From 32f68c1f9ac3720e8ce4b95a09c0ce680d5da786 Mon Sep 17 00:00:00 2001 From: Daniel Molkentin Date: Wed, 5 Dec 2018 16:52:45 +0100 Subject: [PATCH] emergency mode: use sulogin - allow emergency login on every console specified in the kernel cmdline - require password for hostonly images - emergency mode: Manually multiplex emergency infos This will bring all vital information to all ttys specified as console devices, regardless of wether they hold the C flag. Reference: FATE#325386 Reference: #449 --- .../98dracut-systemd/dracut-emergency.sh | 29 +++++++++++-------- modules.d/98dracut-systemd/module-setup.sh | 2 ++ modules.d/99base/module-setup.sh | 8 +++-- 3 files changed, 25 insertions(+), 14 deletions(-) diff --git a/modules.d/98dracut-systemd/dracut-emergency.sh b/modules.d/98dracut-systemd/dracut-emergency.sh index f17460a75..1a11220b8 100755 --- a/modules.d/98dracut-systemd/dracut-emergency.sh +++ b/modules.d/98dracut-systemd/dracut-emergency.sh @@ -15,21 +15,26 @@ _emergency_action=$(getarg rd.emergency) if getargbool 1 rd.shell -d -y rdshell || getarg rd.break -d rdbreak; then FSTXT="/run/dracut/fsck/fsck_help_$fstype.txt" + RDSOSREPORT="$(rdsosreport)" source_hook "$hook" - echo - rdsosreport - echo - echo - echo 'Entering emergency mode. Exit the shell to continue.' - echo 'Type "journalctl" to view system logs.' - echo 'You might want to save "/run/initramfs/rdsosreport.txt" to a USB stick or /boot' - echo 'after mounting them and attach it to a bug report.' - echo - echo - [ -f "$FSTXT" ] && cat "$FSTXT" + while read _tty rest; do + ( + echo + echo $RDSOSREPORT + echo + echo + echo 'Entering emergency mode. Exit the shell to continue.' + echo 'Type "journalctl" to view system logs.' + echo 'You might want to save "/run/initramfs/rdsosreport.txt" to a USB stick or /boot' + echo 'after mounting them and attach it to a bug report.' + echo + echo + [ -f "$FSTXT" ] && cat "$FSTXT" + ) > /dev/$_tty + done < /dev/consoles [ -f /etc/profile ] && . /etc/profile [ -z "$PS1" ] && export PS1="$_name:\${PWD}# " - exec sh -i -l + exec sulogin -e else export hook="shutdown-emergency" warn "$action has failed. To debug this issue add \"rd.shell rd.debug\" to the kernel command line." diff --git a/modules.d/98dracut-systemd/module-setup.sh b/modules.d/98dracut-systemd/module-setup.sh index 900162c3e..48779bf7d 100755 --- a/modules.d/98dracut-systemd/module-setup.sh +++ b/modules.d/98dracut-systemd/module-setup.sh @@ -59,5 +59,7 @@ install() { done inst_simple "$moddir/dracut-tmpfiles.conf" "$tmpfilesdir/dracut-tmpfiles.conf" + + inst_multiple sulogin } diff --git a/modules.d/99base/module-setup.sh b/modules.d/99base/module-setup.sh index 21523fc9d..cd09c078a 100755 --- a/modules.d/99base/module-setup.sh +++ b/modules.d/99base/module-setup.sh @@ -26,10 +26,14 @@ install() { (ln -s bash "${initdir}/bin/sh" || :) fi - #add common users in /etc/passwd, it will be used by nfs/ssh currently - grep '^root:' "$initdir/etc/passwd" 2>/dev/null || echo 'root:x:0:0::/root:/bin/sh' >> "$initdir/etc/passwd" + # add common users in /etc/passwd, it will be used by nfs/ssh currently + # use password for hostonly images to facilitate secure sulogin in emergency console + [[ $hostonly ]] && pwshadow='x' + grep '^root:' "$initdir/etc/passwd" 2>/dev/null || echo "root:$pwshadow:0:0::/root:/bin/sh" >> "$initdir/etc/passwd" grep '^nobody:' /etc/passwd >> "$initdir/etc/passwd" + [[ $hostonly ]] && grep '^root:' /etc/shadow >> "$initdir/etc/shadow" + # install our scripts and hooks inst_script "$moddir/init.sh" "/init" inst_script "$moddir/initqueue.sh" "/sbin/initqueue" -- 2.39.2