contrib/mklrpnb/extractdach.pl


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191

#!/usr/bin/perl -w
#
# A program to make a netbootable image from a LRP firewall floppy
#
# Tested on a Dachstein Linux floppy image available from
# http://lrp1.steinkuehler.net/ or via http://leaf.sourceforge.net/

# The most recent version of this script and a companion HowTo is available at
# http://members.optushome.com.au/graybeard/linux/netboot.html
#
# Modified from the mklrpnb file found in the contrib/mklrpnb directory of the
# Etherboot source at http://etherboot.sourceforge.net/
#
# Modifications by Glenn McK <graybeard@users.sourceforge.net> 
# $Id$
##################################### 

# this entry will need changing
$image = "/home/graybeard/etherboot/dachstein-v1.0.2-1680.bin";

# these can remain, but change them if desired
#
# the next argument defaults to firewall if no other name is passed via the
# command line, this will be the directory where distribution will be expanded
# under $base and also the directory in /tftpboot for lrp.nb

my $uniqdir = shift || 'firewall';

$mntdir   = "/mnt/floppy";          # where the above image file can be mounted
$tftpbase = "/tftpboot";
$tftpboot = "$tftpbase/$uniqdir";   # where the netboot images will be available
$base     = "/usr/src/LRP";
$dachorg = "$base/dach-org-$uniqdir"; # a copy required to make the distribution
$dachnew = "$base/lrp-$uniqdir";      # the base files for the new distribution
$packages = "$dachnew/var/lib/lrpkg"; # list to allow lrcfg to display Packages

# everything below should be okay
######################################

if ( !-e $image ) {
    print
"\n\tA valid LRP file and directory are required\n\tdownload one then edit $0\n\n";
    exit 1;
}
if ( !-d $base ) {
    mkdir( $base, 0700 );
}

if ( !-d $dachorg ) {
    mkdir( $dachorg, 0700 );
}

if ( !-d $dachnew ) {
    mkdir( $dachnew, 0700 );
    `umount $mntdir`;
    `mount -o ro,loop $image $mntdir`;

    `cp -vr $mntdir/* $dachorg/`;

    @cfg = `cat $mntdir/syslinux.cfg`;

    unless ( defined(@cfg) ) {
        print "Cannot find syslinux.cfg on $mntdir\n";
        exit 1;
    }
    print "cfg = @cfg\n";
    ($append) = grep( /append/, @cfg );    # find the append= line
    print "append = \n$append\n";
    chomp($append);                        # remove trailing newline
    $append =~ s/append=//;                # remove the append= at beginning
    print "strip append = \n$append\n\n";
    @args = split ( / /, $append );        # split into arguments at whitespace
    ($root) = grep( /^initrd=/, @args );   # find the initrd= argument
    $root =~ s/^initrd=//;                 # remove the initrd= at beginning
    $root =~ s/\.lrp$//;                   # cleanup for paclages list
    print "strip initrd = \n$root\n\n";
    ($lrp) = grep( /^LRP=/, @args );       # find the LRP= argument
    $lrp =~ s/^LRP=//;                     # remove the LRP= at beginning
    print "strip LRP =\n$lrp\n\n";
    @lrp = split ( /,/, $lrp );            # split into filenames at ,
    unshift ( @lrp, $root );               # prepend the root LRP filename
    @pack = @lrp;
    print "LRP =\n@lrp\n\n";
    $append = '';

    foreach $i (@args) {                   # rebuild the append string
        next if ( $i =~ /^initrd=/ );      # minus the unneeded parameters
        next if ( $i =~ /^LRP=/ );
        next if ( $i =~ /^boot=/ );
        next if ( $i =~ /^PKGPATH=/ );
        print "$i = i\n";
        $append .= "$i ";
    }

    print "final append = \n$append\n";

    chdir($dachnew) or die "$dachnew: $!\n";
    foreach $i (@lrp) {
        $i .= '.lrp' if $i !~ /\.lrp$/;
        print "\n\n\nUnpacking $i\n";
        system("ln -svf $dachorg/$i ${dachorg}/${i}.tar.gz");
        chmod 0600, "$dachorg/$i";
        system("cat $mntdir/$i | tar zxvf -");
    }

    # create file for lrcfg to display packages
    open( PACKAGES, ">$packages/packages" )
      || print "unable to modify $packages:$!\n";
    foreach $line (@pack) {
        print PACKAGES "$line\n";
    }
    close PACKAGES;

    # prevent previous file from being overwritten during installation
    # and also mess with some values in /linuxrc to hide non errors
    open( LINUXRC, "$packages/root.linuxrc" );
    @text = <LINUXRC>;
    close LINUXRC;
    open( LINUXRC, ">$packages/root.linuxrc" );
    foreach $line (@text) {
        $line =~ s/PFX\/packages/PFX\/packages-old \
\t\t\t\t# packages changed to packages-old for netboot setup/;
        $line =~
s/^rc=1/# rc=1 changed to rc=0 to suppress error messages for netboot setup \
rc=0/;
        $line =~
s/echo -n \" \(nf\!\)\"/#echo -n \" \(nf\!\)\" changed to reflect ToDo list \
\t\t\techo -n \" netboot setup - No backups possible from this machine - ToFix ?"/;
        print LINUXRC $line;
    }
    close LINUXRC;

    # swap interfaces around in network config file
    # eth1 is the new external eth0 is OUR internal server access
    open( NETWORK, "$dachnew/etc/network.conf" )
      || print "Unable to modify NETWORK:$!\n";
    @text = <NETWORK>;
    close NETWORK;
    open( NETWORK, ">$dachnew/etc/network.conf" )
      || print "Unable to modify NETWORK:$!\n";
    foreach $line (@text) {
        $line =~ s/eth0/eth00/;
        $line =~ s/eth1/eth0/;
        $line =~ s/eth00/eth1/;
        print NETWORK $line;
    }
    close NETWORK;

    `echo $append > $dachorg/appendstr`;

    `umount /mnt/floppy`;
    print "\nThe files have been extracted to $dachnew\n";
    system("ls -al $dachnew");
}
else {
    print "\n\n\t$image \n \thas already been extracted to $dachnew \
\tNow skipping to the next step where the netboot file\
\twill be created.\n";

    $append = `cat $dachorg/appendstr`;
    print "\nThe new append string will be...\n$append\n";

    chdir($dachnew);
    if ( !-d $tftpbase ) {
        mkdir( $tftpbase, 0710 );
        system("chgrp nobody $tftpbase");
    }

    unlink($tftpboot);

    # these permissions really need changing to something secure
    mkdir( $tftpboot, 0710 );
    system("chgrp nobody $tftpboot");
    print "\tRepacking to $tftpboot/lrp.lrp\n";
    system("tar zcf $tftpboot/lrp.lrp *");
    print "\tExtracting kernel image from $dachorg\n";
    system("cat $dachorg/linux > $tftpboot/lrp.ker");
    print "\tCreating netboot image $tftpboot/lrp.nb\n";
    system(
"mknbi-linux --append='$append' --output=$tftpboot/lrp.nb $tftpboot/lrp.ker $tftpboot/lrp.lrp"
    );
    chmod 0604, "$tftpboot/lrp.nb", "$tftpboot/lrp.ker", "$tftpboot/lrp.lrp";
    print "\nThese netboot files are in $tftpboot\n";
    system("ls -al $tftpboot");
    print "\n   The owner and permissions for $tftpboot \
 and files should be checked for security. The above\
permissions assume that tftp is running chroot (nobody)
      drwx--r---   root:nobody   /tftpboot\n\n";
}

exit 0;