From 1097cf8685cd81f0003bd6f17d050e5174a85b90 Mon Sep 17 00:00:00 2001
From: Michael Brown
Date: Tue, 17 May 2005 16:44:57 +0000
Subject: Initial revision

---
 contrib/mklrpnb/extractdach.pl | 191 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 191 insertions(+)
 create mode 100644 contrib/mklrpnb/extractdach.pl

(limited to 'contrib/mklrpnb/extractdach.pl')

diff --git a/contrib/mklrpnb/extractdach.pl b/contrib/mklrpnb/extractdach.pl
new file mode 100644
index 00000000..6c81da38
--- /dev/null
+++ b/contrib/mklrpnb/extractdach.pl
@@ -0,0 +1,191 @@
+#!/usr/bin/perl -w
+#
+# A program to make a netbootable image from a LRP firewall floppy
+#
+# Tested on a Dachstein Linux floppy image available from
+# http://lrp1.steinkuehler.net/ or via http://leaf.sourceforge.net/
+
+# The most recent version of this script and a companion HowTo is available at
+# http://members.optushome.com.au/graybeard/linux/netboot.html
+#
+# Modified from the mklrpnb file found in the contrib/mklrpnb directory of the
+# Etherboot source at http://etherboot.sourceforge.net/
+#
+# Modifications by Glenn McK <graybeard@users.sourceforge.net> 
+# $Id$
+##################################### 
+
+# this entry will need changing
+$image = "/home/graybeard/etherboot/dachstein-v1.0.2-1680.bin";
+
+# these can remain, but change them if desired
+#
+# the next argument defaults to firewall if no other name is passed via the
+# command line, this will be the directory where distribution will be expanded
+# under $base and also the directory in /tftpboot for lrp.nb
+
+my $uniqdir = shift || 'firewall';
+
+$mntdir   = "/mnt/floppy";          # where the above image file can be mounted
+$tftpbase = "/tftpboot";
+$tftpboot = "$tftpbase/$uniqdir";   # where the netboot images will be available
+$base     = "/usr/src/LRP";
+$dachorg = "$base/dach-org-$uniqdir"; # a copy required to make the distribution
+$dachnew = "$base/lrp-$uniqdir";      # the base files for the new distribution
+$packages = "$dachnew/var/lib/lrpkg"; # list to allow lrcfg to display Packages
+
+# everything below should be okay
+######################################
+
+if ( !-e $image ) {
+    print
+"\n\tA valid LRP file and directory are required\n\tdownload one then edit $0\n\n";
+    exit 1;
+}
+if ( !-d $base ) {
+    mkdir( $base, 0700 );
+}
+
+if ( !-d $dachorg ) {
+    mkdir( $dachorg, 0700 );
+}
+
+if ( !-d $dachnew ) {
+    mkdir( $dachnew, 0700 );
+    `umount $mntdir`;
+    `mount -o ro,loop $image $mntdir`;
+
+    `cp -vr $mntdir/* $dachorg/`;
+
+    @cfg = `cat $mntdir/syslinux.cfg`;
+
+    unless ( defined(@cfg) ) {
+        print "Cannot find syslinux.cfg on $mntdir\n";
+        exit 1;
+    }
+    print "cfg = @cfg\n";
+    ($append) = grep( /append/, @cfg );    # find the append= line
+    print "append = \n$append\n";
+    chomp($append);                        # remove trailing newline
+    $append =~ s/append=//;                # remove the append= at beginning
+    print "strip append = \n$append\n\n";
+    @args = split ( / /, $append );        # split into arguments at whitespace
+    ($root) = grep( /^initrd=/, @args );   # find the initrd= argument
+    $root =~ s/^initrd=//;                 # remove the initrd= at beginning
+    $root =~ s/\.lrp$//;                   # cleanup for paclages list
+    print "strip initrd = \n$root\n\n";
+    ($lrp) = grep( /^LRP=/, @args );       # find the LRP= argument
+    $lrp =~ s/^LRP=//;                     # remove the LRP= at beginning
+    print "strip LRP =\n$lrp\n\n";
+    @lrp = split ( /,/, $lrp );            # split into filenames at ,
+    unshift ( @lrp, $root );               # prepend the root LRP filename
+    @pack = @lrp;
+    print "LRP =\n@lrp\n\n";
+    $append = '';
+
+    foreach $i (@args) {                   # rebuild the append string
+        next if ( $i =~ /^initrd=/ );      # minus the unneeded parameters
+        next if ( $i =~ /^LRP=/ );
+        next if ( $i =~ /^boot=/ );
+        next if ( $i =~ /^PKGPATH=/ );
+        print "$i = i\n";
+        $append .= "$i ";
+    }
+
+    print "final append = \n$append\n";
+
+    chdir($dachnew) or die "$dachnew: $!\n";
+    foreach $i (@lrp) {
+        $i .= '.lrp' if $i !~ /\.lrp$/;
+        print "\n\n\nUnpacking $i\n";
+        system("ln -svf $dachorg/$i ${dachorg}/${i}.tar.gz");
+        chmod 0600, "$dachorg/$i";
+        system("cat $mntdir/$i | tar zxvf -");
+    }
+
+    # create file for lrcfg to display packages
+    open( PACKAGES, ">$packages/packages" )
+      || print "unable to modify $packages:$!\n";
+    foreach $line (@pack) {
+        print PACKAGES "$line\n";
+    }
+    close PACKAGES;
+
+    # prevent previous file from being overwritten during installation
+    # and also mess with some values in /linuxrc to hide non errors
+    open( LINUXRC, "$packages/root.linuxrc" );
+    @text = <LINUXRC>;
+    close LINUXRC;
+    open( LINUXRC, ">$packages/root.linuxrc" );
+    foreach $line (@text) {
+        $line =~ s/PFX\/packages/PFX\/packages-old \
+\t\t\t\t# packages changed to packages-old for netboot setup/;
+        $line =~
+s/^rc=1/# rc=1 changed to rc=0 to suppress error messages for netboot setup \
+rc=0/;
+        $line =~
+s/echo -n \" \(nf\!\)\"/#echo -n \" \(nf\!\)\" changed to reflect ToDo list \
+\t\t\techo -n \" netboot setup - No backups possible from this machine - ToFix ?"/;
+        print LINUXRC $line;
+    }
+    close LINUXRC;
+
+    # swap interfaces around in network config file
+    # eth1 is the new external eth0 is OUR internal server access
+    open( NETWORK, "$dachnew/etc/network.conf" )
+      || print "Unable to modify NETWORK:$!\n";
+    @text = <NETWORK>;
+    close NETWORK;
+    open( NETWORK, ">$dachnew/etc/network.conf" )
+      || print "Unable to modify NETWORK:$!\n";
+    foreach $line (@text) {
+        $line =~ s/eth0/eth00/;
+        $line =~ s/eth1/eth0/;
+        $line =~ s/eth00/eth1/;
+        print NETWORK $line;
+    }
+    close NETWORK;
+
+    `echo $append > $dachorg/appendstr`;
+
+    `umount /mnt/floppy`;
+    print "\nThe files have been extracted to $dachnew\n";
+    system("ls -al $dachnew");
+}
+else {
+    print "\n\n\t$image \n \thas already been extracted to $dachnew \
+\tNow skipping to the next step where the netboot file\
+\twill be created.\n";
+
+    $append = `cat $dachorg/appendstr`;
+    print "\nThe new append string will be...\n$append\n";
+
+    chdir($dachnew);
+    if ( !-d $tftpbase ) {
+        mkdir( $tftpbase, 0710 );
+        system("chgrp nobody $tftpbase");
+    }
+
+    unlink($tftpboot);
+
+    # these permissions really need changing to something secure
+    mkdir( $tftpboot, 0710 );
+    system("chgrp nobody $tftpboot");
+    print "\tRepacking to $tftpboot/lrp.lrp\n";
+    system("tar zcf $tftpboot/lrp.lrp *");
+    print "\tExtracting kernel image from $dachorg\n";
+    system("cat $dachorg/linux > $tftpboot/lrp.ker");
+    print "\tCreating netboot image $tftpboot/lrp.nb\n";
+    system(
+"mknbi-linux --append='$append' --output=$tftpboot/lrp.nb $tftpboot/lrp.ker $tftpboot/lrp.lrp"
+    );
+    chmod 0604, "$tftpboot/lrp.nb", "$tftpboot/lrp.ker", "$tftpboot/lrp.lrp";
+    print "\nThese netboot files are in $tftpboot\n";
+    system("ls -al $tftpboot");
+    print "\n   The owner and permissions for $tftpboot \
+ and files should be checked for security. The above\
+permissions assume that tftp is running chroot (nobody)
+      drwx--r---   root:nobody   /tftpboot\n\n";
+}
+
+exit 0;
-- 
cgit v1.2.3-55-g7522