xref: /dflybsd-src/nrelease/root/etc/rc.d/pfi (revision e75b5286b772f56bb12e7edc825369962a65ac43) 
18f51ac0bSSascha Wildner#!/bin/sh
28f51ac0bSSascha Wildner
38f51ac0bSSascha Wildner# $Id: pfi,v 1.12 2005/03/07 06:18:21 cpressey Exp $
48f51ac0bSSascha Wildner#
58f51ac0bSSascha Wildner
68f51ac0bSSascha Wildner# PROVIDE: pfi
7*e75b5286SSascha Wildner# REQUIRE: mountcritremote
88f51ac0bSSascha Wildner
98f51ac0bSSascha Wildner. /etc/rc.subr
108f51ac0bSSascha Wildner
118f51ac0bSSascha Wildnername=pfi
128f51ac0bSSascha Wildnerstart_cmd="pfi_start"
138f51ac0bSSascha Wildnerstop_cmd=":"
148f51ac0bSSascha Wildner
158f51ac0bSSascha Wildnerget_pfi_config()
168f51ac0bSSascha Wildner{
178f51ac0bSSascha Wildner	[ -r /etc/pfi.conf ] && return 0
188f51ac0bSSascha Wildner
198f51ac0bSSascha Wildner	if [ -r $1/pfi.conf ]; then
208f51ac0bSSascha Wildner		echo " found!"
218f51ac0bSSascha Wildner		tr -d "\r" < $1/pfi.conf > /etc/pfi.conf
228f51ac0bSSascha Wildner		echo "pfi_found_on_device='$2'" >> /etc/pfi.conf
238f51ac0bSSascha Wildner
248f51ac0bSSascha Wildner		# If the pfi.conf says to run a custom script from the pfi
258f51ac0bSSascha Wildner		# media, run it now, so that it has access to the pfi media.
268f51ac0bSSascha Wildner
278f51ac0bSSascha Wildner		if [ -r /etc/defaults/pfi.conf ]; then
288f51ac0bSSascha Wildner			. /etc/defaults/pfi.conf
298f51ac0bSSascha Wildner		fi
308f51ac0bSSascha Wildner		. /etc/pfi.conf
318f51ac0bSSascha Wildner		if [ "$pfi_script" != "" -a -x "$1/$pfi_script" ]; then
328f51ac0bSSascha Wildner			$1/$pfi_script
338f51ac0bSSascha Wildner		fi
348f51ac0bSSascha Wildner		return 0
358f51ac0bSSascha Wildner	else
368f51ac0bSSascha Wildner		return 1
378f51ac0bSSascha Wildner	fi
388f51ac0bSSascha Wildner}
398f51ac0bSSascha Wildner
408f51ac0bSSascha Wildnerget_authorized_hosts()
418f51ac0bSSascha Wildner{
428f51ac0bSSascha Wildner	[ -r /root/.ssh/authorized_hosts ] && return 0
438f51ac0bSSascha Wildner	if [ -r $1/authorized_hosts ]; then
448f51ac0bSSascha Wildner		echo "authorized_hosts found!"
458f51ac0bSSascha Wildner		mkdir -p /root/.ssh/
468f51ac0bSSascha Wildner		tr -d "\r" < $1/authorized_hosts > /root/.ssh/authorized_hosts
478f51ac0bSSascha Wildner	fi
488f51ac0bSSascha Wildner}
498f51ac0bSSascha Wildner
50a056bc17SAlex Hornungget_authorized_keys()
51a056bc17SAlex Hornung{
52a056bc17SAlex Hornung	[ -r /root/.ssh/authorized_keys ] && return 0
53a056bc17SAlex Hornung	if [ -r $1/authorized_keys ]; then
54a056bc17SAlex Hornung		echo "authorized_keys found!"
55a056bc17SAlex Hornung		mkdir -p /root/.ssh/
56a056bc17SAlex Hornung		tr -d "\r" < $1/authorized_keys > /root/.ssh/authorized_keys
57a056bc17SAlex Hornung	fi
58a056bc17SAlex Hornung}
59a056bc17SAlex Hornung
608f51ac0bSSascha Wildnerlook_for_pfi_config_msdos()
618f51ac0bSSascha Wildner{
628f51ac0bSSascha Wildner	[ -r /etc/pfi.conf ] && return 0
638f51ac0bSSascha Wildner
648f51ac0bSSascha Wildner	for try_device in da0s1 da1s1 da8s1 fd0 fd1; do
658f51ac0bSSascha Wildner		if [ -c /dev/${try_device} ]; then
668f51ac0bSSascha Wildner			echo -n "Looking for pfi.conf on /dev/${try_device}..."
678f51ac0bSSascha Wildner			if mount_msdos -o rdonly /dev/$try_device /mnt ; then
688f51ac0bSSascha Wildner				echo -n " /dev/$try_device ok..."
698f51ac0bSSascha Wildner				if get_pfi_config /mnt /dev/$try_device; then
708f51ac0bSSascha Wildner					get_authorized_hosts /mnt
71a056bc17SAlex Hornung					get_authorized_keys /mnt
728f51ac0bSSascha Wildner					umount /mnt
738f51ac0bSSascha Wildner					return 0
748f51ac0bSSascha Wildner				fi
758f51ac0bSSascha Wildner				umount /mnt
768f51ac0bSSascha Wildner			fi
778f51ac0bSSascha Wildner			echo " not found"
788f51ac0bSSascha Wildner		fi
798f51ac0bSSascha Wildner	done
808f51ac0bSSascha Wildner	return 1
818f51ac0bSSascha Wildner}
828f51ac0bSSascha Wildner
838f51ac0bSSascha Wildnerlook_for_pfi_config_cd9660()
848f51ac0bSSascha Wildner{
858f51ac0bSSascha Wildner	[ -r /etc/pfi.conf ] && return 0
868f51ac0bSSascha Wildner
878f51ac0bSSascha Wildner	for try_device in acd0 cd0 acd1 cd1; do
888f51ac0bSSascha Wildner		if [ -c /dev/${try_device} ]; then
898f51ac0bSSascha Wildner			echo -n "Looking for pfi.conf on /dev/${try_device}..."
908f51ac0bSSascha Wildner			if mount_cd9660 /dev/$try_device /mnt ; then
918f51ac0bSSascha Wildner				echo -n " /dev/$try_device ok..."
928f51ac0bSSascha Wildner				if get_pfi_config /mnt /dev/$try_device; then
938f51ac0bSSascha Wildner					get_authorized_hosts /mnt
94a056bc17SAlex Hornung					get_authorized_keys /mnt
958f51ac0bSSascha Wildner					umount /mnt
968f51ac0bSSascha Wildner					return 0
978f51ac0bSSascha Wildner				fi
988f51ac0bSSascha Wildner				umount /mnt
998f51ac0bSSascha Wildner			fi
1008f51ac0bSSascha Wildner			echo " not found"
1018f51ac0bSSascha Wildner		fi
1028f51ac0bSSascha Wildner	done
1038f51ac0bSSascha Wildner	return 1
1048f51ac0bSSascha Wildner}
1058f51ac0bSSascha Wildner
1068f51ac0bSSascha Wildnerpfi_start()
1078f51ac0bSSascha Wildner{
1088f51ac0bSSascha Wildner	echo "Starting pfi..."
1098f51ac0bSSascha Wildner
1108f51ac0bSSascha Wildner	# Get the pfi.conf file off the pfi media and into /etc/pfi.conf.
1118f51ac0bSSascha Wildner
1128f51ac0bSSascha Wildner	look_for_pfi_config_cd9660
1138f51ac0bSSascha Wildner	look_for_pfi_config_msdos
1148f51ac0bSSascha Wildner
1158f51ac0bSSascha Wildner	# If the search was not successful, stub out a dummy pfi.conf.
1168f51ac0bSSascha Wildner
1178f51ac0bSSascha Wildner	if [ ! -r /etc/pfi.conf ]; then
1188f51ac0bSSascha Wildner		echo '' >/etc/pfi.conf
1198f51ac0bSSascha Wildner	fi
1208f51ac0bSSascha Wildner
1218f51ac0bSSascha Wildner	# Append the contents of pfi.conf onto rc.conf, so that settings
1228f51ac0bSSascha Wildner	# (such as ifconfig_dc0="DHCP") will be picked up by pfi_rc_actions.
1238f51ac0bSSascha Wildner
1248f51ac0bSSascha Wildner	cp /etc/rc.conf /etc/rc.conf.orig
1258f51ac0bSSascha Wildner	cat /etc/pfi.conf >>/etc/rc.conf
1268f51ac0bSSascha Wildner
1278f51ac0bSSascha Wildner	# Read in the pfi.conf we either found or created for ourselves.
1288f51ac0bSSascha Wildner
1298f51ac0bSSascha Wildner	if [ -r /etc/defaults/pfi.conf ]; then
1308f51ac0bSSascha Wildner		. /etc/defaults/pfi.conf
1318f51ac0bSSascha Wildner	fi
1328f51ac0bSSascha Wildner	. /etc/pfi.conf
1338f51ac0bSSascha Wildner
1348f51ac0bSSascha Wildner	# We can perform any pre-install tasks here by
1358f51ac0bSSascha Wildner	# examining the contents of pfi_* variables.
1368f51ac0bSSascha Wildner
1378f51ac0bSSascha Wildner	# Interpret pfi_sshd_* options.  These basically add settings
1388f51ac0bSSascha Wildner	# to /etc/ssh/sshd_config; it is assumed "sshd" will appear
1398f51ac0bSSascha Wildner	# in pfi_rc_actions to restart sshd.
1408f51ac0bSSascha Wildner
1418f51ac0bSSascha Wildner	case ${pfi_sshd_permit_root_login} in
1428f51ac0bSSascha Wildner	YES)
1438f51ac0bSSascha Wildner		echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
1448f51ac0bSSascha Wildner		;;
1458f51ac0bSSascha Wildner	without-password)
1468f51ac0bSSascha Wildner		echo "PermitRootLogin without-password" >> /etc/ssh/sshd_config
1478f51ac0bSSascha Wildner		;;
1488f51ac0bSSascha Wildner	forced-commands-only)
1498f51ac0bSSascha Wildner		echo "PermitRootLogin forced-commands-only" >> /etc/ssh/sshd_config
1508f51ac0bSSascha Wildner		;;
1518f51ac0bSSascha Wildner	*)
1528f51ac0bSSascha Wildner		;;
1538f51ac0bSSascha Wildner	esac
1548f51ac0bSSascha Wildner
1558f51ac0bSSascha Wildner	case ${pfi_sshd_permit_empty_passwords} in
1568f51ac0bSSascha Wildner	YES)
1578f51ac0bSSascha Wildner		echo "PermitEmptyPasswords yes" >> /etc/ssh/sshd_config
1588f51ac0bSSascha Wildner		;;
1598f51ac0bSSascha Wildner	*)
1608f51ac0bSSascha Wildner		;;
1618f51ac0bSSascha Wildner	esac
1628f51ac0bSSascha Wildner
1638f51ac0bSSascha Wildner	# Interpret pfi_set_root_password.  If it is not empty, use
1648f51ac0bSSascha Wildner	# it to set root's LiveCD password.
1658f51ac0bSSascha Wildner
1668f51ac0bSSascha Wildner	if [ "X$pfi_set_root_password" != "X" ]; then
1678f51ac0bSSascha Wildner		echo "$pfi_set_root_password" | \
1688f51ac0bSSascha Wildner		    /usr/sbin/pw usermod root -h 0
1698f51ac0bSSascha Wildner	fi
1708f51ac0bSSascha Wildner
1718f51ac0bSSascha Wildner	# The most important pre-install task is to restart
1728f51ac0bSSascha Wildner	# any RCNG scripts listed in pfi_rc_actions with any new
1738f51ac0bSSascha Wildner	# settings that might have been set up by pfi.conf.
1748f51ac0bSSascha Wildner
1758f51ac0bSSascha Wildner	if [ "X$pfi_rc_actions" != "X" ]; then
1768f51ac0bSSascha Wildner		rev_actions=`reverse_list $pfi_rc_actions`
1778f51ac0bSSascha Wildner
1788f51ac0bSSascha Wildner		for _rc_elem in ${rev_actions}; do
1798f51ac0bSSascha Wildner			echo "Stopping ${_rc_elem}..."
1808f51ac0bSSascha Wildner			rcstop ${_rc_elem}
1818f51ac0bSSascha Wildner		done
1828f51ac0bSSascha Wildner		for _rc_elem in ${pfi_rc_actions}; do
1838f51ac0bSSascha Wildner			echo "Starting ${_rc_elem}..."
1848f51ac0bSSascha Wildner			rcstart ${_rc_elem}
1858f51ac0bSSascha Wildner		done
1868f51ac0bSSascha Wildner	fi
1878f51ac0bSSascha Wildner
1888f51ac0bSSascha Wildner	# Restore the original rc.conf.
1898f51ac0bSSascha Wildner
1908f51ac0bSSascha Wildner	mv /etc/rc.conf.orig /etc/rc.conf
1918f51ac0bSSascha Wildner
1928f51ac0bSSascha Wildner	# Set up auto-login if requested.
1938f51ac0bSSascha Wildner
1948f51ac0bSSascha Wildner	if [ "X$pfi_autologin" != "XNONE" ]; then
1958f51ac0bSSascha Wildner		echo 'AL.pfi:\' >> /etc/gettytab
1968f51ac0bSSascha Wildner		echo "        :al=${pfi_autologin}:tc=Pc:" >> /etc/gettytab
1978f51ac0bSSascha Wildner		sed -i '' 's|^ttyv0.*|ttyv0 "/usr/libexec/getty AL.pfi" cons25 on secure|' /etc/ttys
1988f51ac0bSSascha Wildner	fi
1998f51ac0bSSascha Wildner
2008f51ac0bSSascha Wildner	# Finally, start thttpd if the user wants to use
2018f51ac0bSSascha Wildner	# the cgi frontend.
2028f51ac0bSSascha Wildner
2038f51ac0bSSascha Wildner	if [ "X$pfi_frontend" = "Xcgi" ]; then
2048f51ac0bSSascha Wildner		echo "Starting thttpd..."
2058f51ac0bSSascha Wildner		/usr/local/sbin/thttpd_wrapper &
2068f51ac0bSSascha Wildner	fi
2078f51ac0bSSascha Wildner}
2088f51ac0bSSascha Wildner
2098f51ac0bSSascha Wildnerload_rc_config $name
2108f51ac0bSSascha Wildnerrun_rc_command "$1"
211