- echo "setup basic networking files"
- cp -f $CONF_FILES_DIR/hosts $CD_ROOT/etc/
-
- echo "copying sysctl.conf (fix tcp window scaling and broken routers)"
- cp -f $CONF_FILES_DIR/sysctl.conf $CD_ROOT/etc/
-
- echo "setup default network conf file"
- mkdir -p $CD_ROOT/usr/boot
- cp -f $CONF_FILES_DIR/default-net.cnf $CD_ROOT/usr/boot/
-
- echo "setup boot server configuration"
- cp -f $CURRENT_CONFIG_DIR/$PRIMARY_SERVER_CERT $CD_ROOT/usr/boot/cacert.pem
- cp -f $CURRENT_CONFIG_DIR/$PRIMARY_SERVER_GPG $CD_ROOT/usr/boot/pubring.gpg
- echo "$PRIMARY_SERVER" > $CD_ROOT/usr/boot/boot_server
- echo "$PRIMARY_SERVER_PORT" > $CD_ROOT/usr/boot/boot_server_port
- echo "$PRIMARY_SERVER_PATH" > $CD_ROOT/usr/boot/boot_server_path
-
- echo "setup backup boot server configuration"
- mkdir -p $CD_ROOT/usr/boot/backup
- cp -f $CURRENT_CONFIG_DIR/$BACKUP_SERVER_CERT \
- $CD_ROOT/usr/boot/backup/cacert.pem
- cp -f $CURRENT_CONFIG_DIR/$BACKUP_SERVER_GPG \
- $CD_ROOT/usr/boot/backup/pubring.gpg
- echo "$BACKUP_SERVER" > $CD_ROOT/usr/boot/backup/boot_server
- echo "$BACKUP_SERVER_PORT" > $CD_ROOT/usr/boot/backup/boot_server_port
- echo "$BACKUP_SERVER_PATH" > $CD_ROOT/usr/boot/backup/boot_server_path
-
- echo "copying old boot cd directory bootme (TEMPORARY)"
- cp -r bootme_old $CD_ROOT/usr/bootme
- echo "$FULL_VERSION_STRING" > $CD_ROOT/usr/bootme/ID
- echo "$PRIMARY_SERVER" > $CD_ROOT/usr/bootme/BOOTSERVER
- echo "$PRIMARY_SERVER" > $CD_ROOT/usr/bootme/BOOTSERVER_IP
- echo "$PRIMARY_SERVER_PORT" > $CD_ROOT/usr/bootme/BOOTPORT
-
- echo "forcing lvm to make lvm1 partitions (TEMPORARY)"
- cp -f $CONF_FILES_DIR/lvm.conf $CD_ROOT/etc/lvm/
-
- echo "copying isolinux configuration files"
- cp -f $CONF_FILES_DIR/isolinux.cfg $CD_ROOT/usr/isolinux/
- echo "$FULL_VERSION_STRING" > $CD_ROOT/usr/isolinux/message.txt
-
- echo "writing /etc/issue"
- echo "$FULL_VERSION_STRING" > $CD_ROOT/etc/issue
- echo "Kernel \r on an \m" >> $CD_ROOT/etc/issue
- echo "" >> $CD_ROOT/etc/issue
- echo "" >> $CD_ROOT/etc/issue
-
- if [[ ! -z "$NODE_CONFIGURATION_FILE" ]]; then
- echo "Copying node configuration file to cd"
- cp -f $CURRENT_CONFIG_DIR/$NODE_CONFIGURATION_FILE \
- $CD_ROOT/usr/boot/plnode.txt
+ # Install boot server configuration files
+ echo "* Installing boot server configuration files"
+
+ # We always intended to bring up and support backup boot servers,
+ # but never got around to it. Just install the same parameters for
+ # both for now.
+ for dir in $OVERLAY/usr/boot $OVERLAY/usr/boot/backup ; do
+ install -D -m 644 $PLC_BOOT_CA_SSL_CRT $dir/cacert.pem
+ install -D -m 644 $PLC_ROOT_GPG_KEY_PUB $dir/pubring.gpg
+ echo "$PLC_BOOT_HOST" >$dir/boot_server
+ echo "$PLC_BOOT_SSL_PORT" >$dir/boot_server_port
+ echo "/boot/" >$dir/boot_server_path
+ done
+
+ # Install old-style boot server configuration files
+ # as opposed to what a former comment suggested,
+ # this is still required, somewhere in the bootmanager apparently
+ install -D -m 644 $PLC_BOOT_CA_SSL_CRT $OVERLAY/usr/bootme/cacert/$PLC_BOOT_HOST/cacert.pem
+ echo "$FULL_VERSION_STRING" >$OVERLAY/usr/bootme/ID
+ echo "$PLC_BOOT_HOST" >$OVERLAY/usr/bootme/BOOTSERVER
+ echo "$PLC_BOOT_HOST" >$OVERLAY/usr/bootme/BOOTSERVER_IP
+ echo "$PLC_BOOT_SSL_PORT" >$OVERLAY/usr/bootme/BOOTPORT
+
+ # Generate /etc/issue
+ echo "* Generating /etc/issue"
+
+ if [ "$PLC_WWW_PORT" = "443" ] ; then
+ PLC_WWW_URL="https://$PLC_WWW_HOST/"
+ elif [ "$PLC_WWW_PORT" != "80" ] ; then
+ PLC_WWW_URL="http://$PLC_WWW_HOST:$PLC_WWW_PORT/"
+ else
+ PLC_WWW_URL="http://$PLC_WWW_HOST/"
+ fi
+
+ mkdir -p $OVERLAY/etc
+ cat >$OVERLAY/etc/issue <<EOF
+$FULL_VERSION_STRING
+$PLC_NAME Node: \n
+Kernel \r on an \m
+$PLC_WWW_URL
+
+This machine is a node in the $PLC_NAME distributed network. It has
+not fully booted yet. If you have cancelled the boot process at the
+request of $PLC_NAME Support, please follow the instructions provided
+to you. Otherwise, please contact $PLC_MAIL_SUPPORT_ADDRESS.
+
+Console login at this point is restricted to root. Provide the root
+password of the default $PLC_NAME Central administrator account at the
+time that this CD was created.
+
+EOF
+
+ # Set root password
+ echo "* Setting root password"
+
+ if [ -z "$ROOT_PASSWORD" ] ; then
+ # Generate an encrypted password with crypt() if not defined
+ # in a static configuration.
+ ROOT_PASSWORD=$(python <<EOF
+import crypt, random, string
+salt = [random.choice(string.letters + string.digits + "./") for i in range(0,8)]
+print crypt.crypt('$PLC_ROOT_PASSWORD', '\$1\$' + "".join(salt) + '\$')
+EOF
+)
+ fi
+
+ # build/passwd copied out by prep.sh
+ sed -e "s@^root:[^:]*:\(.*\)@root:$ROOT_PASSWORD:\1@" ${VARIANT}/passwd >$OVERLAY/etc/passwd
+
+# this is more harmful than helpful
+# idea being, since we start a full-featured fedora system now, it would
+# have been nice to be able to enter sshd very early on - before bm has even been downloaded
+# however somehow it appears that these lines ruin all chances to enter ssh at all
+# either early or even later on;
+# plus, it is unclear what this would give on non=systemd nodes, so I am backing off for now
+# # recent bootCDs rely on a standard systemd startup sequence
+# # so allow debug key to enter in this context whenever that makes sense
+# mkdir -p $OVERLAY/root/.ssh
+# chmod 700 $OVERLAY/root/.ssh
+# cp $PLC_DEBUG_SSH_KEY_PUB $OVERLAY/root/.ssh/authorized_keys
+# chmod 600 $OVERLAY/root/.ssh/authorized_keys
+
+ # Install node configuration file (e.g., if node has no floppy disk or USB slot)
+ if [ -f "$NODE_CONFIGURATION_FILE" ] ; then
+ echo "* Installing node configuration file $NODE_CONFIGURATION_FILE -> /usr/boot/plnode.txt of the bootcd image"
+ install -D -m 644 $NODE_CONFIGURATION_FILE $OVERLAY/usr/boot/plnode.txt
+ NODE_ID=$(source $NODE_CONFIGURATION_FILE; echo $NODE_ID)
+ echo "* Building network configuration for $NODE_ID"
+ plnet -- --root $OVERLAY --files-only --program BootCD $NODE_ID
+ fi
+
+ [ -n "$IS_SERIAL" ] && KERNEL_ARGS="$KERNEL_ARGS ${console_spec}"
+
+ # making sure the network interfaces are still numbered eth0 and above
+ KERNEL_ARGS="$KERNEL_ARGS biosdevname=0"
+ # this apparently is required instead (or in addition to) starting with f29
+ KERNEL_ARGS="$KERNEL_ARGS net.ifnames=0"
+ # making sure selinux is turned off - somehow this is needed with lxc/f14
+ KERNEL_ARGS="$KERNEL_ARGS selinux=0"
+ # add any debug flag if any (defined in the header of this script)
+ KERNEL_ARGS="$KERNEL_ARGS $KERNEL_DEBUG_ARGS"
+ # propagate kernel args for later boot stages
+ [ -n "$KERNEL_ARGS" ] && echo "$KERNEL_ARGS" > $OVERLAY/kargs.txt
+
+ # Pack overlay files into a compressed archive
+ echo "* Compressing overlay image"
+ (cd $OVERLAY && find . | cpio --quiet -c -o) | gzip -9 >$ISOFS/overlay.img
+
+ rm -rf $OVERLAY
+ pop_cleanup
+
+ if [ -n "$CUSTOM_DIR" ]; then
+ echo "* Compressing custom image"
+ (cd "$CUSTOM_DIR" && find . | cpio --quiet -c -o) | gzip -9 >$ISOFS/custom.img