- build cloud based images using livecd-rootfsubuntu/yakkety
commit
1167706f83
@ -0,0 +1,28 @@
|
||||
#!/bin/bash
|
||||
# Configure certain packages
|
||||
|
||||
## console-setup
|
||||
|
||||
# Select the fontface
|
||||
printf "%s\t%s\t%s\t%s\n" \
|
||||
console-setup console-setup/console-setup/fontface47 string "Fixed" debconf-set-selections ||
|
||||
{ echo "FAILED to setup console fontface"; exit 1; }
|
||||
|
||||
# Select the code page for font
|
||||
printf "%s\t%s\t%s\t%s\n" \
|
||||
console-setup console-setup/codesetcode string "Uni2" | debconf-set-selections ||
|
||||
{ echo "FAILED to setup console code page to Uni2"; exit 1; }
|
||||
|
||||
# Set Language string for codepage 47
|
||||
printf "%s\t%s\t%s\t%s\n" \
|
||||
console-setup console-setup/codeset47 string ". Combined - Latin; Slavic Cyrillic; Greek" | debconf-set-selections ||
|
||||
{ echo "FAILED to setup codeset47 to proper string"; exti 1; }
|
||||
|
||||
# Replace the console font and typ ein /etc/default/console-setup
|
||||
sed -i -e 's,^CODESET.*,CODESET="Uni2",g' \
|
||||
-e 's,^FONTFACE.*,FONTFACE="Fixed",g' \
|
||||
/etc/default/console-setup
|
||||
|
||||
# Configure the console-setup
|
||||
dpkg-reconfigure --frontend=noninteractive console-setup ||
|
||||
{ echo "FAILED to recofigure console-setup"; exit 1; }
|
@ -0,0 +1,14 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# Create the necessary users and set their passwords. If needed,
|
||||
# make sure they belong to the proper groups
|
||||
#
|
||||
# Author: Ben Howard <ben.howard@canonical.com>
|
||||
# Date: 29 Jun 2011
|
||||
#
|
||||
|
||||
echo "Adding admin group..."
|
||||
addgroup --system --quiet admin
|
||||
|
||||
echo "Adding netdev group..."
|
||||
addgroup --system --quiet netdev
|
@ -0,0 +1,3 @@
|
||||
#!/bin/bash
|
||||
|
||||
printf "HWCLOCKACCESS=no" >> /etc/default/rcS
|
@ -0,0 +1,3 @@
|
||||
#!/bin/bash
|
||||
|
||||
sed -i "s|#PasswordAuthentication yes|PasswordAuthentication no|g" /etc/ssh/sshd_config
|
@ -0,0 +1,18 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# Disable IPv6 privacy extensions on Utopic and later
|
||||
#
|
||||
|
||||
codename=$(sh -c 'lsb_release --short --codename')
|
||||
dist_ge() { [[ "$1" > "$2" || "$1" == "$2" ]]; }
|
||||
|
||||
if ! dist_ge "${codename}" "trusty"; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
cat << EOF > /etc/sysctl.d/99-cloudimg-ipv6.conf
|
||||
# Written by the Cloud Image build process
|
||||
# See https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1068756
|
||||
net.ipv6.conf.all.use_tempaddr = 0
|
||||
net.ipv6.conf.default.use_tempaddr = 0
|
||||
EOF
|
@ -0,0 +1,57 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Clean up extraneous log files that may be left around
|
||||
rm /etc/ssh/ssh_host*key* || echo "No SSH keys to remove"
|
||||
|
||||
# Fix LP: #1047707, 1019338
|
||||
# Truncate logs that are owned, otherwise remove
|
||||
whitelisted_logs=(/var/log/btmp /var/log/lastlog /var/log/wtmp /var/log/fsck/checkfs /var/log/fsck/checkroot)
|
||||
|
||||
for log in $(find /var/log -type f)
|
||||
do
|
||||
whitelisted=$(echo "${whitelisted_logs[@]}" | grep -o ${log})
|
||||
|
||||
if [ -n "${whitelisted}" ]; then
|
||||
: > ${log} &&
|
||||
echo "Truncated whitelisted log ${log}" ||
|
||||
echo "Failed to truncate whitelisted log ${log}"
|
||||
else
|
||||
|
||||
dpkg -S ${log} > /dev/null 2>&1 &&
|
||||
{ : > ${log} ||
|
||||
echo "Failed to truncate $f"; } ||
|
||||
{ rm ${log} &&
|
||||
echo "Removed ${log} as an orphaned log file" ||
|
||||
echo "Failed to remove unnecessary log $f"; }
|
||||
fi
|
||||
done
|
||||
|
||||
# Remove un-owned log directories
|
||||
whitelisted_dirs=(/var/log/fsck)
|
||||
|
||||
for log_d in $(find /var/log/* -type d)
|
||||
do
|
||||
whitelisted=$(echo "${whitelisted_dirs[@]}" | grep -o "${log_d}")
|
||||
if [ -z "${whitelisted}" ]; then
|
||||
dpkg -S ${log_d} > /dev/null 2>&1 &&
|
||||
echo "Preserving log directory ${log_d}" ||
|
||||
{ rm -rf ${log_d} &&
|
||||
echo "Removed log directory ${log_d} as orphaned log dir" ||
|
||||
echo "Failed to remove unnessasary log dir ${log_d}"; }
|
||||
|
||||
else
|
||||
echo "Preserving whitelisted directory ${log_d}"
|
||||
fi
|
||||
|
||||
done
|
||||
|
||||
|
||||
rm -rf /var/run/* || echo "Failed to clean /var/run/*"
|
||||
rm /etc/passwd- || echo "No spare passwd file to cleanup"
|
||||
rm /etc/shadow- || echo "No spare shadow file to cleanup"
|
||||
rm /etc/gshadow- || echo "No spare gshadow file to cleanup"
|
||||
rm /etc/group- || echo "No spare group file to clenaup"
|
||||
rm -f /etc/apt/conf.d/00secure || echo "No apt cache to cleanup"
|
||||
|
||||
# Truncate instead of delete, LP: #707311
|
||||
truncate --size=0 -c /etc/popularity-contest.conf
|
@ -0,0 +1,281 @@
|
||||
#!/bin/bash
|
||||
rootd="${1:-/}"
|
||||
root_fs_label=cloudimg-rootfs
|
||||
set -ex
|
||||
|
||||
CLOUD_IMG_STR="# CLOUD_IMG: This file was created/modified by the Cloud Image build process"
|
||||
|
||||
LANG=C
|
||||
|
||||
_xchroot() {
|
||||
# Prevent multiple chroots
|
||||
if [ "$1" = "/" ]; then
|
||||
shift;
|
||||
"$@"
|
||||
else
|
||||
chroot "$@"
|
||||
fi
|
||||
}
|
||||
|
||||
#### COMMON architecture independent functions
|
||||
arch=$(_xchroot "${rootd}" dpkg --print-architecture)
|
||||
|
||||
add_serial_console() {
|
||||
condev=$1
|
||||
idir="$rootd/etc/init"
|
||||
cat << EOF > "${idir}/${condev}.conf"
|
||||
# CONDEV - getty
|
||||
#
|
||||
# This service maintains a getty on CONDEV from the point the system is
|
||||
# started until it is shut down again.
|
||||
|
||||
start on stopped rc RUNLEVEL=[2345] and (
|
||||
not-container or
|
||||
container CONTAINER=lxc or
|
||||
container CONTAINER=lxc-libvirt)
|
||||
|
||||
stop on runlevel [!2345]
|
||||
|
||||
pre-start script
|
||||
# getty will not be started if the serial console is not present
|
||||
stty -F /dev/CONDEV -a 2> /dev/null > /dev/null || { stop ; exit 0; }
|
||||
end script
|
||||
|
||||
respawn
|
||||
script
|
||||
exec /sbin/getty -L CONDEV 115200 vt102
|
||||
end script
|
||||
${CLOUD_IMG_STR}
|
||||
EOF
|
||||
sed -i "s/CONDEV/${condev}/g" "$idir/${condev}.conf"
|
||||
}
|
||||
|
||||
## --------------
|
||||
# remove 127.0.1.1 entry (LP: #440757)
|
||||
_xchroot "${rootd}" sh -c 'sed -i "/^127.0.1.1/d" /etc/hosts'
|
||||
|
||||
## --------------
|
||||
# remove ssh pregenerated keys (LP: #512377)
|
||||
|
||||
_xchroot "${rootd}" sh -c 'rm -f /etc/ssh/ssh_host_[rd]sa_key*'
|
||||
|
||||
## --------------
|
||||
_xchroot "${rootd}" locale-gen en_US.utf8
|
||||
|
||||
## --------------
|
||||
# set cloud-init to be on
|
||||
values="NoCloud, ConfigDrive, AltCloud, OVF, MAAS, Ec2, None"
|
||||
printf "%s\t%s\t%s\t%s\n" \
|
||||
cloud-init cloud-init/datasources multiselect "$values" |
|
||||
_xchroot "${rootd}" debconf-set-selections
|
||||
_xchroot "${rootd}" dpkg-reconfigure --frontend=noninteractive cloud-init
|
||||
|
||||
## --------------
|
||||
# write some build information to the guest
|
||||
# the idea is that given runtime info and this info, the instance
|
||||
# can at least determine if there is a newer build available
|
||||
# these variables are passed in in environment from cloudimg-build-launcher
|
||||
if [ -n "${build_name}" -o -n "${serial}" ]; then
|
||||
d="${rootd}/etc/cloud"
|
||||
[ -d "$d" ] || mkdir -p "${d}"
|
||||
{
|
||||
[ -n "${build_name}" ] && echo "build_name: ${build_name}"
|
||||
[ -n "${serial}" ] && echo "serial: ${serial}"
|
||||
} > "$d/build.info"
|
||||
fi
|
||||
|
||||
## --------------
|
||||
# for maverick and newer, use LABEL= for the '/' entry in fstab
|
||||
if [ -n "${root_fs_label}" ]; then
|
||||
bl="[:blank:]"
|
||||
lstr="LABEL=${root_fs_label}"
|
||||
sed -i "s,^[^#${bl}]*\([${bl}]*/[${bl}].*\),${lstr}\1," "${rootd}/etc/fstab"
|
||||
fi
|
||||
cat > /etc/fstab << EOM
|
||||
LABEL=cloudimg-rootfs / ext4 defaults 0 0
|
||||
EOM
|
||||
|
||||
## Make sure that the update-motd.d directory exists
|
||||
[ ! -e "${rootd}/etc/update-motd.d" ] &&
|
||||
mkdir -p "${rootd}/etc/update-motd.d"
|
||||
|
||||
## write a MOTD file advertising support for images
|
||||
cat > "${rootd}/etc/update-motd.d/51-cloudguest" << EOF
|
||||
#!/bin/sh
|
||||
#
|
||||
${CLOUD_IMG_STR}
|
||||
# This file is not managed by a package. If you no longer want to
|
||||
# see this message you can safely remove the file.
|
||||
echo ""
|
||||
echo " Get cloud support with Ubuntu Advantage Cloud Guest:"
|
||||
echo " http://www.ubuntu.com/business/services/cloud"
|
||||
EOF
|
||||
|
||||
chmod +x "${rootd}/etc/update-motd.d/51-cloudguest"
|
||||
|
||||
# for quantal and newer, add /etc/overlayroot.local.conf
|
||||
# but do not overwrite anything that somehow got there
|
||||
if [ -f "${rootd}/etc/overlayroot.conf" ] &&
|
||||
[ ! -f "${rootd}/etc/overlayroot.local.conf" ]; then
|
||||
{
|
||||
echo "${CLOUD_IMG_STR}"
|
||||
echo "overlayroot_cfgdisk=LABEL=OROOTCFG"
|
||||
} > "${rootd}/etc/overlayroot.local.conf"
|
||||
fi
|
||||
|
||||
|
||||
#### END COMMON ARCH FUNCTIONS
|
||||
|
||||
if [ "$arch" = "ppc64el" ]; then
|
||||
add_serial_console hvc0
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# ARM images are special
|
||||
if [[ "$arch" =~ (arm|arm64|aarch64) ]]; then
|
||||
|
||||
echo "Configuring ARM Serial Port"
|
||||
add_serial_console ttyAMA0
|
||||
|
||||
echo "Image architecture is ARM. Existing vmbuilder-fixups"
|
||||
|
||||
exit 0
|
||||
fi
|
||||
|
||||
## Add ttyS0 for i386/amd64 for Trusty and newer
|
||||
if [ "$arch" = "i386" -o "$arch" = "amd64" ]; then
|
||||
add_serial_console ttyS0
|
||||
fi
|
||||
|
||||
|
||||
psuedo_grub_probe() {
|
||||
cat <<"PSUEDO_GRUB_PROBE"
|
||||
#!/bin/sh
|
||||
Usage() {
|
||||
cat <<EOF
|
||||
Usage: euca-psuedo-grub-probe
|
||||
this is a wrapper around grub-probe to provide the answers for an ec2 guest
|
||||
EOF
|
||||
}
|
||||
bad_Usage() { Usage 1>&2; fail "$@"; }
|
||||
|
||||
short_opts=""
|
||||
long_opts="device-map:,target:,device"
|
||||
getopt_out=$(getopt --name "${0##*/}" \
|
||||
--options "${short_opts}" --long "${long_opts}" -- "$@") &&
|
||||
eval set -- "${getopt_out}" ||
|
||||
bad_Usage
|
||||
|
||||
device_map=""
|
||||
target=""
|
||||
device=0
|
||||
arg=""
|
||||
|
||||
while [ $# -ne 0 ]; do
|
||||
cur=${1}; next=${2};
|
||||
case "$cur" in
|
||||
--device-map) device_map=${next}; shift;;
|
||||
--device) device=1;;
|
||||
--target) target=${next}; shift;;
|
||||
--) shift; break;;
|
||||
esac
|
||||
shift;
|
||||
done
|
||||
arg=${1}
|
||||
|
||||
case "${target}:${device}:${arg}" in
|
||||
device:*:/*) echo "/dev/sda1"; exit 0;;
|
||||
fs:*:*) echo "ext2"; exit 0;;
|
||||
partmap:*:*)
|
||||
# older versions of grub (lucid) want 'part_msdos' written
|
||||
# rather than 'msdos'
|
||||
legacy_pre=""
|
||||
grubver=$(dpkg-query --show --showformat '${Version}\n' grub-pc 2>/dev/null) &&
|
||||
dpkg --compare-versions "${grubver}" lt 1.98+20100804-5ubuntu3 &&
|
||||
legacy_pre="part_"
|
||||
echo "${legacy_pre}msdos";
|
||||
exit 0;;
|
||||
abstraction:*:*) echo ""; exit 0;;
|
||||
drive:*:/dev/sda) echo "(hd0)";;
|
||||
drive:*:/dev/sda*) echo "(hd0,1)";;
|
||||
fs_uuid:*:*) exit 1;;
|
||||
esac
|
||||
PSUEDO_GRUB_PROBE
|
||||
}
|
||||
|
||||
## install / setup grub2
|
||||
gprobe="${rootd}/usr/sbin/grub-probe"
|
||||
moved=0
|
||||
if [ -f "${gprobe}" ]; then
|
||||
mv "${gprobe}" "${gprobe}.dist"
|
||||
moved=1
|
||||
fi
|
||||
psuedo_grub_probe > "${gprobe}"
|
||||
chmod 755 "${gprobe}"
|
||||
|
||||
# for Quantal and later, use /etc/default/grub.d functionality
|
||||
# rather than modifying the grub configuration itself.
|
||||
# This avoids the mess of having to do dpkg stuff
|
||||
# LP: 1179940
|
||||
mkdir -p "${rootd}/etc/default/grub.d"
|
||||
cat << EOF > "${rootd}/etc/default/grub.d/50-cloudimg-settings.cfg"
|
||||
# Cloud Image specific Grub settings for Generic Cloud Images
|
||||
${CLOUD_IMG_STR}
|
||||
|
||||
# Set the recordfail timeout
|
||||
GRUB_RECORDFAIL_TIMEOUT=0
|
||||
|
||||
# Do not wait on grub prompt
|
||||
GRUB_TIMEOUT=0
|
||||
|
||||
# Set the default commandline
|
||||
GRUB_CMDLINE_LINUX_DEFAULT="console=tty1 console=ttyS0"
|
||||
|
||||
# Set the grub console type
|
||||
GRUB_TERMINAL=console
|
||||
EOF
|
||||
_xchroot "${rootd}" update-grub2
|
||||
|
||||
# since this is a disk image, we technically don't need to install all the
|
||||
# grub modules, as the image itself is not bootable. This makes for a small
|
||||
# disk image
|
||||
_xchroot "${rootd}" update-grub
|
||||
|
||||
# reconfigure grub so that upgrades to grub-pc do not force a debconf config
|
||||
# changed prompt (LP: #1009294). This re-runs update-grub
|
||||
_xchroot "${rootd}" env DEBIAN_FRONTEND=noninteractive \
|
||||
dpkg-reconfigure grub-pc
|
||||
|
||||
grub2cfg="${rootd}/boot/grub/grub.cfg"
|
||||
[ ! -f "${grub2cfg}" ] ||
|
||||
sed -i -e "s,root=/dev/sda1,root=LABEL=${root_fs_label}," "${grub2cfg}"
|
||||
|
||||
[ ${moved} -eq 0 ] || mv "${gprobe}.dist" "${gprobe}"
|
||||
|
||||
## modify /boot/grub/menu.lst if it exists
|
||||
## this is generated at install time by grub-legacy-ec2, but will have
|
||||
## devices as found from the _xchroot. Here we write what it will be on ec2
|
||||
if [ -f "${rootd}/boot/grub/menu.lst" ]; then
|
||||
grub_root="(hd0)"
|
||||
linux_root=/dev/sda1
|
||||
[ -n "${root_fs_label}" ] && linux_root="LABEL=${root_fs_label}"
|
||||
# the sed code below basically fixes/sets the following lines in a
|
||||
# /boot/grub/menu.lst file:
|
||||
# # kopt=root=xxxxxxx ro
|
||||
# kernel /boot/vmlinuz-... root=xxxxxx ....
|
||||
# # groot=xxxxx
|
||||
# root xxxxx
|
||||
# uuuid xxxxx
|
||||
sed -i "${rootd}/boot/grub/menu.lst" \
|
||||
-e "s|^\(# kopt=root=\)[^ ]*|\1${linux_root}|" \
|
||||
-e "s|^\(kernel.*root=\)[^ ]*|\1${linux_root}|" \
|
||||
-e "s|^\(# groot=\)[^ ]*|\1${grub_root}|" \
|
||||
-e "s|^\(root\|uuid\)\([[:space:]]*\).*|root\2${grub_root}|"
|
||||
|
||||
# grub-legacy-ec2 writes this ucf entry. since we've modified
|
||||
# /boot/grub/menu.lst, we have to remove it, or the user will
|
||||
# get prompted for a 3 way merge of the changes the first time this runs
|
||||
_xchroot "${rootd}" /usr/bin/ucfr --purge grub /var/run/grub/menu.lst
|
||||
fi
|
||||
|
||||
# vi: ts=3 expandtab
|
@ -0,0 +1 @@
|
||||
ubuntu
|
@ -0,0 +1,9 @@
|
||||
127.0.0.1 localhost
|
||||
|
||||
# The following lines are desirable for IPv6 capable hosts
|
||||
::1 ip6-localhost ip6-loopback
|
||||
fe00::0 ip6-localnet
|
||||
ff00::0 ip6-mcastprefix
|
||||
ff02::1 ip6-allnodes
|
||||
ff02::2 ip6-allrouters
|
||||
ff02::3 ip6-allhosts
|
@ -0,0 +1,15 @@
|
||||
# This file describes the network interfaces available on your system
|
||||
# and how to activate them. For more information, see interfaces(5).
|
||||
|
||||
# The loopback network interface
|
||||
auto lo
|
||||
iface lo inet loopback
|
||||
|
||||
# Source interfaces
|
||||
# Please check /etc/network/interfaces.d before changing this file
|
||||
# as interfaces may have been defined in /etc/network/interfaces.d
|
||||
# NOTE: the primary ethernet device is defined in
|
||||
# /etc/network/interfaces.d/eth0
|
||||
# See LP: #1262951
|
||||
source /etc/network/interfaces.d/*.cfg
|
||||
|
@ -0,0 +1,3 @@
|
||||
# The primary network interface
|
||||
auto eth0
|
||||
iface eth0 inet dhcp
|
Loading…
Reference in new issue