Initial commit

Signed-off-by: David Oberhollenzer <david.oberhollenzer@tele2.at>
This commit is contained in:
David Oberhollenzer 2018-11-05 15:28:18 +01:00
commit 021fa43244
60 changed files with 951 additions and 0 deletions

34
.gitignore vendored Normal file
View File

@ -0,0 +1,34 @@
Makefile
Makefile.in
aclocal.m4
autom4te.cache
config.log
config.status
configure
install-sh
missing
reboot
scripts/devfs.sh
scripts/ifcfg.sh
scripts/ifrename.sh
scripts/modules_load.sh
services/devfs
services/hostapd
services/ifcfg
services/ifdown
services/ifrename
services/modules
services/nft
services/procfs
services/sigkill
services/sigterm
services/sshd
services/sshd_keygen
services/swclock
services/swclocksave
services/swclocksave.gcron
services/sysfs
services/mountusr
services/ntpsetdate.gcron
services/tmpfsvar
.#*

13
LICENSE Normal file
View File

@ -0,0 +1,13 @@
Copyright (c) 2018 David Oberhollenzer <david.oberhollenzer@tele2.at>
Permission to use, copy, modify, and distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

42
Makefile.am Normal file
View File

@ -0,0 +1,42 @@
ACLOCAL_AMFLAGS = -I m4
sysconf_DATA = etc/initd.env
nobase_sysconf_DATA = netcfg/ifrename
EXTRA_DIST = docs netcfg etc LICENSE README.md
helperdir = @SCRIPTDIR@
helper_PROGRAMS =
helper_SCRIPTS =
include scripts/Makemodule.am
include services/Makemodule.am
install-data-local:
$(MKDIR_P) $(DESTDIR)$(SVCDIR)
$(LN_S) $(TEMPLATEDIR)/loopback $(DESTDIR)$(SVCDIR)/loopback
$(LN_S) $(TEMPLATEDIR)/hostname $(DESTDIR)$(SVCDIR)/hostname
$(LN_S) $(TEMPLATEDIR)/sysctl $(DESTDIR)$(SVCDIR)/sysctl
$(LN_S) $(TEMPLATEDIR)/sysinit $(DESTDIR)$(SVCDIR)/sysinit
$(LN_S) $(TEMPLATEDIR)/procfs $(DESTDIR)$(SVCDIR)/procfs
$(LN_S) $(TEMPLATEDIR)/sysfs $(DESTDIR)$(SVCDIR)/sysfs
$(LN_S) $(TEMPLATEDIR)/devfs $(DESTDIR)$(SVCDIR)/devfs
$(LN_S) $(TEMPLATEDIR)/tmpfs $(DESTDIR)$(SVCDIR)/tmpfs
$(LN_S) $(TEMPLATEDIR)/vfs $(DESTDIR)$(SVCDIR)/vfs
$(LN_S) $(TEMPLATEDIR)/ifdown $(DESTDIR)$(SVCDIR)/ifdown@shutdown
$(LN_S) $(TEMPLATEDIR)/sync $(DESTDIR)$(SVCDIR)/sync@shutdown
$(LN_S) $(TEMPLATEDIR)/sigkill $(DESTDIR)$(SVCDIR)/sigkill@shutdown
$(LN_S) $(TEMPLATEDIR)/sigterm $(DESTDIR)$(SVCDIR)/sigterm@shutdown
$(LN_S) $(TEMPLATEDIR)/sync $(DESTDIR)$(SVCDIR)/sync@reboot
$(LN_S) $(TEMPLATEDIR)/sigkill $(DESTDIR)$(SVCDIR)/sigkill@reboot
$(LN_S) $(TEMPLATEDIR)/sigterm $(DESTDIR)$(SVCDIR)/sigterm@reboot
$(LN_S) $(TEMPLATEDIR)/ifdown $(DESTDIR)$(SVCDIR)/ifdown@reboot
$(LN_S) $(TEMPLATEDIR)/ifcfg $(DESTDIR)$(SVCDIR)/ifcfg
$(LN_S) $(TEMPLATEDIR)/modules $(DESTDIR)$(SVCDIR)/modules
$(LN_S) $(TEMPLATEDIR)/network $(DESTDIR)$(SVCDIR)/network
$(LN_S) $(TEMPLATEDIR)/usyslogd $(DESTDIR)$(SVCDIR)/usyslogd
$(LN_S) $(TEMPLATEDIR)/klogd $(DESTDIR)$(SVCDIR)/klogd
$(LN_S) $(TEMPLATEDIR)/mountusr $(DESTDIR)$(SVCDIR)/mountusr
$(LN_S) $(TEMPLATEDIR)/tmpfsrun $(DESTDIR)$(SVCDIR)/tmpfsrun
$(LN_S) $(TEMPLATEDIR)/tmpfsvar $(DESTDIR)$(SVCDIR)/tmpfsvar
$(MKDIR_P) $(DESTDIR)$(GCRONDIR)
$(LN_S) $(TEMPLATEDIR)/gcrond $(DESTDIR)$(SVCDIR)/gcrond

9
README.md Normal file
View File

@ -0,0 +1,9 @@
# About
This directory contains the basic system configuration for the Pygos system.
See [docs/defconfig.md](docs/defconfig.md) for an overview of the default init
service configuration and further, available services.
See [docs/network.md](docs/network.md) for a description on how to do static
network configuration with the provided script and service.

3
autogen.sh Executable file
View File

@ -0,0 +1,3 @@
#!/bin/sh
autoreconf --force --install --symlink

44
configure.ac Normal file
View File

@ -0,0 +1,44 @@
AC_PREREQ([2.60])
AC_INIT([init-scripts], [1], [david.oberhollenzer@tele2.at], init-scripts)
AC_CONFIG_MACRO_DIR([m4])
AM_INIT_AUTOMAKE([foreign subdir-objects dist-xz])
AM_SILENT_RULES([yes])
AC_PROG_INSTALL
AC_PROG_MKDIR_P
AC_PROG_LN_S
AC_DEFINE_DIR(SVCDIR, sysconfdir/init.d, [Startup service directory])
AC_DEFINE_DIR(GCRONDIR, sysconfdir/gcron.d, [Cron service directory])
AC_DEFINE_DIR(TEMPLATEDIR, datadir/init, [Service template directory])
AC_DEFINE_DIR(SCRIPTDIR, libexecdir/init, [Helper script directory])
AC_DEFINE_DIR(SBINPATH, sbindir, [Fully evaluated sbin directory])
AC_DEFINE_DIR(ETCPATH, sysconfdir, [Fulle evaluated etc directory])
AC_DEFINE_DIR(STATEFILESPATH, prefix/var/lib, [Path for persistent state files])
AC_CONFIG_FILES([services/sigkill])
AC_CONFIG_FILES([services/sigterm])
AC_CONFIG_FILES([services/sysfs])
AC_CONFIG_FILES([services/devfs])
AC_CONFIG_FILES([services/procfs])
AC_CONFIG_FILES([services/ifrename])
AC_CONFIG_FILES([services/ifcfg])
AC_CONFIG_FILES([services/ifdown])
AC_CONFIG_FILES([services/modules])
AC_CONFIG_FILES([services/hostapd])
AC_CONFIG_FILES([services/swclock])
AC_CONFIG_FILES([services/swclocksave])
AC_CONFIG_FILES([services/swclocksave.gcron])
AC_CONFIG_FILES([services/nft])
AC_CONFIG_FILES([services/sshd])
AC_CONFIG_FILES([services/sshd_keygen])
AC_CONFIG_FILES([services/mountusr])
AC_CONFIG_FILES([services/ntpsetdate.gcron])
AC_CONFIG_FILES([services/tmpfsvar])
AC_CONFIG_FILES([scripts/devfs.sh])
AC_CONFIG_FILES([scripts/ifrename.sh])
AC_CONFIG_FILES([scripts/ifcfg.sh])
AC_CONFIG_FILES([scripts/modules_load.sh])
AC_OUTPUT([Makefile])

124
docs/defconfig.md Normal file
View File

@ -0,0 +1,124 @@
# Default Service Configuration
## Pseudo Services
The default configuration contains a number of "pseudo services" in the boot
target that don't actually do anything but are merely used as anchors in
service dependencies, i.e. they indicate that some sort of milestone in the
boot sequence has been reached. Everything that is part of that milestone
specifies that it should be run *before* that pseudo service and everything
that requires that this milestone has been reached, specifies that it wants
to run afterwards.
The pseudo targets are (in the order that they are executed):
* vfs
All services that do mount point setup go before this, all service that
depend on the fully mounted rootfs go after this.
* sysinit
The system has reached a sane state, i.e. the hostname is set, the system
clock has a sane value, modules and kernel parameters are loaded, some
very basic, fundamental services are running.
Everything that is part of that setup process goes between `vfs` and
`sysinit`, everything that requires a sane setup goes *after* `sysinit`.
* network
Network configuration is done. All services that do network configuration
should position themselves between `sysinit` and `network`. Everything that
requires a fully configured networking setup should go *after* `network`.
## Default Bootup Services
This section outlines the services for the boot target that are enabled by
default.
The following services are enabled by default and run *before* the `vfs` target
for filesystem setup:
* procfs - mount `procfs` to `/proc` and try to mount additional pseudo
filesystems in `/proc` such as `binfmt_misc`
* tmpfs - mount a `tmpfs` to `/tmp`
* sysfs - mount `sysfs` to `/sys` and try to mount additional pseudo
filesystems in `/sys` (e.g. `securityfs`, `configfs`, ...)
* devfs - mount `devtmpfs` to `/dev`, try to mount additional pseudo
filesystems in `/dev` (e.g. `devpts`, `mqueue`, ...) and try to create
some additional device nodes and symlinks.
* tmpfsvar - mount a `tmpfs` to `/var` and populate it with a default set
of files and directories. Overlay mount `/var/lib` with lower dir on
`/cfg/preserve/var_lib/` and upper on `/cfg/overlay/var_lib/`.
* tmpfsrun - mount a `tmpfs` to `/run`, symlink `/var/run` to `/run` and
`/var/lock` to `/run/lock`.
* mountusr - overlay mount setup for `/usr`. Lower dir is on
`/cfg/preserve/usr/` and upper on `/cfg/overlay/usr/`.
The following services are enabled by default and configured to run *after*
the `vfs` target and *before* the `sysinit` target:
* hostname - reload hostname `/etc/hostname`
* loopback - bring the loopback device up
* modules - iterate over the file `/etc/modules` and try to load each module
using modprobe.
* sysctl - restore kernel parameters using `sysctl --system`. See `sysctl(8)`
for a list of possible locations that the parameters are read from.
* usyslogd - Starts and supervises the `usyslogd` syslog implementation.
* klogd - Starts and supervises the `klogd` daemon.
The following services are enabled by default and configured to run *after*
the `sysinit` target and *before* the `network` target:
* ifcfg - static network configuration
Does the static network configuration outlined in [network.md](network.md)
The following services are enabled by default and configured to run *after*
the `network` target:
* gcrond
## Default Shutdown and Reboot Services
For the shutdown and reboot targets, the following services are executed:
* sigterm - send the SIGTERM signal to all processes and wait for 5 seconds
* sigkill - send the SIGKILL signal to all remaining processes
* ifdown - bring all network interfaces down
* sync - run the sync command
## Additional Services not Enabled by Default
* agetty - A parameterizeable, respawn type `agetty` service. The first
parameter is the terminal device that the getty should run on.
* consolefont - If enabled, run once before sysinit. Sets the console font
to the first parameter.
* dhcpcdmaster - If one or more network interfaces should be configured using
dhcpcd, this service starts a central `dhcpcd` master instance.
* dhcpcd - A parameterizeable single shot service that signals the `dhcpcd`
master that it should configure a specific interface. The first parameter
is the interface that should be configured by `dhcpcd`.
* dnsmasq - A respawn type service for the `dnsmasq` DNS and DHCP server.
* hostapd - If the system should operate a WIFI access point, this respawn
type service can be enabled to manage an instace of the `hostapd` program.
* unbound - A respawn type service that manages an instance of the `unbound`
name resolver.
* hwclock - If the system has a hardware clock, this service can restore the
kernels clock from the hardware at bootup, between the `vfs` and `sysinit`
targets.
* nft - If enabled, restores net filter table rules during boot.
* swclock - For systems that don't have a hardware clock, this service
restores a somewhat usable time from a file during boot.
* swclocksave - For systems that don't have a hardware clock, this service
saves the current time to a file during shutdown or reboot.
* sshd_keygen - A wait type service that generates host keys for the OpenSSH
server and then disables itself.
* sshd - Starts an OpenSSH server after the network pseudo service and after
the sshd_keygen service.
* nginx - Starts the Nginx server after the network pseudo serivce.

83
docs/network.md Normal file
View File

@ -0,0 +1,83 @@
# Static Network Configuration
The default configuration provides multiple services that perform network
initialization and static configuration using helper scripts that require
programs from the `iproute2` package.
Configuration files are typically stored in `/etc/netcfg/` (depending on
configure options).
Please note that the loopback device is treated specially and not included in
any of the network configuration outlined below. The loopback device is brought
up and configured by a dedicated service long before the network configuration
is done.
## Interface Renaming
If the `ifrename` service is enabled (it is disabled by default), network
interfaces are renamed based on a rule set stored in the file `ifrename`.
The file contains comma separated shell globing patterns for the current
interface name, MAC address and a prefix for the new interface name.
For each network interface, rules are processed top to bottom. If the first two
globing patterns apply, the interface is renamed. Interfaces with the same
prefix are sorted by mac address and a running index is appended to the prefix.
If none of the rules apply, the interface name is left unchanged.
The intent is, to provide a way to configure persistent, deterministic names for
at least all network interfaces that are permanently installed on a board.
Extension cards or external network adapters should be given a different prefix
to avoid changes in the order as they come and go.
## Interface Configuration
After interface renaming, for each network interface, the configuration path is
scanned for files with the same name as the interface.
Each successfully found configuration file is processed line by line, top to
bottom. Each line may contain a keyword, followed by multiple arguments.
The following keywords can be used to add IPv4 or IPv6 network addresses to
an interface:
* address
* addr
* ip
* ip6
* ipv6
Those commands are expected to be followed by an IPv4 or IPv6 address and
network mask.
Furthermore, the following commands can be used for configuring interface
parameters:
* `arp {on|off}`
* `multicast {on|off}`
* `mtu <value>`
* `offload [rx {on|off}] [tx {on|off}] [sg {on|off}] [tso {on|off}]`
* `offload [gso {on|off}] [gro {on|off}] [lro {on|off}] [rxvlan {on|off}]`
* `offload [txvlan {on|off}] [ntuple {on|off}] [rxhash {on|off}]`
* `offload [ufo {on|off}]`
## Route Configuration
After interface configuration is done, routes and rules are restored from a
file named `routes` in the same configuration path.
The file may contain lines starting with `route` or `rule`. Everything that
follows is passed on to `ip route add` or `ip rule add` respectively.
## Net Filter Tables
An additional service is provided that restores the nft rule set from
`/etc/nftables.rules`.

1
etc/initd.env Normal file
View File

@ -0,0 +1 @@
PATH=/bin

35
m4/ac_define_dir.m4 Normal file
View File

@ -0,0 +1,35 @@
dnl @synopsis AC_DEFINE_DIR(VARNAME, DIR [, DESCRIPTION])
dnl
dnl This macro sets VARNAME to the expansion of the DIR variable,
dnl taking care of fixing up ${prefix} and such.
dnl
dnl VARNAME is then offered as both an output variable and a C
dnl preprocessor symbol.
dnl
dnl Example:
dnl
dnl AC_DEFINE_DIR([DATADIR], [datadir], [Where data are placed to.])
dnl
dnl @category Misc
dnl @author Stepan Kasal <kasal@ucw.cz>
dnl @author Andreas Schwab <schwab@suse.de>
dnl @author Guido U. Draheim <guidod@gmx.de>
dnl @author Alexandre Oliva
dnl @version 2006-10-13
dnl @license AllPermissive
AC_DEFUN([AC_DEFINE_DIR], [
prefix_NONE=
exec_prefix_NONE=
test "x$prefix" = xNONE && prefix_NONE=yes && prefix=$ac_default_prefix
test "x$exec_prefix" = xNONE && exec_prefix_NONE=yes && exec_prefix=$prefix
dnl In Autoconf 2.60, ${datadir} refers to ${datarootdir}, which in turn
dnl refers to ${prefix}. Thus we have to use `eval' twice.
eval ac_define_dir="\"[$]$2\""
eval ac_define_dir="\"$ac_define_dir\""
AC_SUBST($1, "$ac_define_dir")
AC_DEFINE_UNQUOTED($1, "$ac_define_dir", [$3])
test "$prefix_NONE" && prefix=NONE
test "$exec_prefix_NONE" && exec_prefix=NONE
])

13
netcfg/ifrename Normal file
View File

@ -0,0 +1,13 @@
#
# Interface renaming rules
#
# Format: NAME,MAC,NEWNAME
#
# NAME and MAC are shell glob patterns. Both must match for a rule to apply.
# The first matching rule is chosen (top to bottom).
#
# Interfaces with the same NEWNAME are sorted by MAC and have a running
# index appended to their new name.
#
# Example: rename all ethernet interfaces to "port<X>"
# eth*,*,port

6
scripts/Makemodule.am Normal file
View File

@ -0,0 +1,6 @@
helper_SCRIPTS += scripts/devfs.sh scripts/trymount.sh scripts/ifrename.sh
helper_SCRIPTS += scripts/ifcfg.sh scripts/ifdown.sh scripts/modules_load.sh
helper_SCRIPTS += scripts/setntpdate.sh scripts/overlay.sh
EXTRA_DIST += scripts/trymount.sh scripts/ifdown.sh scripts/setntpdate.sh
EXTRA_DIST += scripts/overlay.sh

21
scripts/devfs.sh.in Normal file
View File

@ -0,0 +1,21 @@
#!/bin/sh
mount -t devtmpfs none /dev
[ -c /dev/console ] || mknod -m 600 /dev/console c 5 1
[ -c /dev/tty ] || mknod -m 666 /dev/tty c 5 0
[ -c /dev/null ] || mknod -m 666 /dev/null c 1 3
[ -c /dev/kmsg ] || mknod -m 660 /dev/kmsg c 1 11
[ -e /dev/fd ] || ln -snf /proc/self/fd /dev/fd
[ -e /dev/stdin ] || ln -snf /proc/self/fd/0 /dev/stdin
[ -e /dev/stdout ] || ln -snf /proc/self/fd/1 /dev/stdout
[ -e /dev/stderr ] || ln -snf /proc/self/fd/2 /dev/stderr
[ -e /proc/kcore ] && ln -snf /proc/kcore /dev/core
mkdir -p /dev/mqueue -m 1777
mkdir -p /dev/pts -m 0755
mkdir -p /dev/shm -m 1777
@SCRIPTDIR@/trymount.sh "/dev/mqueue" "mqueue" "noexec,nosuid,nodev"
@SCRIPTDIR@/trymount.sh "/dev/pts" "devpts" "noexec,nosuid,gid=5,mode=0620"
@SCRIPTDIR@/trymount.sh "/dev/shm" "tmpfs" "noexec,nosuid,nodev,mode=1777"

71
scripts/ifcfg.sh.in Executable file
View File

@ -0,0 +1,71 @@
#!/bin/sh
CFGPATH="@ETCPATH@/netcfg"
[ -d "$CFGPATH" ] || exit 0
# configure interfaces
for IFPATH in /sys/class/net/*; do
[ "$IFPATH" == "/sys/class/net/lo" ] && continue
IF=`basename $IFPATH`
CFGFILE="$CFGPATH/$IF"
[ -f "$CFGFILE" ] || continue
ip link set dev "$IF" down
while read LINE;
do
trimmed=`echo -- $LINE`
[ ! -z "$trimmed" ] || continue
set $trimmed
case "$1" in
address|addr|ip|ip6|ipv6)
shift
ip address add $@ dev "$IF"
;;
arp|multicast|mtu)
ip link set dev "$IF" $@
;;
offload)
shift
ethtool -K "$IF" $@
;;
*)
;;
esac
done < "$CFGFILE"
done
# configure static routs
if [ -f "$CFGPATH/routes" ]; then
while read LINE;
do
trimmed=`echo -- $LINE`
[ ! -z "$trimmed" ] || continue
set $trimmed
case "$1" in
route)
shift
ip route add $@
;;
rule)
shift
ip rule add $@
;;
*)
;;
esac
done < "$CFGFILE"
fi
# activate interfaces
for IFPATH in /sys/class/net/*; do
[ "$IFPATH" == "/sys/class/net/lo" ] && continue
IF=`basename $IFPATH`
[ ! -f "$CFGPATH/$IF" ] || ip link set dev "$IF" up
done

8
scripts/ifdown.sh Normal file
View File

@ -0,0 +1,8 @@
#!/bin/sh
for IFPATH in /sys/class/net/*; do
[ "$IFPATH" == "/sys/class/net/lo" ] && continue
IF=`basename $IFPATH`
ip link set dev "$IF" down
done

47
scripts/ifrename.sh.in Executable file
View File

@ -0,0 +1,47 @@
#!/bin/sh
NAMERULES="@ETCPATH@/netcfg/ifrename"
TMPPATH="/tmp/ifrename"
[ -f "$NAMERULES" ] || exit 0
mkdir -p "$TMPPATH"
for IFPATH in /sys/class/net/*; do
[ "$IFPATH" == "/sys/class/net/lo" ] && continue
IF=`basename $IFPATH`
MAC=`cat $IFPATH/address`
grep "^[^,]\+,[^,]\+,[a-zA-Z0-9]\+$" $NAMERULES | while read LINE;
do
NAMECMP=$(echo $LINE | cut -d',' -f1)
ADDRCMP=$(echo $LINE | cut -d',' -f2)
RULE=$(echo $LINE | cut -d',' -f3)
case $IF in ($NAMECMP) ;; *) continue;; esac
case $MAC in ($ADDRCMP) ;; *) continue;; esac
echo "$MAC,$IF" >> "$TMPPATH/$RULE"
break
done
done
for FNAME in $TMPPATH/*; do
[ ! -f "$FNAME" ] && break
IDX=0
PREFIX=$(basename $FNAME)
sort -t',' -k1 -u $FNAME | while read LINE;
do
OLDNAME=$(echo $LINE | cut -d',' -f2)
NEWNAME="$PREFIX$IDX"
IDX=`expr $IDX + 1`
ip link set "$OLDNAME" name "$NEWNAME"
done
rm "$FNAME"
done
rmdir "$TMPPATH"

View File

@ -0,0 +1,21 @@
#!/bin/sh
MODLIST="@ETCPATH@/modules"
if [ ! -f "$MODLIST" ]; then
exit 0
fi
while read LINE;
do
trimmed=`echo -- $LINE`
[ ! -z "$trimmed" ] || continue
set $trimmed
case "$1" in
\#*)
;;
*)
modprobe "$1"
;;
esac
done < "$MODLIST"

21
scripts/overlay.sh Executable file
View File

@ -0,0 +1,21 @@
#!/bin/sh
lower=/cfg/preserve/${1}
upper=/cfg/overlay/${1}
work=/cfg/overlay/${1}_work
target=${2}
if [ ! -d "$target" ]; then
exit
fi
if [ -d "$lower" ]; then
if [ -d "$upper" ]; then
mkdir -p "$work"
mount -t overlay overlay \
-olowerdir=${lower},upperdir=${upper},workdir=${work} \
${target}
else
mount --bind "$lower" "$target"
fi
fi

49
scripts/setntpdate.sh Executable file
View File

@ -0,0 +1,49 @@
#!/bin/sh
resolve() {
local domain="$1"
local server="$2"
if [ -x "$(command -v dig)" ]; then
if [ -z "$server" ]; then
dig +short "$domain"
else
dig +short "@$server" "$domain"
fi
return $?
fi
if [ -x "$(command -v drill)" ]; then
if [ -z "$server" ]; then
drill "$domain" | grep "^${domain}." | cut -d$'\t' -f5
else
drill "@$server" "$domain" | grep "^${domain}." |\
cut -d$'\t' -f5
fi
return $?
fi
exit 1
}
try_update() {
while read ip; do
if ntpdate -bu "$ip"; then
return 0
fi
done
return 1
}
pool="pool.ntp.org"
dns="1.1.1.1"
# try default DNS server first
resolve "$pool" "" | try_update
[ $? -eq 0 ] && exit 0
# try fallback public dns server
ping -q -c 1 "$dns" || exit 1
resolve "$pool" "$dns" | try_update
exit $?

7
scripts/trymount.sh Normal file
View File

@ -0,0 +1,7 @@
#!/bin/sh
if [ -d "$1" ]; then
if grep -qsE "[[:space:]]+$2$" "/proc/filesystems"; then
mount -n -t "$2" -o "$3" "$2" "$1"
fi
fi

23
services/Makemodule.am Normal file
View File

@ -0,0 +1,23 @@
initdir = @TEMPLATEDIR@
init_DATA = services/agetty services/hostname services/loopback
init_DATA += services/sysctl services/hwclock services/sysinit
init_DATA += services/sigterm services/sync services/devfs
init_DATA += services/sysfs services/procfs services/tmpfs
init_DATA += services/vfs services/ifrename services/ifcfg
init_DATA += services/dhcpcd services/dhcpcdmaster services/unbound
init_DATA += services/dnsmasq services/ifdown services/modules
init_DATA += services/network services/hostapd services/swclock
init_DATA += services/swclocksave services/nft services/sigkill
init_DATA += services/sshd services/sshd_keygen services/consolefont
init_DATA += services/nginx services/usyslogd services/klogd
init_DATA += services/swclocksave.gcron services/gcrond
init_DATA += services/mountusr services/ntpsetdate.gcron
init_DATA += services/tmpfsrun services/tmpfsvar
EXTRA_DIST += services/sysinit services/vfs services/agetty services/hostname
EXTRA_DIST += services/hwclock services/loopback services/klogd
EXTRA_DIST += services/sync services/sysctl services/tmpfs
EXTRA_DIST += services/dhcpcd services/dhcpcdmaster services/unbound
EXTRA_DIST += services/usyslogd services/dnsmasq services/network
EXTRA_DIST += services/consolefont services/gcrond services/nginx
EXTRA_DIST += services/tmpfsrun

6
services/agetty Normal file
View File

@ -0,0 +1,6 @@
description agetty on %0
exec agetty %0 linux
type respawn
target boot
after network
tty "/dev/%0"

6
services/consolefont Normal file
View File

@ -0,0 +1,6 @@
description set console font
type once
target boot
before sysinit
after vfs
exec setfont %0

6
services/devfs.in Normal file
View File

@ -0,0 +1,6 @@
description "mount /dev"
type wait
target boot
after procfs sysfs
before vfs
exec "@SCRIPTDIR@/devfs.sh"

7
services/dhcpcd Normal file
View File

@ -0,0 +1,7 @@
description "DHCP client on %0"
type once
target boot
after dhcpcdmaster network
tty /dev/null
exec dhcpcd -n %0

10
services/dhcpcdmaster Normal file
View File

@ -0,0 +1,10 @@
description "DHCP client - master service"
type wait
target boot
after network
tty /dev/null
exec {
mkdir -p /var/db/dhcpcd
dhcpcd --inactive
}

6
services/dnsmasq Normal file
View File

@ -0,0 +1,6 @@
description "dnsmasq DNS & DHCP server"
type respawn limit 5
target boot
after network unbound
exec dnsmasq -k

5
services/gcrond Normal file
View File

@ -0,0 +1,5 @@
description start gcron daemon
exec gcrond
type respawn
target boot
after network

7
services/hostapd.in Normal file
View File

@ -0,0 +1,7 @@
description "WIFI access point daemon"
type respawn limit 10
target boot
after sysinit ifrename
before network ifcfg
exec hostapd "@ETCPATH@/hostapd.conf"

6
services/hostname Normal file
View File

@ -0,0 +1,6 @@
description reload hostname
exec hostname --file /etc/hostname
type wait
target boot
before sysinit
after hwclock vfs

6
services/hwclock Normal file
View File

@ -0,0 +1,6 @@
description restore time from RTC
exec hwclock --hctosys --utc
type wait
target boot
before sysinit
after vfs modules

7
services/ifcfg.in Normal file
View File

@ -0,0 +1,7 @@
description "static network configuration"
type wait
target boot
after sysinit ifrename
before network
exec "@SCRIPTDIR@/ifcfg.sh"

7
services/ifdown.in Normal file
View File

@ -0,0 +1,7 @@
description "stop all network interfaces"
type wait
target %0
after sigkill sigterm
before sync
exec "@SCRIPTDIR@/ifdown.sh"

7
services/ifrename.in Normal file
View File

@ -0,0 +1,7 @@
description "rename network interfaces"
type wait
target boot
after sysinit
before network
exec "@SCRIPTDIR@/ifrename.sh"

6
services/klogd Normal file
View File

@ -0,0 +1,6 @@
description "starting uklogd"
exec klogd
type respawn limit 5
target boot
after usyslogd
before sysinit

10
services/loopback Normal file
View File

@ -0,0 +1,10 @@
description configure network loopback device
type wait
target boot
before sysinit
after hostname vfs
exec {
ip addr add 127.0.0.1/8 dev lo brd +
ip link set lo up
}

7
services/modules.in Normal file
View File

@ -0,0 +1,7 @@
description "load kernel modules"
type wait
target boot
after vfs usyslogd
before sysinit
exec "@SCRIPTDIR@/modules_load.sh"

5
services/mountusr.in Normal file
View File

@ -0,0 +1,5 @@
description "mount /usr"
type wait
target boot
before vfs
exec "@SCRIPTDIR@/overlay.sh" usr /usr

4
services/network Normal file
View File

@ -0,0 +1,4 @@
description "static network configuration completed"
type wait
target boot
after sysinit

7
services/nft.in Normal file
View File

@ -0,0 +1,7 @@
description "restore netfilter rule set"
type wait
target boot
after sysinit ifrename
before network ifcfg
exec nft -f "@ETCPATH@/nftables.rules"

6
services/nginx Normal file
View File

@ -0,0 +1,6 @@
description "start nginx web server"
type once
target boot
after network
tty /dev/null
exec nginx

View File

@ -0,0 +1,7 @@
hour */4
minute 5
dayofmonth *
dayofweek *
month *
tty /dev/null
exec "@SCRIPTDIR@/setntpdate.sh"

9
services/procfs.in Normal file
View File

@ -0,0 +1,9 @@
description "mount /proc"
type wait
target boot
before vfs
exec {
mount -t proc proc /proc
"@SCRIPTDIR@/trymount.sh" /proc/sys/fs/binfmt_misc binfmt_misc nodev,noexec,nosuid
}

6
services/sigkill.in Normal file
View File

@ -0,0 +1,6 @@
description send SIGKILL to remaining processes
exec "@SCRIPTDIR@/killall5" 9
type wait
target %0
after sigterm
before sync shutdown reboot

9
services/sigterm.in Normal file
View File

@ -0,0 +1,9 @@
description send SIGTERM to all processes
type wait
target %0
before sigkill sync reboot shutdown
exec {
"@SCRIPTDIR@/killall5" 15
sleep 5
}

5
services/sshd.in Normal file
View File

@ -0,0 +1,5 @@
description "OpenSSH server"
type respawn limit 5
target boot
after network sshd_keygen
exec "@SBINPATH@/sshd" -D

14
services/sshd_keygen.in Normal file
View File

@ -0,0 +1,14 @@
description "OpenSSH server - generate host keys"
type wait
target boot
after network
tty /dev/null
exec {
mkdir -p "@ETCPATH@/ssh/"
ssh-keygen -f "@ETCPATH@/ssh/host_rsa_key" -N "" -t rsa
ssh-keygen -f "@ETCPATH@/ssh/host_ecdsa_key" -N "" -t ecdsa
ssh-keygen -f "@ETCPATH@/ssh/host_ed25519_key" -N "" -t ed25519
service disable sshd_keygen
}

6
services/swclock.in Normal file
View File

@ -0,0 +1,6 @@
description restore saved time from last shutdown
type wait
target boot
before sysinit
after vfs modules
exec xargs -a @STATEFILESPATH@/swclock date --utc

View File

@ -0,0 +1,3 @@
interval hourly
tty truncate @STATEFILESPATH@/swclock
exec date --utc +%%m%%d%%H%%M%%Y.%%S

7
services/swclocksave.in Normal file
View File

@ -0,0 +1,7 @@
description write current time to backup file
type wait
target %0
after sigkill
before sync
tty truncate @STATEFILESPATH@/swclock
exec date --utc +%%m%%d%%H%%M%%Y.%%S

6
services/sync Normal file
View File

@ -0,0 +1,6 @@
description sync
exec sync
type wait
target %0
after sigkill sigterm
before reboot shutdown

7
services/sysctl Executable file
View File

@ -0,0 +1,7 @@
description configure kernel paramters
tty /dev/null
exec sysctl --system
type wait
target boot
before sysinit
after vfs loopback

13
services/sysfs.in Normal file
View File

@ -0,0 +1,13 @@
description "mount /sys"
type wait
target boot
after procfs
before vfs
exec {
mount -t sysfs sysfs /sys
"@SCRIPTDIR@/trymount.sh" /sys/kernel/security securityfs nodev,noexec,nosuid
"@SCRIPTDIR@/trymount.sh" /sys/kernel/config configfs nodev,noexec,nosuid
"@SCRIPTDIR@/trymount.sh" /sys/fs/fuse/connections fusectl nodev,noexec,nosuid
"@SCRIPTDIR@/trymount.sh" /sys/firmware/efi/efivars efivarfs ro
}

5
services/sysinit Normal file
View File

@ -0,0 +1,5 @@
description basic system initialization
type wait
target boot
after vfs
before network

5
services/tmpfs Normal file
View File

@ -0,0 +1,5 @@
description "mount /tmp"
type wait
target boot
before vfs
exec mount -t tmpfs none /tmp

11
services/tmpfsrun Normal file
View File

@ -0,0 +1,11 @@
description "mount /run"
type wait
target boot
before vfs
after tmpfsvar
exec {
mount -t tmpfs none /run
mkdir /run/lock -m 0755
ln -s /run /var/run
ln -s /run/lock /var/lock
}

16
services/tmpfsvar.in Normal file
View File

@ -0,0 +1,16 @@
description "mount /var"
type wait
target boot
before vfs
exec {
mount -t tmpfs none /var
mkdir /var/log -m 0755
mkdir /var/spool -m 0755
mkdir /var/lib -m 0755
mkdir /var/tmp -m 0755
mkdir /var/nginx -m 0755
touch /var/log/lastlog
touch /var/log/faillog
touch /var/log/sulog
"@SCRIPTDIR@/overlay.sh" var_lib /var/lib
}

6
services/unbound Normal file
View File

@ -0,0 +1,6 @@
description "Unbound resolver"
type respawn limit 5
target boot
after network
exec unbound -d

6
services/usyslogd Normal file
View File

@ -0,0 +1,6 @@
description "starting usyslogd"
exec usyslogd --chroot --rotate-replace --max-size 8192
type respawn limit 5
target boot
after vfs
before sysinit

4
services/vfs Normal file
View File

@ -0,0 +1,4 @@
description VFS setup done
type wait
target boot
before sysinit