diff options
47 files changed, 302 insertions, 236 deletions
diff --git a/remote/modules/german/data/etc/systemd/system/load-german-keymap.service b/remote/modules/german/data/etc/systemd/system/load-german-keymap.service index 28046dcd..e31406fb 100644 --- a/remote/modules/german/data/etc/systemd/system/load-german-keymap.service +++ b/remote/modules/german/data/etc/systemd/system/load-german-keymap.service @@ -7,4 +7,4 @@ Before=shutdown.target [Service] Type=oneshot RemainAfterExit=yes -ExecStart=/opt/openslx/bin/load_german_keymaps +ExecStart=/opt/openslx/scripts/load_german_keymaps diff --git a/remote/modules/german/data/opt/openslx/bin/load_german_keymaps b/remote/modules/german/data/opt/openslx/scripts/load_german_keymaps index c7dbbb33..c7dbbb33 100755 --- a/remote/modules/german/data/opt/openslx/bin/load_german_keymaps +++ b/remote/modules/german/data/opt/openslx/scripts/load_german_keymaps diff --git a/remote/modules/pam/data/etc/gssapi_mech.conf b/remote/modules/pam/data/etc/gssapi_mech.conf deleted file mode 100644 index ac41f5fd..00000000 --- a/remote/modules/pam/data/etc/gssapi_mech.conf +++ /dev/null @@ -1,21 +0,0 @@ -# Example /etc/gssapi_mech.conf file -# -# GSSAPI Mechanism Definitions -# -# This configuration file determines which GSS-API mechanisms -# the gssd code should use -# -# NOTE: -# The initiaiization function "mechglue_internal_krb5_init" -# is used for the MIT krb5 gssapi mechanism. This special -# function name indicates that an internal function should -# be used to determine the entry points for the MIT gssapi -# mechanism funtions. -# -# library initialization function -# ================================ ========================== -# The MIT K5 gssapi library, use special function for initialization. -libgssapi_krb5.so.2 mechglue_internal_krb5_init -# -# The SPKM3 gssapi library function. Use the function spkm3_gss_initialize. -# /usr/local/gss_mechs/spkm/spkm3/libgssapi_spkm3.so spkm3_gss_initialize diff --git a/remote/modules/pam/data/etc/idmapd.conf b/remote/modules/pam/data/etc/idmapd.conf deleted file mode 100644 index 2253cf0d..00000000 --- a/remote/modules/pam/data/etc/idmapd.conf +++ /dev/null @@ -1,12 +0,0 @@ -[General] - -Verbosity = 0 -Pipefs-Directory = /run/rpc_pipefs -# set your own domain here, if id differs from FQDN minus hostname -Domain = uni-freiburg.de -# localdomain - -[Mapping] - -Nobody-User = nobody -Nobody-Group = nogroup diff --git a/remote/modules/pam/data/etc/krb5.conf b/remote/modules/pam/data/etc/krb5.conf deleted file mode 100644 index 6fd49243..00000000 --- a/remote/modules/pam/data/etc/krb5.conf +++ /dev/null @@ -1,28 +0,0 @@ -# file copied from configuration package (rootfs/etc/krb5.conf) -######################################################################### -[libdefaults] - noaddresses = false - clockskew = 300 - default_realm = PUBLIC.ADS.UNI-FREIBURG.DE - forwardable = true - minimum_uid = 1000 - proxiable = false - renew_lifetime = 30d - retain_after_close = false - ticket_lifetime = 3d - use_shmem = sshd - allow_weak_crypto=true -######################################################################### -[realms] - PUBLIC.ADS.UNI-FREIBURG.DE = { - kdc = kerberos.uni-freiburg.de - default_domain = uni-freiburg.de - admin_server = kerberos.uni-freiburg.de - } -######################################################################### -[domain_realm] - uni-freiburg.de = PUBLIC.ADS.UNI-FREIBURG.DE - .uni-freiburg.de = PUBLIC.ADS.UNI-FREIBURG.DE -########################################################################## -[appdefaults] -######################################################################### diff --git a/remote/modules/pam/data/etc/ldap.conf b/remote/modules/pam/data/etc/ldap.conf deleted file mode 100644 index 483595d2..00000000 --- a/remote/modules/pam/data/etc/ldap.conf +++ /dev/null @@ -1,11 +0,0 @@ -URI ldaps://bv1.ruf.uni-freiburg.de ldaps://bv2.ruf.uni-freiburg.de ldaps://bv3.ruf.uni-freiburg.de -BASE ou=people,dc=uni-freiburg,dc=de -BIND_TIMELIMIT 5 -TIMELIMIT 10 -LOGDIR /tmp/ldap -TLS_REQCERT allow -nss_base_passwd ou=people,dc=uni-freiburg,dc=de?one?rufdienst=ldap*)(&(rufclienthome=*)(rufstatus=enabled) -nss_base_group ou=group,dc=uni-freiburg,dc=de?one -nss_map_attribute homeDirectory rufClientHome - -nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,colord,daemon,distccd,games,git,gnats,hplip,irc,kdm,kernoops,libuuid,lightdm,list,lp,mail,man,messagebus,news,ntp,proxy,pulse,root,rtkit,saned,speech-dispatcher,sshd,statd,sync,sys,syslog,usbmux,uucp,whoopsie,www-data diff --git a/remote/modules/pam/data/etc/ldap/ldap.conf b/remote/modules/pam/data/etc/ldap/ldap.conf deleted file mode 100644 index 809065cc..00000000 --- a/remote/modules/pam/data/etc/ldap/ldap.conf +++ /dev/null @@ -1,7 +0,0 @@ -URI ldaps://bv1.ruf.uni-freiburg.de ldaps://bv2.ruf.uni-freiburg.de ldaps://bv3.ruf.uni-freiburg.de -BASE ou=people,dc=uni-freiburg,dc=de -TLS_REQCERT allow -nss_base_passwd ou=people,dc=uni-freiburg,dc=de?one?rufdienst=ldap*)(&(rufclienthome=*)(rufstatus=enabled) -nss_base_group ou=group,dc=uni-freiburg,dc=de?one -nss_map_attribute homeDirectory rufClientHome - diff --git a/remote/modules/pam/data/etc/nsswitch.conf b/remote/modules/pam/data/etc/nsswitch.conf deleted file mode 100644 index d270cbac..00000000 --- a/remote/modules/pam/data/etc/nsswitch.conf +++ /dev/null @@ -1,19 +0,0 @@ -# /etc/nsswitch.conf -# -# Example configuration of GNU Name Service Switch functionality. -# If you have the `glibc-doc-reference' and `info' packages installed, try: -# `info libc "Name Service Switch"' for information about this file. - -passwd: files -group: files -shadow: files - -hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 -networks: files - -protocols: db files -services: db files -ethers: db files -rpc: db files - -netgroup: nis diff --git a/remote/modules/pam/data/etc/openldap/ldap.conf b/remote/modules/pam/data/etc/openldap/ldap.conf deleted file mode 120000 index c0aaf459..00000000 --- a/remote/modules/pam/data/etc/openldap/ldap.conf +++ /dev/null @@ -1 +0,0 @@ -/etc/ldap.conf
\ No newline at end of file diff --git a/remote/modules/pam/data/etc/pam-script/pam_script_ses_close b/remote/modules/pam/data/etc/pam-script/pam_script_ses_close deleted file mode 100755 index 2b6f6105..00000000 --- a/remote/modules/pam/data/etc/pam-script/pam_script_ses_close +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin" - -[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Closing session for $PAM_USER" - -# TODO check if its the last session of the user. - -[ $(id -g $PAM_USER) -ge 1000 ] && umount /home/$PAM_USER diff --git a/remote/modules/pam/data/etc/pam-script/pam_script_ses_open b/remote/modules/pam/data/etc/pam-script/pam_script_ses_open deleted file mode 100755 index f5ad8af1..00000000 --- a/remote/modules/pam/data/etc/pam-script/pam_script_ses_open +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash - -export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin" - -[ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Opening session for $PAM_USER" - -if [ $(id -g $PAM_USER) -ge 1000 ]; then - [ ! -z "$SLX_DEBUG" ] && echo "[$PAM_TYPE] Mounting home directory for $PAM_USER" - - # generate keytab - sslconnect npserv.ruf.uni-freiburg.de:3 > /etc/krb5.keytab - chmod 600 /etc/krb5.keytab - - # determine fileserver and share for home directories - ldapsearch -x -LLL uid="$PAM_USER" homeDirectory rufFileserver > /tmp/ldapsearch."$PAM_USER" - - FILESERVER=$(cat /tmp/ldapsearch.$PAM_USER | grep rufFileserver | cut -d" " -f2) - VOLUME=$(cat /tmp/ldapsearch.$PAM_USER | grep homeDirectory | cut -d" " -f2) - - # now we can mount the home directory - mkdir -p /home/$PAM_USER - if mount -t nfs4 -o rw,nosuid,nodev,nolock,intr,hard,sloppy,sec=krb5p "$FILESERVER":"$VOLUME" /home/"$PAM_USER"; then - exit 0 - else - echo "Failed to mount home directory for $PAM_USER" - exit 1 - fi - -fi - diff --git a/remote/modules/pam/data/etc/pam.d/common-account b/remote/modules/pam/data/etc/pam.d/common-account index 3a5d5a14..4c464871 100644 --- a/remote/modules/pam/data/etc/pam.d/common-account +++ b/remote/modules/pam/data/etc/pam.d/common-account @@ -14,13 +14,12 @@ # # here are the per-package modules (the "Primary" block) -account [success=2 new_authtok_reqd=done default=ignore] pam_unix.so -account [success=1 new_authtok_reqd=done default=ignore] pam_ldap.so use_first_pass +account [success=1 new_authtok_reqd=done default=ignore] pam_unix.so # here's the fallback if no module succeeds -account requisite pam_deny.so +account requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around -account required pam_permit.so +account required pam_permit.so # and here are more per-package modules (the "Additional" block) # end of pam-auth-update config diff --git a/remote/modules/pam/data/etc/pam.d/common-auth b/remote/modules/pam/data/etc/pam.d/common-auth index 5b544395..752b810d 100644 --- a/remote/modules/pam/data/etc/pam.d/common-auth +++ b/remote/modules/pam/data/etc/pam.d/common-auth @@ -14,9 +14,7 @@ # pam-auth-update(8) for details. # here are the per-package modules (the "Primary" block) -auth [success=3 default=ignore] pam_krb5.so minimum_uid=1000 -auth [success=2 default=ignore] pam_unix.so try_first_pass -auth [success=1 default=ignore] pam_ldap.so use_first_pass nullok_secure +auth [success=1 default=ignore] pam_unix.so # here's the fallback if no module succeeds auth requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; diff --git a/remote/modules/pam/data/etc/pam.d/common-session b/remote/modules/pam/data/etc/pam.d/common-session index 6182d470..1a3ca2d1 100644 --- a/remote/modules/pam/data/etc/pam.d/common-session +++ b/remote/modules/pam/data/etc/pam.d/common-session @@ -29,9 +29,5 @@ session optional pam_umask.so session required pam_systemd.so session optional pam_env.so readenv=1 session optional pam_env.so readenv=1 envfile=/etc/default/locale -session optional pam_krb5.so minimum_uid=1000 -session [success=1] pam_unix.so -session [success=ok] pam_ldap.so -session sufficient pam_script.so session optional pam_mkhomedir.so skel=/etc/skel umask=0022 # end of pam-auth-update config diff --git a/remote/modules/pam/data/etc/pam.d/common-session-noninteractive b/remote/modules/pam/data/etc/pam.d/common-session-noninteractive index 1fee2c4f..d9bf071c 100644 --- a/remote/modules/pam/data/etc/pam.d/common-session-noninteractive +++ b/remote/modules/pam/data/etc/pam.d/common-session-noninteractive @@ -26,5 +26,5 @@ session required pam_permit.so # See "man pam_umask". session optional pam_umask.so # and here are more per-package modules (the "Additional" block) -session required pam_unix.so +session required pam_unix.so # end of pam-auth-update config diff --git a/remote/modules/pam/data/etc/skel/README b/remote/modules/pam/data/etc/skel/README deleted file mode 100644 index 92ed817c..00000000 --- a/remote/modules/pam/data/etc/skel/README +++ /dev/null @@ -1,7 +0,0 @@ -IMPORTANT - -If you see this file, then your home directory was created upon logging in. -This means that the files saved here will be LOST once you shutdown the machine. -To save your work, save it elsewhere (USB-Stick, Online, ...). - -You have been warned. diff --git a/remote/modules/pam/data/etc/systemd/system/activate-nss-ldap.service b/remote/modules/pam/data/etc/systemd/system/activate-nss-ldap.service deleted file mode 100644 index bbac775a..00000000 --- a/remote/modules/pam/data/etc/systemd/system/activate-nss-ldap.service +++ /dev/null @@ -1,10 +0,0 @@ -[Unit] -Description=Activate NSS-LDAP lookups -Before=graphical.target - -[Service] -Type=oneshot -ExecStart=-/opt/openslx/bin/mkdir /tmp/ldap -ExecStart=/opt/openslx/bin/sed -i -e 's/^passwd:.*$/passwd:\t\tcache files ldap/;s/^group:.*$/group:\t\tcache files ldap/;s/^hosts:.*files/hosts:\t\tcache files/' /etc/nsswitch.conf -ExecStart=/usr/bin/systemctl restart nscd - diff --git a/remote/modules/pam/data/etc/systemd/system/getty.target.wants/activate-nss-ldap.service b/remote/modules/pam/data/etc/systemd/system/getty.target.wants/activate-nss-ldap.service deleted file mode 120000 index 1102840c..00000000 --- a/remote/modules/pam/data/etc/systemd/system/getty.target.wants/activate-nss-ldap.service +++ /dev/null @@ -1 +0,0 @@ -../activate-nss-ldap.service
\ No newline at end of file diff --git a/remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-gssd.service b/remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-gssd.service deleted file mode 120000 index 194aba77..00000000 --- a/remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-gssd.service +++ /dev/null @@ -1 +0,0 @@ -../rpc-gssd.service
\ No newline at end of file diff --git a/remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-idmapd.service b/remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-idmapd.service deleted file mode 120000 index 66a28252..00000000 --- a/remote/modules/pam/data/etc/systemd/system/getty.target.wants/rpc-idmapd.service +++ /dev/null @@ -1 +0,0 @@ -../rpc-idmapd.service
\ No newline at end of file diff --git a/remote/modules/pam/data/etc/systemd/system/rpc-gssd.service b/remote/modules/pam/data/etc/systemd/system/rpc-gssd.service deleted file mode 100644 index 79ffce8d..00000000 --- a/remote/modules/pam/data/etc/systemd/system/rpc-gssd.service +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Description=NFS rpcsec_gss daemon -Requires=run-rpc_pipefs.mount -After=run-rpc_pipefs.mount - -[Service] -ExecStart=/usr/sbin/rpc.gssd -f -vvv -p /run/rpc_pipefs diff --git a/remote/modules/pam/data/etc/systemd/system/rpc-idmapd.service b/remote/modules/pam/data/etc/systemd/system/rpc-idmapd.service deleted file mode 100644 index c4da93e7..00000000 --- a/remote/modules/pam/data/etc/systemd/system/rpc-idmapd.service +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Description=NFSv4 ID-name mapping daemon -Requires=network.target run-rpc_pipefs.mount -After=network.target - -[Service] -ExecStart=/usr/sbin/rpc.idmapd -f diff --git a/remote/modules/pam/data/etc/systemd/system/run-rpc_pipefs.mount b/remote/modules/pam/data/etc/systemd/system/run-rpc_pipefs.mount deleted file mode 100644 index 692adce8..00000000 --- a/remote/modules/pam/data/etc/systemd/system/run-rpc_pipefs.mount +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Description=Pipefs RPC filesystem - -[Mount] -What=rpc_pipefs -Where=/run/rpc_pipefs -Type=rpc_pipefs diff --git a/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_close b/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_close deleted file mode 120000 index a12002a7..00000000 --- a/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_close +++ /dev/null @@ -1 +0,0 @@ -/etc/pam-script/pam_script_ses_close
\ No newline at end of file diff --git a/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_open b/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_open deleted file mode 120000 index 783d5605..00000000 --- a/remote/modules/pam/data/usr/share/libpam-script/pam_script_ses_open +++ /dev/null @@ -1 +0,0 @@ -/etc/pam-script/pam_script_ses_open
\ No newline at end of file diff --git a/remote/modules/redsocks/data/etc/systemd/system/setup_proxy.service b/remote/modules/redsocks/data/etc/systemd/system/setup_proxy.service index 91a17363..2a06058b 100644 --- a/remote/modules/redsocks/data/etc/systemd/system/setup_proxy.service +++ b/remote/modules/redsocks/data/etc/systemd/system/setup_proxy.service @@ -5,5 +5,5 @@ DefaultDependencies=no [Service] Type=oneshot -ExecStart=/opt/openslx/bin/setup_proxy +ExecStart=/opt/openslx/scripts/setup_proxy RemainAfterExit=yes diff --git a/remote/modules/redsocks/data/opt/openslx/bin/setup_proxy b/remote/modules/redsocks/data/opt/openslx/scripts/setup_proxy index 6c39c077..6c39c077 100755 --- a/remote/modules/redsocks/data/opt/openslx/bin/setup_proxy +++ b/remote/modules/redsocks/data/opt/openslx/scripts/setup_proxy diff --git a/remote/modules/systemd/data/etc/systemd/system/nfs-mount.service b/remote/modules/systemd/data/etc/systemd/system/nfs-mount.service index a2f9dc54..0d537e2a 100644 --- a/remote/modules/systemd/data/etc/systemd/system/nfs-mount.service +++ b/remote/modules/systemd/data/etc/systemd/system/nfs-mount.service @@ -4,4 +4,4 @@ Description=Mount NFS Share [TEST] [Service] Type=oneshot RemainAfterExit=yes -ExecStart=/opt/openslx/bin/mountexport +ExecStart=/opt/openslx/scripts/mountexport diff --git a/remote/modules/systemd/data/etc/systemd/system/udhcpc@.service b/remote/modules/systemd/data/etc/systemd/system/udhcpc@.service index b9bbcbdd..a7d6c324 100644 --- a/remote/modules/systemd/data/etc/systemd/system/udhcpc@.service +++ b/remote/modules/systemd/data/etc/systemd/system/udhcpc@.service @@ -4,7 +4,7 @@ Description=DHCP Client [Service] Type=forking PIDFile=/run/udhcpc/udhcpc.%I.pid -ExecStart=/opt/openslx/bin/dhcp++ %I +ExecStart=/opt/openslx/scripts/dhcp++ %I ExecStopPost=/bin/rm /run/udhcpc/udhcpc.%I.pid [Install] diff --git a/remote/modules/vmchooser/TODO b/remote/modules/vmchooser/TODO new file mode 100644 index 00000000..1babdd10 --- /dev/null +++ b/remote/modules/vmchooser/TODO @@ -0,0 +1 @@ +adapt globals.cpp globals.h to adopt the new structure of openslx-files: everything we do under /opt/openslx diff --git a/remote/modules/vmchooser/data/opt/openslx/bin/run-virt.sh b/remote/modules/vmchooser/data/opt/openslx/scripts/run-virt.sh index 473dfbc7..473dfbc7 100755 --- a/remote/modules/vmchooser/data/opt/openslx/bin/run-virt.sh +++ b/remote/modules/vmchooser/data/opt/openslx/scripts/run-virt.sh diff --git a/remote/modules/vmchooser/data/var/opt/openslx/bin/run-virt.sh b/remote/modules/vmchooser/data/var/opt/openslx/bin/run-virt.sh index ea04a6ad..5139cf8f 120000 --- a/remote/modules/vmchooser/data/var/opt/openslx/bin/run-virt.sh +++ b/remote/modules/vmchooser/data/var/opt/openslx/bin/run-virt.sh @@ -1 +1 @@ -/opt/openslx/bin/run-virt.sh
\ No newline at end of file +/opt/openslx/scripts/run-virt.sh
\ No newline at end of file diff --git a/remote/rootfs/rootfs-stage31/data/bin/activate-sysconfig b/remote/rootfs/rootfs-stage31/data/bin/activate-sysconfig new file mode 100755 index 00000000..bfda70e1 --- /dev/null +++ b/remote/rootfs/rootfs-stage31/data/bin/activate-sysconfig @@ -0,0 +1,67 @@ +#!/bin/bash + +# first a few variables +CONFIG="/mnt/opt/openslx/config" + +# parse kernel command line to determine the URL +URL="$(grep -o -E "slxconfig=\S+" /proc/cmdline | cut -c 11-)" +if [ -z "$URL" ]; then + echo "Error - 'slxconfig=' not found in command line, or empty" + exit 1 +fi + +######################################################################### +# +# Helper function to download given FILE_URL under TARGET_PATH +# +# Usage: +# download $FILE_URL $TARGET_PATH +# + +download() { + [ $# -ne 2 ] && echo "Error - 'download' requires 2 arguements, $# given." \ + && exit 1 + + local FILE_URL="$1" + local TARGET_PATH="$2" + + wget -T 5 -q -O "$TARGET_PATH" "$FILE_URL" + RET=$? + if [ "x$RET" != "x0" ]; then + echo "Error - downloading '$FILE_URL' via wget failed. Exit Code: $RET" + exit 1 + else + echo "Successfully downloaded '$FILE_URL'." + fi + + return 0 +} + +######################################################################### +# +# +# This first part downloads the config containing environment variables +# +# + +[ -e "$CONFIG" ] && grep '^#_RCONFIG_TAG$' "$CONFIG" > /dev/null \ + && echo "Config already fetched." && exit 0 + +download "$URL" "$CONFIG-remote" || exit 1 + +echo "# Config fetched from $URL" >> "$CONFIG" +echo "#_RCONFIG_TAG" >> "$CONFIG" +cat "${CONFIG}-remote" >> "$CONFIG" + +######################################################################### +# +# +# This part downloads the config.tgz and unpacks it to $1 +# +# + +[ -e "$CONFIG.tgz" ] && echo "config.tgz already downloaded." && exit 0 +download "$URL.tgz" "$CONFIG.tgz" || exit 1 + +tar xf "$CONFIG.tgz" -C /mnt || { echo "Could not untar $CONFIG.tgz to /mnt"; exit 1; } +exit 0 diff --git a/remote/rootfs/rootfs-stage31/data/init b/remote/rootfs/rootfs-stage31/data/init index 6a718c46..4dc63bfa 100755 --- a/remote/rootfs/rootfs-stage31/data/init +++ b/remote/rootfs/rootfs-stage31/data/init @@ -106,10 +106,10 @@ mount -n --move /dev/shm/uniontmp /mnt/uniontmp || drop_shell "Problem moving un [ $DEBUG -ge 2 ] && drop_shell "Requested Debug Shell: after aufs'ing." # Download config if available -/mnt/opt/openslx/bin/activate-sysconfig /mnt 2> /dev/null +/bin/activate-sysconfig 2> /dev/null if [ ! -e /mnt/opt/openslx/config ]; then sleep 1 - /mnt/opt/openslx/bin/activate-sysconfig /mnt + /bin/activate-sysconfig fi if [ -e /mnt/opt/openslx/config ]; then . /mnt/opt/openslx/config diff --git a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/download-config.service b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/download-config.service index fca8ee5b..ef8fb438 100644 --- a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/download-config.service +++ b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/download-config.service @@ -5,4 +5,4 @@ DefaultDependencies=no [Service] Type=oneshot RemainAfterExit=yes -ExecStart=/opt/openslx/bin/activate-sysconfig +ExecStart=/opt/openslx/scripts/activate-sysconfig diff --git a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/load-gfx-driver.service b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/load-gfx-driver.service index bdf3258c..93641cee 100644 --- a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/load-gfx-driver.service +++ b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/load-gfx-driver.service @@ -5,5 +5,5 @@ DefaultDependencies=no [Service] Type=oneshot -ExecStart=/opt/openslx/bin/load-gfx-driver +ExecStart=/opt/openslx/scripts/load-gfx-driver RemainAfterExit=yes diff --git a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/mount-tmp.service b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/mount-tmp.service index 2a5fd63c..070e3e1f 100644 --- a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/mount-tmp.service +++ b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/mount-tmp.service @@ -6,5 +6,5 @@ DefaultDependencies=no [Service] Type=oneshot -ExecStart=/opt/openslx/bin/analyse-disk +ExecStart=/opt/openslx/scripts/analyse-disk RemainAfterExit=yes diff --git a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/ntpdate.service b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/ntpdate.service index 4acfb046..69b1ba33 100644 --- a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/ntpdate.service +++ b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/ntpdate.service @@ -7,5 +7,4 @@ ConditionPathExists=/run/udhcpc/network-ready [Service] Type=oneshot RemainAfterExit=yes -ExecStart=/opt/openslx/bin/nettime - +ExecStart=/opt/openslx/scripts/nettime diff --git a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/sysinit.target.wants/download-config.service b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/sysinit.target.wants/download-config.service deleted file mode 120000 index a7d51e0b..00000000 --- a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/sysinit.target.wants/download-config.service +++ /dev/null @@ -1 +0,0 @@ -../download-config.service
\ No newline at end of file diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/activate-sysconfig b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/activate-sysconfig deleted file mode 100755 index dbe23b21..00000000 --- a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/activate-sysconfig +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash - -if [ $# -gt 0 ]; then - CONFIG="$1/opt/openslx/config" -else - CONFIG="/opt/openslx/config" -fi - -[ -e "$CONFIG" ] && grep '^#_RCONFIG_TAG$' "$CONFIG" > /dev/null && echo "Config already fetched." && exit 0 - -URL="$(grep -o -E "slxconfig=\S+" /proc/cmdline | cut -c 11-)" - -if [ -z "$URL" ]; then - echo "Error - 'slxconfig=' not found in command line, or empty" - exit 1 -fi - -wget -T 5 -q -O "${CONFIG}-remote" "$URL" -RET=$? -if [ "x$RET" != "x0" ]; then - echo "Error - downloading '$URL' via wget failed. Exit Code: $RET" - exit 1 -fi -echo "# Config fetched from $URL" >> "$CONFIG" -echo "#_RCONFIG_TAG" >> "$CONFIG" -cat "${CONFIG}-remote" >> "$CONFIG" -exit 0 - diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/analyse-disk index f162ec3a..f162ec3a 100755 --- a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk +++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/analyse-disk diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/dhcp++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/dhcp++ index 45984032..8a03ce98 100755 --- a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/dhcp++ +++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/dhcp++ @@ -7,5 +7,4 @@ UDHCPC_OPTS="" [ ! -z "$NET_IP" ] && UDHCPC_OPTS=" -r $NET_IP " echo "udhcp++: running on $NET_IF with additional params $UDHCPC_OPTS" >> "/tmp/udhcpclog" mkdir -p /run/udhcpc -/opt/openslx/sbin/udhcpc $UDHCPC_OPTS -O domain -O nissrv -O nisdomain -O wpad -t 8 -s /opt/openslx/bin/udhcpc.openslx.script -i "$NET_IF" -p "/run/udhcpc/udhcpc.$NET_IF.pid" - +/opt/openslx/sbin/udhcpc $UDHCPC_OPTS -O domain -O nissrv -O nisdomain -O wpad -t 8 -s /opt/openslx/scripts/udhcpc-openslx-script -i "$NET_IF" -p "/run/udhcpc/udhcpc.$NET_IF.pid" diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/load-gfx-driver b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/load-gfx-driver index 04fbea6e..04fbea6e 100755 --- a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/load-gfx-driver +++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/load-gfx-driver diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/mountexport b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/mountexport new file mode 100755 index 00000000..64d5f485 --- /dev/null +++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/mountexport @@ -0,0 +1,17 @@ +#!/bin/bash + +export PATH=$PATH:/opt/openslx/usr/sbin:/opt/openslx/usr/bin:/opt/openslx/sbin:/opt/openslx/bin + +if grep "Ubuntu 13.04" "/etc/issue" >/dev/null; then + EXPORT="132.230.8.113:/srv/ubuntu1304" +elif grep "SUSE" "/etc/issue" >/dev/null; then + EXPORT="132.230.8.113:/srv/suse" +else + echo "Could not determine System" + exit 1 +fi + +echo "Mounting ${EXPORT} to /opt/openslx/mnt" +mount -t nfs -o ro,async,nolock,vers=3 "$EXPORT" /opt/openslx/mnt || { echo "Fail." && exit 1; } +echo "Appending /opt/openslx/mnt to /" +mount -o remount,append:/opt/openslx/mnt=ro / || { echo "Fail." && exit 1; } diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/nettime b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/nettime new file mode 100755 index 00000000..3ca13931 --- /dev/null +++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/nettime @@ -0,0 +1,22 @@ +#!/bin/sh + +. /opt/openslx/config || { echo "Could not source config!"; exit 1; } +SLX_NTP_SERVER="$SLX_NTP_SERVER time.uni-freiburg.de 0.de.pool.ntp.org" +for SERVER in $SLX_NTP_SERVER; do + if ntpdate -u -b "$SERVER"; then + echo "Successfully queried $SERVER for time." + if [ "x$SLX_BIOS_CLOCK" = "xlocal" ]; then + sleep 1 + hwclock -l -w || echo "... but could not set BIOS clock to localtime" + elif [ "x$SLX_BIOS_CLOCK" = "xutc" ]; then + sleep 1 + hwclock -u -w || echo "... but could not set BIOS clock to UTC" + fi + exit 0 + fi + echo "Error querying $SERVER for current time" +done + +echo "No more servers to try. No NTP server was reachable." >&2 +exit 1 + diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/udhcpc-openslx-script b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/udhcpc-openslx-script new file mode 100755 index 00000000..1bbf6e80 --- /dev/null +++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/scripts/udhcpc-openslx-script @@ -0,0 +1,174 @@ +#!/bin/bash +# ----------------------------------------------------------------------------- +# +# Copyright (c) 2011 - OpenSLX GmbH +# +# This program is free software distributed under the GPL version 2. +# See http://openslx.org/COPYING +# +# If you have any feedback please consult http://openslx.org/feedback and +# send your suggestions, praise, or complaints to feedback@openslx.org +# +# General information about OpenSLX can be found at http://openslx.org/ +# ----------------------------------------------------------------------------- +# +# Mini-Linux Toolkit +# +# ----------------------------------------------------------------------------- + +. /opt/openslx/config + +RESOLV_CONF="/etc/resolv.conf" +THISFILE="/run/udhcpc/${interface}.resolv" + +echo "$interface [$1] $ip" >> "/tmp/udhcpclog" + +rebuild_resolv_conf () { + # Maybe make this smarter some time, if anyone is using client's that are on multiple networks at once etc... + # This is a little braindead but should work most of the time + sort -u /run/udhcpc/*.resolv > "$RESOLV_CONF" +} + +escape_search() { + echo "$@" | sed -e 's/[]\/()$*.^|[]/\\&/g' +} + +escape_replace() { + echo "$@" | sed -e 's/[\/&]/\\&/g' +} + +case "$1" in + bound|renew) + ip addr add "$ip/$(ipcalc -s -p $ip $subnet|sed s/.*=//)" dev "$interface" + if [ -n "$router" ]; then + ip route add default via "$router" + fi + + # Update resolver configuration file + CONF="" + if [ -n "$domain" ]; then + printf -v CONF "domain $domain\nsearch $domain\n" + elif [ -n "$SLX_NET_DOMAIN" ]; then + printf -v CONF "domain $SLX_NET_DOMAIN\nsearch $SLX_NET_DOMAIN\n" + fi + for i in $dns; do + echo "$0: Adding DNS $i" + printf -v CONF "${CONF}nameserver $i\n" + done + + if [ -x /sbin/resolvconf ]; then + # Automatic handling :-) + echo -n "$CONF" | resolvconf -a "${interface}.udhcpc" + else + # Manual handling required :-( + mkdir -p "/run/udhcpc" + echo -n "$CONF" > "$THISFILE" + rebuild_resolv_conf + fi + + # Things that should only happen for the main interface that was used for booting + if [ "$interface" == "br0" ]; then + #update ip + sed -i "s/^\(SLX_PXE_CLIENT_IP=\).*$/\1'$ip'/" /opt/openslx/config + + #update hostname + dns_host=$(rdns "$ip") + if [ -z "$dns_host" ]; then + # fallback to what the dhcp told us + dns_host="$hostname" + fi + if [ -n "$dns_host" ]; then + echo "$dns_host" > "/proc/sys/kernel/hostname" + echo "$dns_host" > "/etc/hostname" + if grep '^SLX_HOSTNAME=' /opt/openslx/config 2>/dev/null; then + sed -i "s/^\(SLX_HOSTNAME=\).*$/\1'$dns_host'/" /opt/openslx/config + else + echo "# Config written by openslx-dhcp-script (1)" >> /opt/openslx/config + echo "SLX_HOSTNAME='$dns_host'" >> /opt/openslx/config + fi + fi + fi + + # Hostname in /etc/hosts + touch /etc/hosts + if [ -n "$dns_host" ]; then + short="${dns_host%%.*}" + [ "x$short" = "x$dns_host" ] && short="" + sed -i -r "s/\s$(escape_search "$dns_host")(\s|$)/ /g" /etc/hosts + [ -n "$short" ] && sed -i -r "s/\s$(escape_search "$short")(\s|$)/ /g" /etc/hosts + if grep -q -E "^$ip\s" /etc/hosts; then + sed -i "s/^$(escape_search "$ip")\s/$(escape_replace "$ip $dns_host $short ")/g" /etc/hosts + else + echo "$ip $dns_host $short" >> /etc/hosts + fi + fi + if [ -n "$hostname" -a "x$hostname" != "x$dns_host" ]; then + short="${hostname%%.*}" + [ "x$short" = "x$hostname" ] && short="" + sed -i -r "s/\s$(escape_search "$hostname")(\s|$)/ /g" /etc/hosts + [ -n "$short" ] && sed -i -r "s/\s$(escape_search "$short")(\s|$)/ /g" /etc/hosts + if grep -q -E "^$ip\s" /etc/hosts; then + sed -i "s/^$(escape_search "$ip")\s/$(escape_replace "$ip $hostname $short ")/g" /etc/hosts + else + echo "$ip $hostname $short" >> /etc/hosts + fi + fi + sed -i -r '/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\s*$/d' /etc/hosts + + # We consider the network setup to be complete if an interface is being configured that + # has a default route and some dns servers set. + if [ -n "$router" ] && [ -n "$dns" ] && [ ! -e "/run/udhcpc/network-ready" ]; then + touch "/run/udhcpc/network-ready" + # Write to openslx-config + echo "# Config written by openslx-dhcp-script (2)" >> /opt/openslx/config + echo "SLX_DNS='$dns'" >> /opt/openslx/config + + # TODO: This mounts stage4. Current method is for testing purposes only. + # when going productive, this has to happen after user login, if the + # user selects a native linux session. + if [ "x$(grep -ci mount /proc/cmdline)" != "x0" ]; then + systemctl start nfs-mount.service & + fi + # Mark network target as reached + systemctl start network.target + fi + + ;; + + deconfig) + if [ $(grep -c "nfs=" /proc/cmdline) == 0 ]; then + echo 1 > "/proc/sys/net/ipv4/conf/$interface/promote_secondaries" + clientip=${ip%%:*} + ip addr del "$clientip/$(ipcalc -s -p $clientip $subnet|sed s/.*=//)" dev "$interface" + else + echo "NFS is active, not removing old ip adress. warning: lease may expire after a while." + fi + + if [ -x /sbin/resolvconf ]; then + # Automatic handling :-) + resolvconf -d "${interface}.udhcpc" + else + # Manual handling required :-( + rm -f "$THISFILE" + rebuild_resolv_conf + fi + + ;; + + leasefail) + echo "$0: Lease failed: $message" + + ;; + + nak) + echo "$0: Received a NAK: $message" + + ;; + + *) + echo "$0: Unknown udhcpc command: $1"; + exit 1; + + ;; +esac + diff --git a/server/export_target b/server/export_target index 1a87650a..aa4795c5 100755 --- a/server/export_target +++ b/server/export_target @@ -86,6 +86,10 @@ generate_addons() { mksquashfs "${SERVER_BUILD_DIR}/${TARGET}" "${SERVER_BOOT_DIR}/${TARGET}.sqfs" -comp xz -b 1M -no-recovery >&6 || perror "mksquashfs failed ($?)." } +generate_config() { + # generate config from the target directory +} + export_target() { initial_checks |