FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Device-mapper Development

 
 
LinkBack Thread Tools
 
Old 08-02-2010, 08:10 PM
Chris Lumens
 
Default Step 2 of merging installer images: Move most everything out of makeinitrd.

There's no need for all this file creation, installation, and copying to exist
in makeinitrd when it could just as easily be in upd-instroot with everything
else.
---
scripts/mk-images | 223 +-----------------------------------------------
scripts/upd-instroot | 232 ++++++++++++++++++++++++++++++++++++++++++++++----
2 files changed, 218 insertions(+), 237 deletions(-)

diff --git a/scripts/mk-images b/scripts/mk-images
index f210660..92d8d04 100755
--- a/scripts/mk-images
+++ b/scripts/mk-images
@@ -166,7 +166,6 @@ LIBEXECBINDIR=$IMGPATH/usr/libexec/anaconda
ADDRSIZE=$IMGPATH/usr/$LIBDIR/anaconda/addrsize
MKS390CDBOOT=$IMGPATH/usr/$LIBDIR/anaconda/mk-s390-cdboot
GENMODINFO=$IMGPATH/usr/libexec/anaconda/genmodinfo
-KEYMAPS=$TMPDIR/keymaps-$BUILDARCH.$$
SCREENFONT=$IMGPATH/usr/share/anaconda/screenfont-${BASEARCH}.gz
MODLIST=$IMGPATH/usr/libexec/anaconda/modlist
MODINFO=$TMPDIR/modinfo-$BUILDARCH.$$
@@ -201,10 +200,10 @@ if [ "$BUILDARCH" != "s390" -a "$BUILDARCH" != "s390x" ]; then
# go ahead and create the keymaps so we only have to do it once
if [ -f $IMGPATH/usr/share/anaconda/keymaps-override-$BASEARCH ]; then
echo "Found keymap override, using it"
- cp $IMGPATH/usr/share/anaconda/keymaps-override-$BASEARCH $KEYMAPS
+ cp $IMGPATH/usr/share/anaconda/keymaps-override-$BASEARCH $IMGPATH/etc/keymaps.gz
else
echo "Running: $GETKEYMAPS $BUILDARCH $KEYMAPS $IMGPATH"
- $GETKEYMAPS $BUILDARCH $KEYMAPS $IMGPATH
+ $GETKEYMAPS $BUILDARCH $IMGPATH/etc/keymaps.gz $IMGPATH
if [ $? != 0 ]; then
echo "Unable to create keymaps and thus can't create initrd."
exit 1
@@ -415,86 +414,12 @@ instbin() {
fi
}

-setupSshd() {
- echo "sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin"
- >> $MBD_DIR/etc/passwd
-
- # enable root shell logins
- echo "root::14438:0:99999:7:::" >> $MBD_DIR/etc/shadow
-
- # enable 'install' account that starts anaconda on login
- echo "install:x:0:0:root:/root:/sbin/loader" >> $MBD_DIR/etc/passwd
- echo "install::14438:0:99999:7:::" >> $MBD_DIR/etc/shadow
-
- chmod 0400 $MBD_DIR/etc/shadow
-
- cat > $MBD_DIR/etc/pam.d/login << EOF
-#%PAM-1.0
-auth required pam_env.so
-auth sufficient pam_unix.so likeauth nullok
-auth required pam_deny.so
-account required pam_unix.so
-password sufficient pam_unix.so nullok use_authtok md5 shadow
-password required pam_deny.so
-session required pam_limits.so
-session required pam_unix.so
-EOF
- cp -f $MBD_DIR/etc/pam.d/login $MBD_DIR/etc/pam.d/sshd
- cp -f $MBD_DIR/etc/pam.d/login $MBD_DIR/etc/pam.d/remote
-
- mkdir -m 0700 -p $MBD_DIR/etc/ssh
- if [ "$BUILDARCH" = "s390" -o "$BUILDARCH" = "s390x" ]; then
- # key generation takes ages on s390, you really don't want this
- # for every installation attempt. These are NOT the keys of the
- # installed system!
- echo -n "Generating SSH1 RSA host key: "
- /usr/bin/ssh-keygen -q -t rsa1 -f $MBD_DIR/etc/ssh/ssh_host_key
- -C ' -N ' >&/dev/null
- echo
- echo -n "Generating SSH2 RSA host key: "
- /usr/bin/ssh-keygen -q -t rsa -f $MBD_DIR/etc/ssh/ssh_host_rsa_key
- -C ' -N ' >&/dev/null
- echo
- echo -n "Generating SSH2 DSA host key: "
- /usr/bin/ssh-keygen -q -t dsa -f $MBD_DIR/etc/ssh/ssh_host_dsa_key
- -C ' -N ' >&/dev/null
- echo
- (cd $MBD_DIR/etc/ssh;
- chmod 600 ssh_host_key ssh_host_rsa_key ssh_host_dsa_key;
- chmod 644 ssh_host_key.pub ssh_host_rsa_key.pub ssh_host_dsa_key.pub; )
- fi
-
- cat > $MBD_DIR/etc/ssh/sshd_config.anaconda <<EOF
-Port 22
-HostKey /etc/ssh/ssh_host_key
-HostKey /etc/ssh/ssh_host_rsa_key
-HostKey /etc/ssh/ssh_host_dsa_key
-PermitRootLogin yes
-IgnoreRhosts yes
-StrictModes yes
-X11Forwarding yes
-X11DisplayOffset 10
-PrintMotd yes
-XAuthLocation /sbin/xauth
-KeepAlive yes
-SyslogFacility AUTHPRIV
-RSAAuthentication yes
-PasswordAuthentication yes
-PermitEmptyPasswords yes
-PermitUserEnvironment yes
-EOF
- chmod 600 $MBD_DIR/etc/ssh/sshd_config.anaconda
-}
-
-
makeinitrd() {
EXTRAINITRDPATH=""
KEEP=""
PADSIZE=""
LOADERBIN=""
INITRDMODULES=""
- MYLANGTABLE=$LANGTABLE
- MYLOADERTR=loader.tr
while [ x$(echo $1 | cut -c1-2) = x"--" ]; do
if [ $1 = "--initrdto" ]; then
EXTRAINITRDPATH=$2
@@ -528,157 +453,13 @@ makeinitrd() {
MBD_FSIMAGE=$TMPDIR/makebootdisk.initrdimage.$$
MBD_BOOTTREE=$TMPDIR/makebootdisk.tree.$$

- rm -rf $MBD_DIR $MBD_FSIMAGE
- mkdir -p $MBD_DIR/modules
- mkdir -p $MBD_DIR/dev
- mkdir -p $MBD_DIR/proc
- mkdir -p $MBD_DIR/selinux
- mkdir -p $MBD_DIR/sys
- mkdir -p $MBD_DIR/tmp
- mkdir -p $MBD_DIR/var/lib/dbus
- mkdir -p $MBD_DIR/var/lib/dhclient
- mkdir -p $MBD_DIR/etc/dhcp
- mkdir -p $MBD_DIR/var/lock/rpm
- mkdir -p $MBD_DIR/var/run
- mkdir -p $MBD_DIR/var/run/dbus
- mkdir -p $MBD_DIR/var/run/NetworkManager
- mkdir -p $MBD_DIR/etc/modprobe.d
- mkdir -p $MBD_DIR/var/run/wpa_supplicant
- mkdir -m 111 -p $MBD_DIR/var/empty/sshd
- mkdir -p $MBD_DIR/usr/lib/rpm
- mkdir -p $MBD_DIR/var/lib/rpm
-
- if [ "$BUILDARCH" = "s390" -o "$BUILDARCH" = "s390x" ]; then
- ln -s /tmp $MBD_DIR/var/state/xkb
- fi
-
if [ -n "$INITRDMODULES" ]; then
MODSET=`expandModuleSet "$INITRDMODULES"`
makemoduletree $MBD_DIR "$MODSET"
fi

- # set up the arch bits
- echo $arch > $MBD_DIR/etc/arch
-
- echo "Setting up arch bits"
- instbin $IMGPATH ${LOADERBINDIR##$IMGPATH}/$LOADERBIN $MBD_DIR /sbin/loader
- if [ "$BUILDARCH" != "s390" -a "$BUILDARCH" != "s390x" ]; then
- instbin $IMGPATH ${LOADERBINDIR##$IMGPATH}/init $MBD_DIR /sbin/init
- ln -s ./init $MBD_DIR/sbin/reboot
- ln -s ./init $MBD_DIR/sbin/halt
- ln -s ./init $MBD_DIR/sbin/poweroff
- else
- instbin $IMGPATH ${LOADERBINDIR##$IMGPATH}/shutdown $MBD_DIR /sbin/shutdown
- instbin $IMGPATH /usr/share/anaconda/linuxrc.s390 $MBD_DIR /sbin/init
- ( cd $MBD_DIR/sbin
- ln -sf init reboot
- ln -sf init halt
- )
- fi
- instbin $IMGPATH ${LIBEXECBINDIR##$IMGPATH}/auditd $MBD_DIR /sbin/auditd
-
- if [ "$BUILDARCH" != "s390" -a "$BUILDARCH" != "s390x" ]; then
- install -m 644 $KEYMAPS $MBD_DIR/etc/keymaps.gz
- install -m 644 $SCREENFONT $MBD_DIR/etc/screenfont.gz
- fi
-
- install -m 644 $MYLANGTABLE $MBD_DIR/etc/lang-table
- mkdir -p $MBD_DIR/usr/lib/locale
- localedef -c -i en_US -f UTF-8 --prefix $MBD_DIR en_US
-
- ( cd $MBD_DIR/etc ; ln -sf /etc/rc.d/init.d init.d )
-
- # DHCP and DHCPv6 client daemons and support programs
- touch $MBD_DIR/etc/resolv.conf
-
- # rsyslog
- # EOF has a quote in the first character on purpose; see man bash on here documents
- cat > $MBD_DIR/etc/rsyslog.conf <<EOF
-#### MODULES ####
-$ModLoad imuxsock.so # provides support for local system logging
-$ModLoad imklog.so # provides kernel logging support
-
-$ModLoad imfile
-$InputFileName /tmp/X.log
-$InputFileTag xserver:
-$InputFileStateFile xserver-statefile
-$InputFileFacility local1
-$InputRunFileMonitor
-$InputFileName /tmp/anaconda-tb-all.log
-$InputFileTag anaconda-tb:
-$InputFileStateFile anaconda-tb-statefile
-$InputFileFacility local1
-$InputRunFileMonitor
-
-#### GLOBAL DIRECTIVES ####
-# Use default timestamp format
-$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
-
-#### TEMPLATES ####
-
-$template anaconda_tty4, "%syslogseverity-text:::uppercase% %programname%:%msg%
"
-$template anaconda_syslog, "%timestamp:8:$:date-rfc3164%,%timestamp:1:3:date-subseconds% %syslogseverity-text:::uppercase% %programname%:%msg%
"
-$template virtio_ForwardFormat, "<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %syslogtag:1:32%%msg:::sp-if-no-1st-sp%%msg%
"
-
-#### RULES ####
-# log everything except anaconda-specific records from local1 (those are stored
-# directly into files via python logging)
-*.*;
-authpriv.none;
-local1.none /tmp/syslog;anaconda_syslog
- & /dev/tty4;anaconda_tty4
-
-# ### begin forwarding rule ###
-# The statement between the begin ... end define a SINGLE forwarding
-# rule. They belong together, do NOT split them. If you create multiple
-# forwarding rules, duplicate the whole block!
-#
-# An on-disk queue is created for this action. If the remote host is
-# down, messages are spooled to disk and sent when it is up again.
-$ActionQueueMaxDiskSpace 1m # space limit (use as much as possible)
-$ActionQueueSaveOnShutdown off # do not save messages to disk on shutdown
-$ActionQueueType LinkedList # run asynchronously
-$ActionResumeRetryCount -1 # infinite retries if host is down
-# remote host is: name/iport, e.g. 192.168.0.1:514, port optional
-# ### end of the forwarding rule ###
-
-EOF
-
- rm -f $MBD_DIR/lib/udev/rules.d/*generator*
-
- install -m 644 $IMGPATH/usr/share/anaconda/$MYLOADERTR $MBD_DIR/etc/loader.tr
-
makeproductfile $MBD_DIR

- ln -s /sbin/init $MBD_DIR/init
- ln -s /proc/mounts $MBD_DIR/etc/mtab
- mkdir -p $MBD_DIR/var/lib
- ln -s ../../tmp $MBD_DIR/var/lib/xkb
-
- setupSshd
-
- mkdir $MBD_DIR/root
- chmod 0700 $MBD_DIR/root
- chown root:root $MBD_DIR/root
-
- cat > $MBD_DIR/root/.profile <<EOF
-PS1="[anaconda u@h W]\$ "
-PATH=/bin:/usr/bin:/usr/sbin:/mnt/sysimage/sbin:/mnt/sysimage/usr/sbin:/mnt/sysimage/bin:/mnt/sysimage/usr/bin
-export PATH PS1
-EOF
-
- cat > $MBD_DIR/root/.bash_history <<EOF
-kill -USR2 `cat /var/run/anaconda.pid`
-kill -HUP `cat /var/run/anaconda.pid`
-udevadm info --export-db | less
-tail -f /tmp/storage.log
-echo b > /proc/sysrq-trigger
-dmsetup table
-multipath -d
-EOF
-
- cp /usr/share/doc/python-devel-*/gdbinit $MBD_DIR/root/.gdbinit
-
rm -f $MBD_FSIMAGE
(cd $MBD_DIR; find . |cpio --quiet -c -o) |gzip -9 > $MBD_FSIMAGE

diff --git a/scripts/upd-instroot b/scripts/upd-instroot
index 1b03896..961042a 100755
--- a/scripts/upd-instroot
+++ b/scripts/upd-instroot
@@ -155,6 +155,77 @@ die () {
exit 1
}

+setupSshd() {
+ echo "sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin"
+ >> $DEST/etc/passwd
+
+ # enable root shell logins
+ echo "root::14438:0:99999:7:::" >> $DEST/etc/shadow
+
+ # enable 'install' account that starts anaconda on login
+ echo "install:x:0:0:root:/root:/sbin/loader" >> $DEST/etc/passwd
+ echo "install::14438:0:99999:7:::" >> $DEST/etc/shadow
+
+ chmod 0400 $DEST/etc/shadow
+
+ cat > $DEST/etc/pam.d/login << EOF
+#%PAM-1.0
+auth required pam_env.so
+auth sufficient pam_unix.so likeauth nullok
+auth required pam_deny.so
+account required pam_unix.so
+password sufficient pam_unix.so nullok use_authtok md5 shadow
+password required pam_deny.so
+session required pam_limits.so
+session required pam_unix.so
+EOF
+ cp -f $DEST/etc/pam.d/login $DEST/etc/pam.d/sshd
+ cp -f $DEST/etc/pam.d/login $DEST/etc/pam.d/remote
+
+ mkdir -m 0700 -p $DEST/etc/ssh
+ if [ "$ARCH" = "s390" -o "$ARCH" = "s390x" ]; then
+ # key generation takes ages on s390, you really don't want this
+ # for every installation attempt. These are NOT the keys of the
+ # installed system!
+ echo -n "Generating SSH1 RSA host key: "
+ /usr/bin/ssh-keygen -q -t rsa1 -f $DEST/etc/ssh/ssh_host_key
+ -C ' -N ' >&/dev/null
+ echo
+ echo -n "Generating SSH2 RSA host key: "
+ /usr/bin/ssh-keygen -q -t rsa -f $DEST/etc/ssh/ssh_host_rsa_key
+ -C ' -N ' >&/dev/null
+ echo
+ echo -n "Generating SSH2 DSA host key: "
+ /usr/bin/ssh-keygen -q -t dsa -f $DEST/etc/ssh/ssh_host_dsa_key
+ -C ' -N ' >&/dev/null
+ echo
+ (cd $DEST/etc/ssh;
+ chmod 600 ssh_host_key ssh_host_rsa_key ssh_host_dsa_key;
+ chmod 644 ssh_host_key.pub ssh_host_rsa_key.pub ssh_host_dsa_key.pub; )
+ fi
+
+ cat > $DEST/etc/ssh/sshd_config.anaconda <<EOF
+Port 22
+HostKey /etc/ssh/ssh_host_key
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+PermitRootLogin yes
+IgnoreRhosts yes
+StrictModes yes
+X11Forwarding yes
+X11DisplayOffset 10
+PrintMotd yes
+XAuthLocation /sbin/xauth
+KeepAlive yes
+SyslogFacility AUTHPRIV
+RSAAuthentication yes
+PasswordAuthentication yes
+PermitEmptyPasswords yes
+PermitUserEnvironment yes
+EOF
+ chmod 600 $DEST/etc/ssh/sshd_config.anaconda
+}
+
PACKAGES="GConf2 NetworkManager NetworkManager-gnome ORBit2 acl anaconda
anaconda-yum-plugins at-spi atk attr audit-libs bash bind-utils
bitmap-fonts-cjk
@@ -926,8 +997,35 @@ echo "Assembling package list..."
RPMS="$PACKAGES $PACKAGESRESCUE"
[ -n "$DEBUG" ] && echo "RPMS are $RPMS"

-rm -rf $DEST; mkdir -p $DEST/usr/sbin $DEST/var/lib $DEST/boot
+rm -rf $DEST
+
+# Create a bunch of empty directories that are important for a running system.
+mkdir -p $DEST/boot
+mkdir -p $DEST/dev
+mkdir -p $DEST/etc/dhcp
+mkdir -p $DEST/etc/modprobe.d
+mkdir -p $DEST/firmware
+mkdir -p $DEST/lib
+mkdir -p $DEST/modules
+mkdir -p $DEST/proc
+mkdir -p $DEST/selinux
+mkdir -p $DEST/sys
+mkdir -p $DEST/tmp
+mkdir -p $DEST/usr/lib/rpm
+mkdir -p $DEST/usr/sbin
+mkdir -m 111 -p $DEST/var/empty/sshd
+mkdir -p $DEST/var/lib/dbus
+mkdir -p $DEST/var/lib/dhclient
+mkdir -p $DEST/var/lib/rpm
+mkdir -p $DEST/var/lock/rpm
+mkdir -p $DEST/var/run
+mkdir -p $DEST/var/run/dbus
+mkdir -p $DEST/var/run/NetworkManager
+mkdir -p $DEST/var/run/wpa_supplicant
+mkdir -p $DEST/var/state
+
ln -s /tmp $DEST/var/lib/xkb
+ln -s /tmp $DEST/var/state/xkb

#
# concat KEEPFILE and KEEPFILERESCUE lists
@@ -942,6 +1040,32 @@ mkdir -p $YUMDIR/var/lib/yum
expandPackageSet $yumconf $YUMDIR "$RPMS" $DEST $KEEPFILE
echo `date` "Done Expanding packages..."

+# Install the anaconda portions.
+install -m 755 $DEST/usr/libexec/anaconda/auditd $DEST/sbin/auditd
+install -m 755 $DEST/usr/$LIBDIR/anaconda/loader $DEST/sbin/loader
+install -m 644 $DEST/usr/share/anaconda/loader.tr $DEST/etc/loader.tr
+
+cp $DEST/usr/share/anaconda/raidstart-stub $DEST/usr/bin/raidstart
+cp $DEST/usr/share/anaconda/raidstop-stub $DEST/usr/bin/raidstop
+cp $DEST/usr/share/anaconda/losetup-stub $DEST/usr/bin/losetup
+cp $DEST/usr/share/anaconda/list-harddrives-stub $DEST/usr/bin/list-harddrives
+cp $DEST/usr/share/anaconda/loadkeys-stub $DEST/usr/bin/loadkeys
+cp $DEST/usr/share/anaconda/mknod-stub $DEST/usr/bin/mknod
+cp $DEST/usr/share/anaconda/restart-anaconda $DEST/usr/bin/restart-anaconda
+mv $DEST/usr/sbin/anaconda $DEST/usr/bin/anaconda
+mv $DEST/usr/$LIBDIR/python?.?/site-packages/pyanaconda/sitecustomize.py $DEST/usr/$LIBDIR/python?.?/site-packages
+
+if [ $ARCH = "s390" -o $ARCH = "s390x" ]; then
+ mv $DEST/usr/libexec/anaconda/shutdown $DEST/sbin
+ mv $DEST/usr/share/anaconda/linuxrc.s390 $DEST/sbin/init
+ ( cd $DEST/sbin && ln -sf init reboot && ln -sf init halt )
+else
+ mv $DEST/usr/$LIBDIR/anaconda/init $DEST/sbin/init
+ ( cd $DEST/sbin && ln -s init reboot && ln -s init halt && ln -s init poweroff )
+
+ install -m 644 $DEST/usr/share/anaconda/screenfont-$ARCH.gz $DEST/etc/screenfont.gz
+fi
+
# Dogtail will check this
echo "Creating customized GConf2 settings for root"
mkdir -p $DEST/.gconf/desktop/gnome/interface
@@ -1008,7 +1132,15 @@ rm -rf $YUMDIR
chown -R root:root $DEST
chmod -R a+rX-w $DEST

+# Some files need very particular permissions.
+chmod 04755 $DEST/usr/libexec/polkit-1/polkit-agent-helper-1
+chown root:dbus $DEST/$LIBDIR/dbus-1/dbus-daemon-launch-helper
+chmod 04750 $DEST/$LIBDIR/dbus-1/dbus-daemon-launch-helper
+
# Remove locales unused during the install
+install -m 644 $DEST/usr/share/anaconda/lang-table $DEST/etc/lang-table
+localedef -c -i en_US -f UTF-8 --prefix $DEST en_US
+
cat $DEST/usr/share/anaconda/lang-table* | awk '
{ gsub("-", "", $4);
print $4;
@@ -1053,7 +1185,61 @@ SELINUXTYPE=targeted
EOF
fi

-echo "Creating libuser.conf"
+echo "Creating config files"
+touch $DEST/etc/resolv.conf
+
+# EOF has a quote in the first character on purpose; see man bash on here documents
+cat > $DEST/etc/rsyslog.conf <<EOF
+#### MODULES ####
+$ModLoad imuxsock.so # provides support for local system logging
+$ModLoad imklog.so # provides kernel logging support
+
+$ModLoad imfile
+$InputFileName /tmp/X.log
+$InputFileTag xserver:
+$InputFileStateFile xserver-statefile
+$InputFileFacility local1
+$InputRunFileMonitor
+$InputFileName /tmp/anaconda-tb-all.log
+$InputFileTag anaconda-tb:
+$InputFileStateFile anaconda-tb-statefile
+$InputFileFacility local1
+$InputRunFileMonitor
+
+#### GLOBAL DIRECTIVES ####
+# Use default timestamp format
+$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+
+#### TEMPLATES ####
+
+$template anaconda_tty4, "%syslogseverity-text:::uppercase% %programname%:%msg%
"
+$template anaconda_syslog, "%timestamp:8:$:date-rfc3164%,%timestamp:1:3:date-subseconds% %syslogseverity-text:::uppercase% %programname%:%msg%
"
+$template virtio_ForwardFormat, "<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %syslogtag:1:32%%msg:::sp-if-no-1st-sp%%msg%
"
+
+#### RULES ####
+# log everything except anaconda-specific records from local1 (those are stored
+# directly into files via python logging)
+*.*;
+authpriv.none;
+local1.none /tmp/syslog;anaconda_syslog
+ & /dev/tty4;anaconda_tty4
+
+# ### begin forwarding rule ###
+# The statement between the begin ... end define a SINGLE forwarding
+# rule. They belong together, do NOT split them. If you create multiple
+# forwarding rules, duplicate the whole block!
+#
+# An on-disk queue is created for this action. If the remote host is
+# down, messages are spooled to disk and sent when it is up again.
+$ActionQueueMaxDiskSpace 1m # space limit (use as much as possible)
+$ActionQueueSaveOnShutdown off # do not save messages to disk on shutdown
+$ActionQueueType LinkedList # run asynchronously
+$ActionResumeRetryCount -1 # infinite retries if host is down
+# remote host is: name/iport, e.g. 192.168.0.1:514, port optional
+# ### end of the forwarding rule ###
+
+EOF
+
cat > $DEST/etc/libuser.conf <<EOF
[defaults]
skeleton = /mnt/sysimage/etc/skel
@@ -1067,6 +1253,22 @@ directory = /mnt/sysimage/etc
directory = /mnt/sysimage/etc
EOF

+cat > $DEST/.profile <<EOF
+PS1="[anaconda u@h W]\$ "
+PATH=/bin:/usr/bin:/usr/sbin:/mnt/sysimage/sbin:/mnt/sysimage/usr/sbin:/mnt/sysimage/bin:/mnt/sysimage/usr/bin
+export PATH PS1
+EOF
+
+cat > $DEST/.bash_history <<EOF
+kill -USR2 `cat /var/run/anaconda.pid`
+kill -HUP `cat /var/run/anaconda.pid`
+udevadm info --export-db | less
+tail -f /tmp/storage.log
+echo b > /proc/sysrq-trigger
+dmsetup table
+multipath -d
+EOF
+
echo "Creating /etc/skel"
# libuser needs this when it creates sshpw users
mkdir -p $DEST/etc/skel
@@ -1075,6 +1277,8 @@ echo "Creating empty /etc/gshadow"
# libuser needs this when it creates sshpw users
touch $DEST/etc/gshadow

+setupSshd
+
sed -i 's|(installforallkernels) = 0|1 = 1|' $DEST/etc/yum/pluginconf.d/fedorakmod.conf

#
@@ -1096,26 +1300,15 @@ sed -i "s,^MANPATH[^_MAP][ ]*,&/mnt/sysimage," $DEST/etc/man.config
sed -i "s,^MANPATH_MAP[ ]*[a-zA-Z0-9/]*[ ]*,&/mnt/sysimage," $DEST/etc/man.config

echo "Scrubbing tree..." "$DEST"
-mkdir -p $DEST/lib
-mkdir -p $DEST/firmware
ln -snf /modules $DEST/lib/modules
ln -snf /firmware $DEST/lib/firmware
-cp $DEST/usr/share/anaconda/raidstart-stub $DEST/usr/bin/raidstart
-cp $DEST/usr/share/anaconda/raidstop-stub $DEST/usr/bin/raidstop
-cp $DEST/usr/share/anaconda/losetup-stub $DEST/usr/bin/losetup
-cp $DEST/usr/share/anaconda/list-harddrives-stub $DEST/usr/bin/list-harddrives
-cp $DEST/usr/share/anaconda/loadkeys-stub $DEST/usr/bin/loadkeys
-cp $DEST/usr/share/anaconda/mknod-stub $DEST/usr/bin/mknod
-cp $DEST/usr/share/anaconda/restart-anaconda $DEST/usr/bin/restart-anaconda
-mv $DEST/usr/sbin/anaconda $DEST/usr/bin/anaconda
-mv $DEST/usr/$LIBDIR/python?.?/site-packages/pyanaconda/sitecustomize.py $DEST/usr/$LIBDIR/python?.?/site-packages

mv $DEST/etc/yum.repos.d $DEST/etc/anaconda.repos.d

-rm -f $DEST/usr/$LIBDIR/libunicode-lite*
-
find $DEST -type d | xargs chmod 755

+cp $DEST/usr/share/doc/python-devel-*/gdbinit $DEST/.gdbinit
+
if [ -f $DEST/bin/bash ]; then
rm -f $DEST/bin/ash
ln -s bash $DEST/bin/sh
@@ -1125,6 +1318,10 @@ if [ -f $DEST/bin/gawk ]; then
ln -sf $DEST/bin/gawk awk
fi

+( cd $DEST/etc && ln -sf /etc/rc.d/init.d init.d )
+ln -sf /sbin/init $DEST/init
+ln -sf /proc/mounts $DEST/etc/mtab
+
# copy bootloader files for sparc
if [ $ARCH = sparc -o $ARCH = sparcv9 -o $ARCH = sparc64 ]; then
mkdir -p $DEST/usr/share/anaconda/boot
@@ -1156,10 +1353,13 @@ if [ $ARCH = i386 -o $ARCH = i586 -o $ARCH = i686 -o $ARCH = x86_64 ]; then
cp -af $DEST/boot/memtest* $DEST/usr/share/anaconda/boot
fi

-rm -rf $DEST/boot $DEST/home $DEST/root $DEST/tmp
+rm -rf $DEST/boot $DEST/home

+# Remove a bunch of stuff we don't want in the final image.
find $DEST -name "*.a" | grep -v kernel-wrapper/wrapper.a | xargs rm -rf
find $DEST -name "lib*.la" |grep -v "usr/$LIBDIR/gtk-2.0" | xargs rm -rf
+rm -f $DEST/lib/udev/rules.d/*generator*
+rm -f $DEST/usr/$LIBDIR/libunicode-lite*

# nuke some python stuff we don't need
for d in idle distutils bsddb lib-old hotshot doctest.py pydoc.py site-packages/japanese site-packages/japanese.pth ; do
--
1.7.1.1

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
 
Old 10-13-2010, 03:11 PM
Chris Lumens
 
Default Step 2 of merging installer images: Move most everything out of makeinitrd.

There's no need for all this file creation, installation, and copying to exist
in makeinitrd when it could just as easily be in upd-instroot with everything
else.
---
scripts/mk-images | 223 +------------------------------------------------
scripts/upd-instroot | 230 +++++++++++++++++++++++++++++++++++++++++++++++---
2 files changed, 218 insertions(+), 235 deletions(-)

diff --git a/scripts/mk-images b/scripts/mk-images
index bd85e80..4fa7ae3 100755
--- a/scripts/mk-images
+++ b/scripts/mk-images
@@ -171,7 +171,6 @@ LIBEXECBINDIR=$IMGPATH/usr/libexec/anaconda
ADDRSIZE=$IMGPATH/usr/$LIBDIR/anaconda/addrsize
MKS390CDBOOT=$IMGPATH/usr/$LIBDIR/anaconda/mk-s390-cdboot
GENMODINFO=$IMGPATH/usr/libexec/anaconda/genmodinfo
-KEYMAPS=$TMPDIR/keymaps-$BUILDARCH.$$
SCREENFONT=$IMGPATH/usr/share/anaconda/screenfont-${BASEARCH}.gz
MODLIST=$IMGPATH/usr/libexec/anaconda/modlist
MODINFO=$TMPDIR/modinfo-$BUILDARCH.$$
@@ -206,10 +205,10 @@ if [ "$BUILDARCH" != "s390" -a "$BUILDARCH" != "s390x" ]; then
# go ahead and create the keymaps so we only have to do it once
if [ -f $IMGPATH/usr/share/anaconda/keymaps-override-$BASEARCH ]; then
echo "Found keymap override, using it"
- cp $IMGPATH/usr/share/anaconda/keymaps-override-$BASEARCH $KEYMAPS
+ cp $IMGPATH/usr/share/anaconda/keymaps-override-$BASEARCH $IMGPATH/etc/keymaps.gz
else
echo "Running: $GETKEYMAPS $BUILDARCH $KEYMAPS $IMGPATH"
- $GETKEYMAPS $BUILDARCH $KEYMAPS $IMGPATH
+ $GETKEYMAPS $BUILDARCH $IMGPATH/etc/keymaps.gz $IMGPATH
if [ $? != 0 ]; then
echo "Unable to create keymaps and thus can't create initrd."
exit 1
@@ -422,85 +421,11 @@ instbin() {
fi
}

-setupSshd() {
- echo "sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin"
- >> $MBD_DIR/etc/passwd
-
- # enable root shell logins
- echo "root::14438:0:99999:7:::" >> $MBD_DIR/etc/shadow
-
- # enable 'install' account that starts anaconda on login
- echo "install:x:0:0:root:/root:/sbin/loader" >> $MBD_DIR/etc/passwd
- echo "install::14438:0:99999:7:::" >> $MBD_DIR/etc/shadow
-
- chmod 0400 $MBD_DIR/etc/shadow
-
- cat > $MBD_DIR/etc/pam.d/login << EOF
-#%PAM-1.0
-auth required pam_env.so
-auth sufficient pam_unix.so likeauth nullok
-auth required pam_deny.so
-account required pam_unix.so
-password sufficient pam_unix.so nullok use_authtok md5 shadow
-password required pam_deny.so
-session required pam_limits.so
-session required pam_unix.so
-EOF
- cp -f $MBD_DIR/etc/pam.d/login $MBD_DIR/etc/pam.d/sshd
- cp -f $MBD_DIR/etc/pam.d/login $MBD_DIR/etc/pam.d/remote
-
- mkdir -m 0700 -p $MBD_DIR/etc/ssh
- if [ "$BUILDARCH" = "s390" -o "$BUILDARCH" = "s390x" ]; then
- # key generation takes ages on s390, you really don't want this
- # for every installation attempt. These are NOT the keys of the
- # installed system!
- echo -n "Generating SSH1 RSA host key: "
- /usr/bin/ssh-keygen -q -t rsa1 -f $MBD_DIR/etc/ssh/ssh_host_key
- -C ' -N ' >&/dev/null
- echo
- echo -n "Generating SSH2 RSA host key: "
- /usr/bin/ssh-keygen -q -t rsa -f $MBD_DIR/etc/ssh/ssh_host_rsa_key
- -C ' -N ' >&/dev/null
- echo
- echo -n "Generating SSH2 DSA host key: "
- /usr/bin/ssh-keygen -q -t dsa -f $MBD_DIR/etc/ssh/ssh_host_dsa_key
- -C ' -N ' >&/dev/null
- echo
- (cd $MBD_DIR/etc/ssh;
- chmod 600 ssh_host_key ssh_host_rsa_key ssh_host_dsa_key;
- chmod 644 ssh_host_key.pub ssh_host_rsa_key.pub ssh_host_dsa_key.pub; )
- fi
-
- cat > $MBD_DIR/etc/ssh/sshd_config.anaconda <<EOF
-Port 22
-HostKey /etc/ssh/ssh_host_key
-HostKey /etc/ssh/ssh_host_rsa_key
-HostKey /etc/ssh/ssh_host_dsa_key
-PermitRootLogin yes
-IgnoreRhosts yes
-StrictModes yes
-X11Forwarding yes
-X11DisplayOffset 10
-PrintMotd yes
-XAuthLocation /sbin/xauth
-KeepAlive yes
-SyslogFacility AUTHPRIV
-RSAAuthentication yes
-PasswordAuthentication yes
-PermitEmptyPasswords yes
-PermitUserEnvironment yes
-EOF
- chmod 600 $MBD_DIR/etc/ssh/sshd_config.anaconda
-}
-
-
makeinitrd() {
EXTRAINITRDPATH=""
KEEP=""
PADSIZE=""
INITRDMODULES=""
- MYLANGTABLE=$LANGTABLE
- MYLOADERTR=loader.tr
while [ x$(echo $1 | cut -c1-2) = x"--" ]; do
if [ $1 = "--initrdto" ]; then
EXTRAINITRDPATH=$2
@@ -526,157 +451,13 @@ makeinitrd() {
MBD_FSIMAGE=$TMPDIR/makebootdisk.initrdimage.$$
MBD_BOOTTREE=$TMPDIR/makebootdisk.tree.$$

- rm -rf $MBD_DIR $MBD_FSIMAGE
- mkdir -p $MBD_DIR/modules
- mkdir -p $MBD_DIR/dev
- mkdir -p $MBD_DIR/proc
- mkdir -p $MBD_DIR/selinux
- mkdir -p $MBD_DIR/sys
- mkdir -p $MBD_DIR/tmp
- mkdir -p $MBD_DIR/var/lib/dbus
- mkdir -p $MBD_DIR/var/lib/dhclient
- mkdir -p $MBD_DIR/etc/dhcp
- mkdir -p $MBD_DIR/var/lock/rpm
- mkdir -p $MBD_DIR/var/run
- mkdir -p $MBD_DIR/var/run/dbus
- mkdir -p $MBD_DIR/var/run/NetworkManager
- mkdir -p $MBD_DIR/etc/modprobe.d
- mkdir -p $MBD_DIR/var/run/wpa_supplicant
- mkdir -m 111 -p $MBD_DIR/var/empty/sshd
- mkdir -p $MBD_DIR/usr/lib/rpm
- mkdir -p $MBD_DIR/var/lib/rpm
-
- if [ "$BUILDARCH" = "s390" -o "$BUILDARCH" = "s390x" ]; then
- ln -s /tmp $MBD_DIR/var/state/xkb
- fi
-
if [ -n "$INITRDMODULES" ]; then
MODSET=`expandModuleSet "$INITRDMODULES"`
makemoduletree $MBD_DIR "$MODSET"
fi

- # set up the arch bits
- echo $arch > $MBD_DIR/etc/arch
-
- echo "Setting up arch bits"
- instbin $IMGPATH ${LOADERBINDIR##$IMGPATH}/loader $MBD_DIR /sbin/loader
- if [ "$BUILDARCH" != "s390" -a "$BUILDARCH" != "s390x" ]; then
- instbin $IMGPATH ${LOADERBINDIR##$IMGPATH}/init $MBD_DIR /sbin/init
- ln -s ./init $MBD_DIR/sbin/reboot
- ln -s ./init $MBD_DIR/sbin/halt
- ln -s ./init $MBD_DIR/sbin/poweroff
- else
- instbin $IMGPATH ${LOADERBINDIR##$IMGPATH}/shutdown $MBD_DIR /sbin/shutdown
- instbin $IMGPATH /usr/share/anaconda/linuxrc.s390 $MBD_DIR /sbin/init
- ( cd $MBD_DIR/sbin
- ln -sf init reboot
- ln -sf init halt
- )
- fi
- instbin $IMGPATH ${LIBEXECBINDIR##$IMGPATH}/auditd $MBD_DIR /sbin/auditd
-
- if [ "$BUILDARCH" != "s390" -a "$BUILDARCH" != "s390x" ]; then
- install -m 644 $KEYMAPS $MBD_DIR/etc/keymaps.gz
- install -m 644 $SCREENFONT $MBD_DIR/etc/screenfont.gz
- fi
-
- install -m 644 $MYLANGTABLE $MBD_DIR/etc/lang-table
- mkdir -p $MBD_DIR/usr/lib/locale
- localedef -c -i en_US -f UTF-8 --prefix $MBD_DIR en_US
-
- ( cd $MBD_DIR/etc ; ln -sf /etc/rc.d/init.d init.d )
-
- # DHCP and DHCPv6 client daemons and support programs
- touch $MBD_DIR/etc/resolv.conf
-
- # rsyslog
- # EOF has a quote in the first character on purpose; see man bash on here documents
- cat > $MBD_DIR/etc/rsyslog.conf <<EOF
-#### MODULES ####
-$ModLoad imuxsock.so # provides support for local system logging
-$ModLoad imklog.so # provides kernel logging support
-
-$ModLoad imfile
-$InputFileName /tmp/X.log
-$InputFileTag xserver:
-$InputFileStateFile xserver-statefile
-$InputFileFacility local1
-$InputRunFileMonitor
-$InputFileName /tmp/anaconda-tb-all.log
-$InputFileTag anaconda-tb:
-$InputFileStateFile anaconda-tb-statefile
-$InputFileFacility local1
-$InputRunFileMonitor
-
-#### GLOBAL DIRECTIVES ####
-# Use default timestamp format
-$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
-
-#### TEMPLATES ####
-
-$template anaconda_tty4, "%syslogseverity-text:::uppercase% %programname%:%msg%
"
-$template anaconda_syslog, "%timestamp:8:$:date-rfc3164%,%timestamp:1:3:date-subseconds% %syslogseverity-text:::uppercase% %programname%:%msg%
"
-$template virtio_ForwardFormat, "<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %syslogtag:1:32%%msg:::sp-if-no-1st-sp%%msg%
"
-
-#### RULES ####
-# log everything except anaconda-specific records from local1 (those are stored
-# directly into files via python logging)
-*.*;
-authpriv.none;
-local1.none /tmp/syslog;anaconda_syslog
- & /dev/tty4;anaconda_tty4
-
-# ### begin forwarding rule ###
-# The statement between the begin ... end define a SINGLE forwarding
-# rule. They belong together, do NOT split them. If you create multiple
-# forwarding rules, duplicate the whole block!
-#
-# An on-disk queue is created for this action. If the remote host is
-# down, messages are spooled to disk and sent when it is up again.
-$ActionQueueMaxDiskSpace 1m # space limit (use as much as possible)
-$ActionQueueSaveOnShutdown off # do not save messages to disk on shutdown
-$ActionQueueType LinkedList # run asynchronously
-$ActionResumeRetryCount -1 # infinite retries if host is down
-# remote host is: name/iport, e.g. 192.168.0.1:514, port optional
-# ### end of the forwarding rule ###
-
-EOF
-
- rm -f $MBD_DIR/lib/udev/rules.d/*generator*
-
- install -m 644 $IMGPATH/usr/share/anaconda/$MYLOADERTR $MBD_DIR/etc/loader.tr
-
makeproductfile $MBD_DIR

- ln -s /sbin/init $MBD_DIR/init
- ln -s /proc/mounts $MBD_DIR/etc/mtab
- mkdir -p $MBD_DIR/var/lib
- ln -s ../../tmp $MBD_DIR/var/lib/xkb
-
- setupSshd
-
- mkdir $MBD_DIR/root
- chmod 0700 $MBD_DIR/root
- chown root:root $MBD_DIR/root
-
- cat > $MBD_DIR/root/.profile <<EOF
-PS1="[anaconda u@h W]\$ "
-PATH=/bin:/usr/bin:/usr/sbin:/mnt/sysimage/sbin:/mnt/sysimage/usr/sbin:/mnt/sysimage/bin:/mnt/sysimage/usr/bin
-export PATH PS1
-EOF
-
- cat > $MBD_DIR/root/.bash_history <<EOF
-kill -USR2 `cat /var/run/anaconda.pid`
-kill -HUP `cat /var/run/anaconda.pid`
-udevadm info --export-db | less
-tail -f /tmp/storage.log
-echo b > /proc/sysrq-trigger
-dmsetup table
-multipath -d
-EOF
-
- cp /usr/share/doc/python-devel-*/gdbinit $MBD_DIR/root/.gdbinit
-
rm -f $MBD_FSIMAGE
(cd $MBD_DIR; find . |cpio --quiet -c -o) |gzip -9 > $MBD_FSIMAGE

diff --git a/scripts/upd-instroot b/scripts/upd-instroot
index 8c848d5..c6889da 100755
--- a/scripts/upd-instroot
+++ b/scripts/upd-instroot
@@ -155,6 +155,77 @@ die () {
exit 1
}

+setupSshd() {
+ echo "sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin"
+ >> $DEST/etc/passwd
+
+ # enable root shell logins
+ echo "root::14438:0:99999:7:::" >> $DEST/etc/shadow
+
+ # enable 'install' account that starts anaconda on login
+ echo "install:x:0:0:root:/root:/sbin/loader" >> $DEST/etc/passwd
+ echo "install::14438:0:99999:7:::" >> $DEST/etc/shadow
+
+ chmod 0400 $DEST/etc/shadow
+
+ cat > $DEST/etc/pam.d/login << EOF
+#%PAM-1.0
+auth required pam_env.so
+auth sufficient pam_unix.so likeauth nullok
+auth required pam_deny.so
+account required pam_unix.so
+password sufficient pam_unix.so nullok use_authtok md5 shadow
+password required pam_deny.so
+session required pam_limits.so
+session required pam_unix.so
+EOF
+ cp -f $DEST/etc/pam.d/login $DEST/etc/pam.d/sshd
+ cp -f $DEST/etc/pam.d/login $DEST/etc/pam.d/remote
+
+ mkdir -m 0700 -p $DEST/etc/ssh
+ if [ "$ARCH" = "s390" -o "$ARCH" = "s390x" ]; then
+ # key generation takes ages on s390, you really don't want this
+ # for every installation attempt. These are NOT the keys of the
+ # installed system!
+ echo -n "Generating SSH1 RSA host key: "
+ /usr/bin/ssh-keygen -q -t rsa1 -f $DEST/etc/ssh/ssh_host_key
+ -C ' -N ' >&/dev/null
+ echo
+ echo -n "Generating SSH2 RSA host key: "
+ /usr/bin/ssh-keygen -q -t rsa -f $DEST/etc/ssh/ssh_host_rsa_key
+ -C ' -N ' >&/dev/null
+ echo
+ echo -n "Generating SSH2 DSA host key: "
+ /usr/bin/ssh-keygen -q -t dsa -f $DEST/etc/ssh/ssh_host_dsa_key
+ -C ' -N ' >&/dev/null
+ echo
+ (cd $DEST/etc/ssh;
+ chmod 600 ssh_host_key ssh_host_rsa_key ssh_host_dsa_key;
+ chmod 644 ssh_host_key.pub ssh_host_rsa_key.pub ssh_host_dsa_key.pub; )
+ fi
+
+ cat > $DEST/etc/ssh/sshd_config.anaconda <<EOF
+Port 22
+HostKey /etc/ssh/ssh_host_key
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+PermitRootLogin yes
+IgnoreRhosts yes
+StrictModes yes
+X11Forwarding yes
+X11DisplayOffset 10
+PrintMotd yes
+XAuthLocation /sbin/xauth
+KeepAlive yes
+SyslogFacility AUTHPRIV
+RSAAuthentication yes
+PasswordAuthentication yes
+PermitEmptyPasswords yes
+PermitUserEnvironment yes
+EOF
+ chmod 600 $DEST/etc/ssh/sshd_config.anaconda
+}
+
PACKAGES="GConf2 NetworkManager NetworkManager-gnome ORBit2 acl anaconda
anaconda-yum-plugins at-spi atk attr audit-libs bash bind-utils
bitmap-fonts-cjk
@@ -923,8 +994,35 @@ echo "Assembling package list..."
RPMS="$PACKAGES $PACKAGESRESCUE"
[ -n "$DEBUG" ] && echo "RPMS are $RPMS"

-rm -rf $DEST; mkdir -p $DEST/usr/sbin $DEST/var/lib $DEST/boot
+rm -rf $DEST
+
+# Create a bunch of empty directories that are important for a running system.
+mkdir -p $DEST/boot
+mkdir -p $DEST/dev
+mkdir -p $DEST/etc/dhcp
+mkdir -p $DEST/etc/modprobe.d
+mkdir -p $DEST/firmware
+mkdir -p $DEST/lib
+mkdir -p $DEST/modules
+mkdir -p $DEST/proc
+mkdir -p $DEST/selinux
+mkdir -p $DEST/sys
+mkdir -p $DEST/tmp
+mkdir -p $DEST/usr/lib/rpm
+mkdir -p $DEST/usr/sbin
+mkdir -m 111 -p $DEST/var/empty/sshd
+mkdir -p $DEST/var/lib/dbus
+mkdir -p $DEST/var/lib/dhclient
+mkdir -p $DEST/var/lib/rpm
+mkdir -p $DEST/var/lock/rpm
+mkdir -p $DEST/var/run
+mkdir -p $DEST/var/run/dbus
+mkdir -p $DEST/var/run/NetworkManager
+mkdir -p $DEST/var/run/wpa_supplicant
+mkdir -p $DEST/var/state
+
ln -s /tmp $DEST/var/lib/xkb
+ln -s /tmp $DEST/var/state/xkb

#
# concat KEEPFILE and KEEPFILERESCUE lists
@@ -939,6 +1037,33 @@ mkdir -p $YUMDIR/var/lib/yum
expandPackageSet $yumconf $YUMDIR "$RPMS" $DEST $KEEPFILE
echo `date` "Done Expanding packages..."

+# Install the anaconda portions.
+install -m 755 $DEST/usr/libexec/anaconda/auditd $DEST/sbin/auditd
+install -m 755 $DEST/usr/$LIBDIR/anaconda/loader $DEST/sbin/loader
+install -m 644 $DEST/usr/share/anaconda/loader.tr $DEST/etc/loader.tr
+
+cp $DEST/usr/share/anaconda/raidstart-stub $DEST/usr/bin/raidstart
+cp $DEST/usr/share/anaconda/raidstop-stub $DEST/usr/bin/raidstop
+cp $DEST/usr/share/anaconda/losetup-stub $DEST/usr/bin/losetup
+cp $DEST/usr/share/anaconda/list-harddrives-stub $DEST/usr/bin/list-harddrives
+cp $DEST/usr/share/anaconda/loadkeys-stub $DEST/usr/bin/loadkeys
+cp $DEST/usr/share/anaconda/mknod-stub $DEST/usr/bin/mknod
+cp $DEST/usr/share/anaconda/restart-anaconda $DEST/usr/bin/restart-anaconda
+mv $DEST/usr/sbin/logpicker $DEST/usr/bin/logpicker
+mv $DEST/usr/sbin/anaconda $DEST/usr/bin/anaconda
+mv $DEST/usr/$LIBDIR/python?.?/site-packages/pyanaconda/sitecustomize.py $DEST/usr/$LIBDIR/python?.?/site-packages
+
+if [ $ARCH = "s390" -o $ARCH = "s390x" ]; then
+ mv $DEST/usr/libexec/anaconda/shutdown $DEST/sbin
+ mv $DEST/usr/share/anaconda/linuxrc.s390 $DEST/sbin/init
+ ( cd $DEST/sbin && ln -sf init reboot && ln -sf init halt )
+else
+ mv $DEST/usr/$LIBDIR/anaconda/init $DEST/sbin/init
+ ( cd $DEST/sbin && ln -s init reboot && ln -s init halt && ln -s init poweroff )
+
+ install -m 644 $DEST/usr/share/anaconda/screenfont-$ARCH.gz $DEST/etc/screenfont.gz
+fi
+
# Dogtail will check this
echo "Creating customized GConf2 settings for root"
mkdir -p $DEST/.gconf/desktop/gnome/interface
@@ -1005,7 +1130,15 @@ rm -rf $YUMDIR
chown -R root:root $DEST
chmod -R a+rX-w $DEST

+# Some files need very particular permissions.
+chmod 04755 $DEST/usr/libexec/polkit-1/polkit-agent-helper-1
+chown root:dbus $DEST/$LIBDIR/dbus-1/dbus-daemon-launch-helper
+chmod 04750 $DEST/$LIBDIR/dbus-1/dbus-daemon-launch-helper
+
# Remove locales unused during the install
+install -m 644 $DEST/usr/share/anaconda/lang-table $DEST/etc/lang-table
+localedef -c -i en_US -f UTF-8 --prefix $DEST en_US
+
cat $DEST/usr/share/anaconda/lang-table* | awk '
{ gsub("-", "", $4);
print $4;
@@ -1046,7 +1179,61 @@ SELINUXTYPE=targeted
EOF
fi

-echo "Creating libuser.conf"
+echo "Creating config files"
+touch $DEST/etc/resolv.conf
+
+# EOF has a quote in the first character on purpose; see man bash on here documents
+cat > $DEST/etc/rsyslog.conf <<EOF
+#### MODULES ####
+$ModLoad imuxsock.so # provides support for local system logging
+$ModLoad imklog.so # provides kernel logging support
+
+$ModLoad imfile
+$InputFileName /tmp/X.log
+$InputFileTag xserver:
+$InputFileStateFile xserver-statefile
+$InputFileFacility local1
+$InputRunFileMonitor
+$InputFileName /tmp/anaconda-tb-all.log
+$InputFileTag anaconda-tb:
+$InputFileStateFile anaconda-tb-statefile
+$InputFileFacility local1
+$InputRunFileMonitor
+
+#### GLOBAL DIRECTIVES ####
+# Use default timestamp format
+$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
+
+#### TEMPLATES ####
+
+$template anaconda_tty4, "%syslogseverity-text:::uppercase% %programname%:%msg%
"
+$template anaconda_syslog, "%timestamp:8:$:date-rfc3164%,%timestamp:1:3:date-subseconds% %syslogseverity-text:::uppercase% %programname%:%msg%
"
+$template virtio_ForwardFormat, "<%PRI%>%TIMESTAMP:::date-rfc3339% %HOSTNAME% %syslogtag:1:32%%msg:::sp-if-no-1st-sp%%msg%
"
+
+#### RULES ####
+# log everything except anaconda-specific records from local1 (those are stored
+# directly into files via python logging)
+*.*;
+authpriv.none;
+local1.none /tmp/syslog;anaconda_syslog
+ & /dev/tty4;anaconda_tty4
+
+# ### begin forwarding rule ###
+# The statement between the begin ... end define a SINGLE forwarding
+# rule. They belong together, do NOT split them. If you create multiple
+# forwarding rules, duplicate the whole block!
+#
+# An on-disk queue is created for this action. If the remote host is
+# down, messages are spooled to disk and sent when it is up again.
+$ActionQueueMaxDiskSpace 1m # space limit (use as much as possible)
+$ActionQueueSaveOnShutdown off # do not save messages to disk on shutdown
+$ActionQueueType LinkedList # run asynchronously
+$ActionResumeRetryCount -1 # infinite retries if host is down
+# remote host is: name/iport, e.g. 192.168.0.1:514, port optional
+# ### end of the forwarding rule ###
+
+EOF
+
cat > $DEST/etc/libuser.conf <<EOF
[defaults]
skeleton = /mnt/sysimage/etc/skel
@@ -1060,6 +1247,22 @@ directory = /mnt/sysimage/etc
directory = /mnt/sysimage/etc
EOF

+cat > $DEST/.profile <<EOF
+PS1="[anaconda u@h W]\$ "
+PATH=/bin:/usr/bin:/usr/sbin:/mnt/sysimage/sbin:/mnt/sysimage/usr/sbin:/mnt/sysimage/bin:/mnt/sysimage/usr/bin
+export PATH PS1
+EOF
+
+cat > $DEST/.bash_history <<EOF
+kill -USR2 `cat /var/run/anaconda.pid`
+kill -HUP `cat /var/run/anaconda.pid`
+udevadm info --export-db | less
+tail -f /tmp/storage.log
+echo b > /proc/sysrq-trigger
+dmsetup table
+multipath -d
+EOF
+
echo "Creating /etc/skel"
# libuser needs this when it creates sshpw users
mkdir -p $DEST/etc/skel
@@ -1068,6 +1271,8 @@ echo "Creating empty /etc/gshadow"
# libuser needs this when it creates sshpw users
touch $DEST/etc/gshadow

+setupSshd
+
sed -i 's|(installforallkernels) = 0|1 = 1|' $DEST/etc/yum/pluginconf.d/fedorakmod.conf

#
@@ -1089,19 +1294,8 @@ sed -i "s,^MANPATH[^_MAP][ ]*,&/mnt/sysimage," $DEST/etc/man_db.conf
sed -i "s,^MANPATH_MAP[ ]*[a-zA-Z0-9/]*[ ]*,&/mnt/sysimage," $DEST/etc/man_db.conf

echo "Scrubbing tree..." "$DEST"
-mkdir -p $DEST/lib
-mkdir -p $DEST/firmware
ln -snf /modules $DEST/lib/modules
ln -snf /firmware $DEST/lib/firmware
-cp $DEST/usr/share/anaconda/raidstart-stub $DEST/usr/bin/raidstart
-cp $DEST/usr/share/anaconda/raidstop-stub $DEST/usr/bin/raidstop
-cp $DEST/usr/share/anaconda/list-harddrives-stub $DEST/usr/bin/list-harddrives
-cp $DEST/usr/share/anaconda/loadkeys-stub $DEST/usr/bin/loadkeys
-cp $DEST/usr/share/anaconda/mknod-stub $DEST/usr/bin/mknod
-cp $DEST/usr/share/anaconda/restart-anaconda $DEST/usr/bin/restart-anaconda
-mv $DEST/usr/sbin/anaconda $DEST/usr/bin/anaconda
-mv $DEST/usr/sbin/logpicker $DEST/usr/bin/logpicker
-mv $DEST/usr/$LIBDIR/python?.?/site-packages/pyanaconda/sitecustomize.py $DEST/usr/$LIBDIR/python?.?/site-packages

mv $DEST/etc/yum.repos.d $DEST/etc/anaconda.repos.d

@@ -1111,6 +1305,8 @@ rm -f $DEST/usr/sbin/build-locale-archive

find $DEST -type d | xargs chmod 755

+cp $DEST/usr/share/doc/python-devel-*/gdbinit $DEST/.gdbinit
+
if [ -f $DEST/bin/bash ]; then
rm -f $DEST/bin/ash
ln -s bash $DEST/bin/sh
@@ -1120,6 +1316,10 @@ if [ -f $DEST/bin/gawk ]; then
ln -sf $DEST/bin/gawk awk
fi

+( cd $DEST/etc && ln -sf /etc/rc.d/init.d init.d )
+ln -sf /sbin/init $DEST/init
+ln -sf /proc/mounts $DEST/etc/mtab
+
# copy bootloader files for sparc
if [ $ARCH = sparc -o $ARCH = sparcv9 -o $ARCH = sparc64 ]; then
mkdir -p $DEST/usr/share/anaconda/boot
@@ -1151,10 +1351,12 @@ if [ $ARCH = i386 -o $ARCH = i586 -o $ARCH = i686 -o $ARCH = x86_64 ]; then
cp -af $DEST/boot/memtest* $DEST/usr/share/anaconda/boot
fi

-rm -rf $DEST/boot $DEST/home $DEST/root $DEST/tmp
+rm -rf $DEST/boot $DEST/home

+# Remove a bunch of stuff we don't want in the final image.
find $DEST -name "*.a" | grep -v kernel-wrapper/wrapper.a | xargs rm -rf
find $DEST -name "lib*.la" |grep -v "usr/$LIBDIR/gtk-2.0" | xargs rm -rf
+rm -f $DEST/lib/udev/rules.d/*generator*

# nuke some python stuff we don't need
for d in idle distutils bsddb lib-old hotshot doctest.py pydoc.py site-packages/japanese site-packages/japanese.pth ; do
--
1.7.1.1

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
 
Old 10-14-2010, 08:55 AM
Martin Gracik
 
Default Step 2 of merging installer images: Move most everything out of makeinitrd.

2 things:

1.
+mv $DEST/usr/sbin/logpicker $DEST/usr/bin/logpicker
+mv $DEST/usr/sbin/anaconda $DEST/usr/bin/anaconda

why are we moving those? and why are they not in /usr/bin at the first place?

2.
we are creating the $DEST/boot directory and removing it later, is that necessary?

otherwise looks OK

--

Martin Gracik

----- "Chris Lumens" <clumens@redhat.com> wrote:

> There's no need for all this file creation, installation, and copying
> to exist
> in makeinitrd when it could just as easily be in upd-instroot with
> everything
> else.
> ---
> scripts/mk-images | 223
> +------------------------------------------------
> scripts/upd-instroot | 230
> +++++++++++++++++++++++++++++++++++++++++++++++---
> 2 files changed, 218 insertions(+), 235 deletions(-)
>
> diff --git a/scripts/mk-images b/scripts/mk-images
> index bd85e80..4fa7ae3 100755
> --- a/scripts/mk-images
> +++ b/scripts/mk-images
> @@ -171,7 +171,6 @@ LIBEXECBINDIR=$IMGPATH/usr/libexec/anaconda
> ADDRSIZE=$IMGPATH/usr/$LIBDIR/anaconda/addrsize
> MKS390CDBOOT=$IMGPATH/usr/$LIBDIR/anaconda/mk-s390-cdboot
> GENMODINFO=$IMGPATH/usr/libexec/anaconda/genmodinfo
> -KEYMAPS=$TMPDIR/keymaps-$BUILDARCH.$$
> SCREENFONT=$IMGPATH/usr/share/anaconda/screenfont-${BASEARCH}.gz
> MODLIST=$IMGPATH/usr/libexec/anaconda/modlist
> MODINFO=$TMPDIR/modinfo-$BUILDARCH.$$
> @@ -206,10 +205,10 @@ if [ "$BUILDARCH" != "s390" -a "$BUILDARCH" !=
> "s390x" ]; then
> # go ahead and create the keymaps so we only have to do it once
> if [ -f $IMGPATH/usr/share/anaconda/keymaps-override-$BASEARCH ];
> then
> echo "Found keymap override, using it"
> - cp $IMGPATH/usr/share/anaconda/keymaps-override-$BASEARCH
> $KEYMAPS
> + cp $IMGPATH/usr/share/anaconda/keymaps-override-$BASEARCH
> $IMGPATH/etc/keymaps.gz
> else
> echo "Running: $GETKEYMAPS $BUILDARCH $KEYMAPS $IMGPATH"
> - $GETKEYMAPS $BUILDARCH $KEYMAPS $IMGPATH
> + $GETKEYMAPS $BUILDARCH $IMGPATH/etc/keymaps.gz $IMGPATH
> if [ $? != 0 ]; then
> echo "Unable to create keymaps and thus can't create
> initrd."
> exit 1
> @@ -422,85 +421,11 @@ instbin() {
> fi
> }
>
> -setupSshd() {
> - echo "sshd:x:74:74:Privilege-separated
> SSH:/var/empty/sshd:/sbin/nologin"
> - >> $MBD_DIR/etc/passwd
> -
> - # enable root shell logins
> - echo "root::14438:0:99999:7:::" >> $MBD_DIR/etc/shadow
> -
> - # enable 'install' account that starts anaconda on login
> - echo "install:x:0:0:root:/root:/sbin/loader" >>
> $MBD_DIR/etc/passwd
> - echo "install::14438:0:99999:7:::" >> $MBD_DIR/etc/shadow
> -
> - chmod 0400 $MBD_DIR/etc/shadow
> -
> - cat > $MBD_DIR/etc/pam.d/login << EOF
> -#%PAM-1.0
> -auth required pam_env.so
> -auth sufficient pam_unix.so likeauth nullok
> -auth required pam_deny.so
> -account required pam_unix.so
> -password sufficient pam_unix.so nullok use_authtok md5 shadow
> -password required pam_deny.so
> -session required pam_limits.so
> -session required pam_unix.so
> -EOF
> - cp -f $MBD_DIR/etc/pam.d/login $MBD_DIR/etc/pam.d/sshd
> - cp -f $MBD_DIR/etc/pam.d/login $MBD_DIR/etc/pam.d/remote
> -
> - mkdir -m 0700 -p $MBD_DIR/etc/ssh
> - if [ "$BUILDARCH" = "s390" -o "$BUILDARCH" = "s390x" ]; then
> - # key generation takes ages on s390, you really don't want
> this
> - # for every installation attempt. These are NOT the keys of
> the
> - # installed system!
> - echo -n "Generating SSH1 RSA host key: "
> - /usr/bin/ssh-keygen -q -t rsa1 -f
> $MBD_DIR/etc/ssh/ssh_host_key
> - -C ' -N ' >&/dev/null
> - echo
> - echo -n "Generating SSH2 RSA host key: "
> - /usr/bin/ssh-keygen -q -t rsa -f
> $MBD_DIR/etc/ssh/ssh_host_rsa_key
> - -C ' -N ' >&/dev/null
> - echo
> - echo -n "Generating SSH2 DSA host key: "
> - /usr/bin/ssh-keygen -q -t dsa -f
> $MBD_DIR/etc/ssh/ssh_host_dsa_key
> - -C ' -N ' >&/dev/null
> - echo
> - (cd $MBD_DIR/etc/ssh;
> - chmod 600 ssh_host_key ssh_host_rsa_key ssh_host_dsa_key;
> - chmod 644 ssh_host_key.pub ssh_host_rsa_key.pub
> ssh_host_dsa_key.pub; )
> - fi
> -
> - cat > $MBD_DIR/etc/ssh/sshd_config.anaconda <<EOF
> -Port 22
> -HostKey /etc/ssh/ssh_host_key
> -HostKey /etc/ssh/ssh_host_rsa_key
> -HostKey /etc/ssh/ssh_host_dsa_key
> -PermitRootLogin yes
> -IgnoreRhosts yes
> -StrictModes yes
> -X11Forwarding yes
> -X11DisplayOffset 10
> -PrintMotd yes
> -XAuthLocation /sbin/xauth
> -KeepAlive yes
> -SyslogFacility AUTHPRIV
> -RSAAuthentication yes
> -PasswordAuthentication yes
> -PermitEmptyPasswords yes
> -PermitUserEnvironment yes
> -EOF
> - chmod 600 $MBD_DIR/etc/ssh/sshd_config.anaconda
> -}
> -
> -
> makeinitrd() {
> EXTRAINITRDPATH=""
> KEEP=""
> PADSIZE=""
> INITRDMODULES=""
> - MYLANGTABLE=$LANGTABLE
> - MYLOADERTR=loader.tr
> while [ x$(echo $1 | cut -c1-2) = x"--" ]; do
> if [ $1 = "--initrdto" ]; then
> EXTRAINITRDPATH=$2
> @@ -526,157 +451,13 @@ makeinitrd() {
> MBD_FSIMAGE=$TMPDIR/makebootdisk.initrdimage.$$
> MBD_BOOTTREE=$TMPDIR/makebootdisk.tree.$$
>
> - rm -rf $MBD_DIR $MBD_FSIMAGE
> - mkdir -p $MBD_DIR/modules
> - mkdir -p $MBD_DIR/dev
> - mkdir -p $MBD_DIR/proc
> - mkdir -p $MBD_DIR/selinux
> - mkdir -p $MBD_DIR/sys
> - mkdir -p $MBD_DIR/tmp
> - mkdir -p $MBD_DIR/var/lib/dbus
> - mkdir -p $MBD_DIR/var/lib/dhclient
> - mkdir -p $MBD_DIR/etc/dhcp
> - mkdir -p $MBD_DIR/var/lock/rpm
> - mkdir -p $MBD_DIR/var/run
> - mkdir -p $MBD_DIR/var/run/dbus
> - mkdir -p $MBD_DIR/var/run/NetworkManager
> - mkdir -p $MBD_DIR/etc/modprobe.d
> - mkdir -p $MBD_DIR/var/run/wpa_supplicant
> - mkdir -m 111 -p $MBD_DIR/var/empty/sshd
> - mkdir -p $MBD_DIR/usr/lib/rpm
> - mkdir -p $MBD_DIR/var/lib/rpm
> -
> - if [ "$BUILDARCH" = "s390" -o "$BUILDARCH" = "s390x" ]; then
> - ln -s /tmp $MBD_DIR/var/state/xkb
> - fi
> -
> if [ -n "$INITRDMODULES" ]; then
> MODSET=`expandModuleSet "$INITRDMODULES"`
> makemoduletree $MBD_DIR "$MODSET"
> fi
>
> - # set up the arch bits
> - echo $arch > $MBD_DIR/etc/arch
> -
> - echo "Setting up arch bits"
> - instbin $IMGPATH ${LOADERBINDIR##$IMGPATH}/loader $MBD_DIR
> /sbin/loader
> - if [ "$BUILDARCH" != "s390" -a "$BUILDARCH" != "s390x" ]; then
> - instbin $IMGPATH ${LOADERBINDIR##$IMGPATH}/init $MBD_DIR
> /sbin/init
> - ln -s ./init $MBD_DIR/sbin/reboot
> - ln -s ./init $MBD_DIR/sbin/halt
> - ln -s ./init $MBD_DIR/sbin/poweroff
> - else
> - instbin $IMGPATH ${LOADERBINDIR##$IMGPATH}/shutdown $MBD_DIR
> /sbin/shutdown
> - instbin $IMGPATH /usr/share/anaconda/linuxrc.s390 $MBD_DIR
> /sbin/init
> - ( cd $MBD_DIR/sbin
> - ln -sf init reboot
> - ln -sf init halt
> - )
> - fi
> - instbin $IMGPATH ${LIBEXECBINDIR##$IMGPATH}/auditd $MBD_DIR
> /sbin/auditd
> -
> - if [ "$BUILDARCH" != "s390" -a "$BUILDARCH" != "s390x" ]; then
> - install -m 644 $KEYMAPS $MBD_DIR/etc/keymaps.gz
> - install -m 644 $SCREENFONT $MBD_DIR/etc/screenfont.gz
> - fi
> -
> - install -m 644 $MYLANGTABLE $MBD_DIR/etc/lang-table
> - mkdir -p $MBD_DIR/usr/lib/locale
> - localedef -c -i en_US -f UTF-8 --prefix $MBD_DIR en_US
> -
> - ( cd $MBD_DIR/etc ; ln -sf /etc/rc.d/init.d init.d )
> -
> - # DHCP and DHCPv6 client daemons and support programs
> - touch $MBD_DIR/etc/resolv.conf
> -
> - # rsyslog
> - # EOF has a quote in the first character on purpose; see man
> bash on here documents
> - cat > $MBD_DIR/etc/rsyslog.conf <<EOF
> -#### MODULES ####
> -$ModLoad imuxsock.so # provides support for local system logging
> -$ModLoad imklog.so # provides kernel logging support
> -
> -$ModLoad imfile
> -$InputFileName /tmp/X.log
> -$InputFileTag xserver:
> -$InputFileStateFile xserver-statefile
> -$InputFileFacility local1
> -$InputRunFileMonitor
> -$InputFileName /tmp/anaconda-tb-all.log
> -$InputFileTag anaconda-tb:
> -$InputFileStateFile anaconda-tb-statefile
> -$InputFileFacility local1
> -$InputRunFileMonitor
> -
> -#### GLOBAL DIRECTIVES ####
> -# Use default timestamp format
> -$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
> -
> -#### TEMPLATES ####
> -
> -$template anaconda_tty4, "%syslogseverity-text:::uppercase%
> %programname%:%msg%
"
> -$template anaconda_syslog,
> "%timestamp:8:$:date-rfc3164%,%timestamp:1:3:date-subseconds%
> %syslogseverity-text:::uppercase% %programname%:%msg%
"
> -$template virtio_ForwardFormat, "<%PRI%>%TIMESTAMP:::date-rfc3339%
> %HOSTNAME% %syslogtag:1:32%%msg:::sp-if-no-1st-sp%%msg%
"
> -
> -#### RULES ####
> -# log everything except anaconda-specific records from local1 (those
> are stored
> -# directly into files via python logging)
> -*.*;
> -authpriv.none;
> -local1.none /tmp/syslog;anaconda_syslog
> - & /dev/tty4;anaconda_tty4
> -
> -# ### begin forwarding rule ###
> -# The statement between the begin ... end define a SINGLE forwarding
> -# rule. They belong together, do NOT split them. If you create
> multiple
> -# forwarding rules, duplicate the whole block!
> -#
> -# An on-disk queue is created for this action. If the remote host is
> -# down, messages are spooled to disk and sent when it is up again.
> -$ActionQueueMaxDiskSpace 1m # space limit (use as much as
> possible)
> -$ActionQueueSaveOnShutdown off # do not save messages to disk on
> shutdown
> -$ActionQueueType LinkedList # run asynchronously
> -$ActionResumeRetryCount -1 # infinite retries if host is down
> -# remote host is: name/iport, e.g. 192.168.0.1:514, port optional
> -# ### end of the forwarding rule ###
> -
> -EOF
> -
> - rm -f $MBD_DIR/lib/udev/rules.d/*generator*
> -
> - install -m 644 $IMGPATH/usr/share/anaconda/$MYLOADERTR
> $MBD_DIR/etc/loader.tr
> -
> makeproductfile $MBD_DIR
>
> - ln -s /sbin/init $MBD_DIR/init
> - ln -s /proc/mounts $MBD_DIR/etc/mtab
> - mkdir -p $MBD_DIR/var/lib
> - ln -s ../../tmp $MBD_DIR/var/lib/xkb
> -
> - setupSshd
> -
> - mkdir $MBD_DIR/root
> - chmod 0700 $MBD_DIR/root
> - chown root:root $MBD_DIR/root
> -
> - cat > $MBD_DIR/root/.profile <<EOF
> -PS1="[anaconda u@h W]\$ "
> -PATH=/bin:/usr/bin:/usr/sbin:/mnt/sysimage/sbin:/mnt/sysimage/usr/sbin:/mnt/sysimage/bin:/mnt/sysimage/usr/bin
> -export PATH PS1
> -EOF
> -
> - cat > $MBD_DIR/root/.bash_history <<EOF
> -kill -USR2 `cat /var/run/anaconda.pid`
> -kill -HUP `cat /var/run/anaconda.pid`
> -udevadm info --export-db | less
> -tail -f /tmp/storage.log
> -echo b > /proc/sysrq-trigger
> -dmsetup table
> -multipath -d
> -EOF
> -
> - cp /usr/share/doc/python-devel-*/gdbinit $MBD_DIR/root/.gdbinit
> -
> rm -f $MBD_FSIMAGE
> (cd $MBD_DIR; find . |cpio --quiet -c -o) |gzip -9 >
> $MBD_FSIMAGE
>
> diff --git a/scripts/upd-instroot b/scripts/upd-instroot
> index 8c848d5..c6889da 100755
> --- a/scripts/upd-instroot
> +++ b/scripts/upd-instroot
> @@ -155,6 +155,77 @@ die () {
> exit 1
> }
>
> +setupSshd() {
> + echo "sshd:x:74:74:Privilege-separated
> SSH:/var/empty/sshd:/sbin/nologin"
> + >> $DEST/etc/passwd
> +
> + # enable root shell logins
> + echo "root::14438:0:99999:7:::" >> $DEST/etc/shadow
> +
> + # enable 'install' account that starts anaconda on login
> + echo "install:x:0:0:root:/root:/sbin/loader" >> $DEST/etc/passwd
> + echo "install::14438:0:99999:7:::" >> $DEST/etc/shadow
> +
> + chmod 0400 $DEST/etc/shadow
> +
> + cat > $DEST/etc/pam.d/login << EOF
> +#%PAM-1.0
> +auth required pam_env.so
> +auth sufficient pam_unix.so likeauth nullok
> +auth required pam_deny.so
> +account required pam_unix.so
> +password sufficient pam_unix.so nullok use_authtok md5 shadow
> +password required pam_deny.so
> +session required pam_limits.so
> +session required pam_unix.so
> +EOF
> + cp -f $DEST/etc/pam.d/login $DEST/etc/pam.d/sshd
> + cp -f $DEST/etc/pam.d/login $DEST/etc/pam.d/remote
> +
> + mkdir -m 0700 -p $DEST/etc/ssh
> + if [ "$ARCH" = "s390" -o "$ARCH" = "s390x" ]; then
> + # key generation takes ages on s390, you really don't want
> this
> + # for every installation attempt. These are NOT the keys of
> the
> + # installed system!
> + echo -n "Generating SSH1 RSA host key: "
> + /usr/bin/ssh-keygen -q -t rsa1 -f $DEST/etc/ssh/ssh_host_key
>
> + -C ' -N ' >&/dev/null
> + echo
> + echo -n "Generating SSH2 RSA host key: "
> + /usr/bin/ssh-keygen -q -t rsa -f
> $DEST/etc/ssh/ssh_host_rsa_key
> + -C ' -N ' >&/dev/null
> + echo
> + echo -n "Generating SSH2 DSA host key: "
> + /usr/bin/ssh-keygen -q -t dsa -f
> $DEST/etc/ssh/ssh_host_dsa_key
> + -C ' -N ' >&/dev/null
> + echo
> + (cd $DEST/etc/ssh;
> + chmod 600 ssh_host_key ssh_host_rsa_key ssh_host_dsa_key;
> + chmod 644 ssh_host_key.pub ssh_host_rsa_key.pub
> ssh_host_dsa_key.pub; )
> + fi
> +
> + cat > $DEST/etc/ssh/sshd_config.anaconda <<EOF
> +Port 22
> +HostKey /etc/ssh/ssh_host_key
> +HostKey /etc/ssh/ssh_host_rsa_key
> +HostKey /etc/ssh/ssh_host_dsa_key
> +PermitRootLogin yes
> +IgnoreRhosts yes
> +StrictModes yes
> +X11Forwarding yes
> +X11DisplayOffset 10
> +PrintMotd yes
> +XAuthLocation /sbin/xauth
> +KeepAlive yes
> +SyslogFacility AUTHPRIV
> +RSAAuthentication yes
> +PasswordAuthentication yes
> +PermitEmptyPasswords yes
> +PermitUserEnvironment yes
> +EOF
> + chmod 600 $DEST/etc/ssh/sshd_config.anaconda
> +}
> +
> PACKAGES="GConf2 NetworkManager NetworkManager-gnome ORBit2 acl
> anaconda
> anaconda-yum-plugins at-spi atk attr audit-libs bash bind-utils
> bitmap-fonts-cjk
> @@ -923,8 +994,35 @@ echo "Assembling package list..."
> RPMS="$PACKAGES $PACKAGESRESCUE"
> [ -n "$DEBUG" ] && echo "RPMS are $RPMS"
>
> -rm -rf $DEST; mkdir -p $DEST/usr/sbin $DEST/var/lib $DEST/boot
> +rm -rf $DEST
> +
> +# Create a bunch of empty directories that are important for a
> running system.
> +mkdir -p $DEST/boot
> +mkdir -p $DEST/dev
> +mkdir -p $DEST/etc/dhcp
> +mkdir -p $DEST/etc/modprobe.d
> +mkdir -p $DEST/firmware
> +mkdir -p $DEST/lib
> +mkdir -p $DEST/modules
> +mkdir -p $DEST/proc
> +mkdir -p $DEST/selinux
> +mkdir -p $DEST/sys
> +mkdir -p $DEST/tmp
> +mkdir -p $DEST/usr/lib/rpm
> +mkdir -p $DEST/usr/sbin
> +mkdir -m 111 -p $DEST/var/empty/sshd
> +mkdir -p $DEST/var/lib/dbus
> +mkdir -p $DEST/var/lib/dhclient
> +mkdir -p $DEST/var/lib/rpm
> +mkdir -p $DEST/var/lock/rpm
> +mkdir -p $DEST/var/run
> +mkdir -p $DEST/var/run/dbus
> +mkdir -p $DEST/var/run/NetworkManager
> +mkdir -p $DEST/var/run/wpa_supplicant
> +mkdir -p $DEST/var/state
> +
> ln -s /tmp $DEST/var/lib/xkb
> +ln -s /tmp $DEST/var/state/xkb
>
> #
> # concat KEEPFILE and KEEPFILERESCUE lists
> @@ -939,6 +1037,33 @@ mkdir -p $YUMDIR/var/lib/yum
> expandPackageSet $yumconf $YUMDIR "$RPMS" $DEST $KEEPFILE
> echo `date` "Done Expanding packages..."
>
> +# Install the anaconda portions.
> +install -m 755 $DEST/usr/libexec/anaconda/auditd $DEST/sbin/auditd
> +install -m 755 $DEST/usr/$LIBDIR/anaconda/loader $DEST/sbin/loader
> +install -m 644 $DEST/usr/share/anaconda/loader.tr
> $DEST/etc/loader.tr
> +
> +cp $DEST/usr/share/anaconda/raidstart-stub $DEST/usr/bin/raidstart
> +cp $DEST/usr/share/anaconda/raidstop-stub $DEST/usr/bin/raidstop
> +cp $DEST/usr/share/anaconda/losetup-stub $DEST/usr/bin/losetup
> +cp $DEST/usr/share/anaconda/list-harddrives-stub
> $DEST/usr/bin/list-harddrives
> +cp $DEST/usr/share/anaconda/loadkeys-stub $DEST/usr/bin/loadkeys
> +cp $DEST/usr/share/anaconda/mknod-stub $DEST/usr/bin/mknod
> +cp $DEST/usr/share/anaconda/restart-anaconda
> $DEST/usr/bin/restart-anaconda
> +mv $DEST/usr/sbin/logpicker $DEST/usr/bin/logpicker
> +mv $DEST/usr/sbin/anaconda $DEST/usr/bin/anaconda
> +mv
> $DEST/usr/$LIBDIR/python?.?/site-packages/pyanaconda/sitecustomize.py
> $DEST/usr/$LIBDIR/python?.?/site-packages
> +
> +if [ $ARCH = "s390" -o $ARCH = "s390x" ]; then
> + mv $DEST/usr/libexec/anaconda/shutdown $DEST/sbin
> + mv $DEST/usr/share/anaconda/linuxrc.s390 $DEST/sbin/init
> + ( cd $DEST/sbin && ln -sf init reboot && ln -sf init halt )
> +else
> + mv $DEST/usr/$LIBDIR/anaconda/init $DEST/sbin/init
> + ( cd $DEST/sbin && ln -s init reboot && ln -s init halt && ln -s
> init poweroff )
> +
> + install -m 644 $DEST/usr/share/anaconda/screenfont-$ARCH.gz
> $DEST/etc/screenfont.gz
> +fi
> +
> # Dogtail will check this
> echo "Creating customized GConf2 settings for root"
> mkdir -p $DEST/.gconf/desktop/gnome/interface
> @@ -1005,7 +1130,15 @@ rm -rf $YUMDIR
> chown -R root:root $DEST
> chmod -R a+rX-w $DEST
>
> +# Some files need very particular permissions.
> +chmod 04755 $DEST/usr/libexec/polkit-1/polkit-agent-helper-1
> +chown root:dbus $DEST/$LIBDIR/dbus-1/dbus-daemon-launch-helper
> +chmod 04750 $DEST/$LIBDIR/dbus-1/dbus-daemon-launch-helper
> +
> # Remove locales unused during the install
> +install -m 644 $DEST/usr/share/anaconda/lang-table
> $DEST/etc/lang-table
> +localedef -c -i en_US -f UTF-8 --prefix $DEST en_US
> +
> cat $DEST/usr/share/anaconda/lang-table* | awk '
> { gsub("-", "", $4);
> print $4;
> @@ -1046,7 +1179,61 @@ SELINUXTYPE=targeted
> EOF
> fi
>
> -echo "Creating libuser.conf"
> +echo "Creating config files"
> +touch $DEST/etc/resolv.conf
> +
> +# EOF has a quote in the first character on purpose; see man bash on
> here documents
> +cat > $DEST/etc/rsyslog.conf <<EOF
> +#### MODULES ####
> +$ModLoad imuxsock.so # provides support for local system logging
> +$ModLoad imklog.so # provides kernel logging support
> +
> +$ModLoad imfile
> +$InputFileName /tmp/X.log
> +$InputFileTag xserver:
> +$InputFileStateFile xserver-statefile
> +$InputFileFacility local1
> +$InputRunFileMonitor
> +$InputFileName /tmp/anaconda-tb-all.log
> +$InputFileTag anaconda-tb:
> +$InputFileStateFile anaconda-tb-statefile
> +$InputFileFacility local1
> +$InputRunFileMonitor
> +
> +#### GLOBAL DIRECTIVES ####
> +# Use default timestamp format
> +$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
> +
> +#### TEMPLATES ####
> +
> +$template anaconda_tty4, "%syslogseverity-text:::uppercase%
> %programname%:%msg%
"
> +$template anaconda_syslog,
> "%timestamp:8:$:date-rfc3164%,%timestamp:1:3:date-subseconds%
> %syslogseverity-text:::uppercase% %programname%:%msg%
"
> +$template virtio_ForwardFormat, "<%PRI%>%TIMESTAMP:::date-rfc3339%
> %HOSTNAME% %syslogtag:1:32%%msg:::sp-if-no-1st-sp%%msg%
"
> +
> +#### RULES ####
> +# log everything except anaconda-specific records from local1 (those
> are stored
> +# directly into files via python logging)
> +*.*;
> +authpriv.none;
> +local1.none /tmp/syslog;anaconda_syslog
> + & /dev/tty4;anaconda_tty4
> +
> +# ### begin forwarding rule ###
> +# The statement between the begin ... end define a SINGLE forwarding
> +# rule. They belong together, do NOT split them. If you create
> multiple
> +# forwarding rules, duplicate the whole block!
> +#
> +# An on-disk queue is created for this action. If the remote host is
> +# down, messages are spooled to disk and sent when it is up again.
> +$ActionQueueMaxDiskSpace 1m # space limit (use as much as
> possible)
> +$ActionQueueSaveOnShutdown off # do not save messages to disk on
> shutdown
> +$ActionQueueType LinkedList # run asynchronously
> +$ActionResumeRetryCount -1 # infinite retries if host is down
> +# remote host is: name/iport, e.g. 192.168.0.1:514, port optional
> +# ### end of the forwarding rule ###
> +
> +EOF
> +
> cat > $DEST/etc/libuser.conf <<EOF
> [defaults]
> skeleton = /mnt/sysimage/etc/skel
> @@ -1060,6 +1247,22 @@ directory = /mnt/sysimage/etc
> directory = /mnt/sysimage/etc
> EOF
>
> +cat > $DEST/.profile <<EOF
> +PS1="[anaconda u@h W]\$ "
> +PATH=/bin:/usr/bin:/usr/sbin:/mnt/sysimage/sbin:/mnt/sysimage/usr/sbin:/mnt/sysimage/bin:/mnt/sysimage/usr/bin
> +export PATH PS1
> +EOF
> +
> +cat > $DEST/.bash_history <<EOF
> +kill -USR2 `cat /var/run/anaconda.pid`
> +kill -HUP `cat /var/run/anaconda.pid`
> +udevadm info --export-db | less
> +tail -f /tmp/storage.log
> +echo b > /proc/sysrq-trigger
> +dmsetup table
> +multipath -d
> +EOF
> +
> echo "Creating /etc/skel"
> # libuser needs this when it creates sshpw users
> mkdir -p $DEST/etc/skel
> @@ -1068,6 +1271,8 @@ echo "Creating empty /etc/gshadow"
> # libuser needs this when it creates sshpw users
> touch $DEST/etc/gshadow
>
> +setupSshd
> +
> sed -i 's|(installforallkernels) = 0|1 = 1|'
> $DEST/etc/yum/pluginconf.d/fedorakmod.conf
>
> #
> @@ -1089,19 +1294,8 @@ sed -i "s,^MANPATH[^_MAP][
> ]*,&/mnt/sysimage," $DEST/etc/man_db.conf
> sed -i "s,^MANPATH_MAP[ ]*[a-zA-Z0-9/]*[ ]*,&/mnt/sysimage,"
> $DEST/etc/man_db.conf
>
> echo "Scrubbing tree..." "$DEST"
> -mkdir -p $DEST/lib
> -mkdir -p $DEST/firmware
> ln -snf /modules $DEST/lib/modules
> ln -snf /firmware $DEST/lib/firmware
> -cp $DEST/usr/share/anaconda/raidstart-stub $DEST/usr/bin/raidstart
> -cp $DEST/usr/share/anaconda/raidstop-stub $DEST/usr/bin/raidstop
> -cp $DEST/usr/share/anaconda/list-harddrives-stub
> $DEST/usr/bin/list-harddrives
> -cp $DEST/usr/share/anaconda/loadkeys-stub $DEST/usr/bin/loadkeys
> -cp $DEST/usr/share/anaconda/mknod-stub $DEST/usr/bin/mknod
> -cp $DEST/usr/share/anaconda/restart-anaconda
> $DEST/usr/bin/restart-anaconda
> -mv $DEST/usr/sbin/anaconda $DEST/usr/bin/anaconda
> -mv $DEST/usr/sbin/logpicker $DEST/usr/bin/logpicker
> -mv
> $DEST/usr/$LIBDIR/python?.?/site-packages/pyanaconda/sitecustomize.py
> $DEST/usr/$LIBDIR/python?.?/site-packages
>
> mv $DEST/etc/yum.repos.d $DEST/etc/anaconda.repos.d
>
> @@ -1111,6 +1305,8 @@ rm -f $DEST/usr/sbin/build-locale-archive
>
> find $DEST -type d | xargs chmod 755
>
> +cp $DEST/usr/share/doc/python-devel-*/gdbinit $DEST/.gdbinit
> +
> if [ -f $DEST/bin/bash ]; then
> rm -f $DEST/bin/ash
> ln -s bash $DEST/bin/sh
> @@ -1120,6 +1316,10 @@ if [ -f $DEST/bin/gawk ]; then
> ln -sf $DEST/bin/gawk awk
> fi
>
> +( cd $DEST/etc && ln -sf /etc/rc.d/init.d init.d )
> +ln -sf /sbin/init $DEST/init
> +ln -sf /proc/mounts $DEST/etc/mtab
> +
> # copy bootloader files for sparc
> if [ $ARCH = sparc -o $ARCH = sparcv9 -o $ARCH = sparc64 ]; then
> mkdir -p $DEST/usr/share/anaconda/boot
> @@ -1151,10 +1351,12 @@ if [ $ARCH = i386 -o $ARCH = i586 -o $ARCH =
> i686 -o $ARCH = x86_64 ]; then
> cp -af $DEST/boot/memtest* $DEST/usr/share/anaconda/boot
> fi
>
> -rm -rf $DEST/boot $DEST/home $DEST/root $DEST/tmp
> +rm -rf $DEST/boot $DEST/home
>
> +# Remove a bunch of stuff we don't want in the final image.
> find $DEST -name "*.a" | grep -v kernel-wrapper/wrapper.a | xargs rm
> -rf
> find $DEST -name "lib*.la" |grep -v "usr/$LIBDIR/gtk-2.0" | xargs rm
> -rf
> +rm -f $DEST/lib/udev/rules.d/*generator*
>
> # nuke some python stuff we don't need
> for d in idle distutils bsddb lib-old hotshot doctest.py pydoc.py
> site-packages/japanese site-packages/japanese.pth ; do
> --
> 1.7.1.1
>
> _______________________________________________
> Anaconda-devel-list mailing list
> Anaconda-devel-list@redhat.com
> https://www.redhat.com/mailman/listinfo/anaconda-devel-list

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
 
Old 10-14-2010, 01:20 PM
Chris Lumens
 
Default Step 2 of merging installer images: Move most everything out of makeinitrd.

> 1.
> +mv $DEST/usr/sbin/logpicker $DEST/usr/bin/logpicker
> +mv $DEST/usr/sbin/anaconda $DEST/usr/bin/anaconda
>
> why are we moving those? and why are they not in /usr/bin at the first place?

Likely, because we don't want them in /usr/bin in the installed package
(don't really want people poking around for things in /usr/bin to run
and finding anaconda).

> 2.
> we are creating the $DEST/boot directory and removing it later, is that necessary?

Good question, and that one I do not know the answer to.

- Chris

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
 

Thread Tools




All times are GMT. The time now is 04:34 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org