From 928a79af1ecea1b507a7b01f16a3d64b14c8fadf Mon Sep 17 00:00:00 2001 From: Daniel Watkins Date: Wed, 8 Apr 2015 09:34:15 +0100 Subject: [PATCH] Add hooks and includes. --- .../ubuntu-cpc/hooks/020-pkg-configure.chroot | 28 +++++++++ .../ubuntu-cpc/hooks/025-create-groups.chroot | 14 +++++ .../ubuntu-cpc/hooks/051-hwclock.chroot | 3 + .../hooks/052-ssh_authentication.chroot | 3 + live-build/ubuntu-cpc/hooks/060-ipv6.chroot | 18 ++++++ .../ubuntu-cpc/hooks/099-cleanup.chroot | 57 +++++++++++++++++++ .../ubuntu-cpc/includes.chroot/etc/hostname | 1 + .../ubuntu-cpc/includes.chroot/etc/hosts | 9 +++ .../includes.chroot/etc/network/interfaces | 15 +++++ .../etc/network/interfaces.d/eth0.cfg | 3 + 10 files changed, 151 insertions(+) create mode 100755 live-build/ubuntu-cpc/hooks/020-pkg-configure.chroot create mode 100755 live-build/ubuntu-cpc/hooks/025-create-groups.chroot create mode 100755 live-build/ubuntu-cpc/hooks/051-hwclock.chroot create mode 100755 live-build/ubuntu-cpc/hooks/052-ssh_authentication.chroot create mode 100755 live-build/ubuntu-cpc/hooks/060-ipv6.chroot create mode 100755 live-build/ubuntu-cpc/hooks/099-cleanup.chroot create mode 100644 live-build/ubuntu-cpc/includes.chroot/etc/hostname create mode 100644 live-build/ubuntu-cpc/includes.chroot/etc/hosts create mode 100644 live-build/ubuntu-cpc/includes.chroot/etc/network/interfaces create mode 100644 live-build/ubuntu-cpc/includes.chroot/etc/network/interfaces.d/eth0.cfg diff --git a/live-build/ubuntu-cpc/hooks/020-pkg-configure.chroot b/live-build/ubuntu-cpc/hooks/020-pkg-configure.chroot new file mode 100755 index 00000000..5aee6ae5 --- /dev/null +++ b/live-build/ubuntu-cpc/hooks/020-pkg-configure.chroot @@ -0,0 +1,28 @@ +#!/bin/bash +# Configure certain packages + +## console-setup + +# Select the fontface +printf "%s\t%s\t%s\t%s\n" \ + console-setup console-setup/console-setup/fontface47 string "Fixed" debconf-set-selections || + { echo "FAILED to setup console fontface"; exit 1; } + +# Select the code page for font +printf "%s\t%s\t%s\t%s\n" \ + console-setup console-setup/codesetcode string "Uni2" | debconf-set-selections || + { echo "FAILED to setup console code page to Uni2"; exit 1; } + +# Set Language string for codepage 47 +printf "%s\t%s\t%s\t%s\n" \ + console-setup console-setup/codeset47 string ". Combined - Latin; Slavic Cyrillic; Greek" | debconf-set-selections || + { echo "FAILED to setup codeset47 to proper string"; exti 1; } + +# Replace the console font and typ ein /etc/default/console-setup +sed -i -e 's,^CODESET.*,CODESET="Uni2",g' \ + -e 's,^FONTFACE.*,FONTFACE="Fixed",g' \ + /etc/default/console-setup + +# Configure the console-setup +dpkg-reconfigure --frontend=noninteractive console-setup || + { echo "FAILED to recofigure console-setup"; exit 1; } diff --git a/live-build/ubuntu-cpc/hooks/025-create-groups.chroot b/live-build/ubuntu-cpc/hooks/025-create-groups.chroot new file mode 100755 index 00000000..031cbfef --- /dev/null +++ b/live-build/ubuntu-cpc/hooks/025-create-groups.chroot @@ -0,0 +1,14 @@ +#!/bin/bash +# +# Create the necessary users and set their passwords. If needed, +# make sure they belong to the proper groups +# +# Author: Ben Howard +# Date: 29 Jun 2011 +# + +echo "Adding admin group..." +addgroup --system --quiet admin + +echo "Adding netdev group..." +addgroup --system --quiet netdev diff --git a/live-build/ubuntu-cpc/hooks/051-hwclock.chroot b/live-build/ubuntu-cpc/hooks/051-hwclock.chroot new file mode 100755 index 00000000..946b1cbc --- /dev/null +++ b/live-build/ubuntu-cpc/hooks/051-hwclock.chroot @@ -0,0 +1,3 @@ +#!/bin/bash + +printf "HWCLOCKACCESS=no" >> /etc/default/rcS diff --git a/live-build/ubuntu-cpc/hooks/052-ssh_authentication.chroot b/live-build/ubuntu-cpc/hooks/052-ssh_authentication.chroot new file mode 100755 index 00000000..6b0a34ea --- /dev/null +++ b/live-build/ubuntu-cpc/hooks/052-ssh_authentication.chroot @@ -0,0 +1,3 @@ +#!/bin/bash + +sed -i "s|#PasswordAuthentication yes|PasswordAuthentication no|g" /etc/ssh/sshd_config diff --git a/live-build/ubuntu-cpc/hooks/060-ipv6.chroot b/live-build/ubuntu-cpc/hooks/060-ipv6.chroot new file mode 100755 index 00000000..3d4a0be2 --- /dev/null +++ b/live-build/ubuntu-cpc/hooks/060-ipv6.chroot @@ -0,0 +1,18 @@ +#!/bin/bash +# +# Disable IPv6 privacy extensions on Utopic and later +# + +codename=$(sh -c 'lsb_release --short --codename') +dist_ge() { [[ "$1" > "$2" || "$1" == "$2" ]]; } + +if ! dist_ge "${codename}" "trusty"; then + exit 0 +fi + +cat << EOF > /etc/sysctl.d/99-cloudimg-ipv6.conf +# Written by the Cloud Image build process +# See https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1068756 +net.ipv6.conf.all.use_tempaddr = 0 +net.ipv6.conf.default.use_tempaddr = 0 +EOF diff --git a/live-build/ubuntu-cpc/hooks/099-cleanup.chroot b/live-build/ubuntu-cpc/hooks/099-cleanup.chroot new file mode 100755 index 00000000..cf2b7dd1 --- /dev/null +++ b/live-build/ubuntu-cpc/hooks/099-cleanup.chroot @@ -0,0 +1,57 @@ +#!/bin/bash + +# Clean up extraneous log files that may be left around +rm /etc/ssh/ssh_host*key* || echo "No SSH keys to remove" + +# Fix LP: #1047707, 1019338 +# Truncate logs that are owned, otherwise remove +whitelisted_logs=(/var/log/btmp /var/log/lastlog /var/log/wtmp /var/log/fsck/checkfs /var/log/fsck/checkroot) + +for log in $(find /var/log -type f) +do + whitelisted=$(echo "${whitelisted_logs[@]}" | grep -o ${log}) + + if [ -n "${whitelisted}" ]; then + : > ${log} && + echo "Truncated whitelisted log ${log}" || + echo "Failed to truncate whitelisted log ${log}" + else + + dpkg -S ${log} > /dev/null 2>&1 && + { : > ${log} || + echo "Failed to truncate $f"; } || + { rm ${log} && + echo "Removed ${log} as an orphaned log file" || + echo "Failed to remove unnecessary log $f"; } + fi +done + +# Remove un-owned log directories +whitelisted_dirs=(/var/log/fsck) + +for log_d in $(find /var/log/* -type d) +do + whitelisted=$(echo "${whitelisted_dirs[@]}" | grep -o "${log_d}") + if [ -z "${whitelisted}" ]; then + dpkg -S ${log_d} > /dev/null 2>&1 && + echo "Preserving log directory ${log_d}" || + { rm -rf ${log_d} && + echo "Removed log directory ${log_d} as orphaned log dir" || + echo "Failed to remove unnessasary log dir ${log_d}"; } + + else + echo "Preserving whitelisted directory ${log_d}" + fi + +done + + +rm -rf /var/run/* || echo "Failed to clean /var/run/*" +rm /etc/passwd- || echo "No spare passwd file to cleanup" +rm /etc/shadow- || echo "No spare shadow file to cleanup" +rm /etc/gshadow- || echo "No spare gshadow file to cleanup" +rm /etc/group- || echo "No spare group file to clenaup" +rm -f /etc/apt/conf.d/00secure || echo "No apt cache to cleanup" + +# Truncate instead of delete, LP: #707311 +truncate --size=0 -c /etc/popularity-contest.conf diff --git a/live-build/ubuntu-cpc/includes.chroot/etc/hostname b/live-build/ubuntu-cpc/includes.chroot/etc/hostname new file mode 100644 index 00000000..e9e5f7ce --- /dev/null +++ b/live-build/ubuntu-cpc/includes.chroot/etc/hostname @@ -0,0 +1 @@ +ubuntu diff --git a/live-build/ubuntu-cpc/includes.chroot/etc/hosts b/live-build/ubuntu-cpc/includes.chroot/etc/hosts new file mode 100644 index 00000000..56e7c15b --- /dev/null +++ b/live-build/ubuntu-cpc/includes.chroot/etc/hosts @@ -0,0 +1,9 @@ +127.0.0.1 localhost + +# The following lines are desirable for IPv6 capable hosts +::1 ip6-localhost ip6-loopback +fe00::0 ip6-localnet +ff00::0 ip6-mcastprefix +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters +ff02::3 ip6-allhosts diff --git a/live-build/ubuntu-cpc/includes.chroot/etc/network/interfaces b/live-build/ubuntu-cpc/includes.chroot/etc/network/interfaces new file mode 100644 index 00000000..a3e1bad7 --- /dev/null +++ b/live-build/ubuntu-cpc/includes.chroot/etc/network/interfaces @@ -0,0 +1,15 @@ +# This file describes the network interfaces available on your system +# and how to activate them. For more information, see interfaces(5). + +# The loopback network interface +auto lo +iface lo inet loopback + +# Source interfaces +# Please check /etc/network/interfaces.d before changing this file +# as interfaces may have been defined in /etc/network/interfaces.d +# NOTE: the primary ethernet device is defined in +# /etc/network/interfaces.d/eth0 +# See LP: #1262951 +source /etc/network/interfaces.d/*.cfg + diff --git a/live-build/ubuntu-cpc/includes.chroot/etc/network/interfaces.d/eth0.cfg b/live-build/ubuntu-cpc/includes.chroot/etc/network/interfaces.d/eth0.cfg new file mode 100644 index 00000000..d117f4b2 --- /dev/null +++ b/live-build/ubuntu-cpc/includes.chroot/etc/network/interfaces.d/eth0.cfg @@ -0,0 +1,3 @@ +# The primary network interface +auto eth0 +iface eth0 inet dhcp