From cc144d9e8fee33faf86675fa1887ece14a061d05 Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Tue, 16 Jun 2015 11:14:50 +0200 Subject: [PATCH] generate ssh keys Signed-off-by: Nico Schottelius --- hacking/v3-busybox/all.sh | 19 -------------- hacking/v3-busybox/copy_bin_with_libs.sh | 32 ++++++------------------ hacking/v3-busybox/create_initramfs.sh | 11 ++++---- hacking/v3-busybox/init | 14 +++++++---- hacking/v3-busybox/sshd_config.sh | 15 +++++++++++ 5 files changed, 38 insertions(+), 53 deletions(-) diff --git a/hacking/v3-busybox/all.sh b/hacking/v3-busybox/all.sh index 563d093a..e16e9c55 100755 --- a/hacking/v3-busybox/all.sh +++ b/hacking/v3-busybox/all.sh @@ -11,22 +11,3 @@ initramfs=preos/boot/initramfs ./create_iso.sh preos preos.iso exit 0 - -run_earlyhook() { - kmod static-nodes --format=tmpfiles --output=/run/tmpfiles.d/kmod.conf - systemd-tmpfiles --prefix=/dev --create --boot - /usr/lib/systemd/systemd-udevd --daemon --resolve-names=never - udevd_running=1 -} - -run_hook() { - msg ":: Triggering uevents..." - udevadm trigger --action=add --type=subsystems - udevadm trigger --action=add --type=devices - udevadm settle -} - -run_cleanuphook() { - udevadm control --exit - udevadm info --cleanup-db -} diff --git a/hacking/v3-busybox/copy_bin_with_libs.sh b/hacking/v3-busybox/copy_bin_with_libs.sh index ee2b532e..d850eb59 100755 --- a/hacking/v3-busybox/copy_bin_with_libs.sh +++ b/hacking/v3-busybox/copy_bin_with_libs.sh @@ -13,13 +13,17 @@ fi out_dir=$1 +# TODO: +# - various mkfs + #bin_list="udevadm bash fdisk mount syslinux umount rm mv" -bin_list="udevadm fdisk" +bin_list="udevadm fdisk sshd ssh-keygen" + +# debug tools +bin_list="$bin_list strace less" libs=$(mktemp /tmp/cdist-preos-libs.XXXXXXXXXXXXX) -mkdir -p "$out_dir/bin" "$out_dir/lib" - ( for bin in $bin_list; do src=$(which "$bin") @@ -31,30 +35,10 @@ mkdir -p "$out_dir/bin" "$out_dir/lib" while read lib; do - if echo $lib | grep '^/'; then + if echo $lib | grep -q '^/'; then # echo "Copying fqdn lib $lib ..." cp "$lib" "$out_dir/lib" - else - echo "How to copy $lib ?" fi done < "$libs" - rm -f "$libs" - -exit 0 - - -bin=$1 - -# Not used alternatives -# new_list=$(objdump -p /usr/bin/ls | awk '$1 ~ /NEEDED/ { print $2 }') -# ldconfig -p | grep 'libBrokenLocale.so.1$' | sed 's/.* => //' - - -for new_item in $new_list; do - - -done - -ldconfig -p | diff --git a/hacking/v3-busybox/create_initramfs.sh b/hacking/v3-busybox/create_initramfs.sh index 77606374..70bc77ed 100755 --- a/hacking/v3-busybox/create_initramfs.sh +++ b/hacking/v3-busybox/create_initramfs.sh @@ -1,6 +1,7 @@ #!/bin/sh -set -ex +set -e +here=$(pwd -P) initramfs_dir=$(mktemp -d /tmp/cdist-preos.XXXXXXX) # initramfs_dir=$1 @@ -22,10 +23,10 @@ cd "${initramfs_dir}" # Add Arch Linux initramfs with kernel modules included zcat /boot/initramfs-linux-fallback.img | cpio -i -# TODO: -# - ssh -# - various mkfs -# - libs +# Add helper binaries +"$here/copy_bin_with_libs.sh" "$initramfs_dir" >/dev/null 2>&1 +"$here/sshd_config.sh" "$initramfs_dir" + # Create new initramfs find . | cpio -H newc -o | gzip diff --git a/hacking/v3-busybox/init b/hacking/v3-busybox/init index 2c6d747a..bf6011f9 100755 --- a/hacking/v3-busybox/init +++ b/hacking/v3-busybox/init @@ -1,17 +1,16 @@ #!/bin/sh -#Create all the symlinks to /bin/busybox +# Create all the symlinks to /bin/busybox /bin/busybox --install -s -#Mount things needed by this script +# Mount things needed by this script mount -t proc proc /proc mount -t sysfs sysfs /sys -#Disable kernel messages from popping onto the screen +# Disable kernel messages from popping onto the screen echo 0 > /proc/sys/kernel/printk - -#Create device nodes +# Create device nodes mknod /dev/null c 1 3 mknod /dev/tty c 5 0 mdev -s @@ -24,5 +23,10 @@ udevadm trigger --action=add --type=subsystems udevadm trigger --action=add --type=devices udevadm settle +# /bin/sshd + +# Generate keys for sshd +echo "Generating keys for sshd" +ssh-keygen -A exec sh diff --git a/hacking/v3-busybox/sshd_config.sh b/hacking/v3-busybox/sshd_config.sh index 10a8f465..090aae8c 100755 --- a/hacking/v3-busybox/sshd_config.sh +++ b/hacking/v3-busybox/sshd_config.sh @@ -9,6 +9,7 @@ dir=$1 mkdir -p "$dir/etc/ssh" mkdir -p "$dir/root/.ssh" +mkdir -p "$dir/lib" cat << eof > "$dir/etc/ssh/sshd_config" # cdist generated - do not modify @@ -25,6 +26,20 @@ root:x:0:root nobody:x:99: eof +# libpam not found +# /etc/ssl/openssl.cnf +# /etc/gai.conf +# no nscd socket +# /etc/nsswitch.conf +# libnss_compat.so.2 +# libnss_files.so.2 + +# Fixes the user problem +cp /lib/libnss* "$dir/lib" + +# Required by sshd +mkdir -p "$dir/var/empty" + #cat << eof > "$dir/etc/shadow" #root:x:0:0:root:/root:/bin/bash #nobody:x:1::::::