]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/firstboot/firstboot.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
man: document the new --image= switch of systemd-firstboot
[thirdparty/systemd.git] / src / firstboot / firstboot.c
CommitLineData
53e1b683 1/* SPDX-License-Identifier: LGPL-2.1+ */
418b9be5 2
418b9be5 3#include <fcntl.h>
418b9be5 4#include <getopt.h>
3ff9fa59 5#include <linux/loop.h>
3f6fd1ba 6#include <unistd.h>
418b9be5 7
dccca82b
LP		 8#include "sd-id128.h"
9
b5efdb8a 10#include "alloc-util.h"
3f6fd1ba 11#include "ask-password-api.h"
418b9be5 12#include "copy.h"
3ff9fa59 13#include "dissect-image.h"
686d13b9 14#include "env-file.h"
6bedfcbb 15#include "fd-util.h"
3f6fd1ba 16#include "fileio.h"
f4f15635 17#include "fs-util.h"
3f6fd1ba 18#include "hostname-util.h"
f05e1d0d 19#include "kbd-util.h"
42f3b2f9 20#include "libcrypt-util.h"
3f6fd1ba 21#include "locale-util.h"
3ff9fa59 22#include "loop-util.h"
45f39418 23#include "main-func.h"
9ae4ef49 24#include "memory-util.h"
418b9be5 25#include "mkdir.h"
3ff9fa59
LP		 26#include "mount-util.h"
27#include "namespace-util.h"
d58ad743 28#include "os-util.h"
6bedfcbb 29#include "parse-util.h"
418b9be5 30#include "path-util.h"
294bf0c3 31#include "pretty-print.h"
f582cbca 32#include "proc-cmdline.h"
3df3e884 33#include "random-util.h"
6bedfcbb 34#include "string-util.h"
3f6fd1ba 35#include "strv.h"
288a74cc 36#include "terminal-util.h"
3f6fd1ba 37#include "time-util.h"
b4909a3f 38#include "tmpfile-util-label.h"
3ff9fa59 39#include "tmpfile-util.h"
affb60b1 40#include "umask-util.h"
e929bee0 41#include "user-util.h"
418b9be5
LP		 42
43static char *arg_root = NULL;
3ff9fa59 44static char *arg_image = NULL;
418b9be5 45static char *arg_locale = NULL; /* $LANG */
ed457f13 46static char *arg_keymap = NULL;
418b9be5
LP		 47static char *arg_locale_messages = NULL; /* $LC_MESSAGES */
48static char *arg_timezone = NULL;
49static char *arg_hostname = NULL;
50static sd_id128_t arg_machine_id = {};
51static char *arg_root_password = NULL;
a5925354 52static char *arg_kernel_cmdline = NULL;
418b9be5 53static bool arg_prompt_locale = false;
ed457f13 54static bool arg_prompt_keymap = false;
418b9be5
LP		 55static bool arg_prompt_timezone = false;
56static bool arg_prompt_hostname = false;
57static bool arg_prompt_root_password = false;
58static bool arg_copy_locale = false;
ed457f13 59static bool arg_copy_keymap = false;
418b9be5
LP		 60static bool arg_copy_timezone = false;
61static bool arg_copy_root_password = false;
b4909a3f 62static bool arg_force = false;
4926ceaf 63static bool arg_delete_root_password = false;
676339a1 64static bool arg_root_password_is_hashed = false;
418b9be5 65
45f39418 66STATIC_DESTRUCTOR_REGISTER(arg_root, freep);
3ff9fa59 67STATIC_DESTRUCTOR_REGISTER(arg_image, freep);
45f39418
YW		 68STATIC_DESTRUCTOR_REGISTER(arg_locale, freep);
69STATIC_DESTRUCTOR_REGISTER(arg_locale_messages, freep);
70STATIC_DESTRUCTOR_REGISTER(arg_keymap, freep);
71STATIC_DESTRUCTOR_REGISTER(arg_timezone, freep);
72STATIC_DESTRUCTOR_REGISTER(arg_hostname, freep);
9ae4ef49 73STATIC_DESTRUCTOR_REGISTER(arg_root_password, erase_and_freep);
45f39418 74
418b9be5
LP		 75static bool press_any_key(void) {
76 char k = 0;
77 bool need_nl = true;
78
79 printf("-- Press any key to proceed --");
80 fflush(stdout);
81
94956f8f 82 (void) read_one_char(stdin, &k, USEC_INFINITY, &need_nl);
418b9be5
LP		 83
84 if (need_nl)
85 putchar('\n');
86
87 return k != 'q';
88}
89
90static void print_welcome(void) {
4aeadec7 91 _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
418b9be5 92 static bool done = false;
4aeadec7 93 const char *pn;
418b9be5
LP		 94 int r;
95
96 if (done)
97 return;
98
4aeadec7
LP		 99 r = parse_os_release(
100 arg_root,
101 "PRETTY_NAME", &pretty_name,
102 "ANSI_COLOR", &ansi_color,
103 NULL);
d58ad743
LP		 104 if (r < 0)
105 log_full_errno(r == -ENOENT ? LOG_DEBUG : LOG_WARNING, r,
106 "Failed to read os-release file, ignoring: %m");
418b9be5 107
4aeadec7
LP		 108 pn = isempty(pretty_name) ? "Linux" : pretty_name;
109
110 if (colors_enabled())
111 printf("\nWelcome to your new installation of \x1B[%sm%s\x1B[0m!\n", ansi_color, pn);
112 else
113 printf("\nWelcome to your new installation of %s!\n", pn);
114
115 printf("\nPlease configure your system!\n\n");
418b9be5
LP		 116
117 press_any_key();
118
119 done = true;
120}
121
122static int show_menu(char **x, unsigned n_columns, unsigned width, unsigned percentage) {
418b9be5 123 unsigned break_lines, break_modulo;
da6053d0 124 size_t n, per_column, i, j;
418b9be5
LP		 125
126 assert(n_columns > 0);
127
128 n = strv_length(x);
be6b0c21 129 per_column = DIV_ROUND_UP(n, n_columns);
418b9be5
LP		 130
131 break_lines = lines();
132 if (break_lines > 2)
133 break_lines--;
134
135 /* The first page gets two extra lines, since we want to show
136 * a title */
137 break_modulo = break_lines;
138 if (break_modulo > 3)
139 break_modulo -= 3;
140
141 for (i = 0; i < per_column; i++) {
142
143 for (j = 0; j < n_columns; j ++) {
144 _cleanup_free_ char *e = NULL;
145
146 if (j * per_column + i >= n)
147 break;
148
149 e = ellipsize(x[j * per_column + i], width, percentage);
150 if (!e)
151 return log_oom();
152
da6053d0 153 printf("%4zu) %-*s", j * per_column + i + 1, width, e);
418b9be5
LP		 154 }
155
156 putchar('\n');
157
158 /* on the first screen we reserve 2 extra lines for the title */
159 if (i % break_lines == break_modulo) {
160 if (!press_any_key())
161 return 0;
162 }
163 }
164
165 return 0;
166}
167
ecada8f2 168static int prompt_loop(const char *text, char **l, unsigned percentage, bool (*is_valid)(const char *name), char **ret) {
418b9be5
LP		 169 int r;
170
171 assert(text);
172 assert(is_valid);
173 assert(ret);
174
175 for (;;) {
176 _cleanup_free_ char *p = NULL;
177 unsigned u;
178
ecada8f2
ZJS		 179 r = ask_string(&p, "%s %s (empty to skip, \"list\" to list options): ",
180 special_glyph(SPECIAL_GLYPH_TRIANGULAR_BULLET), text);
23bbb0de
MS		 181 if (r < 0)
182 return log_error_errno(r, "Failed to query user: %m");
418b9be5
LP		 183
184 if (isempty(p)) {
185 log_warning("No data entered, skipping.");
186 return 0;
187 }
188
ecada8f2
ZJS		 189 if (streq(p, "list")) {
190 r = show_menu(l, 3, 22, percentage);
191 if (r < 0)
192 return r;
193
194 putchar('\n');
195 continue;
196 };
197
418b9be5
LP		 198 r = safe_atou(p, &u);
199 if (r >= 0) {
418b9be5
LP		 200 if (u <= 0 || u > strv_length(l)) {
201 log_error("Specified entry number out of range.");
202 continue;
203 }
204
205 log_info("Selected '%s'.", l[u-1]);
bfbf5f74 206 if (free_and_strdup(ret, l[u-1]) < 0)
418b9be5
LP		 207 return log_oom();
208
418b9be5
LP		 209 return 0;
210 }
211
212 if (!is_valid(p)) {
213 log_error("Entered data invalid.");
214 continue;
215 }
216
bfbf5f74 217 return free_and_replace(*ret, p);
418b9be5
LP		 218 }
219}
220
a00a78b8
LP		 221static bool locale_is_ok(const char *name) {
222
223 if (arg_root)
224 return locale_is_valid(name);
225
226 return locale_is_installed(name) > 0;
227}
228
418b9be5
LP		 229static int prompt_locale(void) {
230 _cleanup_strv_free_ char **locales = NULL;
231 int r;
232
233 if (arg_locale || arg_locale_messages)
234 return 0;
235
236 if (!arg_prompt_locale)
237 return 0;
238
239 r = get_locales(&locales);
23bbb0de
MS		 240 if (r < 0)
241 return log_error_errno(r, "Cannot query locales list: %m");
418b9be5 242
bdd7cd26
LP		 243 if (strv_isempty(locales))
244 log_debug("No locales found, skipping locale selection.");
245 else if (strv_length(locales) == 1) {
418b9be5 246
bdd7cd26
LP		 247 if (streq(locales[0], SYSTEMD_DEFAULT_LOCALE))
248 log_debug("Only installed locale is default locale anyway, not setting locale explicitly.");
249 else {
250 log_debug("Only a single locale available (%s), selecting it as default.", locales[0]);
418b9be5 251
bdd7cd26
LP		 252 arg_locale = strdup(locales[0]);
253 if (!arg_locale)
254 return log_oom();
418b9be5 255
bdd7cd26
LP		 256 /* Not setting arg_locale_message here, since it defaults to LANG anyway */
257 }
258 } else {
259 print_welcome();
418b9be5 260
ecada8f2 261 r = prompt_loop("Please enter system locale name or number",
a00a78b8 262 locales, 60, locale_is_ok, &arg_locale);
bdd7cd26
LP		 263 if (r < 0)
264 return r;
265
266 if (isempty(arg_locale))
267 return 0;
268
ecada8f2 269 r = prompt_loop("Please enter system message locale name or number",
a00a78b8 270 locales, 60, locale_is_ok, &arg_locale_messages);
bdd7cd26
LP		 271 if (r < 0)
272 return r;
273
274 /* Suppress the messages setting if it's the same as the main locale anyway */
275 if (streq_ptr(arg_locale, arg_locale_messages))
276 arg_locale_messages = mfree(arg_locale_messages);
277 }
418b9be5
LP		 278
279 return 0;
280}
281
282static int process_locale(void) {
283 const char *etc_localeconf;
284 char* locales[3];
285 unsigned i = 0;
286 int r;
287
1d13f648 288 etc_localeconf = prefix_roota(arg_root, "/etc/locale.conf");
b4909a3f 289 if (laccess(etc_localeconf, F_OK) >= 0 && !arg_force)
418b9be5
LP		 290 return 0;
291
292 if (arg_copy_locale && arg_root) {
293
22e596d6 294 (void) mkdir_parents(etc_localeconf, 0755);
8a016c74 295 r = copy_file("/etc/locale.conf", etc_localeconf, 0, 0644, 0, 0, COPY_REFLINK);
418b9be5 296 if (r != -ENOENT) {
23bbb0de
MS		 297 if (r < 0)
298 return log_error_errno(r, "Failed to copy %s: %m", etc_localeconf);
418b9be5
LP		 299
300 log_info("%s copied.", etc_localeconf);
301 return 0;
302 }
303 }
304
305 r = prompt_locale();
306 if (r < 0)
307 return r;
308
309 if (!isempty(arg_locale))
63c372cb 310 locales[i++] = strjoina("LANG=", arg_locale);
418b9be5 311 if (!isempty(arg_locale_messages) && !streq(arg_locale_messages, arg_locale))
63c372cb 312 locales[i++] = strjoina("LC_MESSAGES=", arg_locale_messages);
418b9be5
LP		 313
314 if (i == 0)
315 return 0;
316
317 locales[i] = NULL;
318
22e596d6 319 (void) mkdir_parents(etc_localeconf, 0755);
418b9be5 320 r = write_env_file(etc_localeconf, locales);
23bbb0de
MS		 321 if (r < 0)
322 return log_error_errno(r, "Failed to write %s: %m", etc_localeconf);
418b9be5
LP		 323
324 log_info("%s written.", etc_localeconf);
325 return 0;
326}
327
ed457f13
TB		 328static int prompt_keymap(void) {
329 _cleanup_strv_free_ char **kmaps = NULL;
330 int r;
331
332 if (arg_keymap)
333 return 0;
334
335 if (!arg_prompt_keymap)
336 return 0;
337
338 r = get_keymaps(&kmaps);
339 if (r == -ENOENT) /* no keymaps installed */
340 return r;
341 if (r < 0)
342 return log_error_errno(r, "Failed to read keymaps: %m");
343
344 print_welcome();
345
8700b4da 346 return prompt_loop("Please enter system keymap name or number",
ecada8f2 347 kmaps, 60, keymap_is_valid, &arg_keymap);
ed457f13
TB		 348}
349
350static int process_keymap(void) {
351 const char *etc_vconsoleconf;
352 char **keymap;
353 int r;
354
355 etc_vconsoleconf = prefix_roota(arg_root, "/etc/vconsole.conf");
b4909a3f 356 if (laccess(etc_vconsoleconf, F_OK) >= 0 && !arg_force)
ed457f13
TB		 357 return 0;
358
359 if (arg_copy_keymap && arg_root) {
360
22e596d6 361 (void) mkdir_parents(etc_vconsoleconf, 0755);
8a016c74 362 r = copy_file("/etc/vconsole.conf", etc_vconsoleconf, 0, 0644, 0, 0, COPY_REFLINK);
ed457f13
TB		 363 if (r != -ENOENT) {
364 if (r < 0)
365 return log_error_errno(r, "Failed to copy %s: %m", etc_vconsoleconf);
366
367 log_info("%s copied.", etc_vconsoleconf);
368 return 0;
369 }
370 }
371
372 r = prompt_keymap();
373 if (r == -ENOENT)
374 return 0; /* don't fail if no keymaps are installed */
375 if (r < 0)
376 return r;
377
a7353b4d 378 if (isempty(arg_keymap))
ed457f13
TB		 379 return 0;
380
a7353b4d
YW		 381 keymap = STRV_MAKE(strjoina("KEYMAP=", arg_keymap));
382
383 r = mkdir_parents(etc_vconsoleconf, 0755);
384 if (r < 0)
385 return log_error_errno(r, "Failed to create the parent directory of %s: %m", etc_vconsoleconf);
386
ed457f13
TB		 387 r = write_env_file(etc_vconsoleconf, keymap);
388 if (r < 0)
389 return log_error_errno(r, "Failed to write %s: %m", etc_vconsoleconf);
390
391 log_info("%s written.", etc_vconsoleconf);
392 return 0;
393}
394
089fb865
MG		 395static bool timezone_is_valid_log_error(const char *name) {
396 return timezone_is_valid(name, LOG_ERR);
397}
398
418b9be5
LP		 399static int prompt_timezone(void) {
400 _cleanup_strv_free_ char **zones = NULL;
401 int r;
402
403 if (arg_timezone)
404 return 0;
405
406 if (!arg_prompt_timezone)
407 return 0;
408
409 r = get_timezones(&zones);
23bbb0de
MS		 410 if (r < 0)
411 return log_error_errno(r, "Cannot query timezone list: %m");
418b9be5
LP		 412
413 print_welcome();
414
ecada8f2
ZJS		 415 r = prompt_loop("Please enter timezone name or number",
416 zones, 30, timezone_is_valid_log_error, &arg_timezone);
418b9be5
LP		 417 if (r < 0)
418 return r;
419
420 return 0;
421}
422
423static int process_timezone(void) {
424 const char *etc_localtime, *e;
425 int r;
426
1d13f648 427 etc_localtime = prefix_roota(arg_root, "/etc/localtime");
b4909a3f 428 if (laccess(etc_localtime, F_OK) >= 0 && !arg_force)
418b9be5
LP		 429 return 0;
430
431 if (arg_copy_timezone && arg_root) {
432 _cleanup_free_ char *p = NULL;
433
434 r = readlink_malloc("/etc/localtime", &p);
435 if (r != -ENOENT) {
23bbb0de
MS		 436 if (r < 0)
437 return log_error_errno(r, "Failed to read host timezone: %m");
418b9be5 438
22e596d6 439 (void) mkdir_parents(etc_localtime, 0755);
4a62c710
MS		 440 if (symlink(p, etc_localtime) < 0)
441 return log_error_errno(errno, "Failed to create %s symlink: %m", etc_localtime);
418b9be5
LP		 442
443 log_info("%s copied.", etc_localtime);
444 return 0;
445 }
446 }
447
448 r = prompt_timezone();
449 if (r < 0)
450 return r;
451
452 if (isempty(arg_timezone))
453 return 0;
454
63c372cb 455 e = strjoina("../usr/share/zoneinfo/", arg_timezone);
418b9be5 456
22e596d6 457 (void) mkdir_parents(etc_localtime, 0755);
4a62c710
MS		 458 if (symlink(e, etc_localtime) < 0)
459 return log_error_errno(errno, "Failed to create %s symlink: %m", etc_localtime);
418b9be5
LP		 460
461 log_info("%s written", etc_localtime);
462 return 0;
463}
464
465static int prompt_hostname(void) {
466 int r;
467
468 if (arg_hostname)
469 return 0;
470
471 if (!arg_prompt_hostname)
472 return 0;
473
474 print_welcome();
475 putchar('\n');
476
477 for (;;) {
478 _cleanup_free_ char *h = NULL;
479
9a6f746f 480 r = ask_string(&h, "%s Please enter hostname for new system (empty to skip): ", special_glyph(SPECIAL_GLYPH_TRIANGULAR_BULLET));
23bbb0de
MS		 481 if (r < 0)
482 return log_error_errno(r, "Failed to query hostname: %m");
418b9be5
LP		 483
484 if (isempty(h)) {
485 log_warning("No hostname entered, skipping.");
486 break;
487 }
488
34ad6090 489 if (!hostname_is_valid(h, true)) {
418b9be5
LP		 490 log_error("Specified hostname invalid.");
491 continue;
492 }
493
34ad6090 494 /* Get rid of the trailing dot that we allow, but don't want to see */
ae691c1d 495 arg_hostname = hostname_cleanup(h);
418b9be5
LP		 496 h = NULL;
497 break;
498 }
499
500 return 0;
501}
502
503static int process_hostname(void) {
504 const char *etc_hostname;
505 int r;
506
1d13f648 507 etc_hostname = prefix_roota(arg_root, "/etc/hostname");
b4909a3f 508 if (laccess(etc_hostname, F_OK) >= 0 && !arg_force)
418b9be5
LP		 509 return 0;
510
511 r = prompt_hostname();
512 if (r < 0)
513 return r;
514
515 if (isempty(arg_hostname))
516 return 0;
517
0675e94a 518 r = write_string_file(etc_hostname, arg_hostname,
b4909a3f
DDM		 519 WRITE_STRING_FILE_CREATE | WRITE_STRING_FILE_SYNC | WRITE_STRING_FILE_MKDIR_0755 |
520 (arg_force ? WRITE_STRING_FILE_ATOMIC : 0));
23bbb0de
MS		 521 if (r < 0)
522 return log_error_errno(r, "Failed to write %s: %m", etc_hostname);
418b9be5
LP		 523
524 log_info("%s written.", etc_hostname);
525 return 0;
526}
527
528static int process_machine_id(void) {
529 const char *etc_machine_id;
530 char id[SD_ID128_STRING_MAX];
531 int r;
532
1d13f648 533 etc_machine_id = prefix_roota(arg_root, "/etc/machine-id");
b4909a3f 534 if (laccess(etc_machine_id, F_OK) >= 0 && !arg_force)
418b9be5
LP		 535 return 0;
536
3bbaff3e 537 if (sd_id128_is_null(arg_machine_id))
418b9be5
LP		 538 return 0;
539
0675e94a 540 r = write_string_file(etc_machine_id, sd_id128_to_string(arg_machine_id, id),
b4909a3f
DDM		 541 WRITE_STRING_FILE_CREATE | WRITE_STRING_FILE_SYNC | WRITE_STRING_FILE_MKDIR_0755 |
542 (arg_force ? WRITE_STRING_FILE_ATOMIC : 0));
23bbb0de
MS		 543 if (r < 0)
544 return log_error_errno(r, "Failed to write machine id: %m");
418b9be5
LP		 545
546 log_info("%s written.", etc_machine_id);
547 return 0;
548}
549
550static int prompt_root_password(void) {
1fbc95d3 551 const char *msg1, *msg2;
418b9be5
LP		 552 int r;
553
554 if (arg_root_password)
555 return 0;
556
557 if (!arg_prompt_root_password)
558 return 0;
559
418b9be5
LP		 560 print_welcome();
561 putchar('\n');
562
3619634c
LP		 563 msg1 = strjoina(special_glyph(SPECIAL_GLYPH_TRIANGULAR_BULLET), " Please enter a new root password (empty to skip):");
564 msg2 = strjoina(special_glyph(SPECIAL_GLYPH_TRIANGULAR_BULLET), " Please enter new root password again:");
418b9be5
LP		 565
566 for (;;) {
c7b7d74e 567 _cleanup_strv_free_erase_ char **a = NULL, **b = NULL;
418b9be5 568
daa55720 569 r = ask_password_tty(-1, msg1, NULL, 0, 0, NULL, &a);
23bbb0de
MS		 570 if (r < 0)
571 return log_error_errno(r, "Failed to query root password: %m");
39e96f84
ZJS		 572 if (strv_length(a) != 1)
573 return log_error_errno(SYNTHETIC_ERRNO(EIO),
574 "Received multiple passwords, where we expected one.");
418b9be5 575
c7b7d74e 576 if (isempty(*a)) {
418b9be5
LP		 577 log_warning("No password entered, skipping.");
578 break;
579 }
580
daa55720 581 r = ask_password_tty(-1, msg2, NULL, 0, 0, NULL, &b);
ab84f5b9 582 if (r < 0)
00843602 583 return log_error_errno(r, "Failed to query root password: %m");
39e96f84
ZJS		 584 if (strv_length(b) != 1)
585 return log_error_errno(SYNTHETIC_ERRNO(EIO),
586 "Received multiple passwords, where we expected one.");
418b9be5 587
c7b7d74e 588 if (!streq(*a, *b)) {
418b9be5 589 log_error("Entered passwords did not match, please try again.");
418b9be5
LP		 590 continue;
591 }
592
c7b7d74e 593 arg_root_password = TAKE_PTR(*a);
418b9be5
LP		 594 break;
595 }
596
597 return 0;
598}
599
4926ceaf
DDM		 600static int write_root_passwd(const char *passwd_path, const char *password) {
601 _cleanup_fclose_ FILE *original = NULL, *passwd = NULL;
602 _cleanup_(unlink_and_freep) char *passwd_tmp = NULL;
603 int r;
604
605 r = fopen_temporary_label("/etc/passwd", passwd_path, &passwd, &passwd_tmp);
606 if (r < 0)
607 return r;
608
609 original = fopen(passwd_path, "re");
610 if (original) {
611 struct passwd *i;
612
613 r = sync_rights(fileno(original), fileno(passwd));
614 if (r < 0)
615 return r;
616
617 while ((r = fgetpwent_sane(original, &i)) > 0) {
618
619 if (streq(i->pw_name, "root"))
620 i->pw_passwd = (char *) password;
621
622 r = putpwent_sane(i, passwd);
623 if (r < 0)
624 return r;
625 }
626 if (r < 0)
627 return r;
628
629 } else {
630 struct passwd root = {
631 .pw_name = (char *) "root",
632 .pw_passwd = (char *) password,
633 .pw_uid = 0,
634 .pw_gid = 0,
635 .pw_gecos = (char *) "Super User",
636 .pw_dir = (char *) "/root",
637 .pw_shell = (char *) "/bin/sh",
638 };
639
640 if (errno != ENOENT)
641 return -errno;
642
643 r = fchmod(fileno(passwd), 0000);
644 if (r < 0)
645 return -errno;
646
647 r = putpwent_sane(&root, passwd);
648 if (r < 0)
649 return r;
650 }
651
652 r = fflush_sync_and_check(passwd);
653 if (r < 0)
654 return r;
655
656 r = rename_and_apply_smack_floor_label(passwd_tmp, passwd_path);
657 if (r < 0)
658 return r;
659
660 return 0;
661}
662
b4909a3f
DDM		 663static int write_root_shadow(const char *shadow_path, const char *hashed_password) {
664 _cleanup_fclose_ FILE *original = NULL, *shadow = NULL;
665 _cleanup_(unlink_and_freep) char *shadow_tmp = NULL;
100d5f6e
FB		 666 int r;
667
b4909a3f
DDM		 668 r = fopen_temporary_label("/etc/shadow", shadow_path, &shadow, &shadow_tmp);
669 if (r < 0)
670 return r;
671
672 original = fopen(shadow_path, "re");
673 if (original) {
674 struct spwd *i;
675
676 r = sync_rights(fileno(original), fileno(shadow));
677 if (r < 0)
678 return r;
679
680 while ((r = fgetspent_sane(original, &i)) > 0) {
681
682 if (streq(i->sp_namp, "root")) {
683 i->sp_pwdp = (char *) hashed_password;
684 i->sp_lstchg = (long) (now(CLOCK_REALTIME) / USEC_PER_DAY);
685 }
686
687 r = putspent_sane(i, shadow);
688 if (r < 0)
689 return r;
690 }
691 if (r < 0)
692 return r;
693
694 } else {
695 struct spwd root = {
696 .sp_namp = (char*) "root",
697 .sp_pwdp = (char *) hashed_password,
698 .sp_lstchg = (long) (now(CLOCK_REALTIME) / USEC_PER_DAY),
699 .sp_min = -1,
700 .sp_max = -1,
701 .sp_warn = -1,
702 .sp_inact = -1,
703 .sp_expire = -1,
704 .sp_flag = (unsigned long) -1, /* this appears to be what everybody does ... */
705 };
706
707 if (errno != ENOENT)
708 return -errno;
418b9be5 709
b4909a3f
DDM		 710 r = fchmod(fileno(shadow), 0000);
711 if (r < 0)
712 return -errno;
418b9be5 713
b4909a3f
DDM		 714 r = putspent_sane(&root, shadow);
715 if (r < 0)
716 return r;
717 }
718
719 r = fflush_sync_and_check(shadow);
100d5f6e
FB		 720 if (r < 0)
721 return r;
418b9be5 722
b4909a3f
DDM		 723 r = rename_and_apply_smack_floor_label(shadow_tmp, shadow_path);
724 if (r < 0)
725 return r;
726
727 return 0;
418b9be5
LP		 728}
729
730static int process_root_password(void) {
45035609 731 _cleanup_close_ int lock = -1;
38620433 732 struct crypt_data cd = {};
b4909a3f 733 const char *hashed_password;
418b9be5
LP		 734 const char *etc_shadow;
735 int r;
736
1d13f648 737 etc_shadow = prefix_roota(arg_root, "/etc/shadow");
b4909a3f 738 if (laccess(etc_shadow, F_OK) >= 0 && !arg_force)
418b9be5
LP		 739 return 0;
740
22e596d6 741 (void) mkdir_parents(etc_shadow, 0755);
45035609 742
e929bee0 743 lock = take_etc_passwd_lock(arg_root);
45035609 744 if (lock < 0)
db260eed 745 return log_error_errno(lock, "Failed to take a lock: %m");
45035609 746
4926ceaf
DDM		 747 if (arg_delete_root_password) {
748 const char *etc_passwd;
749
750 /* Mixing alloca() and other stuff that touches the stack in one expression is not portable. */
751 etc_passwd = prefix_roota(arg_root, "/etc/passwd");
752
753 r = write_root_passwd(etc_passwd, "");
754 if (r < 0)
755 return log_error_errno(r, "Failed to write %s: %m", etc_passwd);
756
757 log_info("%s written", etc_passwd);
758
759 return 0;
760 }
761
418b9be5
LP		 762 if (arg_copy_root_password && arg_root) {
763 struct spwd *p;
764
765 errno = 0;
766 p = getspnam("root");
767 if (p || errno != ENOENT) {
768 if (!p) {
769 if (!errno)
770 errno = EIO;
771
e1427b13 772 return log_error_errno(errno, "Failed to find shadow entry for root: %m");
418b9be5
LP		 773 }
774
b4909a3f 775 r = write_root_shadow(etc_shadow, p->sp_pwdp);
23bbb0de
MS		 776 if (r < 0)
777 return log_error_errno(r, "Failed to write %s: %m", etc_shadow);
418b9be5
LP		 778
779 log_info("%s copied.", etc_shadow);
780 return 0;
781 }
782 }
783
784 r = prompt_root_password();
785 if (r < 0)
786 return r;
787
788 if (!arg_root_password)
789 return 0;
790
676339a1
DDM		 791 if (arg_root_password_is_hashed)
792 hashed_password = arg_root_password;
793 else {
794 _cleanup_free_ char *salt = NULL;
795 /* hashed_password points inside cd after crypt_r returns so cd has function scope. */
796
797 r = make_salt(&salt);
798 if (r < 0)
799 return log_error_errno(r, "Failed to get salt: %m");
418b9be5 800
676339a1
DDM		 801 errno = 0;
802 hashed_password = crypt_r(arg_root_password, salt, &cd);
803 if (!hashed_password)
804 return log_error_errno(errno == 0 ? SYNTHETIC_ERRNO(EINVAL) : errno,
805 "Failed to encrypt password: %m");
806 }
418b9be5 807
b4909a3f 808 r = write_root_shadow(etc_shadow, hashed_password);
23bbb0de
MS		 809 if (r < 0)
810 return log_error_errno(r, "Failed to write %s: %m", etc_shadow);
418b9be5
LP		 811
812 log_info("%s written.", etc_shadow);
813 return 0;
814}
815
a5925354
DDM		 816static int process_kernel_cmdline(void) {
817 const char *etc_kernel_cmdline;
818 int r;
819
820 etc_kernel_cmdline = prefix_roota(arg_root, "/etc/kernel/cmdline");
821 if (laccess(etc_kernel_cmdline, F_OK) >= 0 && !arg_force)
822 return 0;
823
824 if (!arg_kernel_cmdline)
825 return 0;
826
827 r = write_string_file(etc_kernel_cmdline, arg_kernel_cmdline,
828 WRITE_STRING_FILE_CREATE | WRITE_STRING_FILE_SYNC | WRITE_STRING_FILE_MKDIR_0755 |
829 (arg_force ? WRITE_STRING_FILE_ATOMIC : 0));
830 if (r < 0)
831 return log_error_errno(r, "Failed to write %s: %m", etc_kernel_cmdline);
832
833 log_info("%s written.", etc_kernel_cmdline);
834 return 0;
835}
836
3ff9fa59
LP		 837static int setup_image(char **ret_mount_dir, LoopDevice **ret_loop_device, DecryptedImage **ret_decrypted_image) {
838 DissectImageFlags f = DISSECT_IMAGE_REQUIRE_ROOT|DISSECT_IMAGE_VALIDATE_OS|DISSECT_IMAGE_RELAX_VAR_CHECK|DISSECT_IMAGE_FSCK;
839 _cleanup_(loop_device_unrefp) LoopDevice *d = NULL;
840 _cleanup_(decrypted_image_unrefp) DecryptedImage *decrypted_image = NULL;
841 _cleanup_(dissected_image_unrefp) DissectedImage *dissected_image = NULL;
842 _cleanup_(rmdir_and_freep) char *mount_dir = NULL;
843 _cleanup_free_ char *temp = NULL;
844 int r;
845
846 if (!arg_image) {
847 *ret_mount_dir = NULL;
848 *ret_decrypted_image = NULL;
849 *ret_loop_device = NULL;
850 return 0;
851 }
852
853 assert(!arg_root);
854
855 r = tempfn_random_child(NULL, "firstboot", &temp);
856 if (r < 0)
857 return log_error_errno(r, "Failed to generate temporary mount directory: %m");
858
859 r = loop_device_make_by_path(arg_image, O_RDWR, LO_FLAGS_PARTSCAN, &d);
860 if (r < 0)
861 return log_error_errno(r, "Failed to set up loopback device: %m");
862
863 r = dissect_image_and_warn(d->fd, arg_image, NULL, 0, NULL, f, &dissected_image);
864 if (r < 0)
865 return r;
866
867 r = dissected_image_decrypt_interactively(dissected_image, NULL, NULL, 0, NULL, NULL, NULL, 0, f, &decrypted_image);
868 if (r < 0)
869 return r;
870
871 r = detach_mount_namespace();
872 if (r < 0)
873 return log_error_errno(r, "Failed to detach mount namespace: %m");
874
875 mount_dir = strdup(temp);
876 if (!mount_dir)
877 return log_oom();
878
879 r = mkdir_p(mount_dir, 0700);
880 if (r < 0) {
881 mount_dir = mfree(mount_dir);
882 return log_error_errno(r, "Failed to create mount point: %m");
883 }
884
885 r = dissected_image_mount(dissected_image, mount_dir, UID_INVALID, f);
886 if (r < 0)
887 return log_error_errno(r, "Failed to mount image: %m");
888
889 if (decrypted_image) {
890 r = decrypted_image_relinquish(decrypted_image);
891 if (r < 0)
892 return log_error_errno(r, "Failed to relinquish DM devices: %m");
893 }
894
895 loop_device_relinquish(d);
896
897 arg_root = TAKE_PTR(temp);
898
899 *ret_mount_dir = TAKE_PTR(mount_dir);
900 *ret_decrypted_image = TAKE_PTR(decrypted_image);
901 *ret_loop_device = TAKE_PTR(d);
902
903 return 1;
904}
905
37ec0fdd
LP		 906static int help(void) {
907 _cleanup_free_ char *link = NULL;
908 int r;
909
910 r = terminal_urlify_man("systemd-firstboot", "1", &link);
911 if (r < 0)
912 return log_oom();
913
418b9be5
LP		 914 printf("%s [OPTIONS...]\n\n"
915 "Configures basic settings of the system.\n\n"
676339a1
DDM		 916 " -h --help Show this help\n"
917 " --version Show package version\n"
918 " --root=PATH Operate on an alternate filesystem root\n"
3ff9fa59 919 " --image=PATH Operate on an alternate filesystem image\n"
676339a1
DDM		 920 " --locale=LOCALE Set primary locale (LANG=)\n"
921 " --locale-messages=LOCALE Set message locale (LC_MESSAGES=)\n"
922 " --keymap=KEYMAP Set keymap\n"
923 " --timezone=TIMEZONE Set timezone\n"
924 " --hostname=NAME Set hostname\n"
925 " --machine-ID=ID Set machine ID\n"
926 " --root-password=PASSWORD Set root password from plaintext password\n"
927 " --root-password-file=FILE Set root password from file\n"
928 " --root-password-hashed=HASHED_PASSWORD Set root password from hashed password\n"
929 " --prompt-locale Prompt the user for locale settings\n"
930 " --prompt-keymap Prompt the user for keymap settings\n"
931 " --prompt-timezone Prompt the user for timezone\n"
932 " --prompt-hostname Prompt the user for hostname\n"
933 " --prompt-root-password Prompt the user for root password\n"
934 " --prompt Prompt for all of the above\n"
935 " --copy-locale Copy locale from host\n"
936 " --copy-keymap Copy keymap from host\n"
937 " --copy-timezone Copy timezone from host\n"
938 " --copy-root-password Copy root password from host\n"
939 " --copy Copy locale, keymap, timezone, root password\n"
940 " --setup-machine-id Generate a new random machine ID\n"
941 " --force Overwrite existing files\n"
942 " --delete-root-password Delete root password\n"
37ec0fdd
LP		 943 "\nSee the %s for details.\n"
944 , program_invocation_short_name
945 , link
946 );
947
948 return 0;
418b9be5
LP		 949}
950
951static int parse_argv(int argc, char *argv[]) {
952
953 enum {
954 ARG_VERSION = 0x100,
955 ARG_ROOT,
3ff9fa59 956 ARG_IMAGE,
418b9be5
LP		 957 ARG_LOCALE,
958 ARG_LOCALE_MESSAGES,
ed457f13 959 ARG_KEYMAP,
418b9be5
LP		 960 ARG_TIMEZONE,
961 ARG_HOSTNAME,
962 ARG_MACHINE_ID,
963 ARG_ROOT_PASSWORD,
964 ARG_ROOT_PASSWORD_FILE,
676339a1 965 ARG_ROOT_PASSWORD_HASHED,
a5925354 966 ARG_KERNEL_COMMAND_LINE,
418b9be5
LP		 967 ARG_PROMPT,
968 ARG_PROMPT_LOCALE,
ed457f13 969 ARG_PROMPT_KEYMAP,
418b9be5
LP		 970 ARG_PROMPT_TIMEZONE,
971 ARG_PROMPT_HOSTNAME,
972 ARG_PROMPT_ROOT_PASSWORD,
973 ARG_COPY,
974 ARG_COPY_LOCALE,
ed457f13 975 ARG_COPY_KEYMAP,
418b9be5
LP		 976 ARG_COPY_TIMEZONE,
977 ARG_COPY_ROOT_PASSWORD,
978 ARG_SETUP_MACHINE_ID,
b4909a3f 979 ARG_FORCE,
4926ceaf 980 ARG_DELETE_ROOT_PASSWORD,
418b9be5
LP		 981 };
982
983 static const struct option options[] = {
676339a1
DDM		 984 { "help", no_argument, NULL, 'h' },
985 { "version", no_argument, NULL, ARG_VERSION },
986 { "root", required_argument, NULL, ARG_ROOT },
3ff9fa59 987 { "image", required_argument, NULL, ARG_IMAGE },
676339a1
DDM		 988 { "locale", required_argument, NULL, ARG_LOCALE },
989 { "locale-messages", required_argument, NULL, ARG_LOCALE_MESSAGES },
990 { "keymap", required_argument, NULL, ARG_KEYMAP },
991 { "timezone", required_argument, NULL, ARG_TIMEZONE },
992 { "hostname", required_argument, NULL, ARG_HOSTNAME },
993 { "machine-id", required_argument, NULL, ARG_MACHINE_ID },
994 { "root-password", required_argument, NULL, ARG_ROOT_PASSWORD },
995 { "root-password-file", required_argument, NULL, ARG_ROOT_PASSWORD_FILE },
996 { "root-password-hashed", required_argument, NULL, ARG_ROOT_PASSWORD_HASHED },
a5925354 997 { "kernel-command-line", required_argument, NULL, ARG_KERNEL_COMMAND_LINE },
676339a1
DDM		 998 { "prompt", no_argument, NULL, ARG_PROMPT },
999 { "prompt-locale", no_argument, NULL, ARG_PROMPT_LOCALE },
1000 { "prompt-keymap", no_argument, NULL, ARG_PROMPT_KEYMAP },
1001 { "prompt-timezone", no_argument, NULL, ARG_PROMPT_TIMEZONE },
1002 { "prompt-hostname", no_argument, NULL, ARG_PROMPT_HOSTNAME },
1003 { "prompt-root-password", no_argument, NULL, ARG_PROMPT_ROOT_PASSWORD },
1004 { "copy", no_argument, NULL, ARG_COPY },
1005 { "copy-locale", no_argument, NULL, ARG_COPY_LOCALE },
1006 { "copy-keymap", no_argument, NULL, ARG_COPY_KEYMAP },
1007 { "copy-timezone", no_argument, NULL, ARG_COPY_TIMEZONE },
1008 { "copy-root-password", no_argument, NULL, ARG_COPY_ROOT_PASSWORD },
1009 { "setup-machine-id", no_argument, NULL, ARG_SETUP_MACHINE_ID },
1010 { "force", no_argument, NULL, ARG_FORCE },
1011 { "delete-root-password", no_argument, NULL, ARG_DELETE_ROOT_PASSWORD },
418b9be5
LP		 1012 {}
1013 };
1014
1015 int r, c;
1016
1017 assert(argc >= 0);
1018 assert(argv);
1019
601185b4 1020 while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0)
418b9be5
LP		 1021
1022 switch (c) {
1023
1024 case 'h':
37ec0fdd 1025 return help();
418b9be5
LP		 1026
1027 case ARG_VERSION:
3f6fd1ba 1028 return version();
418b9be5
LP		 1029
1030 case ARG_ROOT:
0f03c2a4 1031 r = parse_path_argument_and_warn(optarg, true, &arg_root);
0f474365 1032 if (r < 0)
0f03c2a4 1033 return r;
418b9be5
LP		 1034 break;
1035
3ff9fa59
LP		 1036 case ARG_IMAGE:
1037 r = parse_path_argument_and_warn(optarg, false, &arg_image);
1038 if (r < 0)
1039 return r;
1040 break;
1041
418b9be5 1042 case ARG_LOCALE:
2fc09a9c
DM		 1043 r = free_and_strdup(&arg_locale, optarg);
1044 if (r < 0)
418b9be5
LP		 1045 return log_oom();
1046
1047 break;
1048
1049 case ARG_LOCALE_MESSAGES:
2fc09a9c
DM		 1050 r = free_and_strdup(&arg_locale_messages, optarg);
1051 if (r < 0)
418b9be5
LP		 1052 return log_oom();
1053
1054 break;
1055
ed457f13 1056 case ARG_KEYMAP:
baaa35ad
ZJS		 1057 if (!keymap_is_valid(optarg))
1058 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
1059 "Keymap %s is not valid.", optarg);
ed457f13
TB		 1060
1061 r = free_and_strdup(&arg_keymap, optarg);
1062 if (r < 0)
1063 return log_oom();
1064
1065 break;
1066
418b9be5 1067 case ARG_TIMEZONE:
baaa35ad
ZJS		 1068 if (!timezone_is_valid(optarg, LOG_ERR))
1069 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
1070 "Timezone %s is not valid.", optarg);
418b9be5 1071
2fc09a9c
DM		 1072 r = free_and_strdup(&arg_timezone, optarg);
1073 if (r < 0)
418b9be5
LP		 1074 return log_oom();
1075
1076 break;
1077
1078 case ARG_ROOT_PASSWORD:
2fc09a9c
DM		 1079 r = free_and_strdup(&arg_root_password, optarg);
1080 if (r < 0)
418b9be5 1081 return log_oom();
676339a1
DDM		 1082
1083 arg_root_password_is_hashed = false;
418b9be5
LP		 1084 break;
1085
1086 case ARG_ROOT_PASSWORD_FILE:
0da16248 1087 arg_root_password = mfree(arg_root_password);
418b9be5
LP		 1088
1089 r = read_one_line_file(optarg, &arg_root_password);
23bbb0de
MS		 1090 if (r < 0)
1091 return log_error_errno(r, "Failed to read %s: %m", optarg);
418b9be5 1092
676339a1
DDM		 1093 arg_root_password_is_hashed = false;
1094 break;
1095
1096 case ARG_ROOT_PASSWORD_HASHED:
1097 r = free_and_strdup(&arg_root_password, optarg);
1098 if (r < 0)
1099 return log_oom();
1100
1101 arg_root_password_is_hashed = true;
418b9be5
LP		 1102 break;
1103
1104 case ARG_HOSTNAME:
baaa35ad
ZJS		 1105 if (!hostname_is_valid(optarg, true))
1106 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
1107 "Host name %s is not valid.", optarg);
418b9be5 1108
ae691c1d 1109 hostname_cleanup(optarg);
2fc09a9c
DM		 1110 r = free_and_strdup(&arg_hostname, optarg);
1111 if (r < 0)
418b9be5
LP		 1112 return log_oom();
1113
1114 break;
1115
1116 case ARG_MACHINE_ID:
baaa35ad
ZJS		 1117 if (sd_id128_from_string(optarg, &arg_machine_id) < 0)
1118 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
1119 "Failed to parse machine id %s.", optarg);
418b9be5
LP		 1120
1121 break;
1122
a5925354
DDM		 1123 case ARG_KERNEL_COMMAND_LINE:
1124 r = free_and_strdup(&arg_kernel_cmdline, optarg);
1125 if (r < 0)
1126 return log_oom();
1127
1128 break;
1129
418b9be5 1130 case ARG_PROMPT:
ed457f13 1131 arg_prompt_locale = arg_prompt_keymap = arg_prompt_timezone = arg_prompt_hostname = arg_prompt_root_password = true;
418b9be5
LP		 1132 break;
1133
1134 case ARG_PROMPT_LOCALE:
1135 arg_prompt_locale = true;
1136 break;
1137
ed457f13
TB		 1138 case ARG_PROMPT_KEYMAP:
1139 arg_prompt_keymap = true;
1140 break;
1141
418b9be5
LP		 1142 case ARG_PROMPT_TIMEZONE:
1143 arg_prompt_timezone = true;
1144 break;
1145
1146 case ARG_PROMPT_HOSTNAME:
1147 arg_prompt_hostname = true;
1148 break;
1149
1150 case ARG_PROMPT_ROOT_PASSWORD:
1151 arg_prompt_root_password = true;
1152 break;
1153
1154 case ARG_COPY:
ed457f13 1155 arg_copy_locale = arg_copy_keymap = arg_copy_timezone = arg_copy_root_password = true;
e926f647 1156 break;
418b9be5
LP		 1157
1158 case ARG_COPY_LOCALE:
1159 arg_copy_locale = true;
1160 break;
1161
ed457f13
TB		 1162 case ARG_COPY_KEYMAP:
1163 arg_copy_keymap = true;
1164 break;
1165
418b9be5
LP		 1166 case ARG_COPY_TIMEZONE:
1167 arg_copy_timezone = true;
1168 break;
1169
1170 case ARG_COPY_ROOT_PASSWORD:
1171 arg_copy_root_password = true;
1172 break;
1173
1174 case ARG_SETUP_MACHINE_ID:
418b9be5 1175 r = sd_id128_randomize(&arg_machine_id);
23bbb0de
MS		 1176 if (r < 0)
1177 return log_error_errno(r, "Failed to generate randomized machine ID: %m");
418b9be5
LP		 1178
1179 break;
1180
b4909a3f
DDM		 1181 case ARG_FORCE:
1182 arg_force = true;
1183 break;
1184
4926ceaf
DDM		 1185 case ARG_DELETE_ROOT_PASSWORD:
1186 arg_delete_root_password = true;
1187 break;
1188
418b9be5
LP		 1189 case '?':
1190 return -EINVAL;
1191
1192 default:
1193 assert_not_reached("Unhandled option");
1194 }
418b9be5 1195
a00a78b8
LP		 1196 /* We check if the specified locale strings are valid down here, so that we can take --root= into
1197 * account when looking for the locale files. */
1198
1199 if (arg_locale && !locale_is_ok(arg_locale))
1200 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Locale %s is not installed.", arg_locale);
1201 if (arg_locale_messages && !locale_is_ok(arg_locale_messages))
1202 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Locale %s is not installed.", arg_locale_messages);
1203
4926ceaf
DDM		 1204 if (arg_delete_root_password && (arg_copy_root_password || arg_root_password || arg_prompt_root_password))
1205 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
1206 "--delete-root-password cannot be combined with other root password options");
1207
3ff9fa59
LP		 1208 if (arg_image && arg_root)
1209 return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Please specify either --root= or --image=, the combination of both is not supported.");
1210
418b9be5
LP		 1211 return 1;
1212}
1213
45f39418 1214static int run(int argc, char *argv[]) {
3ff9fa59
LP		 1215 _cleanup_(loop_device_unrefp) LoopDevice *loop_device = NULL;
1216 _cleanup_(decrypted_image_unrefp) DecryptedImage *decrypted_image = NULL;
1217 _cleanup_(umount_and_rmdir_and_freep) char *unlink_dir = NULL;
418b9be5
LP		 1218 int r;
1219
1220 r = parse_argv(argc, argv);
1221 if (r <= 0)
45f39418 1222 return r;
418b9be5 1223
6bf3c61c 1224 log_setup_service();
418b9be5
LP		 1225
1226 umask(0022);
1227
3ff9fa59
LP		 1228 if (!arg_root && !arg_image) {
1229 bool enabled;
1230
1231 /* If we are called without --root=/--image= let's honour the systemd.firstboot kernel
1232 * command line option, because we are called to provision the host with basic settings (as
1233 * opposed to some other file system tree/image) */
1234
1235 r = proc_cmdline_get_bool("systemd.firstboot", &enabled);
1236 if (r < 0)
1237 return log_error_errno(r, "Failed to parse systemd.firstboot= kernel command line argument, ignoring: %m");
1238 if (r > 0 && !enabled)
1239 return 0; /* disabled */
1240 }
1241
1242 r = setup_image(&unlink_dir, &loop_device, &decrypted_image);
45f39418 1243 if (r < 0)
3ff9fa59 1244 return r;
f582cbca 1245
418b9be5
LP		 1246 r = process_locale();
1247 if (r < 0)
45f39418 1248 return r;
418b9be5 1249
ed457f13
TB		 1250 r = process_keymap();
1251 if (r < 0)
45f39418 1252 return r;
ed457f13 1253
418b9be5
LP		 1254 r = process_timezone();
1255 if (r < 0)
45f39418 1256 return r;
418b9be5
LP		 1257
1258 r = process_hostname();
1259 if (r < 0)
45f39418 1260 return r;
418b9be5
LP		 1261
1262 r = process_machine_id();
1263 if (r < 0)
45f39418 1264 return r;
418b9be5
LP		 1265
1266 r = process_root_password();
1267 if (r < 0)
45f39418
YW		 1268 return r;
1269
a5925354
DDM		 1270 r = process_kernel_cmdline();
1271 if (r < 0)
1272 return r;
1273
45f39418 1274 return 0;
418b9be5 1275}
45f39418
YW		 1276
1277DEFINE_MAIN_FUNCTION(run);
Unnamed repository; edit this file 'description' to name the repository.