From a145ddda284570e57413e37f025c3657205e17d8 Mon Sep 17 00:00:00 2001 From: "David Kaspar [Dee'Kej]" Date: Fri, 25 May 2018 20:01:54 +0200 Subject: Repository scheme updated to new layout NOTE: This commit just moves files around, without actually fixing the Makefiles and specfile. See follow up commits which resolve this. --- usr/lib/systemd/fedora-domainname | 9 + usr/lib/systemd/fedora-import-state | 39 ++++ usr/lib/systemd/fedora-loadmodules | 11 ++ usr/lib/systemd/fedora-readonly | 204 +++++++++++++++++++++ usr/lib/systemd/system/fedora-domainname.service | 13 ++ usr/lib/systemd/system/fedora-import-state.service | 17 ++ usr/lib/systemd/system/fedora-loadmodules.service | 16 ++ usr/lib/systemd/system/fedora-readonly.service | 15 ++ usr/lib/tmpfiles.d/initscripts.conf | 2 + usr/lib/udev/rules.d/60-net.rules | 1 + usr/sbin/service | 91 +++++++++ usr/sbin/sushell | 5 + usr/sbin/sys-unconfig | 12 ++ 13 files changed, 435 insertions(+) create mode 100755 usr/lib/systemd/fedora-domainname create mode 100755 usr/lib/systemd/fedora-import-state create mode 100755 usr/lib/systemd/fedora-loadmodules create mode 100755 usr/lib/systemd/fedora-readonly create mode 100644 usr/lib/systemd/system/fedora-domainname.service create mode 100644 usr/lib/systemd/system/fedora-import-state.service create mode 100644 usr/lib/systemd/system/fedora-loadmodules.service create mode 100644 usr/lib/systemd/system/fedora-readonly.service create mode 100644 usr/lib/tmpfiles.d/initscripts.conf create mode 100644 usr/lib/udev/rules.d/60-net.rules create mode 100755 usr/sbin/service create mode 100755 usr/sbin/sushell create mode 100755 usr/sbin/sys-unconfig (limited to 'usr') diff --git a/usr/lib/systemd/fedora-domainname b/usr/lib/systemd/fedora-domainname new file mode 100755 index 00000000..5c934584 --- /dev/null +++ b/usr/lib/systemd/fedora-domainname @@ -0,0 +1,9 @@ +#!/usr/bin/bash +. /etc/sysconfig/network + +if [ -n "${NISDOMAIN}" ] && [ -x /usr/bin/domainname ]; then + domainname ${NISDOMAIN} + exit $? +fi + +exit 0 diff --git a/usr/lib/systemd/fedora-import-state b/usr/lib/systemd/fedora-import-state new file mode 100755 index 00000000..85bc4817 --- /dev/null +++ b/usr/lib/systemd/fedora-import-state @@ -0,0 +1,39 @@ +#!/bin/bash +# fedora-import-state: import state files from initramfs (e.g. network config) + +# Copy state into root folder: +# ============================ +cd /run/initramfs/state + +IFS_backup=$IFS +IFS=$'\n' # Process find's results line by line + +dirs_found=$(find . -type d) + +for dir in $dirs_found; do + pushd "$dir" > /dev/null + + # Remove initial '.' char from the find's result: + dest_dir="${dir/\./}" + + # Create destination folder if it does not exist (with the same rights): + if [[ -n "$dest_dir" && ! -d "$dest_dir" ]]; then + mkdir -p "$dest_dir" + chmod --reference="$PWD" "$dest_dir" + chown --reference="$PWD" "$dest_dir" + fi + + # Copy all files that are not directory: + find . -mindepth 1 -maxdepth 1 -not -type d -exec cp -av -t "$dest_dir" {} \; > /dev/null + + popd > /dev/null +done + +IFS=$IFS_backup + + +# Run restorecon on the copied files: +# =================================== +if [ -e /sys/fs/selinux/enforce ] && [ -x /usr/sbin/restorecon ]; then + find . -mindepth 1 -print0 | { cd / && xargs --null restorecon -iF; } +fi diff --git a/usr/lib/systemd/fedora-loadmodules b/usr/lib/systemd/fedora-loadmodules new file mode 100755 index 00000000..4fd167c4 --- /dev/null +++ b/usr/lib/systemd/fedora-loadmodules @@ -0,0 +1,11 @@ +#!/bin/bash + +# Load other user-defined modules +for file in /etc/sysconfig/modules/*.modules ; do + [ -x $file ] && $file +done + +# Load modules (for backward compatibility with VARs) +if [ -f /etc/rc.modules ]; then + /etc/rc.modules +fi diff --git a/usr/lib/systemd/fedora-readonly b/usr/lib/systemd/fedora-readonly new file mode 100755 index 00000000..a3679580 --- /dev/null +++ b/usr/lib/systemd/fedora-readonly @@ -0,0 +1,204 @@ +#!/bin/bash +# +# Set up readonly-root support. +# + +. /etc/init.d/functions + +# We need to initialize the $HOSTNAME variable by ourselves now: +# (It was previously done for RHEL-6 branch, but got lost in time.) +HOSTNAME="$(hostname)" + +# Check SELinux status +SELINUX_STATE= +if [ -e "/sys/fs/selinux/enforce" ] && [ "$(cat /proc/self/attr/current | tr -d '\000' )" != "kernel" ]; then + if [ -r "/sys/fs/selinux/enforce" ] ; then + SELINUX_STATE=$(cat "/sys/fs/selinux/enforce") + else + # assume enforcing if you can't read it + SELINUX_STATE=1 + fi +fi + +selinux_fixup() { + if [ -n "$SELINUX_STATE" ] && [ -e "$1" ]; then + restorecon -R "$1" + fi +} + +# Only read this once. +[ -z "${cmdline}" ] && cmdline=$(cat /proc/cmdline) + +READONLY= +if [ -f /etc/sysconfig/readonly-root ]; then + . /etc/sysconfig/readonly-root +fi +if strstr "$cmdline" readonlyroot ; then + READONLY=yes + [ -z "$RW_MOUNT" ] && RW_MOUNT=/var/lib/stateless/writable + [ -z "$STATE_MOUNT" ] && STATE_MOUNT=/var/lib/stateless/state +fi +if strstr "$cmdline" noreadonlyroot ; then + READONLY=no +fi + +MOUNTS=() +if [ "$READONLY" = "yes" -o "$TEMPORARY_STATE" = "yes" ]; then + + add_mount() { + mnt=${1%/} + MOUNTS=("${MOUNTS[@]}" "$mnt") + } + + cp_empty() { + if [ -e "$1" ]; then + echo "$1" | cpio -p -vd "$RW_MOUNT" &>/dev/null + add_mount $1 + fi + } + + cp_dirs() { + if [ -e "$1" ]; then + mkdir -p "$RW_MOUNT$1" + find "$1" -type d -print0 | cpio -p -0vd "$RW_MOUNT" &>/dev/null + add_mount $1 + fi + } + + cp_files() { + if [ -e "$1" ]; then + cp -a --parents "$1" "$RW_MOUNT" + add_mount $1 + fi + } + + # Common mount options for scratch space regardless of + # type of backing store + mountopts= + + # Scan partitions for local scratch storage + rw_mount_dev=$(blkid -t LABEL="$RW_LABEL" -l -o device) + + bindmountopts= + [ "$SLAVE_MOUNTS" = "yes" ] && bindmountopts="--make-slave" + + # First try to mount scratch storage from /etc/fstab, then any + # partition with the proper label. If either succeeds, be sure + # to wipe the scratch storage clean. If both fail, then mount + # scratch storage via tmpfs. + if mount $mountopts "$RW_MOUNT" > /dev/null 2>&1 ; then + rm -rf "$RW_MOUNT" > /dev/null 2>&1 + elif [ x$rw_mount_dev != x ] && mount $rw_mount_dev $mountopts "$RW_MOUNT" > /dev/null 2>&1; then + rm -rf "$RW_MOUNT" > /dev/null 2>&1 + else + mount -n -t tmpfs $RW_OPTIONS $mountopts none "$RW_MOUNT" + fi + + for file in /etc/rwtab /etc/rwtab.d/* /run/initramfs/rwtab ; do + is_ignored_file "$file" && continue + [ -f $file ] && while read type path ; do + case "$type" in + empty) + cp_empty $path + ;; + files) + cp_files $path + ;; + dirs) + cp_dirs $path + ;; + *) + ;; + esac + done < <(cat $file) + done + + for m in "${MOUNTS[@]}"; do + prefix=0 + for mount_point in "${MOUNTS[@]}"; do + [[ $m = $mount_point ]] && continue + if [[ $m =~ ^$mount_point/.* ]] ; then + prefix=1 + break + fi + done + [[ $prefix -eq 1 ]] && continue + + mount -n --bind $bindmountopts "$RW_MOUNT$m" "$m" + selinux_fixup "$m" + done + + # Use any state passed by initramfs + [ -d /run/initramfs/state ] && cp -a /run/initramfs/state/* $RW_MOUNT + + # In theory there should be no more than one network interface active + # this early in the boot process -- the one we're booting from. + # Use the network address to set the hostname of the client. This + # must be done even if we have local storage. + ipaddr= + if [ "$HOSTNAME" = "localhost" -o "$HOSTNAME" = "localhost.localdomain" ]; then + ipaddr=$(ip addr show to 0.0.0.0/0 scope global | awk '/[[:space:]]inet / { print gensub("/.*","","g",$2) }') + for ip in $ipaddr ; do + HOSTNAME= + eval $(ipcalc -h $ipaddr 2>/dev/null) + [ -n "$HOSTNAME" ] && { hostname ${HOSTNAME} ; break; } + done + fi + + # Clients with read-only root filesystems may be provided with a + # place where they can place minimal amounts of persistent + # state. SSH keys or puppet certificates for example. + # + # Ideally we'll use puppet to manage the state directory and to + # create the bind mounts. However, until that's all ready this + # is sufficient to build a working system. + + # First try to mount persistent data from /etc/fstab, then any + # partition with the proper label, then fallback to NFS + state_mount_dev=$(blkid -t LABEL="$STATE_LABEL" -l -o device) + if mount $mountopts $STATE_OPTIONS "$STATE_MOUNT" > /dev/null 2>&1 ; then + /bin/true + elif [ x$state_mount_dev != x ] && mount $state_mount_dev $mountopts "$STATE_MOUNT" > /dev/null 2>&1; then + /bin/true + elif [ ! -z "$CLIENTSTATE" ]; then + # No local storage was found. Make a final attempt to find + # state on an NFS server. + + mount -t nfs $CLIENTSTATE/$HOSTNAME $STATE_MOUNT -o rw,nolock + fi + + if [ -w "$STATE_MOUNT" ]; then + + mount_state() { + if [ -e "$1" ]; then + [ ! -e "$STATE_MOUNT$1" ] && cp -a --parents "$1" "$STATE_MOUNT" + mount -n --bind $bindmountopts "$STATE_MOUNT$1" "$1" + fi + } + + for file in /etc/statetab /etc/statetab.d/* ; do + is_ignored_file "$file" && continue + [ ! -f "$file" ] && continue + + if [ -f "$STATE_MOUNT/$file" ] ; then + mount -n --bind $bindmountopts "$STATE_MOUNT/$file" "$file" + fi + + for path in $(grep -v "^#" "$file" 2>/dev/null); do + mount_state "$path" + selinux_fixup "$path" + done + done + + if [ -f "$STATE_MOUNT/files" ] ; then + for path in $(grep -v "^#" "$STATE_MOUNT/files" 2>/dev/null); do + mount_state "$path" + selinux_fixup "$path" + done + fi + fi + + if mount | grep -q /var/lib/nfs/rpc_pipefs ; then + mount -t rpc_pipefs sunrpc /var/lib/nfs/rpc_pipefs + fi +fi diff --git a/usr/lib/systemd/system/fedora-domainname.service b/usr/lib/systemd/system/fedora-domainname.service new file mode 100644 index 00000000..b62e52b1 --- /dev/null +++ b/usr/lib/systemd/system/fedora-domainname.service @@ -0,0 +1,13 @@ +[Unit] +Description=Read and set NIS domainname from /etc/sysconfig/network +Before=ypbind.service yppasswdd.service ypserv.service ypxfrd.service sysinit.target +DefaultDependencies=no +Conflicts=shutdown.target + +[Service] +ExecStart=/usr/lib/systemd/fedora-domainname +Type=oneshot +RemainAfterExit=yes + +[Install] +WantedBy=sysinit.target diff --git a/usr/lib/systemd/system/fedora-import-state.service b/usr/lib/systemd/system/fedora-import-state.service new file mode 100644 index 00000000..b43ac29f --- /dev/null +++ b/usr/lib/systemd/system/fedora-import-state.service @@ -0,0 +1,17 @@ +[Unit] +Description=Import network configuration from initramfs +DefaultDependencies=no +ConditionPathIsReadWrite=/ +ConditionDirectoryNotEmpty=/run/initramfs/state +Conflicts=shutdown.target +Before=shutdown.target emergency.service emergency.target systemd-tmpfiles-setup.service sysinit.target +After=local-fs.target + +[Service] +ExecStart=/usr/lib/systemd/fedora-import-state +Type=oneshot +TimeoutSec=0 +RemainAfterExit=yes + +[Install] +WantedBy=sysinit.target diff --git a/usr/lib/systemd/system/fedora-loadmodules.service b/usr/lib/systemd/system/fedora-loadmodules.service new file mode 100644 index 00000000..641e7711 --- /dev/null +++ b/usr/lib/systemd/system/fedora-loadmodules.service @@ -0,0 +1,16 @@ +[Unit] +Description=Load legacy module configuration +DefaultDependencies=no +Conflicts=shutdown.target +Before=sysinit.target shutdown.target +ConditionPathExists=|/etc/rc.modules +ConditionDirectoryNotEmpty=|/etc/sysconfig/modules/ + +[Service] +ExecStart=/usr/lib/systemd/fedora-loadmodules +Type=oneshot +TimeoutSec=0 +RemainAfterExit=yes + +[Install] +WantedBy=sysinit.target diff --git a/usr/lib/systemd/system/fedora-readonly.service b/usr/lib/systemd/system/fedora-readonly.service new file mode 100644 index 00000000..30530219 --- /dev/null +++ b/usr/lib/systemd/system/fedora-readonly.service @@ -0,0 +1,15 @@ +[Unit] +Description=Configure read-only root support +DefaultDependencies=no +Conflicts=shutdown.target +Before=shutdown.target emergency.service emergency.target systemd-tmpfiles-setup.service local-fs.target systemd-random-seed.service +After=systemd-remount-fs.service + +[Service] +ExecStart=/usr/lib/systemd/fedora-readonly +Type=oneshot +TimeoutSec=0 +RemainAfterExit=yes + +[Install] +WantedBy=local-fs.target diff --git a/usr/lib/tmpfiles.d/initscripts.conf b/usr/lib/tmpfiles.d/initscripts.conf new file mode 100644 index 00000000..8d2a2968 --- /dev/null +++ b/usr/lib/tmpfiles.d/initscripts.conf @@ -0,0 +1,2 @@ + +d /run/netreport 0775 root root - diff --git a/usr/lib/udev/rules.d/60-net.rules b/usr/lib/udev/rules.d/60-net.rules new file mode 100644 index 00000000..41875017 --- /dev/null +++ b/usr/lib/udev/rules.d/60-net.rules @@ -0,0 +1 @@ +ACTION=="add", SUBSYSTEM=="net", DRIVERS=="?*", ATTR{type}=="1", PROGRAM="/lib/udev/rename_device", RESULT=="?*", NAME="$result" diff --git a/usr/sbin/service b/usr/sbin/service new file mode 100755 index 00000000..31d8f3e1 --- /dev/null +++ b/usr/sbin/service @@ -0,0 +1,91 @@ +#!/bin/bash + +. /etc/init.d/functions + +VERSION="$(basename $0) ver. 1.1" +USAGE="Usage: $(basename $0) < option > | --status-all | \ +[ service_name [ command | --full-restart ] ]" +SERVICEDIR="/etc/init.d" +ACTIONDIR="/usr/libexec/initscripts/legacy-actions" +SERVICE= +ACTION= +OPTIONS= + +if [ $# -eq 0 ]; then + echo "${USAGE}" >&2 + exit 1 +fi + +cd / +while [ $# -gt 0 ]; do + case "${1}" in + --help | -h | --h* ) + echo "${USAGE}" >&2 + exit 0 + ;; + --version | -V ) + echo "${VERSION}" >&2 + exit 0 + ;; + --ignore-dependencies) + export SYSTEMCTL_IGNORE_DEPENDENCIES=1 + shift + ;; + --skip-redirect) + export SYSTEMCTL_SKIP_REDIRECT=1 + shift + ;; + *) + if [ -z "${SERVICE}" -a $# -eq 1 -a "${1}" = "--status-all" ]; then + cd ${SERVICEDIR} + for SERVICE in * ; do + case "${SERVICE}" in + functions | halt | killall | single| linuxconf| kudzu) + ;; + *) + if ! is_ignored_file "${SERVICE}" \ + && [ -x "${SERVICEDIR}/${SERVICE}" ]; then + env -i PATH="$PATH" TERM="$TERM" "${SERVICEDIR}/${SERVICE}" status + fi + ;; + esac + done + exit 0 + elif [ $# -eq 2 -a "${2}" = "--full-restart" ]; then + SERVICE="${1}" + if [ -x "${SERVICEDIR}/${SERVICE}" ]; then + env -i PATH="$PATH" TERM="$TERM" "${SERVICEDIR}/${SERVICE}" stop + env -i PATH="$PATH" TERM="$TERM" "${SERVICEDIR}/${SERVICE}" start + exit $? + fi + elif [ -z "${SERVICE}" ]; then + SERVICE="${1}" + elif [ -z "${ACTION}" ]; then + ACTION="${1}" + else + OPTIONS="${OPTIONS} ${1}" + fi + shift + ;; + esac +done + +if [ -f "${SERVICEDIR}/${SERVICE}" ]; then + # LSB daemons that dies abnormally in systemd looks alive in systemd's eyes due to RemainAfterExit=yes + # lets reap them before next start + if [ "${ACTION}" = "start" ] && \ + systemctl show -p ActiveState ${SERVICE}.service | grep -q '=active$' && \ + systemctl show -p SubState ${SERVICE}.service | grep -q '=exited$' ; then + /bin/systemctl stop ${SERVICE}.service + fi + env -i PATH="$PATH" TERM="$TERM" SYSTEMCTL_IGNORE_DEPENDENCIES=${SYSTEMCTL_IGNORE_DEPENDENCIES} SYSTEMCTL_SKIP_REDIRECT=${SYSTEMCTL_SKIP_REDIRECT} "${SERVICEDIR}/${SERVICE}" ${ACTION} ${OPTIONS} +elif [ -n "${ACTION}" ] && [ -x "${ACTIONDIR}/${SERVICE}/${ACTION}" ]; then + env -i PATH="$PATH" TERM="$TERM" SYSTEMCTL_IGNORE_DEPENDENCIES=${SYSTEMCTL_IGNORE_DEPENDENCIES} SYSTEMCTL_SKIP_REDIRECT=${SYSTEMCTL_SKIP_REDIRECT} "${ACTIONDIR}/${SERVICE}/${ACTION}" ${OPTIONS} +elif `echo $ACTION | grep -Eqw "start|stop|restart|try-restart|reload|force-reload|status|condrestart"` ; then + SERVICE_MANGLED=$(/usr/bin/systemd-escape --mangle ${SERVICE}) + echo $"Redirecting to /bin/systemctl ${ACTION}${OPTIONS:+ }${OPTIONS} ${SERVICE_MANGLED}" >&2 + exec /bin/systemctl ${ACTION} ${OPTIONS} ${SERVICE_MANGLED} +else + echo $"The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl." >&2 + exit 2 +fi diff --git a/usr/sbin/sushell b/usr/sbin/sushell new file mode 100755 index 00000000..7d969416 --- /dev/null +++ b/usr/sbin/sushell @@ -0,0 +1,5 @@ +#!/bin/bash + +[ -z "$SUSHELL" ] && SUSHELL=/bin/bash + +exec $SUSHELL diff --git a/usr/sbin/sys-unconfig b/usr/sbin/sys-unconfig new file mode 100755 index 00000000..b5f4d78c --- /dev/null +++ b/usr/sbin/sys-unconfig @@ -0,0 +1,12 @@ +#!/bin/bash + +. /etc/init.d/functions + +if [ $# -ne 0 ]; then + echo $"Usage: sys-unconfig" >&2 + exit 1 +fi + +touch /.unconfigured +rm -f /etc/udev/rules.d/*-persistent-*.rules +poweroff -- cgit v1.2.1