Merge conflict

[build.git] / config.planetlab / bootstrapfs.post

#!/bin/bash

vdir=$1
if [ -z "${vdir}" ] ; then
        echo "ERROR: $0"
        echo "Provide the directory of the root filesystem to operate on"
        exit
fi

# Cleanup yum config entirely, waiting for the config files to populate this
rm -rf ${vdir}/etc/yum.conf ${vdir}/etc/yum.repos.d

# Tweaking services
# turn OFF firstboot if present, might cause the node to hang
chroot ${vdir} /sbin/chkconfig firstboot off || :
# NOTE: we're enabling util-vserver to allow it to help shutdown all slices
# before rebooting.  This has been problematic in the past
chroot ${vdir} /sbin/chkconfig util-vserver off || :
# enabling network as it ends up turned off on systems that come with NetworkManager, starting with fedora9
chroot ${vdir} /sbin/chkconfig network on || :
# and turn off NetworkManager if present, as it quite obviously messes with network
chroot ${vdir} /sbin/chkconfig NetworkManager off || :

# turn OFF vservers-default ; this is to automatically restart vservers, let nm do that
chroot ${vdir} /sbin/chkconfig vservers-default off || :
# turn ON vprocunhide ; is required with kernels that have CONFIG_VSERVER_PROC_SECURE enabled
# which is the case for our k32 kernel
# chroot ${vdir} /sbin/chkconfig vprocunhide on || :

chroot ${vdir} /sbin/chkconfig fprobe-ulog on || :

# turn off cgconfig
chroot ${vdir} /sbin/chkconfig cgconfig off || :

# turn ON lxc-reference.
chroot ${vdir} /sbin/chkconfig lxc-reference on || :

# turn OFF selinux if set
# this may happen accidentally if you mention too much stuff in bootstrapfs.pkgs
for file in /etc/sysconfig/selinux /sbin/load_policy; do
    [ -f ${vdir}/${file} ] || { echo "$file not found in $vdir - fine" ; continue; }
    selinuxrpm=$(chroot ${vdir} rpm -qf ${file})
    if [ -z "$selinuxrpm" ] ; then 
        echo "SElinux: warning : could not rpm for file $file"
    else
        echo "Force-removing package ${selinuxrpm}" 
        chroot ${vdir} rpm -e --nodeps ${selinuxrpm}
    fi
done

# Disable splaying of cron.
echo > ${vdir}/etc/sysconfig/crontab

# Add site_admin account
chroot ${vdir} /usr/sbin/useradd -p "" -u 502 -m site_admin

# Remove 32bit packages from 64bit system (http://wiki.centos.org/FAQ/General#head-357346ff0bf7c14b0849c3bcce39677aaca528e9) 
# use rpm instead of yum as /proc is not mounted at that poing 
if echo ${vdir} | grep -q x86_64 ; then
    chroot ${vdir} rpm -qa --qf '%{name}.%{arch}\n' | grep 'i[36]86$' | xargs chroot ${vdir} rpm -e
fi

# Add a logrotate script for btmp, which logs failed ssh logins, which can
# grow unbounded on public plnodes and fill the root fs.
cat <<EOF > ${vdir}/etc/logrotate.d/btmp
/var/log/btmp {
    weekly
    minsize 1M
    create 0600 root utmp
    rotate 2
    compress
    notifempty
}
EOF

# NOTE:  This is added to relieve one site's Cisco router configuration that
# fails to recognize the host once the arping is sent out.
# NOTE: this is pretty fragile, and fails on fedora 10 that as of today (oct. 20 2009) 
# has initscripts-8.86.3-1.i386 which reads almost identical but with /sbin/arping instead
# NOTE: this might work with fedora8 and centos5
# the other distros will probably just fail to add this patch
cat <<\EOF | patch -d ${vdir}/etc/sysconfig/network-scripts/
--- ifup-eth    2008-07-08 13:19:49.000000000 -0400
+++ ifup-eth-orig       2008-07-08 13:20:02.000000000 -0400
@@ -263,10 +263,10 @@
     fi
     
     if ! LC_ALL=C ip addr ls ${REALDEVICE} | LC_ALL=C grep -q "${IPADDR}/${PREFIX}" ; then
-        if ! arping -q -c 2 -w 3 -D -I ${REALDEVICE} ${IPADDR} ; then
-           echo $"Error, some other host already uses address ${IPADDR}."
-           exit 1
-        fi
+        #if ! arping -q -c 2 -w 3 -D -I ${REALDEVICE} ${IPADDR} ; then
+        #   echo $"Error, some other host already uses address ${IPADDR}."
+        #   exit 1
+        #fi
         if ! ip addr add ${IPADDR}/${PREFIX} \
            brd ${BROADCAST:-+} dev ${REALDEVICE} ${SCOPE} label ${DEVICE}; then
            echo $"Error adding address ${IPADDR} for ${DEVICE}."
EOF