1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2014 Lennart Poettering
13 /* libxcrypt is a replacement for glibc's libcrypt, and libcrypt might be
14 * removed from glibc at some point. As part of the removal, defines for
15 * crypt(3) are dropped from unistd.h, and we must include crypt.h instead.
17 * Newer versions of glibc (v2.0+) already ship crypt.h with a definition
18 * of crypt(3) as well, so we simply include it if it is present. MariaDB,
19 * MySQL, PostgreSQL, Perl and some other wide-spread packages do it the
20 * same way since ages without any problems.
27 #include "alloc-util.h"
28 #include "ask-password-api.h"
33 #include "hostname-util.h"
34 #include "locale-util.h"
37 #include "parse-util.h"
38 #include "path-util.h"
39 #include "proc-cmdline.h"
40 #include "random-util.h"
41 #include "string-util.h"
43 #include "terminal-util.h"
44 #include "time-util.h"
45 #include "umask-util.h"
46 #include "user-util.h"
48 static char *arg_root
= NULL
;
49 static char *arg_locale
= NULL
; /* $LANG */
50 static char *arg_keymap
= NULL
;
51 static char *arg_locale_messages
= NULL
; /* $LC_MESSAGES */
52 static char *arg_timezone
= NULL
;
53 static char *arg_hostname
= NULL
;
54 static sd_id128_t arg_machine_id
= {};
55 static char *arg_root_password
= NULL
;
56 static bool arg_prompt_locale
= false;
57 static bool arg_prompt_keymap
= false;
58 static bool arg_prompt_timezone
= false;
59 static bool arg_prompt_hostname
= false;
60 static bool arg_prompt_root_password
= false;
61 static bool arg_copy_locale
= false;
62 static bool arg_copy_keymap
= false;
63 static bool arg_copy_timezone
= false;
64 static bool arg_copy_root_password
= false;
66 static bool press_any_key(void) {
70 printf("-- Press any key to proceed --");
73 (void) read_one_char(stdin
, &k
, USEC_INFINITY
, &need_nl
);
81 static void print_welcome(void) {
82 _cleanup_free_
char *pretty_name
= NULL
;
83 static bool done
= false;
89 r
= parse_os_release(arg_root
, "PRETTY_NAME", &pretty_name
, NULL
);
91 log_full_errno(r
== -ENOENT
? LOG_DEBUG
: LOG_WARNING
, r
,
92 "Failed to read os-release file, ignoring: %m");
94 printf("\nWelcome to your new installation of %s!\nPlease configure a few basic system settings:\n\n",
95 isempty(pretty_name
) ? "Linux" : pretty_name
);
102 static int show_menu(char **x
, unsigned n_columns
, unsigned width
, unsigned percentage
) {
103 unsigned break_lines
, break_modulo
;
104 size_t n
, per_column
, i
, j
;
106 assert(n_columns
> 0);
109 per_column
= DIV_ROUND_UP(n
, n_columns
);
111 break_lines
= lines();
115 /* The first page gets two extra lines, since we want to show
117 break_modulo
= break_lines
;
118 if (break_modulo
> 3)
121 for (i
= 0; i
< per_column
; i
++) {
123 for (j
= 0; j
< n_columns
; j
++) {
124 _cleanup_free_
char *e
= NULL
;
126 if (j
* per_column
+ i
>= n
)
129 e
= ellipsize(x
[j
* per_column
+ i
], width
, percentage
);
133 printf("%4zu) %-*s", j
* per_column
+ i
+ 1, width
, e
);
138 /* on the first screen we reserve 2 extra lines for the title */
139 if (i
% break_lines
== break_modulo
) {
140 if (!press_any_key())
148 static int prompt_loop(const char *text
, char **l
, bool (*is_valid
)(const char *name
), char **ret
) {
156 _cleanup_free_
char *p
= NULL
;
159 r
= ask_string(&p
, "%s %s (empty to skip): ", special_glyph(TRIANGULAR_BULLET
), text
);
161 return log_error_errno(r
, "Failed to query user: %m");
164 log_warning("No data entered, skipping.");
168 r
= safe_atou(p
, &u
);
172 if (u
<= 0 || u
> strv_length(l
)) {
173 log_error("Specified entry number out of range.");
177 log_info("Selected '%s'.", l
[u
-1]);
189 log_error("Entered data invalid.");
200 static int prompt_locale(void) {
201 _cleanup_strv_free_
char **locales
= NULL
;
204 if (arg_locale
|| arg_locale_messages
)
207 if (!arg_prompt_locale
)
210 r
= get_locales(&locales
);
212 return log_error_errno(r
, "Cannot query locales list: %m");
216 printf("\nAvailable Locales:\n\n");
217 r
= show_menu(locales
, 3, 22, 60);
223 r
= prompt_loop("Please enter system locale name or number", locales
, locale_is_valid
, &arg_locale
);
227 if (isempty(arg_locale
))
230 r
= prompt_loop("Please enter system message locale name or number", locales
, locale_is_valid
, &arg_locale_messages
);
237 static int process_locale(void) {
238 const char *etc_localeconf
;
243 etc_localeconf
= prefix_roota(arg_root
, "/etc/locale.conf");
244 if (laccess(etc_localeconf
, F_OK
) >= 0)
247 if (arg_copy_locale
&& arg_root
) {
249 mkdir_parents(etc_localeconf
, 0755);
250 r
= copy_file("/etc/locale.conf", etc_localeconf
, 0, 0644, 0, COPY_REFLINK
);
253 return log_error_errno(r
, "Failed to copy %s: %m", etc_localeconf
);
255 log_info("%s copied.", etc_localeconf
);
264 if (!isempty(arg_locale
))
265 locales
[i
++] = strjoina("LANG=", arg_locale
);
266 if (!isempty(arg_locale_messages
) && !streq(arg_locale_messages
, arg_locale
))
267 locales
[i
++] = strjoina("LC_MESSAGES=", arg_locale_messages
);
274 mkdir_parents(etc_localeconf
, 0755);
275 r
= write_env_file(etc_localeconf
, locales
);
277 return log_error_errno(r
, "Failed to write %s: %m", etc_localeconf
);
279 log_info("%s written.", etc_localeconf
);
283 static int prompt_keymap(void) {
284 _cleanup_strv_free_
char **kmaps
= NULL
;
290 if (!arg_prompt_keymap
)
293 r
= get_keymaps(&kmaps
);
294 if (r
== -ENOENT
) /* no keymaps installed */
297 return log_error_errno(r
, "Failed to read keymaps: %m");
301 printf("\nAvailable keymaps:\n\n");
302 r
= show_menu(kmaps
, 3, 22, 60);
308 return prompt_loop("Please enter system keymap name or number",
309 kmaps
, keymap_is_valid
, &arg_keymap
);
312 static int process_keymap(void) {
313 const char *etc_vconsoleconf
;
317 etc_vconsoleconf
= prefix_roota(arg_root
, "/etc/vconsole.conf");
318 if (laccess(etc_vconsoleconf
, F_OK
) >= 0)
321 if (arg_copy_keymap
&& arg_root
) {
323 mkdir_parents(etc_vconsoleconf
, 0755);
324 r
= copy_file("/etc/vconsole.conf", etc_vconsoleconf
, 0, 0644, 0, COPY_REFLINK
);
327 return log_error_errno(r
, "Failed to copy %s: %m", etc_vconsoleconf
);
329 log_info("%s copied.", etc_vconsoleconf
);
336 return 0; /* don't fail if no keymaps are installed */
340 if (isempty(arg_keymap
))
343 keymap
= STRV_MAKE(strjoina("KEYMAP=", arg_keymap
));
345 r
= mkdir_parents(etc_vconsoleconf
, 0755);
347 return log_error_errno(r
, "Failed to create the parent directory of %s: %m", etc_vconsoleconf
);
349 r
= write_env_file(etc_vconsoleconf
, keymap
);
351 return log_error_errno(r
, "Failed to write %s: %m", etc_vconsoleconf
);
353 log_info("%s written.", etc_vconsoleconf
);
357 static bool timezone_is_valid_log_error(const char *name
) {
358 return timezone_is_valid(name
, LOG_ERR
);
361 static int prompt_timezone(void) {
362 _cleanup_strv_free_
char **zones
= NULL
;
368 if (!arg_prompt_timezone
)
371 r
= get_timezones(&zones
);
373 return log_error_errno(r
, "Cannot query timezone list: %m");
377 printf("\nAvailable Time Zones:\n\n");
378 r
= show_menu(zones
, 3, 22, 30);
384 r
= prompt_loop("Please enter timezone name or number", zones
, timezone_is_valid_log_error
, &arg_timezone
);
391 static int process_timezone(void) {
392 const char *etc_localtime
, *e
;
395 etc_localtime
= prefix_roota(arg_root
, "/etc/localtime");
396 if (laccess(etc_localtime
, F_OK
) >= 0)
399 if (arg_copy_timezone
&& arg_root
) {
400 _cleanup_free_
char *p
= NULL
;
402 r
= readlink_malloc("/etc/localtime", &p
);
405 return log_error_errno(r
, "Failed to read host timezone: %m");
407 mkdir_parents(etc_localtime
, 0755);
408 if (symlink(p
, etc_localtime
) < 0)
409 return log_error_errno(errno
, "Failed to create %s symlink: %m", etc_localtime
);
411 log_info("%s copied.", etc_localtime
);
416 r
= prompt_timezone();
420 if (isempty(arg_timezone
))
423 e
= strjoina("../usr/share/zoneinfo/", arg_timezone
);
425 mkdir_parents(etc_localtime
, 0755);
426 if (symlink(e
, etc_localtime
) < 0)
427 return log_error_errno(errno
, "Failed to create %s symlink: %m", etc_localtime
);
429 log_info("%s written", etc_localtime
);
433 static int prompt_hostname(void) {
439 if (!arg_prompt_hostname
)
446 _cleanup_free_
char *h
= NULL
;
448 r
= ask_string(&h
, "%s Please enter hostname for new system (empty to skip): ", special_glyph(TRIANGULAR_BULLET
));
450 return log_error_errno(r
, "Failed to query hostname: %m");
453 log_warning("No hostname entered, skipping.");
457 if (!hostname_is_valid(h
, true)) {
458 log_error("Specified hostname invalid.");
462 /* Get rid of the trailing dot that we allow, but don't want to see */
463 arg_hostname
= hostname_cleanup(h
);
471 static int process_hostname(void) {
472 const char *etc_hostname
;
475 etc_hostname
= prefix_roota(arg_root
, "/etc/hostname");
476 if (laccess(etc_hostname
, F_OK
) >= 0)
479 r
= prompt_hostname();
483 if (isempty(arg_hostname
))
486 mkdir_parents(etc_hostname
, 0755);
487 r
= write_string_file(etc_hostname
, arg_hostname
,
488 WRITE_STRING_FILE_CREATE
| WRITE_STRING_FILE_SYNC
);
490 return log_error_errno(r
, "Failed to write %s: %m", etc_hostname
);
492 log_info("%s written.", etc_hostname
);
496 static int process_machine_id(void) {
497 const char *etc_machine_id
;
498 char id
[SD_ID128_STRING_MAX
];
501 etc_machine_id
= prefix_roota(arg_root
, "/etc/machine-id");
502 if (laccess(etc_machine_id
, F_OK
) >= 0)
505 if (sd_id128_is_null(arg_machine_id
))
508 mkdir_parents(etc_machine_id
, 0755);
509 r
= write_string_file(etc_machine_id
, sd_id128_to_string(arg_machine_id
, id
),
510 WRITE_STRING_FILE_CREATE
| WRITE_STRING_FILE_SYNC
);
512 return log_error_errno(r
, "Failed to write machine id: %m");
514 log_info("%s written.", etc_machine_id
);
518 static int prompt_root_password(void) {
519 const char *msg1
, *msg2
, *etc_shadow
;
522 if (arg_root_password
)
525 if (!arg_prompt_root_password
)
528 etc_shadow
= prefix_roota(arg_root
, "/etc/shadow");
529 if (laccess(etc_shadow
, F_OK
) >= 0)
535 msg1
= strjoina(special_glyph(TRIANGULAR_BULLET
), " Please enter a new root password (empty to skip): ");
536 msg2
= strjoina(special_glyph(TRIANGULAR_BULLET
), " Please enter new root password again: ");
539 _cleanup_string_free_erase_
char *a
= NULL
, *b
= NULL
;
541 r
= ask_password_tty(-1, msg1
, NULL
, 0, 0, NULL
, &a
);
543 return log_error_errno(r
, "Failed to query root password: %m");
546 log_warning("No password entered, skipping.");
550 r
= ask_password_tty(-1, msg2
, NULL
, 0, 0, NULL
, &b
);
552 return log_error_errno(r
, "Failed to query root password: %m");
555 log_error("Entered passwords did not match, please try again.");
559 arg_root_password
= TAKE_PTR(a
);
566 static int write_root_shadow(const char *path
, const struct spwd
*p
) {
567 _cleanup_fclose_
FILE *f
= NULL
;
574 f
= fopen(path
, "wex");
578 r
= putspent_sane(p
, f
);
582 return fflush_sync_and_check(f
);
585 static int process_root_password(void) {
587 static const char table
[] =
588 "abcdefghijklmnopqrstuvwxyz"
589 "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
594 .sp_namp
= (char*) "root",
600 .sp_flag
= (unsigned long) -1, /* this appears to be what everybody does ... */
603 _cleanup_close_
int lock
= -1;
609 const char *etc_shadow
;
612 etc_shadow
= prefix_roota(arg_root
, "/etc/shadow");
613 if (laccess(etc_shadow
, F_OK
) >= 0)
616 mkdir_parents(etc_shadow
, 0755);
618 lock
= take_etc_passwd_lock(arg_root
);
620 return log_error_errno(lock
, "Failed to take a lock: %m");
622 if (arg_copy_root_password
&& arg_root
) {
626 p
= getspnam("root");
627 if (p
|| errno
!= ENOENT
) {
632 return log_error_errno(errno
, "Failed to find shadow entry for root: %m");
635 r
= write_root_shadow(etc_shadow
, p
);
637 return log_error_errno(r
, "Failed to write %s: %m", etc_shadow
);
639 log_info("%s copied.", etc_shadow
);
644 r
= prompt_root_password();
648 if (!arg_root_password
)
651 r
= acquire_random_bytes(raw
, 16, true);
653 return log_error_errno(r
, "Failed to get salt: %m");
655 /* We only bother with SHA512 hashed passwords, the rest is legacy, and we don't do legacy. */
656 assert_cc(sizeof(table
) == 64 + 1);
657 j
= stpcpy(salt
, "$6$");
658 for (i
= 0; i
< 16; i
++)
659 j
[i
] = table
[raw
[i
] & 63];
664 item
.sp_pwdp
= crypt(arg_root_password
, salt
);
669 return log_error_errno(errno
, "Failed to encrypt password: %m");
672 item
.sp_lstchg
= (long) (now(CLOCK_REALTIME
) / USEC_PER_DAY
);
674 r
= write_root_shadow(etc_shadow
, &item
);
676 return log_error_errno(r
, "Failed to write %s: %m", etc_shadow
);
678 log_info("%s written.", etc_shadow
);
682 static void help(void) {
683 printf("%s [OPTIONS...]\n\n"
684 "Configures basic settings of the system.\n\n"
685 " -h --help Show this help\n"
686 " --version Show package version\n"
687 " --root=PATH Operate on an alternate filesystem root\n"
688 " --locale=LOCALE Set primary locale (LANG=)\n"
689 " --locale-messages=LOCALE Set message locale (LC_MESSAGES=)\n"
690 " --keymap=KEYMAP Set keymap\n"
691 " --timezone=TIMEZONE Set timezone\n"
692 " --hostname=NAME Set host name\n"
693 " --machine-ID=ID Set machine ID\n"
694 " --root-password=PASSWORD Set root password\n"
695 " --root-password-file=FILE Set root password from file\n"
696 " --prompt-locale Prompt the user for locale settings\n"
697 " --prompt-keymap Prompt the user for keymap settings\n"
698 " --prompt-timezone Prompt the user for timezone\n"
699 " --prompt-hostname Prompt the user for hostname\n"
700 " --prompt-root-password Prompt the user for root password\n"
701 " --prompt Prompt for all of the above\n"
702 " --copy-locale Copy locale from host\n"
703 " --copy-keymap Copy keymap from host\n"
704 " --copy-timezone Copy timezone from host\n"
705 " --copy-root-password Copy root password from host\n"
706 " --copy Copy locale, keymap, timezone, root password\n"
707 " --setup-machine-id Generate a new random machine ID\n"
708 , program_invocation_short_name
);
711 static int parse_argv(int argc
, char *argv
[]) {
723 ARG_ROOT_PASSWORD_FILE
,
729 ARG_PROMPT_ROOT_PASSWORD
,
734 ARG_COPY_ROOT_PASSWORD
,
735 ARG_SETUP_MACHINE_ID
,
738 static const struct option options
[] = {
739 { "help", no_argument
, NULL
, 'h' },
740 { "version", no_argument
, NULL
, ARG_VERSION
},
741 { "root", required_argument
, NULL
, ARG_ROOT
},
742 { "locale", required_argument
, NULL
, ARG_LOCALE
},
743 { "locale-messages", required_argument
, NULL
, ARG_LOCALE_MESSAGES
},
744 { "keymap", required_argument
, NULL
, ARG_KEYMAP
},
745 { "timezone", required_argument
, NULL
, ARG_TIMEZONE
},
746 { "hostname", required_argument
, NULL
, ARG_HOSTNAME
},
747 { "machine-id", required_argument
, NULL
, ARG_MACHINE_ID
},
748 { "root-password", required_argument
, NULL
, ARG_ROOT_PASSWORD
},
749 { "root-password-file", required_argument
, NULL
, ARG_ROOT_PASSWORD_FILE
},
750 { "prompt", no_argument
, NULL
, ARG_PROMPT
},
751 { "prompt-locale", no_argument
, NULL
, ARG_PROMPT_LOCALE
},
752 { "prompt-keymap", no_argument
, NULL
, ARG_PROMPT_KEYMAP
},
753 { "prompt-timezone", no_argument
, NULL
, ARG_PROMPT_TIMEZONE
},
754 { "prompt-hostname", no_argument
, NULL
, ARG_PROMPT_HOSTNAME
},
755 { "prompt-root-password", no_argument
, NULL
, ARG_PROMPT_ROOT_PASSWORD
},
756 { "copy", no_argument
, NULL
, ARG_COPY
},
757 { "copy-locale", no_argument
, NULL
, ARG_COPY_LOCALE
},
758 { "copy-keymap", no_argument
, NULL
, ARG_COPY_KEYMAP
},
759 { "copy-timezone", no_argument
, NULL
, ARG_COPY_TIMEZONE
},
760 { "copy-root-password", no_argument
, NULL
, ARG_COPY_ROOT_PASSWORD
},
761 { "setup-machine-id", no_argument
, NULL
, ARG_SETUP_MACHINE_ID
},
770 while ((c
= getopt_long(argc
, argv
, "h", options
, NULL
)) >= 0)
782 r
= parse_path_argument_and_warn(optarg
, true, &arg_root
);
788 if (!locale_is_valid(optarg
)) {
789 log_error("Locale %s is not valid.", optarg
);
793 r
= free_and_strdup(&arg_locale
, optarg
);
799 case ARG_LOCALE_MESSAGES
:
800 if (!locale_is_valid(optarg
)) {
801 log_error("Locale %s is not valid.", optarg
);
805 r
= free_and_strdup(&arg_locale_messages
, optarg
);
812 if (!keymap_is_valid(optarg
)) {
813 log_error("Keymap %s is not valid.", optarg
);
817 r
= free_and_strdup(&arg_keymap
, optarg
);
824 if (!timezone_is_valid(optarg
, LOG_ERR
)) {
825 log_error("Timezone %s is not valid.", optarg
);
829 r
= free_and_strdup(&arg_timezone
, optarg
);
835 case ARG_ROOT_PASSWORD
:
836 r
= free_and_strdup(&arg_root_password
, optarg
);
841 case ARG_ROOT_PASSWORD_FILE
:
842 arg_root_password
= mfree(arg_root_password
);
844 r
= read_one_line_file(optarg
, &arg_root_password
);
846 return log_error_errno(r
, "Failed to read %s: %m", optarg
);
851 if (!hostname_is_valid(optarg
, true)) {
852 log_error("Host name %s is not valid.", optarg
);
856 hostname_cleanup(optarg
);
857 r
= free_and_strdup(&arg_hostname
, optarg
);
864 if (sd_id128_from_string(optarg
, &arg_machine_id
) < 0) {
865 log_error("Failed to parse machine id %s.", optarg
);
872 arg_prompt_locale
= arg_prompt_keymap
= arg_prompt_timezone
= arg_prompt_hostname
= arg_prompt_root_password
= true;
875 case ARG_PROMPT_LOCALE
:
876 arg_prompt_locale
= true;
879 case ARG_PROMPT_KEYMAP
:
880 arg_prompt_keymap
= true;
883 case ARG_PROMPT_TIMEZONE
:
884 arg_prompt_timezone
= true;
887 case ARG_PROMPT_HOSTNAME
:
888 arg_prompt_hostname
= true;
891 case ARG_PROMPT_ROOT_PASSWORD
:
892 arg_prompt_root_password
= true;
896 arg_copy_locale
= arg_copy_keymap
= arg_copy_timezone
= arg_copy_root_password
= true;
899 case ARG_COPY_LOCALE
:
900 arg_copy_locale
= true;
903 case ARG_COPY_KEYMAP
:
904 arg_copy_keymap
= true;
907 case ARG_COPY_TIMEZONE
:
908 arg_copy_timezone
= true;
911 case ARG_COPY_ROOT_PASSWORD
:
912 arg_copy_root_password
= true;
915 case ARG_SETUP_MACHINE_ID
:
917 r
= sd_id128_randomize(&arg_machine_id
);
919 return log_error_errno(r
, "Failed to generate randomized machine ID: %m");
927 assert_not_reached("Unhandled option");
933 int main(int argc
, char *argv
[]) {
937 r
= parse_argv(argc
, argv
);
941 log_set_target(LOG_TARGET_AUTO
);
942 log_parse_environment();
947 r
= proc_cmdline_get_bool("systemd.firstboot", &enabled
);
949 log_error_errno(r
, "Failed to parse systemd.firstboot= kernel command line argument, ignoring.");
952 if (r
> 0 && !enabled
) {
953 r
= 0; /* disabled */
957 r
= process_locale();
961 r
= process_keymap();
965 r
= process_timezone();
969 r
= process_hostname();
973 r
= process_machine_id();
977 r
= process_root_password();
984 free(arg_locale_messages
);
988 string_erase(arg_root_password
);
989 free(arg_root_password
);
991 return r
< 0 ? EXIT_FAILURE
: EXIT_SUCCESS
;