aboutsummaryrefslogtreecommitdiffstats
path: root/main/mkinitfs/0003-initramfs-init-add-support-for-ssh-installer.patch
diff options
context:
space:
mode:
Diffstat (limited to 'main/mkinitfs/0003-initramfs-init-add-support-for-ssh-installer.patch')
-rw-r--r--main/mkinitfs/0003-initramfs-init-add-support-for-ssh-installer.patch121
1 files changed, 121 insertions, 0 deletions
diff --git a/main/mkinitfs/0003-initramfs-init-add-support-for-ssh-installer.patch b/main/mkinitfs/0003-initramfs-init-add-support-for-ssh-installer.patch
new file mode 100644
index 0000000000..bcc4e0d493
--- /dev/null
+++ b/main/mkinitfs/0003-initramfs-init-add-support-for-ssh-installer.patch
@@ -0,0 +1,121 @@
+From 64be7028a529d940f81fda31a8e1dfa2281e4989 Mon Sep 17 00:00:00 2001
+From: "Tuan M. Hoang" <tmhoang@flatglobe.org>
+Date: Mon, 21 May 2018 11:54:44 +0000
+Subject: [PATCH 3/3] initramfs-init: add support for ssh installer
+
+This commit allows starting 'firstboot' service (see aports/openrc),
+which will setup installation through SSH if specified in kernel
+parameters.
+
+Real wget is used instead since busybox's wget is broken without
+openssl binary #8917. Credits to clandmeter.
+
+- Allow adding DNS server in configure_ip()
+- Prefix kernel parameters with KOPT_
+---
+ initramfs-init.in | 37 ++++++++++++++++++++++++++++++++-----
+ 1 file changed, 32 insertions(+), 5 deletions(-)
+
+diff --git a/initramfs-init.in b/initramfs-init.in
+index 933c8c1..f33f010 100755
+--- a/initramfs-init.in
++++ b/initramfs-init.in
+@@ -183,6 +183,8 @@ configure_ip() {
+ local netmask="$4"
+ local device="$6"
+ local autoconf="$7"
++ local dns1="$8"
++ local dns2="$9"
+ case "$client_ip" in
+ off|none|'') return;;
+ dhcp) autoconf="dhcp";;
+@@ -209,6 +211,8 @@ configure_ip() {
+ ebegin "Setting IP ($device)..."
+ ip_set "$device" "$client_ip" "$netmask" "$gw_ip"
+ eend $?
++ [ -n "$dns1" ] && echo "nameserver $dns1" >> /etc/resolv.conf
++ [ -n "$dns2" ] && echo "nameserver $dns2" >> /etc/resolv.conf
+ fi
+ MAC_ADDRESS=$(cat /sys/class/net/$device/address)
+ }
+@@ -262,6 +266,19 @@ setup_nbd() {
+ [ "$n" != 0 ] || return 1
+ }
+
++# possible cmdline options which could have secure urls.
++# this does not include apkovl as it need to be fetched inside of initramfs
++need_wget() {
++ local opt= ret=1
++ for opt in modloop ssh_key; do
++ eval "opt=\$KOPT_$opt"
++ case "$opt" in
++ https://*|ftps://*) ret=0;;
++ esac
++ done
++ return $ret
++}
++
+ # read the kernel options. we need surve things like:
+ # acpi_osi="!Windows 2006" xen-pciback.hide=(01:00.0)
+ set -- $(cat /proc/cmdline)
+@@ -269,7 +286,7 @@ set -- $(cat /proc/cmdline)
+ myopts="alpine_dev autodetect autoraid chart cryptroot cryptdm cryptheader cryptoffset
+ cryptdiscards debug_init dma init_args keep_apk_new modules ovl_dev pkgs quiet
+ root_size root usbdelay ip alpine_repo apkovl alpine_start splash blacklist
+- overlaytmpfs rootfstype rootflags nbd resume s390x_net dasd"
++ overlaytmpfs rootfstype rootflags nbd resume s390x_net dasd ssh_key ssh_pass"
+
+ for opt; do
+ case "$opt" in
+@@ -345,20 +362,20 @@ mount -t devpts -o gid=5,mode=0620,noexec,nosuid devpts /dev/pts
+ [ -d /dev/shm ] || mkdir /dev/shm
+ mount -t tmpfs -o nodev,nosuid,noexec shm /dev/shm
+
+-if [ -n "$dasd" ]; then
++if [ -n "$KOPT_dasd" ]; then
+ for mod in dasd_mod dasd_eckd_mod dasd_fba_mod; do
+ modprobe $mod
+ done
+- for _dasd in $(echo "$dasd" | tr ',' ' ' ); do
++ for _dasd in $(echo "$KOPT_dasd" | tr ',' ' ' ); do
+ echo 1 > /sys/bus/ccw/devices/"${_dasd%%:*}"/online
+ done
+ fi
+
+-if [ "${s390x_net%%,*}" = "qeth_l2" ]; then
++if [ "${KOPT_s390x_net%%,*}" = "qeth_l2" ]; then
+ for mod in qeth qeth_l2 qeth_l3; do
+ modprobe $mod
+ done
+- _channel="${s390x_net#*,}"
++ _channel="${KOPT_s390x_net#*,}"
+ echo "$_channel" > /sys/bus/ccwgroup/drivers/qeth/group
+ echo 1 > /sys/bus/ccwgroup/drivers/qeth/"${_channel%%,*}"/layer2
+ echo 1 > /sys/bus/ccwgroup/drivers/qeth/"${_channel%%,*}"/online
+@@ -540,6 +557,8 @@ if [ -f "$sysroot/etc/.default_boot_services" -o ! -f "$ovl" ]; then
+ rc_add killprocs shutdown
+ rc_add savecache shutdown
+
++ rc_add firstboot default
++
+ rm -f "$sysroot/etc/.default_boot_services"
+ fi
+
+@@ -622,6 +641,14 @@ if [ "$KOPT_chart" = yes ]; then
+ pkgs="$pkgs acct"
+ fi
+
++# add openssh
++if [ -n "$KOPT_ssh_key" ] || [ -n "$KOPT_ssh_pass" ]; then
++ pkgs="$pkgs openssh"
++fi
++
++# add wget if using secure urls in cmdline
++need_wget && pkgs="$pkgs wget"
++
+ apkflags="--initramfs-diskless-boot --progress"
+ if [ -z "$ALPINE_REPO" ]; then
+ apkflags="$apkflags --no-network"
+--
+2.17.0
+