From c1673e8bcae879f3ab03090f6a9d172d7d3c915a Mon Sep 17 00:00:00 2001 From: pi-farm Date: Thu, 23 Nov 2023 00:47:19 +0100 Subject: [PATCH] add unzip in dockerfile --- dockerfile | 2 +- scripts/tails-patch.sh | 167 +++++++++++++++++++++++++++++++++++++++++ start.sh | 42 +++++++---- 3 files changed, 197 insertions(+), 14 deletions(-) create mode 100644 scripts/tails-patch.sh diff --git a/dockerfile b/dockerfile index 851fa61..a575d3e 100755 --- a/dockerfile +++ b/dockerfile @@ -1,7 +1,7 @@ FROM ubuntu:latest RUN apt-get update && apt upgrade -y && apt-get autoremove -y -RUN apt-get install util-linux nano xz-utils wget systemctl sudo git tcpdump -y +RUN apt-get install unzip util-linux nano xz-utils wget systemctl sudo git tcpdump -y ADD https://github.com/just-containers/s6-overlay/releases/download/v3.1.6.0/s6-overlay-noarch.tar.xz /tmp RUN tar -C / -Jxpf /tmp/s6-overlay-noarch.tar.xz diff --git a/scripts/tails-patch.sh b/scripts/tails-patch.sh new file mode 100644 index 0000000..a8fed49 --- /dev/null +++ b/scripts/tails-patch.sh @@ -0,0 +1,167 @@ +#!/usr/bin/bash + +# ... break=init +# ... debug +# +# sudo unsquashfs -d /tmp/test -f /srv/nfs/tails-x64/live/filesystem.squashfs +# $ ls /tmp/test/bin/live-* +# $ ls -r /tmp/test/lib/live/* + +# 2023-09-11 skip network de-init on boot option "break=init" to keep network alive for debugging +# 2021-11-07 /conf/net_drivers.tar.xz, /conf/conf.d/9999-hotfix-pxe, /etc/live/boot/9999-hotfix-pxe + +# requires: +# squashfs-tools (unsquashfs) +# initramfs-tools (cpio) +# xz-utils (xz) + +# location, where to store temporary files +TMP=/tmp/tails-net + +# full filename of the filesystem.squashfs from tails ISO +SRC=/srv/nfs/tails-x64/live/filesystem.squashfs + +# full filename of the hotfix-pxe image +DST=/srv/nfs/tails-x64-hotfix-pxe.cpio.xz + + +if [[ -z "${TMP}" ]] || [[ -z "${SRC}" ]] || [[ -z "${DST}" ]]; then + echo "ERROR: undefined variable" + exit -1 +fi + +if ! [[ -d "$(dirname ${TMP:?})" ]] && ! [[ -r "${SRC:?}" ]] && ! [[ -d "$(dirname ${DST:?})" ]]; then + echo "ERROR: wrong file or folder" + exit -2 +fi + + +# kernel version of tails +KVER=$(basename $(unsquashfs -l "${SRC:?}" -e /lib/modules/ | grep /lib/modules/ | head -n 1)) +(( $? != 0 )) && exit -4 + +# test if kernel version is correct +if [[ -n "${KVER}" ]]; then + echo "INFO: KVER='${KVER:?}'" +else + echo "ERROR: unknown kernel version" + exit -3 +fi + +do_modules() { +# extract missing network kernel drivers modules from tails +sudo unsquashfs \ + -d "${TMP:?}" \ + -f "${SRC:?}" \ + -e "/lib/modules/${KVER:?}/kernel/drivers/net/phy" \ + -e "/lib/modules/${KVER:?}/kernel/drivers/net/ethernet" \ + ; +(( $? != 0 )) && exit -4 + +# compress missing network kernel drivers modules to file +[[ -e "${TMP:?}/conf/" ]] || sudo mkdir -p "${TMP:?}/conf/" +sudo tar -ravf "${TMP:?}/conf/net_drivers.tar.xz" -C "${TMP:?}" "lib" +sudo rm -rf "${TMP:?}/lib" +} + + +do_patch_top() { +# add hotfix for pxe boot to initrd image +[[ -e "${TMP:?}/conf/conf.d/" ]] || sudo mkdir -p "${TMP:?}/conf/conf.d/" +cat << EOF | sudo tee "${TMP:?}/conf/conf.d/9999-hotfix-pxe" &>/dev/null +#!/usr/bin/sh + +# check if we dealing with same kernel version +if [ "\$(uname -r)" != "${KVER:?}" ]; then + . /scripts/functions + log_failure_msg "wrong kernel version. '\$(uname -r)'!='${KVER:?}'" + panic "please visit: https://github.com/beta-tester/RPi-PXE-Server/issues/31" +fi + +# comment out all blacklist entries +sed "s/^install/# install/g" -i /etc/modprobe.d/all-net-blacklist.conf + +# replace wget script by busybox, for normal behavior +mv /usr/bin/wget /usr/bin/wget.bak +ln -sf /usr/bin/busybox /usr/bin/wget + +# replace depmod, for normal behavior +mv /usr/sbin/depmod /usr/sbin/depmod.bak +ln -sf /usr/bin/kmod /usr/sbin/depmod + +# excract the compressed drivers in place +tar -xf "/conf/net_drivers.tar.xz" -C /usr/ + +# rebulid dependencies for added network kernel drivers modules +depmod -b /usr +EOF +(( $? != 0 )) && exit -4 +sudo chmod +x "${TMP:?}/conf/conf.d/9999-hotfix-pxe" +(( $? != 0 )) && exit -4 +} + +do_patch_bottom() { +[[ -e "${TMP:?}/etc/live/boot/" ]] || sudo mkdir -p "${TMP:?}/etc/live/boot/" +cat << EOF | sudo tee "${TMP:?}/etc/live/boot/9999-hotfix-pxe" &>/dev/null +#!/usr/bin/sh + +local_bottom () +{ + if ! [ -n "\$break" ]; then + # hotfix-pxe for issue with network initialisation in tails + local path_device + for path_device in /sys/class/net/*; do + local name_device + name_device=\$(basename \$path_device) + if [ "\$name_device" != "lo" ]; then + # set network devices down + ip link set \$name_device down + + local path_module + path_module=\$(readlink \$path_device/device/driver/module) + if [ -n "\$path_module" ]; then + # remove used network drivers + local name_module + name_module=\$(basename \$path_module) + modprobe -r \$name_module + fi + fi + done + fi +} +EOF +(( $? != 0 )) && exit -4 +sudo chmod +x "${TMP:?}/etc/live/boot/9999-hotfix-pxe" +(( $? != 0 )) && exit -4 +} + + +do_initrd() { +# create an initrd image to overlay at boot time +sudo rm "${DST:?}" +cd "${TMP:?}" +(( $? != 0 )) && exit -4 +find . -type f -print0 | cpio --null --create --verbose --format=newc \ + | xz --compress --extreme --check=crc32 | sudo tee "${DST:?}" &>/dev/null +(( $? != 0 )) && exit -4 +cd - +} + + +do_cleanup() { +# clean up temporary files +sudo rm -rf "${TMP:?}" +(( $? != 0 )) && exit -4 +} + + +do_modules +do_patch_top +do_patch_bottom + +do_initrd + +do_cleanup + + +echo done. diff --git a/start.sh b/start.sh index 181afe6..5e879a5 100644 --- a/start.sh +++ b/start.sh @@ -7,19 +7,35 @@ ende() ################### menue() -{ echo "b) Build and startup the docker-containers" - echo "s) Setup the docker-containers" - echo "" - echo "r) Start the existing docker-containers" - echo "x) Stop the docker-containers" - echo "u) Update the PXE-Server" - echo "" - echo "t) Show TCPDUMP on port 67-69 of the PXE-Container" - echo "" - echo "D) DELETE the existing docker-containers and docker images completely" - echo "" - echo "EXIT Exit this script, but PXE-Server is running, if started" - echo "" +{ + echo "___________________________________________________________________________________________" + echo "| |" + echo "| PPPP XX XX EEEEEEE |" + echo "| PP PP XX XX EE |" + echo "| PP PP XXXX EE |" + echo "| PPPPP XX EEEEE |" + echo "| PP XXXX EE |" + echo "| PP XX XX EE |" + echo "| PP XX XX EEEEEEE |" + echo "|_________________________________________________________________________________________|" + echo "| |" + echo "| b) Build the Docker-Image and startup the Docker-Containers |" + echo "| s) Setup the PXE-Server |" + echo "| |" + echo "| r) Start the existing docker-containers |" + echo "| x) Stop the docker-containers |" + echo "| u) Update the PXE-Server |" + echo "| |" + echo "| t) Show TCPDUMP on port 67-69 of the PXE-Container |" + echo "| |" + echo "| p) Run TAILS-Patch-Script. Tails has to be already downloaded an mounted! |" + echo "| (see https://github.com/beta-tester/RPi-PXE-Server/issues/31) |" + echo "| |" + echo "| D) DELETE the existing docker-containers and docker images completely |" + echo "| |" + echo "| EXIT Exit this script, but PXE-Server is running, if started. |" + echo "| |" + echo "|_________________________________________________________________________________________|" echo "" read -p "Your choice: " menue_wahl