mirror of
https://github.com/nchevsky/systemrescue-zfs.git
synced 2026-01-02 14:50:14 +01:00
95 lines
3.4 KiB
Bash
Executable file
95 lines
3.4 KiB
Bash
Executable file
#!/bin/bash
|
|
echo "$0 Starting ..."
|
|
errcnt=0
|
|
|
|
# Process options passed on the boot command line
|
|
for curopt in $(< /proc/cmdline)
|
|
do
|
|
case "${curopt}" in
|
|
# Configure keyboard layout if requested in the boot command line
|
|
setkmap=*)
|
|
echo "Found option '${curopt}' on the boot command line"
|
|
localectl set-keymap ${curopt#*=}
|
|
;;
|
|
|
|
# Configure root login shell if requested in the boot command line
|
|
rootshell=*)
|
|
echo "Found option '${curopt}' on the boot command line"
|
|
chsh --shell ${curopt#*=} root
|
|
;;
|
|
|
|
# Set the system root password from a clear password
|
|
rootpass=*)
|
|
echo "Found option '${curopt%%=*}=******' on the boot command line"
|
|
if echo "root:${curopt#*=}" | chpasswd --crypt-method SHA512
|
|
then
|
|
echo "Password successfully changed"
|
|
else
|
|
echo "Failed to change password"
|
|
errcnt=$((errcnt + 1))
|
|
fi
|
|
;;
|
|
|
|
# Set the system root password from an encrypted password
|
|
# A password can be encrypted using a one-line python3 command such as:
|
|
# python3 -c 'import crypt; print(crypt.crypt("MyPassWord123", crypt.mksalt(crypt.METHOD_SHA512)))'
|
|
rootcryptpass=*)
|
|
echo "Found option '${curopt%%=*}=******' on the boot command line"
|
|
if echo "root:${curopt#*=}" | chpasswd --encrypted
|
|
then
|
|
echo "Password successfully changed"
|
|
else
|
|
echo "Failed to change password"
|
|
errcnt=$((errcnt + 1))
|
|
fi
|
|
;;
|
|
|
|
# Option to allow user to disable the firewall
|
|
nofirewall)
|
|
echo "Found option '${curopt}' on the boot command line"
|
|
# The firewall service(s) must be in the Before-section of sysrescue-initialize.service
|
|
systemctl disable --now iptables.service ip6tables.service
|
|
;;
|
|
|
|
# Auto-start the graphical environment (tty1 only)
|
|
# dovnc implies dostartx
|
|
dostartx|dovnc)
|
|
echo "Found option '${curopt}' on the boot command line"
|
|
str='[[ ! $DISPLAY ]] && [[ ! $SSH_TTY ]] && [[ $XDG_VTNR == 1 ]] && startx'
|
|
grep -qF "$str" /root/.bash_profile || echo "$str" >> /root/.bash_profile
|
|
echo "$str" > /root/.zlogin
|
|
# Must not break out of the case block because there is another dovnc pattern to match below
|
|
;;&
|
|
|
|
# Require authenticated console access
|
|
noautologin)
|
|
echo "Found option '${curopt}' on the boot command line"
|
|
systemctl revert getty@.service serial-getty@.service
|
|
;;
|
|
|
|
# Set the VNC password from a clear password
|
|
vncpass=*)
|
|
echo "Found option '${curopt%%=*}=******' on the boot command line"
|
|
mkdir -p /root/.vnc
|
|
if x11vnc -storepasswd ${curopt#*=} /root/.vnc/passwd
|
|
then
|
|
echo "VNC password successfully changed"
|
|
else
|
|
echo "Failed to change VNC password"
|
|
errcnt=$((errcnt + 1))
|
|
fi
|
|
;;
|
|
|
|
# Auto-start x11vnc with the graphical environment
|
|
dovnc)
|
|
# The "Found option..." message was already shown above in the dostartx pattern
|
|
{
|
|
echo '[ -f ~/.vnc/passwd ] && pwopt="-usepw" || pwopt="-nopw"'
|
|
echo 'x11vnc $pwopt -nevershared -forever -logfile /var/log/x11vnc.log &'
|
|
} > /root/.xprofile
|
|
;;
|
|
esac
|
|
done
|
|
|
|
exit ${errcnt}
|