From c31fc84435bf4f493306ddef619b55f8f2771c3c Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Tue, 28 May 2013 16:03:01 +0200 Subject: [WiP] Server Maintenance Scripts --- data/openslx-install | 314 ++++++++++++++++++++++++++++++++++++++++++++++++ data/openslx-ng-install | 298 --------------------------------------------- data/openslx-update | 54 +++++++++ 3 files changed, 368 insertions(+), 298 deletions(-) create mode 100755 data/openslx-install delete mode 100755 data/openslx-ng-install create mode 100644 data/openslx-update diff --git a/data/openslx-install b/data/openslx-install new file mode 100755 index 00000000..8d1c04db --- /dev/null +++ b/data/openslx-install @@ -0,0 +1,314 @@ +#!/bin/bash + +function print () +{ + echo -e "\033[01;29m$@\033[00m" +} + +function error () +{ + echo -e "\033[00;31m$@\033[00m" + exit 1 +} + +function getinput () +{ + [ $# -ne 2 ] && error "getinput called with wrong parameter count ($@)" + CURRENT_VAR="$2" + echo -n -e "\033[01;29m$1 [${!CURRENT_VAR}]:\033[00m " + read RETVAL + [ -z "$RETVAL" ] && RETVAL="${!CURRENT_VAR}" +} + +function accept () +{ + [ -z "$CURRENT_VAR" ] && error "accept called when CURRENT_VAR is empty" + eval "$CURRENT_VAR='$RETVAL'" + CURRENT_VAR="" + break +} + +function deny () +{ + print "Ungültige Eingabe: '$RETVAL'" +} + +function yesno () +{ + while true; do + echo -n -e "\033[01;29m$@ [J/n] " + read KEYPRESS + [ -z "$KEYPRESS" ] && return 0 + [[ "$KEYPRESS" == J* || "$KEYPRESS" == j* ]] && return 0 + [[ "$KEYPRESS" == N* || "$KEYPRESS" == n* ]] && return 1 + print "Bitte mit J oder N antworten" + done +} + +function save_defaults () +{ + echo -e "# OpenSLX-NG defaults for this server - saved from a previous run of openslx-install\n# Delete this file if you want to start from scratch" > "$DEFAULTS_FILE" + for VARNAME in ${!SLX_*}; do + echo "$VARNAME='${!VARNAME}'" >> "$DEFAULTS_FILE" + done +} + +function check_password () +{ + [ $# -lt 1 ] && error "No user given to check_password" + [ $# -lt 2 ] && error "No password given to check_password" + [ ! -r /etc/shadow ] && return 1 + local correct=$(< /etc/shadow awk -v "user=$1" -F : 'user == $1 {print $2}') + local prefix=${correct%"${correct#\$*\$*\$}"} + local supplied="$(perl -e "print crypt('$2', '$prefix')")" # el cheapo: do not pass a password containing a single quote ( ' ) + [ "x$supplied" = "x$correct" ] && return 0 + return 1 +} + +# Load "Factory defaults" first +FACTORY_DEFAULTS_FILE="/opt/openslx/server-factory-defaults" +if [ -s "$FACTORY_DEFAULTS_FILE" ]; then + . "$FACTORY_DEFAULTS_FILE" || error "Factory defaults konnten nicht geladen werden. ($FACTORY_DEFAULTS_FILE)" +fi +# Load presets/previously given replies +DEFAULTS_FILE="/opt/openslx/server-defaults" +if [ -s "$DEFAULTS_FILE" ]; then + . "$DEFAULTS_FILE" || error "Voreinstellungen von vorherigem Scriptdurchlauf konnten nicht geladen werden. Bitte die Datei $DEFAULTS_FILE überprüfen und reparieren oder ggf. löschen." + print " *** Voreinstellungen von vorherigem Scriptaufruf ($SLX_LAST_INVOCATION) gefunden" + print " *** Diese Einstellungen werden als Standard-Antwort auf alle Fragen" + print " angenommen. Um dieses Setup mit den ursprünglichen Standardantworten" + print " auszuführen, die Datei $DEFAULTS_FILE löschen." + print " *** Das Setup kann mit Strg+C abgebrochen werden." + print "" +fi + +print "OpenSLX-NG Server Preview: Setup" +print "" +print "Zum erfolgreichen Aufsetzen eines OpenSLX-NG Servers müssen" +print "einige Fragen beantwortet werden." +print "" + +# +# ---- Ask if the private key of Uni Freiburg should be accepted for root logins +# +if [ ! -s "/root/.ssh/authorized_keys" ] || ! grep "openslx-admin@uni-freiburg.de" "/root/.ssh/authorized_keys" > /dev/null; then + print "" + print "Soll der Private Key der bwLehrpool-Abteilung in Freiburg für root-Logins auf" + print "diesem Server zugelassen werden? Dadurch ist es für die Entwickler aus Freiburg" + print "möglich, sich ohne Kenntnis des Passworts als root auf diesem Server einzuloggen." + if yesno "Dies vereinfacht die Fernwartung, Fehlerdiagnose und -behebung."; then + if mkdir -p "/root/.ssh" \ + && chmod 0700 "/root/.ssh" \ + && echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC667v6bIksFcwE6DMFs65ySfjySSn9V44GoN7qzIOUok/fgOsiotq2HJby/cgQxGVKogVmGUDRUqK3lKSqYnDmEigP3aQdleP1NFx6ex/zhEUoHp4VfqfQncSZT1zYE5IGQ9YNERrsDEI0YOZ5Cr+/I3p0bJAbXZM9dk/1Y6VOyMt1ZHXam5VvC6EJnJQzW9uAS69JSezprRsDYH+3NGd/XV/INkOsPIvkLc8rp5rtcdHrq/7NPNqtTCUdChv5F5lNMMHyXlhaM9FjG/DOZ0teKzh8MMe3oUXg/VibqEPZK4zVBKypATlWdv6zODiMrbi4n/Vm9IMA5i/71NW2GOdH openslx-admin@uni-freiburg.de" >> "/root/.ssh/authorized_keys" \ + && chmod 0600 "/root/.ssh/authorized_keys"; then + print "Key erfolgreich hinzugefügt" + else + error "Fehler beim Hinzufügen des Keys!" + fi + fi +fi + +# +# ---- Haupt-Adresse (zwecks iPXE) ---- +# +print "" +print "Zum Einrichten der iPXE-Funktionalität muss die IP-Adresse des Servers" +print "festgelegt werden. Alle Clients werden über diese Adresse bedient." +print "WICHTIG: Sollte sich die Adresse des Servers ändern, muss dieses Setup" +print "erneut ausgeführt werden." +print "Erkannte lokale Adressen:" + +LOCAL_ADDRS="$(ip a | grep -E -o '^\s*inet\s+[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | grep -E -o '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+')" +echo "$LOCAL_ADDRS" + +if [ -z "$SLX_LOCAL_ADDR" ] || [[ $LOCAL_ADDRS != *$SLX_LOCAL_ADDR* ]]; then + SLX_LOCAL_ADDR="" + for ADDR in $LOCAL_ADDRS; do + [[ "$ADDR" == 127.* ]] && continue + LAN_IP=$ADDR + [[ "$ADDR" == 192.168.* ]] && continue + [[ "$ADDR" == 10.* ]] && continue + [[ "$ADDR" == 172.* ]] && continue + SLX_LOCAL_ADDR=$ADDR + done + [ -z "$SLX_LOCAL_ADDR" ] && SLX_LOCAL_ADDR=$LAN_IP +fi + +while true; do + getinput "Primäre IP-Adresse des Servers" SLX_LOCAL_ADDR + # syntax check + echo "$RETVAL" | grep -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' > /dev/null || continue + if ! ip a | grep -E "^\s*inet\s+$RETVAL/" > /dev/null; then + print "Dieser Server scheint kein Interface zu besitzen, welches auf" + print "die Adresse $RETVAL konfiguriert ist." + yesno "Trotzdem diese Adresse verwenden?" || continue + fi + accept +done + +# +# ---- NFS Share +# +# Is it a local one? +print "" +print "Bereitstellung der VMWare-Images" +print "Die Clients booten die VMWare-Images von einem NFS-Share. Dieser kann" +print "entweder auf diesem Server liegen, oder auf einem externen Server mit NFS-Zugang." +print "Sofern die Images von diesem Server ausgeliefert werden sollen, wird ein" +print "zusätzlicher SMB-Server installiert, um das Aufspielen neuer Images" +print "von einem Windows-PC aus zu erleichtern." + +while true; do + getinput "Welches Setup ist erwünscht? L = Lokal, E = Extern" SLX_VM_NFS_TYPE + # Local Server + if [[ "$RETVAL" == L* || "$RETVAL" == l* ]]; then + while true; do + getinput "Lokaler Speicherort für VM-Images" SLX_VM_PATH + if [[ "$RETVAL" != /* ]]; then + print "FEHLER: Der Pfad muss absolut sein (mit einem / beginnen)" + continue + fi + mkdir -p "$RETVAL" + [ -w "$RETVAL" ] && accept + print "FEHLER: Verzeichnis '$RETVAL' nicht beschreibbar." + done + SLX_VM_NFS="$SLX_LOCAL_ADDR:$SLX_VM_PATH" + print "Lokaler VM-NFS-Share erreichbar unter $SLX_VM_NFS" + SLX_VM_NFS_TYPE=L + break # No accept here as it cannot be nested + fi + # External Server + if [[ "$RETVAL" == E* || "$RETVAL" == e* ]]; then + while true; do + getinput "Adresse und Pfad des externen NFS-Shares für VM-Images im Format Adresse:Pfad" SLX_VM_NFS + echo "$RETVAL" | grep -E '\S+:/\S+' && accept + print "FEHLER: Ungültiges NFS-Share-Format: $RETVAL" + done + print "Externer VM-NFS-Share erreichbar unter $SLX_VM_NFS" + SLX_VM_NFS_TYPE=E + break # No accept + fi + print "Ungültige Auswahl '$RETVAL'" +done # Done setting up VM NFS Server type + +# +# ---- Safety first: make user change root password if it is still the default ---- +# +if [ "x$1" != "x--test" ] && check_password "root" "openslx-ng"; then + print "" + print "Aus Sicherheitsgründen sollte das root-Passwort dieses Servers geändert werden." + while check_password "root" "openslx-ng" && yesno "Passwort jetzt ändern?"; do + passwd + done +fi + +if yesno "Soll die aktuellste stabile Version des MiniLinux nach der Einrichtung automatisch heruntergeladen werden?"; then + DOWNLOAD_ML=yes +else + DOWNLOAD_ML=no +fi + +print "" +print "Beginne Installation" + +# +# ---- Compile iPXE ---- +# +print "" +print "Erstelle iPXE Binary..." +sleep 3 +cd /opt/openslx/ipxe || error "cd /opt/openslx/ipxe failed" +cat > ipxelinux.ipxe << HEREEND +#!ipxe +set use-cached 1 +dhcp net0 +set net0.dhcp/next-server $SLX_LOCAL_ADDR +set net0.dhcp/filename ipxelinux.0 +imgload pxelinux.0 +boot pxelinux.0 +HEREEND +cd src || error "cd src failed" +[ -e "bin/undionly.kkkpxe" ] && unlink "bin/undionly.kkkpxe" +make bin/undionly.kkkpxe EMBED=../ipxelinux.ipxe,../pxelinux.0 +[ ! -e "bin/undionly.kkkpxe" -o "$(stat -c %s "bin/undionly.kkkpxe")" -lt 80000 ] && error "Error compiling ipxelinux.0" +cp "bin/undionly.kkkpxe" "/srv/openslx/tftp/ipxelinux.0" || error "Could not write to /srv/openslx/tftp/ipxelinux.0" + +# +# +# +if [[ "$SLX_VM_NFS_TYPE" == "L" ]]; then + # Write SMB Config +cat > "/etc/samba/smb.conf" << HEREEND +[global] + +workgroup = WORKGROUP +server string = OpenSLX-NG Test-Server + +wins support = no +dns proxy = no +name resolve order = host + +log file = /var/log/samba/log.%m +max log size = 100 +syslog only = no +syslog = 0 + +panic action = /usr/share/samba/panic-action %d + +security = user +encrypt passwords = true +passdb backend = tdbsam +obey pam restrictions = yes + +domain master = no + +[images] + comment = Directory where all the VMWare Images go + writeable = yes + locking = no + path = $SLX_VM_PATH + guest ok = no + valid users = vmware +HEREEND + # End SMB Config + chown -R vmware "$SLX_VM_PATH" + # NFS Config + echo "$SLX_VM_PATH *(ro,async,insecure,no_root_squash,no_subtree_check)" > "/etc/exports" + # End NFS Config + update-rc.d samba defaults + update-rc.d nfs-kernel-server defaults + service samba restart + service nfs-kernel-server restart +else # external NFS Server for VM Images is used. Disable NFS + Samba + service samba stop + service nfs-kernel-server stop + for LEVEL in S 0 1 2 3 4 5; do + update-rc.d samba disable "$LEVEL" + update-rc.d nfs-kernel-server disable "$LEVEL" + done +fi +print "Dienste konfiguriert." + +# +# ---- Create boottime system config ---- +# +print "" +print "Schreibe Bootzeit-Konfiguration für MiniLinux" +cat > "/srv/openslx/www/config" << HEREEND +SLX_VM_NFS='$SLX_VM_NFS' +SLX_HTTP_ADDR='http://$SLX_LOCAL_ADDR' +HEREEND + +if [[ "$DOWNLOAD_ML" == yes ]]; then + print "" + print "Lade aktuellste Version des MiniLinux herunter" + openslx-update +fi +print "" +print "Das MiniLinux kann jederzeit manuell durch den Befehl openslx-update aktualisiert werden." + +SLX_LAST_INVOCATION="$(date)" +save_defaults +print "" +print "Einrichtung abgeschlossen." + diff --git a/data/openslx-ng-install b/data/openslx-ng-install deleted file mode 100755 index 7b8715b7..00000000 --- a/data/openslx-ng-install +++ /dev/null @@ -1,298 +0,0 @@ -#!/bin/bash - -function print () -{ - echo -e "\033[01;29m$@\033[00m" -} - -function error () -{ - echo -e "\033[00;31m$@\033[00m" - exit 1 -} - -function getinput () -{ - [ $# -ne 2 ] && error "getinput called with wrong parameter count ($@)" - CURRENT_VAR="$2" - echo -n -e "\033[01;29m$1 [${!CURRENT_VAR}]:\033[00m " - read RETVAL - [ -z "$RETVAL" ] && RETVAL="${!CURRENT_VAR}" -} - -function accept () -{ - [ -z "$CURRENT_VAR" ] && error "accept called when CURRENT_VAR is empty" - eval "$CURRENT_VAR='$RETVAL'" - CURRENT_VAR="" - break -} - -function deny () -{ - print "Ungültige Eingabe: '$RETVAL'" -} - -function yesno () -{ - while true; do - echo -n -e "\033[01;29m$@ [J/n] " - read KEYPRESS - [ -z "$KEYPRESS" ] && return 0 - [[ "$KEYPRESS" == J* || "$KEYPRESS" == j* ]] && return 0 - [[ "$KEYPRESS" == N* || "$KEYPRESS" == n* ]] && return 1 - print "Bitte mit J oder N antworten" - done -} - -function save_defaults () -{ - echo -e "# OpenSLX-NG defaults for this server - saved from a previous run of openslx-install\n# Delete this file if you want to start from scratch" > "$DEFAULTS_FILE" - for VARNAME in ${!SLX_*}; do - echo "$VARNAME='${!VARNAME}'" >> "$DEFAULTS_FILE" - done -} - -function check_password () -{ - [ $# -lt 1 ] && error "No user given to check_password" - [ $# -lt 2 ] && error "No password given to check_password" - [ ! -r /etc/shadow ] && return 1 - local correct=$(< /etc/shadow awk -v "user=$1" -F : 'user == $1 {print $2}') - local prefix=${correct%"${correct#\$*\$*\$}"} - local supplied="$(perl -e "print crypt('$2', '$prefix')")" # el cheapo: do not pass a password containing a single quote ( ' ) - [ "x$supplied" = "x$correct" ] && return 0 - return 1 -} - -# Load "Factory defaults" first -FACTORY_DEFAULTS_FILE="/opt/openslx/server-factory-defaults" -if [ -s "$FACTORY_DEFAULTS_FILE" ]; then - . "$FACTORY_DEFAULTS_FILE" || error "Factory defaults konnten nicht geladen werden. ($FACTORY_DEFAULTS_FILE)" -fi -# Load presets/previously given replies -DEFAULTS_FILE="/opt/openslx/server-defaults" -if [ -s "$DEFAULTS_FILE" ]; then - . "$DEFAULTS_FILE" || error "Voreinstellungen von vorherigem Scriptdurchlauf konnten nicht geladen werden. Bitte die Datei $DEFAULTS_FILE überprüfen und reparieren oder ggf. löschen." - print " *** Voreinstellungen von vorherigem Scriptaufruf ($SLX_LAST_INVOCATION) gefunden" - print " *** Diese Einstellungen werden als Standard-Antwort auf alle Fragen" - print " angenommen. Um dieses Setup mit den ursprünglichen Standardantworten" - print " auszuführen, die Datei $DEFAULTS_FILE löschen." - print " *** Das Setup kann mit Strg+C abgebrochen werden." - print "" -fi - -print "OpenSLX-NG Server Preview: Setup" -print "" -print "Zum erfolgreichen Aufsetzen eines OpenSLX-NG Servers müssen" -print "einige Fragen beantwortet werden." -print "" - -# -# ---- Ask if the private key of Uni Freiburg should be accepted for root logins -# -if [ ! -s "/root/.ssh/authorized_keys" ] || ! grep "openslx-admin@uni-freiburg.de" "/root/.ssh/authorized_keys" > /dev/null; then - print "" - print "Soll der Private Key der bwLehrpool-Abteilung in Freiburg für root-Logins auf" - print "diesem Server zugelassen werden? Dadurch ist es für die Entwickler aus Freiburg" - print "möglich, sich ohne Kenntnis des Passworts als root auf diesem Server einzuloggen." - if yesno "Dies vereinfacht die Fernwartung, Fehlerdiagnose und -behebung."; then - if mkdir -p "/root/.ssh" \ - && chmod 0700 "/root/.ssh" \ - && echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC667v6bIksFcwE6DMFs65ySfjySSn9V44GoN7qzIOUok/fgOsiotq2HJby/cgQxGVKogVmGUDRUqK3lKSqYnDmEigP3aQdleP1NFx6ex/zhEUoHp4VfqfQncSZT1zYE5IGQ9YNERrsDEI0YOZ5Cr+/I3p0bJAbXZM9dk/1Y6VOyMt1ZHXam5VvC6EJnJQzW9uAS69JSezprRsDYH+3NGd/XV/INkOsPIvkLc8rp5rtcdHrq/7NPNqtTCUdChv5F5lNMMHyXlhaM9FjG/DOZ0teKzh8MMe3oUXg/VibqEPZK4zVBKypATlWdv6zODiMrbi4n/Vm9IMA5i/71NW2GOdH openslx-admin@uni-freiburg.de" >> "/root/.ssh/authorized_keys" \ - && chmod 0600 "/root/.ssh/authorized_keys"; then - print "Key erfolgreich hinzugefügt" - else - error "Fehler beim Hinzufügen des Keys!" - fi - fi -fi - -# -# ---- Haupt-Adresse (zwecks iPXE) ---- -# -print "" -print "Zum Einrichten der iPXE-Funktionalität muss die IP-Adresse des Servers" -print "festgelegt werden. Alle Clients werden über diese Adresse bedient." -print "WICHTIG: Sollte sich die Adresse des Servers ändern, muss dieses Setup" -print "erneut ausgeführt werden." -print "Erkannte lokale Adressen:" - -LOCAL_ADDRS="$(ip a | grep -E -o '^\s*inet\s+[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' | grep -E -o '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+')" -echo "$LOCAL_ADDRS" - -if [ -z "$SLX_LOCAL_ADDR" ] || [[ $LOCAL_ADDRS != *$SLX_LOCAL_ADDR* ]]; then - SLX_LOCAL_ADDR="" - for ADDR in $LOCAL_ADDRS; do - [[ "$ADDR" == 127.* ]] && continue - LAN_IP=$ADDR - [[ "$ADDR" == 192.168.* ]] && continue - [[ "$ADDR" == 10.* ]] && continue - [[ "$ADDR" == 172.* ]] && continue - SLX_LOCAL_ADDR=$ADDR - done - [ -z "$SLX_LOCAL_ADDR" ] && SLX_LOCAL_ADDR=$LAN_IP -fi - -while true; do - getinput "Primäre IP-Adresse des Servers" SLX_LOCAL_ADDR - # syntax check - echo "$RETVAL" | grep -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' > /dev/null || continue - if ! ip a | grep -E "^\s*inet\s+$RETVAL/" > /dev/null; then - print "Dieser Server scheint kein Interface zu besitzen, welches auf" - print "die Adresse $RETVAL konfiguriert ist." - yesno "Trotzdem diese Adresse verwenden?" || continue - fi - accept -done - -# -# ---- NFS Share -# -# Is it a local one? -print "" -print "Bereitstellung der VMWare-Images" -print "Die Clients booten die VMWare-Images von einem NFS-Share. Dieser kann" -print "entweder auf diesem Server liegen, oder auf einem externen Server mit NFS-Zugang." -print "Sofern die Images von diesem Server ausgeliefert werden sollen, wird ein" -print "zusätzlicher SMB-Server installiert, um das Aufspielen neuer Images" -print "von einem Windows-PC aus zu erleichtern." - -while true; do - getinput "Welches Setup ist erwünscht? L = Lokal, E = Extern" SLX_VM_NFS_TYPE - # Local Server - if [[ "$RETVAL" == L* || "$RETVAL" == l* ]]; then - while true; do - getinput "Lokaler Speicherort für VM-Images" SLX_VM_PATH - if [[ "$RETVAL" != /* ]]; then - print "FEHLER: Der Pfad muss absolut sein (mit einem / beginnen)" - continue - fi - mkdir -p "$RETVAL" - [ -w "$RETVAL" ] && accept - print "FEHLER: Verzeichnis '$RETVAL' nicht beschreibbar." - done - SLX_VM_NFS="$SLX_LOCAL_ADDR:$SLX_VM_PATH" - print "Lokaler VM-NFS-Share erreichbar unter $SLX_VM_NFS" - SLX_VM_NFS_TYPE=L - break # No accept here as it cannot be nested - fi - # External Server - if [[ "$RETVAL" == E* || "$RETVAL" == e* ]]; then - while true; do - getinput "Adresse und Pfad des externen NFS-Shares für VM-Images im Format Adresse:Pfad" SLX_VM_NFS - echo "$RETVAL" | grep -E '\S+:/\S+' && accept - print "FEHLER: Ungültiges NFS-Share-Format: $RETVAL" - done - print "Externer VM-NFS-Share erreichbar unter $SLX_VM_NFS" - SLX_VM_NFS_TYPE=E - break # No accept - fi - print "Ungültige Auswahl '$RETVAL'" -done # Done setting up VM NFS Server type - -# -# ---- Safety first: make user change root password if it is still the default ---- -# -if [ "x$1" != "x--test" ] && check_password "root" "openslx-ng"; then - print "" - print "Aus Sicherheitsgründen sollte das root-Passwort dieses Servers geändert werden." - while check_password "root" "openslx-ng" && yesno "Passwort jetzt ändern?"; do - passwd - done -fi - -print "" -print "Beginne Installation" - -# -# ---- Compile iPXE ---- -# -print "" -print "Erstelle iPXE Binary..." -sleep 3 -cd /opt/openslx/ipxe || error "cd /opt/openslx/ipxe failed" -cat > ipxelinux.ipxe << HEREEND -#!ipxe -set use-cached 1 -dhcp net0 -set net0.dhcp/next-server $SLX_LOCAL_ADDR -set net0.dhcp/filename ipxelinux.0 -imgload pxelinux.0 -boot pxelinux.0 -HEREEND -cd src || error "cd src failed" -[ -e "bin/undionly.kkkpxe" ] && unlink "bin/undionly.kkkpxe" -make bin/undionly.kkkpxe EMBED=../ipxelinux.ipxe,../pxelinux.0 -[ ! -e "bin/undionly.kkkpxe" -o "$(stat -c %s "bin/undionly.kkkpxe")" -lt 80000 ] && error "Error compiling ipxelinux.0" -cp "bin/undionly.kkkpxe" "/srv/openslx/tftp/ipxelinux.0" || error "Could not write to /srv/openslx/tftp/ipxelinux.0" - -# -# -# -if [[ "$SLX_VM_NFS_TYPE" == "L" ]]; then - # Write SMB Config -cat > "/etc/samba/smb.conf" << HEREEND -[global] - -workgroup = WORKGROUP -server string = OpenSLX-NG Test-Server - -wins support = no -dns proxy = no -name resolve order = host - -log file = /var/log/samba/log.%m -max log size = 100 -syslog only = no -syslog = 0 - -panic action = /usr/share/samba/panic-action %d - -security = user -encrypt passwords = true -passdb backend = tdbsam -obey pam restrictions = yes - -domain master = no - -[images] - comment = Directory where all the VMWare Images go - writeable = yes - locking = no - path = $SLX_VM_PATH - guest ok = no - valid users = vmware -HEREEND - # End SMB Config - chown -R vmware "$SLX_VM_PATH" - # NFS Config - echo "$SLX_VM_PATH *(ro,async,insecure,no_root_squash,no_subtree_check)" > "/etc/exports" - # End NFS Config - service samba restart - service nfs-kernel-server restart - # TODO: Persistent inbound blocking of tcp 139, udp 137,138 to speed up access from Windows Clients - update-rc.d samba defaults - update-rc.d nfs-kernel-server defaults -else # external NFS Server for VM Images is used. Disable NFS + Samba - service samba stop - service nfs-kernel-server stop - for LEVEL in S 0 1 2 3 4 5; do - update-rc.d samba disable "$LEVEL" - update-rc.d nfs-kernel-server disable "$LEVEL" - done -fi - -# -# ---- Create boottime system config ---- -# -print "" -print "Schreibe Bootzeit-Konfiguration für MiniLinux" -cat > "/srv/openslx/www/config" << HEREEND -SLX_VM_NFS='$SLX_VM_NFS' -HEREEND - -SLX_LAST_INVOCATION="$(date)" -save_defaults -print "Einrichtung abgeschlossen." - diff --git a/data/openslx-update b/data/openslx-update new file mode 100644 index 00000000..4f8da0f5 --- /dev/null +++ b/data/openslx-update @@ -0,0 +1,54 @@ +#!/bin/bash + +function print () +{ + echo -e "\033[01;29m$@\033[00m" +} + +function error () +{ + echo -e "\033[01;31m$@\033[00m" + exit 1 +} + +function warning () +{ + echo -e "\033[01;33m$@\033[00m" +} + +MIRROR="http://mltk.boot.openslx.org" +REMOTEINDEX="/tmp/mlversion" +LOCALINDEX="/opt/openslx/local_version" +WWWTEMP="/srv/openslx/www-temp" + +LOCAL_STABLE=0 +LOCAL_TESTING=0 +if [ -s "$LOCALINDEX" ]; then + . "$LOCALINDEX" || error "Fehler beim laden der lokalen Versionsinfirmationen aus $LOCALINDEX" +fi + +print "" +print "Lade Liste aktuell verfügbarer Versionen..." +rm -f "$REMOTEINDEX" +wget -O "$REMOTEINDEX" "$MIRROR/index" || error "Konnte Liste verfügbarer Releases nicht herunterladen." +. "$REMOTEINDEX" || error "Liste verfügbarer Releases Fehlerhaft (konnte $REMOTEINDEX nicht sourcen)" + +mkdir -p "$WWWTEMP" +mv /srv/openslx/www/openslx-* "$WWWTEMP/" +for REL in ${!AVAILABLE_*}; do + BRANCH="${REL#AVAILABLE_}" + print "Remote has branch $BRANCH" + PXELINE="" + for FILE in ${!REL}; do + PXELINE="$PXELINE http://" + if [ -s "$WWWTEMP/openslx-$FILE" ]; then + mv "$WWWTEMP/openslx-$FILE" "/srv/openslx/www/" + continue + fi + wget -O "$WWWTEMP/openslx-$FILE" "$MIRROR/files/$FILE" || warning "Could not download $FILE" + done + EXTRA="${BRANCH}_EXTRA" + for FILE in ${!EXTRA}; do + done +done + -- cgit v1.2.3-55-g7522 From f4ba9b7f42ebabf6e10853e7031abdfd567cce5e Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Tue, 28 May 2013 21:44:34 +0200 Subject: Add mount tmp (partition 44) --- .../data/etc/systemd/system/mount-tmp.service | 4 +- .../system/sysinit.target.wants/mount-tmp.service | 1 + .../data/opt/openslx/bin/analyse-disk | 95 +++++++++++----------- .../rootfs-stage32/data/opt/openslx/bin/disk-tmp | 24 ------ 4 files changed, 51 insertions(+), 73 deletions(-) create mode 120000 remote/rootfs/rootfs-stage32/data/etc/systemd/system/sysinit.target.wants/mount-tmp.service delete mode 100755 remote/rootfs/rootfs-stage32/data/opt/openslx/bin/disk-tmp diff --git a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/mount-tmp.service b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/mount-tmp.service index 75e285e2..8a45bea1 100644 --- a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/mount-tmp.service +++ b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/mount-tmp.service @@ -1,7 +1,9 @@ [Unit] Description=Mount hard drive as tmp +Before=sysinit.target shutdown.target +DefaultDependencies=no [Service] Type=oneshot ExecStart=/opt/openslx/bin/analyse-disk -ExecStart=/opt/openslx/bin/disk-tmp +RemainAfterExit=yes diff --git a/remote/rootfs/rootfs-stage32/data/etc/systemd/system/sysinit.target.wants/mount-tmp.service b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/sysinit.target.wants/mount-tmp.service new file mode 120000 index 00000000..8ebb27be --- /dev/null +++ b/remote/rootfs/rootfs-stage32/data/etc/systemd/system/sysinit.target.wants/mount-tmp.service @@ -0,0 +1 @@ +../mount-tmp.service \ No newline at end of file diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk index 27c3f306..c1e2bf3d 100755 --- a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk +++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk @@ -14,92 +14,91 @@ ############################################################################# +export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/bin:/opt/openslx/sbin:/opt/openslx/usr/bin:/opt/openslx/usr/sbin" + # General formatter for the /tmp partition on a local harddisk diskfm () { -local target=$1 +local target="$1" local fs local path for fs in xfs ext3 ext2 ; do unset available case $(cat /proc/filesystems) in *${fs}*) available=yes;; - *) modprobe -q ${fs} 2>/dev/null && available=yes;; + *) modprobe "${fs}" && available=yes;; esac - if [ -n ${available} ]; then + if [ -n "${available}" ]; then unset found - for path in /sbin /bin /usr/sbin /usr/bin /openslx/sbin /openslx/bin; do - if test -x /$path/mkfs.$fs ; then - found=yes - case mkfs.$fs in - mkfs.xfs) - fopt="-f" - mopt="-o noexec" - ;; - mkfs.ext2) - fopt="-Fq" - mopt="-o nocheck,noexec" - ;; - mkfs.reiserfs) - fopt="-f" - mopt="-o noexec" - ;; - esac - mkfs.$fs ${fopt} ${target} >/dev/null 2>&1 #|| error - mkdir -p /run/mount/tmp - mount -t ${fs} ${target} /run/mount/tmp - fi - done + if which "mkfs.$fs" ; then + found=yes + case "mkfs.$fs" in + mkfs.xfs) + fopt="-f" + mopt="-o noexec" + ;; + mkfs.ext2) + fopt="-Fq" + mopt="-o nocheck,noexec" + ;; + mkfs.reiserfs) + fopt="-f" + mopt="-o noexec" + ;; + esac + mkfs.$fs ${fopt} "${target}" + fi [ -n "$found" ] && break fi done } # Check for local harddisks and appropriate partitions -fdisk -l |sed -n "/^\/dev\//p" >/etc/disk.partition +fdisk -l | sed -n "/^\/dev\//p" > "/etc/disk.partition" # Check for standard swap partitions and make them available to the system -for hdpartnr in $(cat /etc/disk.partition | \ - sed -n -e "/ 82 /p"|sed -e "s/[[:space:]].*//") ; do - echo -e "$hdpartnr\tswap\t\tswap\t\tdefaults\t 0 0" >>/etc/fstab +for hdpartnr in $(sed -n -e "/ 82 /p" "/etc/disk.partition" | sed -e "s/[[:space:]].*//"); do + echo -e "$hdpartnr\tswap\t\tswap\t\tdefaults\t 0 0" >> "/etc/fstab" done # We use special non assigned partition type (id44) for harddisk scratch # space, thus no normal filesystem will be incidentally deleted or # corrupted -for hdpartnr in $(cat /etc/disk.partition | \ - sed -n -e "/ 44 /p"|sed -e "s/[[:space:]].*//") ; do +for hdpartnr in $(sed -n -e "/ 44 /p" "/etc/disk.partition" | sed -e "s/[[:space:]].*//"); do # check for supported filesystem and formatter - ( if diskfm $hdpartnr ; then + if diskfm "$hdpartnr"; then # echo "$hdpartnr is mounted to /mnt/tmp at $(sysup)" >/tmp/tmpready - echo -e "$hdpartnr\t/tmp\t\tnoauto\t\tdefaults\t 0 0" >>/etc/fstab + echo -e "$hdpartnr\t/tmp\t\tnoauto\t\tdefaults\t 0 0" >> "/etc/fstab" + mkdir -p /tmptmp + mv /tmp/* /tmp/.* /tmptmp/ + mount "$hdpartnr" /tmp + mv /tmptmp/* /tmp/ + rmdir /tmptmp + break else - echo "formatting failed for some reason " >/tmp/tmpready - fi ) & - break + echo "formatting failed for some reason" + fi # Made this non-forking, systemd should handle it - 2013-05-28 done # Put detected linux partitions (83) into /etc/fstab with "noauto", special # partition 45 (persistent scratch) to /var/scratch and 46 to /var/openslx for partid in 83 45 46 ; do - for hdpartnr in $(cat /etc/disk.partition | \ - sed -n -e "/ ${partid} /p"|sed -e "s/[[:space:]].*//") ; do - mkdir -p /media/${hdpartnr#/dev/*} 2>/dev/null - if [ ${partid} -eq 83 ] ; then - echo -e "$hdpartnr\t/media/${hdpartnr#/dev/*}\tauto\t\tnoauto,\ -noexec\t 0 0" >>/tmp/fstab - elif [ ${partid} -eq 45 ] ; then + for hdpartnr in $(sed -n -e "/ ${partid} /p" "/etc/disk.partition" | sed -e "s/[[:space:]].*//"); do + mkdir -p "/media/${hdpartnr#/dev/*}" + if [ "${partid}" -eq 83 ]; then + echo -e "$hdpartnr\t/media/${hdpartnr#/dev/*}\tauto\t\tnoauto,noexec\t 0 0" >> "/etc/fstab" + elif [ "${partid}" -eq 45 ]; then #mount -t auto ${hdpartnr} /media/${hdpartnr#/dev/*} #ln -sf /media/${hdpartnr#/dev/*} /var/scratch - echo -e "${hdpartnr}\t/media/${hdpartnr#/dev/*}\tauto\t\tnoauto\ -\t\t 0 0" >>/tmp/fstab - elif [ ${partid} -eq 46 ] ; then + echo -e "${hdpartnr}\t/media/${hdpartnr#/dev/*}\tauto\t\tnoauto\t\t 0 0" >> "/etc/fstab" + elif [ "${partid}" -eq 46 ]; then # Mount a home directory to (/mnt)/var/home #mount -t auto ${hdpartnr} /mnt/media/${hdpartnr#/dev/*} \n\ #test -d /mnt/media/${hdpartnr#/dev/*}/home && \ # ln -sf /media/${hdpartnr#/dev/*} /var/home - echo -e "${hdpartnr}\t/media/${hdpartnr#/dev/*}\tauto\t\tnoauto\ -\t\t 0 0" >>/tmp/fstab + echo -e "${hdpartnr}\t/media/${hdpartnr#/dev/*}\tauto\t\tnoauto\t\t 0 0" >> "/etc/fstab" fi done done +mount -a + diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/disk-tmp b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/disk-tmp deleted file mode 100755 index 4378c45c..00000000 --- a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/disk-tmp +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -# Copyright (c) 2013 - OpenSLX GmbH -# -# This program is free software distributed under the GPL version 2. -# See http://openslx.org/COPYING -# -# If you have any feedback please consult http://openslx.org/feedback and -# send your feedback to feedback@openslx.org -# -# General information about OpenSLX can be found under http://openslx.org -# -# Mount local ID44 partition to /tmp after all existing stuff is preserved - -############################################################################# - -# Check if ID44 is available by analysing /etc/fstab for appropriate entry -if cat /proc/mounts | grep -qe "/dev/.*/tmp" ; then - mkdir -p /run/tmp - mv /tmp/* /run/tmp - mount --bind /run/mount/tmp /tmp - umount /run/mount/tmp - mv /run/tmp/* /tmp - rmdir /run/tmp -fi -- cgit v1.2.3-55-g7522 From 863cdf344283d1a65992f890012b8771d6beecf8 Mon Sep 17 00:00:00 2001 From: Simon Rettberg Date: Wed, 29 May 2013 16:01:37 +0200 Subject: -.- --- remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk | 1 + 1 file changed, 1 insertion(+) diff --git a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk index c1e2bf3d..0afe4de8 100755 --- a/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk +++ b/remote/rootfs/rootfs-stage32/data/opt/openslx/bin/analyse-disk @@ -71,6 +71,7 @@ for hdpartnr in $(sed -n -e "/ 44 /p" "/etc/disk.partition" | sed -e "s/[[:space mkdir -p /tmptmp mv /tmp/* /tmp/.* /tmptmp/ mount "$hdpartnr" /tmp + chmod a+rwxt /tmp mv /tmptmp/* /tmp/ rmdir /tmptmp break -- cgit v1.2.3-55-g7522