# mk-basefile, create basefiles for some distributions
#
-# Thomas Lange, Uni Koeln, 2011-2015
+# Thomas Lange, Uni Koeln, 2011-2016
# based on the Makefile implementation of Michael Goetze
-#
-# Usage example: fai-mk-basefile -J SQUEEZE64
-# This will create a SQUEEZE64.tar.xz basefile.
# Supported distributions (each i386/amd64):
# Debian GNU/Linux
# Define your local mirros here
# For the first stage, set the CentOS/SLC mirror in /etc/rinse/rinse.conf
MIRROR_DEBIAN=http://httpredir.debian.org/debian/
-MIRROR_DEBIAN=http://localmirror/debian/
MIRROR_UBUNTU=http://mirror.netcologne.de/ubuntu/
MIRROR_CENTOS=http://mirror.netcologne.de/
-#MIRROR_CENTOS=http://localmirror
-#MIRROR_SLC=http://localmirror
EXCLUDE_SQUEEZE=isc-dhcp-client,isc-dhcp-common,info,tasksel,tasksel-data
-EXCLUDE_WHEEZY=isc-dhcp-client,isc-dhcp-common,info,tasksel,tasksel-data
-EXCLUDE_JESSIE=isc-dhcp-client,isc-dhcp-common,info,tasksel,tasksel-data
+EXCLUDE_WHEEZY=info,tasksel,tasksel-data
+EXCLUDE_JESSIE=tasksel,tasksel-data
+EXCLUDE_STRETCH=tasksel,tasksel-data
+
EXCLUDE_TRUSTY=dhcp3-client,dhcp3-common,info
-EXCLUDE_XENIAL=isc-dhcp-client,isc-dhcp-common,udhcpc,dibbler-client,dhcpcd5,info,tasksel,tasksel-data
+EXCLUDE_XENIAL=tasksel,tasksel-data
INCLUDE_DEBIAN=aptitude
tarit() {
- tar --xattrs --selinux --acl --one-file-system -C $xtmp -cf - . | $zip > $target.$ext
+ tar $attributes --one-file-system -C $xtmp -cf - . | $zip > $target.$ext
}
}
-squeeze() {
-
- local arch=$1
-
- check
- debootstrap --arch $arch --exclude=${EXCLUDE_SQUEEZE} squeeze $xtmp ${MIRROR_DEBIAN}
- cleanup-deb
- tarit
-}
-
-wheezy() {
-
- local arch=$1
-
- check
- debootstrap --arch $arch --exclude=${EXCLUDE_WHEEZY} wheezy $xtmp ${MIRROR_DEBIAN}
- cleanup-deb
- tarit
-}
+debgeneric() {
-jessie() {
+ local DIST=$1
+ shift
+ local mirror=$1
- local arch=$1
-
- check
- debootstrap --arch $arch --exclude=${EXCLUDE_JESSIE} --include=${INCLUDE_DEBIAN} jessie $xtmp ${MIRROR_DEBIAN}
- cleanup-deb
- tarit
-}
-
-trusty() {
+ if [[ $DIST =~ 64 ]]; then
+ arch=amd64
+ else
+ arch=i386
+ fi
- local arch=$1
+ DIST=${DIST%%??}
+ dist=${DIST,,}
+ local exc="EXCLUDE_$DIST"
check
- debootstrap --arch $arch --exclude=${EXCLUDE_TRUSTY} --include=${INCLUDE_DEBIAN} trusty $xtmp ${MIRROR_UBUNTU}
+ debootstrap --arch $arch --exclude=${!exc} --include=${INCLUDE_DEBIAN} $dist $xtmp $mirror
cleanup-deb
tarit
}
-xenial() {
-
- local arch=$1
-
- check
- debootstrap --arch $arch --exclude=${EXCLUDE_XENIAL} --include=${INCLUDE_DEBIAN} xenial $xtmp ${MIRROR_UBUNTU}
- cleanup-deb
- tarit
-}
+prtdists() {
-
-unknown() {
-
- echo "Unknown distribution. Aborting."
echo "Available:
CENTOS5_32 CENTOS5_64
SQUEEZE32 SQUEEZE64
WHEEZY32 WHEEZY64
JESSIE32 JESSIE64
+ STRETCH32 STRETCH64
"
- exit 99
}
+usage() {
+
+ cat <<EOF
+mk-basefile, create minimal base files for a Linux distritubtion
+
+ Copyright (C) 2011-2016 by Thomas Lange
+
+Usage: mk-basefile [OPTION] ... DISTRIBUTION
+
+ -s Show list of supported linux distributions
+ -a Add xtattrs, acl and selinux properties to the tar file.
+ -d DIR Use DIR for creating the temporary subtree structure.
+ -z Use gzip for compressing the tar file.
+ -J Use xz for compressing the tar file.
+ -k Keep the temporary subtree structure, do not remove it.
+ -h Print help.
+
+ Usage example: mk-basefile -J STRETCH64
+ This will create a STRETCH64.tar.xz basefile.
+
+EOF
+ exit 0
+}
# main routine
ext=tar
zip=cat
-tmpdir=/var/tmp
+attributes=
+cleanup=1
-while getopts zJd: opt ; do
+while getopts ashzJd:k opt ; do
case "$opt" in
- d) tmpdir=$OPTARG ;;
+ a) attributes="--xattrs --selinux --acl" ;;
+ d) export TMPDIR=$OPTARG ;;
z) zip="gzip -9"; ext=tar.gz ;;
J) zip="xz -8" ext=tar.xz ;;
+ k) cleanup=0 ;;
+ h) usage ;;
+ s) prtdists ; exit 0;;
+ ?) exit 3 ;; # error in option parsing
esac
done
shift $(($OPTIND - 1))
-xtmp=$(mktemp -d $tmpdir/basefiles.XXXXXXXX)
+xtmp=$(mktemp --tmpdir -d basefiles.XXXXXXXX)
if [ $? -eq 1 ]; then
echo "mktemp failed. Aborting."
exit 2
SLC6_32) slc i386 6 ;;
SLC6_64) slc amd64 6 ;;
SLC7_64) slc amd64 7 ;;
- TRUSTY32) trusty i386 ;;
- TRUSTY64) trusty amd64 ;;
- XENIAL32) xenial i386 ;;
- XENIAL64) xenial amd64 ;;
- SQUEEZE32) squeeze i386 ;;
- SQUEEZE64) squeeze amd64 ;;
- WHEEZY32) wheezy i386 ;;
- WHEEZY64) wheezy amd64 ;;
- JESSIE32) jessie i386 ;;
- JESSIE64) jessie amd64 ;;
- *) unknown ;;
+ TRUSTY*|XENIAL*)
+ debgeneric $target $MIRROR_UBUNTU ;;
+ SQUEEZE*|WHEEZY*|JESSIE*|STRETCH*)
+ debgeneric $target $MIRROR_DEBIAN ;;
+ *) echo "Unknown distribution. Aborting."
+ prtdists
+ exit 99 ;;
esac
# cleanup
-rm -rf $xtmp
+if [ $cleanup -eq 1 ]; then
+ rm -rf $xtmp
+fi
--- /dev/null
+#! /bin/bash
+
+[ "$cmdlineclasses" ] || exit 0
+
+# define the classes given on the cmdline (suing -c) very early
+echo $cmdlineclasses
+
+exit 0
#! /bin/bash
+# do only execute if this is called on the client being installed. Do not use during fai-diskimage
+if [ X$FAI_ACTION = Xinstall -a $do_init_tasks -eq 0 ]; then
+ exit 0
+fi
+
# Echo architecture and OS name in uppercase. Do NOT remove these two lines.
uname -s | tr '[:lower:]' '[:upper:]'
[ -x "`which dpkg`" ] && dpkg --print-architecture | tr a-z A-Z
esac
for mod in $kernelmodules; do
- [ "$verbose" ] && echo Loading kernel module $mod
+ [ X$verbose = X1 ] && echo Loading kernel module $mod
modprobe -a $mod 1>/dev/null 2>&1
done
--- /dev/null
+#! /bin/bash
+
+if [ X$FAI_ACTION = Xinstall -o X$FAI_ACTION = X ]; then
+ :
+else
+ return
+fi
+if [ X$action = Xdirinstall ]; then
+ return
+fi
+
+grep -q INSTALL $LOGDIR/FAI_CLASSES || return 0
+[ "$flag_menu" ] || return 0
+
+out=$(tty)
+
+dialog --colors --clear --aspect 6 --title "FAI - Fully Automatic Installation" --trim \
+ --msgbox "\n\n If you continue, \n all your data on the disk \n \n|\Zr\Z1 WILL BE DESTROYED \Z0\Zn|\n\n" 0 0 1>$out
--- /dev/null
+#! /bin/bash
+
+ifclass GCE && echo AMD64 CLOUD
+exit 0
#! /bin/bash
ifclass -o CENTOS SLC && exit 0
-ifclass -o I386 AMD64 && echo GRUB_PC
+if ifclass -o I386 AMD64 ; then
+ ifclass -o GRUB_PC GRUB_EFI ||echo GRUB_PC
+fi
--- /dev/null
+release=jessie
+TIMEZONE=UTC
+NTPSRVS='metadata.google.internal'
+NIC1=eth0
Short: Show detailed hardware and system information
Long: Execute a lot of commands for collecting system information
Classes: SYSINFO
-
-Name: dummy
-Description: A dummy profile
-Short: This is the short one liner text for the dummy menu, Shown at the bottom of the menu
-Long: Here you can add more lines to describe details of you
-profile. A profile is only a list of FAI classes. Those classes can
-then define the disk partitioning scheme, the list of packages to be
-installed, the variables to defined and other things.
-
-In the end, a profile is just a list of FAI classes combined with some description.
-Classes: A B C E
--- /dev/null
+# Linux command line:
+grub-pc grub2/linux_cmdline_default string quiet elevator=noop
--- /dev/null
+# Linux command line:
+grub-pc grub2/linux_cmdline_default string quiet elevator=noop console=ttyS0,38400n8
+# GRUB timeout; for internal use
+grub-pc grub-pc/timeout string 0
--- /dev/null
+# config for a disk image for a VM
+#
+# <type> <mountpoint> <size> <fs type> <mount options> <misc options>
+
+disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid align-at:1M
+
+primary / 300- ext4 rw,nobarrier,noatime,errors=remount-ro tuneopts="-c 0 -i 0"
--- /dev/null
+deb http://httpredir.debian.org/debian {release} main contrib non-free
+deb http://httpredir.debian.org/debian {release}-backports main
+deb http://security.debian.org/debian-security {release}/updates main contrib non-free
+
+deb http://packages.cloud.google.com/apt cloud-sdk-{release} main
+deb http://packages.cloud.google.com/apt google-cloud-packages-archive-keyring-{release} main
+deb http://packages.cloud.google.com/apt google-cloud-compute-{release} main
--- /dev/null
+#! /bin/bash
+
+# replace {release} in a sources.list template with the value of $release
+
+
+# $1 is the class name used
+# $2 is the path to the file copied
+
+# check if a variable of the form {varname} was used at all
+grep -q '{' $2 || exit 0
+
+if [ -z "$release" ]; then
+ echo "\$release is undefined. No substitution performed in $2."
+ exit 0
+fi
+
+sed -i -e "s/{release}/$release/g" $2
deb http://security.debian.org/debian-security jessie/updates main contrib non-free
# repository that may contain newer fai packages for jessie
-deb http://fai-project.org/download jessie koeln
+deb [trusted=yes] http://fai-project.org/download jessie koeln
--- /dev/null
+#!/bin/bash
+### BEGIN INIT INFO
+# Provides: expand-root
+# Required-Start:
+# Required-Stop:
+# Should-Start:
+# Should-Stop:
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Description: Expand the filesystem of the mounted root volume/partition to its maximum possible size
+### END INIT INFO
+
+prog=$(basename $0)
+logger="logger -t $prog"
+
+growpart="growpart"
+
+hash $growpart 2> /dev/null || {
+ $logger "$growpart was not found on PATH. Unable to expand size."
+ exit 1
+}
+
+root_device_path="/dev/sda"
+root_index="1"
+
+# Growpart can fail if the partition is already resized.
+$growpart $root_device_path $root_index || {
+ $logger "growpart failed. Unable to expand size."
+}
+
+device_path="${root_device_path}${root_index}"
+filesystem=$(blkid -s TYPE -o value ${device_path})
+
+case $filesystem in
+ xfs) xfs_growfs / ;;
+ ext2) resize2fs $device_path ;;
+ ext3) resize2fs $device_path ;;
+ ext4) resize2fs $device_path ;;
+ *) $logger "The filesystem $filesystem was not recognized. Unable to expand size." ;;
+esac
--- /dev/null
+#! /bin/bash
+
+# regenerate ssh_host keys
+ls /etc/ssh/ssh_host_* > /dev/null
+if [ $? -ne 0 ]; then
+ dpkg-reconfigure -fnoninteractive openssh-server
+fi
+rm $0
# setup network
ifup eth0
+# regenerate ssh_host keys
+ls /etc/ssh/ssh_host_* > /dev/null
+if [ $? -ne 0 ]; then
+ dpkg-reconfigure -fnoninteractive openssh-server
+fi
sleep 8
[ -x /etc/init.d/nscd ] && /etc/init.d/nscd restart
ainsl /srv/fai/config/class/FAIBASE.var "^LOGUSER=fai"
myip=$(ip addr show up| grep -w inet | cut -d t -f 2 | cut -d ' ' -f 2 | cut -d / -f 1 | grep -v 127.0.0.1)
echo "APTPROXY=http://$myip:3142" >> /srv/fai/config/class/DEBIAN.var
- # determine a fast mirror for Ubuntu
- list=$(curl -s http://mirrors.ubuntu.com/mirrors.txt)
- mirror=$(netselect $list | awk '{print $2}')
- sed -i -e "s#MIRRORURL#$mirror#" /srv/fai/config/files/etc/apt/sources.list/UBUNTU
fi
# set the LOGUSER, wo we get all the logs from our install clients
ainsl /etc/fai/fai.conf "^LOGUSER=fai"
# setup the FAI server, including creating the nfsroot, use my own proxy
export APTPROXY="http://127.0.0.1:3142"
-fai-setup -fvB /var/tmp/base.tar.xz 2>&1
+if [ -f /var/tmp/base.tar.xz ]; then
+ fai-setup -fvB /var/tmp/base.tar.xz 2>&1
+else
+ fai-setup -fv 2>&1
+fi
if [ $? -eq 0 ]; then
rm /var/tmp/base.tar.xz
echo ""
# move me away
mv $0 /var/tmp
+
+# create new rc.local for next reboot
+echo '#! /bin/bash' > /etc/rc.local
+echo 'fai-monitor > /var/log/fai/fai-monitor.log &' >> /etc/rc.local
+chmod a+rx /etc/rc.local
+
exit 0
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
-SELINUX=enforcing
+SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Only targeted network daemons are protected.
# strict - Full SELinux protection.
# if package locales will be installed, then install it early, before
# other packages
-
-if [ $FAI_ACTION != "install" ]; then
+if [ $FAI_ACTION != "install" -a $FAI_ACTION != "dirinstall" ]; then
exit 0
fi
fcopy -Bi /etc/apt/apt.conf.d/force_confdef
-ainsl -av /etc/ucf.conf "^conf_force_conffold=YES"
+ainsl -a /etc/ucf.conf "^conf_force_conffold=YES"
+
+# in case the locales are already included inside the base file (Ubuntu)
+if [ -f $target/usr/sbin/locale-gen ]; then
+ $ROOTCMD dpkg-reconfigure -fnoninteractive locales
+ exit
+fi
+# if we want to install locales, install them now
install_packages -l 2>/dev/null | egrep -q ' locales|locales '
if [ $? -eq 0 ]; then
- $ROOTCMD apt-get -y install locales
+ if [ X$verbose = X1 ]; then
+ $ROOTCMD apt-get -y install locales
+ else
+ $ROOTCMD apt-get -y install locales > /dev/null
+ fi
fi
couldn't
can't
E: Sorry, broken packages
+^E:
operator expected
ambiguous redirect
No previous regular expression
kolabadmin
gstreamer0.10-plugins-really-bad
liberrors.so
+liberrors-samba
gsambad
libad
libtest-nowarnings-perl
liberror-perl
libgpg-error-dev
libgpg-error0
-^fstab.\+errors=remount
-Opts: errors=remount-ro
+Opts:.\+errors=remount
[RT]X packets:
WARNING: unexpected IO-APIC
warned about = ( )
can't initialize iptables table
can't initialize ip6tables table
Authentication warning overridden
+41-warning.sh
update-alternatives: warning: skip creation of
+loop: module verification failed: signature
+Warning: apt-key output should not be parsed
+WARNING: Failed to connect to lvmetad. Falling back to device scanning
update-rc.d: warning: start and stop actions are no longer supported"
# add pattern on some conditions
fi
grep -i "$errorpatterns" *.log | grep -vi "$ignorepatterns" > $errfile
-if [ "$verbose" ]; then
+if [ X$verbose = X1 ]; then
egrep -v '^software.log:' $errfile > $LOGDIR/tempfile
mv $LOGDIR/tempfile $errfile
fi
# use short hostname instead of FQDN
export HOSTNAME=${HOSTNAME%%.*}
-# n.b. use $action instead of $FAI_ACTION
-# as the latter is apparently unset at this point in dirinstall
-if [ "$action" = "dirinstall" ] ; then
- :
-else
+if [ $do_init_tasks -eq 1 ]; then
echo $HOSTNAME > /proc/sys/kernel/hostname
fi
cp /etc/resolv.conf $target/etc
fi
-if [ "$verbose" ]; then
+if [ X$verbose = X1 ]; then
echo "Updating base"
- $ROOTCMD yum -y update 2>&1 | tee -a $LOGDIR/software.log
+ $ROOTCMD yum -y update |& tee -a $LOGDIR/software.log
else
$ROOTCMD yum -y update >> $LOGDIR/software.log
fi
isc-dhcp-client
PACKAGES install GRUB_PC
-grub-pc grub-legacy- lilo-
+grub-pc
+
+PACKAGES install GRUB_EFI
+grub-efi
PACKAGES install LVM
lvm2
+
+PACKAGES install CLOUD
+locales-all
# some packages we need on a demo machine
-PACKAGES aptitude
+PACKAGES install-norec
fortune-mod fortunes
rstat-client #rstatd
# only when also class XORG is defined
-PACKAGES aptitude XORG
+PACKAGES install-norec XORG
bb xpenguins
#frozen-bubble
-PACKAGES aptitude DEBIAN
+PACKAGES install-norec DEBIAN
fai-client
-cron
debconf-utils
file
less
rdate
rsync
openssh-client openssh-server
-strace
time
procinfo
nullmailer
-PACKAGES aptitude
+PACKAGES install-norec
fai-quickstart
isc-dhcp-client
--- /dev/null
+PACKAGES install
+google-cloud-packages-archive-keyring
+cloud-initramfs-growroot
+cloud-utils/$release-backports
+google-cloud-sdk
+google-compute-engine-$release
+google-compute-engine-init-$release
+google-config-$release
+python-crcmod/$release-backports
+screen
+vim
+
+acpi-support-base
+busybox
+ca-certificates
+curl
+ethtool
+gdisk
+kpartx
+isc-dhcp-client
+lsb-release
+ntp
+parted
+python
+openssh-client
+openssh-server
+sudo
+uuid-runtime
--- /dev/null
+# pub 2048R/A7317B0F 2015-04-03 Google Cloud Packages Automatic Signing Key <gc-team@google.com>
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1
+
+mQENBFUd6rIBCAD6mhKRHDn3UrCeLDp7U5IE7AhhrOCPpqGF7mfTemZYHf/5Jdjx
+cOxoSFlK7zwmFr3lVqJ+tJ9L1wd1K6P7RrtaNwCiZyeNPf/Y86AJ5NJwBe0VD0xH
+TXzPNTqRSByVYtdN94NoltXUYFAAPZYQls0x0nUD1hLMlOlC2HdTPrD1PMCnYq/N
+uL/Vk8sWrcUt4DIS+0RDQ8tKKe5PSV0+PnmaJvdF5CKawhh0qGTklS2MXTyKFoqj
+XgYDfY2EodI9ogT/LGr9Lm/+u4OFPvmN9VN6UG+s0DgJjWvpbmuHL/ZIRwMEn/tp
+uneaLTO7h1dCrXC849PiJ8wSkGzBnuJQUbXnABEBAAG0QEdvb2dsZSBDbG91ZCBQ
+YWNrYWdlcyBBdXRvbWF0aWMgU2lnbmluZyBLZXkgPGdjLXRlYW1AZ29vZ2xlLmNv
+bT6JAT4EEwECACgFAlUd6rICGy8FCQWjmoAGCwkIBwMCBhUIAgkKCwQWAgMBAh4B
+AheAAAoJEDdGwginMXsPcLcIAKi2yNhJMbu4zWQ2tM/rJFovazcY28MF2rDWGOnc
+9giHXOH0/BoMBcd8rw0lgjmOosBdM2JT0HWZIxC/Gdt7NSRA0WOlJe04u82/o3OH
+WDgTdm9MS42noSP0mvNzNALBbQnlZHU0kvt3sV1YsnrxljoIuvxKWLLwren/GVsh
+FLPwONjw3f9Fan6GWxJyn/dkX3OSUGaduzcygw51vksBQiUZLCD2Tlxyr9NvkZYT
+qiaWW78L6regvATsLc9L/dQUiSMQZIK6NglmHE+cuSaoK0H4ruNKeTiQUw/EGFaL
+ecay6Qy/s3Hk7K0QLd+gl0hZ1w1VzIeXLo2BRlqnjOYFX4A=
+=HVTm
+-----END PGP PUBLIC KEY BLOCK-----
-PACKAGES aptitude
+PACKAGES install
task-german
-PACKAGES aptitude GNOME
+PACKAGES install GNOME
iceweasel-l10n-de icedove-l10n-de
-PACKAGES aptitude
+PACKAGES install-norec
iceweasel
#icedove
gnome-core
gconf-editor
gnome-screensaver gnome-system-monitor gnome-system-tools
-gnome-network-admin
libgnomevfs2-bin
+network-manager-gnome
PACKAGES install GRUB_PC
grub-pc
-PACKAGES aptitude-r XORG
+PACKAGES install XORG
ubuntu-desktop
ubuntu-standard
ubuntu-minimal
-PACKAGES aptitude
+PACKAGES install-norec
xfce4 # base system
xfce4-goodies # additional tools
lightdm
-PACKAGES aptitude DEBIAN
+PACKAGES install-norec DEBIAN
xorg xserver-xorg-video-all xserver-xorg-input-all
ttf-freefont
xscreensaver
xscreensaver-gl
xterm
desktop-base
+
+# add free and non-free firmware
+#firmware-linux
--- /dev/null
+#! /bin/bash
+
+fcopy /etc/init.d/expand-root
+if [ -f $target/files/etc/init.d/expand-root ]; then
+ $ROOTCMD insserv --default expand-root
+fi
+
+sed -i "s/PermitRootLogin yes/PermitRootLogin without-password/" $target/etc/ssh/sshd_config
+ainsl /etc/ssh/sshd_config 'ClientAliveInterval 120'
+
+ainsl -a /etc/modprobe.d/blacklist.conf 'blacklist pcspkr'
+ainsl -a /etc/modprobe.d/blacklist.conf 'blacklist floppy'
+
+rm -f $target/etc/resolv.conf $target/etc/udev/rules.d/70-persistent-net.rules $target/lib/udev/write_net_rules
+shred --remove $target/etc/ssh/ssh_host_*
+
+# FIXME: DHCP RFC3442 is used incorrect in Azure
+if [ -f $target/etc/dhcp/dhclient.conf ]; then
+ sed -ie 's,rfc3442-classless-static-routes,disabled-\0,' $target/etc/dhcp/dhclient.conf
+fi
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
# set root password
-$ROOTCMD usermod -p $ROOTPW root
+$ROOTCMD usermod -p "$ROOTPW" root
exit $error
fi
for FILE in /bin/ping /bin/ping6 /usr/bin/fping /usr/bin/fping6; do
- if [ -x $target/$FILE ] ; then
+ if [ -x $target/$FILE -a ! -h $target/$FILE ] ; then
if $ROOTCMD /sbin/setcap cap_net_raw+ep $FILE; then
echo "Setcap worked! $FILE is not suid!"
fi
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
-if ifclass DHCPC && [ $FAI_ACTION = "install" -o $FAI_ACTION = "dirinstall" ]
-then
+
+newnicnames() {
+
+ # determine predictable network names only for stretch and above
+
+ [ $do_init_tasks -eq 0 ] && return
+
+ ver=$($ROOTCMD dpkg-query --showformat='${Version}' --show udev)
+ if dpkg --compare-versions $ver lt 220-7; then
+ return
+ fi
+
+ [ -z $NIC1 ] && return
+
+ fields="ID_NET_NAME_FROM_DATABASE ID_NET_NAME_ONBOARD ID_NET_NAME_SLOT ID_NET_NAME_PATH"
+ for field in $fields; do
+ name=$(udevadm info /sys/class/net/$NIC1 | sed -rn "s/^E: $field=(.+)/\1/p")
+ if [[ $name ]]; then
+ NIC1=$name
+ break
+ fi
+ done
+ if [[ ! $name ]]; then
+ echo "$0: error: could not find systemd predictable network name. Using $NIC1."
+ fi
+}
+
+newnicnames
+CIDR=$(ip -o -f inet addr show $NIC1 | awk '{print $4}')
+if ifclass DHCPC && [ $FAI_ACTION = "install" -o $FAI_ACTION = "dirinstall" ]; then
+
cat > $target/etc/network/interfaces <<-EOF
# generated by FAI
auto lo $NIC1
iface lo inet loopback
iface $NIC1 inet dhcp
EOF
-elif [ $FAI_ACTION = "install" -o $FAI_ACTION = "dirinstall" ]
-then
- [ -n "$IPADDR" ] && cat > $target/etc/network/interfaces <<-EOF
+elif [ $FAI_ACTION = "install" -o $FAI_ACTION = "dirinstall" ]; then
+ [ -n "$CIDR" ] && cat > $target/etc/network/interfaces <<-EOF
# generated by FAI
auto lo $NIC1
iface lo inet loopback
iface $NIC1 inet static
- address $IPADDR
- netmask $NETMASK
- broadcast $BROADCAST
+ address $CIDR
gateway $GATEWAYS
EOF
[ -n "$NETWORK" ] && echo "localnet $NETWORK" > $target/etc/networks
#! /bin/bash
-# (c) Thomas Lange, 2001-2015, lange@debian.org
+# (c) Thomas Lange, 2001-2016, lange@debian.org
# (c) Michael Goetze, 2010-2011, mgoetze@mgoetze.net
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
done
fcopy -Mv /etc/hostname || echo $HOSTNAME > $target/etc/hostname
-ainsl -av /etc/mailname ${HOSTNAME}
+ainsl -a /etc/mailname ${HOSTNAME}
if [ ! -e $target/etc/adjtime ]; then
- printf "0.0 0 0.0\n0\nUTC" > $target/etc/adjtime
+ printf "0.0 0 0.0\n0\nUTC\n" > $target/etc/adjtime
fi
if [ "$UTC" = "yes" ]; then
sed -i -e 's:^LOCAL$:UTC:' $target/etc/adjtime
ln -fs /proc/mounts $target/etc/mtab
-rm -f $target/etc/dpkg/dpkg.cfg.d/fai
+rm -f $target/etc/dpkg/dpkg.cfg.d/fai $target/etc/dpkg/dpkg.cfg.d/unsafe-io
-[ $FAI_ACTION = "install" -a -f /etc/fai/fai.conf ] && cp /etc/fai/fai.conf $target/etc/fai/fai.conf
-ainsl -av /etc/fai/fai.conf "FAI_CONFIG_SRC=$FAI_CONFIG_SRC"
+if [ $FAI_ACTION = "install" -o $FAI_ACTION = "dirinstall" ] ; then
+ [ -f /etc/fai/fai.conf ] && cp /etc/fai/fai.conf $target/etc/fai/fai.conf
+fi
+
+ainsl -a /etc/fai/fai.conf "FAI_CONFIG_SRC=$FAI_CONFIG_SRC"
fcopy -Miv /etc/fai/fai.conf
+fcopy -iv /etc/rc.local
exit $error
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
echo $TIMEZONE > $target/etc/timezone
-cp -f /usr/share/zoneinfo/${TIMEZONE} $target/etc/localtime
+if [ -L $target/etc/localtime ]; then
+ ln -sf /usr/share/zoneinfo/${TIMEZONE} $target/etc/localtime
+else
+ cp -f /usr/share/zoneinfo/${TIMEZONE} $target/etc/localtime
+fi
if [ -n "$IPADDR" ]; then
ifclass DHCPC || ainsl -s /etc/hosts "$IPADDR $HOSTNAME.$DOMAIN $HOSTNAME"
ifclass DHCPC && ainsl -s /etc/hosts "127.0.0.1 $HOSTNAME"
fi
+if [ -f $target/etc/hosts.orig ]; then
+ mv $target/etc/hosts.orig $target/etc/hosts
+fi
fcopy -iM /etc/hosts /etc/motd
# make /root accessible only by root
fcopy -Bvr /etc/fai
fcopy -Bv /etc/fai/apt/sources.list /etc/dhcp/dhcpd.conf
-fcopy -v /etc/rc.local
-if [ $FAI_ACTION = "install" ]; then
+if [ $FAI_ACTION = "install" -o $FAI_ACTION = "dirinstall" ] ; then
# use the same sources.list for the server itself and the clients
cp -a $target/etc/fai/apt $target/etc/
ainsl -v /etc/apt-cacher-ng/acng.conf "ReuseConnections: 0"
# copy base file for faster building of nfsroot
- cp -p /var/tmp/base.tar.xz $target/var/tmp
+ if [ -f /var/tmp/base.tar.xz ]; then
+ cp -p /var/tmp/base.tar.xz $target/var/tmp
+ fi
if [ -d /media/mirror/pool ]; then
mkdir $target/var/cache/apt-cacher-ng/_import
# copy basefiles from CD to config space
if [ -d $FAI/basefiles ]; then
mkdir -p $target/srv/fai/config/basefiles
- cp -vp $FAI/basefiles/*.tar.* $target/srv/fai/config/basefiles 2>/dev/null
+ cp -vp $FAI/basefiles/*.tar.* $target/srv/fai/config/basefiles 2>/dev/null || true
fi
fi
--- /dev/null
+#! /bin/bash
+
+error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
+
+# currently missing from bootstrap-vz:
+# init.d/generate-ssh-hostkeys (currently done in rc.local/CLOUD)
+
+ainsl -av /etc/sysctl.d/70-disable-ipv6.conf 'net.ipv6.conf.all.disable_ipv6 = 1'
+ainsl -av /etc/sysctl.d/70-disable-ipv6.conf 'net.ipv6.conf.lo.disable_ipv6 = 0'
+$ROOTCMD shadowconfig on
+sed -i -e 's/^#PasswordAuthentication yes/PasswordAuthentication no/' $target/etc/ssh/sshd_config
+sed -i -e 's/^PermitRootLogin .*/PermitRootLogin no/' $target/etc/ssh/sshd_config
+ainsl $target/etc/ssh/sshd_config 'ClientAliveInterval 420'
+
+rm -f $target/var/lib/apt/lists/*
+rm -f $target/etc/resolv.conf
--- /dev/null
+#! /bin/bash
+# support for GRUB version 2
+
+error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
+
+# This script assumes that the disk has a GPT partition table and
+# that the extended system partition (ESP) is mounted on /boot/efi.
+# When building a disk image, we don't change the NVRAM to point at
+# the boot image we made available, because the disk image is likely
+# not installed on the current system. As a result, we force
+# installation into the removable media paths as well as the standard
+# debian path.
+
+set -a
+
+# do not set up grub during dirinstall
+if [ "$FAI_ACTION" = "dirinstall" ] ; then
+ exit 0
+fi
+# during softupdate use this file
+[ -r $LOGDIR/disk_var.sh ] && . $LOGDIR/disk_var.sh
+
+if [ -z "$BOOT_DEVICE" ]; then
+ exit 189
+fi
+
+# disable os-prober because of #788062
+ainsl /etc/default/grub 'GRUB_DISABLE_OS_PROBER=true'
+
+# skip the rest, if not an initial installation
+if [ $FAI_ACTION != "install" ]; then
+ $ROOTCMD update-grub
+ exit $error
+fi
+
+$ROOTCMD grub-mkdevicemap --no-floppy
+GROOT=$($ROOTCMD grub-probe -tdrive -d $BOOT_DEVICE)
+
+
+# Check if RAID is used for the boot device
+if [[ $BOOT_DEVICE =~ '/dev/md' ]]; then
+ raiddev=${BOOT_DEVICE#/dev/}
+ # install grub on all members of RAID
+ for device in `LC_ALL=C perl -ne 'if(/^'$raiddev'\s.+raid\d+\s(.+)/){ $_=$1; s/\d+\[\d+\]//g; print }' /proc/mdstat`; do
+ echo Install grub on /dev/$device
+ $ROOTCMD grub-install --no-floppy --force-extra-removable "/dev/$device"
+ done
+
+elif [[ $GROOT =~ 'hostdisk' ]]; then
+ cat > $target/boot/grub/device.map <<EOF
+(hd0) $BOOT_DEVICE
+EOF
+ $ROOTCMD grub-install --no-floppy --force-extra-removable --modules=part_gpt --no-nvram $BOOT_DEVICE
+ if [ $? -eq 0 ]; then
+ echo "Grub installed on hostdisk $BOOT_DEVICE"
+ fi
+ rm $target/boot/grub/device.map
+
+else
+ $ROOTCMD grub-install --no-floppy --modules=part_gpt "$GROOT"
+ if [ $? -eq 0 ]; then
+ echo "Grub installed on $BOOT_DEVICE = $GROOT"
+ fi
+fi
+$ROOTCMD update-grub
+
+exit $error
--- /dev/null
+#! /bin/bash
+
+if ifclass GCE; then
+ ainsl /etc/default/grub 'GRUB_TERMINAL="serial"'
+ ainsl /etc/default/grub 'GRUB_SERIAL_COMMAND="serial --speed 38400 --unit=0 --word=0 --parity=no --stop=1"'
+fi
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
set -a
+
+# do not set up grub during dirinstall
+if [ "$FAI_ACTION" = "dirinstall" ] ; then
+ exit 0
+fi
# during softupdate use this file
[ -r $LOGDIR/disk_var.sh ] && . $LOGDIR/disk_var.sh
$ROOTCMD grub-mkdevicemap --no-floppy
GROOT=$($ROOTCMD grub-probe -tdrive -d $BOOT_DEVICE)
+
# Check if RAID is used for the boot device
if [[ $BOOT_DEVICE =~ '/dev/md' ]]; then
raiddev=${BOOT_DEVICE#/dev/}
echo Install grub on /dev/$device
$ROOTCMD grub-install --no-floppy "/dev/$device"
done
+
+elif [[ $GROOT =~ 'hostdisk' ]]; then
+ cat > $target/boot/grub/device.map <<EOF
+(hd0) $BOOT_DEVICE
+EOF
+ $ROOTCMD grub-install --no-floppy --modules=part_msdos $BOOT_DEVICE
+ if [ $? -eq 0 ]; then
+ echo "Grub installed on hostdisk $BOOT_DEVICE"
+ fi
+ rm $target/boot/grub/device.map
+
else
$ROOTCMD grub-install --no-floppy "$GROOT"
if [ $? -eq 0 ]; then
#! /bin/bash
-# copyright Thomas Lange 2001-2015, lange@debian.org
+# copyright Thomas Lange 2001-2016, lange@debian.org
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code
-if [ "$FAI_ACTION" = "dirinstall" ] ; then
+if [ "$FAI_ACTION" = "dirinstall" -o $do_init_tasks -eq 0 ] ; then
:
else
# check if mdadm has been forgotten
# copy sources.list
fcopy -iM /etc/apt/sources.list
+
+setrel() {
+
+ # if release is not set, try to determine it
+
+ if [ -n "$release" ]; then
+ return
+ fi
+ if [ ! -f $target/etc/os-release ]; then
+ return
+ fi
+
+ dists="jessie stretch xenial trusty"
+ for d in $dists; do
+ if grep -iq $d $target/etc/os-release; then
+ release=$d
+ break
+ fi
+ done
+ echo "\$release set to $release"
+}
+
+# if installation was done from CD, replace useless sources.list
+setrel
+if [ -f $target/etc/apt/sources.list -a -n "$release" ]; then
+ grep -q 'file generated by fai-cd' $target/etc/apt/sources.list && cat <<EOF > $target/etc/apt/sources.list
+deb http://httpredir.debian.org/debian $release main contrib non-free
+deb http://httpredir.debian.org/debian-security $release/updates main contrib non-free
+deb [trusted=yes] http://fai-project.org/download $release koeln
+EOF
+fi
+
exit $error
#! /bin/bash
+if ifclass GERMAN; then
+ $ROOTCMD locale-gen LANG=de_DE.UTF-8
+ $ROOTCMD update-locale LANG=de_DE.UTF-8
+else
+ ainsl -v /etc/locale.gen '^en_US.UTF-8 UTF-8'
+ $ROOTCMD locale-gen
+ $ROOTCMD update-locale LANG=en_US.UTF-8
+fi
+
# check if we already use an external mirror
grep -q "external mirror" $target/etc/apt/sources.list && exit 0
iankelling.org / git / automated-distro-installer / commitdiff