Applications
/
ublinux-init
10
0
Fork 1
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Fix many bugs

Browse Source
master v2.39
Dmitry Razumov 2 years ago
parent a7b4eda97c
commit 29de42397c
Signed by: asmeron
GPG Key ID: 50BC1DB583B79706
13 changed files with 351 additions and 238 deletions
Show Stats Download Patch File Download Diff File

3
ublinux/os-config
Unescape View File

@ -188,7 +188,8 @@ ZONE=Etc/UTC
SYSCONF=/etc/ublinux
#/rc.preinit.d/21-ntp
NTPSERVERS_DEFAULT="ntp1.vniiftri.ru ntp2.vniiftri.ru ntp3.vniiftri.ru ntp4.vniiftri.ru ntp21.vniiftri.ru ru.pool.ntp.org"
NTPSERVERS_DEFAULT="0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org"
NTPSERVERS_RU="ntp1.vniiftri.ru ntp2.vniiftri.ru ntp3.vniiftri.ru ntp4.vniiftri.ru ntp21.vniiftri.ru ru.pool.ntp.org"
NTPSERVERS_FALLBACK="0.ru.pool.ntp.org 1.ru.pool.ntp.org 2.ru.pool.ntp.org 3.ru.pool.ntp.org"
NTP_SYSTEMSERVICE="systemd-timesyncd.service"

46
ublinux/rc.local.d/41-x11vnc
Unescape View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
ENABLED=yes
[[ ${ENABLED} == yes ]] || exit 0
@ -21,17 +21,16 @@ debug_mode "$0" "$@"
chmod 600 /root/.vnc/.passwd
## Show obscured password
#/usr/bin/x11vnc -showrfbauth /root/.vnc/passwd
OPTION_PASSWD="-rfbauth /root/.vnc/.passwd"
fi
if [[ -z ${X11VNC[disable]} && -z ${X11VNC[nodisplay]} && ${X11VNC[display]} != "disable" && ${X11VNC[display]} != "no" ]]; then
if systemctl --quiet is-enabled lightdm.service &>/dev/null || systemctl --quiet is-enabled lightdm-plymouth.service &>/dev/null; then
for ID_DISPLAY in /var/run/lightdm/root/:*; do
FILE_X11VNC_SERVICE="/usr/lib/systemd/system/x11vnc-ublinux:${ID_DISPLAY##*:}.service"
OPTION_DISPLAY="-display WAIT:${ID_DISPLAY##*:} -auth /var/run/lightdm/root/:${ID_DISPLAY##*:}"
OPTION_LOG="-o /var/log/x11vnc-ublinux:${ID_DISPLAY##*:}.log"
OPTION_PORT="-autoport 590${ID_DISPLAY##*:}"
mkdir -p "${FILE_X11VNC_SERVICE%/*}"
cat << EOF > "${FILE_X11VNC_SERVICE}"
[[ -f /root/.vnc/.passwd ]] && OPTION_RFBAUTH_PASSWD="-rfbauth /root/.vnc/.passwd"
if systemctl --quiet is-enabled lightdm.service &>/dev/null || systemctl --quiet is-enabled lightdm-plymouth.service &>/dev/null; then
for ID_DISPLAY in /var/run/lightdm/root/:*; do
FILE_X11VNC_SERVICE="/usr/lib/systemd/system/x11vnc-ublinux:${ID_DISPLAY##*:}.service"
OPTION_DISPLAY="-display WAIT:${ID_DISPLAY##*:} -auth /var/run/lightdm/root/:${ID_DISPLAY##*:}"
OPTION_LOG="-o /var/log/x11vnc-ublinux:${ID_DISPLAY##*:}.log"
OPTION_PORT="-autoport 590${ID_DISPLAY##*:}"
mkdir -p "${FILE_X11VNC_SERVICE%/*}"
cat << EOF > "${FILE_X11VNC_SERVICE}"
[Unit]
Description=VNC Server for X11:${ID_DISPLAY##*:}
Requires=graphical.target
@ -40,7 +39,7 @@ After=graphical.target
[Service]
#ExecStartPre=/bin/sh -c 'while ! pgrep -U "root" Xorg; do sleep 2; done'
ExecStart=
ExecStart=/usr/bin/x11vnc ${OPTION_GLOBAL} ${OPTION_PORT} ${OPTION_DISPLAY} ${OPTION_PASSWD} ${OPTION_LOG} ${X11VNC[options]}
ExecStart=/usr/bin/x11vnc ${OPTION_GLOBAL} ${OPTION_PORT} ${OPTION_DISPLAY} ${OPTION_RFBAUTH_PASSWD} ${OPTION_LOG} ${X11VNC[options]}
Restart=always
RestartSec=5
SuccessExitStatus=2
@ -48,18 +47,17 @@ SuccessExitStatus=2
[Install]
WantedBy=graphical.target
EOF
systemctl --quiet is-enabled ${FILE_X11VNC_SERVICE##*/} &>/dev/null && systemctl daemon-reload &>/dev/null
[[ -f ${FILE_X11VNC_SERVICE} ]] && systemctl --quiet enable ${FILE_X11VNC_SERVICE##*/} &>/dev/null && systemctl --quiet restart ${FILE_X11VNC_SERVICE##*/} &>/dev/null
done
elif systemctl --quiet is-enabled gdm.service &>/dev/null || systemctl --quiet is-enabled gdm-plymouth.service &>/dev/null; then
true
elif systemctl --quiet is-enabled lxdm.service &>/dev/null || systemctl --quiet is-enabled lxdm-plymouth.service &>/dev/null; then
true
elif systemctl --quiet is-enabled sddm.service &>/dev/null || systemctl --quiet is-enabled sddm-plymouth.service &>/dev/null; then
true
elif systemctl --quiet is-enabled slim.service &>/dev/null || systemctl --quiet is-enabled slim-plymouth.service &>/dev/null; then
true
fi
systemctl --quiet is-enabled ${FILE_X11VNC_SERVICE##*/} &>/dev/null && systemctl daemon-reload &>/dev/null
[[ -f ${FILE_X11VNC_SERVICE} ]] && systemctl --quiet enable ${FILE_X11VNC_SERVICE##*/} &>/dev/null && systemctl --quiet restart ${FILE_X11VNC_SERVICE##*/} &>/dev/null
done
elif systemctl --quiet is-enabled gdm.service &>/dev/null || systemctl --quiet is-enabled gdm-plymouth.service &>/dev/null; then
true
elif systemctl --quiet is-enabled lxdm.service &>/dev/null || systemctl --quiet is-enabled lxdm-plymouth.service &>/dev/null; then
true
elif systemctl --quiet is-enabled sddm.service &>/dev/null || systemctl --quiet is-enabled sddm-plymouth.service &>/dev/null; then
true
elif systemctl --quiet is-enabled slim.service &>/dev/null || systemctl --quiet is-enabled slim-plymouth.service &>/dev/null; then
true
fi
## Создаём сервисы пользовательские
for X11VNC_NEW in "${!X11VNC[@]}"; do

63
ublinux/rc.post.d/09-automount
Unescape View File

@ -1,46 +1,55 @@
#!/bin/bash
#!/usr/bin/env bash
ENABLED=yes
[[ ${ENABLED} == "yes" ]] || exit 0
DEBUGMODE=no
#SMBOPTSDEF="vers=3,nolock,users,noauto"
PATH=.:/:/usr/bin:/usr/local/bin:/usr/local/sbin
unset ROOTFS; [[ -d /usr/lib/ublinux ]] || ROOTFS=.
SOURCE=${ROOTFS}/usr/lib/ublinux/functions; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
SOURCE=${ROOTFS}/usr/lib/ublinux/os-config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
debug_mode "$0" "$@"
SYSCONF="${ROOTFS}/${SYSCONF}"
SOURCE=${SYSCONF}/config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/system; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/server; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/network; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
#SMBOPTSDEF="vers=3,nolock,users,noauto"
# Everybody will have full read/write access
# OPTSDEF="noperm"
OPTSDEF=""
. /usr/lib/ublinux/functions
. /usr/lib/ublinux/os-config
debug_mode "$0" "$@"
SOURCE=${SYSCONF}/config; [ -f ${SOURCE} ] && . ${SOURCE} 2>/dev/null
exec_mount_direct(){
if [[ -n "${AUTOMOUNT_SHARE[@]}" ]]; then
for SHARE in "${!AUTOMOUNT_SHARE[@]}"; do
MOUNT_MODE=$(cut -d: -f1 <<< ${AUTOMOUNT_SHARE[${SHARE}]})
#typeset -p AUTOMOUNT_SHARE
for SELECT_SHARE in ${!AUTOMOUNT_SHARE[@]}; do
#while IFS=' ' read -r -d $'\n' SELECT_SHARE; do
IFS=: read -r MOUNT_MODE SOURCE_MOUNT GROUP MOD OPTS NULL <<< "${AUTOMOUNT_SHARE[${SELECT_SHARE}]}"
if [[ ${MOUNT_MODE} == "direct" ]]; then
PATH_MOUNT_FROM="$(cut -d: -f2 <<< ${AUTOMOUNT_SHARE[${SHARE}]})"
[[ -d ${SHARE} ]] && umount -qRlf "${SHARE}" || mkdir -p "${SHARE}"
GROUP="$(cut -d: -f3 <<< ${AUTOMOUNT_SHARE[${SHARE}]})"
[[ -n ${GROUP} ]] && chown -f root:${GROUP} ${SHARE}
MOD="$(cut -d: -f4 <<< ${AUTOMOUNT_SHARE[${SHARE}]})"
[[ -n ${MOD} ]] && chmod -f ${MOD} "${SHARE}"
OPTS="$(cut -d: -f5 <<< ${AUTOMOUNT_SHARE[${SHARE}]})"
[[ -d ${SELECT_SHARE} ]] && umount -qRlf "${SELECT_SHARE}" || mkdir -p "${SELECT_SHARE}"
[[ -n ${GROUP} ]] && chown -f root:${GROUP} "${SELECT_SHARE}"
[[ -n ${MOD} ]] && chmod -f ${MOD} "${SELECT_SHARE}"
[[ -z ${OPTS} ]] && OPTS="${OPTSDEF}"
[[ -n ${OPTS} ]] && OPTS=" -o ${OPTS}"
mount ${PATH_MOUNT_FROM} ${SHARE} ${OPTS}
mount "${SOURCE_MOUNT}" "${SELECT_SHARE}" ${OPTS}
elif [[ ${MOUNT_MODE} == "virtiofs" ]]; then
PATH_MOUNT_TAG="$(cut -d: -f2 <<< ${AUTOMOUNT_SHARE[${SHARE}]})"
[[ -d ${SHARE} ]] && umount -qRlf "${SHARE}" || mkdir -p "${SHARE}"
GROUP="$(cut -d: -f3 <<< ${AUTOMOUNT_SHARE[${SHARE}]})"
[[ -n ${GROUP} ]] && chown -f root:${GROUP} ${SHARE}
MOD="$(cut -d: -f4 <<< ${AUTOMOUNT_SHARE[${SHARE}]})"
[[ -n ${MOD} ]] && chmod -f ${MOD} "${SHARE}"
OPTS="$(cut -d: -f5 <<< ${AUTOMOUNT_SHARE[${SHARE}]})"
[[ -d ${SELECT_SHARE} ]] && umount -qRlf "${SELECT_SHARE}" || mkdir -p "${SELECT_SHARE}"
[[ -n ${GROUP} ]] && chown -f root:${GROUP} "${SELECT_SHARE}"
[[ -n ${MOD} ]] && chmod -f ${MOD} "${SELECT_SHARE}"
[[ -z ${OPTS} ]] && OPTS="${OPTSDEF}"
[[ -n ${OPTS} ]] && OPTS=" -o ${OPTS}"
mount -t virtiofs ${PATH_MOUNT_TAG} ${SHARE} ${OPTS}
fi
mount -t virtiofs "${SOURCE_MOUNT}" "${SELECT_SHARE}" ${OPTS}
fi
#done <<< ${!AUTOMOUNT_SHARE[@]}
done
fi
}
################
##### MAIN #####
################
exec_mount_direct $@

20
ublinux/rc.post.d/10-brand-backgrounds
Unescape View File

@ -297,25 +297,25 @@ insert_background_icon(){
# Вычисление соотношения сторон экрана
ratio=$(bc <<< "scale=2;${width}/${hight}")
if [ $(bc -l <<< "${ratio}==1.33") -eq 1 ]; then
if [[ "$(bc -l <<< "${ratio}==1.33")" == 1 ]]; then
fname_ratio="4:3"
elif [ $(bc -l <<< "${ratio}==1.25") -eq 1 ]; then
elif [[ "$(bc -l <<< "${ratio}==1.25")" == 1 ]]; then
fname_ratio="5:4"
elif [ $(bc -l <<< "${ratio}==1.77") -eq 1 ]; then
elif [[ "$(bc -l <<< "${ratio}==1.77")" == 1 ]]; then
fname_ratio="16:9"
elif [ $(bc -l <<< "${ratio}==1.6") -eq 1 ]; then
elif [[ "$(bc -l <<< "${ratio}==1.6")" == 1 ]]; then
fname_ratio="16:10"
elif [ $(bc -l <<< "${ratio}==2.38") -eq 1 ]; then
elif [[ "$(bc -l <<< "${ratio}==2.38")" == 1 ]]; then
fname_ratio="21:9"
elif [ $(bc -l <<< "${ratio}==2.37") -eq 1 ]; then
elif [[ "$(bc -l <<< "${ratio}==2.37")" == 1 ]]; then
fname_ratio="21:9"
elif [ $(bc -l <<< "${ratio}==2.40") -eq 1 ]; then
elif [[ "$(bc -l <<< "${ratio}==2.40")" == 1 ]]; then
fname_ratio="12:5"
elif [ $(bc -l <<< "${ratio}==1.89") -eq 1 ]; then
elif [[ "$(bc -l <<< "${ratio}==1.89")" == 1 ]]; then
fname_ratio="256:135"
elif [ $(bc -l <<< "${ratio}==2.89") -eq 1 ]; then
elif [[ "$(bc -l <<< "${ratio}==2.89")" == 1 ]]; then
fname_ratio="1024:429"
elif [ $(bc -l <<< "${ratio}==1.85") -eq 1 ]; then
elif [[ "$(bc -l <<< "${ratio}==1.85")" == 1 ]]; then
fname_ratio="999:540"
else
fname_ratio="unknown"

3
ublinux/rc.preinit.d/21-ntp
Unescape View File

@ -45,7 +45,7 @@ exec_ntp_servers_set(){
# Вызывая из NetworkManager скрипта, переменна ${NTPSERVERS} перезаписана на сервера NTP из DHCP
[[ -n $1 ]] && local NTPSERVERS="$1"
fi
if [[ ${NTPSERVERS,,} == "stop" ]]; then
if [[ ${NTPSERVERS,,} == @(stop|no|disable) ]]; then
exec_ntp_servers_stop
elif [[ ${NTPSERVERS,,} == "dhcp" ]]; then
# Активная systemd и выбран сервис NTP_SYSTEMSERVICE=systemd-timesyncd.service
@ -54,6 +54,7 @@ exec_ntp_servers_set(){
fi
elif [[ -n ${NTPSERVERS} ]]; then
[[ ${NTPSERVERS,,} == "default" ]] && NTPSERVERS=${NTPSERVERS_DEFAULT}
[[ ${NTPSERVERS,,} == "ntp-ru" ]] && NTPSERVERS=${NTPSERVERS_RU}
# Активная systemd и выбран сервис NTP_SYSTEMSERVICE=systemd-timesyncd.service
if [[ -n ${ISSYSTEMD} && ${NTP_SYSTEMSERVICE} == "systemd-timesyncd.service" && -f ${ROOTFS}/usr/lib/systemd/system/systemd-timesyncd.service ]]; then
NTPSERVERS=$(tr ',;' ' ' <<< ${NTPSERVERS})

5
ublinux/rc.preinit.d/31-network-proxy-system
Unescape View File

@ -18,6 +18,7 @@ debug_mode "$0" "$@"
SYSCONF="${ROOTFS}/${SYSCONF}"
SOURCE=${SYSCONF}/config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/system; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/network; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
## Установка системных прокси для HTTP,HTTPS,FTP,SOCKS,RSYNC и адреса исключений EXCLUDE
@ -29,13 +30,13 @@ SOURCE=${SYSCONF}/network; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
exec_proxy_system(){
FILE_SH_PROXY=${ROOTFS}/etc/profile.d/proxy_ubconfig.sh
FILE_CSH_PROXY=${ROOTFS}/etc/profile.d/proxy_ubconfig.csh
if [[ ${PROXY_SYSTEM[0],,} == @(n|no|none|disable) ]]; then
if [[ -z ${PROXY_SYSTEM[@]} || ${PROXY_SYSTEM[0],,} == @(n|no|none|disable) ]]; then
rm -f ${FILE_SH_PROXY} 2>/dev/null
rm -f ${FILE_CSH_PROXY} 2>/dev/null
elif [[ -n ${PROXY_SYSTEM[@]} ]]; then
true > ${FILE_SH_PROXY}
true > ${FILE_CSH_PROXY}
chmod 755 ${FILE_SH_PROXY} ${FILE_CSH_PROXY}
chmod 644 ${FILE_SH_PROXY} ${FILE_CSH_PROXY}
for PROTOCOL in http https ftp socks rsync all exclude; do
if [[ ${PROXY_SYSTEM[${PROTOCOL}],,} == @(n|no|none|disable) ]]; then
[[ ${PROTOCOL,,} == "exclude" ]] && PROTOCOL_PREFIX="no" || PROTOCOL_PREFIX="${PROTOCOL,,}"

10
ublinux/rc.preinit.d/52-desktop
Unescape View File

@ -15,12 +15,12 @@ SOURCE=${ROOTFS}/usr/lib/ublinux/functions; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>
SOURCE=${ROOTFS}/usr/lib/ublinux/os-config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
debug_mode "$0" "$@"
[ -f etc/inittab ] && sed -i 's/id:.:initdefault:/id:5:initdefault:/' etc/inittab
SYSCONF="${ROOTFS}/${SYSCONF}"
SYSCONF="${ROOTFS}${SYSCONF}"
SOURCE=${SYSCONF}/config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/system; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/desktop; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
[[ -f ${ROOTFS}/etc/inittab ]] && sed -i 's/id:.:initdefault:/id:5:initdefault:/' ${ROOTFS}/etc/inittab
switch3don(){
echo "COMPOSITING_SERVER_START=no" >${SYSCONF}/compositing-server
@ -156,10 +156,6 @@ done
[[ -z "${DISPLAYMANAGER}" && -z "${DESKTOP}" ]] && disabledmde
# Autodetect FirstStart
# Если пароли по умолчанию ublinux, то FirstStart
grep -q "^root:${DEFAULTROOTPASSWD}:" etc/shadow && grep -q "^$(cat etc/passwd | grep ".*:x:${ADMUID}:" | cut -d: -f1):${DEFAULTPASSWD}:" etc/shadow && touch ${SYSCONF}/firststart || rm -f ${SYSCONF}/firststart
# Set default user to Display Manager
if [[ "${DISPLAYMANAGER}" == "lightdm" && ${DISPLAYMANAGER_DEFAULTUSER} ]]; then
sed -i /DISPLAYMANAGER_DEFAULTUSER=/d ${SYSCONF}/desktop

27
ublinux/rc.preinit.d/53-language
Unescape View File

@ -11,32 +11,35 @@ DEBUGMODE=no
PATH=.:/:/usr/bin:/usr/local/bin:/usr/local/sbin
. usr/lib/ublinux/functions
. usr/lib/ublinux/os-config
[[ -d /usr/lib/ublinux ]] && { unset ROOTFS; unset CMD_CHROOT; } || { ROOTFS="/sysroot"; CMD_CHROOT="chroot ${ROOTFS}"; }
SOURCE=${ROOTFS}/usr/lib/ublinux/functions; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
SOURCE=${ROOTFS}/usr/lib/ublinux/os-config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
debug_mode "$0" "$@"
echo $SYSCONF | grep -q ^/ && SYSCONF=.$SYSCONF
SOURCE=${SYSCONF}/keyboard; [ -f "${SOURCE}" ] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/locale; [ -f "${SOURCE}" ] && . ${SOURCE} 2>/dev/null
SYSCONF="${ROOTFS}${SYSCONF}"
SOURCE=${SYSCONF}/config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/keyboard; [ -f ${SOURCE} ] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/locale; [ -f ${SOURCE} ] && . ${SOURCE} 2>/dev/null
NEWLANG=$(cmdline_value lang)
[[ -z ${NEWLANG} ]] || { LOCALE+=",${NEWLANG}" && LANG="${NEWLANG}"; }
for I_LOCALE in ${LOCALE//,/ }; do
sed -i "s/^#${I_LOCALE} /${I_LOCALE} /g" etc/locale.gen
sed -i "s/^#${I_LOCALE} /${I_LOCALE} /g" ${ROOTFS}/etc/locale.gen
done
chroot . env LANG=${LANG} locale > etc/locale.conf
${CMD_CHROOT} env LANG=${LANG} locale > ${ROOTFS}/etc/locale.conf
[[ -n ${FORCE_LOCARCHIVE} ]] && FORCEGEN=1
[[ ! -f usr/lib/locale/locale-archive ]] && FORCEGEN=1
[[ ! -f ${ROOTFS}/usr/lib/locale/locale-archive ]] && FORCEGEN=1
#[[ "$(echo -e ${LOCALE//,/\\n} | sort -fu)" != "$(chroot . localedef --list-archive | sort -fu)" ]] && FORCEGEN=1
[[ -n ${FORCEGEN} ]] && chroot . locale-gen &>/dev/null
#; unset LANG; source /etc/profile.d/locale.sh"
# Если имеются языкозависимые файлы, то копируем в корень
[[ -d usr/share/ublinux/langs/${LANG} ]] && cp -pfr usr/share/ublinux/langs/${LANG}/* ./
[[ -d ${ROOTFS}/usr/share/ublinux/langs/${LANG} ]] && cp -pfr ${ROOTFS}/usr/share/ublinux/langs/${LANG}/* ./
echo FONT=${CONSOLE_FONT} > etc/vconsole.conf
echo KEYMAP=${KEYBOARD} >> etc/vconsole.conf
[[ -z ${KEYMAP_TOGGLE} ]] || echo KEYMAP_TOGGLE="${KEYMAP_TOGGLE}" >> etc/vconsole.conf
echo FONT=${CONSOLE_FONT} > ${ROOTFS}/etc/vconsole.conf
echo KEYMAP=${KEYBOARD} >> ${ROOTFS}/etc/vconsole.conf
[[ -z ${KEYMAP_TOGGLE} ]] || echo KEYMAP_TOGGLE="${KEYMAP_TOGGLE}" >> ${ROOTFS}/etc/vconsole.conf

26
ublinux/rc.preinit.d/80-server-containers-storage
Unescape View File

@ -22,29 +22,27 @@ SOURCE=${SYSCONF}/system; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/server; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
exec_storage_containers_path(){
FILE_STORAGE_CONTAINERS_CONF="${ROOTFS}/etc/containers/storage.conf"
STORAGE_CONTAINERS_NAME="storage.containers"
STORAGE_CONTAINERS_PATH_DEFAULT="/memory/layer-base/1/${STORAGE_CONTAINERS_NAME}"
STORAGE_CONTAINERS_PATH_SYSTEM="/var/lib/containers/storage"
STORAGE_CONTAINERS_PATH_DEFAULT="/memory/layer-base/1/storage.containers"
FILE_STORAGE_CONTAINERS_CONF="/etc/containers/storage.conf"
if [[ -n ${STORAGE_CONTAINERS_PATH} ]]; then
if [[ ${STORAGE_CONTAINERS_PATH,,} == @(y|yes|enable) ]]; then
[[ -d ${STORAGE_CONTAINERS_PATH_DEFAULT} ]] || install -dm0755 ${STORAGE_CONTAINERS_PATH_DEFAULT}
STORAGE_CONTAINERS_PATH=${STORAGE_CONTAINERS_PATH_DEFAULT}
elif [[ ${STORAGE_CONTAINERS_PATH,,} == @(bind) ]]; then
STORAGE_CONTAINERS_PATH=${STORAGE_CONTAINERS_PATH_SYSTEM}
[[ -d ${ROOTFS}/${STORAGE_CONTAINERS_PATH_DEFAULT} ]] || install -dm0700 ${ROOTFS}/${STORAGE_CONTAINERS_PATH_DEFAULT}
mount -o bind ${ROOTFS}/${STORAGE_CONTAINERS_PATH_DEFAULT} ${ROOTFS}/${STORAGE_CONTAINERS_PATH_SYSTEM}
elif [[ ${STORAGE_CONTAINERS_PATH} =~ ^/memory/|^/mnt/(livemedia|livedata)/ ]]; then
[[ -d ${STORAGE_CONTAINERS_PATH} ]] || install -dm0755 ${STORAGE_CONTAINERS_PATH}
fi
[[ -d ${ROOTFS}/${STORAGE_CONTAINERS_PATH} ]] || install -dm0700 ${ROOTFS}/${STORAGE_CONTAINERS_PATH}
if [[ -d ${ROOTFS}/${STORAGE_CONTAINERS_PATH} ]] && ! grep -qi "^\s*graphroot = \"${STORAGE_CONTAINERS_PATH}\"" ${FILE_STORAGE_CONTAINERS_CONF}; then
if grep -qi "^\s*graphroot" ${FILE_STORAGE_CONTAINERS_CONF}; then
sed -r "s:^\s*(graphroot).*:\1 = \"${STORAGE_CONTAINERS_PATH}\":g" -i ${FILE_STORAGE_CONTAINERS_CONF}
elif grep -qi "^\s*#graphroot" ${FILE_STORAGE_CONTAINERS_CONF}; then
sed "/^\s*#graphroot\s*/agraphroot = \"${STORAGE_CONTAINERS_PATH}\"" -i ${FILE_STORAGE_CONTAINERS_CONF}
if ! grep -qi "^\s*graphroot = \"${STORAGE_CONTAINERS_PATH}\"" ${ROOTFS}/${FILE_STORAGE_CONTAINERS_CONF}; then
if grep -qi "^\s*graphroot" ${ROOTFS}/${FILE_STORAGE_CONTAINERS_CONF}; then
sed -r "s:^\s*(graphroot).*:\1 = \"${STORAGE_CONTAINERS_PATH}\":g" -i ${ROOTFS}/${FILE_STORAGE_CONTAINERS_CONF}
elif grep -qi "^\s*#graphroot" ${ROOTFS}/${FILE_STORAGE_CONTAINERS_CONF}; then
sed "/^\s*#graphroot\s*/agraphroot = \"${STORAGE_CONTAINERS_PATH}\"" -i ${ROOTFS}/${FILE_STORAGE_CONTAINERS_CONF}
else
sed "/^\s*\[storage\]\s*/agraphroot = \"${STORAGE_CONTAINERS_PATH}\"" -i ${FILE_STORAGE_CONTAINERS_CONF}
sed "/^\s*\[storage\]\s*/agraphroot = \"${STORAGE_CONTAINERS_PATH}\"" -i ${ROOTFS}/${FILE_STORAGE_CONTAINERS_CONF}
fi
fi
fi
}

33
ublinux/rc.preinit.d/81-server-qemu-storage → ublinux/rc.preinit.d/81-server-libvirt-storage
Unescape View File

@ -21,27 +21,26 @@ SOURCE=${SYSCONF}/config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/system; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/server; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
exec_storage_qemu_path(){
STORAGE_QEMU_POOL_NAME="storage.qemu"
STORAGE_QEMU_PATH_DEFAULT="/memory/layer-base/1/storage.qemu"
if [[ -n ${STORAGE_QEMU_PATH} ]]; then
if [[ ${STORAGE_QEMU_PATH,,} == @(y|yes|enable) ]]; then
STORAGE_QEMU_PATH=${STORAGE_QEMU_PATH_DEFAULT}
exec_storage_libvirt_path(){
STORAGE_LIBVIRT_POOL_NAME="storage.libvirt"
STORAGE_LIBVIRT_PATH_DEFAULT="/memory/layer-base/1/${STORAGE_LIBVIRT_POOL_NAME}"
if [[ -n ${STORAGE_LIBVIRT_PATH} ]]; then
if [[ ${STORAGE_LIBVIRT_PATH,,} == @(y|yes|enable) ]]; then
STORAGE_LIBVIRT_PATH=${STORAGE_LIBVIRT_PATH_DEFAULT}
[[ -d ${STORAGE_LIBVIRT_PATH} ]] || install -dm0755 ${STORAGE_LIBVIRT_PATH}
elif [[ ${STORAGE_LIBVIRT_PATH} =~ ^/memory/|^/mnt/(livemedia|livedata)/ ]]; then
[[ -d ${STORAGE_LIBVIRT_PATH} ]] || install -dm0755 ${STORAGE_LIBVIRT_PATH}
fi
[[ -d ${ROOTFS}/etc/libvirt/storage/autostart ]] || install -dm0755 ${ROOTFS}/etc/libvirt/storage/autostart
[[ -d ${ROOTFS}/${STORAGE_QEMU_PATH} ]] || install -dm0755 ${ROOTFS}/${STORAGE_QEMU_PATH}
if [[ -d ${ROOTFS}/${STORAGE_QEMU_PATH} ]]; then
ln -sf /etc/libvirt/storage/${STORAGE_QEMU_POOL_NAME}.xml ${ROOTFS}/etc/libvirt/storage/autostart/${STORAGE_QEMU_POOL_NAME}.xml
cat <<EOF > "${ROOTFS}/etc/libvirt/storage/${STORAGE_QEMU_POOL_NAME}.xml"
cat <<EOF > "${ROOTFS}/etc/libvirt/storage/${STORAGE_LIBVIRT_POOL_NAME}.xml"
<!--
WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE
OVERWRITTEN AND LOST. Changes to this xml configuration should be made using:
virsh pool-edit ${STORAGE_QEMU_POOL_NAME}
virsh pool-edit ${STORAGE_LIBVIRT_POOL_NAME}
or other application using the libvirt API.
-->
<pool type='dir'>
<name>${STORAGE_QEMU_POOL_NAME}</name>
<name>${STORAGE_LIBVIRT_POOL_NAME}</name>
<uuid>22e1f043-1fcb-4017-8afd-d44ebea9c8e4</uuid>
<capacity unit='bytes'>0</capacity>
<allocation unit='bytes'>0</allocation>
@ -49,17 +48,17 @@ or other application using the libvirt API.
<source>
</source>
<target>
<path>${STORAGE_QEMU_PATH}</path>
<path>${STORAGE_LIBVIRT_PATH}</path>
</target>
</pool>
EOF
fi
fi
[[ -d ${ROOTFS}/etc/libvirt/storage/autostart ]] || install -dm0755 ${ROOTFS}/etc/libvirt/storage/autostart
ln -sf /etc/libvirt/storage/${STORAGE_LIBVIRT_POOL_NAME}.xml ${ROOTFS}/etc/libvirt/storage/autostart/${STORAGE_LIBVIRT_POOL_NAME}.xml
}
################
##### MAIN #####
################
exec_storage_qemu_path $@
exec_storage_libvirt_path $@

91
ublinux/rc.preinit/01-inifile
Unescape View File

@ -11,55 +11,60 @@ DEBUGMODE=no
PATH=.:/:/usr/bin:/usr/local/bin:/usr/local/sbin
INIGZFILE=$(find /memory -maxdepth 1 -iname "*.ini.gz")
. usr/lib/ublinux/functions
. usr/lib/ublinux/os-config
unset ROOTFS; [[ -d /usr/lib/ublinux ]] || ROOTFS=.
SOURCE=${ROOTFS}/usr/lib/ublinux/functions; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
SOURCE=${ROOTFS}/usr/lib/ublinux/os-config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
debug_mode "$0" "$@"
[ -f $INIGZFILE ] || INIGZFILE=$(find /tmp -maxdepth 1 -iname "*.ini.gz")
[ -f $INIGZFILE ] || echo "Config file '*.ini.gz' not found!"
grep -q ^/ <<< "${SYSCONF}" && SYSCONF=.${SYSCONF}
SYSCONF="${ROOTFS}${SYSCONF}"
INIGZFILE=$(find /memory -maxdepth 1 -iname "*.ini.gz")
[[ -f ${INIGZFILE} ]] || INIGZFILE=$(find /tmp -maxdepth 1 -iname "*.ini.gz")
[[ -f ${INIGZFILE} ]] || echo "Config file '*.ini.gz' not found!"
[[ -d ${SYSCONF} ]] || mkdir -p "${SYSCONF}"
rm -rdf ${SYSCONF}/{..?*,.[!.]*,*} 2>/dev/null
rm -rf ${SYSCONF}/{..?*,.[!.]*,*} 2>/dev/null
# ublinux.ini processing
FNAME="${SYSCONF}/config"
FMOD=
touch ${FNAME}
zcat $INIGZFILE | egrep '^DEFAULTPASSWD|^DEFAULTROOTPASSWD|^NEEDEDUSERS|^USERADD' > /tmp/.credential
## Парсим файл ublinux.ini.gz и создаём конфигурацию системы в ${SYSCONF}
FILE_CONFIG="${SYSCONF}/config"
touch ${FILE_CONFIG}
zcat ${INIGZFILE} | grep -E '^DEFAULTPASSWD|^DEFAULTROOTPASSWD|^NEEDEDUSERS|^USERADD' > /tmp/.ublinux_accounts_credential
while read LINE; do
if grep -q "^\[.*\][[:space:]]*" <<< ${LINE}; then
FNAME=$(echo "${LINE}" | tr '[]' '|' | cut -d'|' -f2 | sed s-^/--)
FMOD=$(echo "${LINE}" | tr '[]' '|' | cut -d'|' -f3 | tr -d ' ')
PATH_FNAME=$(dirname "${FNAME}")
[[ ${PATH_FNAME} == "." ]] && FNAME="${SYSCONF}/${FNAME}"
if [ -n "${FMOD}" ]; then
mkdir -p "${PATH_FNAME}"
[ -e "${FNAME}" ] || touch "${FNAME}"
chmod "${FMOD}" "${FNAME}"
if [[ ${LINE} =~ ^\[.*\] ]]; then
FILE_CONFIG=$(tr '[]' '|' <<< "${LINE}" | cut -d'|' -f2)
FILE_CONFIG_MOD=$(tr '[]' '|' <<< "${LINE}" | cut -d'|' -f3 | tr -d ' ')
PATH_FILE_CONFIG=${FILE_CONFIG%/*}
# Если указан файл без пути, то добавить путь по умолчанию ${SYSCONF}
[[ ${PATH_FILE_CONFIG} =~ "/" ]] && FILE_CONFIG="${ROOTFS}${FILE_CONFIG}" || FILE_CONFIG="${SYSCONF}/${FILE_CONFIG}"
if [[ -n ${FILE_CONFIG_MOD} ]]; then
mkdir -p "${PATH_FILE_CONFIG}"
[[ -e ${FILE_CONFIG} ]] || touch "${FILE_CONFIG}"
chmod "${FILE_CONFIG_MOD}" "${FILE_CONFIG}"
fi
elif grep -q "^-" <<< "${LINE}"; then
LINE_NEW=$(echo "${LINE}" | sed 's/^-//')
sed -i /^"${LINE_NEW}"$/d "${FNAME}"
elif grep -q "^|" <<< "${LINE}"; then
echo "${LINE}" | sed 's/^|//' >> "${FNAME}"
elif grep -q "^+" <<< "${LINE}"; then
LINE_NEW=$(echo "${LINE}" | sed 's/^+//')
grep -q "${LINE_NEW}" "${FNAME}" || echo "${LINE_NEW}" >> "${FNAME}"
elif [[ ${LINE} =~ ^\- ]]; then
LINE_NEW=$(sed 's/^-//' <<< "${LINE}")
ESC_LINE_NEW=$(sed 's/[^a-zA-Z0-9,._@%-]/\\&/g' <<< "${LINE_NEW}")
sed -E "/^${ESC_LINE_NEW}$/d" -i "${FILE_CONFIG}"
elif [[ ${LINE} =~ ^\| ]]; then
sed 's/^|//' <<< "${LINE}" >> "${FILE_CONFIG}"
elif [[ ${LINE} =~ ^\+ ]]; then
LINE_NEW=$(sed 's/^+//' <<< "${LINE}")
ESC_LINE_NEW=$(sed 's/[^a-zA-Z0-9,._@%-]/\\&/g' <<< "${LINE_NEW}")
grep -Eq "${ESC_LINE_NEW}" "${FILE_CONFIG}" || echo "${LINE_NEW}" >> "${FILE_CONFIG}"
else
LINE_NEW=$(cut -d= -f1 <<< "${LINE}")
[ "${LINE_NEW}" = "" ] && continue
if ! grep -q "^[[:space:]]*${LINE_NEW}=" "${FNAME}" 2>/dev/null; then
grep -q "^${LINE}$" "${FNAME}" 2>/dev/null || echo "${LINE}" >> "${FNAME}"
else
sed -i 's|'"^[[:space:]]*${LINE_NEW}=.*$"'|'"${LINE}"'|' "${FNAME}"
fi
NAME_VAR=$(cut -d= -f1 <<< "${LINE}")
[[ -z ${NAME_VAR} ]] && continue
ESC_NAME_VAR=$(sed 's/[^a-zA-Z0-9,._@%-]/\\&/g' <<< "${NAME_VAR}")
[[ -f ${FILE_CONFIG} ]] \
&& grep -Eq "^\s*${ESC_NAME_VAR}=" "${FILE_CONFIG}" 2>/dev/null \
&& sed -E "/^\s*${ESC_NAME_VAR}=/d" -i "${FILE_CONFIG}"
echo "${LINE}" >> "${FILE_CONFIG}"
fi
done < <(zcat $INIGZFILE | egrep -v '^DEFAULTPASSWD|^DEFAULTROOTPASSWD|^NEEDEDUSERS|^USERADD|^\s*#|^\s*$')
# Mark associative array
for FILE_CONFIG in ${SYSCONF}/*; do
DECLARE_A=$(cat "${FILE_CONFIG}" | egrep "^[A-z0-9_]*\[.*\]=.*" | sed -E "s/\[.*//" | uniq | tr "\n" " ")
[[ -z ${DECLARE_A} ]] || sed -E -i "1i declare -A ${DECLARE_A}" -i "${FILE_CONFIG}"
done
done < <(zcat ${INIGZFILE} | grep -Ev '^DEFAULTPASSWD|^DEFAULTROOTPASSWD|^NEEDEDUSERS|^USERADD|^\s*#|^\s*$')
## Декларируем ассоциативный массив, если присутствуют соответствующие переменные
while read FILE_CONFIG; do
grep -q "^declare -A" "${FILE_CONFIG}" 2>/dev/null && sed "/^declare -A/d" -i "${FILE_CONFIG}"
DECLARE_A=$(grep -E "^[A-z0-9_]*\[.*\]=.*" "${FILE_CONFIG}" | sed -E "s/\[.*//" | sort -u | tr "\n" " ")
[[ -z ${DECLARE_A} ]] || sed "1i declare -A ${DECLARE_A}" -i "${FILE_CONFIG}"
done < <(find ${SYSCONF} -type f -print)

217
ublinux/rc.preinit/10-accounts
Unescape View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
#
# Initial script for Live operating system
# This script are launching before starting init from linux-live script.
@ -7,73 +7,170 @@
ENABLED=yes
[[ ${ENABLED} == "yes" ]] || exit 0
DEBUGMODE=no
PATH=.:/:/usr/bin:/usr/local/bin:/usr/local/sbin
DEBUGMODE=no
. usr/lib/ublinux/functions
. usr/lib/ublinux/os-config
[[ -d /usr/lib/ublinux ]] && { unset ROOTFS; unset CMD_CHROOT; } || { ROOTFS='.'; CMD_CHROOT='chroot . '; }
SOURCE=${ROOTFS}/usr/lib/ublinux/functions; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
SOURCE=${ROOTFS}/usr/lib/ublinux/os-config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null || exit 0
debug_mode "$0" "$@"
echo $SYSCONF | grep -q ^/ && SYSCONF=.$SYSCONF
SOURCE=${SYSCONF}/config; [ -f ${SOURCE} ] && . ${SOURCE} 2>/dev/null
SYSCONF="${ROOTFS}${SYSCONF}"
SOURCE=${SYSCONF}/config; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
SOURCE=${SYSCONF}/system; [[ -f ${SOURCE} ]] && . ${SOURCE} 2>/dev/null
FILE_PASSWD="${ROOTFS}/etc/passwd"
FILE_SHADOW="${ROOTFS}/etc/shadow"
FILE_GROUP="${ROOTFS}/etc/group"
FILE_GSHADOW="${ROOTFS}/etc/gshadow"
FILE_ACCOUNTS_CREDENTIAL="/tmp/.ublinux_accounts_credential"
# /etc/shadow file format
# user:$6$.n.:17736:0:99999:7:::
# [--] [----] [---] - [---] ----
# | | | | | |||+-----------> 9. Неиспользованный
# | | | | | ||+------------> 8. Срок годности
# | | | | | |+-------------> 7. Период бездействия
# | | | | | +--------------> 6. Период предупреждения
# | | | | +------------------> 5. Максимальный возраст пароля
# | | | +----------------------> 4. Минимальный возраст пароля
# | | +--------------------------> 3. Последнее изменение пароля
# | +---------------------------------> 2. Зашифрованный пароль
# +----------------------------------------> 1. Имя пользователя
# Если поле пароля содержит первый символ звездочку (*), то пользователь не сможет войти по паролю, но сможет другим способом (например по ключу через ssh)
# Если поле пароля содержит первый символ восклицательный знак (!), то пользователь вообще не сможет войти, даже по ключу
# Алгоритмы хеширования пароля:
# $1$ - MD5
# $2a$ - Blowfish
# $2y$ - Eksblowfish
# $5$ - SHA-256
# $6$ - SHA-512
# $y$ - yescrypt
set_passwd(){
USER_NAME="${1}"
USER_PASS="${2}"
[[ -n ${USER_NAME} ]] || return 1
[[ -n ${USER_PASS} ]] || USER_PASS="x"
ESC_USER_PASS=$(sed 's/[^a-zA-Z0-9,._@%-]/\\&/g' <<< "${USER_PASS}")
EPOCH_DAY=$(( $(date +%s)/(60*60*24) )) # (60*60*24)=18400 second on day
USER_FROM_SHADOW=$(grep "^${USER_NAME}:" "${FILE_SHADOW}")
if [[ -z ${USER_FROM_SHADOW} ]]; then
echo "${USER_NAME}:${USER_PASS}:${EPOCH_DAY}:0:99999:7:::" >> "${FILE_SHADOW}"
elif [[ ! ${USER_FROM_SHADOW} =~ ^"${USER_NAME}:${USER_PASS}:" ]]; then
sed -E "s/^${USER_NAME}:[^:]+:[0-9]+:/${USER_NAME}:${ESC_USER_PASS}:${EPOCH_DAY}:/" -i "${FILE_SHADOW}"
sed -E "s/${USER_NAME}:[!]*:/${USER_NAME}:\!\*:/" -i "${FILE_SHADOW}"
#sed /^${USER_NAME}:/d -i "${FILE_SHADOW}"
#echo "${USER_NAME}:${USER_PASS}:${EPOCH_DAY}:0:99999:7:::" >> "${FILE_SHADOW}"
fi
}
copy_skel_home(){
local SELECT_USERNAME="${1}"
[[ -n ${SELECT_USERNAME} ]] || return 1
cp -af ${ROOTFS}/etc/skel ${ROOTFS}/home/"${SELECT_USERNAME}"
#rsync -rlpt --ignore-existing etc/skel/ home/"${SELECT_USERNAME}"
${CMD_CHROOT} ${ROOTFS}/usr/bin/chown -R "${SELECT_USERNAME}":"${SELECT_USERNAME}" ${ROOTFS}/home/"${SELECT_USERNAME}"
${CMD_CHROOT} ${ROOTFS}/usr/bin/chmod -fR u+rw,g-rwx,o-rwx ${ROOTFS}/home/"${SELECT_USERNAME}"/
${CMD_CHROOT} ${ROOTFS}/usr/bin/chmod -f 700 ${ROOTFS}/home/"${SELECT_USERNAME}"
}
exec_get_users(){
if [[ -f ${FILE_ACCOUNTS_CREDENTIAL} ]]; then
DEFAULTPASSWD=$(grep "DEFAULTPASSWD=" "${FILE_ACCOUNTS_CREDENTIAL}" | tail -1 | tr -d "\'\""); DEFAULTPASSWD=${DEFAULTPASSWD#*=}
DEFAULTROOTPASSWD=$(grep "DEFAULTROOTPASSWD=" "${FILE_ACCOUNTS_CREDENTIAL}" | tail -1 | tr -d "\'\""); DEFAULTROOTPASSWD=${DEFAULTROOTPASSWD#*=}
NEEDEDUSERS=$(grep "NEEDEDUSERS=" "${FILE_ACCOUNTS_CREDENTIAL}" | tail -1 | tr -d "\'\""); NEEDEDUSERS=${NEEDEDUSERS#*=}
rm -f "${FILE_ACCOUNTS_CREDENTIAL}"
fi
[[ -z ${NEEDEDUSERS} ]] && NEEDEDUSERS="${DEFAULTUSER}:${ADMUID}:${DEFAULTPASSWD}:Администратор"
[[ -z $(cmdline_value users) ]] || NEEDEDUSERS=$(cmdline_value users)
[[ ${NOSECUREROOTPASSWD} == ${DEFAULTROOTPASSWD} ]] && ADDADM=yes
}
#$1 - username
#$2 - passwd
function set_passwd() {
sed -i /^$1:/d etc/shadow
echo "$1:$2:18652:0:99999:7:::" >> etc/shadow
sed -i s/$1:[!]*:/$1:x:/ etc/passwd
# if [ -d etc/tcb/$1 ] ;then
# sed -i /^$1:/d etc/tcb/$1/shadow
# echo "$1:$2:18652:0:99999:7:::" >> etc/tcb/$1/shadow
# fi
exec_add_groups(){
# Создаём группы из ${DEFAULTGROUP},${ADMGROUPS},${USERGROUPS} c ID из /usr/share/ublinux-sysusers/*.sysusers
while read SELECT_GROUP; do
FINDGROUP=$(grep -i "g\s*${SELECT_GROUP}\s*[[:digit:]]\s*" ${ROOTFS}/usr/share/ublinux-sysusers/*.sysusers 2>/dev/null | xargs)
IFS=" " read -r NULL FINDGROUP_NAME FINDGROUP_ID NULL <<< "${FINDGROUP}"
if [[ -n ${FINDGROUP} ]]; then
if grep -q "^${SELECT_GROUP}:.*:${FINDGROUP_ID}:" ${FILE_GROUP} 2>/dev/null; then
# Группа найдена, имя и id совпадают, пропускаем добавление
continue
elif grep -q "^${SELECT_GROUP}:" ${FILE_GROUP} 2>/dev/null; then
# Группа найдена, имя и id несовпадают, удаляем группу
echo "WARNING: the group '${SELECT_GROUP}' has an id different from the template /usr/share/ublinux-sysusers/*.sysusers and the id will be changed to '${SELECT_GROUP}:${FINDGROUP_ID}'"
${CMD_CHROOT} ${ROOTFS}/usr/bin/groupdel -f ${SELECT_GROUP}
fi
fi
[[ ${FINDGROUP_ID} == "" ]] || [[ ${FINDGROUP_ID} == "-" ]] || FINDGROUP_ID="-g ${FINDGROUP_ID}"
${CMD_CHROOT} ${ROOTFS}/usr/bin/groupadd -f ${FINDGROUP_ID} ${SELECT_GROUP}
done < <(tr ",;" "\n" <<< "${DEFAULTGROUP},${ADMGROUPS},${USERGROUPS}")
}
for ITEM_USERGROUP in $(echo "${DEFAULTGROUP},${ADMGROUPS},${USERGROUPS}" | tr ",;" " " ); do
FINDGROUP=$(grep -i "g\s*${ITEM_USERGROUP}\s*[[:digit:]]\s*" usr/share/ublinux-sysusers/*.sysusers | cut -d ":" -f2 | xargs)
if [[ -n ${FINDGROUP} ]]; then
FINDGROUP_NAMEGROUP=$(echo ${FINDGROUP} | cut -d' ' -f2)
FINDGROUP_IDGROUP=$(echo ${FINDGROUP} | cut -d " " -f3)
chroot . usr/bin/groupadd -f -g ${FINDGROUP_IDGROUP} ${FINDGROUP_NAMEGROUP}
exec_neededusers(){
while read SELECT_USER; do
IFS=: read -r SELECT_USERNAME SELECT_UID SELECT_PASS SELECT_GECOS NULL <<< "${SELECT_USER}"
[[ ${SELECT_PASS} == "x" ]] && SELECT_PASS="${DEFAULTPASSWD}"
ADDGROUPS="${USERGROUPS}"
[[ ${SELECT_UID} == ${ADMUID} && ${ADDADM} == "yes" ]] && ADDGROUPS="${USERGROUPS},${ADMGROUPS}"
# Создаём пользователя
if ! grep -q ^"${SELECT_USERNAME}": ${FILE_PASSWD} 2>/dev/null; then
[[ -n ${SELECT_UID} ]] && ARG_SELECT_UID="-u ${SELECT_UID}" || unset ARG_SELECT_UID
[[ -n ${DEFAULTGROUP} ]] && ARG_DEFAULTGROUP="-G ${DEFAULTGROUP}" || unset ARG_DEFAULTGROUP
if [[ -x ${ROOTFS}/usr/bin/useradd ]]; then
[[ -n ${SELECT_GECOS} ]] && ARG_SELECT_GECOS="-c ${SELECT_GECOS}" || unset ARG_SELECT_GECOS
${CMD_CHROOT} ${ROOTFS}/usr/bin/useradd -M ${ARG_DEFAULTGROUP} ${ARG_SELECT_UID} ${ARG_SELECT_GECOS} ${SELECT_USERNAME} #>/dev/null 2>&1
elif [[ -x ${ROOTFS}/usr/bin/adduser ]]; then
[[ -n ${SELECT_GECOS} ]] && ARG_SELECT_GECOS="-g ${SELECT_GECOS}" || unset ARG_SELECT_GECOS
${CMD_CHROOT} ${ROOTFS}/usr/bin/adduser -D -H "${ARG_DEFAULTGROUP}" "${ARG_SELECT_UID}" "${ARG_SELECT_GECOS}" "${SELECT_USERNAME}" >/dev/null 2>&1
fi
fi
# Добавляем пользователя в группу
USER_GROUPS="${ADDGROUPS//;/,}"
${CMD_CHROOT} ${ROOTFS}/usr/bin/usermod -a -G ${USER_GROUPS%*,} ${SELECT_USERNAME} #>/dev/null 2>&1
# Задаём пароль пользователю
set_passwd "${SELECT_USERNAME}" "${SELECT_PASS}"
# Создаём домашний каталог
if [[ ! -d ${ROOTFS}/home/"${SELECT_USERNAME}" ]]; then
copy_skel_home "${SELECT_USERNAME}"
elif [[ ${UPDATEHOME,,} == @(yes|y|enable) ]]; then
copy_skel_home "${SELECT_USERNAME}"
fi
done < <(tr ",;" "\n" <<< "${NEEDEDUSERS}")
}
exec_set_root_pass(){
if [[ -n ${DEFAULTROOTPASSWD} && ! ${DEFAULTROOTPASSWD} =~ @(no|none|disable) ]]; then
set_passwd root "${DEFAULTROOTPASSWD}"
fi
done
}
[ -f /tmp/.credential ] && . /tmp/.credential && rm -f /tmp/.credential
[ -z "$NEEDEDUSERS" ] && NEEDEDUSERS="$DEFAULTUSER:$ADMUID:$DEFAULTPASSWD:Администратор"
[ -z "$(cmdline_value users)" ] || NEEDEDUSERS=$(cmdline_value users)
[ "$NOSECUREROOTPASSWD" = "$DEFAULTROOTPASSWD" ] && ADDADM=yes
exec_firststart(){
# Autodetect firstboot
# Если пароли по умолчанию, то firstboot
grep -q "^root:${DEFAULTROOTPASSWD}:" ${ROOTFS}/etc/shadow \
&& grep -q "^$(cat ${ROOTFS}/etc/passwd | grep ".*:x:${ADMUID}:" | cut -d: -f1):${DEFAULTPASSWD}:" ${ROOTFS}/etc/shadow && touch ${SYSCONF}/firststart \
|| rm -f ${SYSCONF}/firststart
}
exec_verify_passwd(){
if [[ -x ${ROOTFS}/usr/bin/pwck ]]; then
#yes | ${ROOTFS}/usr/bin/pwck --root ${PWD} > /dev/null
${ROOTFS}/usr/bin/pwck -s --root ${PWD}
fi
if [[ -x ${ROOTFS}/usr/bin/grpck ]]; then
#yes | ${ROOTFS}/usr/bin/grpck --root ${PWD} > /dev/null
${ROOTFS}/usr/bin/grpck -s --root ${PWD}
fi
}
for a in $(echo $NEEDEDUSERS | tr ",;" " " ) ;do
NEEDEDUSER="$(echo $a | awk -F: '{ print $1 }')"
NEEDEDUID="$(echo $a | awk -F: '{ print $2 }')"
NEEDEDPASS="$(echo $a | awk -F: '{ print $3 }')"
NEEDEDCOMMENT="$(echo $a | awk -F: '{ print $4 }')"
[ "${NEEDEDPASS}" = "x" ] && NEEDEDPASS="${DEFAULTPASSWD}"
ADDGROUPS="${USERGROUPS}"
[ "$NEEDEDUID" = "$ADMUID" -a "$ADDADM" = "yes" ] && ADDGROUPS="${USERGROUPS}","${ADMGROUPS}"
# create user
if ! grep -q ^"${NEEDEDUSER}": etc/passwd ;then
chroot . usr/sbin/useradd -M -G "${DEFAULTGROUP}" -u "${NEEDEDUID}" -c "${NEEDEDCOMMENT}" "${NEEDEDUSER}" >/dev/null 2>&1 || chroot . usr/sbin/adduser -D -H -G "${DEFAULTGROUP}" -u "${NEEDEDUID}" -g "${NEEDEDCOMMENT}" "${NEEDEDUSER}" >/dev/null 2>&1
fi
# add to groups
for b in $(echo "${ADDGROUPS}" | tr ",;" " " ) ;do
chroot . usr/sbin/usermod -a -G $b "${NEEDEDUSER}" >/dev/null 2>&1
done
# set password
[ "${NEEDEDPASS}" = "" ] || set_passwd "${NEEDEDUSER}" "${NEEDEDPASS}"
# create home
if [ ! -d home/"${NEEDEDUSER}" ] ;then
cp -a etc/skel home/"${NEEDEDUSER}"
chroot . bin/chown -R "${NEEDEDUSER}":"${NEEDEDUSER}" home/"${NEEDEDUSER}"
chroot . chmod -fR u+rw,g-rwx,o-rwx home/"${NEEDEDUSER}"/
chroot . chmod -f 700 home/"${NEEDEDUSER}"
elif [ "${UPDATEHOME}" = "yes" ] ;then
cp -afT etc/skel home/"${NEEDEDUSER}"
#rsync -rlpt --ignore-existing etc/skel/ home/"${NEEDEDUSER}"
chroot . bin/chown -R "${NEEDEDUSER}":"${NEEDEDUSER}" home/"${NEEDEDUSER}"
chroot . chmod -fR u+rw,g-rwx,o-rwx home/"${NEEDEDUSER}"/
chroot . chmod -f 700 home/"${NEEDEDUSER}"
fi
done
set_passwd root "${DEFAULTROOTPASSWD}"
################
##### MAIN #####
################
exec_get_users
exec_add_groups
exec_neededusers $@
exec_set_root_pass
exec_firststart
exec_verify_passwd

45
ublinux/templates/ublinux-data.ini
Unescape View File

@ -37,9 +37,9 @@ VERSION=
#CMDLINE="noload=/12,/92 findswap"
## Default user password is 'ublinux'
## Что-бы получить хэш "openssl passwd -6 -salt ubsalt password"
## Что-бы получить хэш "openssl passwd -6 password"
## Хэш пароля для пользователя по умолчанию (стандартно ublinux)
## Если пароль стандартный, то будет подсказка + FIRSTSTART=yes > /etc/DESKTOP (Первый запуск для настройки системы)
## Если пароль стандартный, то будет подсказка на фоне рабочего стола + /etc/ublinux/firstboot (Первый запуск для настройки системы)
DEFAULTPASSWD='$6$E7stRhRS8fCKk7UU$Qoqw62AUaUa5uLIc2KC7WV3MUThhrR8kjXtCODmnKCzKe2zHu1/wmsiWBHZEIk/IQnk/aELQYbUK93OUtrwg60'
## Default root password is 'ublinux'
@ -130,11 +130,11 @@ MACHINEID=hardware
## Пароль кодировать в base64: echo 'password' | base64
## AUTOMOUNT_SHARE[mountpoint]='cifs:share:username:password_base64:domain:opt'
## AUTOMOUNT_SHARE[/mnt/cifs:share]='cifs://192.168.103.55/share:user:password_base64:domain:noperm,vers=1.0'
## AUTOMOUNT_SHARE[/mnt/sdb1]='direct:/dev/sdb1:wheel:775:noacl'
## AUTOMOUNT_SHARE[/mnt/sdb1]='virtiofs:mytag:wheel:775:'
## AUTOMOUNT_SHARE[/media/sdb1]='direct:/dev/sdb1:wheel:775:noacl'
## AUTOMOUNT_SHARE[/media/mytag]='virtiofs:mytag:wheel:775:'
## AUTOMOUNT_SHARE[/mnt/sshfs/user-1@192.168.1.1]='sshfs:superadmin@192.168.1.1:/home/user-1:password_base64:'
#AUTOMOUNT_SHARE[/mnt/share2]='cifs://192.168.103.55/share2:share:password_base64:domain:noperm,vers=1.0'
#AUTOMOUNT_SHARE[/mnt/sda4]='direct:/dev/sda4:wheel:775:noacl'
#AUTOMOUNT_SHARE[/media/sda4]='direct:/dev/sda4:wheel:775:noacl'
#AUTOMOUNT_SHARE[/mnt/sshfs/user-1@192.168.1.1]='sshfs:superadmin@192.168.1.1:/home/user-1:password_base64:'
#AUTOMOUNT_SHARE[/mnt/nfs/user-1@192.168.1.1]='nfs:192.168.1.1:/home/user-1'
@ -259,11 +259,14 @@ GRUB_BOOT_SILENT="splash"
## Задать путь хранилища контейнеров containers/podman/docker
## STORAGE_CONTAINERS_PATH=<путь>|y|yes|enable
## <путь> # Путь до каталога хранилища контейнеров
## y|yes|enable # Задаст путь /memory/layer-base/1/storage.containers
## Создать хранилище образов для QEMU
## STORAGE_QEMU_PATH=<путь>|y|yes|enable
## y|yes|enable # Установит путь /memory/layer-base/1/storage.containers
#STORAGE_CONTAINERS_PATH=yes
## Создать хранилище образов для libvirt как движок контроллера виртуализации openvz,kvm,qemu,virtualbox,xen и другие
## STORAGE_LIBVIRT_PATH=<путь>|y|yes|enable
## <путь> # Путь до каталога хранилища пула образов
## y|yes|enable # Задаст путь /memory/layer-base/1/storage.qemu
## y|yes|enable # Установит путь /memory/layer-base/1/storage.libvirt
#STORAGE_LIBVIRT_PATH=yes
################################################################################
## Настройка сохранений
@ -289,6 +292,7 @@ GRUB_BOOT_SILENT="splash"
#SAVE_MODULE_INCLUDE="/etc/pacman.d/gnupg,/etc/NetworkManager/system-connections"
#SAVE_MODULE_EXCLUDE="/etc/ublinux"
################################################################################
## Настройка сети
[/etc/ublinux/network]
@ -378,12 +382,13 @@ GRUB_BOOT_SILENT="splash"
IPV6=no
## Серверы времени
## NTPSERVERS=dhcp|default|stop|$VALUE
## NTPSERVERS=dhcp|default|ntp-ru|stop|disable|<servers>
## =dhcp # Выбрать сервер времени предложенный DHCP
## =default # Выбрать сервера времени по умолчанию: ntp1.vniiftri.ru ntp2.vniiftri.ru ntp3.vniiftri.ru ntp4.vniiftri.ru ntp21.vniiftri.ru ru.pool.ntp.org
## =stop # Отключить NTP синхронизацию принудительно
## =ntp1.vniiftri.ru,ru.pool.ntp.org # VALUE=Перечень серверов, через ',' или ';'
## не задано # Никаких действий не предпринимается
## =default # Выбрать сервера времени по умолчанию: 0, 1, 2 и 3.pool.ntp.org указывают на случайно выбранные из пула сервера. Выбираются заново каждый час
## =ntp-ru # Выбрать сервера времени: ntp1.vniiftri.ru ntp2.vniiftri.ru ntp3.vniiftri.ru ntp4.vniiftri.ru ntp21.vniiftri.ru ru.pool.ntp.org
## =stop|no|disable # Отключить NTP синхронизацию принудительно
## =<servers> # Список серверов, через ',' или ';', например =ntp1.vniiftri.ru,ru.pool.ntp.org
## не задано # Не настраивать автоматически
NTPSERVERS=dhcp
## Добавить порядок поиска DNS: avahi и winbind (default no)
@ -392,9 +397,9 @@ NSSWITCHWINBIND=yes
## Установка системных прокси для HTTP,HTTPS,FTP,SOCKS,RSYNC и адреса исключений EXCLUDE
## Для применения требуется перелогиниться
## PROXY_SYSTEM[%PROTOCOL%]=%SERVER%
## %PROTOCOL%=%null%|http|https|ftp|socks|rsync|all|auto|exclude
## %null% # Глобально, используется только с %SERVER%=no|n|disable
## PROXY_SYSTEM[<PROTOCOL>]=<SERVER>
## <PROTOCOL>=<null>|http|https|ftp|socks|rsync|all|auto|exclude
## <null> # Если пусто, то применить глобально, используется только с SERVER=no|n|disable
## http # Прокси для протокола HTTP
## https # Прокси для протокола HTTPS
## ftp # Прокси для протокола FTP
@ -404,13 +409,13 @@ NSSWITCHWINBIND=yes
## auto # Только для Gnome, адрес сервера автоматической настройки прокси-сервера (PAC), https://wiki.gentoo.org/wiki/ProxyAutoConfig
## exclude # Адреса, имена dns, сети исключений, доступ к которым осуществляется напрямую, например: localhost,127.0.0.1,::1,192.168.1.1,192.168.2.0/24
## # Внимание, подстановочные символы (звёздочка) и CIDR нотации не поддерживаются!
## %SERVER%=no|n|none|disable|%ADDRESS%
## %ADDRESS% # Прокси сервер, https://user:password@proxy_server:port , https://proxy_server:port
## <SERVER>=no|n|none|disable|<ADDRESS>
## <ADDRESS> # Прокси сервер, https://user:password@proxy_server:port , https://proxy_server:port
## # Если Ваш пароль содержит спец. символы, Вы должны заменить их на ASCII коды. Например символ собаки @, должен быть заменен на «%40»
## # Если указан %PROTOCOL%=auto, то указывается путь до файла конфигурации http://my.proxy.org/foo.pac
## no|n|none|disable # Отключить ранее настроенный системный прокси
## PROXY_SYSTEM=disable
## PROXY_SYSTEM[https]=https://user:password@192.168.1.1:443
## PROXY_SYSTEM[https]=http://user:password@192.168.1.1:443
## PROXY_SYSTEM[http]=http://127.0.0.1:8118
## PROXY_SYSTEM[https]=https://127.0.0.1:8118
## PROXY_SYSTEM[ftp]=ftp://127.0.0.1:8118

Write Preview
Loading…
Cancel
Save