From dbf2854bb2ab4006792d1dfefc6021657f99b034 Mon Sep 17 00:00:00 2001 From: Kim Hagen Date: Wed, 3 Feb 2016 03:22:23 -0500 Subject: Add hooks or live-build. --- data/live-build-config/hooks/00-mk_buildid.chroot | 22 +++ data/live-build-config/hooks/01-interfaces.chroot | 12 ++ data/live-build-config/hooks/02-issue.chroot | 10 ++ .../hooks/03-root_bash_completion.chroot | 10 ++ data/live-build-config/hooks/04-locale.chroot | 8 + data/live-build-config/hooks/05-event_tty.chroot | 34 ++++ data/live-build-config/hooks/07-apt.chroot | 8 + data/live-build-config/hooks/08-sysconf.chroot | 47 ++++++ data/live-build-config/hooks/09-live.chroot | 6 + data/live-build-config/hooks/10-unmountfs.chroot | 12 ++ data/live-build-config/hooks/11-busybox.chroot | 183 +++++++++++++++++++++ .../hooks/12-udev-initramfs.chroot | 9 + .../live-build-config/hooks/13-sources_list.chroot | 4 + data/live-build-config/hooks/14-fuse.chroot | 4 + .../hooks/15-gen_initramfs.chroot | 4 + 15 files changed, 373 insertions(+) create mode 100755 data/live-build-config/hooks/00-mk_buildid.chroot create mode 100755 data/live-build-config/hooks/01-interfaces.chroot create mode 100755 data/live-build-config/hooks/02-issue.chroot create mode 100755 data/live-build-config/hooks/03-root_bash_completion.chroot create mode 100755 data/live-build-config/hooks/04-locale.chroot create mode 100755 data/live-build-config/hooks/05-event_tty.chroot create mode 100755 data/live-build-config/hooks/07-apt.chroot create mode 100755 data/live-build-config/hooks/08-sysconf.chroot create mode 100755 data/live-build-config/hooks/09-live.chroot create mode 100755 data/live-build-config/hooks/10-unmountfs.chroot create mode 100755 data/live-build-config/hooks/11-busybox.chroot create mode 100755 data/live-build-config/hooks/12-udev-initramfs.chroot create mode 100755 data/live-build-config/hooks/13-sources_list.chroot create mode 100755 data/live-build-config/hooks/14-fuse.chroot create mode 100755 data/live-build-config/hooks/15-gen_initramfs.chroot (limited to 'data') diff --git a/data/live-build-config/hooks/00-mk_buildid.chroot b/data/live-build-config/hooks/00-mk_buildid.chroot new file mode 100755 index 00000000..087addad --- /dev/null +++ b/data/live-build-config/hooks/00-mk_buildid.chroot @@ -0,0 +1,22 @@ +#!/bin/sh +# create the buildid file + +etcdir=/opt/vyatta/etc + +[ -d $etcdir ] || mkdir -p -m 0755 $etcdir +rm -f $etcdir/build.txt $etcdir/iso-build.txt $etc/iso-submodules.txt + +## NOTE: on live image build, these files are in the chroot/root +## however, during install, these are in /cdrom +for f in iso-build.txt iso-submodules.txt ; do + if [ -f /cdrom/$f ] ; then + cp /cdrom/$f $etcdir + elif [ -f /$f ] ; then + cp /$f $etcdir + else + >$etcdir/$f + fi +done + +# backwards compatible symlink +ln -s iso-build.txt $etcdir/build.txt diff --git a/data/live-build-config/hooks/01-interfaces.chroot b/data/live-build-config/hooks/01-interfaces.chroot new file mode 100755 index 00000000..8d218ea4 --- /dev/null +++ b/data/live-build-config/hooks/01-interfaces.chroot @@ -0,0 +1,12 @@ +#!/bin/sh + +if ! grep '^auto lo' /etc/network/interfaces &> /dev/null ; then + mkdir -p -m 0755 /etc/network + cat >> /etc/network/interfaces <<-EOF + + # The loopback network interface + auto lo + iface lo inet loopback + + EOF +fi diff --git a/data/live-build-config/hooks/02-issue.chroot b/data/live-build-config/hooks/02-issue.chroot new file mode 100755 index 00000000..732ebeb0 --- /dev/null +++ b/data/live-build-config/hooks/02-issue.chroot @@ -0,0 +1,10 @@ +#!/bin/sh + +echo I: Rewriting /etc/issue and /etc/issue.net +cat < etc/issue +Welcome to VyOS - \n \l + +EOF +cat < etc/issue.net +Welcome to VyOS +EOF diff --git a/data/live-build-config/hooks/03-root_bash_completion.chroot b/data/live-build-config/hooks/03-root_bash_completion.chroot new file mode 100755 index 00000000..b7ea8f52 --- /dev/null +++ b/data/live-build-config/hooks/03-root_bash_completion.chroot @@ -0,0 +1,10 @@ +#!/bin/sh + +grep -q '\(^[^#]*\)\(\.\|source\) /etc/bash_completion' root/.bashrc || \ + cat <<-EOF >> root/.bashrc + + source /etc/bash_completion + EOF + +sed -i 's/set $BASH_COMPLETION_ORIGINAL_V_VALUE/builtin set $BASH_COMPLETION_ORIGINAL_V_VALUE/g' /usr/share/bash-completion/bash_completion + diff --git a/data/live-build-config/hooks/04-locale.chroot b/data/live-build-config/hooks/04-locale.chroot new file mode 100755 index 00000000..1c02db02 --- /dev/null +++ b/data/live-build-config/hooks/04-locale.chroot @@ -0,0 +1,8 @@ +#!/bin/sh + +echo I: Set default locale +cat <etc/default/locale +LANG=en_US.UTF-8 +LC_ALL=C +EOF + diff --git a/data/live-build-config/hooks/05-event_tty.chroot b/data/live-build-config/hooks/05-event_tty.chroot new file mode 100755 index 00000000..a00167f7 --- /dev/null +++ b/data/live-build-config/hooks/05-event_tty.chroot @@ -0,0 +1,34 @@ +#!/bin/sh + +if [ -r etc/event.d/tty1 ] ; then + echo I: Delay getty until rcX completes + sed -i 's/start on runlevel /start on stopped rc/' \ + etc/event.d/tty[1-6] + if [ ! -r etc/event.d/ttyS0 ] && [ -c dev/ttyS0 ] ; then + echo I: Enable serial console login + cat <<-EOF > etc/event.d/ttyS0 + # ttyS0 - getty + # + # This service maintains a getty on ttyS0 from the point the system is + # started until it is shut down again. + + start on stopped rc2 + start on stopped rc3 + start on stopped rc4 + start on stopped rc5 + + stop on runlevel 0 + stop on runlevel 1 + stop on runlevel 6 + + respawn + exec /sbin/getty 9600 ttyS0 vt100 + + EOF + fi +fi + +if [ -r etc/inittab ] && [ -c dev/ttyS0 ] && grep -q '^#T0:.*getty.*ttyS0' etc/inittab ; then + echo I: Enable serial console login + sed -i '/^#T0:/s|^#.*$|T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100|' etc/inittab +fi diff --git a/data/live-build-config/hooks/07-apt.chroot b/data/live-build-config/hooks/07-apt.chroot new file mode 100755 index 00000000..8db33a78 --- /dev/null +++ b/data/live-build-config/hooks/07-apt.chroot @@ -0,0 +1,8 @@ +#!/bin/sh + +if [ -e /cdrom/vyatta-pubkey.gpg ] ; then + apt-key add /cdrom/vyatta-pubkey.gpg +elif [ -e /vyatta-pubkey.gpg ] ; then + apt-key add /vyatta-pubkey.gpg + rm -f /vyatta-pubkey.gpg +fi diff --git a/data/live-build-config/hooks/08-sysconf.chroot b/data/live-build-config/hooks/08-sysconf.chroot new file mode 100755 index 00000000..b0399027 --- /dev/null +++ b/data/live-build-config/hooks/08-sysconf.chroot @@ -0,0 +1,47 @@ +#!/bin/sh + +for conf in motd.tail syslog.conf; do + cp -f /opt/vyatta/etc/$conf /etc/$conf +done + +cp -f /opt/vyatta/etc/default_ssh /etc/default/ssh +>/etc/pam_radius_auth.conf + +update_sysctl_conf () +{ + var=$1 + val=$2 + comment=$3 + sysctl_conf=/etc/sysctl.conf + + if grep -q "^${var}[[:space:]]*=" $sysctl_conf ; then + sed -i "/^${var}[[:space:]]*=/ s,=.*,= ${val}," $sysctl_conf + elif grep -q "^#[[:space:]]*${var}[[:space:]]*=" $sysctl_conf ; then + sed -i "/^#[[:space:]]*${var}[[:space:]]*=/ { s,^#[[:space:]]*,, ; s,[[:space:]]*=.*, = ${val},} " $sysctl_conf + else + cat <<-EOF >> $sysctl_conf + + # $comment + $var = $val + EOF + fi +} + +update_sysctl_conf kernel.printk "4 4 1 7" \ + "the following stops low-level messages on console" +update_sysctl_conf net.ipv4.conf.default.arp_filter 1 \ + "reset promiscous arp response" +update_sysctl_conf net.ipv4.conf.all.promote_secondaries 1 \ + "promote secondaries with removal of primary address" +update_sysctl_conf net.ipv4.ip_forward 1 \ + "enable ipv4 forwarding" +# FIXME! need to load or staticly link ipv6 module before adding this. +# update_sysctl_conf net.ipv6.conf.all.forwarding 1 \ +# "enable ipv6 forwarding" +update_sysctl_conf net.core.rmem_max 223232 \ + "maximize netlink buffers" + +# Local Variables: +# mode: shell-script +# sh-indentation: 4 +# End: diff --git a/data/live-build-config/hooks/09-live.chroot b/data/live-build-config/hooks/09-live.chroot new file mode 100755 index 00000000..e2f95ff3 --- /dev/null +++ b/data/live-build-config/hooks/09-live.chroot @@ -0,0 +1,6 @@ +#!/bin/sh + +# hack live script that tries to mount ext[23] floppies as root + +sed -e '/ln -s "${devname}"/,/return 0/ s/^/: FIXME/' \ + -i /usr/share/initramfs-tools/scripts/live diff --git a/data/live-build-config/hooks/10-unmountfs.chroot b/data/live-build-config/hooks/10-unmountfs.chroot new file mode 100755 index 00000000..7992a4d2 --- /dev/null +++ b/data/live-build-config/hooks/10-unmountfs.chroot @@ -0,0 +1,12 @@ +#!/bin/sh + +# hack umountfs script to cleanly unmount live systems + +sed \ + -e '/proc|procfs|linprocfs/ s/)/|squashfs|iso9660)/' \ + -e '/tmpfs)/ a\ + [ "$MTPT" != "/media" ] && \ + [ "$MTPT" != "/live" ] && \ + [ "$MTPT" != "/live/cow" ] && +' \ + -i /etc/init.d/umountfs diff --git a/data/live-build-config/hooks/11-busybox.chroot b/data/live-build-config/hooks/11-busybox.chroot new file mode 100755 index 00000000..fecce616 --- /dev/null +++ b/data/live-build-config/hooks/11-busybox.chroot @@ -0,0 +1,183 @@ +#!/bin/sh + +# create busybox alternatives + +bb=`which busybox` +applets=$(busybox | sed '1,/^Currently defined functions:/d; s/[\[,]//g; s/ / /g; s/$/ /g') + +bb_alternative () +{ + full=$1 + full_bb=${full}.bb + app=${full##*/} + if [ ! -x $full ] && (echo -n "$applets" | grep -q " $app "); then + ln -s $bb $full_bb + update-alternatives --install $full $app $full_bb 10 + fi +} + +bb_alternative /bin/bunzip2 +bb_alternative /bin/bzcat +bb_alternative /bin/cat +bb_alternative /bin/chgrp +bb_alternative /bin/chmod +bb_alternative /bin/chown +bb_alternative /bin/cp +bb_alternative /bin/cpio +bb_alternative /bin/date +bb_alternative /bin/dd +bb_alternative /bin/df +bb_alternative /bin/dmesg +bb_alternative /bin/echo +bb_alternative /bin/egrep +bb_alternative /bin/false +bb_alternative /bin/fgrep +bb_alternative /bin/grep +bb_alternative /bin/gunzip +bb_alternative /bin/gzip +bb_alternative /bin/hostname +bb_alternative /bin/ip +bb_alternative /bin/kill +bb_alternative /bin/ln +bb_alternative /bin/login +bb_alternative /bin/ls +bb_alternative /bin/mkdir +bb_alternative /bin/mknod +bb_alternative /bin/mktemp +bb_alternative /bin/more +bb_alternative /bin/mount +bb_alternative /bin/mt +bb_alternative /bin/mv +bb_alternative /bin/nc +bb_alternative /bin/netstat +bb_alternative /bin/pidof +bb_alternative /bin/ping +bb_alternative /bin/ping6 +bb_alternative /bin/ps +bb_alternative /bin/pwd +bb_alternative /bin/readlink +bb_alternative /bin/rm +bb_alternative /bin/rmdir +bb_alternative /bin/run-parts +bb_alternative /bin/sed +bb_alternative /bin/sh +bb_alternative /bin/sleep +bb_alternative /bin/stty +bb_alternative /bin/sync +bb_alternative /bin/tar +bb_alternative /bin/touch +bb_alternative /bin/true +bb_alternative /bin/umount +bb_alternative /bin/uname +bb_alternative /bin/uncompress +bb_alternative /bin/which +bb_alternative /bin/zcat + +bb_alternative /sbin/ifconfig +bb_alternative /sbin/ip +bb_alternative /sbin/iptunnel +bb_alternative /sbin/klogd +bb_alternative /sbin/losetup +bb_alternative /sbin/nameif +bb_alternative /sbin/route +bb_alternative /sbin/start-stop-daemon +bb_alternative /sbin/swapoff +bb_alternative /sbin/swapon +bb_alternative /sbin/syslogd + +bb_alternative /usr/bin/adjtimex +bb_alternative /usr/bin/ar +bb_alternative /usr/bin/arping +bb_alternative /usr/bin/awk +bb_alternative /usr/bin/basename +bb_alternative /usr/bin/cal +bb_alternative /usr/bin/chvt +bb_alternative /usr/bin/clear +bb_alternative /usr/bin/cmp +bb_alternative /usr/bin/cut +bb_alternative /usr/bin/dc +bb_alternative /usr/bin/deallocvt +bb_alternative /usr/bin/dirname +bb_alternative /usr/bin/dos2unix +bb_alternative /usr/bin/dumpkmap +bb_alternative /usr/bin/du +bb_alternative /usr/bin/env +bb_alternative /usr/bin/expr +bb_alternative /usr/bin/find +bb_alternative /usr/bin/fold +bb_alternative /usr/bin/free +bb_alternative /usr/bin/ftpget +bb_alternative /usr/bin/ftpput +bb_alternative /usr/bin/getopt +bb_alternative /usr/bin/head +bb_alternative /usr/bin/hexdump +bb_alternative /usr/bin/hostid +bb_alternative /usr/bin/id +bb_alternative /usr/bin/ipaddr +bb_alternative /usr/bin/ipcalc +bb_alternative /usr/bin/iplink +bb_alternative /usr/bin/iproute +bb_alternative /usr/bin/killall +bb_alternative /usr/bin/last +bb_alternative /usr/bin/loadfont +bb_alternative /usr/bin/loadkmap +bb_alternative /usr/bin/logger +bb_alternative /usr/bin/logname +bb_alternative /usr/bin/logread +bb_alternative /usr/bin/md5sum +bb_alternative /usr/bin/mkfifo +bb_alternative /usr/bin/nslookup +bb_alternative /usr/bin/od +bb_alternative /usr/bin/openvt +bb_alternative /usr/bin/patch +bb_alternative /usr/bin/printf +bb_alternative /usr/bin/rdate +bb_alternative /usr/bin/realpath +bb_alternative /usr/bin/rpm +bb_alternative /usr/bin/rpm2cpio +bb_alternative /usr/bin/renice +bb_alternative /usr/bin/reset +bb_alternative /usr/bin/setkeycodes +bb_alternative /usr/bin/sha1sum +bb_alternative /usr/bin/sort +bb_alternative /usr/bin/strings +bb_alternative /usr/bin/tail +bb_alternative /usr/bin/tee +bb_alternative /usr/bin/test +bb_alternative /usr/bin/tftp +bb_alternative /usr/bin/time +bb_alternative /usr/bin/top +bb_alternative /usr/bin/touch +bb_alternative /usr/bin/tr +bb_alternative /usr/bin/traceroute +bb_alternative /usr/bin/tty +bb_alternative /usr/bin/uniq +bb_alternative /usr/bin/unix2dos +bb_alternative /usr/bin/unzip +bb_alternative /usr/bin/uptime +bb_alternative /usr/bin/usleep +bb_alternative /usr/bin/uudecode +bb_alternative /usr/bin/uuencode +bb_alternative /usr/bin/vi +bb_alternative /usr/bin/watch +bb_alternative /usr/bin/wc +bb_alternative /usr/bin/wget +bb_alternative /usr/bin/which +bb_alternative /usr/bin/who +bb_alternative /usr/bin/whoami +bb_alternative /usr/bin/xargs +bb_alternative /usr/bin/yes + +bb_alternative /usr/sbin/chroot +bb_alternative /usr/sbin/dumpleases +bb_alternative /usr/sbin/httpd +bb_alternative /usr/sbin/telnetd +bb_alternative /usr/sbin/traceroute +bb_alternative /usr/sbin/udhcpc +bb_alternative /usr/sbin/udhcpd +bb_alternative /usr/sbin/watchdog + +# Local Variables: +# mode: shell-script +# sh-indentation: 4 +# End: diff --git a/data/live-build-config/hooks/12-udev-initramfs.chroot b/data/live-build-config/hooks/12-udev-initramfs.chroot new file mode 100755 index 00000000..13bdfb89 --- /dev/null +++ b/data/live-build-config/hooks/12-udev-initramfs.chroot @@ -0,0 +1,9 @@ +#!/bin/sh + +# this was a "local patch" but patch generates a .orig file if it doesn't +# apply cleanly, which is not good when all files in the hook directory are +# executed. just use sed to hack the udev hook here. + +sed -i 's/^\(mount -n -o move \/dev .*\/dev\)$/\1 2>\/dev\/null/' \ + /usr/share/initramfs-tools/scripts/init-bottom/udev + diff --git a/data/live-build-config/hooks/13-sources_list.chroot b/data/live-build-config/hooks/13-sources_list.chroot new file mode 100755 index 00000000..956f9bba --- /dev/null +++ b/data/live-build-config/hooks/13-sources_list.chroot @@ -0,0 +1,4 @@ +#!/bin/sh + +rm -f /etc/apt/sources.list.d/*.list >/dev/null 2>&1 || true + diff --git a/data/live-build-config/hooks/14-fuse.chroot b/data/live-build-config/hooks/14-fuse.chroot new file mode 100755 index 00000000..126dc626 --- /dev/null +++ b/data/live-build-config/hooks/14-fuse.chroot @@ -0,0 +1,4 @@ +#!/bin/sh + +sed -i 's/#user_allow_other/user_allow_other/g' /etc/fuse.conf +chmod a+r /etc/fuse.conf diff --git a/data/live-build-config/hooks/15-gen_initramfs.chroot b/data/live-build-config/hooks/15-gen_initramfs.chroot new file mode 100755 index 00000000..aced728a --- /dev/null +++ b/data/live-build-config/hooks/15-gen_initramfs.chroot @@ -0,0 +1,4 @@ +#!/bin/sh + +echo I: Create initramfs if it does not exist. +update-initramfs -c -k `ls /boot | grep vmlinuz- | sed 's/vmlinuz-//g'` -- cgit v1.2.3 From 03705b9f859c01a610e399cc3523c61a484a36cb Mon Sep 17 00:00:00 2001 From: Kim Hagen Date: Wed, 3 Feb 2016 03:24:47 -0500 Subject: Removed fuse.conf file, will be generated in hooks --- data/live-build-config/includes.chroot/etc/fuse.conf | 1 - 1 file changed, 1 deletion(-) delete mode 100644 data/live-build-config/includes.chroot/etc/fuse.conf (limited to 'data') diff --git a/data/live-build-config/includes.chroot/etc/fuse.conf b/data/live-build-config/includes.chroot/etc/fuse.conf deleted file mode 100644 index a439ab82..00000000 --- a/data/live-build-config/includes.chroot/etc/fuse.conf +++ /dev/null @@ -1 +0,0 @@ -user_allow_other -- cgit v1.2.3 From ab3d92de1b23654730c8d317a376bfc6301e92c7 Mon Sep 17 00:00:00 2001 From: Kim Hagen Date: Wed, 3 Feb 2016 06:41:13 -0500 Subject: Add hook that prevent services from starting at boot. --- .../hooks/16-disable_services.chroot | 27 ++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100755 data/live-build-config/hooks/16-disable_services.chroot (limited to 'data') diff --git a/data/live-build-config/hooks/16-disable_services.chroot b/data/live-build-config/hooks/16-disable_services.chroot new file mode 100755 index 00000000..c68a6b3d --- /dev/null +++ b/data/live-build-config/hooks/16-disable_services.chroot @@ -0,0 +1,27 @@ +#!/bin/sh + +echo I: Disabling services. +systemctl disable exim4 +/usr/sbin/update-rc.d -f exim4 remove +systemctl disable isc-dhcp-server +/usr/sbin/update-rc.d -f isc-dhcp-server remove +systemctl disable isc-dhcp-relay +/usr/sbin/update-rc.d -f isc-dhcp-relay remove +systemctl disable nfacctd +/usr/sbin/update-rc.d -f nfacctd remove +systemctl disable pmacctd +/usr/sbin/update-rc.d -f pmacctd remove +systemctl disable sfacctd +/usr/sbin/update-rc.d -f sfacctd remove +systemctl disable uacctd +/usr/sbin/update-rc.d -f uacctd remove +systemctl disable lighttpd +/usr/sbin/update-rc.d -f lighttpd remove +systemctl disable ssh +/usr/sbin/update-rc.d -f ssh remove +systemctl disable openvpn +/usr/sbin/update-rc.d -f openvpn remove +systemctl disable dnsmasq +/usr/sbin/update-rc.d -f dnsmasq remove +systemctl disable lldpd +/usr/sbin/update-rc.d -f lldpd remove -- cgit v1.2.3