- build cloud based images using livecd-rootfsubuntu/yakkety
commit
1167706f83
@ -0,0 +1,28 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
# Configure certain packages
|
||||||
|
|
||||||
|
## console-setup
|
||||||
|
|
||||||
|
# Select the fontface
|
||||||
|
printf "%s\t%s\t%s\t%s\n" \
|
||||||
|
console-setup console-setup/console-setup/fontface47 string "Fixed" debconf-set-selections ||
|
||||||
|
{ echo "FAILED to setup console fontface"; exit 1; }
|
||||||
|
|
||||||
|
# Select the code page for font
|
||||||
|
printf "%s\t%s\t%s\t%s\n" \
|
||||||
|
console-setup console-setup/codesetcode string "Uni2" | debconf-set-selections ||
|
||||||
|
{ echo "FAILED to setup console code page to Uni2"; exit 1; }
|
||||||
|
|
||||||
|
# Set Language string for codepage 47
|
||||||
|
printf "%s\t%s\t%s\t%s\n" \
|
||||||
|
console-setup console-setup/codeset47 string ". Combined - Latin; Slavic Cyrillic; Greek" | debconf-set-selections ||
|
||||||
|
{ echo "FAILED to setup codeset47 to proper string"; exti 1; }
|
||||||
|
|
||||||
|
# Replace the console font and typ ein /etc/default/console-setup
|
||||||
|
sed -i -e 's,^CODESET.*,CODESET="Uni2",g' \
|
||||||
|
-e 's,^FONTFACE.*,FONTFACE="Fixed",g' \
|
||||||
|
/etc/default/console-setup
|
||||||
|
|
||||||
|
# Configure the console-setup
|
||||||
|
dpkg-reconfigure --frontend=noninteractive console-setup ||
|
||||||
|
{ echo "FAILED to recofigure console-setup"; exit 1; }
|
@ -0,0 +1,14 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
# Create the necessary users and set their passwords. If needed,
|
||||||
|
# make sure they belong to the proper groups
|
||||||
|
#
|
||||||
|
# Author: Ben Howard <ben.howard@canonical.com>
|
||||||
|
# Date: 29 Jun 2011
|
||||||
|
#
|
||||||
|
|
||||||
|
echo "Adding admin group..."
|
||||||
|
addgroup --system --quiet admin
|
||||||
|
|
||||||
|
echo "Adding netdev group..."
|
||||||
|
addgroup --system --quiet netdev
|
@ -0,0 +1,3 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
printf "HWCLOCKACCESS=no" >> /etc/default/rcS
|
@ -0,0 +1,3 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
sed -i "s|#PasswordAuthentication yes|PasswordAuthentication no|g" /etc/ssh/sshd_config
|
@ -0,0 +1,18 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
# Disable IPv6 privacy extensions on Utopic and later
|
||||||
|
#
|
||||||
|
|
||||||
|
codename=$(sh -c 'lsb_release --short --codename')
|
||||||
|
dist_ge() { [[ "$1" > "$2" || "$1" == "$2" ]]; }
|
||||||
|
|
||||||
|
if ! dist_ge "${codename}" "trusty"; then
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
cat << EOF > /etc/sysctl.d/99-cloudimg-ipv6.conf
|
||||||
|
# Written by the Cloud Image build process
|
||||||
|
# See https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1068756
|
||||||
|
net.ipv6.conf.all.use_tempaddr = 0
|
||||||
|
net.ipv6.conf.default.use_tempaddr = 0
|
||||||
|
EOF
|
@ -0,0 +1,57 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Clean up extraneous log files that may be left around
|
||||||
|
rm /etc/ssh/ssh_host*key* || echo "No SSH keys to remove"
|
||||||
|
|
||||||
|
# Fix LP: #1047707, 1019338
|
||||||
|
# Truncate logs that are owned, otherwise remove
|
||||||
|
whitelisted_logs=(/var/log/btmp /var/log/lastlog /var/log/wtmp /var/log/fsck/checkfs /var/log/fsck/checkroot)
|
||||||
|
|
||||||
|
for log in $(find /var/log -type f)
|
||||||
|
do
|
||||||
|
whitelisted=$(echo "${whitelisted_logs[@]}" | grep -o ${log})
|
||||||
|
|
||||||
|
if [ -n "${whitelisted}" ]; then
|
||||||
|
: > ${log} &&
|
||||||
|
echo "Truncated whitelisted log ${log}" ||
|
||||||
|
echo "Failed to truncate whitelisted log ${log}"
|
||||||
|
else
|
||||||
|
|
||||||
|
dpkg -S ${log} > /dev/null 2>&1 &&
|
||||||
|
{ : > ${log} ||
|
||||||
|
echo "Failed to truncate $f"; } ||
|
||||||
|
{ rm ${log} &&
|
||||||
|
echo "Removed ${log} as an orphaned log file" ||
|
||||||
|
echo "Failed to remove unnecessary log $f"; }
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
# Remove un-owned log directories
|
||||||
|
whitelisted_dirs=(/var/log/fsck)
|
||||||
|
|
||||||
|
for log_d in $(find /var/log/* -type d)
|
||||||
|
do
|
||||||
|
whitelisted=$(echo "${whitelisted_dirs[@]}" | grep -o "${log_d}")
|
||||||
|
if [ -z "${whitelisted}" ]; then
|
||||||
|
dpkg -S ${log_d} > /dev/null 2>&1 &&
|
||||||
|
echo "Preserving log directory ${log_d}" ||
|
||||||
|
{ rm -rf ${log_d} &&
|
||||||
|
echo "Removed log directory ${log_d} as orphaned log dir" ||
|
||||||
|
echo "Failed to remove unnessasary log dir ${log_d}"; }
|
||||||
|
|
||||||
|
else
|
||||||
|
echo "Preserving whitelisted directory ${log_d}"
|
||||||
|
fi
|
||||||
|
|
||||||
|
done
|
||||||
|
|
||||||
|
|
||||||
|
rm -rf /var/run/* || echo "Failed to clean /var/run/*"
|
||||||
|
rm /etc/passwd- || echo "No spare passwd file to cleanup"
|
||||||
|
rm /etc/shadow- || echo "No spare shadow file to cleanup"
|
||||||
|
rm /etc/gshadow- || echo "No spare gshadow file to cleanup"
|
||||||
|
rm /etc/group- || echo "No spare group file to clenaup"
|
||||||
|
rm -f /etc/apt/conf.d/00secure || echo "No apt cache to cleanup"
|
||||||
|
|
||||||
|
# Truncate instead of delete, LP: #707311
|
||||||
|
truncate --size=0 -c /etc/popularity-contest.conf
|
@ -0,0 +1,281 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
rootd="${1:-/}"
|
||||||
|
root_fs_label=cloudimg-rootfs
|
||||||
|
set -ex
|
||||||
|
|
||||||
|
CLOUD_IMG_STR="# CLOUD_IMG: This file was created/modified by the Cloud Image build process"
|
||||||
|
|
||||||
|
LANG=C
|
||||||
|
|
||||||
|
_xchroot() {
|
||||||
|
# Prevent multiple chroots
|
||||||
|
if [ "$1" = "/" ]; then
|
||||||
|
shift;
|
||||||
|
"$@"
|
||||||
|
else
|
||||||
|
chroot "$@"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
#### COMMON architecture independent functions
|
||||||
|
arch=$(_xchroot "${rootd}" dpkg --print-architecture)
|
||||||
|
|
||||||
|
add_serial_console() {
|
||||||
|
condev=$1
|
||||||
|
idir="$rootd/etc/init"
|
||||||
|
cat << EOF > "${idir}/${condev}.conf"
|
||||||
|
# CONDEV - getty
|
||||||
|
#
|
||||||
|
# This service maintains a getty on CONDEV from the point the system is
|
||||||
|
# started until it is shut down again.
|
||||||
|
|
||||||
|
start on stopped rc RUNLEVEL=[2345] and (
|
||||||
|
not-container or
|
||||||
|
container CONTAINER=lxc or
|
||||||
|
container CONTAINER=lxc-libvirt)
|
||||||
|
|
||||||
|
stop on runlevel [!2345]
|
||||||
|
|
||||||
|
pre-start script
|
||||||
|
# getty will not be started if the serial console is not present
|
||||||
|
stty -F /dev/CONDEV -a 2> /dev/null > /dev/null || { stop ; exit 0; }
|
||||||
|
end script
|
||||||
|
|
||||||
|
respawn
|
||||||
|
script
|
||||||
|
exec /sbin/getty -L CONDEV 115200 vt102
|
||||||
|
end script
|
||||||
|
${CLOUD_IMG_STR}
|
||||||
|
EOF
|
||||||
|
sed -i "s/CONDEV/${condev}/g" "$idir/${condev}.conf"
|
||||||
|
}
|
||||||
|
|
||||||
|
## --------------
|
||||||
|
# remove 127.0.1.1 entry (LP: #440757)
|
||||||
|
_xchroot "${rootd}" sh -c 'sed -i "/^127.0.1.1/d" /etc/hosts'
|
||||||
|
|
||||||
|
## --------------
|
||||||
|
# remove ssh pregenerated keys (LP: #512377)
|
||||||
|
|
||||||
|
_xchroot "${rootd}" sh -c 'rm -f /etc/ssh/ssh_host_[rd]sa_key*'
|
||||||
|
|
||||||
|
## --------------
|
||||||
|
_xchroot "${rootd}" locale-gen en_US.utf8
|
||||||
|
|
||||||
|
## --------------
|
||||||
|
# set cloud-init to be on
|
||||||
|
values="NoCloud, ConfigDrive, AltCloud, OVF, MAAS, Ec2, None"
|
||||||
|
printf "%s\t%s\t%s\t%s\n" \
|
||||||
|
cloud-init cloud-init/datasources multiselect "$values" |
|
||||||
|
_xchroot "${rootd}" debconf-set-selections
|
||||||
|
_xchroot "${rootd}" dpkg-reconfigure --frontend=noninteractive cloud-init
|
||||||
|
|
||||||
|
## --------------
|
||||||
|
# write some build information to the guest
|
||||||
|
# the idea is that given runtime info and this info, the instance
|
||||||
|
# can at least determine if there is a newer build available
|
||||||
|
# these variables are passed in in environment from cloudimg-build-launcher
|
||||||
|
if [ -n "${build_name}" -o -n "${serial}" ]; then
|
||||||
|
d="${rootd}/etc/cloud"
|
||||||
|
[ -d "$d" ] || mkdir -p "${d}"
|
||||||
|
{
|
||||||
|
[ -n "${build_name}" ] && echo "build_name: ${build_name}"
|
||||||
|
[ -n "${serial}" ] && echo "serial: ${serial}"
|
||||||
|
} > "$d/build.info"
|
||||||
|
fi
|
||||||
|
|
||||||
|
## --------------
|
||||||
|
# for maverick and newer, use LABEL= for the '/' entry in fstab
|
||||||
|
if [ -n "${root_fs_label}" ]; then
|
||||||
|
bl="[:blank:]"
|
||||||
|
lstr="LABEL=${root_fs_label}"
|
||||||
|
sed -i "s,^[^#${bl}]*\([${bl}]*/[${bl}].*\),${lstr}\1," "${rootd}/etc/fstab"
|
||||||
|
fi
|
||||||
|
cat > /etc/fstab << EOM
|
||||||
|
LABEL=cloudimg-rootfs / ext4 defaults 0 0
|
||||||
|
EOM
|
||||||
|
|
||||||
|
## Make sure that the update-motd.d directory exists
|
||||||
|
[ ! -e "${rootd}/etc/update-motd.d" ] &&
|
||||||
|
mkdir -p "${rootd}/etc/update-motd.d"
|
||||||
|
|
||||||
|
## write a MOTD file advertising support for images
|
||||||
|
cat > "${rootd}/etc/update-motd.d/51-cloudguest" << EOF
|
||||||
|
#!/bin/sh
|
||||||
|
#
|
||||||
|
${CLOUD_IMG_STR}
|
||||||
|
# This file is not managed by a package. If you no longer want to
|
||||||
|
# see this message you can safely remove the file.
|
||||||
|
echo ""
|
||||||
|
echo " Get cloud support with Ubuntu Advantage Cloud Guest:"
|
||||||
|
echo " http://www.ubuntu.com/business/services/cloud"
|
||||||
|
EOF
|
||||||
|
|
||||||
|
chmod +x "${rootd}/etc/update-motd.d/51-cloudguest"
|
||||||
|
|
||||||
|
# for quantal and newer, add /etc/overlayroot.local.conf
|
||||||
|
# but do not overwrite anything that somehow got there
|
||||||
|
if [ -f "${rootd}/etc/overlayroot.conf" ] &&
|
||||||
|
[ ! -f "${rootd}/etc/overlayroot.local.conf" ]; then
|
||||||
|
{
|
||||||
|
echo "${CLOUD_IMG_STR}"
|
||||||
|
echo "overlayroot_cfgdisk=LABEL=OROOTCFG"
|
||||||
|
} > "${rootd}/etc/overlayroot.local.conf"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
#### END COMMON ARCH FUNCTIONS
|
||||||
|
|
||||||
|
if [ "$arch" = "ppc64el" ]; then
|
||||||
|
add_serial_console hvc0
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
# ARM images are special
|
||||||
|
if [[ "$arch" =~ (arm|arm64|aarch64) ]]; then
|
||||||
|
|
||||||
|
echo "Configuring ARM Serial Port"
|
||||||
|
add_serial_console ttyAMA0
|
||||||
|
|
||||||
|
echo "Image architecture is ARM. Existing vmbuilder-fixups"
|
||||||
|
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
## Add ttyS0 for i386/amd64 for Trusty and newer
|
||||||
|
if [ "$arch" = "i386" -o "$arch" = "amd64" ]; then
|
||||||
|
add_serial_console ttyS0
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
psuedo_grub_probe() {
|
||||||
|
cat <<"PSUEDO_GRUB_PROBE"
|
||||||
|
#!/bin/sh
|
||||||
|
Usage() {
|
||||||
|
cat <<EOF
|
||||||
|
Usage: euca-psuedo-grub-probe
|
||||||
|
this is a wrapper around grub-probe to provide the answers for an ec2 guest
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
bad_Usage() { Usage 1>&2; fail "$@"; }
|
||||||
|
|
||||||
|
short_opts=""
|
||||||
|
long_opts="device-map:,target:,device"
|
||||||
|
getopt_out=$(getopt --name "${0##*/}" \
|
||||||
|
--options "${short_opts}" --long "${long_opts}" -- "$@") &&
|
||||||
|
eval set -- "${getopt_out}" ||
|
||||||
|
bad_Usage
|
||||||
|
|
||||||
|
device_map=""
|
||||||
|
target=""
|
||||||
|
device=0
|
||||||
|
arg=""
|
||||||
|
|
||||||
|
while [ $# -ne 0 ]; do
|
||||||
|
cur=${1}; next=${2};
|
||||||
|
case "$cur" in
|
||||||
|
--device-map) device_map=${next}; shift;;
|
||||||
|
--device) device=1;;
|
||||||
|
--target) target=${next}; shift;;
|
||||||
|
--) shift; break;;
|
||||||
|
esac
|
||||||
|
shift;
|
||||||
|
done
|
||||||
|
arg=${1}
|
||||||
|
|
||||||
|
case "${target}:${device}:${arg}" in
|
||||||
|
device:*:/*) echo "/dev/sda1"; exit 0;;
|
||||||
|
fs:*:*) echo "ext2"; exit 0;;
|
||||||
|
partmap:*:*)
|
||||||
|
# older versions of grub (lucid) want 'part_msdos' written
|
||||||
|
# rather than 'msdos'
|
||||||
|
legacy_pre=""
|
||||||
|
grubver=$(dpkg-query --show --showformat '${Version}\n' grub-pc 2>/dev/null) &&
|
||||||
|
dpkg --compare-versions "${grubver}" lt 1.98+20100804-5ubuntu3 &&
|
||||||
|
legacy_pre="part_"
|
||||||
|
echo "${legacy_pre}msdos";
|
||||||
|
exit 0;;
|
||||||
|
abstraction:*:*) echo ""; exit 0;;
|
||||||
|
drive:*:/dev/sda) echo "(hd0)";;
|
||||||
|
drive:*:/dev/sda*) echo "(hd0,1)";;
|
||||||
|
fs_uuid:*:*) exit 1;;
|
||||||
|
esac
|
||||||
|
PSUEDO_GRUB_PROBE
|
||||||
|
}
|
||||||
|
|
||||||
|
## install / setup grub2
|
||||||
|
gprobe="${rootd}/usr/sbin/grub-probe"
|
||||||
|
moved=0
|
||||||
|
if [ -f "${gprobe}" ]; then
|
||||||
|
mv "${gprobe}" "${gprobe}.dist"
|
||||||
|
moved=1
|
||||||
|
fi
|
||||||
|
psuedo_grub_probe > "${gprobe}"
|
||||||
|
chmod 755 "${gprobe}"
|
||||||
|
|
||||||
|
# for Quantal and later, use /etc/default/grub.d functionality
|
||||||
|
# rather than modifying the grub configuration itself.
|
||||||
|
# This avoids the mess of having to do dpkg stuff
|
||||||
|
# LP: 1179940
|
||||||
|
mkdir -p "${rootd}/etc/default/grub.d"
|
||||||
|
cat << EOF > "${rootd}/etc/default/grub.d/50-cloudimg-settings.cfg"
|
||||||
|
# Cloud Image specific Grub settings for Generic Cloud Images
|
||||||
|
${CLOUD_IMG_STR}
|
||||||
|
|
||||||
|
# Set the recordfail timeout
|
||||||
|
GRUB_RECORDFAIL_TIMEOUT=0
|
||||||
|
|
||||||
|
# Do not wait on grub prompt
|
||||||
|
GRUB_TIMEOUT=0
|
||||||
|
|
||||||
|
# Set the default commandline
|
||||||
|
GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0"
|
||||||
|
|
||||||
|
# Set the grub console type
|
||||||
|
GRUB_TERMINAL=console
|
||||||
|
EOF
|
||||||
|
_xchroot "${rootd}" update-grub2
|
||||||
|
|
||||||
|
# since this is a disk image, we technically don't need to install all the
|
||||||
|
# grub modules, as the image itself is not bootable. This makes for a small
|
||||||
|
# disk image
|
||||||
|
_xchroot "${rootd}" update-grub
|
||||||
|
|
||||||
|
# reconfigure grub so that upgrades to grub-pc do not force a debconf config
|
||||||
|
# changed prompt (LP: #1009294). This re-runs update-grub
|
||||||
|
_xchroot "${rootd}" env DEBIAN_FRONTEND=noninteractive \
|
||||||
|
dpkg-reconfigure grub-pc
|
||||||
|
|
||||||
|
grub2cfg="${rootd}/boot/grub/grub.cfg"
|
||||||
|
[ ! -f "${grub2cfg}" ] ||
|
||||||
|
sed -i -e "s,root=/dev/sda1,root=LABEL=${root_fs_label}," "${grub2cfg}"
|
||||||
|
|
||||||
|
[ ${moved} -eq 0 ] || mv "${gprobe}.dist" "${gprobe}"
|
||||||
|
|
||||||
|
## modify /boot/grub/menu.lst if it exists
|
||||||
|
## this is generated at install time by grub-legacy-ec2, but will have
|
||||||
|
## devices as found from the _xchroot. Here we write what it will be on ec2
|
||||||
|
if [ -f "${rootd}/boot/grub/menu.lst" ]; then
|
||||||
|
grub_root="(hd0)"
|
||||||
|
linux_root=/dev/sda1
|
||||||
|
[ -n "${root_fs_label}" ] && linux_root="LABEL=${root_fs_label}"
|
||||||
|
# the sed code below basically fixes/sets the following lines in a
|
||||||
|
# /boot/grub/menu.lst file:
|
||||||
|
# # kopt=root=xxxxxxx ro
|
||||||
|
# kernel /boot/vmlinuz-... root=xxxxxx ....
|
||||||
|
# # groot=xxxxx
|
||||||
|
# root xxxxx
|
||||||
|
# uuuid xxxxx
|
||||||
|
sed -i "${rootd}/boot/grub/menu.lst" \
|
||||||
|
-e "s|^\(# kopt=root=\)[^ ]*|\1${linux_root}|" \
|
||||||
|
-e "s|^\(kernel.*root=\)[^ ]*|\1${linux_root}|" \
|
||||||
|
-e "s|^\(# groot=\)[^ ]*|\1${grub_root}|" \
|
||||||
|
-e "s|^\(root\|uuid\)\([[:space:]]*\).*|root\2${grub_root}|"
|
||||||
|
|
||||||
|
# grub-legacy-ec2 writes this ucf entry. since we've modified
|
||||||
|
# /boot/grub/menu.lst, we have to remove it, or the user will
|
||||||
|
# get prompted for a 3 way merge of the changes the first time this runs
|
||||||
|
_xchroot "${rootd}" /usr/bin/ucfr --purge grub /var/run/grub/menu.lst
|
||||||
|
fi
|
||||||
|
|
||||||
|
# vi: ts=3 expandtab
|
@ -0,0 +1 @@
|
|||||||
|
ubuntu
|
@ -0,0 +1,9 @@
|
|||||||
|
127.0.0.1 localhost
|
||||||
|
|
||||||
|
# The following lines are desirable for IPv6 capable hosts
|
||||||
|
::1 ip6-localhost ip6-loopback
|
||||||
|
fe00::0 ip6-localnet
|
||||||
|
ff00::0 ip6-mcastprefix
|
||||||
|
ff02::1 ip6-allnodes
|
||||||
|
ff02::2 ip6-allrouters
|
||||||
|
ff02::3 ip6-allhosts
|
@ -0,0 +1,15 @@
|
|||||||
|
# This file describes the network interfaces available on your system
|
||||||
|
# and how to activate them. For more information, see interfaces(5).
|
||||||
|
|
||||||
|
# The loopback network interface
|
||||||
|
auto lo
|
||||||
|
iface lo inet loopback
|
||||||
|
|
||||||
|
# Source interfaces
|
||||||
|
# Please check /etc/network/interfaces.d before changing this file
|
||||||
|
# as interfaces may have been defined in /etc/network/interfaces.d
|
||||||
|
# NOTE: the primary ethernet device is defined in
|
||||||
|
# /etc/network/interfaces.d/eth0
|
||||||
|
# See LP: #1262951
|
||||||
|
source /etc/network/interfaces.d/*.cfg
|
||||||
|
|
@ -0,0 +1,3 @@
|
|||||||
|
# The primary network interface
|
||||||
|
auto eth0
|
||||||
|
iface eth0 inet dhcp
|
Loading…
Reference in new issue