From d0788d8dd8453d10446ef07c3b6d395b7a3ad0e3 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Thu, 19 Jul 2012 03:16:03 +0200 Subject: Renaming example hooks to the newer filename patter that is required by live-build since a while. --- .../hooks/all_binary_debian-installer-banner.sh | 34 -- examples/hooks/all_binary_live-helper.sh | 24 - .../hooks/all_chroot_debian-live-pxe-server.sh | 17 - examples/hooks/all_chroot_hal-automount.sh | 16 - examples/hooks/all_chroot_kernel-purge.sh | 10 - examples/hooks/all_chroot_linux-modules.sh | 15 - examples/hooks/all_chroot_localepurge.sh | 22 - examples/hooks/all_chroot_losetup-lukshome.sh | 495 --------------------- examples/hooks/all_chroot_minimal.sh | 33 -- examples/hooks/all_chroot_rt2570-modules.sh | 19 - examples/hooks/all_chroot_stripped.sh | 52 --- examples/hooks/all_chroot_sun-java6.sh | 31 -- examples/hooks/all_chroot_symlinks.sh | 22 - examples/hooks/all_chroot_sysvinit.sh | 17 - examples/hooks/all_chroot_udev-generators.sh | 8 - examples/hooks/all_chroot_update-initramfs.sh | 15 - examples/hooks/all_chroot_virtualbox-ose.sh | 8 - examples/hooks/debian-installer-banner.binary | 34 ++ examples/hooks/debian-live-pxe-server.chroot | 17 + examples/hooks/hal-automount.chroot | 16 + examples/hooks/kernel-purge.chroot | 10 + examples/hooks/linux-modules.chroot | 15 + examples/hooks/live-build-inclusion.binary | 24 + examples/hooks/localepurge.chroot | 22 + examples/hooks/losetup-lukshome.chroot | 495 +++++++++++++++++++++ examples/hooks/minimal.chroot | 33 ++ examples/hooks/okular-nodrm.chroot | 18 + examples/hooks/rt2570-modules.chroot | 19 + examples/hooks/squeeze_chroot_okular-nodrm.sh | 18 - examples/hooks/stripped.chroot | 52 +++ examples/hooks/sun-java6.chroot | 31 ++ examples/hooks/symlinks.chroot | 22 + examples/hooks/sysvinit.chroot | 17 + examples/hooks/udev-generators.chroot | 8 + examples/hooks/update-initramfs.chroot | 15 + examples/hooks/virtualbox.chroot | 8 + 36 files changed, 856 insertions(+), 856 deletions(-) delete mode 100755 examples/hooks/all_binary_debian-installer-banner.sh delete mode 100755 examples/hooks/all_binary_live-helper.sh delete mode 100755 examples/hooks/all_chroot_debian-live-pxe-server.sh delete mode 100755 examples/hooks/all_chroot_hal-automount.sh delete mode 100755 examples/hooks/all_chroot_kernel-purge.sh delete mode 100755 examples/hooks/all_chroot_linux-modules.sh delete mode 100755 examples/hooks/all_chroot_localepurge.sh delete mode 100755 examples/hooks/all_chroot_losetup-lukshome.sh delete mode 100755 examples/hooks/all_chroot_minimal.sh delete mode 100755 examples/hooks/all_chroot_rt2570-modules.sh delete mode 100755 examples/hooks/all_chroot_stripped.sh delete mode 100755 examples/hooks/all_chroot_sun-java6.sh delete mode 100755 examples/hooks/all_chroot_symlinks.sh delete mode 100755 examples/hooks/all_chroot_sysvinit.sh delete mode 100755 examples/hooks/all_chroot_udev-generators.sh delete mode 100755 examples/hooks/all_chroot_update-initramfs.sh delete mode 100755 examples/hooks/all_chroot_virtualbox-ose.sh create mode 100755 examples/hooks/debian-installer-banner.binary create mode 100755 examples/hooks/debian-live-pxe-server.chroot create mode 100755 examples/hooks/hal-automount.chroot create mode 100755 examples/hooks/kernel-purge.chroot create mode 100755 examples/hooks/linux-modules.chroot create mode 100755 examples/hooks/live-build-inclusion.binary create mode 100755 examples/hooks/localepurge.chroot create mode 100755 examples/hooks/losetup-lukshome.chroot create mode 100755 examples/hooks/minimal.chroot create mode 100755 examples/hooks/okular-nodrm.chroot create mode 100755 examples/hooks/rt2570-modules.chroot delete mode 100755 examples/hooks/squeeze_chroot_okular-nodrm.sh create mode 100755 examples/hooks/stripped.chroot create mode 100755 examples/hooks/sun-java6.chroot create mode 100755 examples/hooks/symlinks.chroot create mode 100755 examples/hooks/sysvinit.chroot create mode 100755 examples/hooks/udev-generators.chroot create mode 100755 examples/hooks/update-initramfs.chroot create mode 100755 examples/hooks/virtualbox.chroot (limited to 'examples') diff --git a/examples/hooks/all_binary_debian-installer-banner.sh b/examples/hooks/all_binary_debian-installer-banner.sh deleted file mode 100755 index 61c160ca6..000000000 --- a/examples/hooks/all_binary_debian-installer-banner.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/sh - -# This is an binary hook for live-build(7) to overwrite the banner -# in the graphical Debian Installer. -# To enable it, copy or symlink this hook into your config/binary_local-hooks -# directory and add a replacement banner.png at: -# -# config/binary_debian-installer/banner.png -# -# The file should be a PNG image of dimensions 800 x 75. - -set -e - -if [ -e config/binary_debian-installer/banner.png ] -then - TARGET_INITRD="binary/install/gtk/initrd.gz" - REPACK_TMPDIR="binary.initrd" - - if [ -e "${TARGET_INITRD}" ] - then - # cpio does not have a "extract to directory", so we must change - # directory - mkdir -p ${REPACK_TMPDIR} - cd ${REPACK_TMPDIR} - gzip -d < ../${TARGET_INITRD} | cpio -i --make-directories --no-absolute-filenames - - # Overwrite banner - cp ../config/binary_debian-installer/banner.png ./usr/share/graphics/logo_debian.png - - find | cpio -H newc -o | gzip -9 > ../${TARGET_INITRD} - cd .. - rm -rf ${REPACK_TMPDIR} - fi -fi diff --git a/examples/hooks/all_binary_live-helper.sh b/examples/hooks/all_binary_live-helper.sh deleted file mode 100755 index b60f4a339..000000000 --- a/examples/hooks/all_binary_live-helper.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh - -# This is a hook for live-build(7) to install live-build and its config into -# the binary image. -# To enable it, copy or symlink this hook into your config/chroot_local-hooks -# directory. - -DIRECTORY="binary/tools/live" - -mkdir -p "${DIRECTORY}" - -cp -a config "${DIRECTORY}" - -if [ -e live-build ] -then - cp -a live-build "${DIRECTORY}" -else - mkdir -p "${DIRECTORY}"/live-build/bin - cp -a /usr/bin/lh* "${DIRECTORY}"/live-build/bin - - cp -a /usr/share/live/build "${DIRECTORY}"/live-build/share - - cp -a /usr/share/doc/live-build "${DIRECTORY}"/live-build/doc -fi diff --git a/examples/hooks/all_chroot_debian-live-pxe-server.sh b/examples/hooks/all_chroot_debian-live-pxe-server.sh deleted file mode 100755 index cd31fe6bf..000000000 --- a/examples/hooks/all_chroot_debian-live-pxe-server.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh - -## live-build(7) - System Build Scripts -## Copyright (C) 2006-2012 Daniel Baumann -## -## live-build comes with ABSOLUTELY NO WARRANTY; for details see COPYING. -## This is free software, and you are welcome to redistribute it -## under certain conditions; see COPYING for details. - - -set -e - -# Adding symlink in /srv/tftp for debian-installer netboot images -ARCHITECTURE="$(dpkg --print-architecture)" - -rm -rf /srv/tftp -ln -s /usr/lib/debian-installer/images/${ARCHITECTURE}/text /srv/tftp diff --git a/examples/hooks/all_chroot_hal-automount.sh b/examples/hooks/all_chroot_hal-automount.sh deleted file mode 100755 index 2a66fe9d0..000000000 --- a/examples/hooks/all_chroot_hal-automount.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh - -# This is a hook for live-build(7) to enable automaunting with hal for block devices. -# -# To enable it, copy or symlink this hook into your config/chroot_local-hooks -# directory. - -# Remove automount disabling -rm -f /usr/share/hal/fdi/policy/10osvendor/debian-storage-policy-fixed-drives.fdi - -# Use ntfs-3g by default to mount ntfs partitions -if [ -x /usr/bin/ntfs-3g ] -then - rm -f /sbin/mount.ntfs - ln -s /usr/bin/ntfs-3g /sbin/mount.ntfs -fi diff --git a/examples/hooks/all_chroot_kernel-purge.sh b/examples/hooks/all_chroot_kernel-purge.sh deleted file mode 100755 index 6d8204eea..000000000 --- a/examples/hooks/all_chroot_kernel-purge.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh - -# This is a hook for live-build(7) to remove any kernel except the newest one. -# To enable it, copy or symlink this hook into your config/chroot_local-hooks -# directory. - -for VERSION in $(basename $(ls /boot/vmlinuz-* | head -n-1) | sed -e 's|^vmlinuz-||g') -do - echo apt-get remove --purge linux-image-${VERSION} -done diff --git a/examples/hooks/all_chroot_linux-modules.sh b/examples/hooks/all_chroot_linux-modules.sh deleted file mode 100755 index 8b07294bf..000000000 --- a/examples/hooks/all_chroot_linux-modules.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh - -# This is a hook for live-build(7) to add entries to /etc/modules. -# To enable it, copy or symlink this hook into your config/chroot_local-hooks -# directory. - -MODULES="" - -for MODULE in ${MODULES} -do - if ! grep -qs /etc/modules ${MODULE} - then - echo ${MODULE} >> /etc/modules - fi -done diff --git a/examples/hooks/all_chroot_localepurge.sh b/examples/hooks/all_chroot_localepurge.sh deleted file mode 100755 index d820330c6..000000000 --- a/examples/hooks/all_chroot_localepurge.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/sh - -# This is a hook for live-build(7) to install localepurge. -# To enable it, copy or symlink this hook into your config/chroot_local-hooks -# directory. -# - -cat > /tmp/localepurge.preseed << EOF -localepurge localepurge/nopurge multiselect en -#localepurge localepurge/mandelete boolean true -#localepurge localepurge/dontbothernew boolean false -localepurge localepurge/showfreedspace boolean false -#localepurge localepurge/quickndirtycalc boolean true -#localepurge localepurge/verbose boolean false -EOF -debconf-set-selections < /tmp/localepurge.preseed -rm -f /tmp/localepurge.preseed - -apt-get install --yes localepurge -dpkg-reconfigure localepurge - -localepurge diff --git a/examples/hooks/all_chroot_losetup-lukshome.sh b/examples/hooks/all_chroot_losetup-lukshome.sh deleted file mode 100755 index f8492d72a..000000000 --- a/examples/hooks/all_chroot_losetup-lukshome.sh +++ /dev/null @@ -1,495 +0,0 @@ -#!/bin/sh - -# This hook was based and adapted from: -# http://lists.debian.org/debian-live/2009/04/msg00186.html -# --------------------------------------------------------- -# -# -# NOTE 1: this was not tested with persistent boot option, -# but it seems logic that persistent and lukshome can't -# coexist as boot options (because of snapshots and others), so lukshome -# won't be executed if any persistent option is given on boot. -# -# NOTE 2: if using an USB key, it will eventualy end up failing someday. -# You should backup the encrypted disk image file itself (luks-home.img) to -# prevent loosing your data. -# -# This hook will create 3 files: -# -# /usr/local/sbin/create-lukshome-file.sh -# script to create an disk file image (luks-home.img) with a -# LUKS encrypted ext2 filesystem inside to be placed in a -# partition labeled lukshome. -# -# /usr/local/sbin/lukshome.sh -# detects a partition with lukshome label, updates fstab and crypttab so -# the encrypted file is mounted later in a loopback device (/dev/loopX). -# It also changes /etc/init.d/umountfs so the encrypted home is correctly -# umounted. -# -# /usr/share/initramfs-tools/scripts/live-bottom/13live_luks_home -# a live-boot hook to execute lukshome.sh script -# in initrd. -# -# -# HOWTO lukshome -# -------------- -# -# First build your live system with this hook inside config/chroot_local-hooks/. -# If you have an existing live-build build directory with a previous live -# build, you might have to run -# -# lh_clean -# lh_clean --stage -# -# to make sure this hook is included in the live system. Then (re)build your -# live system. -# -# lh_build -# -# After booting your (re)built live system, setup the encrypted losetup -# filesystem to be used as /home using the instructions present in the -# create-lukshome-file.sh script. -# -# Reboot and now use the "lukshome" boot option to mount the encrypted /home, -# like when using "persistent" boot option with a home-rw file in some partition. -# - - -# install needed packages (in case apt recommends are off) -# make sure that cryptsetup is installed -echo "I: checking for cryptsetup." -if [ ! -x /sbin/cryptsetup ] -then - echo "I: installing cryptsetup." - DEBIAN_FRONTEND="dialog" apt-get install --yes --force-yes -y cryptsetup -fi - - -echo "I: to see how to use lukshome hook run create-lukshome-file.sh as root." -echo "I: creating script /usr/local/sbin/create-lukshome-file.sh" -cat > /usr/local/sbin/create-lukshome-file.sh << 'EOF' -#!/bin/sh - -# This script will create an encrypted filesystem in a file to -# be used as /home in a live system built with Debian Live Helper with -# this hook in config/chroot_local-hooks/. -# -# The lukshome boot option will do the following: -# - search for a partition with label 'lukshome' -# (btw, you can't use the live system partition itself) -# - mount the partition as /luks-home in the live system -# - open /luks-home/luks-home.img file as a loopback device (/dev/loop) -# - open the loopback device with cryptsetup -# - mount the encrypted filesystem as /home -# -# This script will only create the luks-home.img file. Next are details of how -# to use this script. -# -# CAUTION! THIS CAN WIPE YOUR DATA, backup first! -# Be sure to understand what you will do, or you can end up -# wiping disks or partitions you don't want to! -# -# Login as root: -# $ sudo -i -# -# Create a mountpoint (don't use /mnt, it will be used by this script): -# # mkdir /media/target -# -# !!! *** Skip the next line if you don't want to wipe a partition *** !!! -# !!! * Just change the partition label to 'lukshome' (without quotes) * !!! -# Create an ext2 filesystem in a partition with 'lukshome' label: -# # mkfs.ext2 -L lukshome /dev/the_partition_to_be_used -# -# Mount the partition and cd into it: -# # mount /dev/the_partition_to_be_used /media/target -# # cd /media/target -# -# Create the encrypted file: -# # create-lukshome-file.sh -# -# The script is located in /usr/local/sbin/, so it's in root $PATH. -# It will copy the directories in /home/* into the file. -# Now return to $HOME to be able to umount the target partition: -# # cd -# -# Umount the target partition: -# # umount /media/target -# -# Reboot and use the "lukshome" boot option to mount the encrypted /home, -# like in using "persistent" boot option with a home-rw file in some partition. -# -# To use another partition label use the following boot options: -# lukshome lukspart=partition_label -# -# If you want to use another filename instead of luks-home.img, rename (mv) -# the file and use the following boot options: -# lukshome luksfile=filename -# -# Both boot options can be used at the same time, but always with lukshome: -# lukshome lukspart=partition_label luksfile=filename -# -# By default, if just the lukshome boot option is used, the script will -# search for a partition labeled 'lukshome' and a file named 'luks-home.img'. -# -# Press Shift-PgUp/Shift-PgDn to scrool the instructions on the screen. - - -# check if root/sudo -if [ "${USER}" != "root" ] -then - echo " ** Please run this script as root or with sudo." - exit 1 -fi - -# check if /mnt is available and empty -mount | grep "/mnt" > /dev/null -MNT_IS_MOUNTED=${?} -if [ "${MNT_IS_MOUNTED}" == 0 ] -then - echo "** ERROR: /mnt is mounted at the moment. Please umount it to use this script." - exit 1 -fi -if [ "$(ls -A /mnt)" ] -then - echo "** ERROR: /mnt is not empty. An empty /mnt is needed to use this script." - exit 1 -fi - -# check if /dev/mapper/luks-home is available -if [ -f /dev/mapper/luks-home ] -then - echo "** ERROR: /dev/mapper/luks-home is being used at the moment. Please run «cryptsetup remove luks-home» to use this script." - exit 1 -fi - - -# show instructions -echo "" -echo "** Instructions to use create-lukshome-file.sh (this script):" -sed -n '2,64p' /usr/local/sbin/create-lukshome-file.sh | sed 's/^.//' -echo "" - - -# proceed? -echo "** Do you want to proceed with this script? (y/N)" -read CONFIRM - -case "${CONFIRM}" in - y*|Y*) - echo "" - ;; - *) - exit 0 - ;; -esac - - -# create file -echo "" -echo "** Please type the size of the file disk image." -echo "Size of the file in MB: " -read FILE_SIZE - -echo "" -echo "** Creating file luks-home.img." -echo "** Filling file image with /dev/urandom output. It will take some time." -echo "(Edit this script to use /dev/random. It's known to be more secure but " -echo "it will take a *very* long time to complete." -dd if=/dev/urandom of=luks-home.img bs=1M count=${FILE_SIZE} -# To use /dev/random comment the line above and uncomment the next line -#dd if=/dev/random of=luks-home.img ibs=128 obs=128 count=$((8192*${FILE_SIZE})) -# You might have to increase kernel entropy by moving the mouse, typing keyboard, -# make the computer read the disk or use network connections. -echo "** Done." -echo "" - -# losetup -FREE_LOSETUP=$(losetup -f) -echo "** Using ${FREE_LOSETUP} to open luks-home.img" -losetup ${FREE_LOSETUP} ./luks-home.img -echo "** Done." -echo "" - -# cryptsetup -echo "** Running cryptsetup." -echo "" -echo "** luksFormat" -cryptsetup luksFormat ${FREE_LOSETUP} -EXIT_CODE=${?} -if [ "${EXIT_CODE}" != 0 ] -then - echo "** ERROR: Error while trying to format disk file image." - losetup -d ${FREE_LOSETUP} - exit 1 -fi -echo "" - -echo "** luksOpen" -cryptsetup luksOpen ${FREE_LOSETUP} luks-home -EXIT_CODE=${?} -if [ "${EXIT_CODE}" != 0 ] -then - echo "** ERROR: Error while trying to open LUKS file image." - losetup -d ${FREE_LOSETUP} - exit 1 -fi -echo "" - -# format encrypted filesystem -echo "** Now formating /dev/mapper/luks-home" -mkfs.ext2 /dev/mapper/luks-home -EXIT_CODE=${?} -if [ "${EXIT_CODE}" != 0 ] -then - echo "** ERROR: Error while trying to format LUKS file." - cryptsetup remove luks-home - losetup -d ${FREE_LOSETUP} - exit 1 -fi -echo "" - -# mount in /mnt -echo "** Now mounting luks-home.img in /mnt" -mount /dev/mapper/luks-home /mnt -EXIT_CODE=${?} -if [ "${EXIT_CODE}" != 0 ] -then - echo "** ERROR: Error while trying to mount LUKS file in /mnt." - umount /mnt - cryptsetup remove luks-home - losetup -d ${FREE_LOSETUP} - exit 1 -fi -echo "" - -# copy files -HOME_DIR="/home/*" - -echo "** Copying ${HOME_DIR}." -cp -rav ${HOME_DIR} /mnt -EXIT_CODE=${?} -if [ "${EXIT_CODE}" != 0 ] -then - echo "** ERROR: Error while trying to copy files to /mnt." - umount /mnt - cryptsetup remove luks-home - losetup -d ${FREE_LOSETUP} - exit 1 -fi -echo "** Done." -echo "" - -echo "** All done." -echo "** Closing losetup, cryptsetup and mounted /mnt." -# umount and close -umount /mnt -cryptsetup remove luks-home -losetup -d ${FREE_LOSETUP} -echo "** The disk file image luks-home.img is done and ready. Move it into a partition" -echo "** with 'lukshome' as label and reboot with lukshome boot option to use it." -echo "" - -EOF - -chmod 0755 /usr/local/sbin/create-lukshome-file.sh - - - -echo "I: creating script /usr/local/sbin/lukshome.sh" -cat > /usr/local/sbin/lukshome.sh << 'EOF' -#!/bin/sh - -# this script is to be executed by a hook in live-boot. It searches -# for a partition with 'lukshome' label, mounts it as /luks-home, then opens an -# encrypted disk image file called luks-home.img as a loopback device, opens it -# with cryptsetup and finally mounts the present filesystem as /home. -# It also changes /etc/init.d/umountfs to umount the lukshome partition -# (/luks-home) and clear the loopback device on shutdown. - -# functions taken from live-helpers -. /usr/share/initramfs-tools/scripts/live-helpers - -# set default values -LUKSPART="lukshome" -LUKSFILE="luks-home.img" - -# get boot option lukshome - adapted from live-helpers -for ARGUMENT in $(cat /proc/cmdline) -do - case "${ARGUMENT}" in - lukshome) - LUKSHOME=1 - ;; - luksfile=*) - LUKSFILE="${ARGUMENT#luksfile=}" - LUKSHOME=1 - ;; - lukspart=*) - LUKSPART="${ARGUMENT#lukspart=}" - LUKSHOME=1 - ;; - - esac -done - -CRYPTHOME=$(/sbin/blkid -L ${LUKSPART}) - -# if no partition found, exit -if [ -z "${CRYPTHOME}" ] -then - echo "Could not find any partition with ${LUKSPART} label. " - echo "Proceeding with no encrypted /home." - exit 0 -fi - -# mount partition where file container is -echo "Mounting /luks-home with ${CRYPTHOME}." -mkdir -p /luks-home -mount -t $(get_fstype "${CRYPTHOME}") "${CRYPTHOME}" /luks-home - -# mount losetup encrypted file -FREE_LOOP="$(/sbin/losetup -f)" -echo "Opening file /luks-home/${LUKSFILE} in ${FREE_LOOP}." - -if [ -f /luks-home/"${LUKSFILE}" ] -then - /sbin/losetup ${FREE_LOOP} /luks-home/"${LUKSFILE}" - - echo "Adding ${FREE_LOOP} home to /etc/crypttab and setting it as /home in /etc/fstab." - - # update crypttab - echo "home ${FREE_LOOP} none luks,check,timeout" >> /etc/crypttab - - # update fstab - echo "/dev/mapper/home /home ext2 defaults,noatime 0 0" >> /etc/fstab -else - echo "Did not found any file named ${LUKSFILE} in ${CRYPTHOME}!" - echo "Proceeding with no encrypted /home." - sleep 2 - umount -r /luks-home - exit 0 -fi - -# changes to /etc/init.d/umountfs to make /luks-home being umounted on shutdown -sed -i 's/[\t]do_stop/CHANGE_HERE/' /etc/init.d/umountfs -sed -i 's|CHANGE_HERE| \ - # added by lukshome hook - umount \/luks-home to prevent busy device on shutdown \ - LOOP_LUKSHOME=$(losetup -a \| grep luks-home \|cut -c 1-10) \ - if [ -n ${LOOP_LUKSHOME} ] \ - then \ - umount -r -d \/home \ - cryptsetup remove home \ - losetup -d ${LOOP_LUKSHOME} \ - umount -r \/luks-home \ - fi \ -\ - do_stop \ -|' /etc/init.d/umountfs - -EOF - -chmod 0755 /usr/local/sbin/lukshome.sh - - - -# scripts/live-bottom/13live_luks_home, right after 12fstab -echo "I: creating /usr/share/initramfs-tools/scripts/live-bottom/13live_luks_home" - -cat > /usr/share/initramfs-tools/scripts/live-bottom/13live_luks_home << 'EOF' -#!/bin/sh - -#set -e - -# initramfs-tools header - -PREREQ="" - -prereqs() -{ - echo "${PREREQ}" -} - -case "${1}" in - prereqs) - prereqs - exit 0 - ;; -esac - -. /scripts/live-functions - -# live-boot hook to use an disk image file with encrypted filesystem as /home. - -log_begin_msg "Executing losetup-lukshome" - -# get boot option lukshome - adapted from live-helpers -for ARGUMENT in $(cat /proc/cmdline) -do - case "${ARGUMENT}" in - lukshome) - LUKSHOME=1 - ;; - luksfile=*) - LUKSFILE="${ARGUMENT#luksfile=}" - LUKSHOME=1 - ;; - lukspart=*) - LUKSPART="${ARGUMENT#lukspart=}" - LUKSHOME=1 - ;; - - esac -done - -# don't use persistent* and lukshome -if [ -n "${PERSISTENT}" ] && [ -n "${LUKSHOME}" ] -then - echo "You should not use persistent and lukshome at the same time." - echo "Skipping lukshome. Persistent medium, if any, will be used instead." - log_end_msg - exit 0 -fi - -# if no lukshome boot option, exit -if [ -z "${LUKSHOME}" ] -then - log_end_msg - exit 0 -fi - -log_begin_msg "Executing lukshome.sh script." - -mount -o bind /sys /root/sys -mount -o bind /proc /root/proc -mount -o bind /dev /root/dev - -# lukshome.sh detects lukshome partition and file location, mounts it -# and opens the file and then updates fstab and crypttab to use it as /home. -chroot /root /usr/local/sbin/lukshome.sh - -umount /root/sys -umount /root/proc -umount /root/dev - -# delete the lukshome.sh script, not needed anymore -# rm -f /root/usr/local/sbin/lukshome.sh - -log_end_msg - -EOF - -chmod 0755 /usr/share/initramfs-tools/scripts/live-bottom/13live_luks_home - - - -echo "I: update-initramfs to include 13live_luks_home." -# if you already have installed the update-initramfs.sh hook, you can remove -# this. - -for KERNEL in /boot/vmlinuz-* -do - VERSION="$(basename ${KERNEL} | sed -e 's|vmlinuz-||')" - - update-initramfs -k ${VERSION} -t -u -done diff --git a/examples/hooks/all_chroot_minimal.sh b/examples/hooks/all_chroot_minimal.sh deleted file mode 100755 index d98f25ca3..000000000 --- a/examples/hooks/all_chroot_minimal.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/sh - -## live-build(7) - System Build Scripts -## Copyright (C) 2006-2012 Daniel Baumann -## -## live-build comes with ABSOLUTELY NO WARRANTY; for details see COPYING. -## This is free software, and you are welcome to redistribute it -## under certain conditions; see COPYING for details. - - -set -e - -# Removing unused packages -for PACKAGE in apt-utils aptitude man-db manpages info wget -do - if ! apt-get remove --purge --yes "${PACKAGE}" - then - echo "WARNING: ${PACKAGE} isn't installed" - fi -done - -apt-get autoremove --yes || true - -# Removing unused files -find . -name *~ -print0 | xargs -0 rm -f - -rm -rf /var/cache/man/* - -# Truncating logs -for FILE in $(find /var/log/ -type f) -do - : > ${FILE} -done diff --git a/examples/hooks/all_chroot_rt2570-modules.sh b/examples/hooks/all_chroot_rt2570-modules.sh deleted file mode 100755 index b8ffdadb7..000000000 --- a/examples/hooks/all_chroot_rt2570-modules.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/sh - -# This is a hook for live-build(7) to install ralink rt2570 drivers -# To enable it, copy or symlink this hook into your config/chroot_local-hooks -# directory. - -apt-get install --yes build-essential - -which module-assistant || apt-get install --yes module-assistant -module-assistant update - -for KERNEL in /boot/vmlinuz-* -do - VERSION="$(basename ${KERNEL} | sed -e 's|vmlinuz-||')" - - module-assistant --non-inter --quiet auto-install rt2570-source -l ${VERSION} -done - -module-assistant clean rt2570-source diff --git a/examples/hooks/all_chroot_stripped.sh b/examples/hooks/all_chroot_stripped.sh deleted file mode 100755 index 02a72fd76..000000000 --- a/examples/hooks/all_chroot_stripped.sh +++ /dev/null @@ -1,52 +0,0 @@ -#!/bin/sh - -## live-build(7) - System Build Scripts -## Copyright (C) 2006-2012 Daniel Baumann -## -## live-build comes with ABSOLUTELY NO WARRANTY; for details see COPYING. -## This is free software, and you are welcome to redistribute it -## under certain conditions; see COPYING for details. - - -set -e - -# WARNING: Using this hook will result in a stripped system, means, -# it may very well be possible that other packages are depending -# on certain files that get removed here. -# Therefore, this hooks is merely an inspiration for what could be -# removed and not a generic nor recommendet solution to get the -# image filesize down. In any event, using this hook can lead to -# unforseen bugs and breakages in other packages and you should -# be prepared to find and fix it for your own images. - -# Removing unused packages -for PACKAGE in apt-utils aptitude man-db manpages info wget dselect -do - if ! apt-get remove --purge --yes "${PACKAGE}" - then - echo "WARNING: ${PACKAGE} isn't installed" - fi -done - -apt-get autoremove --yes || true - -# Removing unused files -find . -name *~ | xargs rm -f - -rm -rf /usr/include/* -#rm -rf /usr/share/groff/* -rm -rf /usr/share/doc/* -rm -rf /usr/share/locale/* -rm -rf /usr/share/man/* -rm -rf /usr/share/i18n/* -rm -rf /usr/share/info/* -rm -rf /usr/share/lintian/* -rm -rf /usr/share/linda/* -rm -rf /usr/share/zoneinfo/* -rm -rf /var/cache/man/* - -# Truncating logs -for FILE in $(find /var/log/ -type f) -do - : > ${FILE} -done diff --git a/examples/hooks/all_chroot_sun-java6.sh b/examples/hooks/all_chroot_sun-java6.sh deleted file mode 100755 index a9f74821d..000000000 --- a/examples/hooks/all_chroot_sun-java6.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh - -# This is a hook for live-build(7) to install sun-java. -# To enable it, copy or symlink this hook into your config/chroot_local-hooks -# directory. -# -# Note: This hook requires packages from the non-free category. Make sure you -# enabled it in your configuration. - -# live-build sets DEBIAN_FRONTEND to 'noninteractive' to advise debconf to not -# ask any questions while installing packages. Suns redistribution terms for -# Java do not allow this, therefore we need to overwrite DEBIAN_FRONTEND for -# this apt-get call only. - -# In case you do accept the license terms, you can also preseed the values -# for a complete non-interactive build, by uncommenting the following three lines: - -#echo "sun-java6-bin shared/accepted-sun-dlj-v1-1 boolean true" > /root/preseed -#debconf-set-selections < /root/preseed -#rm -f /root/preseed - -DEBIAN_FRONTEND="dialog" apt-get install --yes sun-java6-bin sun-java6-demo \ - sun-java6-fonts sun-java6-javadb sun-java6-jdk sun-java6-jre \ - sun-java6-plugin sun-java6-source - -# Ensure that /tmp has the right permissions; apparently sun-java5-doc tampers -# with it -chmod 1777 /tmp - -# Set sun-java as default java -update-alternatives --set java /usr/lib/jvm/java-6-sun/jre/bin/java diff --git a/examples/hooks/all_chroot_symlinks.sh b/examples/hooks/all_chroot_symlinks.sh deleted file mode 100755 index b0f2eea47..000000000 --- a/examples/hooks/all_chroot_symlinks.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/sh - -# This is a hook for live-build(7) to install localepurge. -# To enable it, copy or symlink this hook into your config/chroot_local-hooks -# directory. -# - -_PURGE="" - -if [ ! -x "$(which symlinks 2>/dev/null)" ] -then - _PURGE="true" - - apt-get install symlinks -fi - -symlinks -c -r -s / - -if [ "${_PURGE}" = "true" ] -then - apt-get remove --purge symlinks -fi diff --git a/examples/hooks/all_chroot_sysvinit.sh b/examples/hooks/all_chroot_sysvinit.sh deleted file mode 100755 index d8e4932fb..000000000 --- a/examples/hooks/all_chroot_sysvinit.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh - -# Disable all -for _FILE in /etc/init.d/* -do - update-rc.d -f $(basename ${_FILE}) remove -done - -# Re-enable all required (taken from -f standard chroot) -for _PACKAGE in live-boot live-config console-common cron dpkg ifupdown initscripts kbd klogd libc6 libdevmapper1.02 libselinux1 libsepol1 login makedev module-init-tools netbase openbsd-inetd procps sudo sysklogd udev util-linux -do - if [ -f /var/lib/dpkg/info/${_PACKAGE}.postinst ] - then - # Re-configure if existing - /var/lib/dpkg/info/${_PACKAGE}.postinst configure - fi -done diff --git a/examples/hooks/all_chroot_udev-generators.sh b/examples/hooks/all_chroot_udev-generators.sh deleted file mode 100755 index 9a5fed2ca..000000000 --- a/examples/hooks/all_chroot_udev-generators.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -# This is a hook for live-build(7) to remove udev persistent device generator -# rules. -# To enable it, copy or symlink this hook into your config/chroot_local-hooks -# directory. - -rm -f /etc/udev/rules.d/*persistent-net-generator.rules diff --git a/examples/hooks/all_chroot_update-initramfs.sh b/examples/hooks/all_chroot_update-initramfs.sh deleted file mode 100755 index b75b135bc..000000000 --- a/examples/hooks/all_chroot_update-initramfs.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh - -# This is a hook for live-build(7) to rebuild the initramfs image. -# To enable it, copy or symlink this hook into your config/chroot_local-hooks -# directory. -# -# Note: You only want to use this hook if you have modified any initramfs-script -# during the build and need to refresh the initrd.img for that purpose. - -for KERNEL in /boot/vmlinuz-* -do - VERSION="$(basename ${KERNEL} | sed -e 's|vmlinuz-||')" - - update-initramfs -k ${VERSION} -t -u -done diff --git a/examples/hooks/all_chroot_virtualbox-ose.sh b/examples/hooks/all_chroot_virtualbox-ose.sh deleted file mode 100755 index e1dab4ad4..000000000 --- a/examples/hooks/all_chroot_virtualbox-ose.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -# This is a hook for live-build(7) to enable virtualbox-ose module. -# To enable it, copy or symlink this hook into your config/chroot_local-hooks -# directory. - -# Enabling loading of vboxdrv -sed -i -e 's|^LOAD_VBOXDRV_MODULE=.*$|LOAD_VBOXDRV_MODULE=1|' /etc/default/virtualbox-ose diff --git a/examples/hooks/debian-installer-banner.binary b/examples/hooks/debian-installer-banner.binary new file mode 100755 index 000000000..61c160ca6 --- /dev/null +++ b/examples/hooks/debian-installer-banner.binary @@ -0,0 +1,34 @@ +#!/bin/sh + +# This is an binary hook for live-build(7) to overwrite the banner +# in the graphical Debian Installer. +# To enable it, copy or symlink this hook into your config/binary_local-hooks +# directory and add a replacement banner.png at: +# +# config/binary_debian-installer/banner.png +# +# The file should be a PNG image of dimensions 800 x 75. + +set -e + +if [ -e config/binary_debian-installer/banner.png ] +then + TARGET_INITRD="binary/install/gtk/initrd.gz" + REPACK_TMPDIR="binary.initrd" + + if [ -e "${TARGET_INITRD}" ] + then + # cpio does not have a "extract to directory", so we must change + # directory + mkdir -p ${REPACK_TMPDIR} + cd ${REPACK_TMPDIR} + gzip -d < ../${TARGET_INITRD} | cpio -i --make-directories --no-absolute-filenames + + # Overwrite banner + cp ../config/binary_debian-installer/banner.png ./usr/share/graphics/logo_debian.png + + find | cpio -H newc -o | gzip -9 > ../${TARGET_INITRD} + cd .. + rm -rf ${REPACK_TMPDIR} + fi +fi diff --git a/examples/hooks/debian-live-pxe-server.chroot b/examples/hooks/debian-live-pxe-server.chroot new file mode 100755 index 000000000..cd31fe6bf --- /dev/null +++ b/examples/hooks/debian-live-pxe-server.chroot @@ -0,0 +1,17 @@ +#!/bin/sh + +## live-build(7) - System Build Scripts +## Copyright (C) 2006-2012 Daniel Baumann +## +## live-build comes with ABSOLUTELY NO WARRANTY; for details see COPYING. +## This is free software, and you are welcome to redistribute it +## under certain conditions; see COPYING for details. + + +set -e + +# Adding symlink in /srv/tftp for debian-installer netboot images +ARCHITECTURE="$(dpkg --print-architecture)" + +rm -rf /srv/tftp +ln -s /usr/lib/debian-installer/images/${ARCHITECTURE}/text /srv/tftp diff --git a/examples/hooks/hal-automount.chroot b/examples/hooks/hal-automount.chroot new file mode 100755 index 000000000..2a66fe9d0 --- /dev/null +++ b/examples/hooks/hal-automount.chroot @@ -0,0 +1,16 @@ +#!/bin/sh + +# This is a hook for live-build(7) to enable automaunting with hal for block devices. +# +# To enable it, copy or symlink this hook into your config/chroot_local-hooks +# directory. + +# Remove automount disabling +rm -f /usr/share/hal/fdi/policy/10osvendor/debian-storage-policy-fixed-drives.fdi + +# Use ntfs-3g by default to mount ntfs partitions +if [ -x /usr/bin/ntfs-3g ] +then + rm -f /sbin/mount.ntfs + ln -s /usr/bin/ntfs-3g /sbin/mount.ntfs +fi diff --git a/examples/hooks/kernel-purge.chroot b/examples/hooks/kernel-purge.chroot new file mode 100755 index 000000000..6d8204eea --- /dev/null +++ b/examples/hooks/kernel-purge.chroot @@ -0,0 +1,10 @@ +#!/bin/sh + +# This is a hook for live-build(7) to remove any kernel except the newest one. +# To enable it, copy or symlink this hook into your config/chroot_local-hooks +# directory. + +for VERSION in $(basename $(ls /boot/vmlinuz-* | head -n-1) | sed -e 's|^vmlinuz-||g') +do + echo apt-get remove --purge linux-image-${VERSION} +done diff --git a/examples/hooks/linux-modules.chroot b/examples/hooks/linux-modules.chroot new file mode 100755 index 000000000..8b07294bf --- /dev/null +++ b/examples/hooks/linux-modules.chroot @@ -0,0 +1,15 @@ +#!/bin/sh + +# This is a hook for live-build(7) to add entries to /etc/modules. +# To enable it, copy or symlink this hook into your config/chroot_local-hooks +# directory. + +MODULES="" + +for MODULE in ${MODULES} +do + if ! grep -qs /etc/modules ${MODULE} + then + echo ${MODULE} >> /etc/modules + fi +done diff --git a/examples/hooks/live-build-inclusion.binary b/examples/hooks/live-build-inclusion.binary new file mode 100755 index 000000000..b60f4a339 --- /dev/null +++ b/examples/hooks/live-build-inclusion.binary @@ -0,0 +1,24 @@ +#!/bin/sh + +# This is a hook for live-build(7) to install live-build and its config into +# the binary image. +# To enable it, copy or symlink this hook into your config/chroot_local-hooks +# directory. + +DIRECTORY="binary/tools/live" + +mkdir -p "${DIRECTORY}" + +cp -a config "${DIRECTORY}" + +if [ -e live-build ] +then + cp -a live-build "${DIRECTORY}" +else + mkdir -p "${DIRECTORY}"/live-build/bin + cp -a /usr/bin/lh* "${DIRECTORY}"/live-build/bin + + cp -a /usr/share/live/build "${DIRECTORY}"/live-build/share + + cp -a /usr/share/doc/live-build "${DIRECTORY}"/live-build/doc +fi diff --git a/examples/hooks/localepurge.chroot b/examples/hooks/localepurge.chroot new file mode 100755 index 000000000..d820330c6 --- /dev/null +++ b/examples/hooks/localepurge.chroot @@ -0,0 +1,22 @@ +#!/bin/sh + +# This is a hook for live-build(7) to install localepurge. +# To enable it, copy or symlink this hook into your config/chroot_local-hooks +# directory. +# + +cat > /tmp/localepurge.preseed << EOF +localepurge localepurge/nopurge multiselect en +#localepurge localepurge/mandelete boolean true +#localepurge localepurge/dontbothernew boolean false +localepurge localepurge/showfreedspace boolean false +#localepurge localepurge/quickndirtycalc boolean true +#localepurge localepurge/verbose boolean false +EOF +debconf-set-selections < /tmp/localepurge.preseed +rm -f /tmp/localepurge.preseed + +apt-get install --yes localepurge +dpkg-reconfigure localepurge + +localepurge diff --git a/examples/hooks/losetup-lukshome.chroot b/examples/hooks/losetup-lukshome.chroot new file mode 100755 index 000000000..f8492d72a --- /dev/null +++ b/examples/hooks/losetup-lukshome.chroot @@ -0,0 +1,495 @@ +#!/bin/sh + +# This hook was based and adapted from: +# http://lists.debian.org/debian-live/2009/04/msg00186.html +# --------------------------------------------------------- +# +# +# NOTE 1: this was not tested with persistent boot option, +# but it seems logic that persistent and lukshome can't +# coexist as boot options (because of snapshots and others), so lukshome +# won't be executed if any persistent option is given on boot. +# +# NOTE 2: if using an USB key, it will eventualy end up failing someday. +# You should backup the encrypted disk image file itself (luks-home.img) to +# prevent loosing your data. +# +# This hook will create 3 files: +# +# /usr/local/sbin/create-lukshome-file.sh +# script to create an disk file image (luks-home.img) with a +# LUKS encrypted ext2 filesystem inside to be placed in a +# partition labeled lukshome. +# +# /usr/local/sbin/lukshome.sh +# detects a partition with lukshome label, updates fstab and crypttab so +# the encrypted file is mounted later in a loopback device (/dev/loopX). +# It also changes /etc/init.d/umountfs so the encrypted home is correctly +# umounted. +# +# /usr/share/initramfs-tools/scripts/live-bottom/13live_luks_home +# a live-boot hook to execute lukshome.sh script +# in initrd. +# +# +# HOWTO lukshome +# -------------- +# +# First build your live system with this hook inside config/chroot_local-hooks/. +# If you have an existing live-build build directory with a previous live +# build, you might have to run +# +# lh_clean +# lh_clean --stage +# +# to make sure this hook is included in the live system. Then (re)build your +# live system. +# +# lh_build +# +# After booting your (re)built live system, setup the encrypted losetup +# filesystem to be used as /home using the instructions present in the +# create-lukshome-file.sh script. +# +# Reboot and now use the "lukshome" boot option to mount the encrypted /home, +# like when using "persistent" boot option with a home-rw file in some partition. +# + + +# install needed packages (in case apt recommends are off) +# make sure that cryptsetup is installed +echo "I: checking for cryptsetup." +if [ ! -x /sbin/cryptsetup ] +then + echo "I: installing cryptsetup." + DEBIAN_FRONTEND="dialog" apt-get install --yes --force-yes -y cryptsetup +fi + + +echo "I: to see how to use lukshome hook run create-lukshome-file.sh as root." +echo "I: creating script /usr/local/sbin/create-lukshome-file.sh" +cat > /usr/local/sbin/create-lukshome-file.sh << 'EOF' +#!/bin/sh + +# This script will create an encrypted filesystem in a file to +# be used as /home in a live system built with Debian Live Helper with +# this hook in config/chroot_local-hooks/. +# +# The lukshome boot option will do the following: +# - search for a partition with label 'lukshome' +# (btw, you can't use the live system partition itself) +# - mount the partition as /luks-home in the live system +# - open /luks-home/luks-home.img file as a loopback device (/dev/loop) +# - open the loopback device with cryptsetup +# - mount the encrypted filesystem as /home +# +# This script will only create the luks-home.img file. Next are details of how +# to use this script. +# +# CAUTION! THIS CAN WIPE YOUR DATA, backup first! +# Be sure to understand what you will do, or you can end up +# wiping disks or partitions you don't want to! +# +# Login as root: +# $ sudo -i +# +# Create a mountpoint (don't use /mnt, it will be used by this script): +# # mkdir /media/target +# +# !!! *** Skip the next line if you don't want to wipe a partition *** !!! +# !!! * Just change the partition label to 'lukshome' (without quotes) * !!! +# Create an ext2 filesystem in a partition with 'lukshome' label: +# # mkfs.ext2 -L lukshome /dev/the_partition_to_be_used +# +# Mount the partition and cd into it: +# # mount /dev/the_partition_to_be_used /media/target +# # cd /media/target +# +# Create the encrypted file: +# # create-lukshome-file.sh +# +# The script is located in /usr/local/sbin/, so it's in root $PATH. +# It will copy the directories in /home/* into the file. +# Now return to $HOME to be able to umount the target partition: +# # cd +# +# Umount the target partition: +# # umount /media/target +# +# Reboot and use the "lukshome" boot option to mount the encrypted /home, +# like in using "persistent" boot option with a home-rw file in some partition. +# +# To use another partition label use the following boot options: +# lukshome lukspart=partition_label +# +# If you want to use another filename instead of luks-home.img, rename (mv) +# the file and use the following boot options: +# lukshome luksfile=filename +# +# Both boot options can be used at the same time, but always with lukshome: +# lukshome lukspart=partition_label luksfile=filename +# +# By default, if just the lukshome boot option is used, the script will +# search for a partition labeled 'lukshome' and a file named 'luks-home.img'. +# +# Press Shift-PgUp/Shift-PgDn to scrool the instructions on the screen. + + +# check if root/sudo +if [ "${USER}" != "root" ] +then + echo " ** Please run this script as root or with sudo." + exit 1 +fi + +# check if /mnt is available and empty +mount | grep "/mnt" > /dev/null +MNT_IS_MOUNTED=${?} +if [ "${MNT_IS_MOUNTED}" == 0 ] +then + echo "** ERROR: /mnt is mounted at the moment. Please umount it to use this script." + exit 1 +fi +if [ "$(ls -A /mnt)" ] +then + echo "** ERROR: /mnt is not empty. An empty /mnt is needed to use this script." + exit 1 +fi + +# check if /dev/mapper/luks-home is available +if [ -f /dev/mapper/luks-home ] +then + echo "** ERROR: /dev/mapper/luks-home is being used at the moment. Please run «cryptsetup remove luks-home» to use this script." + exit 1 +fi + + +# show instructions +echo "" +echo "** Instructions to use create-lukshome-file.sh (this script):" +sed -n '2,64p' /usr/local/sbin/create-lukshome-file.sh | sed 's/^.//' +echo "" + + +# proceed? +echo "** Do you want to proceed with this script? (y/N)" +read CONFIRM + +case "${CONFIRM}" in + y*|Y*) + echo "" + ;; + *) + exit 0 + ;; +esac + + +# create file +echo "" +echo "** Please type the size of the file disk image." +echo "Size of the file in MB: " +read FILE_SIZE + +echo "" +echo "** Creating file luks-home.img." +echo "** Filling file image with /dev/urandom output. It will take some time." +echo "(Edit this script to use /dev/random. It's known to be more secure but " +echo "it will take a *very* long time to complete." +dd if=/dev/urandom of=luks-home.img bs=1M count=${FILE_SIZE} +# To use /dev/random comment the line above and uncomment the next line +#dd if=/dev/random of=luks-home.img ibs=128 obs=128 count=$((8192*${FILE_SIZE})) +# You might have to increase kernel entropy by moving the mouse, typing keyboard, +# make the computer read the disk or use network connections. +echo "** Done." +echo "" + +# losetup +FREE_LOSETUP=$(losetup -f) +echo "** Using ${FREE_LOSETUP} to open luks-home.img" +losetup ${FREE_LOSETUP} ./luks-home.img +echo "** Done." +echo "" + +# cryptsetup +echo "** Running cryptsetup." +echo "" +echo "** luksFormat" +cryptsetup luksFormat ${FREE_LOSETUP} +EXIT_CODE=${?} +if [ "${EXIT_CODE}" != 0 ] +then + echo "** ERROR: Error while trying to format disk file image." + losetup -d ${FREE_LOSETUP} + exit 1 +fi +echo "" + +echo "** luksOpen" +cryptsetup luksOpen ${FREE_LOSETUP} luks-home +EXIT_CODE=${?} +if [ "${EXIT_CODE}" != 0 ] +then + echo "** ERROR: Error while trying to open LUKS file image." + losetup -d ${FREE_LOSETUP} + exit 1 +fi +echo "" + +# format encrypted filesystem +echo "** Now formating /dev/mapper/luks-home" +mkfs.ext2 /dev/mapper/luks-home +EXIT_CODE=${?} +if [ "${EXIT_CODE}" != 0 ] +then + echo "** ERROR: Error while trying to format LUKS file." + cryptsetup remove luks-home + losetup -d ${FREE_LOSETUP} + exit 1 +fi +echo "" + +# mount in /mnt +echo "** Now mounting luks-home.img in /mnt" +mount /dev/mapper/luks-home /mnt +EXIT_CODE=${?} +if [ "${EXIT_CODE}" != 0 ] +then + echo "** ERROR: Error while trying to mount LUKS file in /mnt." + umount /mnt + cryptsetup remove luks-home + losetup -d ${FREE_LOSETUP} + exit 1 +fi +echo "" + +# copy files +HOME_DIR="/home/*" + +echo "** Copying ${HOME_DIR}." +cp -rav ${HOME_DIR} /mnt +EXIT_CODE=${?} +if [ "${EXIT_CODE}" != 0 ] +then + echo "** ERROR: Error while trying to copy files to /mnt." + umount /mnt + cryptsetup remove luks-home + losetup -d ${FREE_LOSETUP} + exit 1 +fi +echo "** Done." +echo "" + +echo "** All done." +echo "** Closing losetup, cryptsetup and mounted /mnt." +# umount and close +umount /mnt +cryptsetup remove luks-home +losetup -d ${FREE_LOSETUP} +echo "** The disk file image luks-home.img is done and ready. Move it into a partition" +echo "** with 'lukshome' as label and reboot with lukshome boot option to use it." +echo "" + +EOF + +chmod 0755 /usr/local/sbin/create-lukshome-file.sh + + + +echo "I: creating script /usr/local/sbin/lukshome.sh" +cat > /usr/local/sbin/lukshome.sh << 'EOF' +#!/bin/sh + +# this script is to be executed by a hook in live-boot. It searches +# for a partition with 'lukshome' label, mounts it as /luks-home, then opens an +# encrypted disk image file called luks-home.img as a loopback device, opens it +# with cryptsetup and finally mounts the present filesystem as /home. +# It also changes /etc/init.d/umountfs to umount the lukshome partition +# (/luks-home) and clear the loopback device on shutdown. + +# functions taken from live-helpers +. /usr/share/initramfs-tools/scripts/live-helpers + +# set default values +LUKSPART="lukshome" +LUKSFILE="luks-home.img" + +# get boot option lukshome - adapted from live-helpers +for ARGUMENT in $(cat /proc/cmdline) +do + case "${ARGUMENT}" in + lukshome) + LUKSHOME=1 + ;; + luksfile=*) + LUKSFILE="${ARGUMENT#luksfile=}" + LUKSHOME=1 + ;; + lukspart=*) + LUKSPART="${ARGUMENT#lukspart=}" + LUKSHOME=1 + ;; + + esac +done + +CRYPTHOME=$(/sbin/blkid -L ${LUKSPART}) + +# if no partition found, exit +if [ -z "${CRYPTHOME}" ] +then + echo "Could not find any partition with ${LUKSPART} label. " + echo "Proceeding with no encrypted /home." + exit 0 +fi + +# mount partition where file container is +echo "Mounting /luks-home with ${CRYPTHOME}." +mkdir -p /luks-home +mount -t $(get_fstype "${CRYPTHOME}") "${CRYPTHOME}" /luks-home + +# mount losetup encrypted file +FREE_LOOP="$(/sbin/losetup -f)" +echo "Opening file /luks-home/${LUKSFILE} in ${FREE_LOOP}." + +if [ -f /luks-home/"${LUKSFILE}" ] +then + /sbin/losetup ${FREE_LOOP} /luks-home/"${LUKSFILE}" + + echo "Adding ${FREE_LOOP} home to /etc/crypttab and setting it as /home in /etc/fstab." + + # update crypttab + echo "home ${FREE_LOOP} none luks,check,timeout" >> /etc/crypttab + + # update fstab + echo "/dev/mapper/home /home ext2 defaults,noatime 0 0" >> /etc/fstab +else + echo "Did not found any file named ${LUKSFILE} in ${CRYPTHOME}!" + echo "Proceeding with no encrypted /home." + sleep 2 + umount -r /luks-home + exit 0 +fi + +# changes to /etc/init.d/umountfs to make /luks-home being umounted on shutdown +sed -i 's/[\t]do_stop/CHANGE_HERE/' /etc/init.d/umountfs +sed -i 's|CHANGE_HERE| \ + # added by lukshome hook - umount \/luks-home to prevent busy device on shutdown \ + LOOP_LUKSHOME=$(losetup -a \| grep luks-home \|cut -c 1-10) \ + if [ -n ${LOOP_LUKSHOME} ] \ + then \ + umount -r -d \/home \ + cryptsetup remove home \ + losetup -d ${LOOP_LUKSHOME} \ + umount -r \/luks-home \ + fi \ +\ + do_stop \ +|' /etc/init.d/umountfs + +EOF + +chmod 0755 /usr/local/sbin/lukshome.sh + + + +# scripts/live-bottom/13live_luks_home, right after 12fstab +echo "I: creating /usr/share/initramfs-tools/scripts/live-bottom/13live_luks_home" + +cat > /usr/share/initramfs-tools/scripts/live-bottom/13live_luks_home << 'EOF' +#!/bin/sh + +#set -e + +# initramfs-tools header + +PREREQ="" + +prereqs() +{ + echo "${PREREQ}" +} + +case "${1}" in + prereqs) + prereqs + exit 0 + ;; +esac + +. /scripts/live-functions + +# live-boot hook to use an disk image file with encrypted filesystem as /home. + +log_begin_msg "Executing losetup-lukshome" + +# get boot option lukshome - adapted from live-helpers +for ARGUMENT in $(cat /proc/cmdline) +do + case "${ARGUMENT}" in + lukshome) + LUKSHOME=1 + ;; + luksfile=*) + LUKSFILE="${ARGUMENT#luksfile=}" + LUKSHOME=1 + ;; + lukspart=*) + LUKSPART="${ARGUMENT#lukspart=}" + LUKSHOME=1 + ;; + + esac +done + +# don't use persistent* and lukshome +if [ -n "${PERSISTENT}" ] && [ -n "${LUKSHOME}" ] +then + echo "You should not use persistent and lukshome at the same time." + echo "Skipping lukshome. Persistent medium, if any, will be used instead." + log_end_msg + exit 0 +fi + +# if no lukshome boot option, exit +if [ -z "${LUKSHOME}" ] +then + log_end_msg + exit 0 +fi + +log_begin_msg "Executing lukshome.sh script." + +mount -o bind /sys /root/sys +mount -o bind /proc /root/proc +mount -o bind /dev /root/dev + +# lukshome.sh detects lukshome partition and file location, mounts it +# and opens the file and then updates fstab and crypttab to use it as /home. +chroot /root /usr/local/sbin/lukshome.sh + +umount /root/sys +umount /root/proc +umount /root/dev + +# delete the lukshome.sh script, not needed anymore +# rm -f /root/usr/local/sbin/lukshome.sh + +log_end_msg + +EOF + +chmod 0755 /usr/share/initramfs-tools/scripts/live-bottom/13live_luks_home + + + +echo "I: update-initramfs to include 13live_luks_home." +# if you already have installed the update-initramfs.sh hook, you can remove +# this. + +for KERNEL in /boot/vmlinuz-* +do + VERSION="$(basename ${KERNEL} | sed -e 's|vmlinuz-||')" + + update-initramfs -k ${VERSION} -t -u +done diff --git a/examples/hooks/minimal.chroot b/examples/hooks/minimal.chroot new file mode 100755 index 000000000..d98f25ca3 --- /dev/null +++ b/examples/hooks/minimal.chroot @@ -0,0 +1,33 @@ +#!/bin/sh + +## live-build(7) - System Build Scripts +## Copyright (C) 2006-2012 Daniel Baumann +## +## live-build comes with ABSOLUTELY NO WARRANTY; for details see COPYING. +## This is free software, and you are welcome to redistribute it +## under certain conditions; see COPYING for details. + + +set -e + +# Removing unused packages +for PACKAGE in apt-utils aptitude man-db manpages info wget +do + if ! apt-get remove --purge --yes "${PACKAGE}" + then + echo "WARNING: ${PACKAGE} isn't installed" + fi +done + +apt-get autoremove --yes || true + +# Removing unused files +find . -name *~ -print0 | xargs -0 rm -f + +rm -rf /var/cache/man/* + +# Truncating logs +for FILE in $(find /var/log/ -type f) +do + : > ${FILE} +done diff --git a/examples/hooks/okular-nodrm.chroot b/examples/hooks/okular-nodrm.chroot new file mode 100755 index 000000000..96ce09458 --- /dev/null +++ b/examples/hooks/okular-nodrm.chroot @@ -0,0 +1,18 @@ +#!/bin/sh + +# This is a hook for live-build(7) to configure KDE's PDF viewer to ignore +# manipulation restriction on "DRM protect" PDF documents. +# +# To enable it, copy or symlink this hook into your config/chroot_local-hooks +# directory. + +if [ -d /usr/share/kde4/config ] +then + # KDE4 (squeeze/sid) + +cat > /usr/share/kde4/config/okularpartrc << EOF +[General] +ObeyDRM=false +EOF + +fi diff --git a/examples/hooks/rt2570-modules.chroot b/examples/hooks/rt2570-modules.chroot new file mode 100755 index 000000000..b8ffdadb7 --- /dev/null +++ b/examples/hooks/rt2570-modules.chroot @@ -0,0 +1,19 @@ +#!/bin/sh + +# This is a hook for live-build(7) to install ralink rt2570 drivers +# To enable it, copy or symlink this hook into your config/chroot_local-hooks +# directory. + +apt-get install --yes build-essential + +which module-assistant || apt-get install --yes module-assistant +module-assistant update + +for KERNEL in /boot/vmlinuz-* +do + VERSION="$(basename ${KERNEL} | sed -e 's|vmlinuz-||')" + + module-assistant --non-inter --quiet auto-install rt2570-source -l ${VERSION} +done + +module-assistant clean rt2570-source diff --git a/examples/hooks/squeeze_chroot_okular-nodrm.sh b/examples/hooks/squeeze_chroot_okular-nodrm.sh deleted file mode 100755 index 96ce09458..000000000 --- a/examples/hooks/squeeze_chroot_okular-nodrm.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/sh - -# This is a hook for live-build(7) to configure KDE's PDF viewer to ignore -# manipulation restriction on "DRM protect" PDF documents. -# -# To enable it, copy or symlink this hook into your config/chroot_local-hooks -# directory. - -if [ -d /usr/share/kde4/config ] -then - # KDE4 (squeeze/sid) - -cat > /usr/share/kde4/config/okularpartrc << EOF -[General] -ObeyDRM=false -EOF - -fi diff --git a/examples/hooks/stripped.chroot b/examples/hooks/stripped.chroot new file mode 100755 index 000000000..02a72fd76 --- /dev/null +++ b/examples/hooks/stripped.chroot @@ -0,0 +1,52 @@ +#!/bin/sh + +## live-build(7) - System Build Scripts +## Copyright (C) 2006-2012 Daniel Baumann +## +## live-build comes with ABSOLUTELY NO WARRANTY; for details see COPYING. +## This is free software, and you are welcome to redistribute it +## under certain conditions; see COPYING for details. + + +set -e + +# WARNING: Using this hook will result in a stripped system, means, +# it may very well be possible that other packages are depending +# on certain files that get removed here. +# Therefore, this hooks is merely an inspiration for what could be +# removed and not a generic nor recommendet solution to get the +# image filesize down. In any event, using this hook can lead to +# unforseen bugs and breakages in other packages and you should +# be prepared to find and fix it for your own images. + +# Removing unused packages +for PACKAGE in apt-utils aptitude man-db manpages info wget dselect +do + if ! apt-get remove --purge --yes "${PACKAGE}" + then + echo "WARNING: ${PACKAGE} isn't installed" + fi +done + +apt-get autoremove --yes || true + +# Removing unused files +find . -name *~ | xargs rm -f + +rm -rf /usr/include/* +#rm -rf /usr/share/groff/* +rm -rf /usr/share/doc/* +rm -rf /usr/share/locale/* +rm -rf /usr/share/man/* +rm -rf /usr/share/i18n/* +rm -rf /usr/share/info/* +rm -rf /usr/share/lintian/* +rm -rf /usr/share/linda/* +rm -rf /usr/share/zoneinfo/* +rm -rf /var/cache/man/* + +# Truncating logs +for FILE in $(find /var/log/ -type f) +do + : > ${FILE} +done diff --git a/examples/hooks/sun-java6.chroot b/examples/hooks/sun-java6.chroot new file mode 100755 index 000000000..a9f74821d --- /dev/null +++ b/examples/hooks/sun-java6.chroot @@ -0,0 +1,31 @@ +#!/bin/sh + +# This is a hook for live-build(7) to install sun-java. +# To enable it, copy or symlink this hook into your config/chroot_local-hooks +# directory. +# +# Note: This hook requires packages from the non-free category. Make sure you +# enabled it in your configuration. + +# live-build sets DEBIAN_FRONTEND to 'noninteractive' to advise debconf to not +# ask any questions while installing packages. Suns redistribution terms for +# Java do not allow this, therefore we need to overwrite DEBIAN_FRONTEND for +# this apt-get call only. + +# In case you do accept the license terms, you can also preseed the values +# for a complete non-interactive build, by uncommenting the following three lines: + +#echo "sun-java6-bin shared/accepted-sun-dlj-v1-1 boolean true" > /root/preseed +#debconf-set-selections < /root/preseed +#rm -f /root/preseed + +DEBIAN_FRONTEND="dialog" apt-get install --yes sun-java6-bin sun-java6-demo \ + sun-java6-fonts sun-java6-javadb sun-java6-jdk sun-java6-jre \ + sun-java6-plugin sun-java6-source + +# Ensure that /tmp has the right permissions; apparently sun-java5-doc tampers +# with it +chmod 1777 /tmp + +# Set sun-java as default java +update-alternatives --set java /usr/lib/jvm/java-6-sun/jre/bin/java diff --git a/examples/hooks/symlinks.chroot b/examples/hooks/symlinks.chroot new file mode 100755 index 000000000..b0f2eea47 --- /dev/null +++ b/examples/hooks/symlinks.chroot @@ -0,0 +1,22 @@ +#!/bin/sh + +# This is a hook for live-build(7) to install localepurge. +# To enable it, copy or symlink this hook into your config/chroot_local-hooks +# directory. +# + +_PURGE="" + +if [ ! -x "$(which symlinks 2>/dev/null)" ] +then + _PURGE="true" + + apt-get install symlinks +fi + +symlinks -c -r -s / + +if [ "${_PURGE}" = "true" ] +then + apt-get remove --purge symlinks +fi diff --git a/examples/hooks/sysvinit.chroot b/examples/hooks/sysvinit.chroot new file mode 100755 index 000000000..d8e4932fb --- /dev/null +++ b/examples/hooks/sysvinit.chroot @@ -0,0 +1,17 @@ +#!/bin/sh + +# Disable all +for _FILE in /etc/init.d/* +do + update-rc.d -f $(basename ${_FILE}) remove +done + +# Re-enable all required (taken from -f standard chroot) +for _PACKAGE in live-boot live-config console-common cron dpkg ifupdown initscripts kbd klogd libc6 libdevmapper1.02 libselinux1 libsepol1 login makedev module-init-tools netbase openbsd-inetd procps sudo sysklogd udev util-linux +do + if [ -f /var/lib/dpkg/info/${_PACKAGE}.postinst ] + then + # Re-configure if existing + /var/lib/dpkg/info/${_PACKAGE}.postinst configure + fi +done diff --git a/examples/hooks/udev-generators.chroot b/examples/hooks/udev-generators.chroot new file mode 100755 index 000000000..9a5fed2ca --- /dev/null +++ b/examples/hooks/udev-generators.chroot @@ -0,0 +1,8 @@ +#!/bin/sh + +# This is a hook for live-build(7) to remove udev persistent device generator +# rules. +# To enable it, copy or symlink this hook into your config/chroot_local-hooks +# directory. + +rm -f /etc/udev/rules.d/*persistent-net-generator.rules diff --git a/examples/hooks/update-initramfs.chroot b/examples/hooks/update-initramfs.chroot new file mode 100755 index 000000000..b75b135bc --- /dev/null +++ b/examples/hooks/update-initramfs.chroot @@ -0,0 +1,15 @@ +#!/bin/sh + +# This is a hook for live-build(7) to rebuild the initramfs image. +# To enable it, copy or symlink this hook into your config/chroot_local-hooks +# directory. +# +# Note: You only want to use this hook if you have modified any initramfs-script +# during the build and need to refresh the initrd.img for that purpose. + +for KERNEL in /boot/vmlinuz-* +do + VERSION="$(basename ${KERNEL} | sed -e 's|vmlinuz-||')" + + update-initramfs -k ${VERSION} -t -u +done diff --git a/examples/hooks/virtualbox.chroot b/examples/hooks/virtualbox.chroot new file mode 100755 index 000000000..e1dab4ad4 --- /dev/null +++ b/examples/hooks/virtualbox.chroot @@ -0,0 +1,8 @@ +#!/bin/sh + +# This is a hook for live-build(7) to enable virtualbox-ose module. +# To enable it, copy or symlink this hook into your config/chroot_local-hooks +# directory. + +# Enabling loading of vboxdrv +sed -i -e 's|^LOAD_VBOXDRV_MODULE=.*$|LOAD_VBOXDRV_MODULE=1|' /etc/default/virtualbox-ose -- cgit v1.2.3