emergency mode: use sulogin

- allow emergency login on every console
  specified in the kernel cmdline
- require password for hostonly images
- emergency mode: Manually multiplex emergency infos

This will bring all vital information to all ttys specified
as console devices, regardless of wether they hold the C flag.

Reference: FATE#325386
Reference: #449

diff --git a/modules.d/98dracut-systemd/dracut-emergency.sh b/modules.d/98dracut-systemd/dracut-emergency.sh
index f17460a75f7dc5cfb9b4dc6728d74c3066d5dd10..1a11220b8c08d970a8357adf8af2346451d3926e 100755 (executable)
--- a/modules.d/98dracut-systemd/dracut-emergency.sh
+++ b/modules.d/98dracut-systemd/dracut-emergency.sh
@@ -15,21 +15,26 @@ _emergency_action=$(getarg rd.emergency)
 
 if getargbool 1 rd.shell -d -y rdshell || getarg rd.break -d rdbreak; then
     FSTXT="/run/dracut/fsck/fsck_help_$fstype.txt"
+    RDSOSREPORT="$(rdsosreport)"
     source_hook "$hook"
-    echo
-    rdsosreport
-    echo
-    echo
-    echo 'Entering emergency mode. Exit the shell to continue.'
-    echo 'Type "journalctl" to view system logs.'
-    echo 'You might want to save "/run/initramfs/rdsosreport.txt" to a USB stick or /boot'
-    echo 'after mounting them and attach it to a bug report.'
-    echo
-    echo
-    [ -f "$FSTXT" ] && cat "$FSTXT"
+    while read _tty rest; do
+        (
+            echo
+            echo $RDSOSREPORT
+            echo
+            echo
+            echo 'Entering emergency mode. Exit the shell to continue.'
+            echo 'Type "journalctl" to view system logs.'
+            echo 'You might want to save "/run/initramfs/rdsosreport.txt" to a USB stick or /boot'
+            echo 'after mounting them and attach it to a bug report.'
+            echo
+            echo
+            [ -f "$FSTXT" ] && cat "$FSTXT"
+        ) > /dev/$_tty
+    done < /dev/consoles
     [ -f /etc/profile ] && . /etc/profile
     [ -z "$PS1" ] && export PS1="$_name:\${PWD}# "
-    exec sh -i -l
+    exec sulogin -e
 else
     export hook="shutdown-emergency"
     warn "$action has failed. To debug this issue add \"rd.shell rd.debug\" to the kernel command line."

diff --git a/modules.d/98dracut-systemd/module-setup.sh b/modules.d/98dracut-systemd/module-setup.sh
index 900162c3eeef8c0c1d442539822c34f5e5fcb824..48779bf7d72c2ee97038b93d4d353d1c1ba1aa46 100755 (executable)
--- a/modules.d/98dracut-systemd/module-setup.sh
+++ b/modules.d/98dracut-systemd/module-setup.sh
@@ -59,5 +59,7 @@ install() {
     done
 
     inst_simple "$moddir/dracut-tmpfiles.conf" "$tmpfilesdir/dracut-tmpfiles.conf"
+
+    inst_multiple sulogin
 }
 

diff --git a/modules.d/99base/module-setup.sh b/modules.d/99base/module-setup.sh
index 21523fc9dcc146b361820b78f80fdb518aa0e34a..cd09c078a9f0aeacc1a927a63862f063538b2c30 100755 (executable)
--- a/modules.d/99base/module-setup.sh
+++ b/modules.d/99base/module-setup.sh
@@ -26,10 +26,14 @@ install() {
         (ln -s bash "${initdir}/bin/sh" || :)
     fi
 
-    #add common users in /etc/passwd, it will be used by nfs/ssh currently
-    grep '^root:' "$initdir/etc/passwd" 2>/dev/null || echo  'root:x:0:0::/root:/bin/sh' >> "$initdir/etc/passwd"
+    # add common users in /etc/passwd, it will be used by nfs/ssh currently
+    # use password for hostonly images to facilitate secure sulogin in emergency console
+    [[ $hostonly ]] && pwshadow='x'
+    grep '^root:' "$initdir/etc/passwd" 2>/dev/null || echo  "root:$pwshadow:0:0::/root:/bin/sh" >> "$initdir/etc/passwd"
     grep '^nobody:' /etc/passwd >> "$initdir/etc/passwd"
 
+    [[ $hostonly ]] && grep '^root:' /etc/shadow >> "$initdir/etc/shadow"
+
     # install our scripts and hooks
     inst_script "$moddir/init.sh" "/init"
     inst_script "$moddir/initqueue.sh" "/sbin/initqueue"