Merge branch 'python-init' into 'master'

Convert sysrescue-initialize to python (#170)

See merge request systemrescue/systemrescue-sources!136

airootfs/etc/systemd/scripts/sysrescue-initialize

@@ -1,94 +0,0 @@
-#!/bin/bash
-echo "$0 Starting ..."
-errcnt=0
-
-# Process options passed on the boot command line
-for curopt in $(< /proc/cmdline)
-do
-    case "${curopt}" in
-      # Configure keyboard layout if requested in the boot command line
-      setkmap=*)
-          echo "Found option '${curopt}' on the boot command line"
-          localectl set-keymap ${curopt#*=}
-          ;;
-
-      # Configure root login shell if requested in the boot command line
-      rootshell=*)
-          echo "Found option '${curopt}' on the boot command line"
-          chsh --shell ${curopt#*=} root
-          ;;
-
-      # Set the system root password from a clear password
-      rootpass=*)
-          echo "Found option '${curopt%%=*}=******' on the boot command line"
-          if echo "root:${curopt#*=}" | chpasswd --crypt-method SHA512
-          then
-              echo "Password successfully changed"
-          else
-              echo "Failed to change password"
-              errcnt=$((errcnt + 1))
-          fi
-          ;;
-
-      # Set the system root password from an encrypted password
-      # A password can be encrypted using a one-line python3 command such as:
-      # python3 -c 'import crypt; print(crypt.crypt("MyPassWord123", crypt.mksalt(crypt.METHOD_SHA512)))'
-      rootcryptpass=*)
-          echo "Found option '${curopt%%=*}=******' on the boot command line"
-          if echo "root:${curopt#*=}" | chpasswd --encrypted
-          then
-              echo "Password successfully changed"
-          else
-              echo "Failed to change password"
-              errcnt=$((errcnt + 1))
-          fi
-          ;;
-
-      # Option to allow user to disable the firewall
-      nofirewall)
-          echo "Found option '${curopt}' on the boot command line"
-          # The firewall service(s) must be in the Before-section of sysrescue-initialize.service
-          systemctl disable --now iptables.service ip6tables.service
-          ;;
-
-      # Auto-start the graphical environment (tty1 only)
-      # dovnc implies dostartx
-      dostartx|dovnc)
-          echo "Found option '${curopt}' on the boot command line"
-          str='[[ ! $DISPLAY ]] && [[ ! $SSH_TTY ]] && [[ $XDG_VTNR == 1 ]] && startx'
-          grep -qF "$str" /root/.bash_profile || echo "$str" >> /root/.bash_profile
-          echo "$str" > /root/.zlogin
-          # Must not break out of the case block because there is another dovnc pattern to match below
-          ;;&
-
-      # Require authenticated console access
-      noautologin)
-          echo "Found option '${curopt}' on the boot command line"
-          systemctl revert getty@.service serial-getty@.service
-          ;;
-
-      # Set the VNC password from a clear password
-      vncpass=*)
-          echo "Found option '${curopt%%=*}=******' on the boot command line"
-          mkdir -p /root/.vnc
-          if x11vnc -storepasswd ${curopt#*=} /root/.vnc/passwd
-          then
-              echo "VNC password successfully changed"
-          else
-              echo "Failed to change VNC password"
-              errcnt=$((errcnt + 1))
-          fi
-          ;;
-
-      # Auto-start x11vnc with the graphical environment
-      dovnc)
-          # The "Found option..." message was already shown above in the dostartx pattern
-          {
-              echo '[ -f ~/.vnc/passwd ] && pwopt="-usepw" || pwopt="-nopw"'
-              echo 'x11vnc $pwopt -nevershared -forever -logfile /var/log/x11vnc.log &'
-          } > /root/.xprofile
-          ;;
-    esac
-done
-
-exit ${errcnt}

airootfs/etc/systemd/scripts/sysrescue-initialize.py

@@ -0,0 +1,123 @@
+#! /usr/bin/env python3
+import subprocess
+import os
+import sys
+import re
+
+print(f"Script {sys.argv[0]} starting ...")
+errcnt = 0
+
+bootcmdline = open("/proc/cmdline","r").readline()
+bootopts = bootcmdline.split()
+
+for curopt in bootopts:
+
+    # Configure keyboard layout if requested in the boot command line
+    match = re.search(r"^setkmap=(\S+)$", curopt)
+    if match != None:
+        curval = match.group(1)
+        print(f"=> Found option '{curopt}' on the boot command line")
+        p = subprocess.run(["localectl", "set-keymap", curval], text=True)
+        if p.returncode == 0:
+            print (f"Have changed the keymap successfully")
+        else:
+            print (f"Failed to change keymap")
+            errcnt+=1
+
+    # Configure root login shell if requested in the boot command line
+    match = re.search(r"^rootshell=(\S+)$", curopt)
+    if match != None:
+        curval = match.group(1)
+        print(f"=> Found option '{curopt}' on the boot command line")
+        p = subprocess.run(["chsh", "--shell", curval, "root"], text=True)
+        if p.returncode == 0:
+            print (f"Have changed the root shell successfully")
+        else:
+            print (f"Failed to change the root shell")
+            errcnt+=1
+
+    # Set the system root password from a clear password
+    match = re.search(r"^rootpass=(\S+)$", curopt)
+    if match != None:
+        curval = match.group(1)
+        print(f"=> Found option 'rootpass=******' on the boot command line")
+        p = subprocess.run(["chpasswd", "--crypt-method", "SHA512"], text=True, input=f"root:{curval}")
+        if p.returncode == 0:
+            print (f"Have changed the root password successfully")
+        else:
+            print (f"Failed to change the root password")
+            errcnt+=1
+
+    # Set the system root password from an encrypted password
+    # A password can be encrypted using a one-line python3 command such as:
+    # python3 -c 'import crypt; print(crypt.crypt("MyPassWord123", crypt.mksalt(crypt.METHOD_SHA512)))'
+    match = re.search(r"^rootcryptpass=(\S+)$", curopt)
+    if match != None:
+        curval = match.group(1)
+        print(f"=> Found option 'rootcryptpass=******' on the boot command line")
+        p = subprocess.run(["chpasswd", "--encrypted"], text=True, input=f"root:{curval}")
+        if p.returncode == 0:
+            print (f"Have changed the root password successfully")
+        else:
+            print (f"Failed to change the root password")
+            errcnt+=1
+
+    # Disable the firewall
+    match = re.search(r"^nofirewall$", curopt)
+    if match != None:
+        print(f"=> Found option 'nofirewall' on the boot command line")
+        # The firewall service(s) must be in the Before-section of sysrescue-initialize.service
+        p = subprocess.run(["systemctl", "disable", "--now", "iptables.service", "ip6tables.service"], text=True)
+        if p.returncode == 0:
+            print (f"Have disabled the firewall successfully")
+        else:
+            print (f"Failed to disable the firewall")
+            errcnt+=1
+
+    # Auto-start the graphical environment (tty1 only), dovnc implies dostartx
+    match = re.search(r"^dostartx|dovnc$", curopt)
+    if match != None:
+        print(f"=> Found option '{match.group(0)}' on the boot command line")
+        str = '[[ ! $DISPLAY ]] && [[ ! $SSH_TTY ]] && [[ $XDG_VTNR == 1 ]] && startx'
+        if (os.path.exists("/root/.bash_profile") == False) or (open("/root/.bash_profile", 'r').read().find(str) == -1):
+            file1 = open("/root/.bash_profile", "a")
+            file1.write(f"{str}\n")
+            file1.close()
+        file2 = open("/root/.zlogin", "w")
+        file2.write(f"{str}\n")
+        file2.close()
+
+    # Require authenticated console access
+    match = re.search(r"^noautologin$", curopt)
+    if match != None:
+        print(f"=> Found option '{match.group(0)}' on the boot command line")
+        p = subprocess.run(["systemctl", "revert", "getty@.service", "serial-getty@.service"], text=True)
+        if p.returncode == 0:
+            print (f"Have enabled authenticated console access successfully")
+        else:
+            print (f"Failed to enable authenticated console access")
+            errcnt+=1
+
+    # Set the VNC password from a clear password
+    match = re.search(r"^vncpass=(\S+)$", curopt)
+    if match != None:
+        curval = match.group(1)
+        print(f"=> Found option 'vncpass=******' on the boot command line")
+        os.makedirs("/root/.vnc", exist_ok = True)
+        p = subprocess.run(["x11vnc", "-storepasswd", curval, "/root/.vnc/passwd"], text=True)
+        if p.returncode == 0:
+            print (f"Have changed the vnc password successfully")
+        else:
+            print (f"Failed to change the vnc password")
+            errcnt+=1
+
+    # Auto-start x11vnc with the graphical environment
+    match = re.search(r"^dovnc$", curopt)
+    if match != None:
+        # No need to print "Found option 'dovnc' on the boot command line" a second time
+        file = open("/root/.xprofile", "w")
+        file.write("""[ -f ~/.vnc/passwd ] && pwopt="-usepw" || pwopt="-nopw"\n""")
+        file.write("""x11vnc $pwopt -nevershared -forever -logfile /var/log/x11vnc.log &\n""")
+        file.close()
+
+sys.exit(errcnt)

airootfs/etc/systemd/system/sysrescue-initialize.service

@@ -5,7 +5,7 @@ Wants=getty-pre.target
 
 [Service]
 Type=oneshot
-ExecStart=/etc/systemd/scripts/sysrescue-initialize
+ExecStart=/etc/systemd/scripts/sysrescue-initialize.py
 RemainAfterExit=true
 
 [Install]