From: Michael Tremer Date: Sun, 21 Feb 2010 23:44:55 +0000 (+0100) Subject: initscripts: New package. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ccbe9281364f4dc12ac84f4253f666fed7821a04;p=ipfire-3.x.git initscripts: New package. --- diff --git a/pkgs/core/initscripts/functions b/pkgs/core/initscripts/functions new file mode 100644 index 000000000..c5451ff70 --- /dev/null +++ b/pkgs/core/initscripts/functions @@ -0,0 +1,284 @@ +#!/bin/sh +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007, 2008 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### +# +# Partly based on scripts by DJ Lucas - dj@linuxfromscratch.org +# + +# Distro Information +DISTRO="$(/dev/null + if [ ${?} != 0 ]; then + log_failure_msg "Mounting root file system in read-only mode" + echo -e "${FAILURE}FAILURE:\n" + echo -e -n "${FAILURE}Cannot check root filesystem because it " + echo -e "${FAILURE}could not be mounted" + echo -e "${FAILURE}in read-only mode.\n\n" + echo -e -n "${FAILURE}After you press Enter, this system will be " + echo -e "${FAILURE}halted and powered off.\n" + echo -e "${INFO}Press enter to continue...${NORMAL}" + read ENTER + ## XXX need to shutdown the system cleanly here + fi + + # Force check if /forcefsck is found + if [ -f /forcefsck ]; then + options="-f" + else + options="" + fi + + # Note: -a option used to be -p; but this fails e.g. + # on fsck.minix + fsck ${options} -a -A -C -T + error_value=${?} + + if [ "${error_value}" = 1 ]; then + log_warning_msg "Checking file systems..." + echo -e "${WARNING}WARNING:\n" + echo -e "${WARNING}File system errors were found and have been" + echo -e "${WARNING}corrected. You may want to double-check that" + echo -e "${WARNING}everything was fixed properly.${NORMAL}" + elif [ "${error_value}" = 2 -o "${error_value}" = 3 ]; then + log_warning_msg "Checking file systems..." + echo -e "${WARNING}WARNING:\n" + echo -e "${WARNING}File system errors were found and have been been" + echo -e "${WARNING}corrected, but the nature of the errors require" + echo -e "${WARNING}this system to be rebooted.\n" + echo -e "After you press enter, this system will be rebooted.\n" + echo -e "${INFO}Press Enter to continue...${NORMAL}" + read ENTER + ## XXX need to reboot the system here + elif [ "${error_value}" -gt 3 -a "${error_value}" -lt 16 ]; then + log_failure_msg "Checking file systems..." + echo -e "${FAILURE}FAILURE:\n" + echo -e "${FAILURE}File system errors were encountered that could" + echo -e "${FAILURE}not be fixed automatically. This system cannot" + echo -e "${FAILURE}continue to boot and will therefore be halted" + echo -e "${FAILURE}until those errors are fixed manually by a" + echo -e "${FAILURE}System Administrator.\n" + echo -e "${FAILURE}After you press Enter, this system will be" + echo -e "${FAILURE}halted and powered off.\n" + echo -e "${INFO}Press Enter to continue...${NORMAL}" + read ENTER + ## XXX need to shutdown the system here + elif [ "${error_value}" -ge 16 ]; then + log_failure_msg "Checking file systems..." + echo -e "${FAILURE}FAILURE:\n" + echo -e "${FAILURE}Unexpected Failure running fsck. Exited with error" + echo -e "${FAILURE}code: ${error_value}.${NORMAL}" + exit ${error_value} + fi +end script diff --git a/pkgs/core/initscripts/init/cleanfs.conf b/pkgs/core/initscripts/init/cleanfs.conf new file mode 100644 index 000000000..43a70d879 --- /dev/null +++ b/pkgs/core/initscripts/init/cleanfs.conf @@ -0,0 +1,8 @@ +description "Cleaning / filesystem" +author "IPFire Team" + +start on stopping mountfs + +pre-start script + rm -rf /tmp/* /var/{lock,run}/* +end script diff --git a/pkgs/core/initscripts/init/control-alt-delete.conf b/pkgs/core/initscripts/init/control-alt-delete.conf new file mode 100644 index 000000000..318189457 --- /dev/null +++ b/pkgs/core/initscripts/init/control-alt-delete.conf @@ -0,0 +1,6 @@ +description "Control-Alt-Delete / Handling" +author "IPFire Team" + +start on control-alt-delete + +exec initctl emit --no-wait reboot diff --git a/pkgs/core/initscripts/init/load-modules.conf b/pkgs/core/initscripts/init/load-modules.conf new file mode 100644 index 000000000..b64658c38 --- /dev/null +++ b/pkgs/core/initscripts/init/load-modules.conf @@ -0,0 +1,49 @@ +description "Trigger coldplug events" +author "IPFire Team" + +start on stopped mount-kernel-filesystems + +script + # Exit if there's no modules file or there are no + # valid entries + [ -r /etc/sysconfig/modules ] && + egrep -qv '^($|#)' /etc/sysconfig/modules || + exit 0 + + # If proc is mounted, find the current kernel + # message level + if [ -f /proc/sys/kernel/printk ]; then + prev_msg=`cat /proc/sys/kernel/printk | \ + sed 'l 1' | sed -n '2~0p' | \ + sed 's/\\\//'` + else + prev_msg="6" + fi + + # Now set the message level to 1 so not to make too + # much noise when loading modules + dmesg -n 1 + + # Only try to load modules if the user has actually given us + # some modules to load. + if egrep -qv '^(#|$)' /etc/sysconfig/modules 2>/dev/null; then + # Read in the configuration file. + exec 9>&0 < /etc/sysconfig/modules + + while read module args; do + # Ignore comments and blank lines. + case "${module}" in + ""|\#*) continue ;; + esac + + # Attempt to load the module, making + # sure to pass any arguments provided. + modprobe ${module} ${args} > /dev/null + done + + exec 0>&9 9>&- + + fi + # Set the kernel message level back to it's previous value. + dmesg -n "${prev_msg}" +end script diff --git a/pkgs/core/initscripts/init/loopback.conf b/pkgs/core/initscripts/init/loopback.conf new file mode 100644 index 000000000..fc5d64a6e --- /dev/null +++ b/pkgs/core/initscripts/init/loopback.conf @@ -0,0 +1,16 @@ +description "Bringing up the local network" +author "IPFire Team" + +start on started udev + +script + [ -e "/etc/sysconfig/network" ] && \ + . /etc/sysconfig/network + + ip addr add 127.0.0.1/8 label lo dev lo + ip link set lo up + + if [ -n "${HOSTNAME}" ]; then + hostname "${HOSTNAME}" + fi +end script diff --git a/pkgs/core/initscripts/init/mount-kernel-filesystems.conf b/pkgs/core/initscripts/init/mount-kernel-filesystems.conf new file mode 100644 index 000000000..cef79e529 --- /dev/null +++ b/pkgs/core/initscripts/init/mount-kernel-filesystems.conf @@ -0,0 +1,16 @@ +description "Mount kernel virtual systems" +author "IPFire Team" + +start on stopped welcome + +script + if ! mountpoint /proc > /dev/null; then + mount -n /proc || failed=1 + fi + + if ! mountpoint /sys > /dev/null; then + mount -n /sys || failed=1 + fi + + exit ${failed} +end script diff --git a/pkgs/core/initscripts/init/mountfs.conf b/pkgs/core/initscripts/init/mountfs.conf new file mode 100644 index 000000000..c432c5c09 --- /dev/null +++ b/pkgs/core/initscripts/init/mountfs.conf @@ -0,0 +1,22 @@ +description "Mount / filesystem" +author "IPFire Team" + +start on stopped checkfs + +console output + +script + mount -n -o remount,rw / >/dev/null + + # Remove fsck-related file system watermarks. + rm -f /fastboot /forcefsck + + > /etc/mtab + mount -f / + mount -f /proc + mount -f /sys + + # This will mount all filesystems that do not have _netdev in + # their option list. _netdev denotes a network filesystem. + mount -a -O no_netdev >/dev/null +end script diff --git a/pkgs/core/initscripts/init/serial.conf b/pkgs/core/initscripts/init/serial.conf new file mode 100644 index 000000000..44b76fdbc --- /dev/null +++ b/pkgs/core/initscripts/init/serial.conf @@ -0,0 +1,24 @@ +description "Start a tty" +author "IPFire Team" + +# Automatically start a configured serial console +# +# How this works: +# +# On boot, a udev helper examines /dev/console. If a serial console is the +# primary console (last console on the commandline in grub), the event +# 'serial-console-available ' is emitted, which +# triggers this script. +# +# If your serial console is not the primary console, or you want a getty +# on serial even if it's not the console, create your own event by copying +# /etc/init/tty[2-6], and changing the getty line in that file. + +start on serial-console-available * +stop on starting shutdown or starting reboot + +pre-start script + /sbin/securetty $DEV +end script + +exec /sbin/agetty $DEV $SPEED vt100-nav diff --git a/pkgs/core/initscripts/init/shutdown.conf b/pkgs/core/initscripts/init/shutdown.conf new file mode 100644 index 000000000..36805c142 --- /dev/null +++ b/pkgs/core/initscripts/init/shutdown.conf @@ -0,0 +1,24 @@ +description "Shutdown or reboot the system" +author "IPFire Team" + +start on shutdown or reboot + +console output + +script + # Exterminate any lil' process that managed to evade my merciless + # terminating. + killall5 -15 || true + sleep 5 + killall5 -9 || true + + mount -n -o remount,ro / || true + + # The UPSTART_EVENTS variable contains the event that has been called. + # The script use it to perform the requested action. + if [ "${UPSTART_EVENTS}" = "reboot" ]; then + reboot -pf + else + halt -pf + fi +end script diff --git a/pkgs/core/initscripts/init/swap.conf b/pkgs/core/initscripts/init/swap.conf new file mode 100644 index 000000000..8cbf12988 --- /dev/null +++ b/pkgs/core/initscripts/init/swap.conf @@ -0,0 +1,6 @@ +description "Activating swap partitions" +author "IPFire Team" + +start on stopped checkfs + +exec /sbin/swapon -a diff --git a/pkgs/core/initscripts/init/sysctl.conf b/pkgs/core/initscripts/init/sysctl.conf new file mode 100644 index 000000000..2289a9a91 --- /dev/null +++ b/pkgs/core/initscripts/init/sysctl.conf @@ -0,0 +1,14 @@ +description "Set sysctl settings" +author "IPFire Team" + +start on stopped mount-kernel-filesystems + +script + if [ -f "/etc/sysctl.conf" ]; then + sysctl -q -p + fi + if [ -d "/proc/sys/kernel/grsecurity" -a \ + -f "/etc/grsec/sysctl.conf" ]; then + sysctl -q -p /etc/grsec/sysctl.conf + fi +end script diff --git a/pkgs/core/initscripts/init/tty1.conf b/pkgs/core/initscripts/init/tty1.conf new file mode 100644 index 000000000..04d0c9176 --- /dev/null +++ b/pkgs/core/initscripts/init/tty1.conf @@ -0,0 +1,8 @@ +description "Start a tty" +author "IPFire Team" + +start on stopped mountfs +stop on starting shutdown + +respawn +exec /sbin/agetty 9600 tty1 diff --git a/pkgs/core/initscripts/init/tty2.conf b/pkgs/core/initscripts/init/tty2.conf new file mode 100644 index 000000000..af5458a65 --- /dev/null +++ b/pkgs/core/initscripts/init/tty2.conf @@ -0,0 +1,8 @@ +description "Start a tty" +author "IPFire Team" + +start on stopped mountfs +stop on starting shutdown + +respawn +exec /sbin/agetty 9600 tty2 diff --git a/pkgs/core/initscripts/init/tty3.conf b/pkgs/core/initscripts/init/tty3.conf new file mode 100644 index 000000000..2903dd173 --- /dev/null +++ b/pkgs/core/initscripts/init/tty3.conf @@ -0,0 +1,8 @@ +description "Start a tty" +author "IPFire Team" + +start on stopped mountfs +stop on starting shutdown + +respawn +exec /sbin/agetty 9600 tty3 diff --git a/pkgs/core/initscripts/init/tty4.conf b/pkgs/core/initscripts/init/tty4.conf new file mode 100644 index 000000000..048020704 --- /dev/null +++ b/pkgs/core/initscripts/init/tty4.conf @@ -0,0 +1,8 @@ +description "Start a tty" +author "IPFire Team" + +start on stopped mountfs +stop on starting shutdown + +respawn +exec /sbin/agetty 9600 tty4 diff --git a/pkgs/core/initscripts/init/udev.conf b/pkgs/core/initscripts/init/udev.conf new file mode 100644 index 000000000..15da72958 --- /dev/null +++ b/pkgs/core/initscripts/init/udev.conf @@ -0,0 +1,28 @@ +description "Start Udev Daemon" +author "IPFire Team" + +start on stopped mount-kernel-filesystems +stop on starting shutdown + +emits block-device-added block-device-removed +emits network-device-added network-device-removed + +console output + +pre-start script + # Mount a temporary file system over /dev, so that any devices + # made or removed during this boot don't affect the next one. + # The reason we don't write to mtab is because we don't ever + # want /dev to be unavailable (such as by `umount -a'). + mount -n -t tmpfs tmpfs /dev -o mode=755 + + # Udev handles uevents itself, so we don't need to have + # the kernel call out to any binary in response to them + echo > /proc/sys/kernel/hotplug + + # Copy static device nodes to /dev + cp -a /lib/udev/devices/* /dev +end script + +exec /sbin/udevd +respawn diff --git a/pkgs/core/initscripts/init/udevtrigger.conf b/pkgs/core/initscripts/init/udevtrigger.conf new file mode 100644 index 000000000..754ccd765 --- /dev/null +++ b/pkgs/core/initscripts/init/udevtrigger.conf @@ -0,0 +1,15 @@ +description "Trigger udev events" +author "IPFire Team" + +start on started udev + +console output + +script + # Now traverse /sys in order to "coldplug" devices that have + # already been discovered + udevadm trigger + + # Now wait for udevd to process the uevents we triggered + udevadm settle --timeout=5 || true +end script diff --git a/pkgs/core/initscripts/init/welcome.conf b/pkgs/core/initscripts/init/welcome.conf new file mode 100644 index 000000000..37ca7eb3c --- /dev/null +++ b/pkgs/core/initscripts/init/welcome.conf @@ -0,0 +1,24 @@ +description "Display a welcome message to the user" +author "IPFire Team" + +start on startup + +console output + +script + . /etc/init/functions + + # dcol are spaces before the message to center the + # message on screen. + dcol=$(( $(( ${COLUMNS} - ${welcome_message_length} )) / 2 )) + echo -e "\\033[${dcol}G${welcome_message}" + + system_message=$(uname -r) + system_message_length=${#system_message} + system_message="Running on Linux ${FAILURE}${system_message}${NORMAL}" + system_message_length=$((17 + ${system_message_length})) + dcol=$(( $(( ${COLUMNS} - ${system_message_length} )) / 2 )) + echo -e "\\033[${dcol}G${system_message}" + + echo "" +end script diff --git a/pkgs/core/initscripts/initscripts.nm b/pkgs/core/initscripts/initscripts.nm new file mode 100644 index 000000000..6f2250327 --- /dev/null +++ b/pkgs/core/initscripts/initscripts.nm @@ -0,0 +1,68 @@ +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007, 2008 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +############################################################################### +# Definitions +############################################################################### + +include $(PKGROOT)/Include + +PKG_NAME = initscripts +PKG_VER = $(DISTRO_VER) +PKG_REL = 0 + +PKG_MAINTAINER = +PKG_GROUP = System/Boot +PKG_URL = +PKG_LICENSE = GPLv3+ +PKG_SUMMARY = The set of scripts that initalize the system. + +PKG_DEPS += coreutils e2fsprogs module-init-tools procps sysvinit \ + system-release upstart util-linux-ng + +define PKG_DESCRIPTION + The initscripts package contains the basic system scripts used to boot \ + your system and shut the system down cleanly. +endef + +DIR_APP = $(DIR_SOURCE) + +define STAGE_PREPARE_CMDS + cd $(DIR_APP)/src && make clean +endef + +define STAGE_BUILD + cd $(DIR_APP)/src && make $(PARALLELISMFLAGS) +endef + +define STAGE_INSTALL + cd $(DIR_APP)/src && make install clean DESTDIR=$(BUILDROOT) + + -mkdir -pv $(BUILDROOT)/etc/{init,sysconfig} + + cp -vf $(DIR_SOURCE)/functions $(BUILDROOT)/etc/init/ + + for i in $(DIR_SOURCE)/sysconfig/*; do \ + install -v -m 644 $$i $(BUILDROOT)/etc/sysconfig/; \ + done + chmod -v 755 $(BUILDROOT)/etc/sysconfig/rc.local + + cp -vf $(DIR_SOURCE)/sysctl.conf $(BUILDROOT)/etc +endef diff --git a/pkgs/core/initscripts/src/Makefile b/pkgs/core/initscripts/src/Makefile new file mode 100644 index 000000000..452f45f9e --- /dev/null +++ b/pkgs/core/initscripts/src/Makefile @@ -0,0 +1,21 @@ + +PROGS = console_check securetty + +CFLAGS += -D_GNU_SOURCE + +all: $(PROGS) + +clean: + rm -vf $(PROGS) *.o + +install: + -mkdir -pv $(DESTDIR)/lib/udev $(DESTDIR)/sbin + install -v -m 755 console_check $(DESTDIR)/lib/udev/ + install -v -m 755 securetty $(DESTDIR)/sbin + + +console_check: console_check.o + $(CC) $(LDFLAGS) -o $@ $< + +securetty: securetty.o + $(CC) $(LDFLAGS) -o $@ $< diff --git a/pkgs/core/initscripts/src/console_check.c b/pkgs/core/initscripts/src/console_check.c new file mode 100644 index 000000000..740f2a8de --- /dev/null +++ b/pkgs/core/initscripts/src/console_check.c @@ -0,0 +1,180 @@ + +#include +#include +#include +#include +#include +#include + +#include + +#include +#include + +struct speeds +{ + speed_t speed; + unsigned long value; +}; + +struct speeds speed_map[] = +{ + {B50, 50}, + {B75, 75}, + {B110, 110}, + {B134, 134}, + {B150, 150}, + {B200, 200}, + {B300, 300}, + {B600, 600}, + {B1200, 1200}, + {B1800, 1800}, + {B2400, 2400}, + {B4800, 4800}, + {B9600, 9600}, + {B19200, 19200}, + {B38400, 38400}, +#ifdef B57600 + {B57600, 57600}, +#endif +#ifdef B115200 + {B115200, 115200}, +#endif +#ifdef B230400 + {B230400, 230400}, +#endif +#ifdef B460800 + {B460800, 460800}, +#endif + {0, 0} +}; + +int termcmp(struct termios *a, struct termios *b) { + if (a->c_iflag != b->c_iflag || a->c_oflag != b->c_oflag || + a->c_cflag != b->c_cflag || a->c_lflag != b->c_lflag || + cfgetispeed(a) != cfgetispeed(b) || cfgetospeed(a) != cfgetospeed(b)) + return 1; + return memcmp(a->c_cc, b->c_cc, sizeof(a->c_cc)); +} + +int get_serial_speed(int fd) { + struct termios mode; + + if (!tcgetattr(fd, &mode)) { + int i; + speed_t speed; + + speed = cfgetospeed(&mode); + for (i = 0; speed_map[i].value != 0; i++) + if (speed_map[i].speed == speed) + return speed_map[i].value; + } + return 0; +} + +int compare_termios_to_console(char *dev, int *speed) { + struct termios cmode, mode; + int fd, cfd; + + cfd = open ("/dev/console", O_RDONLY); + tcgetattr(cfd, &cmode); + close(cfd); + + fd = open(dev, O_RDONLY|O_NONBLOCK); + tcgetattr(fd, &mode); + + if (!termcmp(&cmode, &mode)) { + *speed = get_serial_speed(fd); + close(fd); + return 1; + } + close(fd); + return 0; +} + +char *serial_tty_name(int type) { + switch (type) { + case PORT_8250...PORT_MAX_8250: + return "ttyS"; + case PORT_PMAC_ZILOG: + return "ttyPZ"; + case PORT_MPSC: + return "ttyMM"; + case PORT_CPM: + return "ttyCPM"; + case PORT_MPC52xx: + return "ttyPSC"; + default: + return NULL; + } +} + +char *check_serial_console(int *speed) { + int fd; + char *ret = NULL, *device; + char twelve = 12; + struct serial_struct si, si2; + char *tty_name; + + memset(&si, 0, sizeof(si)); + memset(&si2, 0, sizeof(si)); + + fd = open("/dev/console", O_RDWR); + if (ioctl (fd, TIOCLINUX, &twelve) >= 0) + goto out; + + if (ioctl(fd, TIOCGSERIAL, &si) < 0) + goto out; + close(fd); + + tty_name = serial_tty_name(si.type); + if (!tty_name) + goto out; + + asprintf(&device, "%s%d", tty_name, si.line); + fd = open(device, O_RDWR|O_NONBLOCK); + if (fd == -1) + goto out; + + if (ioctl(fd, TIOCGSERIAL, &si2) < 0) + goto out; + + if (memcmp(&si,&si2, sizeof(si))) + goto out; + + *speed = get_serial_speed(fd); + ret = device; +out: + close(fd); + return ret; +} + +int emit_console_event(char *dev, int speed) { + char *args[] = { "initctl", "emit", "--no-wait", "serial-console-available", NULL, NULL, NULL }; + + asprintf(&args[4],"DEV=%s", dev); + if (speed) + asprintf(&args[5],"SPEED=%d", speed); + execv("/sbin/initctl", args); + return 1; +} + +int main(int argc, char **argv) { + char *device; + int speed; + + if (argc < 2) { + printf("usage: console_check \n"); + exit(1); + } + chdir("/dev"); + device = argv[1]; + if (!strcmp(device, "console")) { + device = check_serial_console(&speed); + if (device) + return emit_console_event(device, speed); + } else if (compare_termios_to_console(device, &speed)) { + return emit_console_event(device, speed); + } + return 0; +} diff --git a/pkgs/core/initscripts/src/securetty.c b/pkgs/core/initscripts/src/securetty.c new file mode 100644 index 000000000..9bdc8c226 --- /dev/null +++ b/pkgs/core/initscripts/src/securetty.c @@ -0,0 +1,94 @@ + +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +void alarm_handler(int num) { + return; +} + +int open_and_lock_securetty() { + int fd; + struct flock lock; + struct sigaction act, oldact; + + lock.l_type = F_WRLCK; + lock.l_whence = SEEK_SET; + lock.l_start = 0; + lock.l_len = 0; + + fd = open("/etc/securetty", O_RDWR); + if (fd == -1) { + syslog(LOG_ERR, "Couldn't open /etc/securetty: %s",strerror(errno)); + return -1; + } + act.sa_handler = alarm_handler; + act.sa_flags = 0; + sigaction(SIGALRM, &act, &oldact); + alarm(2); + while (fcntl(fd, F_SETLKW, &lock) == -1) { + if (errno == EINTR) { + syslog(LOG_ERR, "Couldn't lock /etc/securetty: Timeout exceeded"); + } else { + syslog(LOG_ERR, "Couldn't lock /etc/securetty: %s",strerror(errno)); + } + return -1; + } + alarm(0); + sigaction(SIGALRM, &oldact, NULL); + return fd; +} + +int rewrite_securetty(char *terminal) { + int fd; + char *buf, *pos; + struct stat sbuf; + + fd = open_and_lock_securetty(); + if (fd == -1) + return 1; + if (fstat(fd, &sbuf) == -1) { + close(fd); + syslog(LOG_ERR, "Couldn't stat /etc/securetty: %s",strerror(errno)); + return 1; + } + buf = malloc(sbuf.st_size + 1); + if (read(fd, buf, sbuf.st_size) != sbuf.st_size) { + close(fd); + syslog(LOG_ERR, "Couldn't read /etc/securetty: %s",strerror(errno)); + return 1; + } + if (!strncmp(buf,terminal,strlen(terminal)) && buf[strlen(terminal)] == '\n') + goto out_ok; + if ((pos = strstr(buf, terminal))) { + if (pos[strlen(terminal)] == '\n' && *(pos-1) == '\n') + goto out_ok; + } + if (lseek(fd, 0, SEEK_END) == -1) { + close(fd); + syslog(LOG_ERR, "Couldn't seek to end of /etc/securetty: %s",strerror(errno)); + return 1; + } + write(fd, terminal, strlen(terminal)); + write(fd, "\n", 1); +out_ok: + close(fd); + return 0; +} + +int main(int argc, char **argv) { + if (argc < 2 ) { + fprintf(stderr, "Usage: securetty \n"); + exit(1); + } + openlog("securetty", LOG_CONS, LOG_DAEMON); + return rewrite_securetty(argv[1]); +} diff --git a/pkgs/core/initscripts/sysconfig/clock b/pkgs/core/initscripts/sysconfig/clock new file mode 100644 index 000000000..99132e1c3 --- /dev/null +++ b/pkgs/core/initscripts/sysconfig/clock @@ -0,0 +1 @@ +UTC=no diff --git a/pkgs/core/initscripts/sysconfig/createfiles b/pkgs/core/initscripts/sysconfig/createfiles new file mode 100644 index 000000000..8d1f89dc6 --- /dev/null +++ b/pkgs/core/initscripts/sysconfig/createfiles @@ -0,0 +1,28 @@ +######################################################################## +# Begin /etc/sysconfig/createfiles +# +# Description : Createfiles script config file +# +# Authors : +# +# Version : 00.00 +# +# Notes : The syntax of this file is as follows: +# if type is equal to "file" or "dir" +# +# if type is equal to "dev" +# +# +# is the name of the file which is to be created +# is either file, dir, or dev. +# file creates a new file +# dir creates a new directory +# dev creates a new device +# is either block, char or pipe +# block creates a block device +# char creates a character deivce +# pipe creates a pipe, this will ignore the and fields +# and are the major and minor numbers used for the device. +######################################################################## + +# End /etc/sysconfig/createfiles diff --git a/pkgs/core/initscripts/sysconfig/modules b/pkgs/core/initscripts/sysconfig/modules new file mode 100644 index 000000000..d6fc14c72 --- /dev/null +++ b/pkgs/core/initscripts/sysconfig/modules @@ -0,0 +1,21 @@ +######################################################################## +# Begin /etc/sysconfig/modules +# +# Description : Module auto-loading configuration +# +# Authors : +# +# Version : 00.00 +# +# Notes : The syntax of this file is as follows: +# [ ...] +# +# Each module should be on it's own line, and any options that you want +# passed to the module should follow it. The line deliminator is either +# a space or a tab. +######################################################################## + +# For dialin with pppd +ppp_generic + +# End /etc/sysconfig/modules diff --git a/pkgs/core/initscripts/sysconfig/network b/pkgs/core/initscripts/sysconfig/network new file mode 100644 index 000000000..45e537e7f --- /dev/null +++ b/pkgs/core/initscripts/sysconfig/network @@ -0,0 +1 @@ +HOSTNAME=ipfire.localdomain diff --git a/pkgs/core/initscripts/sysconfig/rc b/pkgs/core/initscripts/sysconfig/rc new file mode 100644 index 000000000..ffb70d98c --- /dev/null +++ b/pkgs/core/initscripts/sysconfig/rc @@ -0,0 +1,52 @@ +# Begin /etc/sysconfig/rc + +# Author: DJ Lucas - dj@linuxfromscratch.org +# Version: 1.0 LSB V.3.1 + +# Global variable inherited by initscripts are in caps +# Local variables for the rc script are in lowercase + +# Source site specific rc configuration +. /etc/sysconfig/rc.site + +# This sets default terminal options. +# stty sane - this has been removed as nobody recalls +# the reason for it in the first place - if no problems arize, +# then it will be removed completely at a later date. + +# Setup default values for the environment +umask 022 +PATH="/bin:/sbin" + +# Find current screen size +if [ -z "${COLUMNS}" ]; then + COLUMNS=$(stty size) + COLUMNS=${COLUMNS##* } +fi + +# When using remote connections, such as a serial port, stty size returns 0 +if [ "${COLUMNS}" = "0" ]; then + COLUMNS=80 +fi + +## Measurements for positioning result messages +COL=$((${COLUMNS} - 8)) +WCOL=$((${COL} - 2)) + +# Set Cursur Position Commands, used via echo -e +SET_COL="\\033[${COL}G" # at the $COL char +SET_WCOL="\\033[${WCOL}G" # at the $WCOL char +CURS_UP="\\033[1A\\033[0G" # Up one line, at the 0'th char + +# Bootlogging and interactive startup require a valid tempfs mount +# if this mount is not present, disable them +if [ "${TEMPFS_MOUNT}" = "" -o ! -d "${TEMPFS_MOUNT}" ]; then + TEMPFS_MOUNT="" + iprompt="" + BOOTLOG_ENAB="" +fi + +# Export the environment variables so they are inherited by the scripts +export PATH SET_COL SET_WCOL CURS_UP TEMPFS_MOUNT BOOTLOG_ENAB RUNLEVEL + +# End /etc/sysconfig/rc diff --git a/pkgs/core/initscripts/sysconfig/rc.local b/pkgs/core/initscripts/sysconfig/rc.local new file mode 100644 index 000000000..90347d79a --- /dev/null +++ b/pkgs/core/initscripts/sysconfig/rc.local @@ -0,0 +1,27 @@ +#!/bin/sh +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2007 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### +# Used for private calls after boot # +############################################################################### + +# power button shutdown +if grep -q '^button' /proc/modules ; then + head -1 /proc/acpi/event | grep -q 'button/power PWRF' && init 0 & +fi diff --git a/pkgs/core/initscripts/sysconfig/rc.site b/pkgs/core/initscripts/sysconfig/rc.site new file mode 100644 index 000000000..82b7cc7fc --- /dev/null +++ b/pkgs/core/initscripts/sysconfig/rc.site @@ -0,0 +1,71 @@ +# Set base directory information +RC_BASE="/etc" +RC_FUNCTIONS="${RC_BASE}/init.d/ipfire-functions" + +# Location of network device scripts and config files +NETWORK_SCRIPTS="/etc/init.d/networking" +NETWORK_DEVICES="/etc/sysconfig/network-devices" + +# Directory to store boot process accounting information +# Used for boot logging and interactive flag when rootfs +# is not writable +TEMPFS_MOUNT="${RC_BASE}/init.d/boottemp" + +# Bootlogging (requires a tempfs mount) +BOOTLOG_ENAB="yes" + +# Distro Information +DISTRO="$(cat /etc/system-release)" # The distro name +DISTRO_CONTACT="http://bugtracker.ipfire.org" # Bug report address +DISTRO_MINI="ipfire" # Short name used in filenames for distro config + +# Define custom colors used in messages printed to the screen +BRACKET="\\033[1;34m" # Blue +FAILURE="\\033[1;31m" # Red +INFO="\\033[1;36m" # Cyan +NORMAL="\\033[0;39m" # Grey +SUCCESS="\\033[1;32m" # Green +WARNING="\\033[1;33m" # Yellow + +# Prefix boot messages for easier reading on framebuffer consoles +PREFIX_SUCCESS=" ${SUCCESS}*${NORMAL} " +PREFIX_WARNING="${WARNING}**${NORMAL} " +PREFIX_FAILURE="${FAILURE}***${NORMAL}" + +# Export varialbles so that they are inherited by the initscripts +export RC_BASE RC_FUNCTIONS TEMPFS_MOUNT BOOTLOG_ENAB +export NETWORK_DEVICES NETWORK_SCRIPTS +export DISTRO DISTRO_CONTACT DISTRO_MINI +export BRACKET FAILURE INFO NORMAL SUCCESS WARNING +export PREFIX_SUCCESS PREFIX_WARNING PREFIX_FAILURE + +# Interactive startup +iprompt="yes" # Wether to display the interactive boot promp +itime="2" # The ammount of time (in seconds) to display the prompt +dlen="$(( 11 + ${#DISTRO} ))" # The total length of the distro welcome string +ilen="38" # The total length of the interactive message +welcome_message="Welcome to ${INFO}${DISTRO}${NORMAL}" +i_message="Press '${FAILURE}I${NORMAL}' to enter interactive startup" + +# Error message displayed when a script's exit value is not zero +print_error_msg() +{ + # ${link} and ${error_value} are defined by the rc script + echo -e "${FAILURE}FAILURE: You should not be reading this error message." + echo -e "" + echo -e -n "${FAILURE}It means that an unforseen error took place in" + echo -e -n "${INFO} ${link}" + echo -e "${FAILURE}," + echo -e "${FAILURE}which exited with a return value of ${error_value}." + echo -e "" + echo -e -n "${FAILURE}If you are able to track this error down to a bug" + echo -e "${FAILURE}in one of the files" + echo -e -n "provided by ${INFO}${DISTRO}${FAILURE}, " + echo -e -n "${FAILURE}please be so kind to inform us at " + echo -e "${INFO}${DISTRO_CONTACT}${FAILURE}.${NORMAL}" + echo -e "" + echo -e "${INFO}Press Enter to continue..." + echo -e "${NORMAL}" + read ENTER +} + diff --git a/pkgs/core/initscripts/sysctl.conf b/pkgs/core/initscripts/sysctl.conf new file mode 100644 index 000000000..bcf90e86f --- /dev/null +++ b/pkgs/core/initscripts/sysctl.conf @@ -0,0 +1,24 @@ +net.ipv4.ip_forward = 1 +net.ipv4.ip_dynaddr = 1 +net.ipv4.icmp_echo_ignore_broadcasts = 1 +net.ipv4.icmp_ignore_bogus_error_responses = 1 + +net.ipv4.tcp_sack = 0 +net.ipv4.tcp_timestamps = 0 +net.ipv4.tcp_syncookies = 1 +net.ipv4.tcp_fin_timeout = 30 +net.ipv4.tcp_window_scaling = 0 +net.ipv4.tcp_syn_retries = 3 +net.ipv4.tcp_synack_retries = 3 + +net.ipv4.conf.default.rp_filter = 0 +net.ipv4.conf.default.accept_redirects = 0 +net.ipv4.conf.default.accept_source_route = 0 +net.ipv4.conf.default.log_martians = 1 + +net.ipv4.conf.all.rp_filter = 0 +net.ipv4.conf.all.accept_redirects = 0 +net.ipv4.conf.all.accept_source_route = 0 +net.ipv4.conf.all.log_martians = 1 + +kernel.printk = 1 4 1 7