diff options
-rwxr-xr-x | initramfs-tools/hooks/samizdat | 17 | ||||
-rw-r--r-- | initramfs-tools/scripts/samizdat | 28 | ||||
-rw-r--r-- | old-school/common.sh | 143 | ||||
-rwxr-xr-x | old-school/grok-block | 179 | ||||
-rwxr-xr-x | old-school/halt.montecarlo | 39 | ||||
-rwxr-xr-x | old-school/init | 60 | ||||
-rw-r--r-- | old-school/init.functions | 345 | ||||
-rwxr-xr-x | old-school/init.shutdown | 30 | ||||
-rw-r--r-- | old-school/lvm-create.sh | 393 | ||||
-rw-r--r-- | old-school/lvm.conf | 773 | ||||
-rwxr-xr-x | old-school/menu-select | 112 | ||||
-rwxr-xr-x | old-school/samizdat-cdrom-copy | 75 | ||||
-rwxr-xr-x | old-school/squashfs-size | 88 | ||||
-rwxr-xr-x | old-school/umountall.sh | 126 | ||||
-rwxr-xr-x | old-school/vol_id | 2 | ||||
-rw-r--r-- | vol_id.txt | 1 |
16 files changed, 2411 insertions, 0 deletions
diff --git a/initramfs-tools/hooks/samizdat b/initramfs-tools/hooks/samizdat new file mode 100755 index 0000000..d9e0974 --- /dev/null +++ b/initramfs-tools/hooks/samizdat | |||
@@ -0,0 +1,17 @@ | |||
1 | #!/bin/sh | ||
2 | [ "$1" = prereqs ] && { echo; exit; } | ||
3 | |||
4 | . /usr/share/initramfs-tools/hook-functions | ||
5 | |||
6 | for f in ./old-school/*; do | ||
7 | copy_exec "$f" /bin | ||
8 | done | ||
9 | |||
10 | path_execs='mountpoint' | ||
11 | for c in $path_execs; do | ||
12 | copy_exec "$(which $c)" /bin | ||
13 | done | ||
14 | |||
15 | copy_exec vol_id.txt /lib/samizdat/vol_id.txt | ||
16 | |||
17 | exit 0 | ||
diff --git a/initramfs-tools/scripts/samizdat b/initramfs-tools/scripts/samizdat index 81a38d5..3f2ee43 100644 --- a/initramfs-tools/scripts/samizdat +++ b/initramfs-tools/scripts/samizdat | |||
@@ -10,6 +10,34 @@ mountroot() | |||
10 | mount -o move /btrfs /root | 10 | mount -o move /btrfs /root |
11 | mkdir /root/cdrom | 11 | mkdir /root/cdrom |
12 | mount -o move /cdrom /root/cdrom | 12 | mount -o move /cdrom /root/cdrom |
13 | |||
13 | sed -i -e 's/^root:x:/root::/' /root/etc/passwd | 14 | sed -i -e 's/^root:x:/root::/' /root/etc/passwd |
15 | |||
16 | samizdat_install_udev_rules | ||
17 | |||
18 | openvt -c 13 sh | ||
19 | sleep 100 | ||
14 | set +x | 20 | set +x |
15 | } | 21 | } |
22 | |||
23 | samizdat_install_udev_rules() | ||
24 | { | ||
25 | mkdir -p /etc/udev/rules.d | ||
26 | echo 'ACTION=="add", SUBSYSTEM=="block", RUN+="/bin/grok-block $env{DEVNAME}"' \ | ||
27 | > /etc/udev/rules.d/z00_blockdev_mountroot.rules | ||
28 | |||
29 | # 'udevadm trigger --action=add' does not work here; need to restard udevd | ||
30 | # first. not sure why | ||
31 | samizdat_restart_udev | ||
32 | |||
33 | udevadm trigger -s block --action add | ||
34 | } | ||
35 | |||
36 | samizdat_restart_udev() | ||
37 | { | ||
38 | mkdir -p /var/log | ||
39 | ps aux|grep systemd-udevd | ||
40 | killall systemd-udevd | ||
41 | /lib/systemd/systemd-udevd --resolve-names=never --debug >/var/log/udevd-systemd.log 2>&1 & | ||
42 | udevadm hwdb --update # rule is not executed by 'udevadm trigger' otherwise. not sure why | ||
43 | } \ No newline at end of file | ||
diff --git a/old-school/common.sh b/old-school/common.sh new file mode 100644 index 0000000..c216d2a --- /dev/null +++ b/old-school/common.sh | |||
@@ -0,0 +1,143 @@ | |||
1 | #!/bin/sh | ||
2 | REQUIRED_MB=250 # minimum megabytes available to offer install | ||
3 | MENUFIFO=/menu.fifo | ||
4 | DEBUG=y | ||
5 | LOGBASE=/var/log | ||
6 | |||
7 | debug_log() | ||
8 | { | ||
9 | if [ -n "$DEBUG" ]; then | ||
10 | if [ -n "$1" ]; then | ||
11 | DEBUG_LOG=$LOGBASE/"$1".$$.log | ||
12 | else | ||
13 | DEBUG_LOG=$LOGBASE/$(basename $0).$$.log | ||
14 | fi | ||
15 | mkdir -p $LOGBASE | ||
16 | exec >>$DEBUG_LOG 2>&1 | ||
17 | set -x | ||
18 | fi | ||
19 | } | ||
20 | addmenu() | ||
21 | { | ||
22 | cat <<END >>$MENUFIFO # mind the tabs | ||
23 | setItem "$1" "dummy" "$2" "$3" | ||
24 | END | ||
25 | } | ||
26 | menutitle() | ||
27 | { | ||
28 | printf 'setTitle "%s"\n' "$1" >>$MENUFIFO | ||
29 | printf 'setWelcomeText "%s"\n' "$2" >>$MENUFIFO | ||
30 | } | ||
31 | bootmenu() | ||
32 | { | ||
33 | local do_trigger="$1" no_panic="$2" | ||
34 | /bin/openvt -f -c 7 -- dynmenu "$MENUFIFO" && | ||
35 | chvt 7 && | ||
36 | menutitle 'Samizdat\n\nAs the Internet develops there are\ntransitions in the management arrangements.\nThe time has come to take\na small step in one of those transitions.' 'Choose an installation target.' | ||
37 | # menutitle 'Samizdat\nfreedom from surveillance\nno trusted authorities' 'Choose an installation target.' | ||
38 | addmenu "ramdisk" "[ Boot to RAM without installing anything ]" "menu-select boot-ram" | ||
39 | if [ $? != 0 -a ! "$no_panic" ]; then | ||
40 | panic "error loading boot menu! the system won't be usable :(" | ||
41 | fi | ||
42 | if [ "$do_trigger" ]; then | ||
43 | udevadm trigger --subsystem-match=block --action=add | ||
44 | fi | ||
45 | } | ||
46 | find_squashfs_root() | ||
47 | { | ||
48 | # TODO: "make" puts the correct location in $iso_squashfs_dir. Get | ||
49 | # information into this function! | ||
50 | |||
51 | bootwait samizdat-cdrom | ||
52 | for dir in /cdrom/live /cdrom/liveos /cdrom/aptosid /cdrom/* | ||
53 | do | ||
54 | [ -d "$dir" ] || continue; | ||
55 | if [ -f "$dir"/filesystem.module ]; then | ||
56 | while read fs; do | ||
57 | [ -f "$dir"/"$fs" ] && echo "$dir" "$fs" | ||
58 | done < "$dir"/filesystem.module | ||
59 | return | ||
60 | fi | ||
61 | done | ||
62 | for fs in /cdrom/live/filesystem.squashfs /cdrom/live/grml-small.squashfs /cdrom/liveos/squashfs.img /cdrom/aptosid/aptosid.* /cdrom/*/*.squashfs | ||
63 | do | ||
64 | if [ -f "$fs" ]; then | ||
65 | echo "${fs%/*}" "${fs##*/}" | ||
66 | break | ||
67 | fi | ||
68 | done | ||
69 | } | ||
70 | xtrace() | ||
71 | { | ||
72 | case "$-" in | ||
73 | *x*) "$@" ;; | ||
74 | *) set -x; "$@"; set +x ;; | ||
75 | esac | ||
76 | } | ||
77 | sleepcmd() { | ||
78 | local t=$1 | ||
79 | shift | ||
80 | echo "about to run '$*' (in $t)" | ||
81 | sleep $t | ||
82 | "$@" | ||
83 | } | ||
84 | sleep_forever_verbose() { | ||
85 | sleep 4294967295 & | ||
86 | local sleep=$! | ||
87 | warn "sleeping until you kill $sleep..." | ||
88 | wait $sleep | ||
89 | } | ||
90 | warn() { [ -z "$warnings" ] || echo "$@" >&2; } | ||
91 | panic() | ||
92 | { | ||
93 | set +x | ||
94 | exec </dev/tty1 >/dev/tty1 2>&1 | ||
95 | reset | ||
96 | echo "[p$$] initramfs /init: fatal error: $@" | ||
97 | echo "[p$$] will now exec emergency shell" | ||
98 | export PS1="[p$$ \\w]# " | ||
99 | chvt 1 | ||
100 | exec /bin/sh -i | ||
101 | } | ||
102 | bootwait() | ||
103 | { | ||
104 | mkdir -p /bootwait | ||
105 | local i=$#; while [ $i -gt 0 ]; do | ||
106 | i=$((i-1)) | ||
107 | local f="$1"; shift; set -- "$@" "/bootwait/$f" | ||
108 | done | ||
109 | wait_for_files "$@" | ||
110 | } | ||
111 | bootdone() | ||
112 | { | ||
113 | mkdir -p /bootwait | ||
114 | local i=$#; while [ $i -gt 0 ]; do | ||
115 | i=$((i-1)) | ||
116 | local f="$1"; shift; set -- "$@" "/bootwait/$f" | ||
117 | done | ||
118 | touch "$@" | ||
119 | } | ||
120 | my_openvt() | ||
121 | { | ||
122 | /bin/openvt -c "$@" | ||
123 | } | ||
124 | |||
125 | # This runs before way before NTP and on a LiveCD we have no | ||
126 | # reason to trust the system clock. | ||
127 | gpg2_nobatch() { GPG_TTY=$(tty) command gpg2 --ignore-time-conflict --ignore-valid-from "$@"; } | ||
128 | gpg2() { gpg2_nobatch --batch "$@"; } | ||
129 | |||
130 | xcp() { if [ -f "$1" -a ! -f "$2" ]; then cp "$1" "$2"; fi; } | ||
131 | |||
132 | mountsquashes() | ||
133 | { | ||
134 | local name dirname basename | ||
135 | while read dirname basename && [ -d "$dirname" -a -f "$dirname/$basename" ]; do | ||
136 | name=${basename%.squashfs} | ||
137 | mkdir -p "/squashes/$name" || return 1 | ||
138 | xcp "$dirname"/filesystem.module /squashes/filesystem.module || return 1 | ||
139 | mountpoint -q "/squashes/$name" || | ||
140 | mount -o ro,loop "$dirname/$basename" "/squashes/$name" || return 1 | ||
141 | done | ||
142 | } | ||
143 | |||
diff --git a/old-school/grok-block b/old-school/grok-block new file mode 100755 index 0000000..3f45bb2 --- /dev/null +++ b/old-school/grok-block | |||
@@ -0,0 +1,179 @@ | |||
1 | #!/bin/sh | ||
2 | . common.sh | ||
3 | |||
4 | DEVNAME=$1 | ||
5 | case "$DEVNAME" in /dev/loop*|/dev/ram*|/dev/dm-*|/dev/md*) exit ;; esac | ||
6 | [ -b "$DEVNAME" ] || exit | ||
7 | |||
8 | debug_log "grok-block.${DEVNAME##*/}" | ||
9 | |||
10 | addmenu_choosekey() | ||
11 | { | ||
12 | dev=$1 | ||
13 | dir=$2 | ||
14 | addmenu "$dev//$dir" \ | ||
15 | "[ Use the GPG key on $dev ]" \ | ||
16 | "menu-select boot-gpg $dev $dir" | ||
17 | } | ||
18 | |||
19 | addmenu_repairhfs() | ||
20 | { | ||
21 | local device="$1" | ||
22 | addmenu "$device//reboot" \ | ||
23 | "[ Reboot into Mac OS X in order to repair disk $device ]" \ | ||
24 | "eject /cdrom; sleep 2; reboot -f" | ||
25 | addmenu "$device//fsck" \ | ||
26 | "[ (DANGEROUS) Try to repair errors on $device with fsck.hfsplus ]" \ | ||
27 | "/bin/openvt -sw -- sh -c 'fsck.hfsplus $device && remenu'" | ||
28 | } | ||
29 | |||
30 | addmenu_chooseroot() | ||
31 | { | ||
32 | local device="$1" loopfile="$2" | ||
33 | |||
34 | addmenu "$device//$loopfile" \ | ||
35 | "[ Boot the system on $device${loopfile:+ in file $(basename $loopfile)} ]" \ | ||
36 | "menu-select --fs=$ID_FS_TYPE boot-luks $device ${loopfile:-$device}" | ||
37 | } | ||
38 | |||
39 | addmenu_makeroot() | ||
40 | { | ||
41 | local device="$1" loopfile="$2" megs="$3" copy_cdrom="$4" | ||
42 | ( | ||
43 | addmenu "$device//$loopfile" \ | ||
44 | "[ Install Samizdat to $device (in file $(basename $loopfile)) ]" \ | ||
45 | "menu-select --fs=$ID_FS_TYPE boot-new $device $loopfile $megs $copy_cdrom" | ||
46 | ) & | ||
47 | } | ||
48 | |||
49 | retry_mount() | ||
50 | { | ||
51 | tries=20 | ||
52 | until mntout="$(mount "$@" 2>&1)" | ||
53 | do | ||
54 | tries=$(( tries - 1 )) | ||
55 | case "$mntout" in | ||
56 | *"Device or resource busy"*) | ||
57 | if [ $tries -le 0 ]; then | ||
58 | warn "mount $@ failed: $mntout" | ||
59 | return 1 | ||
60 | else | ||
61 | sleep 1 | ||
62 | continue | ||
63 | fi | ||
64 | ;; | ||
65 | *) | ||
66 | warn "mount $@ failed: $mntout" | ||
67 | break ;; | ||
68 | esac | ||
69 | done | ||
70 | } | ||
71 | |||
72 | gpg_verify() | ||
73 | { | ||
74 | bootwait samizdat-cdrom | ||
75 | gpg2 --lock-never --no-permission-warning --no-auto-check-trustdb --no-options --homedir /cdrom/samizdat/gpg/gnupghome --verify "$1" | ||
76 | } | ||
77 | is_lvm() | ||
78 | { | ||
79 | for n in 0 1 2 3; do | ||
80 | [ "LVM2 001" = "$(dd if="$1" bs=1 skip=$((512*n+24)) count=8 2>/dev/null)" ] && return 0 | ||
81 | done | ||
82 | return 1 | ||
83 | } | ||
84 | |||
85 | grok_block() | ||
86 | { | ||
87 | local mountpoint="/mnt/${DEVNAME##*/}" | ||
88 | |||
89 | mkdir -p "$mountpoint" | ||
90 | |||
91 | case "$ID_FS_TYPE" in | ||
92 | ntfs) mount_type='-t ntfs-3g' ;; | ||
93 | "") mount_type= ;; | ||
94 | *) mount_type="-t $ID_FS_TYPE" ;; | ||
95 | esac | ||
96 | |||
97 | if [ "$ID_FS_TYPE" = hfsplus ] && ! fsck.hfsplus -q "$DEVNAME"; then | ||
98 | (if fsck.hfsplus "$DEVNAME"; then | ||
99 | grok-block "$DEVNAME" | ||
100 | else | ||
101 | addmenu_repairhfs "$DEVNAME" | ||
102 | fi) & | ||
103 | return | ||
104 | fi | ||
105 | |||
106 | if ! mountpoint -q "$mountpoint"; then | ||
107 | retry_mount $mount_type -o ro "$DEVNAME" "$mountpoint" | ||
108 | fi | ||
109 | |||
110 | if mountpoint -q "$mountpoint"; then | ||
111 | umount=true | ||
112 | # Device has an unencrypted filesystem on it. | ||
113 | # So we mount it and look for loop-back overlays. | ||
114 | |||
115 | if [ -d "$mountpoint/samizdat.gpg" ]; then | ||
116 | # check the key somehow? | ||
117 | addmenu_choosekey "$DEVNAME" "$mountpoint/samizdat.gpg" | ||
118 | fi | ||
119 | |||
120 | N=1; while [ -e "$mountpoint/samizdat.$N" ] | ||
121 | do | ||
122 | if gpg_verify "$mountpoint/samizdat.$N"k; then | ||
123 | addmenu_chooseroot "$DEVNAME" "$mountpoint/samizdat.$N" | ||
124 | # this menu entry chooses the root fs, and should prompt and wait for the matching key | ||
125 | umount=false | ||
126 | fi | ||
127 | N=$((N+1)) | ||
128 | done | ||
129 | |||
130 | freeblocks=$(stat -f -c %f "$mountpoint") | ||
131 | blocksize=$(stat -f -c %S "$mountpoint") | ||
132 | freemegs=$((freeblocks * blocksize / 1024 / 1024)) | ||
133 | |||
134 | if [ "$freemegs" -ge 300 ]; then | ||
135 | |||
136 | umount=false | ||
137 | bootwait samizdat-cdrom | ||
138 | cdromblocks=$(stat -f -c %b /cdrom) | ||
139 | cdromblocksize=$(stat -f -c %S /cdrom) | ||
140 | cdrommegs=$((cdromblocks * cdromblocksize / 1024 / 1024)) | ||
141 | |||
142 | if [ "$freemegs" -ge "$((cdrommegs * 3))" ]; then | ||
143 | addmenu_makeroot "$DEVNAME" "${mountpoint}/samizdat.$N" "$((cdrommegs * 3))" 1 | ||
144 | elif [ "$freemegs" -ge "$((cdrommegs * 2))" ]; then | ||
145 | addmenu_makeroot "$DEVNAME" "${mountpoint}/samizdat.$N" "$((cdrommegs * 2))" 1 | ||
146 | elif [ "$freemegs" -ge "$cdrommegs" ]; then | ||
147 | addmenu_makeroot "$DEVNAME" "${mountpoint}/samizdat.$N" "$((freemegs / 2))" 0 | ||
148 | fi | ||
149 | fi | ||
150 | |||
151 | if $umount; then | ||
152 | umount "$mountpoint" | ||
153 | rmdir "$mountpoint" | ||
154 | fi | ||
155 | else | ||
156 | rmdir "$mountpoint" | ||
157 | fi | ||
158 | } | ||
159 | |||
160 | # Get me all them nice udev variables | ||
161 | eval "$(PATH=$PATH:/lib/udev vol_id "$DEVNAME" | | ||
162 | sed "s/'/'\\\\''/; s/=\(.*\)/='\1'/" | ||
163 | )" | ||
164 | |||
165 | CDROM_ID_FS_UUID_ENC='73256269-4002-4e42-adbd-0e49ed1c7438' | ||
166 | CDROM_ID_FS_LABEL_ENC=$(sed 's/ /\\x20/g' /lib/samizdat/vol_id.txt) | ||
167 | if [ "$ID_FS_UUID_ENC" = "$CDROM_ID_FS_UUID_ENC" -o \ | ||
168 | "$ID_FS_LABEL_ENC" = "$CDROM_ID_FS_LABEL_ENC" ] | ||
169 | then | ||
170 | # Recognize and mount the Samizdat | ||
171 | if ! mountpoint -q /cdrom; then | ||
172 | mkdir -p /cdrom | ||
173 | (retry_mount -t iso9660 -r "$DEVNAME" /cdrom && bootdone samizdat-cdrom) & | ||
174 | fi | ||
175 | else | ||
176 | grok_block & | ||
177 | fi | ||
178 | |||
179 | # vim:set et sw=2: | ||
diff --git a/old-school/halt.montecarlo b/old-school/halt.montecarlo new file mode 100755 index 0000000..67dac17 --- /dev/null +++ b/old-school/halt.montecarlo | |||
@@ -0,0 +1,39 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | cmd=${0##*/} | ||
4 | dashf= | ||
5 | for arg in "$@"; do | ||
6 | case "$arg" in -*f*) dashf=1 ;; esac | ||
7 | case "$arg" in -*p*) [ "$cmd" = halt ] && cmd=poweroff ;; esac | ||
8 | done | ||
9 | |||
10 | [ "$dashf" ] || exec -a "$0" /sbin/halt.distrib "$@" | ||
11 | |||
12 | read pids < /run/sendsigs.omit.d/samizdat | ||
13 | for p in $pids; do | ||
14 | if [ -e /proc/$p/root -a ! /proc/$p/root -ef / ]; then | ||
15 | initramfs=/proc/$p/root | ||
16 | break | ||
17 | fi | ||
18 | done | ||
19 | |||
20 | panic() | ||
21 | { | ||
22 | set -x | ||
23 | sync | ||
24 | exec -a "$0" /sbin/halt.distrib "$@" | ||
25 | } | ||
26 | |||
27 | [ "$initramfs" ] || panic | ||
28 | |||
29 | cp /sbin/init $initramfs/telinit | ||
30 | |||
31 | # Apparently, linux does not allow a direct bind mount of a file on | ||
32 | # the initramfs. Therefore, copy the file from the initramfs and bind | ||
33 | # mount the copy. | ||
34 | |||
35 | mount -o remount,exec /run | ||
36 | cp $initramfs/lib/samizdat/init.shutdown /run/ && mount --bind /run/init.shutdown /sbin/init || panic | ||
37 | |||
38 | echo $cmd -f > $initramfs/halt | ||
39 | $initramfs/telinit u | ||
diff --git a/old-school/init b/old-school/init new file mode 100755 index 0000000..3b62c0a --- /dev/null +++ b/old-school/init | |||
@@ -0,0 +1,60 @@ | |||
1 | #!/bin/sh | ||
2 | PATH=$PATH:/usr/lib/klibc/bin | ||
3 | #if [ $$ = 1 ]; then | ||
4 | # "$0" "$@" | ||
5 | # exec sh -i | ||
6 | #fi | ||
7 | . init.functions | ||
8 | warnings=y | ||
9 | |||
10 | debug_log init | ||
11 | mountvirt | ||
12 | klogd -c1 # no kernel messages | ||
13 | |||
14 | mkdir -p "$LOGBASE" | ||
15 | sh -c "syslogd -O '$LOGBASE'/"'syslogd.$$.log'; | ||
16 | if [ "$DEBUG" != y ]; then | ||
17 | echo 0 > /proc/sys/kernel/printk | ||
18 | fi | ||
19 | |||
20 | makedev | ||
21 | loadenv | ||
22 | |||
23 | if [ -x /bin/kmod ]; then | ||
24 | ln -sf /bin/kmod /bin/depmod | ||
25 | /bin/depmod -a | ||
26 | else | ||
27 | depmod -a | ||
28 | fi | ||
29 | |||
30 | PS1='[$$ \w]# ' my_openvt 8 -- sh -i | ||
31 | |||
32 | mkfifo "$MENUFIFO" || panic "mkfifo '$MENUFIFO' failed" | ||
33 | bootmenu | ||
34 | mkdir -p /etc/udev/rules.d | ||
35 | cat <<END >/etc/udev/rules.d/z00_blockdev_mountroot.rules | ||
36 | ACTION=="add", SUBSYSTEM=="block", RUN+="/bin/grok-block \$env{DEVNAME}" | ||
37 | END | ||
38 | |||
39 | start_udev | ||
40 | mountunionroot | ||
41 | |||
42 | bootwait rw-overlay | ||
43 | # killeverything | ||
44 | # nuke /dev/.udev/queue/ | ||
45 | stop_udev | ||
46 | insertoverlay | ||
47 | |||
48 | movemounts | ||
49 | gpg_agent_chroot | ||
50 | patchroot | ||
51 | clear >/dev/tty1 | ||
52 | chvt 1 | ||
53 | [ -e /do-delay-boot ] && bootwait 'launch-init-ready' | ||
54 | launch_init "$@" | ||
55 | |||
56 | # unreachable since launch_init will panic on failure | ||
57 | panic 'inconceivable!' | ||
58 | exec >/dev/tty1 2>&1 <&1 | ||
59 | reset | ||
60 | exec sh -i | ||
diff --git a/old-school/init.functions b/old-school/init.functions new file mode 100644 index 0000000..3b5027b --- /dev/null +++ b/old-school/init.functions | |||
@@ -0,0 +1,345 @@ | |||
1 | #!/bin/sh | ||
2 | . common.sh | ||
3 | mountvirt() | ||
4 | { | ||
5 | # TODO: simply put these dirs on the initrd itself | ||
6 | mkdir -m 0755 -p /dev /sys /proc /tmp /var /run | ||
7 | mkdir -m 0700 -p /root | ||
8 | |||
9 | mount -t sysfs -o nodev,noexec,nosuid none /sys | ||
10 | mount -t proc -o nodev,noexec,nosuid none /proc | ||
11 | tmpfs_size="10M" | ||
12 | # [ -f /etc/udev/udev.conf ] && . /etc/udev/udev.conf | ||
13 | mount -t tmpfs -o size=$tmpfs_size,mode=0755 udev /dev | ||
14 | mount -t tmpfs -o size=64M,mode=0755 run /run | ||
15 | mkdir -m 0755 /dev/pts /run/lock | ||
16 | mount -t devpts devpts /dev/pts | ||
17 | ln -s /run /run/lock /var/ | ||
18 | } | ||
19 | makedev() | ||
20 | { | ||
21 | # TODO: simply put these nodes on the initrd itself | ||
22 | mkdir -m 0755 -p /dev | ||
23 | mknod /dev/null c 1 3 | ||
24 | mknod /dev/zero c 1 5 | ||
25 | mknod /dev/tty c 5 0 | ||
26 | if [ "$FUCK_devconsole" ]; then # FUCK /dev/console | ||
27 | mknod /dev/console c 4 1 # tty1 is console; a saner alternative (TODO: fix shutdown to chvt) | ||
28 | else | ||
29 | mknod /dev/console c 5 1 | ||
30 | fi | ||
31 | for i in 0 1 2 3 4 5 6 7 8; do | ||
32 | mknod /dev/tty${i} c 4 ${i} | ||
33 | done | ||
34 | # TODO: wait for udev? pft. | ||
35 | for i in 0 1 2 3 4 5 6 7; do | ||
36 | mknod /dev/loop${i} b 7 ${i} | ||
37 | done | ||
38 | } | ||
39 | loadenv() | ||
40 | { | ||
41 | # TODO: filter the wheat from the chaff here; most of this is unused. | ||
42 | # TODO: implement the various boot args | ||
43 | |||
44 | # Load config files | ||
45 | # export DPKG_ARCH= | ||
46 | # . /conf/arch.conf | ||
47 | # export ROOT= | ||
48 | # . /conf/initramfs.conf | ||
49 | # for conf in conf/conf.d/*; do | ||
50 | # [ -f ${conf} ] && . ${conf} | ||
51 | # done | ||
52 | # Make modprobe quiet | ||
53 | export MODPROBE_OPTIONS="-qb" | ||
54 | # Export constants | ||
55 | export rootmnt=/root | ||
56 | # Export bootparam variables | ||
57 | export init=/sbin/init | ||
58 | export readonly=y | ||
59 | export blacklist= | ||
60 | |||
61 | # Parse command line options | ||
62 | for x in $(cat /proc/cmdline); do | ||
63 | case $x in | ||
64 | init=*) init=${x#init=} ;; | ||
65 | root=*) | ||
66 | ROOT=${x#root=} | ||
67 | case $ROOT in | ||
68 | LABEL=*) ROOT="/dev/disk/by-label/${ROOT#LABEL=}" ;; | ||
69 | UUID=*) ROOT="/dev/disk/by-uuid/${ROOT#UUID=}" ;; | ||
70 | /dev/nfs) [ -z "${BOOT}" ] && BOOT=nfs ;; | ||
71 | esac | ||
72 | ;; | ||
73 | rootflags=*) ROOTFLAGS="-o ${x#rootflags=}" ;; | ||
74 | rootfstype=*) ROOTFSTYPE="${x#rootfstype=}" ;; | ||
75 | ro) readonly=y ;; | ||
76 | rw) readonly=n ;; | ||
77 | |||
78 | nfsroot=*) NFSROOT="${x#nfsroot=}" ;; | ||
79 | ip=*) IPOPTS="${x#ip=}" ;; | ||
80 | boot=*) BOOT=${x#boot=} ;; | ||
81 | |||
82 | resume=*) RESUME="${x#resume=}" ;; | ||
83 | noresume) noresume=y ;; | ||
84 | blacklist=*) blacklist=${x#blacklist=} ;; | ||
85 | |||
86 | hostname=*) | ||
87 | hostname=${x#hostname=} | ||
88 | hostname "$hostname" | ||
89 | ;; | ||
90 | bootcd_device=*) bootcd_device=${x#bootcd_device=} | ||
91 | mkdir -p /cdrom && | ||
92 | mount -r -t hostfs -o "${bootcd_device#hostfs=}" hostfs /cdrom && | ||
93 | bootdone samizdat-cdrom | ||
94 | ;; | ||
95 | overlay_device=*) overlay_device=${x#overlay_device=} | ||
96 | mkdir -p /overlay && | ||
97 | mount -t hostfs -o "${overlay_device#hostfs=}" hostfs /overlay && | ||
98 | bootdone rw-overlay | ||
99 | ;; | ||
100 | uml_modules=*) uml_modules=${x#uml_modules=} | ||
101 | mount -t hostfs -o "${uml_modules#hostfs=}" hostfs /lib/modules ;; | ||
102 | esac | ||
103 | done | ||
104 | |||
105 | if [ -z "${noresume}" ]; then | ||
106 | export resume=${RESUME} | ||
107 | else | ||
108 | export noresume | ||
109 | fi | ||
110 | } | ||
111 | mountunionroot() | ||
112 | { | ||
113 | bootwait samizdat-cdrom squashfs-root | ||
114 | |||
115 | ufs= | ||
116 | if grep -q aufs /proc/filesystems || modprobe aufs; then | ||
117 | ufs=aufs | ||
118 | elif grep -q unionfs /proc/filesystems || modprobe unionfs; then | ||
119 | ufs=unionfs | ||
120 | fi | ||
121 | |||
122 | case $ufs in | ||
123 | unionfs) ro=ro;; | ||
124 | aufs) ro=rr;; | ||
125 | *) panic "mountunionroot: unionfs module not found";; | ||
126 | esac | ||
127 | |||
128 | dirs=; | ||
129 | if [ -f /squashes/filesystem.module ]; then | ||
130 | while read img; do | ||
131 | d=/squashes/"${img%.squashfs}" | ||
132 | mountpoint -q /squashes/"${img%.squashfs}" || continue; | ||
133 | dirs="$d=$ro${dirs:+:$dirs}" | ||
134 | done < /squashes/filesystem.module | ||
135 | else | ||
136 | for d in /squashes/*; do | ||
137 | mountpoint -q "$d" || continue | ||
138 | dirs="$d=$ro${dirs:+:$dirs}" | ||
139 | done | ||
140 | fi | ||
141 | [ -n "$dirs" ] || | ||
142 | panic "no squashes. missing/broken images on cdrom?" | ||
143 | |||
144 | if true; then | ||
145 | # overlay_tmp=$(mktemp -d /overlay.XXXXXX) && | ||
146 | overlay_tmp=/overlay.$$ && mkdir -p $overlay_tmp && | ||
147 | mount -t tmpfs tmpfs $overlay_tmp && | ||
148 | touch $overlay_tmp/samizdat-filesystem-is-new | ||
149 | dirs="$overlay_tmp:$dirs" || | ||
150 | { rmdir $overlay_tmp; | ||
151 | panic "mountunionroot: failure creating tmpfs overlay"; } | ||
152 | fi | ||
153 | |||
154 | mount -t $ufs -o rw,dirs="$dirs" $ufs "$rootmnt" || | ||
155 | panic "mountunionroot: $ufs: mount (dirs=$dirs): error: $?" | ||
156 | } | ||
157 | insertoverlay() # TODO: copy-up and umount tmpfs. MASSIVELY IMPORTANT! | ||
158 | { | ||
159 | if ! mountpoint -q /overlay; then | ||
160 | # rw-overlay was signalled without a mount on /overlay | ||
161 | # thus, boot with the current tmpfs overlay | ||
162 | mkdir -p /overlay | ||
163 | mount -o move $overlay_tmp /overlay | ||
164 | return 0 | ||
165 | fi | ||
166 | |||
167 | ufs=$(sed -ne 's?^[^ ]* '"$rootmnt"' \(unionfs\|aufs\) .*?\1?p' /proc/mounts) | ||
168 | |||
169 | case $ufs in | ||
170 | unionfs) | ||
171 | panic 'insertoverlay: TODO: implement unionfs support' | ||
172 | |||
173 | mount -o remount,rw,add=/overlay "$rootmnt" || | ||
174 | panic "insertoverlay: remount unionfs (add=/overlay): error: $?" | ||
175 | |||
176 | #mount -o remount,del=$overlay_tmp && # NO, WRONG, COPY-UP FIRST | ||
177 | #umount $overlay_tmp && rmdir $overlay_tmp | ||
178 | ;; | ||
179 | aufs) | ||
180 | mount -o remount,rw,prepend:/overlay=rw "$rootmnt" || | ||
181 | panic "insertoverlay: remount aufs (prepend:/overlay=rw): error: $?" | ||
182 | |||
183 | mount -o remount,mod:"$overlay_tmp"=ro+wh "$rootmnt" || | ||
184 | panic "insertoverlay: couldn't set aufs branch read-only: $overlay_tmp" | ||
185 | |||
186 | # copy everything the user reads (not just writes) to the overlay | ||
187 | # (this is appropriate for CD-ROM but not testing. TODO: enable) | ||
188 | #mount -o remount,coo=all "$rootmnt" | ||
189 | |||
190 | mkdir -p "$rootmnt"/xino && mount -o move "$overlay_tmp" "$rootmnt"/xino || | ||
191 | panic "insertoverlay: couldn't move mount $overlay_tmp to $rootmnt/xino" | ||
192 | ;; | ||
193 | *) panic "insertoverlay: unrecognized filesystem ($ufs)";; | ||
194 | esac | ||
195 | |||
196 | bootdone root-mounted | ||
197 | } | ||
198 | AppendIfNoSuchLine() | ||
199 | { | ||
200 | local filename="$1" | ||
201 | shift | ||
202 | if grep -vqF "$1" < "$filename"; then | ||
203 | printf '%s\n' "$@" >> "$filename" | ||
204 | fi | ||
205 | } | ||
206 | gpg_agent_chroot() | ||
207 | { | ||
208 | chroot "$rootmnt" sh -c \ | ||
209 | 'export PATH=/usr/local/sbin:/usr/local/bin:$PATH; | ||
210 | killall gpg-agent; | ||
211 | samizdat-gpg-agent; | ||
212 | killall -USR2 samizdat-pinentry;' | ||
213 | } | ||
214 | remove_squashfs_mistakes() | ||
215 | { | ||
216 | # Workaround for bad samizdat-generated upstream squashfs: | ||
217 | rm -f "$rootmnt"/etc/ipsec.conf | ||
218 | rm -rf "$rootmnt"/etc/samizdat/samizdat-receive-hooks | ||
219 | rm -f "$rootmnt"/etc/adjtime | ||
220 | } | ||
221 | patchroot() | ||
222 | { | ||
223 | test -e "$rootmnt"/samizdat-filesystem-is-new || return | ||
224 | echo Patching livecd root -- $(date) >> /dev/tty7 | ||
225 | rm -f /dev/console; mknod /dev/console c 4 1 | ||
226 | |||
227 | remove_squashfs_mistakes | ||
228 | |||
229 | if [ -e /etc/adjtime -a ! -e "$rootmnt"/etc/adjtime ]; then | ||
230 | cp /etc/adjtime "$rootmnt"/etc/adjtime | ||
231 | fi | ||
232 | |||
233 | if [ -f "$rootmnt"/cdrom/samizdat/skel.tgz ]; then | ||
234 | chroot "$rootmnt" bin/tar -C / --no-same-owner -zxf /cdrom/samizdat/skel.tgz | ||
235 | fi | ||
236 | chroot "$rootmnt" hostname -F /etc/hostname | ||
237 | |||
238 | chroot "$rootmnt" update-rc.d samizdat-pids start 15 S | ||
239 | |||
240 | # We need debian-tor user so that hidden service directory can have the right owner | ||
241 | chroot "$rootmnt" adduser --quiet --system --disabled-password --home /var/lib/tor \ | ||
242 | --no-create-home --shell /bin/bash --group debian-tor | ||
243 | |||
244 | # TODO: check errors here | ||
245 | chroot "$rootmnt" sh -c \ | ||
246 | 'export PATH=/usr/local/sbin:/usr/local/bin:"$PATH" GNUPGHOME=/gpg/gnupghome verbose=1; | ||
247 | samizdat-receive -v < /cdrom/samizdat/secrets.mime && samizdat-receive -v < /cdrom/samizdat/public.mime' | ||
248 | |||
249 | for diversion in /etc/kernel/postinst.d/initramfs-tools /etc/init.d/live-boot /sbin/halt; do | ||
250 | chroot "$rootmnt" dpkg-divert --rename --package samizdat --add "$diversion" | ||
251 | done | ||
252 | cp /bin/halt.montecarlo "$rootmnt"/sbin/halt | ||
253 | |||
254 | if ! [ -f "$rootmnt"/var/lib/dpkg/info/linux-image-"$(uname -r)".list ]; then | ||
255 | chroot "$rootmnt" sh -c \ | ||
256 | 'dpkg --fsys-tarfile /cdrom/samizdat/debs/linux-image-$(uname -r)_*.deb | tar -C / -x; depmod -a' | ||
257 | fi | ||
258 | |||
259 | # disable some of GRML's many consoles. | ||
260 | # sed -i -e 's/^\([3456789]\|1[012]\):/#\1:/' "$rootmnt"/etc/inittab | ||
261 | # sed -i -e 's/^NUM_CONSOLES=12/NUM_CONSOLES=0/' "$rootmnt"/usr/bin/zsh-login | ||
262 | |||
263 | # these GRML scripts implement a "sendsigs" which does not respect omit.d | ||
264 | sed -i -e 's/^\(l0:.*\)grml-halt$/\1rc 0/' "$rootmnt"/etc/inittab | ||
265 | sed -i -e 's/^\(l6:.*\)grml-reboot$/\1rc 6/' "$rootmnt"/etc/inittab | ||
266 | chroot "$rootmnt" update-rc.d sendsigs stop 20 0 6 | ||
267 | |||
268 | echo Done patching livecd root -- $(date) >>/dev/tty7 | ||
269 | rm "$rootmnt"/samizdat-filesystem-is-new | ||
270 | } | ||
271 | movemounts() | ||
272 | { | ||
273 | # Move mounted filesystems to the root filesystem | ||
274 | while read dev mp rest; do | ||
275 | case "$mp" in | ||
276 | "$rootmnt"|"$rootmnt"/*|/|/proc|/dev|/dev/pts|/sys) continue ;; | ||
277 | /mnt.samizdat.*) | ||
278 | #umount -l "$mp" | ||
279 | target="$rootmnt/media/${dev##*/}" | ||
280 | ;; | ||
281 | /overlay.*) umount -l $mp; continue ;; | ||
282 | *) target="$rootmnt$mp" ;; | ||
283 | esac | ||
284 | mkdir -p "$target" | ||
285 | mount -n -o move "$mp" "$target" | ||
286 | done </proc/mounts | ||
287 | mount --rbind /dev "$rootmnt"/dev | ||
288 | mount --bind /proc "$rootmnt"/proc | ||
289 | ln -sf /proc/mounts "$rootmnt"/etc/mtab | ||
290 | } | ||
291 | launch_init() | ||
292 | { | ||
293 | # bad init= command line? | ||
294 | if [ ! -x "$rootmnt$init" ]; then | ||
295 | panic "init does not exist or is not executable (init=$init)" | ||
296 | fi | ||
297 | ln -sf /proc/mounts "$rootmnt"/etc/mtab | ||
298 | export CONSOLE=/dev/tty1 | ||
299 | exec chroot "$rootmnt" "$init" "$@" <"$rootmnt$CONSOLE" >"$rootmnt$CONSOLE" 2>&1 | ||
300 | panic "exec init failed (init=$init)" | ||
301 | # exec run-init -c "$CONSOLE" "$rootmnt" "$init" "$@" | ||
302 | # panic "exec run-init failed (init=$init)" | ||
303 | } | ||
304 | start_udev() | ||
305 | { | ||
306 | echo > /proc/sys/kernel/hotplug | ||
307 | mkdir -p /dev/.udev/db/ /dev/.udev/queue/ | ||
308 | # mkdir -p "$LOGBASE"; sh -c "udevd --resolve-names=never --debug >$LOGBASE/udevd."'$$'".log 2>&1" & | ||
309 | udevd --resolve-names=never --daemon | ||
310 | udevadm trigger --action=add | ||
311 | # udevadm settle | ||
312 | } | ||
313 | stop_udev() | ||
314 | { | ||
315 | for proc in /proc/[0-9]*; do | ||
316 | [ -x $proc/exe ] || continue | ||
317 | [ "$(readlink $proc/exe)" = /sbin/udevd ] && kill ${proc#/proc/} | ||
318 | done | ||
319 | # ignore any failed event because the init script will trigger again all events | ||
320 | nuke /dev/.udev/queue/ | ||
321 | } | ||
322 | killeverything() | ||
323 | { | ||
324 | # TODO: exempt: interactive shell(s) (AND CHILDREN) (or: anything with | ||
325 | # a tty?), samizdat-agent, fsck(!!), ...? | ||
326 | |||
327 | # exempt_cmdline="$(printf "sh\0-i\0")" | ||
328 | force= | ||
329 | while true; do | ||
330 | killme= | ||
331 | for proc in /proc/[0-9]*; do | ||
332 | [ $proc != /proc/1 -a $proc != /proc/$$ -a -x $proc/exe ] || continue | ||
333 | # [ "$(cat $proc/cmdline)" != "$exempt_cmdline" ] || continue | ||
334 | read pid tcomm state ppid pgrp sid tty_nr tty_pgrp rest < $proc/stat | ||
335 | [ $tty_nr = 0 ] || continue | ||
336 | killme="$killme ${proc#/proc/}" | ||
337 | done | ||
338 | if [ -n "$killme" ]; then | ||
339 | kill $force $killme | ||
340 | else | ||
341 | break | ||
342 | fi | ||
343 | force=-KILL | ||
344 | done | ||
345 | } | ||
diff --git a/old-school/init.shutdown b/old-school/init.shutdown new file mode 100755 index 0000000..6bfce84 --- /dev/null +++ b/old-school/init.shutdown | |||
@@ -0,0 +1,30 @@ | |||
1 | #!/bin/sh | ||
2 | read omitpids < /run/sendsigs.omit.d/samizdat | ||
3 | for pid in $omitpids; do | ||
4 | if [ -e /proc/$pid/root ]; then | ||
5 | initroot=/proc/$pid/root | ||
6 | break | ||
7 | fi | ||
8 | done | ||
9 | |||
10 | warn() { echo "$*" >/dev/console; } | ||
11 | error() { umount /sbin/init; exec /sbin/init; } | ||
12 | |||
13 | [ -e "$initroot" ] || error | ||
14 | |||
15 | if [ $$ != 1 ]; then | ||
16 | exec $initroot/init "$@" | ||
17 | else | ||
18 | set -- | ||
19 | for pid in $omitpids; do | ||
20 | set -- "$@" -o $pid | ||
21 | done | ||
22 | if killall5 -15 "$@"; then | ||
23 | sleep 5 | ||
24 | killall5 -9 "$@" | ||
25 | fi | ||
26 | exec <$initroot/dev/console >$initroot/dev/console 2>$initroot/dev/console | ||
27 | exec chroot $initroot umountall.sh | ||
28 | |||
29 | error | ||
30 | fi | ||
diff --git a/old-school/lvm-create.sh b/old-school/lvm-create.sh new file mode 100644 index 0000000..22016f5 --- /dev/null +++ b/old-school/lvm-create.sh | |||
@@ -0,0 +1,393 @@ | |||
1 | #!/bin/sh | ||
2 | : ${ROOT_MKFS_CMD:=mkfs.ext4 -q} | ||
3 | : ${ROOT_FS_TYPE:=ext4} | ||
4 | |||
5 | losetup() { /sbin/losetup "$@"; } | ||
6 | |||
7 | lvm() | ||
8 | { | ||
9 | # get rid of warnings from lvm because we are holding open these fds | ||
10 | command lvm "$@" 3>&- 4>&- | ||
11 | } | ||
12 | |||
13 | luks_secret() | ||
14 | { | ||
15 | local parms=$-; # this junk keeps set -x from being too annoying | ||
16 | set +x | ||
17 | [ -n "$luks_secret" ] || luks_secret="$(head -c256 /dev/urandom)" | ||
18 | printf %s "$luks_secret" | ||
19 | case $parms in *x*) set -x; set -x ;; esac | ||
20 | } | ||
21 | |||
22 | mount_squashfs_images() | ||
23 | { | ||
24 | modprobe squashfs | ||
25 | find_squashfs_root | while read dirname basename; do | ||
26 | [ -n "$dirname" -a -n "$basename" ] || continue | ||
27 | local f="$dirname/$basename" | ||
28 | [ -f "$f" ] || return | ||
29 | local name=${basename%.squashfs} | ||
30 | mkdir -p /squashes/$name | ||
31 | mount -r -o loop "$f" /squashes/$name | ||
32 | done | ||
33 | bootdone squashfs-root | ||
34 | } | ||
35 | |||
36 | lv_exists() | ||
37 | { | ||
38 | [ -n "$1" ] && lvm lvs "$1" >/dev/null 2>&1 | ||
39 | } | ||
40 | |||
41 | floor4() | ||
42 | { | ||
43 | # Negatives round up, but aren't used. | ||
44 | echo $(($1 / 4 * 4)) | ||
45 | } | ||
46 | |||
47 | ceil4() | ||
48 | { | ||
49 | local x="$1" | ||
50 | [ $((x % 4)) -eq 0 ] || x=$((x + 4 - x % 4)) | ||
51 | printf '%d\n' "$x" | ||
52 | } | ||
53 | |||
54 | vgfree_megs() | ||
55 | { | ||
56 | local vg="$1" out | ||
57 | out=$(lvm vgs -o pv_free --noheadings --nosuffix --units m "$vg") || return | ||
58 | echo ${out%.*} | ||
59 | } | ||
60 | |||
61 | init_samizdat_lvs() | ||
62 | { | ||
63 | local megs_free cdrom_dev cdrom_sectors cdrom_megs root_megs | ||
64 | megs_free=$(vgfree_megs samizdat) || return | ||
65 | cdrom_dev="$(mountpoint_to_dev /cdrom)" || return | ||
66 | cdrom_sectors=$(blockdev --getsz "$cdrom_dev") || return | ||
67 | cdrom_megs=$(ceil4 $(( cdrom_sectors / 2048 ))) | ||
68 | root_megs=$(floor4 $(( megs_free - cdrom_megs ))) | ||
69 | |||
70 | if [ $root_megs -le 0 ]; then # No room for cdrom mirror. Oh well, charge forward. | ||
71 | root_megs=$megs_free | ||
72 | fi | ||
73 | |||
74 | lvm lvcreate -Z n -L ${root_megs}m -n root samizdat || return | ||
75 | $ROOT_MKFS_CMD /dev/mapper/samizdat-root || return | ||
76 | } | ||
77 | |||
78 | mount_aufs_branches() | ||
79 | { | ||
80 | local new="$1" | ||
81 | |||
82 | mkdir /overlay | ||
83 | mount -t${ROOT_FS_TYPE} /dev/mapper/samizdat-root /overlay || return | ||
84 | |||
85 | if [ "$new" ]; then | ||
86 | cp -a /gpg /overlay || return | ||
87 | touch /overlay/samizdat-filesystem-is-new | ||
88 | fi | ||
89 | bootdone rw-overlay | ||
90 | mirror_cdrom || return | ||
91 | mount_squashfs_images || return | ||
92 | } | ||
93 | |||
94 | init_samizdat() | ||
95 | { | ||
96 | local imgfile="$1" megs="$2" keyfile="$3" dev | ||
97 | |||
98 | init_samizdat_vg "$imgfile" "$megs" "$keyfile" || return | ||
99 | init_samizdat_lvs || return | ||
100 | |||
101 | mount_aufs_branches new | ||
102 | } | ||
103 | |||
104 | open_samizdat() | ||
105 | { | ||
106 | open_samizdat_vg "$@" || return | ||
107 | |||
108 | lvs=$(lvm lvs --separator / samizdat -o vg_name,lv_name --noheadings) || return | ||
109 | lvm lvchange -ay $lvs || return | ||
110 | |||
111 | mount_aufs_branches | ||
112 | } | ||
113 | |||
114 | init_samizdat_lodev() | ||
115 | { | ||
116 | local imgfile="$1" megs=$(ceil4 "$2") | ||
117 | truncate -s ${megs}M "$imgfile" || return | ||
118 | dev=$(losetup -f) && losetup "$dev" "$imgfile" || return | ||
119 | echo "$dev" | ||
120 | } | ||
121 | |||
122 | open_samizdat_vg() | ||
123 | { | ||
124 | local imgfile="$1" keyfile="$2" dev | ||
125 | local cryptname=samizdatcrypt | ||
126 | dev=$(losetup -f) && losetup "$dev" "$imgfile" || return | ||
127 | |||
128 | gpg2 --verify "$keyfile" || return | ||
129 | # The first --decrypt merely strips the signature. The option is | ||
130 | # poorly named for that case. | ||
131 | gpg2 --decrypt "$keyfile" | gpg2 --decrypt | cryptsetup --key-file - luksOpen "$dev" "$cryptname" || return | ||
132 | |||
133 | [ -b /dev/mapper/"$cryptname" ] || return | ||
134 | |||
135 | } | ||
136 | |||
137 | init_samizdat_vg() | ||
138 | { | ||
139 | local imgfile="$1" megs="$2" keyfile="$3" dev | ||
140 | local cryptname=samizdatcrypt | ||
141 | |||
142 | dev=$(init_samizdat_lodev "$imgfile" "$megs") || return | ||
143 | |||
144 | [ ! -b /dev/mapper/"$cryptname" ] || return | ||
145 | |||
146 | luks_secret >/dev/null | ||
147 | luks_secret | gpg2 --default-recipient-self --encrypt --armor | gpg2 --clearsign --output "$keyfile" || return | ||
148 | |||
149 | luks_secret | cryptsetup luksFormat "$dev" - || return | ||
150 | cryptsetup luksDump "$dev" >&2 | ||
151 | luks_secret | cryptsetup --key-file - luksOpen "$dev" "$cryptname" || return | ||
152 | |||
153 | [ -b /dev/mapper/"$cryptname" ] || return | ||
154 | |||
155 | lvm pvcreate /dev/mapper/"$cryptname" || return | ||
156 | lvm vgcreate samizdat /dev/mapper/"$cryptname" | ||
157 | } | ||
158 | |||
159 | grow_samizdat_vg_free() | ||
160 | { | ||
161 | # Grow the samizdat VG sufficiently to ensure it has at least $want_free_megs free. | ||
162 | |||
163 | local want_free_megs=$(ceil4 "$1") free_megs | ||
164 | free_megs=$(vgfree_megs samizdat) || return | ||
165 | |||
166 | if [ "$free_megs" -lt "$want_free_megs" ]; then | ||
167 | grow_samizdat_vg $((want_free_megs - free_megs)) || return | ||
168 | fi | ||
169 | } | ||
170 | |||
171 | majmin() | ||
172 | { | ||
173 | local dev="$1" major minor | ||
174 | eval $(stat -c 'major=%t minor=%T' "$dev") || return | ||
175 | [ "$major" -a "$minor" ] || return | ||
176 | printf '%d:%d\n' 0x$major 0x$minor | ||
177 | } | ||
178 | |||
179 | vg_to_pv() | ||
180 | { | ||
181 | lvm vgs "$1" -o devices --noheadings | | ||
182 | ( | ||
183 | found= multidev= | ||
184 | while read dev; do | ||
185 | dev=${dev%(*} | ||
186 | if [ "$found" -a "$found" != "$dev" ]; then | ||
187 | exit 1 | ||
188 | fi | ||
189 | found=$dev | ||
190 | done | ||
191 | readlink -f "$found" | ||
192 | ) | ||
193 | } | ||
194 | |||
195 | cryptdev_to_dev() | ||
196 | { | ||
197 | local dev="$1" majmin | ||
198 | majmin=$(majmin "$dev") || return | ||
199 | set -- /sys/dev/block/$majmin/slaves/* | ||
200 | [ $# = 1 ] || return | ||
201 | |||
202 | cryptsetup status "$dev" |while read k v; do if [ "$k" = device: ]; then echo $v; break; fi; done | ||
203 | } | ||
204 | |||
205 | cryptdev_to_backing_file() | ||
206 | { | ||
207 | local dev="$1" majmin result | ||
208 | majmin="$(majmin "$dev")" || return | ||
209 | set -- /sys/dev/block/$majmin/slaves/* | ||
210 | [ $# = 1 ] || return | ||
211 | read result < "$1"/loop/backing_file || return | ||
212 | printf '%s\n' "$result" | ||
213 | } | ||
214 | |||
215 | samizdat_backing_file() | ||
216 | { | ||
217 | local pv | ||
218 | pv=$(vg_to_pv samizdat) && [ "$pv" ] || return | ||
219 | cryptdev_to_backing_file "$pv" | ||
220 | } | ||
221 | |||
222 | grow_samizdat_lv() | ||
223 | { | ||
224 | # Increase the size of the specified LV by $megs MB, creating the LV and resizing the VG as necessary. | ||
225 | |||
226 | local lv_name="$1" megs="$2" stat imgfile freemegs | ||
227 | imgfile=$(samizdat_backing_file) || return | ||
228 | |||
229 | if lv_exists samizdat/"$lv_name"; then | ||
230 | grow_samizdat_vg_free "$megs" || return | ||
231 | lvm lvresize -r -L +${megs}m samizdat/"$lv_name" || return | ||
232 | else | ||
233 | grow_samizdat_vg_free "$megs" || return | ||
234 | lvm lvcreate -Z n -L ${megs}m -n "$lv_name" samizdat || return | ||
235 | fi | ||
236 | } | ||
237 | |||
238 | lodev_to_file() | ||
239 | { | ||
240 | local result majmin dev="$1" | ||
241 | majmin="$(majmin "$dev")" || return | ||
242 | read result < /sys/dev/block/$majmin/loop/backing_file || return | ||
243 | printf '%s' "$result" | ||
244 | } | ||
245 | |||
246 | grow_samizdat_vg() | ||
247 | { | ||
248 | # Increase the size of the samizdat VG by $megs MB, resizing the backing file as necessary. | ||
249 | |||
250 | local megs="$1" cryptdev dev imgfile stat | ||
251 | cryptdev=$(vg_to_pv samizdat) | ||
252 | dev=$(cryptdev_to_dev "$cryptdev") || return | ||
253 | [ -b "$dev" ] || return | ||
254 | |||
255 | if [ "$(stat -c '%t' "$dev")" = 7 ]; then # this is a loop device | ||
256 | |||
257 | imgfile=$(lodev_to_file "$dev") || return | ||
258 | stat="$(stat -c 'local du=$((%B*%b)) sz=%s' "$imgfile")" || return | ||
259 | eval "$stat" | ||
260 | stat=$(stat -f -c 'local df=$((%f*%S))' "$imgfile") || return | ||
261 | eval "$stat" | ||
262 | |||
263 | local min_free_space=30 | ||
264 | if [ $(( df - megs*1024*1024 - sz + du )) -le $((min_free_space * 1024 * 1024)) ]; then | ||
265 | echo 'grow_samizdat_vg: Not enough disk space!' >&2 | ||
266 | return -1 | ||
267 | fi | ||
268 | |||
269 | truncate -cs +${megs}M "$imgfile" || return | ||
270 | losetup -c "$dev" || return | ||
271 | cryptsetup resize "$cryptdev" || return | ||
272 | lvm pvresize "$cryptdev" || return | ||
273 | |||
274 | else | ||
275 | echo 'grow_samizdat_vg: Unimplemented!' >&2 | ||
276 | return 1 | ||
277 | |||
278 | fi | ||
279 | } | ||
280 | |||
281 | mountpoint_to_dev() | ||
282 | { | ||
283 | local wantmp="$1" dev mp rest | ||
284 | mountpoint -q "$wantmp" || return | ||
285 | while read dev mp rest; do if [ "$mp" = "$wantmp" ]; then echo "$dev"; return; fi; done < /proc/mounts | ||
286 | return 1 | ||
287 | } | ||
288 | |||
289 | get_cdrom_sizelimit() | ||
290 | { | ||
291 | # returns bytes | ||
292 | local dev="$1" sectors | ||
293 | sectors=$(blockdev --getsz "$dev") || return | ||
294 | if dd count=2 if="$dev" bs=2048 skip=$((sectors/4 - 2)) of=/dev/null 2>/dev/null; then | ||
295 | return | ||
296 | else | ||
297 | echo $(((sectors-8)*512)) | ||
298 | fi | ||
299 | } | ||
300 | |||
301 | mirror_cdrom() | ||
302 | { | ||
303 | local md_num=55 dev mp rest cdrom_dev sectors | ||
304 | cdrom_dev="$(mountpoint_to_dev /cdrom)" || return | ||
305 | |||
306 | local lv_name=samizdat/cdrom | ||
307 | local lv_dev=/dev/mapper/samizdat-cdrom | ||
308 | local md_name=/dev/md$md_num | ||
309 | |||
310 | if [ -b $md_name ]; then | ||
311 | echo "RAID device already exists: '$md_name'; try removing (mdadm -S $md_name) and retry" >&2 | ||
312 | return 1 | ||
313 | fi | ||
314 | |||
315 | if lv_exists $lv_name.tmp; then | ||
316 | lvm lvchange --available n $lv_name.tmp && lvm lvremove $lv_name.tmp || return | ||
317 | fi | ||
318 | |||
319 | if lv_exists $lv_name; then | ||
320 | umount /cdrom || return | ||
321 | mount -r "$lv_dev" /cdrom | ||
322 | return | ||
323 | fi | ||
324 | |||
325 | umount /cdrom || return | ||
326 | |||
327 | sectors=$(blockdev --getsz "$cdrom_dev") || return | ||
328 | grow_samizdat_lv ${lv_name#samizdat/}.tmp $((sectors / 2 / 1024 + 1)) || return | ||
329 | |||
330 | # In order to trick mdadm into accepting a read-only device, we need | ||
331 | # to create a (read-write) loopback device. | ||
332 | |||
333 | # Furthermore, in order to deal with block device errors caused by | ||
334 | # TAO "run-out blocks" we may need to discard the last two 2048-byte | ||
335 | # sectors. | ||
336 | |||
337 | local cdrom_loopdev sizelimit | ||
338 | cdrom_loopdev=$(losetup -f) || return | ||
339 | sizelimit=$(get_cdrom_sizelimit "$cdrom_dev") | ||
340 | |||
341 | # Apparently loopdev sizelimit is not respected by linux md. Nor | ||
342 | # blockdev --getsz. Does it even work? Anyway, although this is used | ||
343 | # here redundantly, 'mdadm --size' is used as well. | ||
344 | /sbin/losetup ${sizelimit:+--sizelimit=$sizelimit} "$cdrom_loopdev" "$cdrom_dev" || return | ||
345 | |||
346 | mdadm --build $md_name ${sizelimit:+--size=$((sizelimit / 1024))} \ | ||
347 | --level=1 --raid-devices=1 --force --write-mostly "$cdrom_loopdev" || return | ||
348 | mdadm -D $md_name >&2 | ||
349 | mdadm --add $md_name $lv_dev.tmp | ||
350 | mdadm -D $md_name >&2 | ||
351 | mdadm --grow $md_name -n 2 | ||
352 | mdadm -D $md_name >&2 | ||
353 | |||
354 | mount -r $md_name /cdrom || { mount -r "$cdrom_dev" /cdrom; return 1; } | ||
355 | |||
356 | chpst -P samizdat-cdrom-copy "$md_name" "$lv_name" "$lv_dev" "$cdrom_loopdev" "$cdrom_dev" & | ||
357 | echo "[$$] Launched RAID monitor with pid $!." >&2 | ||
358 | } | ||
359 | |||
360 | init_gpg() | ||
361 | { | ||
362 | bootwait samizdat-cdrom | ||
363 | export GNUPGHOME=/gpg/gnupghome | ||
364 | (umask 077; rsync --exclude '/luks-key*' --ignore-existing -rpP /cdrom/samizdat/gpg/ /gpg/) | ||
365 | |||
366 | if samizdat-password-agent >/var/log/samizdat-password-agent.log 2>&1; then | ||
367 | clear | ||
368 | true | ||
369 | else | ||
370 | false | ||
371 | fi | ||
372 | } | ||
373 | |||
374 | start_meter() | ||
375 | { | ||
376 | local startmsg="$*" | ||
377 | (exec >&4 | ||
378 | clear | ||
379 | echo -n $startmsg | ||
380 | set +x | ||
381 | while sleep 2; do | ||
382 | echo -n . | ||
383 | done) & | ||
384 | meterpid=$! | ||
385 | } | ||
386 | |||
387 | stop_meter() | ||
388 | { | ||
389 | local endmsg="$*" | ||
390 | kill $meterpid | ||
391 | echo " $endmsg" >&4 | ||
392 | } | ||
393 | |||
diff --git a/old-school/lvm.conf b/old-school/lvm.conf new file mode 100644 index 0000000..0c1289f --- /dev/null +++ b/old-school/lvm.conf | |||
@@ -0,0 +1,773 @@ | |||
1 | # This is an example configuration file for the LVM2 system. | ||
2 | # It contains the default settings that would be used if there was no | ||
3 | # /etc/lvm/lvm.conf file. | ||
4 | # | ||
5 | # Refer to 'man lvm.conf' for further information including the file layout. | ||
6 | # | ||
7 | # To put this file in a different directory and override /etc/lvm set | ||
8 | # the environment variable LVM_SYSTEM_DIR before running the tools. | ||
9 | # | ||
10 | # N.B. Take care that each setting only appears once if uncommenting | ||
11 | # example settings in this file. | ||
12 | |||
13 | |||
14 | # This section allows you to configure which block devices should | ||
15 | # be used by the LVM system. | ||
16 | devices { | ||
17 | |||
18 | # Where do you want your volume groups to appear ? | ||
19 | dir = "/dev" | ||
20 | |||
21 | # An array of directories that contain the device nodes you wish | ||
22 | # to use with LVM2. | ||
23 | scan = [ "/dev" ] | ||
24 | |||
25 | # If set, the cache of block device nodes with all associated symlinks | ||
26 | # will be constructed out of the existing udev database content. | ||
27 | # This avoids using and opening any inapplicable non-block devices or | ||
28 | # subdirectories found in the device directory. This setting is applied | ||
29 | # to udev-managed device directory only, other directories will be scanned | ||
30 | # fully. LVM2 needs to be compiled with udev support for this setting to | ||
31 | # take effect. N.B. Any device node or symlink not managed by udev in | ||
32 | # udev directory will be ignored with this setting on. | ||
33 | obtain_device_list_from_udev = 1 | ||
34 | |||
35 | # If several entries in the scanned directories correspond to the | ||
36 | # same block device and the tools need to display a name for device, | ||
37 | # all the pathnames are matched against each item in the following | ||
38 | # list of regular expressions in turn and the first match is used. | ||
39 | preferred_names = [ ] | ||
40 | |||
41 | # Try to avoid using undescriptive /dev/dm-N names, if present. | ||
42 | # preferred_names = [ "^/dev/mpath/", "^/dev/mapper/mpath", "^/dev/[hs]d" ] | ||
43 | |||
44 | # A filter that tells LVM2 to only use a restricted set of devices. | ||
45 | # The filter consists of an array of regular expressions. These | ||
46 | # expressions can be delimited by a character of your choice, and | ||
47 | # prefixed with either an 'a' (for accept) or 'r' (for reject). | ||
48 | # The first expression found to match a device name determines if | ||
49 | # the device will be accepted or rejected (ignored). Devices that | ||
50 | # don't match any patterns are accepted. | ||
51 | |||
52 | # Be careful if there there are symbolic links or multiple filesystem | ||
53 | # entries for the same device as each name is checked separately against | ||
54 | # the list of patterns. The effect is that if the first pattern in the | ||
55 | # list to match a name is an 'a' pattern for any of the names, the device | ||
56 | # is accepted; otherwise if the first pattern in the list to match a name | ||
57 | # is an 'r' pattern for any of the names it is rejected; otherwise it is | ||
58 | # accepted. | ||
59 | |||
60 | # Don't have more than one filter line active at once: only one gets used. | ||
61 | |||
62 | # Run vgscan after you change this parameter to ensure that | ||
63 | # the cache file gets regenerated (see below). | ||
64 | # If it doesn't do what you expect, check the output of 'vgscan -vvvv'. | ||
65 | |||
66 | |||
67 | # By default we accept every block device: | ||
68 | filter = [ "a/.*/" ] | ||
69 | |||
70 | # Exclude the cdrom drive | ||
71 | # filter = [ "r|/dev/cdrom|" ] | ||
72 | |||
73 | # When testing I like to work with just loopback devices: | ||
74 | # filter = [ "a/loop/", "r/.*/" ] | ||
75 | |||
76 | # Or maybe all loops and ide drives except hdc: | ||
77 | # filter =[ "a|loop|", "r|/dev/hdc|", "a|/dev/ide|", "r|.*|" ] | ||
78 | |||
79 | # Use anchors if you want to be really specific | ||
80 | # filter = [ "a|^/dev/hda8$|", "r/.*/" ] | ||
81 | |||
82 | # The results of the filtering are cached on disk to avoid | ||
83 | # rescanning dud devices (which can take a very long time). | ||
84 | # By default this cache is stored in the /etc/lvm/cache directory | ||
85 | # in a file called '.cache'. | ||
86 | # It is safe to delete the contents: the tools regenerate it. | ||
87 | # (The old setting 'cache' is still respected if neither of | ||
88 | # these new ones is present.) | ||
89 | cache_dir = "/run/lvm" | ||
90 | cache_file_prefix = "" | ||
91 | |||
92 | # You can turn off writing this cache file by setting this to 0. | ||
93 | write_cache_state = 1 | ||
94 | |||
95 | # Advanced settings. | ||
96 | |||
97 | # List of pairs of additional acceptable block device types found | ||
98 | # in /proc/devices with maximum (non-zero) number of partitions. | ||
99 | # types = [ "fd", 16 ] | ||
100 | |||
101 | # If sysfs is mounted (2.6 kernels) restrict device scanning to | ||
102 | # the block devices it believes are valid. | ||
103 | # 1 enables; 0 disables. | ||
104 | sysfs_scan = 1 | ||
105 | |||
106 | # By default, LVM2 will ignore devices used as component paths | ||
107 | # of device-mapper multipath devices. | ||
108 | # 1 enables; 0 disables. | ||
109 | multipath_component_detection = 1 | ||
110 | |||
111 | # By default, LVM2 will ignore devices used as components of | ||
112 | # software RAID (md) devices by looking for md superblocks. | ||
113 | # 1 enables; 0 disables. | ||
114 | md_component_detection = 1 | ||
115 | |||
116 | # By default, if a PV is placed directly upon an md device, LVM2 | ||
117 | # will align its data blocks with the md device's stripe-width. | ||
118 | # 1 enables; 0 disables. | ||
119 | md_chunk_alignment = 1 | ||
120 | |||
121 | # Default alignment of the start of a data area in MB. If set to 0, | ||
122 | # a value of 64KB will be used. Set to 1 for 1MiB, 2 for 2MiB, etc. | ||
123 | # default_data_alignment = 1 | ||
124 | |||
125 | # By default, the start of a PV's data area will be a multiple of | ||
126 | # the 'minimum_io_size' or 'optimal_io_size' exposed in sysfs. | ||
127 | # - minimum_io_size - the smallest request the device can perform | ||
128 | # w/o incurring a read-modify-write penalty (e.g. MD's chunk size) | ||
129 | # - optimal_io_size - the device's preferred unit of receiving I/O | ||
130 | # (e.g. MD's stripe width) | ||
131 | # minimum_io_size is used if optimal_io_size is undefined (0). | ||
132 | # If md_chunk_alignment is enabled, that detects the optimal_io_size. | ||
133 | # This setting takes precedence over md_chunk_alignment. | ||
134 | # 1 enables; 0 disables. | ||
135 | data_alignment_detection = 1 | ||
136 | |||
137 | # Alignment (in KB) of start of data area when creating a new PV. | ||
138 | # md_chunk_alignment and data_alignment_detection are disabled if set. | ||
139 | # Set to 0 for the default alignment (see: data_alignment_default) | ||
140 | # or page size, if larger. | ||
141 | data_alignment = 0 | ||
142 | |||
143 | # By default, the start of the PV's aligned data area will be shifted by | ||
144 | # the 'alignment_offset' exposed in sysfs. This offset is often 0 but | ||
145 | # may be non-zero; e.g.: certain 4KB sector drives that compensate for | ||
146 | # windows partitioning will have an alignment_offset of 3584 bytes | ||
147 | # (sector 7 is the lowest aligned logical block, the 4KB sectors start | ||
148 | # at LBA -1, and consequently sector 63 is aligned on a 4KB boundary). | ||
149 | # But note that pvcreate --dataalignmentoffset will skip this detection. | ||
150 | # 1 enables; 0 disables. | ||
151 | data_alignment_offset_detection = 1 | ||
152 | |||
153 | # If, while scanning the system for PVs, LVM2 encounters a device-mapper | ||
154 | # device that has its I/O suspended, it waits for it to become accessible. | ||
155 | # Set this to 1 to skip such devices. This should only be needed | ||
156 | # in recovery situations. | ||
157 | ignore_suspended_devices = 0 | ||
158 | |||
159 | # During each LVM operation errors received from each device are counted. | ||
160 | # If the counter of a particular device exceeds the limit set here, no | ||
161 | # further I/O is sent to that device for the remainder of the respective | ||
162 | # operation. Setting the parameter to 0 disables the counters altogether. | ||
163 | disable_after_error_count = 0 | ||
164 | |||
165 | # Allow use of pvcreate --uuid without requiring --restorefile. | ||
166 | require_restorefile_with_uuid = 1 | ||
167 | |||
168 | # Minimum size (in KB) of block devices which can be used as PVs. | ||
169 | # In a clustered environment all nodes must use the same value. | ||
170 | # Any value smaller than 512KB is ignored. | ||
171 | |||
172 | # Ignore devices smaller than 2MB such as floppy drives. | ||
173 | pv_min_size = 2048 | ||
174 | |||
175 | # The original built-in setting was 512 up to and including version 2.02.84. | ||
176 | # pv_min_size = 512 | ||
177 | |||
178 | # Issue discards to a logical volumes's underlying physical volume(s) when | ||
179 | # the logical volume is no longer using the physical volumes' space (e.g. | ||
180 | # lvremove, lvreduce, etc). Discards inform the storage that a region is | ||
181 | # no longer in use. Storage that supports discards advertise the protocol | ||
182 | # specific way discards should be issued by the kernel (TRIM, UNMAP, or | ||
183 | # WRITE SAME with UNMAP bit set). Not all storage will support or benefit | ||
184 | # from discards but SSDs and thinly provisioned LUNs generally do. If set | ||
185 | # to 1, discards will only be issued if both the storage and kernel provide | ||
186 | # support. | ||
187 | # 1 enables; 0 disables. | ||
188 | issue_discards = 0 | ||
189 | } | ||
190 | |||
191 | # This section allows you to configure the way in which LVM selects | ||
192 | # free space for its Logical Volumes. | ||
193 | #allocation { | ||
194 | # When searching for free space to extend an LV, the "cling" | ||
195 | # allocation policy will choose space on the same PVs as the last | ||
196 | # segment of the existing LV. If there is insufficient space and a | ||
197 | # list of tags is defined here, it will check whether any of them are | ||
198 | # attached to the PVs concerned and then seek to match those PV tags | ||
199 | # between existing extents and new extents. | ||
200 | # Use the special tag "@*" as a wildcard to match any PV tag. | ||
201 | # | ||
202 | # Example: LVs are mirrored between two sites within a single VG. | ||
203 | # PVs are tagged with either @site1 or @site2 to indicate where | ||
204 | # they are situated. | ||
205 | # | ||
206 | # cling_tag_list = [ "@site1", "@site2" ] | ||
207 | # cling_tag_list = [ "@*" ] | ||
208 | # | ||
209 | # Changes made in version 2.02.85 extended the reach of the 'cling' | ||
210 | # policies to detect more situations where data can be grouped | ||
211 | # onto the same disks. Set this to 0 to revert to the previous | ||
212 | # algorithm. | ||
213 | # | ||
214 | # maximise_cling = 1 | ||
215 | # | ||
216 | # Set to 1 to guarantee that mirror logs will always be placed on | ||
217 | # different PVs from the mirror images. This was the default | ||
218 | # until version 2.02.85. | ||
219 | # | ||
220 | # mirror_logs_require_separate_pvs = 0 | ||
221 | # | ||
222 | # Set to 1 to guarantee that thin pool metadata will always | ||
223 | # be placed on different PVs from the pool data. | ||
224 | # | ||
225 | # thin_pool_metadata_require_separate_pvs = 0 | ||
226 | #} | ||
227 | |||
228 | # This section that allows you to configure the nature of the | ||
229 | # information that LVM2 reports. | ||
230 | log { | ||
231 | |||
232 | # Controls the messages sent to stdout or stderr. | ||
233 | # There are three levels of verbosity, 3 being the most verbose. | ||
234 | verbose = 0 | ||
235 | |||
236 | # Should we send log messages through syslog? | ||
237 | # 1 is yes; 0 is no. | ||
238 | syslog = 1 | ||
239 | |||
240 | # Should we log error and debug messages to a file? | ||
241 | # By default there is no log file. | ||
242 | #file = "/var/log/lvm2.log" | ||
243 | |||
244 | # Should we overwrite the log file each time the program is run? | ||
245 | # By default we append. | ||
246 | overwrite = 0 | ||
247 | |||
248 | # What level of log messages should we send to the log file and/or syslog? | ||
249 | # There are 6 syslog-like log levels currently in use - 2 to 7 inclusive. | ||
250 | # 7 is the most verbose (LOG_DEBUG). | ||
251 | level = 0 | ||
252 | |||
253 | # Format of output messages | ||
254 | # Whether or not (1 or 0) to indent messages according to their severity | ||
255 | indent = 1 | ||
256 | |||
257 | # Whether or not (1 or 0) to display the command name on each line output | ||
258 | command_names = 0 | ||
259 | |||
260 | # A prefix to use before the message text (but after the command name, | ||
261 | # if selected). Default is two spaces, so you can see/grep the severity | ||
262 | # of each message. | ||
263 | prefix = " " | ||
264 | |||
265 | # To make the messages look similar to the original LVM tools use: | ||
266 | # indent = 0 | ||
267 | # command_names = 1 | ||
268 | # prefix = " -- " | ||
269 | |||
270 | # Set this if you want log messages during activation. | ||
271 | # Don't use this in low memory situations (can deadlock). | ||
272 | # activation = 0 | ||
273 | } | ||
274 | |||
275 | # Configuration of metadata backups and archiving. In LVM2 when we | ||
276 | # talk about a 'backup' we mean making a copy of the metadata for the | ||
277 | # *current* system. The 'archive' contains old metadata configurations. | ||
278 | # Backups are stored in a human readeable text format. | ||
279 | backup { | ||
280 | |||
281 | # Should we maintain a backup of the current metadata configuration ? | ||
282 | # Use 1 for Yes; 0 for No. | ||
283 | # Think very hard before turning this off! | ||
284 | backup = 1 | ||
285 | |||
286 | # Where shall we keep it ? | ||
287 | # Remember to back up this directory regularly! | ||
288 | backup_dir = "/etc/lvm/backup" | ||
289 | |||
290 | # Should we maintain an archive of old metadata configurations. | ||
291 | # Use 1 for Yes; 0 for No. | ||
292 | # On by default. Think very hard before turning this off. | ||
293 | archive = 1 | ||
294 | |||
295 | # Where should archived files go ? | ||
296 | # Remember to back up this directory regularly! | ||
297 | archive_dir = "/etc/lvm/archive" | ||
298 | |||
299 | # What is the minimum number of archive files you wish to keep ? | ||
300 | retain_min = 10 | ||
301 | |||
302 | # What is the minimum time you wish to keep an archive file for ? | ||
303 | retain_days = 30 | ||
304 | } | ||
305 | |||
306 | # Settings for the running LVM2 in shell (readline) mode. | ||
307 | shell { | ||
308 | |||
309 | # Number of lines of history to store in ~/.lvm_history | ||
310 | history_size = 100 | ||
311 | } | ||
312 | |||
313 | |||
314 | # Miscellaneous global LVM2 settings | ||
315 | global { | ||
316 | |||
317 | # The file creation mask for any files and directories created. | ||
318 | # Interpreted as octal if the first digit is zero. | ||
319 | umask = 077 | ||
320 | |||
321 | # Allow other users to read the files | ||
322 | #umask = 022 | ||
323 | |||
324 | # Enabling test mode means that no changes to the on disk metadata | ||
325 | # will be made. Equivalent to having the -t option on every | ||
326 | # command. Defaults to off. | ||
327 | test = 0 | ||
328 | |||
329 | # Default value for --units argument | ||
330 | units = "h" | ||
331 | |||
332 | # Since version 2.02.54, the tools distinguish between powers of | ||
333 | # 1024 bytes (e.g. KiB, MiB, GiB) and powers of 1000 bytes (e.g. | ||
334 | # KB, MB, GB). | ||
335 | # If you have scripts that depend on the old behaviour, set this to 0 | ||
336 | # temporarily until you update them. | ||
337 | si_unit_consistency = 1 | ||
338 | |||
339 | # Whether or not to communicate with the kernel device-mapper. | ||
340 | # Set to 0 if you want to use the tools to manipulate LVM metadata | ||
341 | # without activating any logical volumes. | ||
342 | # If the device-mapper kernel driver is not present in your kernel | ||
343 | # setting this to 0 should suppress the error messages. | ||
344 | activation = 1 | ||
345 | |||
346 | # If we can't communicate with device-mapper, should we try running | ||
347 | # the LVM1 tools? | ||
348 | # This option only applies to 2.4 kernels and is provided to help you | ||
349 | # switch between device-mapper kernels and LVM1 kernels. | ||
350 | # The LVM1 tools need to be installed with .lvm1 suffices | ||
351 | # e.g. vgscan.lvm1 and they will stop working after you start using | ||
352 | # the new lvm2 on-disk metadata format. | ||
353 | # The default value is set when the tools are built. | ||
354 | # fallback_to_lvm1 = 0 | ||
355 | |||
356 | # The default metadata format that commands should use - "lvm1" or "lvm2". | ||
357 | # The command line override is -M1 or -M2. | ||
358 | # Defaults to "lvm2". | ||
359 | # format = "lvm2" | ||
360 | |||
361 | # Location of proc filesystem | ||
362 | proc = "/proc" | ||
363 | |||
364 | # Type of locking to use. Defaults to local file-based locking (1). | ||
365 | # Turn locking off by setting to 0 (dangerous: risks metadata corruption | ||
366 | # if LVM2 commands get run concurrently). | ||
367 | # Type 2 uses the external shared library locking_library. | ||
368 | # Type 3 uses built-in clustered locking. | ||
369 | # Type 4 uses read-only locking which forbids any operations that might | ||
370 | # change metadata. | ||
371 | locking_type = 1 | ||
372 | |||
373 | # Set to 0 to fail when a lock request cannot be satisfied immediately. | ||
374 | wait_for_locks = 1 | ||
375 | |||
376 | # If using external locking (type 2) and initialisation fails, | ||
377 | # with this set to 1 an attempt will be made to use the built-in | ||
378 | # clustered locking. | ||
379 | # If you are using a customised locking_library you should set this to 0. | ||
380 | fallback_to_clustered_locking = 1 | ||
381 | |||
382 | # If an attempt to initialise type 2 or type 3 locking failed, perhaps | ||
383 | # because cluster components such as clvmd are not running, with this set | ||
384 | # to 1 an attempt will be made to use local file-based locking (type 1). | ||
385 | # If this succeeds, only commands against local volume groups will proceed. | ||
386 | # Volume Groups marked as clustered will be ignored. | ||
387 | fallback_to_local_locking = 1 | ||
388 | |||
389 | # Local non-LV directory that holds file-based locks while commands are | ||
390 | # in progress. A directory like /tmp that may get wiped on reboot is OK. | ||
391 | locking_dir = "/run/lock/lvm" | ||
392 | |||
393 | # Whenever there are competing read-only and read-write access requests for | ||
394 | # a volume group's metadata, instead of always granting the read-only | ||
395 | # requests immediately, delay them to allow the read-write requests to be | ||
396 | # serviced. Without this setting, write access may be stalled by a high | ||
397 | # volume of read-only requests. | ||
398 | # NB. This option only affects locking_type = 1 viz. local file-based | ||
399 | # locking. | ||
400 | prioritise_write_locks = 1 | ||
401 | |||
402 | # Other entries can go here to allow you to load shared libraries | ||
403 | # e.g. if support for LVM1 metadata was compiled as a shared library use | ||
404 | # format_libraries = "liblvm2format1.so" | ||
405 | # Full pathnames can be given. | ||
406 | |||
407 | # Search this directory first for shared libraries. | ||
408 | # library_dir = "/lib/lvm2" | ||
409 | |||
410 | # The external locking library to load if locking_type is set to 2. | ||
411 | # locking_library = "liblvm2clusterlock.so" | ||
412 | |||
413 | # Treat any internal errors as fatal errors, aborting the process that | ||
414 | # encountered the internal error. Please only enable for debugging. | ||
415 | abort_on_internal_errors = 0 | ||
416 | |||
417 | # Check whether CRC is matching when parsed VG is used multiple times. | ||
418 | # This is useful to catch unexpected internal cached volume group | ||
419 | # structure modification. Please only enable for debugging. | ||
420 | detect_internal_vg_cache_corruption = 0 | ||
421 | |||
422 | # If set to 1, no operations that change on-disk metadata will be permitted. | ||
423 | # Additionally, read-only commands that encounter metadata in need of repair | ||
424 | # will still be allowed to proceed exactly as if the repair had been | ||
425 | # performed (except for the unchanged vg_seqno). | ||
426 | # Inappropriate use could mess up your system, so seek advice first! | ||
427 | metadata_read_only = 0 | ||
428 | |||
429 | # 'mirror_segtype_default' defines which segtype will be used when the | ||
430 | # shorthand '-m' option is used for mirroring. The possible options are: | ||
431 | # | ||
432 | # "mirror" - The original RAID1 implementation provided by LVM2/DM. It is | ||
433 | # characterized by a flexible log solution (core, disk, mirrored) | ||
434 | # and by the necessity to block I/O while reconfiguring in the | ||
435 | # event of a failure. Snapshots of this type of RAID1 can be | ||
436 | # problematic. | ||
437 | # | ||
438 | # "raid1" - This implementation leverages MD's RAID1 personality through | ||
439 | # device-mapper. It is characterized by a lack of log options. | ||
440 | # (A log is always allocated for every device and they are placed | ||
441 | # on the same device as the image - no separate devices are | ||
442 | # required.) This mirror implementation does not require I/O | ||
443 | # to be blocked in the kernel in the event of a failure. | ||
444 | # | ||
445 | # Specify the '--type <mirror|raid1>' option to override this default | ||
446 | # setting. | ||
447 | mirror_segtype_default = "mirror" | ||
448 | |||
449 | # The default format for displaying LV names in lvdisplay was changed | ||
450 | # in version 2.02.89 to show the LV name and path separately. | ||
451 | # Previously this was always shown as /dev/vgname/lvname even when that | ||
452 | # was never a valid path in the /dev filesystem. | ||
453 | # Set to 1 to reinstate the previous format. | ||
454 | # | ||
455 | # lvdisplay_shows_full_device_path = 0 | ||
456 | |||
457 | # Whether to use (trust) a running instance of lvmetad. If this is set to | ||
458 | # 0, all commands fall back to the usual scanning mechanisms. When set to 1 | ||
459 | # *and* when lvmetad is running (it is not auto-started), the volume group | ||
460 | # metadata and PV state flags are obtained from the lvmetad instance and no | ||
461 | # scanning is done by the individual commands. In a setup with lvmetad, | ||
462 | # lvmetad udev rules *must* be set up for LVM to work correctly. Without | ||
463 | # proper udev rules, all changes in block device configuration will be | ||
464 | # *ignored* until a manual 'vgscan' is performed. | ||
465 | use_lvmetad = 0 | ||
466 | } | ||
467 | |||
468 | activation { | ||
469 | # Set to 1 to perform internal checks on the operations issued to | ||
470 | # libdevmapper. Useful for debugging problems with activation. | ||
471 | # Some of the checks may be expensive, so it's best to use this | ||
472 | # only when there seems to be a problem. | ||
473 | checks = 0 | ||
474 | |||
475 | # Set to 0 to disable udev synchronisation (if compiled into the binaries). | ||
476 | # Processes will not wait for notification from udev. | ||
477 | # They will continue irrespective of any possible udev processing | ||
478 | # in the background. You should only use this if udev is not running | ||
479 | # or has rules that ignore the devices LVM2 creates. | ||
480 | # The command line argument --nodevsync takes precedence over this setting. | ||
481 | # If set to 1 when udev is not running, and there are LVM2 processes | ||
482 | # waiting for udev, run 'dmsetup udevcomplete_all' manually to wake them up. | ||
483 | udev_sync = 1 | ||
484 | |||
485 | # Set to 0 to disable the udev rules installed by LVM2 (if built with | ||
486 | # --enable-udev_rules). LVM2 will then manage the /dev nodes and symlinks | ||
487 | # for active logical volumes directly itself. | ||
488 | # N.B. Manual intervention may be required if this setting is changed | ||
489 | # while any logical volumes are active. | ||
490 | udev_rules = 1 | ||
491 | |||
492 | # Set to 1 for LVM2 to verify operations performed by udev. This turns on | ||
493 | # additional checks (and if necessary, repairs) on entries in the device | ||
494 | # directory after udev has completed processing its events. | ||
495 | # Useful for diagnosing problems with LVM2/udev interactions. | ||
496 | verify_udev_operations = 1 | ||
497 | |||
498 | # If set to 1 and if deactivation of an LV fails, perhaps because | ||
499 | # a process run from a quick udev rule temporarily opened the device, | ||
500 | # retry the operation for a few seconds before failing. | ||
501 | retry_deactivation = 1 | ||
502 | |||
503 | # How to fill in missing stripes if activating an incomplete volume. | ||
504 | # Using "error" will make inaccessible parts of the device return | ||
505 | # I/O errors on access. You can instead use a device path, in which | ||
506 | # case, that device will be used to in place of missing stripes. | ||
507 | # But note that using anything other than "error" with mirrored | ||
508 | # or snapshotted volumes is likely to result in data corruption. | ||
509 | missing_stripe_filler = "error" | ||
510 | |||
511 | # The linear target is an optimised version of the striped target | ||
512 | # that only handles a single stripe. Set this to 0 to disable this | ||
513 | # optimisation and always use the striped target. | ||
514 | use_linear_target = 1 | ||
515 | |||
516 | # How much stack (in KB) to reserve for use while devices suspended | ||
517 | # Prior to version 2.02.89 this used to be set to 256KB | ||
518 | reserved_stack = 64 | ||
519 | |||
520 | # How much memory (in KB) to reserve for use while devices suspended | ||
521 | reserved_memory = 8192 | ||
522 | |||
523 | # Nice value used while devices suspended | ||
524 | process_priority = -18 | ||
525 | |||
526 | # If volume_list is defined, each LV is only activated if there is a | ||
527 | # match against the list. | ||
528 | # "vgname" and "vgname/lvname" are matched exactly. | ||
529 | # "@tag" matches any tag set in the LV or VG. | ||
530 | # "@*" matches if any tag defined on the host is also set in the LV or VG | ||
531 | # | ||
532 | # volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] | ||
533 | |||
534 | # If read_only_volume_list is defined, each LV that is to be activated | ||
535 | # is checked against the list, and if it matches, it as activated | ||
536 | # in read-only mode. (This overrides '--permission rw' stored in the | ||
537 | # metadata.) | ||
538 | # "vgname" and "vgname/lvname" are matched exactly. | ||
539 | # "@tag" matches any tag set in the LV or VG. | ||
540 | # "@*" matches if any tag defined on the host is also set in the LV or VG | ||
541 | # | ||
542 | # read_only_volume_list = [ "vg1", "vg2/lvol1", "@tag1", "@*" ] | ||
543 | |||
544 | # Size (in KB) of each copy operation when mirroring | ||
545 | mirror_region_size = 512 | ||
546 | |||
547 | # Setting to use when there is no readahead value stored in the metadata. | ||
548 | # | ||
549 | # "none" - Disable readahead. | ||
550 | # "auto" - Use default value chosen by kernel. | ||
551 | readahead = "auto" | ||
552 | |||
553 | # 'raid_fault_policy' defines how a device failure in a RAID logical | ||
554 | # volume is handled. This includes logical volumes that have the following | ||
555 | # segment types: raid1, raid4, raid5*, and raid6*. | ||
556 | # | ||
557 | # In the event of a failure, the following policies will determine what | ||
558 | # actions are performed during the automated response to failures (when | ||
559 | # dmeventd is monitoring the RAID logical volume) and when 'lvconvert' is | ||
560 | # called manually with the options '--repair' and '--use-policies'. | ||
561 | # | ||
562 | # "warn" - Use the system log to warn the user that a device in the RAID | ||
563 | # logical volume has failed. It is left to the user to run | ||
564 | # 'lvconvert --repair' manually to remove or replace the failed | ||
565 | # device. As long as the number of failed devices does not | ||
566 | # exceed the redundancy of the logical volume (1 device for | ||
567 | # raid4/5, 2 for raid6, etc) the logical volume will remain | ||
568 | # usable. | ||
569 | # | ||
570 | # "allocate" - Attempt to use any extra physical volumes in the volume | ||
571 | # group as spares and replace faulty devices. | ||
572 | # | ||
573 | raid_fault_policy = "warn" | ||
574 | |||
575 | # 'mirror_image_fault_policy' and 'mirror_log_fault_policy' define | ||
576 | # how a device failure affecting a mirror (of "mirror" segment type) is | ||
577 | # handled. A mirror is composed of mirror images (copies) and a log. | ||
578 | # A disk log ensures that a mirror does not need to be re-synced | ||
579 | # (all copies made the same) every time a machine reboots or crashes. | ||
580 | # | ||
581 | # In the event of a failure, the specified policy will be used to determine | ||
582 | # what happens. This applies to automatic repairs (when the mirror is being | ||
583 | # monitored by dmeventd) and to manual lvconvert --repair when | ||
584 | # --use-policies is given. | ||
585 | # | ||
586 | # "remove" - Simply remove the faulty device and run without it. If | ||
587 | # the log device fails, the mirror would convert to using | ||
588 | # an in-memory log. This means the mirror will not | ||
589 | # remember its sync status across crashes/reboots and | ||
590 | # the entire mirror will be re-synced. If a | ||
591 | # mirror image fails, the mirror will convert to a | ||
592 | # non-mirrored device if there is only one remaining good | ||
593 | # copy. | ||
594 | # | ||
595 | # "allocate" - Remove the faulty device and try to allocate space on | ||
596 | # a new device to be a replacement for the failed device. | ||
597 | # Using this policy for the log is fast and maintains the | ||
598 | # ability to remember sync state through crashes/reboots. | ||
599 | # Using this policy for a mirror device is slow, as it | ||
600 | # requires the mirror to resynchronize the devices, but it | ||
601 | # will preserve the mirror characteristic of the device. | ||
602 | # This policy acts like "remove" if no suitable device and | ||
603 | # space can be allocated for the replacement. | ||
604 | # | ||
605 | # "allocate_anywhere" - Not yet implemented. Useful to place the log device | ||
606 | # temporarily on same physical volume as one of the mirror | ||
607 | # images. This policy is not recommended for mirror devices | ||
608 | # since it would break the redundant nature of the mirror. This | ||
609 | # policy acts like "remove" if no suitable device and space can | ||
610 | # be allocated for the replacement. | ||
611 | |||
612 | mirror_log_fault_policy = "allocate" | ||
613 | mirror_image_fault_policy = "remove" | ||
614 | |||
615 | # 'snapshot_autoextend_threshold' and 'snapshot_autoextend_percent' define | ||
616 | # how to handle automatic snapshot extension. The former defines when the | ||
617 | # snapshot should be extended: when its space usage exceeds this many | ||
618 | # percent. The latter defines how much extra space should be allocated for | ||
619 | # the snapshot, in percent of its current size. | ||
620 | # | ||
621 | # For example, if you set snapshot_autoextend_threshold to 70 and | ||
622 | # snapshot_autoextend_percent to 20, whenever a snapshot exceeds 70% usage, | ||
623 | # it will be extended by another 20%. For a 1G snapshot, using up 700M will | ||
624 | # trigger a resize to 1.2G. When the usage exceeds 840M, the snapshot will | ||
625 | # be extended to 1.44G, and so on. | ||
626 | # | ||
627 | # Setting snapshot_autoextend_threshold to 100 disables automatic | ||
628 | # extensions. The minimum value is 50 (A setting below 50 will be treated | ||
629 | # as 50). | ||
630 | |||
631 | snapshot_autoextend_threshold = 100 | ||
632 | snapshot_autoextend_percent = 20 | ||
633 | |||
634 | # 'thin_pool_autoextend_threshold' and 'thin_pool_autoextend_percent' define | ||
635 | # how to handle automatic pool extension. The former defines when the | ||
636 | # pool should be extended: when its space usage exceeds this many | ||
637 | # percent. The latter defines how much extra space should be allocated for | ||
638 | # the pool, in percent of its current size. | ||
639 | # | ||
640 | # For example, if you set thin_pool_autoextend_threshold to 70 and | ||
641 | # thin_pool_autoextend_percent to 20, whenever a pool exceeds 70% usage, | ||
642 | # it will be extended by another 20%. For a 1G pool, using up 700M will | ||
643 | # trigger a resize to 1.2G. When the usage exceeds 840M, the pool will | ||
644 | # be extended to 1.44G, and so on. | ||
645 | # | ||
646 | # Setting thin_pool_autoextend_threshold to 100 disables automatic | ||
647 | # extensions. The minimum value is 50 (A setting below 50 will be treated | ||
648 | # as 50). | ||
649 | |||
650 | thin_pool_autoextend_threshold = 100 | ||
651 | thin_pool_autoextend_percent = 20 | ||
652 | |||
653 | # Full path of the utility called to check that a thin metadata device | ||
654 | # is in a state that allows it to be used. | ||
655 | # Each time a thin pool needs to be activated, this utility is executed. | ||
656 | # The activation will only proceed if the utility has an exit status of 0. | ||
657 | # Set to "" to skip this check. (Not recommended.) | ||
658 | # The thin tools are available as part of the device-mapper-persistent-data | ||
659 | # package from https://github.com/jthornber/thin-provisioning-tools. | ||
660 | # | ||
661 | thin_check_executable = "/sbin/thin_check -q" | ||
662 | |||
663 | # While activating devices, I/O to devices being (re)configured is | ||
664 | # suspended, and as a precaution against deadlocks, LVM2 needs to pin | ||
665 | # any memory it is using so it is not paged out. Groups of pages that | ||
666 | # are known not to be accessed during activation need not be pinned | ||
667 | # into memory. Each string listed in this setting is compared against | ||
668 | # each line in /proc/self/maps, and the pages corresponding to any | ||
669 | # lines that match are not pinned. On some systems locale-archive was | ||
670 | # found to make up over 80% of the memory used by the process. | ||
671 | # mlock_filter = [ "locale/locale-archive", "gconv/gconv-modules.cache" ] | ||
672 | |||
673 | # Set to 1 to revert to the default behaviour prior to version 2.02.62 | ||
674 | # which used mlockall() to pin the whole process's memory while activating | ||
675 | # devices. | ||
676 | use_mlockall = 0 | ||
677 | |||
678 | # Monitoring is enabled by default when activating logical volumes. | ||
679 | # Set to 0 to disable monitoring or use the --ignoremonitoring option. | ||
680 | monitoring = 0 | ||
681 | |||
682 | # When pvmove or lvconvert must wait for the kernel to finish | ||
683 | # synchronising or merging data, they check and report progress | ||
684 | # at intervals of this number of seconds. The default is 15 seconds. | ||
685 | # If this is set to 0 and there is only one thing to wait for, there | ||
686 | # are no progress reports, but the process is awoken immediately the | ||
687 | # operation is complete. | ||
688 | polling_interval = 15 | ||
689 | } | ||
690 | |||
691 | |||
692 | #################### | ||
693 | # Advanced section # | ||
694 | #################### | ||
695 | |||
696 | # Metadata settings | ||
697 | # | ||
698 | # metadata { | ||
699 | # Default number of copies of metadata to hold on each PV. 0, 1 or 2. | ||
700 | # You might want to override it from the command line with 0 | ||
701 | # when running pvcreate on new PVs which are to be added to large VGs. | ||
702 | |||
703 | # pvmetadatacopies = 1 | ||
704 | |||
705 | # Default number of copies of metadata to maintain for each VG. | ||
706 | # If set to a non-zero value, LVM automatically chooses which of | ||
707 | # the available metadata areas to use to achieve the requested | ||
708 | # number of copies of the VG metadata. If you set a value larger | ||
709 | # than the the total number of metadata areas available then | ||
710 | # metadata is stored in them all. | ||
711 | # The default value of 0 ("unmanaged") disables this automatic | ||
712 | # management and allows you to control which metadata areas | ||
713 | # are used at the individual PV level using 'pvchange | ||
714 | # --metadataignore y/n'. | ||
715 | |||
716 | # vgmetadatacopies = 0 | ||
717 | |||
718 | # Approximate default size of on-disk metadata areas in sectors. | ||
719 | # You should increase this if you have large volume groups or | ||
720 | # you want to retain a large on-disk history of your metadata changes. | ||
721 | |||
722 | # pvmetadatasize = 255 | ||
723 | |||
724 | # List of directories holding live copies of text format metadata. | ||
725 | # These directories must not be on logical volumes! | ||
726 | # It's possible to use LVM2 with a couple of directories here, | ||
727 | # preferably on different (non-LV) filesystems, and with no other | ||
728 | # on-disk metadata (pvmetadatacopies = 0). Or this can be in | ||
729 | # addition to on-disk metadata areas. | ||
730 | # The feature was originally added to simplify testing and is not | ||
731 | # supported under low memory situations - the machine could lock up. | ||
732 | # | ||
733 | # Never edit any files in these directories by hand unless you | ||
734 | # you are absolutely sure you know what you are doing! Use | ||
735 | # the supplied toolset to make changes (e.g. vgcfgrestore). | ||
736 | |||
737 | # dirs = [ "/etc/lvm/metadata", "/mnt/disk2/lvm/metadata2" ] | ||
738 | #} | ||
739 | |||
740 | # Event daemon | ||
741 | # | ||
742 | dmeventd { | ||
743 | # mirror_library is the library used when monitoring a mirror device. | ||
744 | # | ||
745 | # "libdevmapper-event-lvm2mirror.so" attempts to recover from | ||
746 | # failures. It removes failed devices from a volume group and | ||
747 | # reconfigures a mirror as necessary. If no mirror library is | ||
748 | # provided, mirrors are not monitored through dmeventd. | ||
749 | |||
750 | mirror_library = "libdevmapper-event-lvm2mirror.so" | ||
751 | |||
752 | # snapshot_library is the library used when monitoring a snapshot device. | ||
753 | # | ||
754 | # "libdevmapper-event-lvm2snapshot.so" monitors the filling of | ||
755 | # snapshots and emits a warning through syslog when the use of | ||
756 | # the snapshot exceeds 80%. The warning is repeated when 85%, 90% and | ||
757 | # 95% of the snapshot is filled. | ||
758 | |||
759 | snapshot_library = "libdevmapper-event-lvm2snapshot.so" | ||
760 | |||
761 | # thin_library is the library used when monitoring a thin device. | ||
762 | # | ||
763 | # "libdevmapper-event-lvm2thin.so" monitors the filling of | ||
764 | # pool and emits a warning through syslog when the use of | ||
765 | # the pool exceeds 80%. The warning is repeated when 85%, 90% and | ||
766 | # 95% of the pool is filled. | ||
767 | |||
768 | thin_library = "libdevmapper-event-lvm2thin.so" | ||
769 | |||
770 | # Full path of the dmeventd binary. | ||
771 | # | ||
772 | # executable = "/sbin/dmeventd" | ||
773 | } | ||
diff --git a/old-school/menu-select b/old-school/menu-select new file mode 100755 index 0000000..0cc0c67 --- /dev/null +++ b/old-school/menu-select | |||
@@ -0,0 +1,112 @@ | |||
1 | #!/bin/sh | ||
2 | # usage: | ||
3 | # $0 boot-ram - use memory-only overlay | ||
4 | # $0 boot-new [dev name] [loop file] [megabytes] - create new luks-encrypted overlay | ||
5 | # $0 boot-overwrite [dev name] [loop file] [megabytes] - overwrite with new luks overlay | ||
6 | # $0 boot-luks [dev name] [loop file] - boot existing luks-encrypted overlay | ||
7 | # $0 boot-gpg [key id] [gnupg homedir] [???] - boot any device signed with the key | ||
8 | |||
9 | . lvm-create.sh | ||
10 | . common.sh | ||
11 | exec 4>&1 | ||
12 | debug_log | ||
13 | |||
14 | error() | ||
15 | { | ||
16 | local sleep=3 | ||
17 | |||
18 | clear >&4 | ||
19 | echo "error -- ${*:-:(}" >&4 | ||
20 | |||
21 | if [ $sleep -gt 0 ]; then | ||
22 | echo "will try again in $sleep seconds..." >&4 | ||
23 | sleep $sleep | ||
24 | fi | ||
25 | bootmenu do_trigger no_panic | ||
26 | exit | ||
27 | } | ||
28 | |||
29 | badopts= | ||
30 | fs= | ||
31 | while [ $# -ge 1 ]; do | ||
32 | case $1 in | ||
33 | --fs=*) fs="${1#--fs=}"; shift; continue ;; | ||
34 | --*) echo "error: unknown option $1"; badopts=true; shift; continue ;; | ||
35 | esac | ||
36 | break | ||
37 | done | ||
38 | [ -z "$badopts" ] || error 'usage error' | ||
39 | |||
40 | [ $# -ge 2 -o "$1" = 'boot-ram' ] || error 'usage error' | ||
41 | |||
42 | remountrw() | ||
43 | { | ||
44 | local fs="$1" dev="$2" loopfile="$3" | ||
45 | if [ "$fs" = hfsplus ]; then | ||
46 | mountpoint="/mnt/${dev##*/}" | ||
47 | umount "$dev" || error | ||
48 | fsck.hfsplus -q "$dev" || error | ||
49 | mount -o force "$dev" "$mountpoint" || error | ||
50 | else | ||
51 | mount -o remount,rw "$dev" || error | ||
52 | fi | ||
53 | } | ||
54 | |||
55 | hwclock_to_system() | ||
56 | { | ||
57 | local fs="$1" UTC=UTC | ||
58 | case "$fs" in ntfs|vfat) UTC=LOCAL ;; esac | ||
59 | printf '0.0 0 0.0\n0\n%s' $UTC > /etc/adjtime | ||
60 | hwclock --hctosys | ||
61 | } | ||
62 | |||
63 | case "$1" in | ||
64 | boot-ram) | ||
65 | modprobe squashfs || true | ||
66 | find_squashfs_root | mountsquashes || error | ||
67 | mkdir /overlay || error | ||
68 | mount -t tmpfs tmpfs /overlay || error | ||
69 | mkdir /overlay/gpg || error | ||
70 | ln -s /overlay/gpg /gpg | ||
71 | |||
72 | init_gpg || error | ||
73 | bootdone squashfs-root rw-overlay | ||
74 | ;; | ||
75 | boot-overwrite|boot-new|boot-luks) | ||
76 | dev="$2" | ||
77 | loopfile="$3" | ||
78 | megs="$4" | ||
79 | |||
80 | [ "$1" != 'boot-new' -o ! -e "$loopfile" ] || error | ||
81 | |||
82 | remountrw "$fs" "$dev" "$loopfile" || error | ||
83 | |||
84 | hwclock_to_system "$fs" | ||
85 | |||
86 | if [ "$1" = 'boot-overwrite' ]; then | ||
87 | rm "$loopfile" "$loopfile"k | ||
88 | fi | ||
89 | |||
90 | init_gpg || error | ||
91 | |||
92 | if [ "$1" = 'boot-luks' ]; then | ||
93 | open_samizdat "$loopfile" "$loopfile"k || error | ||
94 | exit | ||
95 | fi | ||
96 | |||
97 | start_meter "Allocating ${megs}MB in '$loopfile' on $dev..." | ||
98 | |||
99 | if init_samizdat "$loopfile" "$megs" "$loopfile"k; then | ||
100 | stop_meter done. | ||
101 | else | ||
102 | stop_meter error! | ||
103 | rm "$loopfile" "$loopfile"k | ||
104 | error | ||
105 | fi | ||
106 | ;; | ||
107 | *) | ||
108 | error "Unimplemented boot command: $*" | ||
109 | ;; | ||
110 | esac | ||
111 | |||
112 | # vim:ts=2 sw=2 et | ||
diff --git a/old-school/samizdat-cdrom-copy b/old-school/samizdat-cdrom-copy new file mode 100755 index 0000000..d4920b9 --- /dev/null +++ b/old-school/samizdat-cdrom-copy | |||
@@ -0,0 +1,75 @@ | |||
1 | #!/bin/sh | ||
2 | md_name=$1 | ||
3 | lv_name=$2 | ||
4 | lv_dev=$3 | ||
5 | cdrom_loopdev=$4 | ||
6 | cdrom_dev=$5 | ||
7 | |||
8 | . lvm-create.sh | ||
9 | |||
10 | mdadm_wait_remove() | ||
11 | { | ||
12 | # We should perhaps use mdadm --monitor's RebuildFinished event. | ||
13 | |||
14 | local dev="$1" disk="$2" tries | ||
15 | if ! mdadm --wait "$dev"; then | ||
16 | tries=1000 | ||
17 | while ! mdadm --detail --test "$dev"; do | ||
18 | [ $tries -gt 0 ] || return 1 | ||
19 | sleep 1 | ||
20 | tries=$((tries-1)) | ||
21 | done | ||
22 | fi | ||
23 | |||
24 | mdadm "$dev" --fail "$disk" || return 1 | ||
25 | tries=100 | ||
26 | while ! mdadm "$dev" --remove "$disk"; do | ||
27 | [ $tries -gt 0 ] || return 1 | ||
28 | sleep 1 | ||
29 | tries=$((tries-1)) | ||
30 | done | ||
31 | return 0 | ||
32 | } | ||
33 | |||
34 | |||
35 | Done() | ||
36 | { | ||
37 | mdadm --grow "$md_name" -n 1 --force | ||
38 | lvm lvrename "$lv_name".tmp "${lv_name#*/}" | ||
39 | losetup -d "$cdrom_loopdev" | ||
40 | [ -e /etc/mtab ] || ln -sf /proc/mounts /etc/mtab | ||
41 | eject "$cdrom_dev" | ||
42 | echo "[$$] Done." | ||
43 | } | ||
44 | |||
45 | exec >>/var/log/samizdat-cdrom-copy.log 2>&1 | ||
46 | echo "[$$] Waiting for $cdrom_loopdev ($cdrom_dev) to be removed from $md_name." | ||
47 | |||
48 | if mdadm_wait_remove "$md_name" "$cdrom_loopdev"; then | ||
49 | Done; | ||
50 | else | ||
51 | echo "[$$] Warning: mdadm_wait_remove() returned $?. Doing manual copy with sg_dd (using continue-on-error)." | ||
52 | mdadm -D "$md_name" | ||
53 | mdadm "$md_name" --fail "$lv_dev".tmp | ||
54 | mdadm -D "$md_name" | ||
55 | mdadm "$md_name" --remove "$lv_dev".tmp | ||
56 | mdadm -D "$md_name" | ||
57 | mdadm /dev/md55 --grow -n1 --force | ||
58 | mdadm -D "$md_name" | ||
59 | |||
60 | sizelimit=$(get_cdrom_sizelimit "$cdrom_dev") | ||
61 | |||
62 | if sg_dd bs=2048 ${sizelimit:+count=$((sizelimit/2048))} iflag=coe,coe,coe if="$cdrom_dev" of="$lv_dev".tmp retries=42; then | ||
63 | echo "[$$] sg_dd succeeded." | ||
64 | mdadm "$md_name" --grow -n 2 --assume-clean --add "$lv_dev".tmp | ||
65 | mdadm -D "$md_name" | ||
66 | if mdadm_wait_remove "$md_name" "$cdrom_loopdev"; then | ||
67 | Done; | ||
68 | else | ||
69 | echo "[$$] Error: mdadm_wait_remove() returned $? after sg_dd. Cannot eject CDROM!" | ||
70 | fi | ||
71 | else | ||
72 | echo "[$$] Error: sg_dd returned $?. Cannot eject CDROM!" | ||
73 | fi | ||
74 | fi | ||
75 | |||
diff --git a/old-school/squashfs-size b/old-school/squashfs-size new file mode 100755 index 0000000..74b67d7 --- /dev/null +++ b/old-school/squashfs-size | |||
@@ -0,0 +1,88 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | squashfs_size_ratio() | ||
4 | { | ||
5 | local fn="$1" | ||
6 | #FSIZE="$(stat -c "%s" "$fn")" | ||
7 | word5() { echo $5; } | ||
8 | FSIZE="$(word5 `ls -l "$fn"`)" | ||
9 | echo $(( $FSIZE * 3367 / 1000 )) | ||
10 | } | ||
11 | |||
12 | squashfs_size_magicdb() | ||
13 | { | ||
14 | |||
15 | get() | ||
16 | { | ||
17 | local len=$1 | ||
18 | local off=$2 | ||
19 | local fn="$3" | ||
20 | #local OUT=( $(od -t d$len -N$len -j $off "$fn") ) | ||
21 | #echo "${OUT[1]}" | ||
22 | od -t u$len -N$len -j $off "$fn" | head -n1 | sed 's/.* //' | ||
23 | } | ||
24 | |||
25 | # getReversedEndian() | ||
26 | # { | ||
27 | # local len=$1 | ||
28 | # local off=$2 | ||
29 | # local fn="$3" | ||
30 | # #local B=( $(od -t x$len -N$len -j $off "$fn") ) | ||
31 | # #B="${B[1]}" | ||
32 | # local B="$(od -t x$len -N$len -j $off "$fn" | head -n1 | cut -d' ' -f2)" | ||
33 | # local D= | ||
34 | # local C=$(( $len * 2 )) | ||
35 | # while [ $C -gt 0 ] | ||
36 | # do | ||
37 | # C=$(( $C - 2 )) | ||
38 | # D="$D${B:$C:2}" | ||
39 | # done | ||
40 | # D="0x$D" | ||
41 | # echo $D | ||
42 | # } | ||
43 | getReversedEndian() | ||
44 | { | ||
45 | local len=$1 | ||
46 | local off=$2 | ||
47 | local fn="$3" | ||
48 | local D= | ||
49 | local C=$len | ||
50 | while [ $C -gt 0 ] | ||
51 | do | ||
52 | C=$(( $C - 1 )) | ||
53 | D="$(od -t x1 -N1 -j $(($off+$C)) "$fn" | head -n1 | cut -d' ' -f2)$D" | ||
54 | done | ||
55 | D=$((0x$D)) | ||
56 | echo $D | ||
57 | } | ||
58 | |||
59 | |||
60 | local fn="$1" | ||
61 | |||
62 | local M=$(get 4 0 "$fn") | ||
63 | local N=$(getReversedEndian 4 0 "$fn") | ||
64 | if [ $M -eq 1936814952 ] | ||
65 | then | ||
66 | # Proper endian. | ||
67 | local get=get | ||
68 | elif [ $N -eq 1936814952 ] | ||
69 | then | ||
70 | # Reversed endian. | ||
71 | local get=getReversedEndian | ||
72 | else | ||
73 | error not squashfs | ||
74 | fi | ||
75 | |||
76 | local T=$($get 2 28 "$fn") | ||
77 | if [ $T -lt 3 ] | ||
78 | then | ||
79 | local BC=$($get 4 8 "$fn") | ||
80 | else | ||
81 | local BC=$($get 8 63 "$fn") | ||
82 | fi | ||
83 | |||
84 | echo $BC | ||
85 | } | ||
86 | |||
87 | |||
88 | squashfs_size_ratio "$1" | ||
diff --git a/old-school/umountall.sh b/old-school/umountall.sh new file mode 100755 index 0000000..bf89838 --- /dev/null +++ b/old-school/umountall.sh | |||
@@ -0,0 +1,126 @@ | |||
1 | #!/bin/sh | ||
2 | OPEN_SHELL_BEFORE_SHUTDOWN= | ||
3 | |||
4 | movemount() { | ||
5 | if mountpoint -q "$1"; then | ||
6 | umount /root/"$1" | ||
7 | else | ||
8 | mkdir -p "$1" | ||
9 | mount --move /root/"$1" "$1" | ||
10 | fi | ||
11 | } | ||
12 | |||
13 | retry_n_delay() { | ||
14 | local n="$1" delay="$2" | ||
15 | shift 2 | ||
16 | while [ "$n" -gt 0 ]; do "$@" && break; sleep $delay; n=$((n-1)); done | ||
17 | } | ||
18 | |||
19 | umount_all_novirtual() | ||
20 | { | ||
21 | # EQUIVALENT: umount -a -t norootfs,nosysfs,noproc,notmpfs,nodevpts,nodevtmpfs | ||
22 | # busyboxy umount does not support -t, therefore: | ||
23 | tac /proc/mounts | { | ||
24 | errors=0 | ||
25 | while read dev mp type opts _; do | ||
26 | case $type in | ||
27 | rootfs|sysfs|proc|tmpfs|devpts|devtmpfs) ;; | ||
28 | *) umount "$mp" || errors=$((errors+1)) ;; | ||
29 | esac | ||
30 | done | ||
31 | return $errors | ||
32 | } | ||
33 | } | ||
34 | |||
35 | losetup_delete_all() | ||
36 | { | ||
37 | local f dev | ||
38 | for f in /sys/dev/block/7:*/loop; do | ||
39 | dev=${f#/sys/dev/block/7:} | ||
40 | dev=/dev/loop${dev%%/*} | ||
41 | losetup -d $dev | ||
42 | done | ||
43 | } | ||
44 | |||
45 | mdadm_stop_all() | ||
46 | { | ||
47 | for md in /dev/md* /dev/md/*; do | ||
48 | test -b "$md" && mdadm --stop "$md" | ||
49 | done | ||
50 | } | ||
51 | |||
52 | lvm_deactivate() { lvm lvchange -v -an samizdat 11>&-; } | ||
53 | |||
54 | killemdead() { | ||
55 | force= pids="$(pidof "$@")" | ||
56 | while [ "$pids" ]; do | ||
57 | kill $force $pids | ||
58 | living= | ||
59 | for p in $pids; do | ||
60 | if [ -e /proc/$p ]; then | ||
61 | living=1 | ||
62 | break | ||
63 | fi | ||
64 | done | ||
65 | [ ! "$living" ] && break | ||
66 | force=-9 | ||
67 | done | ||
68 | } | ||
69 | |||
70 | specials= movemounts= umounts= | ||
71 | while read dev mp type opts _; do # N.B. order is reversed in variables | ||
72 | case $mp in | ||
73 | /root/dev|/root/proc) | ||
74 | specials="$mp $specials" ;; | ||
75 | /root/sys|/root/cdrom|/root/mnt/*|/root/gpg|/root/overlay|/root/xino|/root/squashes/*) | ||
76 | movemounts="$mp $movemounts" ;; | ||
77 | /root/*) | ||
78 | umounts="$mp $umounts" ;; | ||
79 | esac | ||
80 | done < /proc/mounts | ||
81 | |||
82 | # Unmount mounts under /root that we didn't put there | ||
83 | while true; do | ||
84 | error=0; success=0 | ||
85 | for m in $umounts; do | ||
86 | if umount $m; then | ||
87 | success=$((success+1)) | ||
88 | else | ||
89 | error=$((error+1)) | ||
90 | fi | ||
91 | done | ||
92 | [ $error = 0 ] && break | ||
93 | [ $success = 0 ] && break | ||
94 | done | ||
95 | |||
96 | # Move back mounts that we moved | ||
97 | for m in $movemounts; do | ||
98 | movemount "${m#/root}" # TODO: error handling | ||
99 | done | ||
100 | |||
101 | killemdead gpg-agent samizdat-pinentry | ||
102 | |||
103 | umount /root/dev | ||
104 | umount /root/proc | ||
105 | ln -sf /proc/mounts /etc/mtab | ||
106 | |||
107 | umount_all_novirtual | ||
108 | mdadm_stop_all | ||
109 | losetup_delete_all | ||
110 | lvm_deactivate | ||
111 | cryptsetup remove samizdatcrypt | ||
112 | losetup_delete_all | ||
113 | umount_all_novirtual | ||
114 | |||
115 | if [ "$OPEN_SHELL_BEFORE_SHUTDOWN" ]; then | ||
116 | read cmd < /halt | ||
117 | echo | ||
118 | echo "Remove cdrom and press ctrl-d to run '$cmd'." | ||
119 | /bin/sh -i | ||
120 | fi | ||
121 | |||
122 | read cmd < /halt && $cmd | ||
123 | sleep 1 | ||
124 | |||
125 | echo "Error! Starting emergency shell with pid 1." | ||
126 | exec /bin/sh -i | ||
diff --git a/old-school/vol_id b/old-school/vol_id new file mode 100755 index 0000000..5cd24a1 --- /dev/null +++ b/old-school/vol_id | |||
@@ -0,0 +1,2 @@ | |||
1 | #!/bin/sh | ||
2 | exec blkid -p -o udev "$@" | ||
diff --git a/vol_id.txt b/vol_id.txt new file mode 100644 index 0000000..6633321 --- /dev/null +++ b/vol_id.txt | |||
@@ -0,0 +1 @@ | |||
SamizdatLive | |||