live-build/helpers/lh_chroot_hacks

#!/bin/sh

# lh_chroot_hacks(1) - execute hacks in chroot
# Copyright (C) 2006-2008 Daniel Baumann <daniel@debian.org>
#
# live-helper comes with ABSOLUTELY NO WARRANTY; for details see COPYING.
# This is free software, and you are welcome to redistribute it
# under certain conditions; see COPYING for details.

set -e

# Including common functions
LH_BASE="${LH_BASE:-/usr/share/live-helper}"

for FUNCTION in "${LH_BASE}"/functions/*.sh
do
	. "${FUNCTION}"
done

# Setting static variables
DESCRIPTION="execute hacks in chroot"
HELP=""
USAGE="${PROGRAM} [--force]"

Arguments "${@}"

# Reading configuration files
Read_conffile config/all config/common config/bootstrap config/chroot config/binary config/source
Set_defaults

Echo_message "Begin executing hacks..."

# Requiring stage file
Require_stagefile .stage/bootstrap

# Checking stage file
Check_stagefile .stage/chroot_hacks

# Checking lock file
Check_lockfile .lock

# Creating lock file
Create_lockfile .lock

# Removing udev mac caching rule
rm -f chroot/etc/udev/rules.d/*persistent-net.rules

case "${LH_BINARY_IMAGES}" in
	net)
		if [ ! -f chroot/usr/bin/smbmount ]
		then
			Apt install smbfs
		fi

		if [ ! -d chroot/etc/initramfs-tools ]
		then
			mkdir chroot/etc/initramfs-tools
		fi
		if [ ! "$(grep 'MODULES=netboot' chroot/etc/initramfs-tools/initramfs.conf)" ]
		then
			# Configuring initramfs for NFS
cat >> chroot/etc/initramfs-tools/initramfs.conf << EOF
MODULES=netboot
BOOT=nfs
NFSROOT=auto
EOF
		fi
		;;
esac

# Remove resume
if [ "${LH_DISTRIBUTION}" = "etch" ] && [ -e /etc/initramfs-tools/conf.d/resume ]
then
	rm -f /etc/initramfs-tools/conf.d/resume
fi

# Ensure readable permissions on initramfs. loop-aes-utils sets umask to
# protect GPG keys, which live-helper does not support.
chmod go+r chroot/boot/initrd*

# Remove build systems clock drift
echo "0.0 0 0.0" > chroot/etc/adjtime

# Remove cruft
rm -f chroot/boot/initrd*bak*
rm -f chroot/etc/apt/trusted.gpg~
rm -f chroot/etc/group- chroot/etc/passwd-
rm -f chroot/etc/gshadow- chroot/etc/shadow-
rm -f chroot/var/cache/debconf/*-old
rm -f chroot/var/cache/man/index.db
rm -f chroot/var/lib/dpkg/*-old

if [ -n "${LH_ROOT_COMMAND}" ]
then
	${LH_ROOT_COMMAND} chown -R --quiet $(whoami):$(whoami) chroot
fi

if [ "${LH_INITRAMFS}" = "casper" ] && [ -d chroot/home/${LH_USERNAME} ]
then
	chown -R --quiet 999:999 chroot/home/${LH_USERNAME}
fi

# Setting ownership for /etc/skel - this is where people often include stuff
# through local includes.
chown -R --quiet 0:0 chroot/home/etc/skel

# Making sure /etc/sudoers has right owner/permissions
chown --quiet 0:0 chroot/home/etc/sudoers
chmod 0440 chroot/etc/sudoers

# This is a temporary hack to get rid of fstab;
# needs cleanup in live-initramfs first to proper fix.
if [ "${LH_DEBIAN_INSTALLER}" = "live" ]
then
	rm -f chroot/etc/fstab
fi

if [ "${LH_EXPOSED_ROOT}" = "enabled" ]
then
	# Make sure RW dirs exist so that the initramfs script has
	# a directory in which to bind the tmpfs filesystems
	COW_DIRECTORIES="/home /live /tmp /var/lib/live /var/lock /var/log /var/run /var/tmp /var/spool"

	for DIRECTORY in ${COW_DIRECTORIES}
	do
		mkdir -p chroot/"${DIRECTORY}"
	done

	# Config files which need to be RW
	COW_FILES="/etc/adjtime /etc/fstab /etc/hostname /etc/hosts /etc/live.conf /etc/network/interfaces /etc/resolv.conf /etc/udev/rules.d/*persistent-net.rules /etc/udev/rules.d/*persistent-cd.rules /etc/X11/xorg.conf"

	# Where we will store RW config files
	RW_DIRECTORY="/var/lib/live"

	for FILE in ${COW_FILES}
	do
		DIRECTORY="$(dirname ${FILE})"
		FILE="$(basename ${FILE})"
		RELATIVE_PATH="$(echo ${DIRECTORY} | sed 's|[^/]\+|..|g; s|^/||g')"

		# Touch files in case they don't yet exist
		mkdir -p chroot/${DIRECTORY}
		touch chroot/${DIRECTORY}/${FILE}

		# Move files to the read-write directory
		mkdir -p chroot/${RW_DIRECTORY}/${DIRECTORY}
		mv chroot/${DIRECTORY}/${FILE} chroot/${RW_DIRECTORY}/${DIRECTORY}

		# Create a symbolic link to RW config file
		ln -s ${RELATIVE_PATH}/${RW_DIRECTORY}/${DIRECTORY}/${FILE} chroot/${DIRECTORY}/${FILE}
	done

	# Mount doesn't write to a symlink so use /proc/mounts instead,
	# see debian bug #154438 for more info
	rm -f chroot/etc/mtab
	ln -s /proc/mounts chroot/etc/mtab
fi

# Creating stage file
Create_stagefile .stage/chroot_hacks
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00			`#!/bin/sh`

			`# lh_chroot_hacks(1) - execute hacks in chroot`
Updating copyright years to 2008. 2008-03-06 14:43:00 -01:00			`# Copyright (C) 2006-2008 Daniel Baumann <daniel@debian.org>`
Adding live-helper 1.0~a3-1. 2007-09-23 08:04:48 +00:00			`#`
			`# live-helper comes with ABSOLUTELY NO WARRANTY; for details see COPYING.`
			`# This is free software, and you are welcome to redistribute it`
			`# under certain conditions; see COPYING for details.`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00
			`set -e`

Adding live-helper 1.0~a13-1. 2007-09-23 08:05:11 +00:00			`# Including common functions`
			`LH_BASE="${LH_BASE:-/usr/share/live-helper}"`

			`for FUNCTION in "${LH_BASE}"/functions/*.sh`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00			`do`
Adding live-helper 1.0~a13-1. 2007-09-23 08:05:11 +00:00			`. "${FUNCTION}"`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00			`done`

Adding live-helper 1.0~a13-1. 2007-09-23 08:05:11 +00:00			`# Setting static variables`
Adding live-helper 1.0~a3-1. 2007-09-23 08:04:48 +00:00			`DESCRIPTION="execute hacks in chroot"`
			`HELP=""`
			`USAGE="${PROGRAM} [--force]"`

			`Arguments "${@}"`

Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00			`# Reading configuration files`
Using new Read_conffile(); now. 2008-04-07 10:10:21 +00:00			`Read_conffile config/all config/common config/bootstrap config/chroot config/binary config/source`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00			`Set_defaults`

Adding live-helper 1.0~a13-1. 2007-09-23 08:05:11 +00:00			`Echo_message "Begin executing hacks..."`
Adding live-helper 1.0~a5-1. 2007-09-23 08:04:49 +00:00
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00			`# Requiring stage file`
Adding live-helper 1.0~a2-1. 2007-09-23 08:04:47 +00:00			`Require_stagefile .stage/bootstrap`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00
			`# Checking stage file`
Adding live-helper 1.0~a2-1. 2007-09-23 08:04:47 +00:00			`Check_stagefile .stage/chroot_hacks`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00
			`# Checking lock file`
Adding live-helper 1.0~a2-1. 2007-09-23 08:04:47 +00:00			`Check_lockfile .lock`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00
			`# Creating lock file`
Adding live-helper 1.0~a2-1. 2007-09-23 08:04:47 +00:00			`Create_lockfile .lock`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00
Adding live-helper 1.0~a1-3. 2007-09-23 08:04:47 +00:00			`# Removing udev mac caching rule`
Replacing Chroot(); call for removing the udev persistent-net rules with a direct rm call to avoid beeing expanded by the shell based on the build systems files. 2008-08-27 16:08:51 +00:00			`rm -f chroot/etc/udev/rules.d/*persistent-net.rules`
Adding live-helper 1.0~a1-3. 2007-09-23 08:04:47 +00:00
Adding live-helper 1.0~a22-1. 2007-09-23 08:05:17 +00:00			`case "${LH_BINARY_IMAGES}" in`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00			`net)`
Adding live-helper 1.0~a3-1. 2007-09-23 08:04:48 +00:00			`if [ ! -f chroot/usr/bin/smbmount ]`
			`then`
Adding apt/aptitude options. By using APT_OPTIONS and APTITUDE_OPTIONS in config/common, one can manipulate the default options wich is made to each and every apt and aptitude call. 2008-02-21 18:03:57 -01:00			`Apt install smbfs`
Adding live-helper 1.0~a3-1. 2007-09-23 08:04:48 +00:00			`fi`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00
Adding live-helper 1.0~a2-1. 2007-09-23 08:04:47 +00:00			`if [ ! -d chroot/etc/initramfs-tools ]`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00			`then`
Adding live-helper 1.0~a2-1. 2007-09-23 08:04:47 +00:00			`mkdir chroot/etc/initramfs-tools`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00			`fi`
Replacing backticks with POSIX expression. 2007-09-24 06:47:42 +00:00			`if [ ! "$(grep 'MODULES=netboot' chroot/etc/initramfs-tools/initramfs.conf)" ]`
Adding live-helper 1.0~a3-1. 2007-09-23 08:04:48 +00:00			`then`
			`# Configuring initramfs for NFS`
Adding live-helper 1.0~a2-1. 2007-09-23 08:04:47 +00:00			`cat >> chroot/etc/initramfs-tools/initramfs.conf << EOF`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00			`MODULES=netboot`
			`BOOT=nfs`
			`NFSROOT=auto`
			`EOF`
Adding live-helper 1.0~a3-1. 2007-09-23 08:04:48 +00:00			`fi`
Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00			`;;`
			`esac`

Adding live-helper 1.0~a22-1. 2007-09-23 08:05:17 +00:00			`# Remove resume`
			`if [ "${LH_DISTRIBUTION}" = "etch" ] && [ -e /etc/initramfs-tools/conf.d/resume ]`
			`then`
			`rm -f /etc/initramfs-tools/conf.d/resume`
			`fi`

lh_chroot_hacks: Ensure initrds are group- and world- readable The loop-aes-utils sets a umask in its update-initramfs configuration, causing initrds to have "0600" permissions which causes boot failures when offering the files over netboot or similar. The justification given by loop-aes is that, as it supports encrypting against embedded GPG keyrings, the keys would be compromised if the files were group- or world- readable. However, as live-helper does not support this feature, it is safe to simply correct the permissions. 2008-03-23 03:27:21 -01:00			`# Ensure readable permissions on initramfs. loop-aes-utils sets umask to`
			`# protect GPG keys, which live-helper does not support.`
			`chmod go+r chroot/boot/initrd*`

Adding live-helper 1.0~a18-1. 2007-09-23 08:05:14 +00:00			`# Remove build systems clock drift`
			`echo "0.0 0 0.0" > chroot/etc/adjtime`

			`# Remove cruft`
			`rm -f chroot/boot/initrdbak`
Fixing typing error, thanks to An-Cheng Huang <ancheng@vyatta.com>. 2007-11-11 21:00:43 -01:00			`rm -f chroot/etc/apt/trusted.gpg~`
Adding live-helper 1.0~a18-1. 2007-09-23 08:05:14 +00:00			`rm -f chroot/etc/group- chroot/etc/passwd-`
			`rm -f chroot/etc/gshadow- chroot/etc/shadow-`
			`rm -f chroot/var/cache/debconf/*-old`
Also removing manpage cache in cleanup. 2007-11-20 09:23:26 -01:00			`rm -f chroot/var/cache/man/index.db`
Adding live-helper 1.0~a18-1. 2007-09-23 08:05:14 +00:00			`rm -f chroot/var/lib/dpkg/*-old`

Adding live-helper 1.0~a7-1. 2007-09-23 08:04:51 +00:00			`if [ -n "${LH_ROOT_COMMAND}" ]`
			`then`
Replacing backticks with POSIX expression. 2007-09-24 06:47:42 +00:00			`${LH_ROOT_COMMAND} chown -R --quiet $(whoami):$(whoami) chroot`
Adding live-helper 1.0~a7-1. 2007-09-23 08:04:51 +00:00			`fi`

Since #433076 is fixed in live-initramfs, we only need to adjust owner of the live-user when using casper for etch builds. 2008-08-25 11:04:03 +00:00			`if [ "${LH_INITRAMFS}" = "casper" ] && [ -d chroot/home/${LH_USERNAME} ]`
Adding live-helper 1.0~a18-1. 2007-09-23 08:05:14 +00:00			`then`
Adding live-helper 1.0~a22-1. 2007-09-23 08:05:17 +00:00			`chown -R --quiet 999:999 chroot/home/${LH_USERNAME}`
Adding live-helper 1.0~a18-1. 2007-09-23 08:05:14 +00:00			`fi`

Manually setting owner of /etc/skel to root. 2008-10-12 11:55:42 +00:00			`# Setting ownership for /etc/skel - this is where people often include stuff`
			`# through local includes.`
			`chown -R --quiet 0:0 chroot/home/etc/skel`

Making sure /etc/sudoers has right owner/permissions. 2008-10-12 11:56:34 +00:00			`# Making sure /etc/sudoers has right owner/permissions`
			`chown --quiet 0:0 chroot/home/etc/sudoers`
			`chmod 0440 chroot/etc/sudoers`

Adding temporary hack to remove fstab when using live-installer. 2008-03-01 12:43:47 -01:00			`# This is a temporary hack to get rid of fstab;`
			`# needs cleanup in live-initramfs first to proper fix.`
			`if [ "${LH_DEBIAN_INSTALLER}" = "live" ]`
			`then`
			`rm -f chroot/etc/fstab`
			`fi`

add exposedroot option which exposes the root fs as ro This option allows you to expose the root read only. Using this option a person could upgrade the root filesystem or add packages without requiring the user to reboot. The root filesystem could be kept on an nfs volume or some other persistent medium. Multiple clients could then be booted off the same root fs. I used LTSP as a template to determine which directories to make rw. 2007-10-23 20:56:43 +00:00			`if [ "${LH_EXPOSED_ROOT}" = "enabled" ]`
			`then`
			`# Make sure RW dirs exist so that the initramfs script has`
			`# a directory in which to bind the tmpfs filesystems`
Fixing some coding style issues. 2007-11-11 11:57:11 -01:00			`COW_DIRECTORIES="/home /live /tmp /var/lib/live /var/lock /var/log /var/run /var/tmp /var/spool"`

			`for DIRECTORY in ${COW_DIRECTORIES}`
			`do`
			`mkdir -p chroot/"${DIRECTORY}"`
add exposedroot option which exposes the root fs as ro This option allows you to expose the root read only. Using this option a person could upgrade the root filesystem or add packages without requiring the user to reboot. The root filesystem could be kept on an nfs volume or some other persistent medium. Multiple clients could then be booted off the same root fs. I used LTSP as a template to determine which directories to make rw. 2007-10-23 20:56:43 +00:00			`done`

			`# Config files which need to be RW`
Updating chroot hacks to reflect namechange of the udev persistent rules. 2008-08-15 21:19:33 +00:00			`COW_FILES="/etc/adjtime /etc/fstab /etc/hostname /etc/hosts /etc/live.conf /etc/network/interfaces /etc/resolv.conf /etc/udev/rules.d/persistent-net.rules /etc/udev/rules.d/persistent-cd.rules /etc/X11/xorg.conf"`
add exposedroot option which exposes the root fs as ro This option allows you to expose the root read only. Using this option a person could upgrade the root filesystem or add packages without requiring the user to reboot. The root filesystem could be kept on an nfs volume or some other persistent medium. Multiple clients could then be booted off the same root fs. I used LTSP as a template to determine which directories to make rw. 2007-10-23 20:56:43 +00:00
			`# Where we will store RW config files`
Fixing some coding style issues. 2007-11-11 11:57:11 -01:00			`RW_DIRECTORY="/var/lib/live"`
add exposedroot option which exposes the root fs as ro This option allows you to expose the root read only. Using this option a person could upgrade the root filesystem or add packages without requiring the user to reboot. The root filesystem could be kept on an nfs volume or some other persistent medium. Multiple clients could then be booted off the same root fs. I used LTSP as a template to determine which directories to make rw. 2007-10-23 20:56:43 +00:00
Fixing some coding style issues. 2007-11-11 11:57:11 -01:00			`for FILE in ${COW_FILES}`
add exposedroot option which exposes the root fs as ro This option allows you to expose the root read only. Using this option a person could upgrade the root filesystem or add packages without requiring the user to reboot. The root filesystem could be kept on an nfs volume or some other persistent medium. Multiple clients could then be booted off the same root fs. I used LTSP as a template to determine which directories to make rw. 2007-10-23 20:56:43 +00:00			`do`
Fixing some coding style issues. 2007-11-11 11:57:11 -01:00			`DIRECTORY="$(dirname ${FILE})"`
			`FILE="$(basename ${FILE})"`
Consistently using the pipe as seperator in sed commands now. 2008-01-15 06:25:29 -01:00			`RELATIVE_PATH="$(echo ${DIRECTORY} \| sed 's\|[^/]\+\|..\|g; s\|^/\|\|g')"`
Fixing some coding style issues. 2007-11-11 11:57:11 -01:00
add exposedroot option which exposes the root fs as ro This option allows you to expose the root read only. Using this option a person could upgrade the root filesystem or add packages without requiring the user to reboot. The root filesystem could be kept on an nfs volume or some other persistent medium. Multiple clients could then be booted off the same root fs. I used LTSP as a template to determine which directories to make rw. 2007-10-23 20:56:43 +00:00			`# Touch files in case they don't yet exist`
Fixing some coding style issues. 2007-11-11 11:57:11 -01:00			`mkdir -p chroot/${DIRECTORY}`
			`touch chroot/${DIRECTORY}/${FILE}`

			`# Move files to the read-write directory`
			`mkdir -p chroot/${RW_DIRECTORY}/${DIRECTORY}`
			`mv chroot/${DIRECTORY}/${FILE} chroot/${RW_DIRECTORY}/${DIRECTORY}`

add exposedroot option which exposes the root fs as ro This option allows you to expose the root read only. Using this option a person could upgrade the root filesystem or add packages without requiring the user to reboot. The root filesystem could be kept on an nfs volume or some other persistent medium. Multiple clients could then be booted off the same root fs. I used LTSP as a template to determine which directories to make rw. 2007-10-23 20:56:43 +00:00			`# Create a symbolic link to RW config file`
Fixing some coding style issues. 2007-11-11 11:57:11 -01:00			`ln -s ${RELATIVE_PATH}/${RW_DIRECTORY}/${DIRECTORY}/${FILE} chroot/${DIRECTORY}/${FILE}`
add exposedroot option which exposes the root fs as ro This option allows you to expose the root read only. Using this option a person could upgrade the root filesystem or add packages without requiring the user to reboot. The root filesystem could be kept on an nfs volume or some other persistent medium. Multiple clients could then be booted off the same root fs. I used LTSP as a template to determine which directories to make rw. 2007-10-23 20:56:43 +00:00			`done`

			`# Mount doesn't write to a symlink so use /proc/mounts instead,`
			`# see debian bug #154438 for more info`
add force flag when removing /etc/mtab for exposedroot mode cdebootstrap does not create /etc/mtab 2007-10-30 20:03:44 -01:00			`rm -f chroot/etc/mtab`
add exposedroot option which exposes the root fs as ro This option allows you to expose the root read only. Using this option a person could upgrade the root filesystem or add packages without requiring the user to reboot. The root filesystem could be kept on an nfs volume or some other persistent medium. Multiple clients could then be booted off the same root fs. I used LTSP as a template to determine which directories to make rw. 2007-10-23 20:56:43 +00:00			`ln -s /proc/mounts chroot/etc/mtab`
			`fi`

Adding live-helper 1.0~a1-1. 2007-09-23 08:04:46 +00:00			`# Creating stage file`
Adding live-helper 1.0~a2-1. 2007-09-23 08:04:47 +00:00			`Create_stagefile .stage/chroot_hacks`