git://git.onelab.eu / bootcd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
- install root CA SSL certificate instead of boot server certificate
[bootcd.git] / build.sh
diff --git a/build.sh b/build.sh
index 06fa060..4dfd723 100755 (executable)
--- a/build.sh
+++ b/build.sh
@@ -10,9 +10,11 @@
 # Mark Huang <mlhuang@cs.princeton.edu>
 # Copyright (C) 2004-2006 The Trustees of Princeton University
 #
-# $Id: build.sh,v 1.5 2006/03/29 17:08:45 mlhuang Exp $
+# $Id: build.sh,v 1.36 2006/04/07 03:59:10 mlhuang Exp $
 #
 
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+
 CONFIGURATION=default
 NODE_CONFIGURATION_FILE=
 
@@ -66,12 +68,15 @@ elif [ -d configurations/$CONFIGURATION ] ; then
     # (Deprecated) Source static configuration
     . configurations/$CONFIGURATION/configuration
     PLC_NAME="PlanetLab"
+    PLC_MAIL_SUPPORT_ADDRESS="support@planet-lab.org"
+    PLC_WWW_HOST="www.planet-lab.org"
+    PLC_WWW_PORT=80
     if [ -n "$EXTRA_VERSION" ] ; then
        BOOTCD_VERSION="$BOOTCD_VERSION $EXTRA_VERSION"
     fi
     PLC_BOOT_HOST=$PRIMARY_SERVER
     PLC_BOOT_SSL_PORT=$PRIMARY_SERVER_PORT
-    PLC_BOOT_SSL_CRT=configurations/$CONFIGURATION/$PRIMARY_SERVER_CERT
+    PLC_ROOT_CA_SSL_CRT=configurations/$CONFIGURATION/$PRIMARY_SERVER_CERT
     PLC_ROOT_GPG_KEY_PUB=configurations/$CONFIGURATION/$PRIMARY_SERVER_GPG
 fi
 
@@ -100,7 +105,7 @@ echo "* Installing boot server configuration files"
 # but never got around to it. Just install the same parameters for
 # both for now.
 for dir in $overlay/usr/boot $overlay/usr/boot/backup ; do
-       install -D -m 644 $PLC_BOOT_SSL_CRT $dir/cacert.pem
+       install -D -m 644 $PLC_ROOT_CA_SSL_CRT $dir/cacert.pem
        install -D -m 644 $PLC_ROOT_GPG_KEY_PUB $dir/pubring.gpg
        echo "$PLC_BOOT_HOST" >$dir/boot_server
        echo "$PLC_BOOT_SSL_PORT" >$dir/boot_server_port
@@ -108,7 +113,7 @@ for dir in $overlay/usr/boot $overlay/usr/boot/backup ; do
 done
 
 # (Deprecated) Install old-style boot server configuration files
-install -D -m 644 $PLC_BOOT_SSL_CRT $overlay/usr/bootme/cacert/$PLC_BOOT_HOST/cacert.pem
+install -D -m 644 $PLC_ROOT_CA_SSL_CRT $overlay/usr/bootme/cacert/$PLC_BOOT_HOST/cacert.pem
 echo "$FULL_VERSION_STRING" >$overlay/usr/bootme/ID
 echo "$PLC_BOOT_HOST" >$overlay/usr/bootme/BOOTSERVER
 echo "$PLC_BOOT_HOST" >$overlay/usr/bootme/BOOTSERVER_IP
@@ -116,13 +121,32 @@ echo "$PLC_BOOT_SSL_PORT" >$overlay/usr/bootme/BOOTPORT
 
 # Generate /etc/issue
 echo "* Generating /etc/issue"
+
+if [ "$PLC_WWW_PORT" = "443" ] ; then
+    PLC_WWW_URL="https://$PLC_WWW_HOST/"
+elif [ "$PLC_WWW_PORT" != "80" ] ; then
+    PLC_WWW_URL="http://$PLC_WWW_HOST:$PLC_WWW_PORT/"
+else
+    PLC_WWW_URL="http://$PLC_WWW_HOST/"
+fi
+
 mkdir -p $overlay/etc
-(
-    echo "$FULL_VERSION_STRING"
-    echo 'Kernel \r on an \m'
-    echo
-    echo
-) >$overlay/etc/issue
+cat >$overlay/etc/issue <<EOF
+$FULL_VERSION_STRING
+$PLC_NAME Node: \n
+Kernel \r on an \m
+$PLC_WWW_URL
+
+This machine is a node in the $PLC_NAME distributed network.  It has
+not fully booted yet. If you have cancelled the boot process at the
+request of $PLC_NAME Support, please follow the instructions provided
+to you. Otherwise, please contact $PLC_MAIL_SUPPORT_ADDRESS.
+
+Console login at this point is restricted to root. Provide the root
+password of the default $PLC_NAME Central administrator account at the
+time that this CD was created.
+
+EOF
 
 # Set root password
 echo "* Setting root password"
bootcd