From 3cc31793d57ce05421300ce4e8a1a1352291db85 Mon Sep 17 00:00:00 2001
From: Kim <kim.sidney@gmail.com>
Date: Fri, 6 Aug 2021 12:16:36 +0200
Subject: T1153: VyOS 1.2.0RC10, RAID-1, fresh install, unable to save
 configEquuleus (#159)

* add search for same drive size if more than 2 drives are installed
* add ability to configure RAID-1 by selecting 2 drives
* cleaning up sysconf/filecaps rights
* cleaning up sysconf/filecaps rights xtables-monitor
---
 scripts/install/install-functions     | 58 +++++++++++++++++++++++++++++-
 scripts/install/install-get-partition | 66 +++++++++++++++++++++++++++++++----
 scripts/install/install-postinst-new  |  4 ---
 sysconf/filecaps                      |  4 +--
 4 files changed, 118 insertions(+), 14 deletions(-)

diff --git a/scripts/install/install-functions b/scripts/install/install-functions
index e319b84d..458d2e63 100755
--- a/scripts/install/install-functions
+++ b/scripts/install/install-functions
@@ -177,7 +177,7 @@ select_drive () {
   drives=$(cat /proc/partitions | \
            awk '{ if ($4!="name") { print $4 } }' | \
            egrep "c[0-9]d[0-9]$|[hsv]d[a-z]$|nvme[0-9]n[0-9]|mmcblk[0-9]" | \
-           egrep -v "^$")
+           egrep -v "^$" | sort)
 
   #this needs more testing to decide if better than above
   #drives=$(lsblk -dn -o name -I8)
@@ -370,3 +370,59 @@ EOF
   return 1
 }
 
+# Find 2 drives of the same size.
+get_size_raid ()
+{
+  x=0
+  declare -i x
+  for drive in "${driveName[@]}"
+  do
+    drivesize=${driveSize[$x]}
+    y=0
+    declare -i y
+    for size in ${driveSize[@]}
+    do
+      if [ $drivesize -eq $size ] && [ $drive != ${driveName[$y]} ]; then
+        raiddrives="${driveName[$y]} $drive"
+      fi
+      y+=1
+    done
+    x+=1
+  done
+  if [ -n "$raiddrives" ]; then
+    echo $raiddrives
+  fi
+}
+
+# Manually select 2 items for use in RAID-1
+get_manual_raid ()
+{
+  PS3="Select the first drive: "
+  IFS=$'\n' s_driveNameSize=($(sort <<<"${driveNameSize[*]}"))
+  unset IFS
+  select drive1 in "${s_driveNameSize[@]}"
+  do
+      break
+  done
+
+  driveNameSize=()
+  for drive in "${driveName[@]}"
+  do
+    if ! echo $drive1 | grep -q $drive; then
+      driveNameSize+=("$drive $(get_drive_size $drive) MB")
+    fi
+  done
+
+  PS3="Select the second drive: "
+  IFS=$'\n' s_driveNameSize=($(sort <<<"${driveNameSize[*]}"))
+  unset IFS
+  select drive2 in "${s_driveNameSize[@]}"
+  do
+      break
+  done
+
+  drive1=`echo $drive1 | awk '{ print $1 }'`
+  drive2=`echo $drive2 | awk '{ print $1 }'`
+
+  echo $drive1 $drive2
+}
diff --git a/scripts/install/install-get-partition b/scripts/install/install-get-partition
index 5d4f5541..24807794 100755
--- a/scripts/install/install-get-partition
+++ b/scripts/install/install-get-partition
@@ -114,7 +114,11 @@ check_for_old_raid () {
         drive=${member:0:3}
         part=${member:3:1}
         echo "Re-setting partition ID for RAID group $raid_drive member /dev/${member}:"
-        sfdisk --change-id /dev/$drive $part 0x83
+        if [ -d /sys/firmware/efi ]; then
+          sgdisk --part-type /dev/$drive $part 0x83
+	else
+          sfdisk --part-type /dev/$drive $part 0x83
+	fi
         echo "Clearing RAID superblock from RAID group $raid_drive member /dev/${member}."
         mdadm --zero-superblock /dev/$member
 	    done
@@ -192,6 +196,9 @@ check_for_old_raid () {
 
 check_for_new_raid () {
   # Identify physical drives
+  driveName=()
+  driveSize=()
+  driveNameSize=()
   drives=$(cat /proc/partitions | awk '{ if ($4!="name") { print $4 } }' \
            | egrep -v "[0-9]$" | egrep -v "^$")
 
@@ -200,17 +207,63 @@ check_for_new_raid () {
       if mount | grep iso9660 | grep -q $instdrv
       then
           drives=${drives//"$instdrv"/}
+      else
+          driveName+=("$instdrv")
+          driveSize+=($(get_drive_size $instdrv))
+          driveNameSize+=("$instdrv $(get_drive_size $instdrv) MB")
       fi
   done
 
   numdrives=`echo $drives | wc -w`
 
-  # Need at least two drives for RAID-1.  We don't yet have the code
-  # to handle selection of two from a set of 3 or more, so for now, we
-  # only support two drives.
-  #
-  if [ $numdrives -ne 2 ]; then
+  # Need at least two drives for RAID-1. If there are more than two
+  # drives found we have the option to check for two drives of the same size
+  # or configure manually.
+
+  if [ $numdrives -lt 2 ]; then
     return
+  elif [ $numdrives -gt 2 ]; then
+    echo "Found ${numdrives} drives."
+    echo -n "Would you like to configure RAID-1 mirroring? (Yes/No) [Yes]:"
+    response=$(get_response "Yes" "Yes No Y N")
+    if [ "$response" == "no" ] || [ "$response" == "n" ]; then
+      echo "Ok.  Not configuring RAID-1."
+      return
+    else
+      echo -n "Would you like find and use 2 drives of the same size? (Yes/No) [Yes]:"
+      response=$(get_response "Yes" "Yes No Y N")
+      if [ "$response" == "yes" ] || [ "$response" == "y" ]; then
+        raiddrives=$(get_size_raid)
+        if [ -n "$raiddrives" ]; then
+          drives=$raiddrives
+        else
+          echo "No drives with the same size found."
+          echo -n "Would you like to manually select the drives? (Yes/No) [Yes]:"
+          response=$(get_response "Yes" "Yes No Y N")
+          if [ "$response" == "yes" ] || [ "$response" == "y" ]; then
+            raiddrives=$(get_manual_raid)
+            if [ -n "$raiddrives" ]; then
+              drives=$raiddrives
+	    fi
+          else
+            echo "Ok.  Not configuring RAID-1."
+            return
+          fi
+        fi
+      else
+        echo -n "Would you like to manually select the drives? (Yes/No) [Yes]:"
+        response=$(get_response "Yes" "Yes No Y N")
+        if [ "$response" == "yes" ] || [ "$response" == "y" ]; then
+          raiddrives=$(get_manual_raid)
+          if [ -n "$raiddrives" ]; then
+            drives=$raiddrives
+	  fi
+        else
+          echo "Ok.  Not configuring RAID-1."
+          return
+        fi
+      fi
+    fi
   fi
 
   drive1=`echo $drives | awk '{ print $1 }'`
@@ -1005,4 +1058,3 @@ fi
 echo "$ROOT_PARTITION_TYPE $ROOT_PARTITION $INSTALL_DRIVE" >$OUTFILE
 becho 'Done!'
 exit 0
-
diff --git a/scripts/install/install-postinst-new b/scripts/install/install-postinst-new
index 3a20cac3..0078287f 100755
--- a/scripts/install/install-postinst-new
+++ b/scripts/install/install-postinst-new
@@ -124,10 +124,6 @@ install_grub () {
   progress_indicator start
 
  if [ -f "/tmp/efiparts.tmp" ]; then
-     # Remove grub-pc packages
-     dpkg -r grub-pc grub2 >&/dev/null
-     # Install grub-efi packages
-     dpkg -i /usr/share/vyos/packages/grub-efi*.deb >&/dev/null
      mkdir -p $grub_root/boot/efi
      readarray parts < /tmp/efiparts.tmp
      part_length=${#parts[@]}
diff --git a/sysconf/filecaps b/sysconf/filecaps
index 96eadff4..c6ab140d 100644
--- a/sysconf/filecaps
+++ b/sysconf/filecaps
@@ -5,7 +5,8 @@ cap_net_admin=pe	/sbin/ethtool
 cap_net_admin=pe	/sbin/tc
 cap_net_admin=pe	/bin/ip
 # handles /sbin/iptables and /sbin/ip6tables symlink target
-cap_net_admin=pe	/sbin/xtables-multi
+cap_net_admin=pe	/sbin/xtables-legacy-multi
+cap_net_admin=pe	/sbin/xtables-nft-multi
 cap_net_admin=pe	/usr/sbin/ipset
 cap_net_admin=pe	/usr/sbin/conntrack
 cap_net_admin=pe	/usr/sbin/arp
@@ -13,7 +14,6 @@ cap_net_admin=pe	/sbin/brctl
 
 # Raw sockets
 cap_net_raw=pe	/usr/sbin/tcpdump
-cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap
 
 # Allow changes to system settings
 cap_net_admin,cap_sys_admin=pe /sbin/sysctl
-- 
cgit v1.2.3