Download gnupghome.tar when net-booting

This contains a keyring that is generated on the server for each client that netboots.
author: Andrew Cady <d@jerkface.net> 2016-05-01 03:30:20 -0400
committer: Andrew Cady <d@jerkface.net> 2016-05-01 03:30:20 -0400
commit: 38e2aaaa634eb731c9221bee522958334b4fc7e9 (patch)
tree: 5ae29976ec1b82947dc29bea46e7ec24a7fa412f /src
parent: 06dc6f6c4b662f798d4f4221fd110b33e768d3ce (diff)
2 files changed, 71 insertions, 1 deletions
diff --git a/src/dnsmasq-dhcp-script.sh b/src/dnsmasq-dhcp-script.sh
new file mode 100644
index 0000000..167d229
--- /dev/null
+++ b/src/dnsmasq-dhcp-script.sh
@@ -0,0 +1,64 @@
+#!/bin/sh
+. samizdat-paths.sh
+TFTP_ROOT=${samizdat_isolinux_dir}
+[ "$1 $4" = "tftp ${TFTP_ROOT}/linux/vmlinuz" ] || exit
+# $2 is the length of the file
+CLIENT_IP=$3
+# dnsmasq clears the environment.  kiki needs at least $HOME
+export USER=root
+export MAIL=/var/mail/root
+export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+export LANG=en_US.UTF-8
+export HOME=/root
+export LANGUAGE=en_US:en
+export LOGNAME=root
+debug()
+{
+    LOGDIR=/var/log/dnsmasq-dhcp-script
+    mkdir -p "$LOGDIR"
+    exec > "$LOGDIR/$$.log" 2>&1
+    set -x
+}
+new_child()
+{
+    child_dir=$samizdat_child_dir/child.$$
+    if [ -d "$child_dir" ]; then
+        rmdir "$child_dir" || exit 1
+    fi
+    sh -x "$(which keygen.sh)" "$child_dir" || return
+    tar --exclude '*~' -zcf "$child_dir"/gnupghome.tar -C "$child_dir"/root/.gnupg . || return
+    tftp_dir="${TFTP_ROOT}"/"$CLIENT_IP"
+    if [ ! -d "$tftp_dir" ]; then
+        ATOMIC=y
+        dest_dir="$tftp_dir"~
+        # DNSMASQ DOCUMENTATION IS WRONG OMFG
+        # Otherwise this symlink farm would be unnecessary
+        mkdir -p "$dest_dir"
+        (cd "$dest_dir" && ln -sf ../* . && rm "$CLIENT_IP"~) || return
+    else
+        dest_dir="$tftp_dir"
+    fi
+    chown dnsmasq "$child_dir" "$child_dir"/gnupghome.tar
+    ln -sf "$child_dir"/gnupghome.tar "$dest_dir"/
+    if [ "$ATOMIC" ]; then
+        mv -T "$dest_dir" "$tftp_dir"
+    fi
+}
+cleanup_after_fail()
+{
+    umount "$child_dir"
+    rmdir "$child_dir"
+}
+debug
+(new_child || cleanup_after_fail) &
diff --git a/src/keygen.sh b/src/keygen.sh
index 4c13e67..5b48512 100755
--- a/src/keygen.sh
+++ b/src/keygen.sh
@@ -60,13 +60,19 @@ doublecheck()
 silent()
 {
+    case "$-" in
+        *x*) return ;;
+    esac
+    SILENT=y
    exec 3>&1 4>&2
    exec >/dev/null 2>&1
 }
 noisy()
 {
-    exec >&3 2>&1
+    if [ "$SILENT" ]; then
+        exec >&3 2>&1
+    fi
 }
 new_child()
author	Andrew Cady <d@jerkface.net>	2016-05-01 03:30:20 -0400
committer	Andrew Cady <d@jerkface.net>	2016-05-01 03:30:20 -0400
commit	38e2aaaa634eb731c9221bee522958334b4fc7e9 (patch)
tree	5ae29976ec1b82947dc29bea46e7ec24a7fa412f /src
parent	06dc6f6c4b662f798d4f4221fd110b33e768d3ce (diff)

diff --git a/src/dnsmasq-dhcp-script.sh b/src/dnsmasq-dhcp-script.sh new file mode 100644 index 0000000..167d229 --- /dev/null +++ b/src/dnsmasq-dhcp-script.sh
@@ -0,0 +1,64 @@
		1	#!/bin/sh
		2	. samizdat-paths.sh
		3	TFTP_ROOT=${samizdat_isolinux_dir}
		4	[ "$1 $4" = "tftp ${TFTP_ROOT}/linux/vmlinuz" ] \|\| exit
		5	# $2 is the length of the file
		6	CLIENT_IP=$3
		7
		8	# dnsmasq clears the environment. kiki needs at least $HOME
		9	export USER=root
		10	export MAIL=/var/mail/root
		11	export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
		12	export LANG=en_US.UTF-8
		13	export HOME=/root
		14	export LANGUAGE=en_US:en
		15	export LOGNAME=root
		16
		17	debug()
		18	{
		19	LOGDIR=/var/log/dnsmasq-dhcp-script
		20	mkdir -p "$LOGDIR"
		21	exec > "$LOGDIR/$$.log" 2>&1
		22	set -x
		23	}
		24
		25	new_child()
		26	{
		27	child_dir=$samizdat_child_dir/child.$$
		28	if [ -d "$child_dir" ]; then
		29	rmdir "$child_dir" \|\| exit 1
		30	fi
		31
		32	sh -x "$(which keygen.sh)" "$child_dir" \|\| return
		33	tar --exclude '*~' -zcf "$child_dir"/gnupghome.tar -C "$child_dir"/root/.gnupg . \|\| return
		34
		35	tftp_dir="${TFTP_ROOT}"/"$CLIENT_IP"
		36	if [ ! -d "$tftp_dir" ]; then
		37	ATOMIC=y
		38	dest_dir="$tftp_dir"~
		39
		40	# DNSMASQ DOCUMENTATION IS WRONG OMFG
		41	# Otherwise this symlink farm would be unnecessary
		42
		43	mkdir -p "$dest_dir"
		44	(cd "$dest_dir" && ln -sf ../* . && rm "$CLIENT_IP"~) \|\| return
		45	else
		46	dest_dir="$tftp_dir"
		47	fi
		48
		49	chown dnsmasq "$child_dir" "$child_dir"/gnupghome.tar
		50	ln -sf "$child_dir"/gnupghome.tar "$dest_dir"/
		51
		52	if [ "$ATOMIC" ]; then
		53	mv -T "$dest_dir" "$tftp_dir"
		54	fi
		55	}
		56
		57	cleanup_after_fail()
		58	{
		59	umount "$child_dir"
		60	rmdir "$child_dir"
		61	}
		62
		63	debug
		64	(new_child \|\| cleanup_after_fail) &


diff --git a/src/keygen.sh b/src/keygen.sh index 4c13e67..5b48512 100755 --- a/src/keygen.sh +++ b/src/keygen.sh
@@ -60,13 +60,19 @@ doublecheck()
60		60
61	silent()	61	silent()
62	{	62	{
		63	case "$-" in
		64	x) return ;;
		65	esac
		66	SILENT=y
63	exec 3>&1 4>&2	67	exec 3>&1 4>&2
64	exec >/dev/null 2>&1	68	exec >/dev/null 2>&1
65	}	69	}
66		70
67	noisy()	71	noisy()
68	{	72	{
69	exec >&3 2>&1	73	if [ "$SILENT" ]; then
		74	exec >&3 2>&1
		75	fi
70	}	76	}
71		77
72	new_child()	78	new_child()