can be exported by top-level script progress_indicator () { local spid=$PROGRESS_PID @@ -274,7 +271,7 @@ is_live_cd_boot () # Poor check, but whatever. The point is that on installed system # the image file normally is named after the current version, # while on livecd it's just "filesystem.squashfs" - if grep -q -e '^overlayfs.*/filesystem.squashfs' /proc/mounts; then + if grep -q -e '^overlay.*/filesystem.squashfs' /proc/mounts; then return 0 else return 1 @@ -287,8 +284,8 @@ is_union_install () if is_live_cd_boot; then return 1 fi - if grep -q ' /live/image [^ ]\+ rw' /proc/mounts \ - && egrep -q '(union|overlay)fs / (union|overlay)fs ' /proc/mounts; then + if grep -q 'upperdir=/live/persistence/' /proc/mounts \ + && egrep -q 'overlay / overlay ' /proc/mounts; then return 0 else return 1 @@ -298,7 +295,7 @@ is_union_install () # outputs the version string of the current running version. get_cur_version () { - ver=`dpkg-query --showformat='${Version}' --show vyatta-version` + ver=`cat /opt/vyatta/etc/version | awk '{print $2}'` if [ -z "$ver" ]; then echo "UNKNOWN" else @@ -323,7 +320,7 @@ get_new_version () ver_file=${ver_path} if is_live_cd_boot && [ -f "$ver_file" ]; then # we are installing from a live CD boot - ver=`dpkg-query --showformat='${Version}' --show vyatta-version` + ver=`cat /opt/vyatta/etc/version | awk '{print $2}'` echo $ver return fi @@ -337,11 +334,12 @@ gen_mopts () local mnttype=$1 local upper=$2 local lower=$3 - local mntpoint=$4 + local work=$4 + local mntpoint=$5 case "$1" in - overlayfs) - echo "-t $mnttype -o noatime,upperdir=$upper,lowerdir=$lower $mnttype $mntpoint" + overlay) + echo "-t $mnttype -o noatime,upperdir=$upper,lowerdir=$lower,workdir=$work $mnttype $mntpoint" ;; *) echo "-t $mnttype -o noatime,dirs=$upper=rw:$lower=ro $mnttype $mntpoint" diff --git a/scripts/install/install-get-partition b/scripts/install/install-get-partition index eee0dc73..5ea4845e 100755 --- a/scripts/install/install-get-partition +++ b/scripts/install/install-get-partition @@ -195,6 +195,14 @@ check_for_new_raid () { drives=$(cat /proc/partitions | awk '{ if ($4!="name") { print $4 } }' \ | egrep -v "[0-9]$" | egrep -v "^$") + for instdrv in $drives + do + if mount | grep iso9660 | grep -q $instdrv + then + drives=${drives//"$instdrv"/} + fi + done + numdrives=`echo $drives | wc -w` # Need at least two drives for RAID-1. We don't yet have the code @@ -251,12 +259,12 @@ check_for_new_raid () { done # Need to leave space on both disks between the MBR and the start - # of the first partition for grub. Grub needs to embed a large + # of the first partition for grub. Grub needs to embed a large # boot image there when booting off RAID devices. # # Partition creation variables are in units of megabytes. part_start_offset=2 - part_diag_size=60 + data_dev=1 if [ $drivesize1 -lt $drivesize2 ]; then root_size=$drivesize1 @@ -264,24 +272,6 @@ check_for_new_raid () { root_size=$drivesize2 fi - let min_size_with_diag=${MIN_ROOT}+${part_diag_size} - if [ $root_size -ge $min_size_with_diag ]; then - echo "Would you like me to create a $part_diag_size MB partition for diagnostics?" - echo -n "(Yes/No) [No]: " - diag_response=$(get_response "No" "Yes No Y N") - if [ "$diag_response" == "yes" ] || [ "$diag_response" == "y" ]; then - for drive in $drives; do - echo "Creating diag partition on drive $drive" - create_partitions "$drive" $part_diag_size $part_start_offset "no" - sfdisk --change-id /dev/$drive 1 0x6 - done - data_dev=2 - let part_start_offset+=$part_diag_size - else - data_dev=1 - fi - fi - let root_size-=$part_start_offset for drive in $drives; do @@ -480,7 +470,7 @@ save_image_config() { rm -fr /mnt/config mkdir /mnt/config - output=$(cp -pR /mnt/tmp/boot/$image_name/live-rw/config/* /mnt/config) + output=$(cp -pR /mnt/tmp/boot/$image_name/rw/config/* /mnt/config) if [ -n "$output" ]; then echo -e "Warning: error in copying the old config partition.\nSee $INSTALL_LOG for more details." @@ -492,7 +482,7 @@ save_image_config() { save_image_keys() { image_name=$1 - if [ ! -d /mnt/tmp/boot/$image_name/live-rw/etc/ssh ]; then + if [ ! -d /mnt/tmp/boot/$image_name/rw/etc/ssh ]; then echo "No SSH keys found on $image_name, so none can be saved." return; fi @@ -506,7 +496,7 @@ save_image_keys() { fi mkdir -p /mnt/ssh - output=$(cp -p /mnt/tmp/boot/$image_name/live-rw/etc/ssh/ssh_host_* /mnt/ssh) + output=$(cp -p /mnt/tmp/boot/$image_name/rw/etc/ssh/ssh_host_* /mnt/ssh) if [ -n "$output" ]; then echo -e "Warning: error in copying the old ssh keys." @@ -552,7 +542,7 @@ save_old_info() { image_dirs=/mnt/tmp/boot/* for dir in $image_dirs; do - if [ -f $dir/live-rw/config/.vyatta_config ]; then + if [ -f $dir/rw/config/.vyatta_config ]; then item=${dir##/mnt/tmp/boot/} images=($item ${images[@]}) @@ -652,7 +642,7 @@ make_filesystem () { lecho "Creating filesystem on /dev/$ldrive..." progress_indicator start - output=$(mkfs -t $ROOT_FSTYPE /dev/$ldrive 2>&1) + output=$(mkfs -L persistence -t $ROOT_FSTYPE /dev/$ldrive 2>&1) status=$? if [ "$status" != 0 ]; then echo -e "Error: couldn't create the root filesystem.\nSee $INSTALL_LOG for further details.\nExiting..." @@ -679,26 +669,28 @@ create_partitions() { exit 1 fi + # Force FAT label creation + lecho "Creating a new disklabel on $ldrive" + parted -s /dev/$ldrive mklabel msdos + # Make sure you can print disk info using parted parted --script /dev/$ldrive p >/dev/null 2>&1 - # If unable to read disk, it's likely it needs a disklabel + # If we still can't, something has gone terribly wrong if [ "$?" != "0" ]; then - lecho "Creating a new disklabel on $ldrive" - lecho "parted /dev/$ldrive mklabel msdos" - output=$(parted -s /dev/$ldrive mklabel msdos) - - parted --script /dev/$ldrive p >/dev/null 2>&1 - if [ "$?" != "0" ]; then - echo "Unable to read disk label. Exiting." - exit 1 - fi + echo "Unable to read disk label. Exiting." + exit 1 fi lecho "Creating root partition on /dev/$ldrive" # Make the root partition - output=$(parted --script --align optimal /dev/$ldrive mkpart primary 0% $root_part_size) + # if optimal_io_size is empty use default of 2048s + if [ $(cat /sys/block/$ldrive/queue/optimal_io_size) -gt 0 ]; then + output=$(parted --script --align optimal /dev/$ldrive mkpart primary 0% $root_part_size) + else + output=$(parted --script --align optimal /dev/$ldrive mkpart primary 2048s $root_part_size) + fi status=$? if [ "$status" != 0 ]; then echo -e "Error creating primary partition on $ldrive.\nPlease see $INSTALL_LOG for more details.\nExiting..." diff --git a/scripts/install/install-image b/scripts/install/install-image index c7323fbf..fd10d0c3 100755 --- a/scripts/install/install-image +++ b/scripts/install/install-image @@ -63,7 +63,7 @@ fetch_iso_by_url () fi # This is for statistics collection - vyos_version=`dpkg-query --showformat='${Version}' --show vyatta-version` + vyos_version=`cat /opt/vyatta/etc/version | awk '{print $2}'` filename="${TEMP_DIR}/${NEW_ISO##*/}" curl -L -H "User-Agent: VyOS/$vyos_version" $auth -f -o $filename $NEW_ISO diff --git a/scripts/install/install-image-existing b/scripts/install/install-image-existing index 7d58cd96..f38e3701 100755 --- a/scripts/install/install-image-existing +++ b/scripts/install/install-image-existing @@ -77,7 +77,7 @@ if [ -z "$CURVER" ]; then fi # get new version string. this is from the squashfs image. -NEWVER=`cat ${CD_SQUASH_ROOT}/opt/vyatta/etc/version | grep "Version:" | awk '{print $2,$3}' | sed 's/ /-/g'` +NEWVER=`cat ${CD_SQUASH_ROOT}/opt/vyatta/etc/version | grep "Version:" | awk '{print $2,$3}' | sed 's/[[:space:]]*$//' | sed 's/ /-/g'` NEWNAME=$NEWVER echo -n "What would you like to name this image? [$NEWNAME]: " @@ -110,10 +110,12 @@ fi echo "OK. This image will be named: $NEWNAME" # this is the default if current install is union -BOOT_DIR=/live/image/boot + if [ "$CUR_INSTALL" == 'old' ]; then BOOT_DIR=/boot -elif [ "$CUR_INSTALL" != 'union' ]; then +elif [ "$CUR_INSTALL" == 'union' ]; then + BOOT_DIR=`/opt/vyatta/sbin/vyos-persistpath`/boot +else echo 'Invalid current install type. Exiting...' exit 1 fi @@ -155,11 +157,14 @@ echo "Installing \"$NEWNAME\" image." # create the new release directories REL_ROOT=$BOOT_DIR/$NEWNAME -RW_DIR="$REL_ROOT/live-rw" +RW_DIR="$REL_ROOT/rw" if ! mkdir -p "$RW_DIR"; then failure_exit 'Cannot create directory for new release.' fi +WORK_DIR="$REL_ROOT/work" +mkdir -p "$WORK_DIR" + # copy the squashfs image and boot files echo "Copying new release files..." squash_img=${CD_ROOT}/live/filesystem.squashfs @@ -180,20 +185,12 @@ if ! try_mount "-o loop,ro $target_squash $READ_ROOT"; then fi # set up root for postinst -margs=$(gen_mopts "overlayfs" $RW_DIR $READ_ROOT $INST_ROOT) +margs=$(gen_mopts "overlay" $RW_DIR $READ_ROOT $WORK_DIR $INST_ROOT) if ! try_mount "$margs"; then rm -rf $REL_ROOT failure_exit 'Failed to set up root directory for postinst.' fi -# set up /var/run fstab entry -PI_FSTAB=$INST_ROOT/etc/fstab -if ! grep -q 'tmpfs /var/run ' $PI_FSTAB >&/dev/null; then - # replace the fstab. the default one has header that will cause - # it to be wiped out on live boot. - echo 'tmpfs /var/run tmpfs nosuid,nodev 0 0' >$PI_FSTAB -fi - # # Check to make sure we have enough space to copy the config and data dirs... # diff --git a/scripts/install/install-image-new b/scripts/install/install-image-new index 7965b939..d6427500 100755 --- a/scripts/install/install-image-new +++ b/scripts/install/install-image-new @@ -62,8 +62,10 @@ echo "OK. This image will be named: $image_name" # make the dir for the new version mkdir -p $WRITE_ROOT/boot/$image_name # make dir for backing store -rw_dir=$WRITE_ROOT/boot/$image_name/live-rw +rw_dir=$WRITE_ROOT/boot/$image_name/rw mkdir -p $rw_dir +work_dir=$WRITE_ROOT/boot/$image_name/work +mkdir -p $work_dir echo Copying squashfs image... # these are the defaults if installing from a specified ISO image file. @@ -73,7 +75,7 @@ boot_dir=${CD_SQUASH_ROOT}/boot boot_files=$(find $boot_dir -maxdepth 1 -type f -o -type l 2>/dev/null) if [ ! -f "$squash_img" ] || [ -z "$boot_files" ]; then # maybe installing from a live CD boot? - squash_img=/live/image/live/filesystem.squashfs + squash_img=/lib/live/mount/medium/live/filesystem.squashfs boot_dir=/boot boot_files=$(find $boot_dir -maxdepth 1 -type f -o -type l 2>/dev/null) if [ ! -f "$squash_img" ] || [ -z "$boot_files" ]; then @@ -88,13 +90,16 @@ cp -p $squash_img $target_squash echo Copying kernel and initrd images... cp -dp $boot_files $WRITE_ROOT/boot/$image_name/ +# create persistence.conf file +echo "/ union" > $WRITE_ROOT/persistence.conf + # set up union root for postinst mkdir -p $INST_ROOT $READ_ROOT if ! try_mount "-o loop,ro -t squashfs $target_squash $READ_ROOT"; then echo 'Exiting...' exit 1 fi -margs=$(gen_mopts "overlayfs" $rw_dir $READ_ROOT $INST_ROOT) +margs=$(gen_mopts "overlay" $rw_dir $READ_ROOT $work_dir $INST_ROOT) if ! try_mount "$margs"; then echo 'Exiting...' exit 1 diff --git a/scripts/install/install-postinst-new b/scripts/install/install-postinst-new index 11cf788e..2457cdd3 100755 --- a/scripts/install/install-postinst-new +++ b/scripts/install/install-postinst-new @@ -51,15 +51,6 @@ copy_config () { config=${VYATTA_NEW_CFG_DIR}/config.boot fi - # Second candidate: The config file on floppy, if one exists. - if [ -f "${FD_CFG_DIR}/config.boot" ]; then - if [ -z "$config" ]; then - config="${FD_CFG_DIR}/config.boot" - else - config="$config ${FD_CFG_DIR}/config.boot" - fi - fi - # Third candidate: The default config file DEF_CONF=$vyatta_sysconfdir/config.boot.default if [ -f $DEF_CONF ]; then @@ -175,7 +166,7 @@ setup_xen_extras () { echo "" >> $grubfile echo "title vyatta-virt" >> $grubfile echo "root (hd0,0)" >> $grubfile - echo "kernel $xen_grub_boot_path/vmlinuz root=/dev/$rootdev boot=live vyatta-union=$xen_grub_boot_path console=hvc0" >> $grubfile + echo "kernel $xen_grub_boot_path/vmlinuz root=/dev/$rootdev boot=live vyos-union=$xen_grub_boot_path console=hvc0" >> $grubfile echo "initrd $xen_grub_boot_path/initrd.img" >> $grubfile # Add symlink pointing to default image @@ -259,27 +250,10 @@ if [ -f "$MDADM_CONFIG_FILE" ]; then fi fi -if [ "$INSTALL_TYPE" == 'union' ]; then - # make /var/run tmpfs - pi_fstab=$INST_ROOT/etc/fstab - if ! grep -q 'tmpfs /var/run ' $pi_fstab >&/dev/null; then - # replace the fstab. the default one has header that will cause - # it to be wiped out on live boot. - echo 'tmpfs /var/run tmpfs nosuid,nodev 0 0' >$pi_fstab - fi -else - # not passing the write root to postinst (only needed for union) +if [ "$INSTALL_TYPE" != 'union' ]; then WRITE_ROOT='' fi -# postinst hook -if [ -e /opt/vyatta/etc/install-system/postinst ]; then - echo "running post-install script" - output=$(/opt/vyatta/etc/install-system/postinst \ - "$INST_ROOT" "$WRITE_ROOT" 2>&1) - lecho "$output" -fi - becho "Done!" exit 0 diff --git a/scripts/rl-system.init b/scripts/rl-system.init index 6a2b8d25..62eac9e7 100755 --- a/scripts/rl-system.init +++ b/scripts/rl-system.init @@ -98,8 +98,8 @@ clear_or_override_config_files () } update_interface_config () { - if [ -d /dev/.udev/vyatta ]; then - $vyatta_sbindir/vyatta_interface_rescan /dev/.udev/vyatta $BOOTFILE + if [ -d /run/udev/vyatta ]; then + $vyatta_sbindir/vyatta_interface_rescan /run/udev/vyatta $BOOTFILE fi } @@ -116,6 +116,10 @@ create_ssh_host_keys () { syslog "Creating ssh v1 host key." ssh-keygen -q -N '' -t rsa1 -f /etc/ssh/ssh_host_key fi; + if [ ! -f "/etc/ssh/ssh_host_ed25519_key" ]; then + syslog "Creating ssh ed25519 host key." + ssh-keygen -q -N '' -t ed25519 -f /etc/ssh/ssh_host_ed25519_key + fi; } set_ipv6_params () diff --git a/scripts/snmp/vyatta-snmp-v3.pl b/scripts/snmp/vyatta-snmp-v3.pl deleted file mode 100755 index 293f2907..00000000 --- a/scripts/snmp/vyatta-snmp-v3.pl +++ /dev/null @@ -1,626 +0,0 @@ -#!/usr/bin/perl -# -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2013 Vyatta, Inc. -# All Rights Reserved. -# -# **** End License **** - -use strict; -use warnings; - -use lib "/opt/vyatta/share/perl5/"; -use Vyatta::Config; -use File::Copy; -use Getopt::Long; -use Socket; -use Socket6; - -my $snmp_v3_level = 'service snmp v3'; -my $snmp_init = 'invoke-rc.d snmpd'; -my $snmpd_conf = '/etc/snmp/snmpd.conf'; -my $snmpd_usr_conf = '/usr/share/snmp/snmpd.conf'; -my $snmpd_var_conf = '/var/lib/snmp/snmpd.conf'; -my $snmpd_conf_tmp = "/tmp/snmpd.conf.$$"; -my $snmpd_usr_conf_tmp = "/tmp/snmpd.usr.conf.$$"; -my $snmpd_var_conf_tmp = "/tmp/snmpd.var.conf.$$"; -my $versionfile = '/opt/vyatta/etc/version'; -my $local_agent = 'unix:/var/run/snmpd.socket'; - -my $oldEngineID = ""; -my $setserialno = ""; - -my %OIDs = ( - "md5", ".1.3.6.1.6.3.10.1.1.2", - "sha", ".1.3.6.1.6.3.10.1.1.3", - "aes", ".1.3.6.1.6.3.10.1.2.4", - "des", ".1.3.6.1.6.3.10.1.2.2", - "none", ".1.3.6.1.6.3.10.1.2.1" -); - -# generate a random character hex string -sub randhex { - my $length = shift; - return join "", map {unpack "H*", chr(rand(256))} 1 .. ($length / 2); -} - -sub snmpd_running { - open(my $pidf, '<', "/var/run/snmpd.pid") - or return; - my $pid = <$pidf>; - close $pidf; - - chomp $pid; - my $exe = readlink "/proc/$pid/exe"; - - return (defined($exe) && $exe eq "/usr/sbin/snmpd"); -} - -sub check_snmp_exit_code { - my $code = shift; - - # snmpd can start/restart with exit code 256 if trap-target is unavailable - if ($code != 0 && $code != 256) { - return 1; - }else { - return 0; - } -} - -sub snmpd_stop { - system("start-stop-daemon --stop --exec /usr/sbin/snmpd --oknodo -R 2 > /dev/null 2>&1"); - if (check_snmp_exit_code($?)) { - print "ERROR: Can not stop snmpd!\n"; - exit(1); - } -} - -sub snmpd_start { - system("$snmp_init start > /dev/null 2>&1"); - if (check_snmp_exit_code($?)) { - print "ERROR: Can not start snmpd!\n"; - exit(1); - } -} - -sub snmpd_update { - system("$snmp_init reload > /dev/null 2>&1"); - if (check_snmp_exit_code($?)) { - print "ERROR: Can not reload snmpd!\n"; - exit(1); - } -} - -sub snmpd_restart { - system("$snmp_init restart > /dev/null 2>&1"); - if (check_snmp_exit_code($?)) { - print "ERROR: Can not restart snmpd!\n"; - exit(1); - } -} - -# get vyatta version -sub get_version { - my $version = "unknown-version"; - - if (open(my $f, '<', $versionfile)) { - while (<$f>) { - chomp; - if (m/^Version\s*:\s*(.*)$/) { - $version = $1; - last; - } - } - close $f; - } - return $version; -} - -sub ipv6_disabled { - socket(my $s, PF_INET6, SOCK_DGRAM, 0) - or return 1; - close($s); - return; -} - -# write tsm config from current to snmpd_conf -sub set_tsm { - my $config = get_snmp_config(); - if ($config->exists("tsm")) { - my $port = $config->returnValue("tsm port"); - my $local_key = $config->returnValue("tsm local-key"); - system("sed -i 's/^agentaddress.*\$/&,tlstcp:$port,dtlsudp:$port/' $snmpd_conf_tmp"); - system("echo \"[snmp] localCert $local_key\" >> $snmpd_conf_tmp"); - } -} - -# delete all SNMP config files -# can be called directly -sub snmp_delete { - snmpd_stop(); - - my @files = ($snmpd_conf, $snmpd_usr_conf, $snmpd_var_conf); - foreach my $file (@files) { - if (-e $file) { - unlink($file); - } - } -} - -sub get_snmp_config { - my $config = new Vyatta::Config; - $config->setLevel($snmp_v3_level); - return $config; -} - -# write views from vyatta config to snmpd_conf -sub set_views { - print "# views \n"; - my $config = get_snmp_config(); - foreach my $view ($config->listNodes("view")) { - foreach my $oid ($config->listNodes("view $view oid")) { - my $mask = ''; - $mask = $config->returnValue("view $view oid $oid mask") - if $config->exists("view $view oid $oid mask"); - if ($config->exists("view $view oid $oid exclude")) { - print "view $view excluded .$oid $mask\n"; - }else { - print "view $view included .$oid $mask\n"; - } - } - } - print "\n"; -} - -# write groups from vyatta config to snmpd_conf -sub set_groups { - print"#access\n# context sec.model sec.level match read write notif\n"; - my $config = get_snmp_config(); - foreach my $group ($config->listNodes("group")) { - my $mode = $config->returnValue("group $group mode"); - my $view = $config->returnValue("group $group view"); - my $secLevel = $config->returnValue("group $group seclevel"); - if ($mode eq "ro") { - print "access $group \"\" usm $secLevel exact $view none none\n"; - print "access $group \"\" tsm $secLevel exact $view none none\n"; - }else { - print "access $group \"\" usm $secLevel exact $view $view none\n"; - print "access $group \"\" tsm $secLevel exact $view $view none\n"; - } - } - print "\n"; -} - -# write users from vyatta config to snmpd_conf -sub set_users_in_etc { - - print "#group\n"; - my $tsm_counter = 0; - my $config = get_snmp_config(); - foreach my $user ($config->listNodes("user")) { - $config->setLevel($snmp_v3_level . " user $user"); - if ($config->exists("group")) { - my $group = $config->returnValue("group"); - print "group $group usm $user\n"; - print "group $group tsm $user\n"; - } - if ($config->exists("tsm-key")) { - my $cert = $config->returnValue("tsm-key"); - $tsm_counter++; - print "certSecName $tsm_counter $cert --sn $user\n"; - } - } - - print "\n"; -} - -# write users from vyatta config to config files in /usr & /var -sub set_users_to_other { - open(my $usr_conf, '>>', $snmpd_usr_conf_tmp) - or die "Couldn't open $snmpd_usr_conf_tmp - $!"; - open(my $var_conf, '>>', $snmpd_var_conf_tmp) - or die "Couldn't open $snmpd_var_conf_tmp - $!"; - - print $var_conf "\n"; - - my $config = get_snmp_config(); - my $needTsm = 0; - if ($config->exists("tsm")) { - $needTsm = 1; - } - - my %trap_users = (); - - foreach my $trap ($config->listNodes("trap-target")) { - $trap_users{$config->returnValue("trap-target $trap user")} = 1; - } - - foreach my $user ($config->listNodes("user")) { - delete $trap_users{$user}; - $config->setLevel($snmp_v3_level . " user $user"); - my $auth_type = $config->returnValue("auth type"); - my $priv_type = $config->returnValue("privacy type"); - if ($config->exists("auth")) { - if ($config->exists("auth plaintext-key")) { - my $auth_key = $config->returnValue("auth plaintext-key"); - my $priv_key = ''; - $priv_key = $config->returnValue("privacy plaintext-key") - if $config->exists("privacy plaintext-key"); - print $var_conf "createUser $user \U$auth_type\E $auth_key \U$priv_type\E $priv_key\n"; - }else { - my $name_print = get_printable_name($user); - my $EngineID = $config->returnValue("engineid"); - if ($EngineID eq "") { - die "ERROR: engineid is null\n"; - } - my $auth_type_oid = $OIDs{$auth_type}; - my $auth_key_hex = $config->returnValue("auth encrypted-key"); - - my ($priv_type_oid, $priv_key_hex); - if ($config->exists("privacy")) { - $priv_type_oid = $OIDs{$priv_type}; - $priv_key_hex =$config->returnValue("privacy encrypted-key"); - }else { - $priv_type_oid = $OIDs{'none'}; - $priv_key_hex = '0x'; - } - print $var_conf "usmUser 1 3 $EngineID $name_print $name_print NULL $auth_type_oid $auth_key_hex $priv_type_oid $priv_key_hex 0x\n"; - } - } - my $mode = $config->returnValue("mode"); - my $end = "auth"; - if ($config->exists("privacy")) { - $end = "priv"; - } - print $usr_conf $mode . "user $user $end\n"; - if ($needTsm) { - print $usr_conf $mode . "user -s tsm $user $end\n"; - } - } - - # add users for trap if they are not exists in vyatta config /services/snmp/v3/user - foreach my $user (keys %trap_users) { - my $name_print = get_printable_name($user); - print $var_conf "usmUser 1 3 0x". randhex(26). " $name_print $name_print NULL .1.3.6.1.6.3.10.1.1.2 0x". randhex(32). " .1.3.6.1.6.3.10.1.2.1 0x 0x\n"; - print $usr_conf "rouser $user auth\n"; - } - - print $var_conf "setserialno $setserialno\n" - if !($setserialno eq ""); - print $var_conf "oldEngineID $oldEngineID\n" - if !($oldEngineID eq ""); - - close $usr_conf; - close $var_conf; -} - -# if name contains '-' then it must be printed in hex format -sub get_printable_name { - my $name = shift; - if ($name =~ /-/) { - my @array = unpack('C*', $name); - my $stringHex = '0x'; - foreach my $c (@array) { - $stringHex .= sprintf("%lx", $c); - } - return $stringHex; - }else { - return "\"$name\""; - } -} - -# read encrypted keys from config file in /var to vyatta config -# read additional info from config file in /var to VConfig variable -# delete plaintext passwords in vyatta config -sub update_users_vyatta_conf { - open(my $var_conf, '<', $snmpd_var_conf) - or die "Couldn't open $snmpd_usr_conf - $!"; - my $config = get_snmp_config(); - while (my $line = <$var_conf>) { - if ($line =~ /^oldEngineID (.*)$/) { - my $value = $1; - if ( $config->exists("engineid") - &&$config->returnValue("engineid") eq "") - { - system("/opt/vyatta/sbin/my_set service snmp v3 engineid $value > /dev/null"); - } - } - if ($line =~ /^usmUser /) { - my @values = split(/ /, $line); - my $name = $values[4]; - if ($name =~ /^"(.*)"$/) { - $name = $1; - }else { - $name = pack('H*', $name); - } - - # this file contain users for trap-target and vyatta... user - # these users recreating automatically on each commit - if ($config->exists("user $name")) { - system("/opt/vyatta/sbin/my_set service snmp v3 user \"$name\" engineid $values[3] > /dev/null"); - system("/opt/vyatta/sbin/my_set service snmp v3 user \"$name\" auth encrypted-key $values[8] > /dev/null"); - if ($values[10] ne "\"\"" && $values[10] ne "0x") { - system("/opt/vyatta/sbin/my_set service snmp v3 user \"$name\" privacy encrypted-key $values[10] > /dev/null"); - system("/opt/vyatta/sbin/my_delete service snmp v3 user \"$name\" privacy plaintext-key > /dev/null"); - } - system("/opt/vyatta/sbin/my_delete service snmp v3 user \"$name\" auth plaintext-key > /dev/null"); - } - } - } - close $var_conf; -} - -# write trap-target hosts from vyatta config to snmpd_conf -sub set_hosts { - print "#trap-target\n"; - my $config = get_snmp_config(); - foreach my $target ($config->listNodes("trap-target")) { - $config->setLevel($snmp_v3_level . " trap-target $target"); - my $auth_key = ''; - if ($config->exists("auth plaintext-key")) { - $auth_key = "-A " . $config->returnValue("auth plaintext-key"); - }else { - $auth_key = "-3m " . $config->returnValue("auth encrypted-key"); - } - my $auth_type = $config->returnValue("auth type"); - my $user = $config->returnValue("user"); - my $port = $config->returnValue("port"); - my $protocol = $config->returnValue("protocol"); - my $type = $config->returnValue("type"); - my $inform_flag = '-Ci'; - $inform_flag = '-Ci' if ($type eq 'inform'); - - if ($type eq 'trap') { - $inform_flag = '-e ' . $config->returnValue("engineid"); - } - my $privacy = ''; - my $secLevel = 'authNoPriv'; - if ($config->exists("privacy")) { - my $priv_key = ''; - if ($config->exists("privacy plaintext-key")) { - $priv_key ="-X " . $config->returnValue("privacy plaintext-key"); - }else { - $priv_key ="-3M " . $config->returnValue("privacy encrypted-key"); - } - my $priv_type = $config->returnValue("privacy type"); - $privacy = "-x $priv_type $priv_key"; - $secLevel = 'authPriv'; - } - - # TODO understand difference between master and local - # Uses: - # set -3m / -3M for auth / priv for master - # or -3k / -3K for local - # Current use only master - my $target_print = $target; - if ($target =~ /:/) { - $target_print = "[$target]"; - $protocol = $protocol . "6"; - } - print"trapsess -v 3 $inform_flag -u $user -l $secLevel -a $auth_type $auth_key $privacy $protocol:$target_print:$port\n"; - } - print "\n"; -} - -# check changes in auth and privacy nodes -# deny set encrypted-key in case engineid wasn't set -sub check_user_auth_changes { - my $config = get_snmp_config(); - my $v3engineid = ""; - - if($config->exists("engineid")){ - $v3engineid=$config->returnValue("engineid"); - } - - if ($config->isChanged("user") || $config->isChanged("engineid")) { - my $haveError = 0; - foreach my $user ($config->listNodes("user")) { - $config->setLevel($snmp_v3_level . " user $user"); - if ( $config->exists("engineid") - &&!($v3engineid eq "") - &&!($config->returnValue("engineid") eq "") - &&!($config->returnValue("engineid") eq $v3engineid)) - { - print"Warning: Encrypted key(s) for snmp v3 user \"$user\" was(were) generated for another SNMP engineid. It won't work. Please recreate this user.\n"; - } - if ($config->exists("auth")) { - if ( - !( - $config->exists("engineid") &&($config->exists("auth encrypted-key") - ||$config->exists("privacy encrypted-key")) - ) - ) - { - $haveError = 1; - print"Discard encrypted-key on user \"$user\". It's necessary to setup engineid the encrypted-key was generated with.\n"; - } - my $isAuthKeyChanged = $config->isChanged("auth plaintext-key"); - my $isAuthEKeyChanged = $config->isChanged("auth encrypted-key"); - if ($config->exists("privacy")) { - my $isPrivKeyChanged =$config->isChanged("privacy plaintext-key"); - my $isPrivEKeyChanged =$config->isChanged("privacy encrypted-key"); - if ( ($isPrivEKeyChanged && !$isAuthEKeyChanged) - || ($isPrivKeyChanged && !$isAuthKeyChanged)) - { - $haveError = 1; - print"Please, set correct auth and privacy for user \"$user\"\n"; - print"Set plaintext-key for auth and privacy or set encrypted-key for both\n"; - } - } - }else { - if ($config->exists("privacy")) { - $haveError = 1; - print "Please, delete privacy for user \"$user\"\n"; - } - } - } - if ($haveError) { - exit(1); - } - } -} - -# check relation between user & group & view -sub check_relation { - my $config = get_snmp_config(); - my $haveError = 0; - foreach my $user ($config->listNodes("user")) { - if ($config->exists("user $user group")) { - my $group = $config->returnValue("user $user group"); - if (!$config->exists("group $group")) { - $haveError = 1; - print"Please, create group \"$group\". It's need for user \"$user\"\n"; - } - } - } - foreach my $group ($config->listNodes("group")) { - my $view = $config->returnValue("group $group view"); - if (!$config->exists("view $view")) { - $haveError = 1; - print"Please, create view \"$view\". It's need for group \"$group\"\n"; - } - } - if ($haveError) { - exit(1); - } -} - -# check is new tsm port free on system -sub check_tsm_port { - my $config = get_snmp_config(); - if ($config->isChanged("tsm port")) { - my $port = $config->returnValue("tsm port"); - my $reg = ":$port\$"; - my $output = `netstat -anltup | awk '{print \$4}'`; - foreach my $line (split(/\n/, $output)) { - if ($line =~ /$reg/) { - print"Actually port $port is using. It can not be used for tsm.\n"; - exit(1); - } - } - } -} - -# check group seclevel and user auth/privacy -sub check_seclevel { - my $config = get_snmp_config(); - my $haveError = 0; - if ($config->isChanged("user") || $config->isChanged("group")) { - foreach my $user ($config->listNodes("user")) { - if ($config->exists("user $user group")) { - my $group = $config->returnValue("user $user group"); - if ( $config->isChanged("user $user") - || $config->isChanged("group $group")) - { - my $group_seclevel =$config->returnValue("group $group seclevel"); - if ($config->exists("user $user privacy")) { - if ($group_seclevel eq "auth") { - print"User \"$user\" have privacy, but group \"$group\" have \"auth\" as seclevel. So auth and priv work both.\n"; - } - }else { - if ($group_seclevel eq "priv") { - print"User \"$user\" will not work, because he haven't privacy, but group \"$group\" have \"priv\" as seclevel.\n"; - $haveError = 1; - } - } - } - } - } - } - if ($haveError) { - exit(1); - } -} - -sub copy_conf_to_tmp { - - # these files already contain SNMPv2 configuration - copy($snmpd_conf, $snmpd_conf_tmp) - or die "Couldn't copy $snmpd_conf to $snmpd_conf_tmp - $!"; - copy($snmpd_usr_conf, $snmpd_usr_conf_tmp) - or die "Couldn't copy $snmpd_usr_conf to $snmpd_usr_conf_tmp - $!"; - copy($snmpd_var_conf, $snmpd_var_conf_tmp) - or die "Couldn't copy $snmpd_var_conf to $snmpd_var_conf_tmp - $!"; -} - -# update all vyatta config -# can be called directly -sub snmp_update { - - copy_conf_to_tmp(); - - set_tsm(); - - open(my $fh, '>>', $snmpd_conf_tmp) - or die "Couldn't open $snmpd_conf_tmp - $!"; - - select $fh; - - set_views(); - set_groups(); - set_hosts(); - set_users_in_etc(); - - close $fh; - select STDOUT; - - move($snmpd_conf_tmp, $snmpd_conf) - or die "Couldn't move $snmpd_conf_tmp to $snmpd_conf - $!"; - - my $config = get_snmp_config(); - if ($config->exists("engineid")) { - $oldEngineID = $config->returnValue("engineid"); - } - - snmpd_stop(); - - #add newly added users to var config to get encrypted values - set_users_to_other(); - - move($snmpd_usr_conf_tmp, $snmpd_usr_conf) - or die "Couldn't move $snmpd_usr_conf_tmp to $snmpd_usr_conf - $!"; - move($snmpd_var_conf_tmp, $snmpd_var_conf) - or die "Couldn't move $snmpd_var_conf_tmp to $snmpd_var_conf - $!"; - - snmpd_start(); - snmpd_stop(); - - # now we have encrypted user config - start and read it after - snmpd_start(); - update_users_vyatta_conf(); -} - -# validate vyatta config before write it into files -# can be called directly -sub snmp_check { - check_user_auth_changes(); - check_relation(); - check_tsm_port(); - check_seclevel(); -} - -my $check_config; -my $update_snmp; -my $delete_snmp; - -GetOptions( - "check-config!" => \$check_config, - "update-snmp!" => \$update_snmp, - "delete-snmp!" => \$delete_snmp, - "oldEngineID=s" => \$oldEngineID, - "setserialno=s" => \$setserialno -); - -snmp_check() if ($check_config); -snmp_update() if ($update_snmp); -snmp_delete() if ($delete_snmp); diff --git a/scripts/snmp/vyatta-snmp.pl b/scripts/snmp/vyatta-snmp.pl deleted file mode 100755 index fb4e22e7..00000000 --- a/scripts/snmp/vyatta-snmp.pl +++ /dev/null @@ -1,340 +0,0 @@ -#!/usr/bin/perl -# -# Module: vyatta-snmp.pl -# -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc. -# All Rights Reserved. -# -# Author: Stig Thormodsrud -# Date: October 2007 -# Description: Script to glue vyatta cli to snmp daemon -# -# **** End License **** -# - -use strict; -use warnings; - -use lib "/opt/vyatta/share/perl5/"; -use Vyatta::Config; -use Vyatta::Misc; -use NetAddr::IP; -use Getopt::Long; -use File::Copy; -use Socket; -use Socket6; - -my $mibdir = '/opt/vyatta/share/snmp/mibs'; -my $snmp_init = 'invoke-rc.d snmpd'; -my $snmp_conf = '/etc/snmp/snmpd.conf'; -my $snmp_client = '/etc/snmp/snmp.conf'; -my $snmp_tmp = "/tmp/snmpd.conf.$$"; -my $snmp_snmpv3_user_conf = '/usr/share/snmp/snmpd.conf'; -my $snmp_snmpv3_createuser_conf = '/var/lib/snmp/snmpd.conf'; -my $versionfile = '/opt/vyatta/etc/version'; -my $local_agent = 'unix:/var/run/snmpd.socket'; -my $password_file = '/config/snmp/superuser_pass'; - -my $snmp_level = 'service snmp'; - -sub snmp_running { - open(my $pidf, '<', "/var/run/snmpd.pid") - or return; - my $pid = <$pidf>; - close $pidf; - - chomp $pid; - my $exe = readlink "/proc/$pid/exe"; - - return (defined($exe) && $exe eq "/usr/sbin/snmpd"); -} - -sub snmp_stop { - system("$snmp_init stop > /dev/null 2>&1"); -} - -sub snmp_stop { - system("$snmp_init restart > /dev/null 2>&1"); -} - -sub snmp_start { - - # we must stop snmpd first for creating vyatta user - system("$snmp_init stop > /dev/null 2>&1"); - open(my $fh, '>', $snmp_tmp) - or die "Couldn't open $snmp_tmp - $!"; - - select $fh; - snmp_get_constants(); - snmp_get_values(); - snmp_get_traps(); - close $fh; - select STDOUT; - - snmp_client_config(); - - move($snmp_tmp, $snmp_conf) - or die "Couldn't move $snmp_tmp to $snmp_conf - $!"; -} - -sub get_version { - my $version = "unknown-version"; - - if (open(my $f, '<', $versionfile)) { - while (<$f>) { - chomp; - if (m/^Version\s*:\s*(.*)$/) { - $version = $1; - last; - } - } - close $f; - } - return $version; -} - -# convert address to snmpd transport syntax -sub transport_syntax { - my ($addr, $port) = @_; - my $ip = new NetAddr::IP $addr; - die "$addr: not a valid IP address" unless $ip; - - my $version = $ip->version(); - return "udp:$addr:$port" if ($version == 4); - return "udp6:[$addr]:$port" if ($version == 6); - die "$addr: unknown IP version $version"; -} - -# Test if IPv6 is possible by opening a socket -sub ipv6_disabled { - socket(my $s, PF_INET6, SOCK_DGRAM, 0) - or return 1; - close($s); - return; -} - -# Find SNMP agent listening addresses -sub get_listen_address { - my $config = new Vyatta::Config; - my @listen; - - $config->setLevel('service snmp listen-address'); - my @address = $config->listNodes(); - - if(@address) { - foreach my $addr (@address) { - my $port = $config->returnValue("$addr port"); - push @listen, transport_syntax($addr, $port); - } - } else { - - # default if no address specified - @listen = ('udp:161'); - push @listen, 'udp6:161' unless ipv6_disabled(); - return @listen; - } - - return @listen; -} - -sub snmp_get_constants { - my $version = get_version(); - my $now = localtime; - my @addr = get_listen_address(); - - # add local unix domain target for use by operational commands - unshift @addr, $local_agent; - - print "# autogenerated by vyatta-snmp.pl on $now\n"; - print "sysDescr $version\n"; - print "sysObjectID 1.3.6.1.4.1.44641\n"; - print "sysServices 14\n"; - print "master agentx\n"; # maybe needed by lldpd - print "agentaddress ", join(',',@addr), "\n"; - - # add hook to read IF-MIB::ifAlias from sysfs - print "pass .1.3.6.1.2.1.31.1.1.1.18 /opt/vyatta/sbin/if-mib-alias\n"; - - print "smuxpeer .1.3.6.1.4.1.3317.1.2.2\n"; # ospfd - print "smuxpeer .1.3.6.1.4.1.3317.1.2.5\n"; # bgpd - print "smuxpeer .1.3.6.1.4.1.3317.1.2.3\n"; # ripd - print "smuxpeer .1.3.6.1.4.1.3317.1.2.9\n"; # mribd - print "smuxpeer .1.3.6.1.2.1.83\n"; # mribd - print "smuxpeer .1.3.6.1.4.1.3317.1.2.8\n"; # pimd - print "smuxpeer .1.3.6.1.2.1.157\n"; # pimd - print "smuxsocket localhost\n"; -} - -# generate a random character hex string -sub randhex { - my $length = shift; - return join "", map {unpack "H*", chr(rand(256))} 1..($length/2); -} - -# output snmpd.conf file syntax for community -sub print_community { - my ($config, $community) = @_; - my $ro = $config->returnValue('authorization'); - $ro = 'ro' unless $ro; - - my @clients = $config->returnValues('client'); - my @networks = $config->returnValues('network'); - - my @restriction = (@clients, @networks); - if (!@restriction) { - print $ro . "community $community\n"; - print $ro . "community6 $community\n" unless ipv6_disabled(); - return; - } - - foreach my $addr (@restriction) { - my $ip = new NetAddr::IP $addr; - die "$addr: Not a valid IP address" unless $ip; - - if ($ip->version() == 4) { - print $ro . "community $community $addr\n"; - } elsif ($ip->version() == 6) { - print $ro . "community6 $community $addr\n"; - } else { - die "$addr: bad IP version ", $ip->version(); - } - } -} - -sub snmp_get_values { - my $config = new Vyatta::Config; - - my @communities = $config->listNodes("service snmp community"); - foreach my $community (@communities) { - $config->setLevel("service snmp community $community"); - print_community($config, $community); - } - - $config->setLevel("service snmp smux-peer"); - my @smuxpeers = $config->returnValues(); - foreach my $smuxpeer (@smuxpeers) { - print "smuxpeer $smuxpeer \n"; - } - - $config->setLevel($snmp_level); - my $contact = $config->returnValue("contact"); - if (defined $contact) { - print "SysContact $contact \n"; - } - - my $description = $config->returnValue("description"); - if (defined $description) { - print "SysDescr $description \n"; - } - - my $location = $config->returnValue("location"); - if (defined $location) { - print "SysLocation $location \n"; - } -} - -sub snmp_get_traps { - my $config = new Vyatta::Config; - $config->setLevel($snmp_level); - - # linkUp/Down configure the Event MIB tables to monitor - # the ifTable for network interfaces being taken up or down - # for making internal queries to retrieve any necessary information - - # create an internal snmpv3 user of the form 'vyattaxxxxxxxxxxxxxxxx' - my $vyatta_user = "vyatta" . randhex(16); - snmp_create_snmpv3_user($vyatta_user); - snmp_write_snmpv3_user($vyatta_user); - print "iquerySecName $vyatta_user\n"; - - # Modified from the default linkUpDownNotification - # to include more OIDs and poll more frequently - print <<EOF; -notificationEvent linkUpTrap linkUp ifIndex ifDescr ifType ifAdminStatus ifOperStatus -notificationEvent linkDownTrap linkDown ifIndex ifDescr ifType ifAdminStatus ifOperStatus -monitor -r 10 -e linkUpTrap "Generate linkUp" ifOperStatus != 2 -monitor -r 10 -e linkDownTrap "Generate linkDown" ifOperStatus == 2 -EOF - - my @trap_targets = $config->listNodes("trap-target"); - return unless @trap_targets; - - foreach my $trap_target (@trap_targets) { - my $port = $config->returnValue("trap-target $trap_target port"); - my $community= $config->returnValue("trap-target $trap_target community"); - - print "trap2sink $trap_target"; - print ":$port" if $port; - print " $community" if $community; - print "\n"; - } -} - -# Configure SNMP client parameters -sub snmp_client_config { - my $config = new Vyatta::Config; - $config->setLevel($snmp_level); - - open(my $cf, '>', $snmp_client) - or die "Couldn't open $snmp_client - $!"; - - my $version = get_version(); - my $now = localtime; - print {$cf} "# autogenerated by vyatta-snmp.pl on $now\n"; - - my $trap_source = $config->returnValue('trap-source'); - print {$cf} "clientaddr $trap_source\n" if ($trap_source); - close $cf; -} - -sub snmp_create_snmpv3_user { - - my $vyatta_user = shift; - my $passphrase = randhex(32); - - my $createuser = "createUser $vyatta_user MD5 \"$passphrase\" DES"; - open(my $fh, '>', $snmp_snmpv3_createuser_conf) || die "Couldn't open $snmp_snmpv3_createuser_conf - $!"; - print $fh $createuser; - close $fh; - - open(my $pass_file, '>', $password_file) || die "Couldn't open $password_file - $!"; - print $pass_file $passphrase; - close $pass_file; -} - -sub snmp_write_snmpv3_user { - - my $vyatta_user = shift; - my $user = "rwuser $vyatta_user\n"; - open(my $fh, '>', $snmp_snmpv3_user_conf) || die "Couldn't open $snmp_snmpv3_user_conf - $!"; - print $fh $user; - close $fh; -} - -# -# main -# -my $update_snmp; -my $stop_snmp; -my $restart_snmp; - -GetOptions( - "update-snmp!" => \$update_snmp, - "restart-snmp!" => \$restart_snmp, - "stop-snmp!" => \$stop_snmp -); - -snmp_start() if ($update_snmp); -snmp_restart() if ($restart_snmp); -snmp_stop() if ($stop_snmp); diff --git a/scripts/system/vyatta_check_snmp_name.pl b/scripts/system/vyatta_check_snmp_name.pl deleted file mode 100755 index 599fe398..00000000 --- a/scripts/system/vyatta_check_snmp_name.pl +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/perl - -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2010 Vyatta, Inc. -# All Rights Reserved. -# -# **** End License **** - -use strict; -use warnings; - -foreach my $name (@ARGV) { - die "$name : illegal characters in name\n" - if (!($name =~ /^[a-zA-Z0-9]*$/)); - - # Usernames may only be up to 32 characters long. - die "$name: name may only be up to 32 characters long\n" - if (length($name) > 32); -} - -exit 0; diff --git a/scripts/system/vyatta_check_username.pl b/scripts/system/vyatta_check_username.pl index 30917ecb..9ecc42db 100755 --- a/scripts/system/vyatta_check_username.pl +++ b/scripts/system/vyatta_check_username.pl @@ -68,7 +68,7 @@ foreach my $user (@ARGV) { # User does not exist in system, its okay my $uid = getpwnam($user); - next unless defined($uid); + next unless defined($uid) and $uid ne "1001"; # System accounts should not be listed in vyatta configuration # 1000 is SYS_UID_MIN diff --git a/scripts/system/vyatta_interface_rescan b/scripts/system/vyatta_interface_rescan index eb45da60..2e8ad8ca 100755 --- a/scripts/system/vyatta_interface_rescan +++ b/scripts/system/vyatta_interface_rescan @@ -98,7 +98,7 @@ sub get_phy { return $1; } -# vyatta_net_name leaves files in /dev/.udev/vyatta +# vyatta_net_name leaves files in /run/udev/vyatta # the filename is the interface and the contents are the hardware id sub interface_rescan { my ($VYATTAUDEV, $BOOTFILE) = @_; diff --git a/scripts/system/vyatta_update_console.pl b/scripts/system/vyatta_update_console.pl index 7c36ec7f..ff7c2df1 100755 --- a/scripts/system/vyatta_update_console.pl +++ b/scripts/system/vyatta_update_console.pl @@ -16,8 +16,7 @@ # # **** End License **** -# Update console configuration in /etc/inittab and grub -# based on Vyatta configuration +# Update console configuration in systemd and grub based on Vyatta configuration use strict; use warnings; @@ -26,6 +25,7 @@ use lib "/opt/vyatta/share/perl5"; use Vyatta::Config; use File::Compare; use File::Copy; +use experimental 'smartmatch'; die "$0 expects no arguments\n" if (@ARGV); @@ -44,59 +44,66 @@ sub update { } } -my $INITTAB = "/etc/inittab"; -my $TMPTAB = "/tmp/inittab.$$"; +sub update_getty{ + my $directory = "/etc/systemd/system"; + my $config = new Vyatta::Config; + $config->setLevel("system console device"); + my @ttys; + + foreach my $tty ($config->listNodes()) { + push(@ttys, "serial-getty\@$tty.service"); + } + + opendir DIR, $directory or die "Couldn't open dir '$directory': $!"; + while (my $file = readdir(DIR)) { + next unless ($file =~ /^serial-getty/); + if ( not $file ~~ @ttys ) { + system("systemctl stop $file"); + if (-e "$directory/getty.target.wants/$file") { + unlink "$directory/getty.target.wants/$file" + or die "Failed to remove file $file: $!\n"; + } + if (-e "$directory/$file") { + unlink "$directory/$file" + or die "Failed to remove file $file: $!\n"; + } + system("systemctl daemon-reload"); + } + } + closedir DIR; -sub update_inittab { - open(my $inittab, '<', $INITTAB) - or die "Can't open $INITTAB: $!"; + foreach my $tty ($config->listNodes()) { + my $SGETTY = "/lib/systemd/system/serial-getty\@.service"; + my $TMPGETTY = "/etc/systemd/system/serial-getty\@$tty.service"; + my $SYMGETTY = "/etc/systemd/system/getty.target.wants/serial-getty\@$tty.service"; - open(my $tmp, '>', $TMPTAB) - or die "Can't open $TMPTAB: $!"; + open(my $sgetty, '<', $SGETTY) + or die "Can't open $SGETTY: $!"; - # Clone original inittab but remove all references to serial lines - # and Xen consoles - print {$tmp} grep {!/^T|^# Vyatta|^h/} <$inittab>; - close $inittab; + open(my $tmp, '>', $TMPGETTY) + or die "Can't open $TMPGETTY: $!"; - my $config = new Vyatta::Config; - $config->setLevel("system console device"); + my $speed = $config->returnValue("$tty speed"); + if ($tty =~ /^hvc\d/) { + $speed = 38400 unless $speed; + } else { + $speed = 9600 unless $speed; + } - print {$tmp} "# Vyatta console configuration (do not modify)\n"; - - my $serial_id = 0; - my $xen_id = 0; - - foreach my $tty ($config->listNodes()) { - my $speed = $config->returnValue("$tty speed"); - if ($tty =~ /^hvc\d/) { - $speed = 38400 unless $speed; - printf {$tmp} "h%d:23:respawn:", $xen_id; - printf {$tmp} "/sbin/getty %d %s\n", $speed, $tty; - $xen_id++; - } else { - $speed = 9600 unless $speed; - printf {$tmp} "T%d:23:respawn:", $serial_id; - if ($config->exists("$tty modem")) { - printf {$tmp} "/sbin/mgetty -x0 -s %d %s\n", $speed, $tty; - } else { - printf {$tmp} "/sbin/getty -L %s %d vt100\n", $tty, $speed; - } - - # id field is limited to 4 characters - if (++$serial_id >= 1000) { - warn "Ignoring $tty only 1000 serial devices supported\n"; - last; - } - } + while (<$sgetty>) { + if (/^ExecStart=/) { + $_ =~ s/115200,38400,9600/$speed/g; + } + print {$tmp} $_; } + close $sgetty; close $tmp; - - if (update($INITTAB, $TMPTAB)) { - - # This is same as telinit q - it tells init to re-examine inittab - kill 1, 1; + symlink("$TMPGETTY","$SYMGETTY"); + system("systemctl daemon-reload"); + if ( system("systemctl status serial-getty\@$tty.service 2>&1 > /dev/null")) { + system("systemctl start serial-getty\@$tty.service"); } + } } my $GRUBCFG = "/boot/grub/grub.cfg"; @@ -135,7 +142,7 @@ sub update_grub { update($GRUBCFG, $GRUBTMP); } -update_inittab; +update_getty; update_grub; exit 0; diff --git a/scripts/system/vyatta_update_hosts.pl b/scripts/system/vyatta_update_hosts.pl deleted file mode 100755 index 22b141ab..00000000 --- a/scripts/system/vyatta_update_hosts.pl +++ /dev/null @@ -1,114 +0,0 @@ -#!/usr/bin/perl -w -# -# Module: vyatta_update_hosts.pl -# -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2012-2013 Vyatta, Inc. -# All Rights Reserved. -# -# Description: -# Script to update '/etc/hosts' on commit of 'system host-name' and -# 'system domain-name' config. -# -# **** End License **** -# - -use strict; -use English; -use lib "/opt/vyatta/share/perl5/"; - -use File::Temp qw(tempfile); -use Vyatta::File qw(touch); -use Vyatta::Config; -use Getopt::Long; - -my $HOSTS_CFG = '/etc/hosts'; -my $HOSTS_TMPL = "/tmp/hosts.XXXXXX"; -my $HOSTNAME_CFG = '/etc/hostname'; -my $MAILNAME_CFG = '/etc/mailname'; -my $restart_services = 1; - -sub set_hostname { - my ( $hostname ) = @_; - system("hostname $hostname"); - open (my $f, '>', $HOSTNAME_CFG) - or die("$0: Error! Unable to open $HOSTNAME_CFG for output: $!\n"); - print $f "$hostname\n"; - close ($f); -} - -sub set_mailname { - my ( $mailname ) = @_; - open (my $f, '>', $MAILNAME_CFG) - or die("$0: Error! Unable to open $MAILNAME_CFG for output: $!\n"); - print $f "$mailname\n"; - close ($f); -} - -if ($EUID != 0) { - printf("This program must be run by root.\n"); - exit 1; -} - -GetOptions("restart-services!" => \$restart_services); - -my $vc = new Vyatta::Config(); - -$vc->setLevel('system'); -my $host_name = $vc->returnValue('host-name'); -my $domain_name = $vc->returnValue('domain-name'); -my $mail_name; -my $hosts_line = "127.0.1.1\t "; - -if (! defined $host_name) { - $host_name = 'vyatta'; -} -$mail_name = $host_name; - -if (defined $domain_name) { - $mail_name .= '.' . $domain_name; - $hosts_line .= $host_name . '.' . $domain_name; -} -$hosts_line .= " $host_name\t #vyatta entry\n"; - -my ($out, $tempname) = tempfile($HOSTS_TMPL, UNLINK => 1) - or die "Can't create temp file: $!"; - -if (! -e $HOSTS_CFG) { - touch $HOSTS_CFG; -} -open (my $in, '<', $HOSTS_CFG) - or die("$0: Error! Unable to open '$HOSTS_CFG' for input: $!\n"); - -while (my $line = <$in>) { - if ($line =~ m:^127.0.1.1:) { - next; - } - print $out $line; -} -print $out $hosts_line; - -close ($in); -close ($out); - -system("cp $tempname $HOSTS_CFG") == 0 - or die "Can't copy $tempname to $HOSTS_CFG: $!"; - -set_hostname $host_name; -set_mailname $mail_name; - -# Restart services that use the system hostname; -# add more ase needed. -if ($restart_services) { - system("invoke-rc.d rsyslog restart"); -} diff --git a/scripts/system/vyatta_update_ntp.pl b/scripts/system/vyatta_update_ntp.pl deleted file mode 100755 index 36a2807e..00000000 --- a/scripts/system/vyatta_update_ntp.pl +++ /dev/null @@ -1,120 +0,0 @@ -#! /usr/bin/perl - -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc. -# All Rights Reserved. -# -# **** End License **** - -# Filter ntp.conf - remove old servers and add current ones - -use strict; -use lib "/opt/vyatta/share/perl5"; -use Vyatta::Config; -use NetAddr::IP; -use Getopt::Long; - -my $dhclient_script = 0; - -GetOptions("dhclient-script=i" => \$dhclient_script, -); - -sub ntp_format { - my ($cidr_or_host) = @_; - my $ip = NetAddr::IP->new($cidr_or_host); - if (defined($ip)) { - my $address = $ip->addr(); - my $mask = $ip->mask(); - - if ($ip->masklen() == 32) { - if ($ip->version() == 6) { - return "-6 $address"; - } else { - return "$address"; - } - } else { - if ($ip->version() == 6) { - return "-6 $address mask $mask"; - } else { - return "$address mask $mask"; - } - } - } else { - return undef; - } -} - -my @ntp; -if (-e '/etc/ntp.conf') { - open (my $file, '<', '/etc/ntp.conf') - or die("$0: Error! Unable to open '/etc/ntp.conf' for input: $!\n"); - @ntp = <$file>; - close ($file); -} - -open (my $output, '>', '/etc/ntp.conf') - or die("$0: Error! Unable to open '/etc/ntp.conf' for output: $!\n"); - -my $cfg = new Vyatta::Config; -$cfg->setLevel("system ntp"); - -foreach my $line (@ntp) { - if ($line =~ /^# VyOS CLI configuration options/) { - print $output $line; - print $output "\n"; - last; - } else { - print $output $line; - } -} - -my @servers; -my @clients; - -if ($dhclient_script == 1) { - @servers = $cfg->listOrigNodes("server"); - @clients = $cfg->returnOrigValues("client address"); -} else { - @servers = $cfg->listNodes("server"); - @clients = $cfg->returnValues("client address"); -} - -if (scalar(@servers) > 0) { - print $output "# Servers\n\n"; - foreach my $server (@servers) { - my $server_addr = ntp_format($server); - if (defined($server_addr)) { - print $output "server $server_addr iburst"; - for my $property (qw(dynamic noselect preempt prefer)) { - if ($dhclient_script == 1) { - print $output " $property" if ($cfg->existsOrig("server $server $property")); - } else { - print $output " $property" if ($cfg->exists("server $server $property")); - } - } - print $output "\nrestrict $server_addr nomodify notrap nopeer noquery\n"; - } - } - print $output "\n"; -} - -if (scalar(@clients) > 0) { - print $output "# Clients\n\n"; - foreach my $client (@clients) { - my $address = ntp_format($client); - print $output "restrict $address nomodify notrap nopeer\n"; - } - print $output "\n"; -} - -exit 0; diff --git a/scripts/system/vyatta_update_resolv.pl b/scripts/system/vyatta_update_resolv.pl index 51617fce..de09a760 100755 --- a/scripts/system/vyatta_update_resolv.pl +++ b/scripts/system/vyatta_update_resolv.pl @@ -30,7 +30,6 @@ use Vyatta::Config; my $dhclient_script = 0; my $config_mode = 0; -my $ntp_config = 0; GetOptions("dhclient-script=i" => \$dhclient_script, "config-mode=i" => \$config_mode, @@ -45,7 +44,6 @@ my $disable_dhcp_nameservers = undef; if ($config_mode == 1) { $disable_dhcp_nameservers = $vc->exists('disable-dhcp-nameservers'); - $ntp_config = $vc->exists('ntp server'); } else { $disable_dhcp_nameservers = $vc->existsOrig('disable-dhcp-nameservers'); } @@ -53,7 +51,6 @@ if ($config_mode == 1) { if ($dhclient_script == 1) { @search_domains = $vc->returnOrigValues('domain-search domain'); $domain_name = $vc->returnOrigValue('domain-name'); - $ntp_config = $vc->existsOrig('ntp server'); } else { @search_domains = $vc->returnValues('domain-search domain'); $domain_name = $vc->returnValue('domain-name'); @@ -132,7 +129,6 @@ if ($domain_name && length($domain_name) > 0) { if (($dhclient_script == 1) || ($config_mode == 1)) { my @current_dhcp_nameservers; - my $restart_ntp = 0; # code below to add new name-servers received from dhcp client, but only if disable-dhcp-nameservers # hasn't been enabled. @@ -168,7 +164,6 @@ if (($dhclient_script == 1) || ($config_mode == 1)) { or die "$! error trying to overwrite"; print $rf "#nameserver written by vyatta_update_resolv.pl (dhcp)\nnameserver\t$ns\n"; close $rf; - $restart_ntp = 1; } } } @@ -206,7 +201,6 @@ if (($dhclient_script == 1) || ($config_mode == 1)) { $cmd = "sed -i -n '/nameserver\t$dhcpnameserver/".'{n;x;d;};x;1d;p;${x;p;}'."' /etc/resolv.conf"; } system($cmd); - $restart_ntp = 1; } } else { for my $dhcpnameserver (@dhcp_nameservers_in_resolvconf) { @@ -225,18 +219,9 @@ if (($dhclient_script == 1) || ($config_mode == 1)) { $cmd = "sed -i -n '/nameserver\t$dhcpnameserver/".'{n;x;d;};x;1d;p;${x;p;}'."' /etc/resolv.conf"; } system($cmd); - $restart_ntp = 1; } } } - if ($restart_ntp == 1) { - # this corresponds to what is done in name-server/node.def as a fix for bug 1300 - if ($ntp_config == 1) { - system("sudo /opt/vyatta/sbin/vyatta_update_ntp.pl --dhclient-script $dhclient_script"); - my $cmd_ntp_restart = "if [ -f /etc/ntp.conf ] && grep -q '^server' /etc/ntp.conf; then /usr/sbin/invoke-rc.d ntp restart >&/dev/null; fi &"; - system($cmd_ntp_restart); - } - } } # The following will re-write '/etc/resolv.conf' line by line, diff --git a/scripts/system/vyatta_update_sysctl.pl b/scripts/system/vyatta_update_sysctl.pl index ddf10115..6e33c5d0 100644 --- a/scripts/system/vyatta_update_sysctl.pl +++ b/scripts/system/vyatta_update_sysctl.pl @@ -62,7 +62,7 @@ sub set_sysctl_value { my $ovalue = get_sysctl_value($sysctl_opt); if ($nvalue ne $ovalue) { - my $cmd = "$SYSCTL -w $sysctl_opt=$nvalue 2>&1 1>&-"; + my $cmd = "$SYSCTL -w $sysctl_opt=$nvalue 2>&1> /dev/null"; system($cmd); if ($? >> 8) { die "exec of $SYSCTL failed: '$cmd'"; diff --git a/scripts/system/vyatta_update_syslog.pl b/scripts/system/vyatta_update_syslog.pl index dd834c92..37d017e3 100755 --- a/scripts/system/vyatta_update_syslog.pl +++ b/scripts/system/vyatta_update_syslog.pl @@ -93,7 +93,7 @@ sub print_outchannel { # Force outchannel size to be 1k more than logrotate config to guarantee rotation $size = ($size + 5) * 1024; print $fh "\$outchannel $channel,$target,$size,/usr/sbin/logrotate ${LOGROTATE_CFG_DIR}/$channel\n"; - print $fh join( ';', @{ $entries{$target}{selector} } ), " \$$channel\n"; + print $fh join( ';', @{ $entries{$target}{selector} } ), " :omfile:\$$channel\n"; } my $config = new Vyatta::Config; diff --git a/scripts/system/vyatta_update_telnet b/scripts/system/vyatta_update_telnet deleted file mode 100755 index f50eef79..00000000 --- a/scripts/system/vyatta_update_telnet +++ /dev/null @@ -1,84 +0,0 @@ -#! /bin/bash -# Script to control telnet daemon parameters -# and block changes when logged in over telnet - -# Block changes to telnet daemon when logged in over telnet -pid=$(who -um | awk -F " " '{print $7}') -if [ -n "$pid" ]; then - if ps --pid $(ps --pid $pid -o ppid=) -o cmd= | grep -q telnetd - then - echo "Please configure telnet settings via ssh or console." - exit 1 - fi -fi - -usage() { - echo "Usage: $0 enable <port>" - echo " $0 disable" - echo " $0 allow-root {true|false}" - exit 1; -} - -allow-root() { - case "$1" in - true) ;; - false) ;; - *) echo "Expect true or false" - usage ;; - esac - - sudo sed -i -e '/^# Pseudo-terminal (telnet)/,$d' /etc/securetty - - if [ $1 = "false" ]; then - return - fi - - sudo sh -c "cat >>/etc/securetty" <<EOF -# Pseudo-terminal (telnet) -pts/0 -pts/1 -pts/2 -pts/3 -pts/4 -pts/5 -pts/6 -pts/7 -pts/8 -pts/9 -pts/10 -pts/11 -pts/12 -pts/13 -pts/14 -pts/15 -pts/16 -pts/17 -pts/18 -pts/19 -EOF - -} - -case "$1" in - allow-root) - allow-root $2 - ;; - - enable) - if [ -z "$2" ] - then echo "Missing port number"; - usage - fi - exec sudo /opt/vyatta/sbin/telnetd.init restart $2 $3 - ;; - - disable) - exec sudo /opt/vyatta/sbin/telnetd.init stop - ;; - - *) - echo "Unknown argument $1"; - usage - ;; -esac - diff --git a/scripts/vyatta-address b/scripts/vyatta-address index afe60191..072f27e6 100755 --- a/scripts/vyatta-address +++ b/scripts/vyatta-address @@ -28,10 +28,10 @@ case $1 in delete) # Get current address from interface when using DHCP if [[ "$3" = "dhcp" ]]; then - lease_file=/var/lib/dhcp3/dhclient_"$2".leases; + lease_file=/var/lib/dhcp/dhclient_"$2".leases; ip_address=$(sed -n 's/^\s\sfixed-address\s\(.*\);/\1/p' $lease_file | sed -n '$p'); elif [[ "$3" = "dhcpv6" ]]; then - lease_file=/var/lib/dhcp3/dhclient_v6_"$2".leases; + lease_file=/var/lib/dhcp/dhclient_v6_"$2".leases; ip_address=$(sed -n 's/^\s\s\s\siaaddr\s\(.*\)\s{/\1/p' $lease_file | sed -n '$p'); else ip_address=$3; diff --git a/scripts/vyatta-bridge.pl b/scripts/vyatta-bridge.pl index 36d59212..7602c2ce 100755 --- a/scripts/vyatta-bridge.pl +++ b/scripts/vyatta-bridge.pl @@ -35,7 +35,7 @@ use lib "/opt/vyatta/share/perl5/"; use Vyatta::Interface; use Vyatta::Config; -my $BRCTL = 'sudo /usr/sbin/brctl'; +my $BRCTL = 'sudo /sbin/brctl'; die "Usage: $0 ACTION ethX\n" unless ($#ARGV == 1); diff --git a/scripts/vyatta-dhcp-helper.pl b/scripts/vyatta-dhcp-helper.pl index 40291654..6febbaf9 100644 --- a/scripts/vyatta-dhcp-helper.pl +++ b/scripts/vyatta-dhcp-helper.pl @@ -18,7 +18,7 @@ sub get_dhcp_router { if (!Vyatta::Misc::is_dhcp_enabled($dhcp_iface,0)) { return "127.0.0.1"; } - my $lease = "/var/lib/dhcp3/dhclient_${dhcp_iface}_lease"; + my $lease = "/var/lib/dhcp/dhclient_${dhcp_iface}_lease"; my $router = `grep new_routers= $lease | cut -d"'" -f2`; my @r = split(/,/, $router); $router = $r[0]; diff --git a/scripts/vyatta-dhcpv6-client.pl b/scripts/vyatta-dhcpv6-client.pl index 384d4d62..74cc4db2 100755 --- a/scripts/vyatta-dhcpv6-client.pl +++ b/scripts/vyatta-dhcpv6-client.pl @@ -98,9 +98,9 @@ GetOptions("start" => \$start_flag, die "Error: Interface name must be specified with --ifname parameter.\n" unless $ifname; -my $pidfile = "/var/lib/dhcp3/dhclient_v6_$ifname.pid"; -my $leasefile = "/var/lib/dhcp3/dhclient_v6_$ifname.leases"; -my $conffile = "/var/lib/dhcp3/dhclient_v6_$ifname.conf"; +my $pidfile = "/var/lib/dhcp/dhclient_v6_$ifname.pid"; +my $leasefile = "/var/lib/dhcp/dhclient_v6_$ifname.leases"; +my $conffile = "/var/lib/dhcp/dhclient_v6_$ifname.conf"; my $cmdname = "/sbin/dhclient"; if ($release_flag) { diff --git a/scripts/vyatta-grub-setup b/scripts/vyatta-grub-setup index 11e73846..ea4dc905 100755 --- a/scripts/vyatta-grub-setup +++ b/scripts/vyatta-grub-setup @@ -1,7 +1,7 @@ #!/bin/sh # # Module: grup-setup -# +# # **** License **** # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 as @@ -15,11 +15,11 @@ # This code was originally developed by Vyatta, Inc. # Portions created by Vyatta are Copyright (C) 2006, 2007 Vyatta, Inc. # All Rights Reserved. -# +# # Author: Robert Bays # Date: 2006 # Description: -# +# # **** End License **** # # Vyatta grub customization setup script. @@ -55,7 +55,7 @@ ROOT_PARTITION="$1" GRUB_OPTIONS="$2" ROOTFSDIR="$3" -[ "$ROOT_PARTITION" ] || exit 1 +[ "$ROOT_PARTITION" ] || exit 1 # Grub options if [ "$GRUB_OPTIONS" ] @@ -103,7 +103,7 @@ else fi if eval "$UNION"; then - GRUB_OPTIONS="boot=live quiet vyatta-union=/boot/$livedir" + GRUB_OPTIONS="boot=live quiet vyos-union=/boot/$livedir" union_xen_kernel_version=$(ls $ROOTFSDIR/boot/$livedir/vmlinuz*-xen* \ 2>/dev/null \ | awk -F/ '{ print $6 }' \ @@ -114,7 +114,7 @@ if eval "$UNION"; then 2> /dev/null | grep -v xen \ | awk -F/ '{ print $6 }' | sed 's/vmlinuz//g' \ | sort -r) -else +else # Read UUID off of filesystem and use it to tell GRUB where to mount drive # This allows device to move around and grub will still find it uuid=$(dumpe2fs -h /dev/${ROOT_PARTITION} 2>/dev/null | awk '/^Filesystem UUID/ {print $3}') @@ -133,11 +133,6 @@ if [ -n "$xen_kernel_version" ] || [ -n "$union_xen_kernel_version" ]; then default_console=0 fi -# Check for diagnostic partition residing in first partition of drive -# holding the root partition. - -diag_drive_number="" - if [ ${ROOT_PARTITION:0:2} = "md" ]; then # Select the first disk in the RAID group to look for diag partition on root_disks=`echo /sys/block/$ROOT_PARTITION/slaves/*` @@ -149,20 +144,6 @@ else root_disk=${ROOT_PARTITION:0:${#ROOT_PARTITION}-1} fi -# If the root partition is not occupying the first partition, then we -# can look for a diag partition there. -if [ "$ROOT_PARTITION" != "${root_disk}1" ]; then - first_part_fstype=`fdisk -l /dev/$root_disk | grep ^/dev/${root_disk}1 | awk '{ print $6 }'` - - if [ "$first_part_fstype" = "FAT16" -o "$first_part_fstype" = "Dell" ]; then - # Translate the Linux drive letter (e.g. the "a" in "/dev/sda") into - # a drive number that grub uses. i.e. "a" = 0, "b" = 1, etc. - diag_drive_letter=${root_disk:2:1} - diag_drive_number=`echo $diag_drive_letter | od -t u1 -N 1 | awk '{ print $2 }'` - let diag_drive_number-=97 - fi -fi - ( # create the grub.cfg file for grub # The "default=" line selects which boot option will be used by default. @@ -175,18 +156,17 @@ fi echo "terminal_output --append serial" if [ ${ROOT_PARTITION:0:2} = "md" ]; then + uuid_root_disk=`/sbin/tune2fs -l /dev/${root_disk}1 | grep UUID | awk '{print $3}'` + uuid_root_md=`/sbin/tune2fs -l /dev/md${ROOT_PARTITION#md} | grep UUID | awk '{print $3}'` echo "" - echo -e "insmod raid" - echo -e "root ($ROOT_PARTITION)" + echo -e "insmod part_msdos" + echo -e "insmod diskfilter" + echo -e "insmod ext2" + echo -e "insmod mdraid1x" + echo -e "set root='mduuid/${uuid_root_disk}'" + echo -e "search --no-floppy --fs-uuid --set=root ${uuid_root_md}" fi - echo "" - echo "echo -n Press ESC to enter the Grub menu..." - echo "if sleep --verbose --interruptible 5 ; then" - echo -e "\tterminal_input console serial" - echo "fi" - echo "" - # create xen kernels if they exist XEN_OPTS='dom0_mem=512M xenheap_megabytes=128' if [ -n "$xen_kernel_version" ]; then @@ -232,7 +212,7 @@ fi echo -e "\tlinux /boot/$livedir/vmlinuz $GRUB_OPTIONS $usb_console" echo -e "\tinitrd /boot/$livedir/initrd.img" echo -e "}" - + elif [ -n "$union_kernel_versions" ]; then for kversion in $union_kernel_versions; do echo @@ -260,8 +240,8 @@ fi echo -e "\tlinux /boot/vmlinuz $GRUB_OPTIONS $VGA_LOGO $vty_console" echo -e "\tinitrd /boot/initrd.img" echo -e "}" - - # Set the second system boot option. + + # Set the second system boot option. # Make the serial port be the default console in this one. echo echo -e "menuentry \"VyOS $version (Serial console)\" {" @@ -294,19 +274,19 @@ fi fi fi - # Set options for root password reset. Offer + # Set options for root password reset. Offer # options for both serial and KVM console. reset_boot_path=/boot if eval "$UNION"; then reset_boot_path=/boot/$livedir fi - + echo echo -e "menuentry \"Lost password change $version (KVM console)\" {" echo -e "\tlinux $reset_boot_path/vmlinuz $GRUB_OPTIONS $NOSELINUX $vty_console init=$pass_reset" echo -e "\tinitrd $reset_boot_path/initrd.img" echo -e "}" - + echo echo -e "menuentry \"Lost password change $version (Serial console)\" {" echo -e "\tlinux $reset_boot_path/vmlinuz $GRUB_OPTIONS $NOSELINUX $serial_console init=$pass_reset" @@ -319,14 +299,6 @@ fi echo -e "\tinitrd $reset_boot_path/initrd.img" echo -e "}" - if [ -n "$diag_drive_number" ]; then - echo - echo -e "menuentry \"Diagnostics\" {" - echo -e "\tchainloader (hd$diag_drive_number,1)+1" - echo -e "}" - fi - - ) >"$ROOTFSDIR"/boot/grub/grub.cfg ( [ -s /boot/grub/menu.lst ] && diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl index d04ad395..a91a66e8 100755 --- a/scripts/vyatta-interfaces.pl +++ b/scripts/vyatta-interfaces.pl @@ -363,15 +363,15 @@ sub dhcp { unlink($release_file); } elsif ($request eq "start") { print "Starting DHCP client on $intf ...\n"; - touch("/var/lib/dhcp3/$intf"); + touch("/var/lib/dhcp/$intf"); run_dhclient($intf); } elsif ($request eq "stop") { print "Stopping DHCP client on $intf ...\n"; stop_dhclient($intf); - unlink("/var/lib/dhcp3/dhclient_$intf\_lease"); - unlink("/var/lib/dhcp3/$intf"); + unlink("/var/lib/dhcp/dhclient_$intf\_lease"); + unlink("/var/lib/dhcp/$intf"); unlink("/var/run/vyatta/dhclient/dhclient_release_$intf"); - unlink("/var/lib/dhcp3/dhclient_$intf\.conf"); + unlink("/var/lib/dhcp/dhclient_$intf\.conf"); } else { die "Unknown DHCP request: $request\n"; } diff --git a/scripts/vyatta-load-user-key.pl b/scripts/vyatta-load-user-key.pl index 5c34b6ab..651a08b1 100755 --- a/scripts/vyatta-load-user-key.pl +++ b/scripts/vyatta-load-user-key.pl @@ -103,7 +103,7 @@ sub geturl { sub validate_keytype { my ($keytype) = @_; - if ($keytype eq 'ssh-rsa' || $keytype eq 'ssh-dss') { + if ($keytype eq 'ssh-rsa' || $keytype eq 'ssh-dss' || $keytype eq 'ecdsa-sha2-nistp256' || $keytype eq 'ecdsa-sha2-nistp384' || $keytype eq 'ecdsa-sha2-nistp521' || $keytype eq 'ssh-ed25519') { return 1; } return 0; @@ -135,7 +135,7 @@ sub getkeys { my $comment; $comment = join(' ', @fields); - die "Unknown key type $keytype : must be ssh-rsa or ssh-dss\n" + die "Unknown key type $keytype : must be one of ssh-rsa, ssh-dss, ecdsa-sha2-nistp* or ssh-ed25519\n" unless validate_keytype $keytype; my $cmd diff --git a/scripts/vyatta-system-nameservers b/scripts/vyatta-system-nameservers index 99019fd1..9c688e80 100755 --- a/scripts/vyatta-system-nameservers +++ b/scripts/vyatta-system-nameservers @@ -36,14 +36,6 @@ restart_dnsmasq () { fi } -restart_ntp () { - # restart ntp if ntp is configured - if [ -f /etc/ntp.conf ] && grep -q "^server" /etc/ntp.conf; then - sudo /opt/vyatta/sbin/vyatta_update_ntp.pl - /usr/sbin/invoke-rc.d ntp restart >&/dev/null - fi -} - update_system_nameservers () { nameserver=$1 touch /etc/resolv.conf @@ -70,7 +62,6 @@ update_system_nameservers () { mv -f /etc/resolv_tmp.conf /etc/resolv.conf fi restart_dnsmasq - restart_ntp } delete_system_nameserver () { @@ -79,7 +70,6 @@ delete_system_nameserver () { # remove specified nameserver sed -i "/$nameserver$/d" /etc/resolv.conf restart_dnsmasq - restart_ntp } # diff --git a/scripts/vyatta-update-grub.pl b/scripts/vyatta-update-grub.pl index a9e646ed..e4110ee0 100755 --- a/scripts/vyatta-update-grub.pl +++ b/scripts/vyatta-update-grub.pl @@ -25,7 +25,7 @@ use warnings; use Getopt::Long; use File::Temp qw/ :mktemp /; -my $UNION_BOOT_DIR = '/live/image/boot'; +my $UNION_BOOT_DIR = `/opt/vyatta/sbin/vyos-persistpath` . '/boot'; my $UNION_GRUB_CFG_DIR = "$UNION_BOOT_DIR/grub"; my $DISK_BOOT_DIR = '/boot'; my $DISK_GRUB_CFG_DIR= '/boot/grub'; diff --git a/scripts/vyatta-update-tunnel.pl b/scripts/vyatta-update-tunnel.pl index d4c652d0..de5019ab 100644 --- a/scripts/vyatta-update-tunnel.pl +++ b/scripts/vyatta-update-tunnel.pl @@ -10,7 +10,7 @@ GetOptions("interface=s" => \$iface, "tunnel=s" => \$tunnel, "option=s" => \$option ); -my $FILE_DHCP_HOOK = "/etc/dhcp3/dhclient-exit-hooks.d/tunnel-$tunnel"; +my $FILE_DHCP_HOOK = "/etc/dhcp/dhclient-exit-hooks.d/tunnel-$tunnel"; my $dhcp_hook = ''; if ($option eq 'create') { $dhcp_hook =<<EOS; diff --git a/scripts/vyatta_net_name b/scripts/vyatta_net_name index 90dd8615..53ae9fba 100755 --- a/scripts/vyatta_net_name +++ b/scripts/vyatta_net_name @@ -23,7 +23,7 @@ use Fcntl qw(:flock); my $BOOTFILE = "/opt/vyatta/etc/config/config.boot"; my $VYATTACFG = "/opt/vyatta/config/active"; -my $UDEVDIR = "/dev/.udev/"; +my $UDEVDIR = "/run/udev/"; my $VYATTAUDEV = $UDEVDIR . "vyatta"; my $LOCKFILE = $UDEVDIR . ".vyatta-lock"; my $UDEVLOG = $UDEVDIR . "log/"; diff --git a/scripts/vyos-intfwatchd b/scripts/vyos-intfwatchd deleted file mode 100644 index b8bde3f3..00000000 --- a/scripts/vyos-intfwatchd +++ /dev/null @@ -1,160 +0,0 @@ -#!/usr/bin/perl -# -# Module: vyos-restore-static-ipv6.pl -# -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# Copyright (C) 2014 VyOS Development Group -# -# **** End License **** - -use lib "/opt/vyatta/share/perl5"; -use strict; -use warnings; -use POSIX; -use Fcntl; -use Sys::Syslog; -use Vyatta::Config; -use Vyatta::Interface; -use Data::Dumper; - -use constant -{ - # Program settings - PROGRAM_NAME => "vyos-intfwatchd", - PROGRAM_VERSION => "1.0", - PID_FILE => "/var/run/vyos-intfwatchd.pid", - - # Program exit codes - SUCCESS => 0, - ERROR => 1, - - # Subroutine error codes - SUB_ERROR => 0, - SUB_SUCCESS => 1, - - # Fcntl file lock/unlock constants - SET_EXCLUSIVE_LOCK => 2, - UNLOCK => 8 -}; - -my $debug = 0; - -sub daemonize -{ - syslog("info", "%s", "Starting in daemon mode"); - - my $pid = fork(); - if (!defined($pid)) - { - # Fork failed - die "Could not spawn child process: $!, exiting"; - } - elsif ($pid > 0) - { - # Child has been spawned succefully, - # parent should terminate now - exit(SUCCESS); - } - chdir("/"); - umask(0); - setsid(); - - # Close standard i/o stream descriptors - open STDIN, "/dev/null" or die "Can't read /dev/null: $!"; - open STDOUT, ">>/dev/null" or die "Can't write to /dev/null: $!"; - open STDERR, ">>/dev/null" or die "Can't write to /dev/null: $!"; -} - -sub writePid -{ - my ($pid, $fh) = @_; - - unless (flock($fh, SET_EXCLUSIVE_LOCK)) - { - syslog("err", "%s", "Could not lock PID file: $!"); - exit(ERROR); - } - - print($fh $pid); -} - -sub releasePid -{ - my $fh = shift; - flock($fh, UNLOCK); - close($fh); - unlink(PID_FILE); -} - - -daemonize(); -my $pidFile = PID_FILE; -unless (open PID_HANDLE, ">$pidFile") -{ - syslog("err", "%s", "Could not create PID file: $!"); - exit(1); -} -writePid($$, \*PID_HANDLE); - -my $config = new Vyatta::Config(); - -my $ip_monitor = "ip monitor link"; -unless (open(HANDLE, "$ip_monitor|")) -{ - syslog("err", "%s", qq{Could not start IP monitor: $!\n}); - exit(1); -} - -sub terminate -{ - my $error = shift; - syslog("notice", "%s", PROGRAM_NAME." is terminating"); - releasePid(\*PID_HANDLE); - exit(0); -} - -$SIG{'INT'} = \&terminate; -$SIG{'TERM'} = \&terminate; -$SIG{'KILL'} = sub { exit(0); }; - -# This solution should be bad enough to be fixed immediately -# when feasible. - -while(<HANDLE>) -{ - if( $_ =~ /^[0-9]+:\s+([^@]+)(@.*)*:\s+<.*UP,.*>/ ) - { - my $intf_name = $1; - my $intf = new Vyatta::Interface($intf_name); - my $intf_addr_path = $intf->path() . " address"; - - # Get IPv6 addresses - my @addresses = grep /:/, $config->returnEffectiveValues($intf_addr_path); - print Dumper(@addresses) if $debug; - - foreach my $address (@addresses) - { - system("ip address add $address dev $intf_name"); - if( $? != 0 ) - { - syslog("err", "%s", "Could not add address $address: $!"); - } - else - { - syslog("notice", "%s", "Restoring address $address on interface $intf_name"); - } - } - - $intf = undef; - } -} - diff --git a/scripts/vyos-persistpath b/scripts/vyos-persistpath new file mode 100755 index 00000000..d7199b09 --- /dev/null +++ b/scripts/vyos-persistpath @@ -0,0 +1,19 @@ +#!/bin/bash + +if grep -q -e '^overlay.*/filesystem.squashfs' /proc/mounts; then + # Live CD boot + exit 2 + +elif grep -q 'upperdir=/live/persistence/' /proc/mounts && egrep -q 'overlay / overlay ' /proc/mounts; then + # union boot + + boot_device=`grep -o 'upperdir=/live/persistence/[^/]*/boot' /proc/mounts | cut -d / -f 4` + persist_path="/lib/live/mount/persistence/$boot_device" + + echo $persist_path + exit 0 +else + # old style boot + + exit 1 +fi
\ No newline at end of file |