#!/bin/bash
#
# live: Init script for live image
#
# chkconfig: 345 00 99
# description: Init script for live image.
. /etc/init.d/functions
if ! strstr "`cat /proc/cmdline`" liveimg || [ "$1" != "start" ]; then
exit 0
fi
if [ -e /.liveimg-configured ] ; then
configdone=1
fi
exists() {
which $1 >/dev/null 2>&1 || return
$*
}
touch /.liveimg-configured
# MEDIACHECK
if strstr "`cat /proc/cmdline`" MEDIACHECK; then
/opt/ibm/c4eb/livedvd-ui/mediacheck.sh
fi
# mount live image
if [ -b `readlink -f /dev/live` ]; then
mkdir -p /mnt/live
mount -o ro /dev/live /mnt/live 2>/dev/null || mount /dev/live /mnt/live
fi
# Time Bomb
if test `find /mnt/live/LiveOS/squashfs.img -mtime +270`; then
clear
if runlevel | grep "N 5" >/dev/null 2>&1; then
/bin/plymouth pause-progress >/dev/null 2>&1 ||:
/bin/plymouth hide-splash >/dev/null 2>&1 ||:
fi
dialog --title "Installation Media" "$@" --yesno "Your installation media is > 6 months old.\n\nWe recommend you download the current media instead.\n\nWould you like to quit ?" 16 75
retval=$?
if runlevel | grep "N 5" >/dev/null 2>&1; then
/sbin/plymouthd --mode=shutdown >/dev/null 2>&1 ||:
/bin/plymouth show-splash >/dev/null 2>&1 ||:
fi
if [ "$retval" != "1" ]; then
/usr/bin/halt -p >/dev/null 2>&1
fi
fi
# if rpm dir exists
if [ "$(ls -A /mnt/live/rpm 2>/dev/null)" ]; then
# Install rpms
rpm -Uvh /mnt/live/rpm/*.rpm --force --nodeps ||:
fi
# Run scripts if there
if [ "$(ls -A /mnt/live/scripts 2>/dev/null)" ]; then
# run scripts
pushd /mnt/live/scripts
for i in *.sh
do
sh $i ||:
done
popd
fi
# Handle IPM
IPM=0
# We make remove these options
if strstr "`cat /proc/cmdline`" IPM=YES ; then
IPM=1
elif strstr "`cat /proc/cmdline`" IPM=NO ; then
IPM=0
# Make sure we have this file on the DVD
elif [ -f /mnt/live/IPM ]; then
IPM=1
fi
if [ "$IPM" == "1" ]; then
if /opt/ibm/c4eb/livedvd-ui/ntfs-check.sh; then
clear
echo "**********************************************************"
echo "**********************************************************"
echo "You may only use this DVD for In-Place Migrations"
echo
echo "Machine will be ShutDown"
echo "**********************************************************"
echo "**********************************************************"
echo "No IPM Found shutting down"
if runlevel | grep "N 5" >/dev/null 2>&1; then
/bin/plymouth pause-progress >/dev/null 2>&1 ||:
/bin/plymouth hide-splash >/dev/null 2>&1 ||:
fi
dialog --title "In-Place Migration" --infobox "You may only use this DVD for In-Place Migrations\n\nThis machine will now be shutdown." 7 55
sleep 5
if runlevel | grep "N 5" >/dev/null 2>&1; then
/sbin/plymouthd --mode=shutdown >/dev/null 2>&1 ||:
/bin/plymouth show-splash >/dev/null 2>&1 ||:
fi
/usr/bin/halt -p >/dev/null 2>&1
else
rm -f /etc/X11/xinit.d/openclient-welcome.xinit ||:
rm -f /etc/xdg/autostart/openclient-welcome-center-as.desktop ||:
rm -f /etc/xdg/autostart/openclient-compiz-check.desktop ||:
echo "/usr/bin/oc-install &" > /etc/X11/xinit/xinitrc.d/zzz-start-install.sh
chmod 755 /etc/X11/xinit/xinitrc.d/zzz-start-install.sh
rm -f /opt/ibm/c4eb/artwork/wallpaper/*.jpg ||:
cp -f /opt/ibm/c4eb/artwork/ipm/*.jpg /opt/ibm/c4eb/artwork/wallpaper/ ||:
cat << FOE > /etc/X11/xinit/xinitrc.d/zzzz-sleep.sh
#!/bin/bash
gconftool-2 --set /apps/gnome-power-manager/actions/critical_battery --type string "nothing" ||:
gconftool-2 --set /apps/gnome-power-manager/backlight/battery_reduce --type bool "0" ||:
gconftool-2 --set /apps/gnome-power-manager/backlight/idle_dim_ac --type bool "0" ||:
gconftool-2 --set /apps/gnome-power-manager/backlight/idle_dim_time --type bool "0" ||:
gconftool-2 --set /apps/gnome-power-manager/buttons/lid_ac --type string "nothing" ||:
gconftool-2 --set /apps/gnome-power-manager/buttons/lid_battery --type string "nothing" ||:
gconftool-2 --set /apps/gnome-power-manager/disks/spindown_enable_battery --type bool "0" ||:
gconftool-2 --set /apps/gnome-power-manager/timeout/sleep_display_ac --type int "0" ||:
gconftool-2 --set /apps/gnome-power-manager/timeout/sleep_display_battery --type int "0" ||:
gconftool-2 --set /apps/gnome-power-manager/timeout/sleep_computer_battery --type int "0" ||:
gconftool-2 --set /apps/gnome-screensaver/idle_activation_enabled --type bool "0" ||:
# Fix blanking
xset s off ||:
xset -dpms ||:
xset s noblank ||:
sh -c "sleep 10 ; killall gnome-screensaver ||:" &
FOE
chmod 755 /etc/X11/xinit/xinitrc.d/zzzz-sleep.sh
# Upgrade
/opt/ibm/c4eb/livedvd-ui/ntfs-check.sh upgrade ||:
fi
fi
livedir="LiveOS"
for arg in `cat /proc/cmdline` ; do
if [ "${arg##live_dir=}" != "${arg}" ]; then
livedir=${arg##live_dir=}
return
fi
done
# enable swaps unless requested otherwise
swaps=`blkid -t TYPE=swap -o device`
if ! strstr "`cat /proc/cmdline`" noswap && [ -n "$swaps" ] ; then
for s in $swaps ; do
action "Enabling swap partition $s" swapon $s
done
fi
if ! strstr "`cat /proc/cmdline`" noswap && [ -f /mnt/live/${livedir}/swap.img ] ; then
action "Enabling swap file" swapon /mnt/live/${livedir}/swap.img
fi
mountPersistentHome() {
# support label/uuid
if [ "${homedev##LABEL=}" != "${homedev}" -o "${homedev##UUID=}" != "${homedev}" ]; then
homedev=`/sbin/blkid -o device -t "$homedev"`
fi
# if we're given a file rather than a blockdev, loopback it
if [ "${homedev##mtd}" != "${homedev}" ]; then
# mtd devs don't have a block device but get magic-mounted with -t jffs2
mountopts="-t jffs2"
elif [ ! -b "$homedev" ]; then
loopdev=`losetup -f`
if [ "${homedev##/mnt/live}" != "${homedev}" ]; then
action "Remounting live store r/w" mount -o remount,rw /mnt/live
fi
losetup $loopdev $homedev
homedev=$loopdev
fi
# if it's encrypted, we need to unlock it
if [ "$(/sbin/blkid -s TYPE -o value $homedev 2>/dev/null)" = "crypto_LUKS" ]; then
echo
echo "Setting up encrypted /home device"
plymouth ask-for-password --command="cryptsetup luksOpen $homedev EncHome"
homedev=/dev/mapper/EncHome
fi
# and finally do the mount
mount $mountopts $homedev /home
# if we have /home under what's passed for persistent home, then
# we should make that the real /home. useful for mtd device on olpc
if [ -d /home/home ]; then mount --bind /home/home /home ; fi
[ -x /sbin/restorecon ] && /sbin/restorecon /home
if [ -d /home/liveuser ]; then USERADDARGS="-M" ; fi
}
findPersistentHome() {
for arg in `cat /proc/cmdline` ; do
if [ "${arg##persistenthome=}" != "${arg}" ]; then
homedev=${arg##persistenthome=}
return
fi
done
}
if strstr "`cat /proc/cmdline`" persistenthome= ; then
findPersistentHome
elif [ -e /mnt/live/${livedir}/home.img ]; then
homedev=/mnt/live/${livedir}/home.img
fi
# if we have a persistent /home, then we want to go ahead and mount it
if ! strstr "`cat /proc/cmdline`" nopersistenthome && [ -n "$homedev" ] ; then
action "Mounting persistent /home" mountPersistentHome
fi
# make it so that we don't do writing to the overlay for things which
# are just tmpdirs/caches
mount -t tmpfs -o mode=0755 varcacheyum /var/cache/yum
mount -t tmpfs tmp /tmp
mount -t tmpfs vartmp /var/tmp
[ -x /sbin/restorecon ] && /sbin/restorecon /var/cache/yum /tmp /var/tmp >/dev/null 2>&1
if [ -n "$configdone" ]; then
exit 0
fi
# Show harddisk install on the desktop
sed -i -e 's/NoDisplay=true/NoDisplay=false/' /usr/share/applications/liveinst.desktop
mkdir -p /etc/skel/Desktop/
cp /usr/share/applications/liveinst.desktop /etc/skel/Desktop/
chmod 644 /etc/skel/Desktop/liveinst.desktop
# redobackup
[ -f /usr/share/redo/redobackup.desktop ] && cp /usr/share/redo/redobackup.desktop /etc/skel/Desktop/
chmod 755 /etc/skel/Desktop/redobackup.desktop ||:
# add fedora user with no passwd
action "Adding live user" useradd $USERADDARGS -c "Live System User" liveuser
passwd -d liveuser > /dev/null
# reset root
/usr/bin/chage -M 270 root ||:
# turn off firstboot for livecd boots
chkconfig --level 345 firstboot off 2>/dev/null
# don't start yum-updatesd for livecd boots
chkconfig --level 345 yum-updatesd off 2>/dev/null
# turn off mdmonitor by default
chkconfig --level 345 mdmonitor off 2>/dev/null
# turn off setroubleshoot on the live image to preserve resources
chkconfig --level 345 setroubleshoot off 2>/dev/null
## fix various bugs and issues
# unmute sound card
alsaunmute 0 2> /dev/null ||:
# don't do packagekit checking by default
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t string /apps/gnome-packagekit/frequency_get_updates never >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t string /apps/gnome-packagekit/frequency_get_upgrades never >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t string /apps/gnome-packagekit/frequency_refresh_cache never >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/notify_available false >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/notify_distro_upgrades false >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_check_firmware false >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_check_hardware false >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_codec_helper false >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_font_helper false >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_mime_type_helper false >/dev/null
# Do not show volumes on desktop.
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/nautilus/desktop/volumes_visible false >/dev/null
# don't start cron/at as they tend to spawn things which are
# disk intensive that are painful on a live image
chkconfig --level 345 crond off 2>/dev/null ||:
chkconfig --level 345 atd off 2>/dev/null ||:
chkconfig --level 345 anacron off 2>/dev/null ||:
chkconfig --level 345 readahead_early off 2>/dev/null ||:
chkconfig --level 345 readahead_later off 2>/dev/null ||:
chkconfig --level 345 mdmonitor off 2>/dev/null ||:
chkconfig --level 345 setroubleshoot off 2>/dev/null ||:
chkconfig --level 345 auditd off 2>/dev/null ||:
chkconfig --level 345 kdump off 2>/dev/null ||:
chkconfig --level 345 microcode_ctl off 2>/dev/null ||:
chkconfig --level 345 openct off 2>/dev/null ||:
chkconfig --level 345 pcscd off 2>/dev/null ||:
chkconfig --level 345 postfix off 2>/dev/null ||:
# Stopgap fix for RH #217966; should be fixed in HAL instead
touch /media/.hal-mtab
# workaround clock syncing on shutdown that we don't want (#297421)
sed -i -e 's/hwclock/no-such-hwclock/g' /etc/rc.d/init.d/halt
#######################################################################################
# IBM Fixed blah
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-screensaver/lock_enabled false >/dev/null ||:
# set up timed auto-login for after 60 seconds
cat >> /etc/gdm/custom.conf << FOE
[daemon]
TimedLoginEnable=true
TimedLogin=liveuser
TimedLoginDelay=0
FOE
# add keyboard and display configuration utilities to the desktop
mkdir -p /home/liveuser/Desktop >/dev/null
cp /usr/share/applications/gnome-keyboard.desktop /home/liveuser/Desktop/
chmod 755 /home/liveuser/Desktop/*.desktop
# fix get windows
[ -f /home/liveuser/Desktop/get-windows.desktop ] && rm -f /home/liveuser/Desktop/get-windows.desktop
[ -f /usr/share/applications/get-windows.desktop ] && rm -f /usr/share/applications/get-windows.desktop
# Do not add usbr
[ -f /etc/X11/xinit/xinitrc.d/zz-usbr.sh ] && rm -f /etc/X11/xinit/xinitrc.d/zz-usbr.sh
# passthrough rule
[ -f /etc/udev/rules.d/99-kvm-passthrough-cd.rules ] && rm -f /etc/udev/rules.d/99-kvm-passthrough-cd.rules
# turn off services
chkconfig besclient off 2>/dev/null ||:
chkconfig rtvscand off 2>/dev/null ||:
chkconfig symcfgd off 2>/dev/null ||:
chkconfig autoprotect off 2>/dev/null ||:
chkconfig wst-schedule off 2>/dev/null ||:
chkconfig dkms_autoinstaller off 2>/dev/null ||:
chkconfig libvirtd off 2>/dev/null ||:
#service rtvscand stop 2>/dev/null ||:
#service symcfgd stop 2>/dev/null ||:
#service autoprotect stop 2>/dev/null ||:
service wst-schedule stop 2>/dev/null ||:
service dkms_autoinstaller stop 2>/dev/null ||:
service libvirtd stop 2>/dev/null ||:
service spiceusbsrvd stop 2>/dev/null ||:
service auditd stop 2>/dev/null ||:
service smb stop 2>/dev/null ||:
# applications
rm -f /usr/share/applications/ibm-restricted-hardware.desktop 2>/dev/null ||:
rm -f /usr/bin/ibm-restricted-hardware 2>/dev/null ||:
# start up
rm -f /etc/X11/xinit/xinitrc.d/xibmsaml.sh 2>/dev/null ||:
rm -f /etc/X11/xinit/xinitrc.d/z-gsa-applet.sh 2>/dev/null ||:
rm -f /etc/X11/xinit/xinitrc.d/z-wst-applet.sh 2>/dev/null ||:
rm -f /etc/xdg/autostart/symantec-savtray.desktop 2>/dev/null ||:
rm -f /etc/xdg/autostart/gdl_box.desktop 2>/dev/null ||:
rm -f /etc/xdg/autostart/gpk-update-icon.desktop 2>/dev/null ||:
rm -f /etc/xdg/autostart/ibm-welcome-tour.desktop 2>/dev/null ||:
rm -f /usr/share/gnome/autostart/gdl_box.desktop 2>/dev/null ||:
rm -f /usr/share/gnome/autostart/symantec-savtray.desktop 2>/dev/null ||:
# firstlogin
rm -f /usr/share/firstlogin/modules/Acroread.* 2>/dev/null ||:
rm -f /usr/share/firstlogin/modules/Anyconnect.* 2>/dev/null ||:
rm -f /usr/share/firstlogin/modules/asset.* 2>/dev/null ||:
rm -f /usr/share/firstlogin/modules/Flash.* 2>/dev/null ||:
rm -f /usr/share/firstlogin/modules/Java.* 2>/dev/null ||:
# fba.d
rm -f /etc/fba.d/enable-cupspdf.sh 2>/dev/null ||:
rm -f /etc/fba.d/fba-kernel-failsafe.sh 2>/dev/null ||:
rm -f /etc/fba.d/firewall_fba_check 2>/dev/null ||:
rm -f /etc/fba.d/grub_windows_update_after 2>/dev/null ||:
rm -f /etc/fba.d/grub_options.sh 2>/dev/null ||:
rm -f /etc/fba.d/ibm-security-compliance.sh 2>/dev/null ||:
rm -f /etc/fba.d/power_mgmt 2>/dev/null ||:
rm -f /etc/fba.d/switch_title_to_oc.sh 2>/dev/null ||:
rm -f /etc/fba.d/fix-sav-mr13.sh ||:
# more firstlogin
rm -f /etc/xdg/autostart/firstlogin.desktop 2>/dev/null ||:
#echo /usr/share/firstlogin/firstlogin.py > /etc/X11/xinit/xinitrc.d/xzfirstlogin.sh
#chmod 755 /etc/X11/xinit/xinitrc.d/xzfirstlogin.sh
# suspend
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --set /apps/gnome-power-manager/general/can_hibernate --type bool "0" >/dev/null ||:
gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.defaults --set /apps/gnome-power-manager/general/can_suspend --type bool "0" >/dev/null ||:
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t float /desktop/gnome/peripherals/mouse/motion_acceleration 6.0 >/dev/null ||:
# Fix suspend in F14??
if [ -f /usr/share/polkit-1/actions/org.freedesktop.upower.policy ]; then
sed -i "s|yes|no|g" /usr/share/polkit-1/actions/org.freedesktop.upower.policy >/dev/null ||:
fi
# what we are running
echo oc-fedora-livedvd > /etc/oc-fedora-livedvd
# disable fedora updates on live
sed -i "s|enabled=1|enabled=0|g" /etc/yum.repos.d/rhel-beta.repo 2>/dev/null ||:
sed -i "s|enabled=1|enabled=0|g" /etc/yum.repos.d/rhel.repo 2>/dev/null ||:
# Disable epel
sed -i "s|enabled=1|enabled=0|g" /etc/yum.repos.d/epel.repo 2>/dev/null ||:
sed -i "s|enabled=1|enabled=0|g" /etc/yum.repos.d/epel-testing.repo 2>/dev/null ||:
# Disable IBM repo
sed -i "s|plugins=1|plugins=0|g" /etc/yum.conf 2>/dev/null ||:
# Disable plymouth log viewer from livedvd
[ -f /usr/bin/plymouth-log-viewer ] && rm -f /usr/bin/plymouth-log-viewer
sed -i '/^exec $command $HALTARGS/d' /etc/init.d/halt
echo "# Eject Workaround" >> /etc/init.d/halt
echo "/usr/sbin/eject -p -m $(readlink -f /dev/live) >/dev/null 2>&1" >> /etc/init.d/halt
echo "exec \$command \$HALTARGS" >> /etc/init.d/halt
chown -R liveuser:liveuser /home/liveuser
# virt-p2v only applies to live
# Need to create virt-profile also.
sed -i "s|^PermitRootLogin*.*|PermitRootLogin yes|" /etc/ssh/sshd_config
chkconfig sshd on
usermod -G desktop_admin_r liveuser