2009-02-05 15:57:07 +00:00
|
|
|
|
#! @shell@
|
2006-11-02 22:48:01 +00:00
|
|
|
|
|
2009-06-10 16:29:48 +00:00
|
|
|
|
targetRoot=/mnt-root
|
2013-01-09 21:31:57 +00:00
|
|
|
|
console=tty1
|
2021-01-03 09:09:30 +00:00
|
|
|
|
verbose="@verbose@"
|
|
|
|
|
|
|
|
|
|
info() {
|
|
|
|
|
if [[ -n "$verbose" ]]; then
|
|
|
|
|
echo "$@"
|
|
|
|
|
fi
|
|
|
|
|
}
|
2008-08-26 12:45:36 +00:00
|
|
|
|
|
2016-07-06 19:57:14 +00:00
|
|
|
|
extraUtils="@extraUtils@"
|
2009-02-05 15:57:07 +00:00
|
|
|
|
export LD_LIBRARY_PATH=@extraUtils@/lib
|
2014-07-30 13:44:47 +00:00
|
|
|
|
export PATH=@extraUtils@/bin
|
|
|
|
|
ln -s @extraUtils@/bin /bin
|
2022-05-12 14:18:30 +00:00
|
|
|
|
# hardcoded in util-linux's mount helper search path `/run/wrappers/bin:/run/current-system/sw/bin:/sbin`
|
|
|
|
|
ln -s @extraUtils@/bin /sbin
|
2009-02-05 15:57:07 +00:00
|
|
|
|
|
2017-04-02 18:45:44 +00:00
|
|
|
|
# Copy the secrets to their needed location
|
|
|
|
|
if [ -d "@extraUtils@/secrets" ]; then
|
|
|
|
|
for secret in $(cd "@extraUtils@/secrets"; find . -type f); do
|
|
|
|
|
mkdir -p $(dirname "/$secret")
|
|
|
|
|
ln -s "@extraUtils@/secrets/$secret" "$secret"
|
|
|
|
|
done
|
|
|
|
|
fi
|
|
|
|
|
|
2015-02-09 18:48:17 +00:00
|
|
|
|
# Stop LVM complaining about fd3
|
|
|
|
|
export LVM_SUPPRESS_FD_WARNINGS=true
|
2008-08-26 12:45:36 +00:00
|
|
|
|
|
2009-06-10 15:02:39 +00:00
|
|
|
|
fail() {
|
2010-01-04 18:04:57 +00:00
|
|
|
|
if [ -n "$panicOnFail" ]; then exit 1; fi
|
2011-09-13 18:49:50 +00:00
|
|
|
|
|
2016-07-06 21:44:02 +00:00
|
|
|
|
@preFailCommands@
|
|
|
|
|
|
2009-06-10 15:02:39 +00:00
|
|
|
|
# If starting stage 2 failed, allow the user to repair the problem
|
|
|
|
|
# in an interactive shell.
|
|
|
|
|
cat <<EOF
|
|
|
|
|
|
2014-03-07 18:39:55 +00:00
|
|
|
|
An error occurred in stage 1 of the boot process, which must mount the
|
2009-06-10 15:02:39 +00:00
|
|
|
|
root filesystem on \`$targetRoot' and then start stage 2. Press one
|
2010-01-04 18:04:57 +00:00
|
|
|
|
of the following keys:
|
2009-06-10 15:02:39 +00:00
|
|
|
|
|
2013-01-09 21:31:57 +00:00
|
|
|
|
EOF
|
|
|
|
|
if [ -n "$allowShell" ]; then cat <<EOF
|
|
|
|
|
i) to launch an interactive shell
|
2009-06-10 15:02:39 +00:00
|
|
|
|
f) to start an interactive shell having pid 1 (needed if you want to
|
2013-01-09 21:31:57 +00:00
|
|
|
|
start stage 2's init manually)
|
|
|
|
|
EOF
|
|
|
|
|
fi
|
|
|
|
|
cat <<EOF
|
|
|
|
|
r) to reboot immediately
|
|
|
|
|
*) to ignore the error and continue
|
2009-06-10 15:02:39 +00:00
|
|
|
|
EOF
|
|
|
|
|
|
2019-07-25 15:23:32 +00:00
|
|
|
|
read -n 1 reply
|
2011-09-13 18:49:50 +00:00
|
|
|
|
|
2013-01-09 21:31:57 +00:00
|
|
|
|
if [ -n "$allowShell" -a "$reply" = f ]; then
|
2015-02-13 10:20:29 +00:00
|
|
|
|
exec setsid @shell@ -c "exec @shell@ < /dev/$console >/dev/$console 2>/dev/$console"
|
2013-01-09 21:31:57 +00:00
|
|
|
|
elif [ -n "$allowShell" -a "$reply" = i ]; then
|
|
|
|
|
echo "Starting interactive shell..."
|
2019-07-25 15:23:32 +00:00
|
|
|
|
setsid @shell@ -c "exec @shell@ < /dev/$console >/dev/$console 2>/dev/$console" || fail
|
2013-01-09 21:31:57 +00:00
|
|
|
|
elif [ "$reply" = r ]; then
|
|
|
|
|
echo "Rebooting..."
|
|
|
|
|
reboot -f
|
|
|
|
|
else
|
2021-01-03 09:09:30 +00:00
|
|
|
|
info "Continuing..."
|
2013-01-09 21:31:57 +00:00
|
|
|
|
fi
|
2008-08-16 00:59:12 +00:00
|
|
|
|
}
|
|
|
|
|
|
2012-05-21 19:26:07 +00:00
|
|
|
|
trap 'fail' 0
|
2008-08-08 17:07:04 +00:00
|
|
|
|
|
|
|
|
|
|
2006-11-02 22:48:01 +00:00
|
|
|
|
# Print a greeting.
|
2021-01-03 09:09:30 +00:00
|
|
|
|
info
|
2022-12-17 23:00:58 +00:00
|
|
|
|
info "[1;32m<<< @distroName@ Stage 1 >>>[0m"
|
2021-01-03 09:09:30 +00:00
|
|
|
|
info
|
2006-11-02 22:48:01 +00:00
|
|
|
|
|
2016-08-27 10:29:38 +00:00
|
|
|
|
# Make several required directories.
|
2014-12-18 16:41:36 +00:00
|
|
|
|
mkdir -p /etc/udev
|
2012-05-21 19:26:07 +00:00
|
|
|
|
touch /etc/fstab # to shut up mount
|
2016-08-27 10:29:38 +00:00
|
|
|
|
ln -s /proc/mounts /etc/mtab # to shut up mke2fs
|
2014-12-19 13:38:33 +00:00
|
|
|
|
touch /etc/udev/hwdb.bin # to shut up udev
|
2014-05-21 13:19:01 +00:00
|
|
|
|
touch /etc/initrd-release
|
2016-08-27 10:29:38 +00:00
|
|
|
|
|
2022-01-10 00:06:03 +00:00
|
|
|
|
# Function for waiting for device(s) to appear.
|
2018-05-09 14:15:16 +00:00
|
|
|
|
waitDevice() {
|
|
|
|
|
local device="$1"
|
2022-01-10 00:06:03 +00:00
|
|
|
|
# Split device string using ':' as a delimiter as bcachefs
|
|
|
|
|
# uses this for multi-device filesystems, i.e. /dev/sda1:/dev/sda2:/dev/sda3
|
|
|
|
|
local IFS=':'
|
2018-05-09 14:15:16 +00:00
|
|
|
|
|
|
|
|
|
# USB storage devices tend to appear with some delay. It would be
|
|
|
|
|
# great if we had a way to synchronously wait for them, but
|
|
|
|
|
# alas... So just wait for a few seconds for the device to
|
|
|
|
|
# appear.
|
2022-01-10 00:06:03 +00:00
|
|
|
|
for dev in $device; do
|
|
|
|
|
if test ! -e $dev; then
|
|
|
|
|
echo -n "waiting for device $dev to appear..."
|
|
|
|
|
try=20
|
|
|
|
|
while [ $try -gt 0 ]; do
|
|
|
|
|
sleep 1
|
|
|
|
|
# also re-try lvm activation now that new block devices might have appeared
|
|
|
|
|
lvm vgchange -ay
|
|
|
|
|
# and tell udev to create nodes for the new LVs
|
|
|
|
|
udevadm trigger --action=add
|
|
|
|
|
if test -e $dev; then break; fi
|
|
|
|
|
echo -n "."
|
|
|
|
|
try=$((try - 1))
|
|
|
|
|
done
|
|
|
|
|
echo
|
|
|
|
|
[ $try -ne 0 ]
|
|
|
|
|
fi
|
|
|
|
|
done
|
2018-05-09 14:15:16 +00:00
|
|
|
|
}
|
|
|
|
|
|
2023-05-26 13:26:48 +00:00
|
|
|
|
# Create the mount point if required.
|
|
|
|
|
makeMountPoint() {
|
|
|
|
|
local device="$1"
|
|
|
|
|
local mountPoint="$2"
|
|
|
|
|
local options="$3"
|
|
|
|
|
|
|
|
|
|
local IFS=,
|
|
|
|
|
|
|
|
|
|
# If we're bind mounting a file, the mount point should also be a file.
|
|
|
|
|
if ! [ -d "$device" ]; then
|
|
|
|
|
for opt in $options; do
|
|
|
|
|
if [ "$opt" = bind ] || [ "$opt" = rbind ]; then
|
|
|
|
|
mkdir -p "$(dirname "/mnt-root$mountPoint")"
|
|
|
|
|
touch "/mnt-root$mountPoint"
|
|
|
|
|
return
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
mkdir -m 0755 -p "/mnt-root$mountPoint"
|
|
|
|
|
}
|
|
|
|
|
|
2016-08-27 10:29:38 +00:00
|
|
|
|
# Mount special file systems.
|
|
|
|
|
specialMount() {
|
|
|
|
|
local device="$1"
|
|
|
|
|
local mountPoint="$2"
|
|
|
|
|
local options="$3"
|
|
|
|
|
local fsType="$4"
|
|
|
|
|
|
|
|
|
|
mkdir -m 0755 -p "$mountPoint"
|
|
|
|
|
mount -n -t "$fsType" -o "$options" "$device" "$mountPoint"
|
|
|
|
|
}
|
|
|
|
|
source @earlyMountScript@
|
2006-11-03 00:36:08 +00:00
|
|
|
|
|
2021-07-05 14:08:35 +00:00
|
|
|
|
# Copy initrd secrets from /.initrd-secrets to their actual destinations
|
|
|
|
|
if [ -d "/.initrd-secrets" ]; then
|
|
|
|
|
#
|
|
|
|
|
# Secrets are named by their full destination pathname and stored
|
|
|
|
|
# under /.initrd-secrets/
|
|
|
|
|
#
|
|
|
|
|
for secret in $(cd "/.initrd-secrets"; find . -type f); do
|
|
|
|
|
mkdir -p $(dirname "/$secret")
|
|
|
|
|
cp "/.initrd-secrets/$secret" "$secret"
|
|
|
|
|
done
|
|
|
|
|
fi
|
|
|
|
|
|
2016-02-24 07:54:25 +00:00
|
|
|
|
# Log the script output to /dev/kmsg or /run/log/stage-1-init.log.
|
2016-02-23 10:53:37 +00:00
|
|
|
|
mkdir -p /tmp
|
|
|
|
|
mkfifo /tmp/stage-1-init.log.fifo
|
|
|
|
|
logOutFd=8 && logErrFd=9
|
|
|
|
|
eval "exec $logOutFd>&1 $logErrFd>&2"
|
|
|
|
|
if test -w /dev/kmsg; then
|
2016-02-24 07:54:25 +00:00
|
|
|
|
tee -i < /tmp/stage-1-init.log.fifo /proc/self/fd/"$logOutFd" | while read -r line; do
|
2016-02-23 10:53:37 +00:00
|
|
|
|
if test -n "$line"; then
|
2020-10-30 15:05:48 +00:00
|
|
|
|
echo "<7>stage-1-init: [$(date)] $line" > /dev/kmsg
|
2016-02-23 10:53:37 +00:00
|
|
|
|
fi
|
|
|
|
|
done &
|
|
|
|
|
else
|
|
|
|
|
mkdir -p /run/log
|
|
|
|
|
tee -i < /tmp/stage-1-init.log.fifo /run/log/stage-1-init.log &
|
2016-02-22 05:42:24 +00:00
|
|
|
|
fi
|
2016-02-23 10:53:37 +00:00
|
|
|
|
exec > /tmp/stage-1-init.log.fifo 2>&1
|
|
|
|
|
|
2013-07-23 18:43:11 +00:00
|
|
|
|
|
2006-11-24 00:04:29 +00:00
|
|
|
|
# Process the kernel command line.
|
2009-08-27 11:57:43 +00:00
|
|
|
|
export stage2Init=/init
|
2006-11-24 00:04:29 +00:00
|
|
|
|
for o in $(cat /proc/cmdline); do
|
|
|
|
|
case $o in
|
2013-01-09 21:31:57 +00:00
|
|
|
|
console=*)
|
|
|
|
|
set -- $(IFS==; echo $o)
|
|
|
|
|
params=$2
|
|
|
|
|
set -- $(IFS=,; echo $params)
|
|
|
|
|
console=$1
|
|
|
|
|
;;
|
2006-11-24 00:04:29 +00:00
|
|
|
|
init=*)
|
|
|
|
|
set -- $(IFS==; echo $o)
|
|
|
|
|
stage2Init=$2
|
|
|
|
|
;;
|
2020-04-01 01:54:21 +00:00
|
|
|
|
boot.persistence=*)
|
|
|
|
|
set -- $(IFS==; echo $o)
|
|
|
|
|
persistence=$2
|
|
|
|
|
;;
|
|
|
|
|
boot.persistence.opt=*)
|
|
|
|
|
set -- $(IFS==; echo $o)
|
|
|
|
|
persistence_opt=$2
|
|
|
|
|
;;
|
2013-01-09 21:49:26 +00:00
|
|
|
|
boot.trace|debugtrace)
|
2006-11-24 00:04:29 +00:00
|
|
|
|
# Show each command.
|
|
|
|
|
set -x
|
|
|
|
|
;;
|
2013-01-09 21:49:26 +00:00
|
|
|
|
boot.shell_on_fail)
|
2013-01-09 21:31:57 +00:00
|
|
|
|
allowShell=1
|
|
|
|
|
;;
|
2013-01-09 21:49:26 +00:00
|
|
|
|
boot.debug1|debug1) # stop right away
|
2013-01-09 21:31:57 +00:00
|
|
|
|
allowShell=1
|
2006-11-24 00:04:29 +00:00
|
|
|
|
fail
|
|
|
|
|
;;
|
2013-01-09 21:49:26 +00:00
|
|
|
|
boot.debug1devices) # stop after loading modules and creating device nodes
|
2013-01-09 21:31:57 +00:00
|
|
|
|
allowShell=1
|
2007-05-30 10:32:42 +00:00
|
|
|
|
debug1devices=1
|
|
|
|
|
;;
|
2013-01-09 21:49:26 +00:00
|
|
|
|
boot.debug1mounts) # stop after mounting file systems
|
2013-01-09 21:31:57 +00:00
|
|
|
|
allowShell=1
|
2007-05-30 10:32:42 +00:00
|
|
|
|
debug1mounts=1
|
|
|
|
|
;;
|
2013-01-09 21:49:26 +00:00
|
|
|
|
boot.panic_on_fail|stage1panic=1)
|
2010-01-04 18:04:57 +00:00
|
|
|
|
panicOnFail=1
|
|
|
|
|
;;
|
2010-08-07 14:16:18 +00:00
|
|
|
|
root=*)
|
|
|
|
|
# If a root device is specified on the kernel command
|
|
|
|
|
# line, make it available through the symlink /dev/root.
|
|
|
|
|
# Recognise LABEL= and UUID= to support UNetbootin.
|
|
|
|
|
set -- $(IFS==; echo $o)
|
|
|
|
|
if [ $2 = "LABEL" ]; then
|
|
|
|
|
root="/dev/disk/by-label/$3"
|
|
|
|
|
elif [ $2 = "UUID" ]; then
|
|
|
|
|
root="/dev/disk/by-uuid/$3"
|
|
|
|
|
else
|
|
|
|
|
root=$2
|
|
|
|
|
fi
|
|
|
|
|
ln -s "$root" /dev/root
|
|
|
|
|
;;
|
2017-04-18 11:45:30 +00:00
|
|
|
|
copytoram)
|
|
|
|
|
copytoram=1
|
|
|
|
|
;;
|
2019-09-21 15:08:00 +00:00
|
|
|
|
findiso=*)
|
|
|
|
|
# if an iso name is supplied, try to find the device where
|
|
|
|
|
# the iso resides on
|
|
|
|
|
set -- $(IFS==; echo $o)
|
|
|
|
|
isoPath=$2
|
|
|
|
|
;;
|
2006-11-24 00:04:29 +00:00
|
|
|
|
esac
|
|
|
|
|
done
|
|
|
|
|
|
nixos: Add system-wide option to set the hostid
The old boot.spl.hostid option was not working correctly due to an
upstream bug.
Instead, now we will create the /etc/hostid file so that all applications
(including the ZFS kernel modules, ZFS user-space applications and other
unrelated programs) pick-up the same system-wide host id. Note that glibc
(and by extension, the `hostid` program) also respect the host id configured in
/etc/hostid, if it exists.
The hostid option is now mandatory when using ZFS because otherwise, ZFS will
require you to force-import your ZFS pools if you want to use them, which is
undesirable because it disables some of the checks that ZFS does to make sure it
is safe to import a ZFS pool.
The /etc/hostid file must also exist when booting the initrd, before the SPL
kernel module is loaded, so that ZFS picks up the hostid correctly.
The complexity in creating the /etc/hostid file is due to having to
write the host ID as a 32-bit binary value, taking into account the
endianness of the machine, while using only shell commands and/or simple
utilities (to avoid exploding the size of the initrd).
2014-10-23 02:59:06 +00:00
|
|
|
|
# Set hostid before modules are loaded.
|
|
|
|
|
# This is needed by the spl/zfs modules.
|
|
|
|
|
@setHostId@
|
2006-11-24 00:04:29 +00:00
|
|
|
|
|
2009-12-15 16:38:20 +00:00
|
|
|
|
# Load the required kernel modules.
|
2012-05-21 19:26:07 +00:00
|
|
|
|
mkdir -p /lib
|
|
|
|
|
ln -s @modulesClosure@/lib/modules /lib/modules
|
2018-01-08 13:13:28 +00:00
|
|
|
|
ln -s @modulesClosure@/lib/firmware /lib/firmware
|
2023-01-02 20:35:35 +00:00
|
|
|
|
echo @extraUtils@/bin/modprobe > /proc/sys/kernel/modprobe
|
2009-12-15 16:38:20 +00:00
|
|
|
|
for i in @kernelModules@; do
|
2021-01-03 09:09:30 +00:00
|
|
|
|
info "loading module $(basename $i)..."
|
2015-09-28 18:28:51 +00:00
|
|
|
|
modprobe $i
|
2006-12-19 22:12:44 +00:00
|
|
|
|
done
|
2006-11-03 09:45:06 +00:00
|
|
|
|
|
2007-12-25 16:07:55 +00:00
|
|
|
|
|
2007-01-10 12:42:28 +00:00
|
|
|
|
# Create device nodes in /dev.
|
2016-01-04 15:53:42 +00:00
|
|
|
|
@preDeviceCommands@
|
2021-01-03 09:09:30 +00:00
|
|
|
|
info "running udev..."
|
2020-09-22 22:33:21 +00:00
|
|
|
|
ln -sfn /proc/self/fd /dev/fd
|
2020-11-03 16:57:17 +00:00
|
|
|
|
ln -sfn /proc/self/fd/0 /dev/stdin
|
|
|
|
|
ln -sfn /proc/self/fd/1 /dev/stdout
|
|
|
|
|
ln -sfn /proc/self/fd/2 /dev/stderr
|
2019-09-22 15:14:47 +00:00
|
|
|
|
mkdir -p /etc/systemd
|
|
|
|
|
ln -sfn @linkUnits@ /etc/systemd/network
|
2012-08-14 19:31:15 +00:00
|
|
|
|
mkdir -p /etc/udev
|
|
|
|
|
ln -sfn @udevRules@ /etc/udev/rules.d
|
2010-05-16 20:40:04 +00:00
|
|
|
|
mkdir -p /dev/.mdadm
|
2012-08-14 19:31:15 +00:00
|
|
|
|
systemd-udevd --daemon
|
2010-05-16 19:02:45 +00:00
|
|
|
|
udevadm trigger --action=add
|
2015-09-28 18:28:51 +00:00
|
|
|
|
udevadm settle
|
2007-01-10 12:42:28 +00:00
|
|
|
|
|
2011-12-28 21:46:45 +00:00
|
|
|
|
|
|
|
|
|
# XXX: Use case usb->lvm will still fail, usb->luks->lvm is covered
|
|
|
|
|
@preLVMCommands@
|
|
|
|
|
|
2021-01-03 09:09:30 +00:00
|
|
|
|
info "starting device mapper and LVM..."
|
2010-01-10 19:00:29 +00:00
|
|
|
|
lvm vgchange -ay
|
2011-09-13 18:49:50 +00:00
|
|
|
|
|
2007-05-30 10:32:42 +00:00
|
|
|
|
if test -n "$debug1devices"; then fail; fi
|
|
|
|
|
|
2007-01-10 12:42:28 +00:00
|
|
|
|
|
2009-06-18 16:47:00 +00:00
|
|
|
|
@postDeviceCommands@
|
|
|
|
|
|
|
|
|
|
|
2009-02-01 19:53:59 +00:00
|
|
|
|
# Check the specified file system, if appropriate.
|
|
|
|
|
checkFS() {
|
2012-06-28 14:55:44 +00:00
|
|
|
|
local device="$1"
|
|
|
|
|
local fsType="$2"
|
2013-01-09 21:31:57 +00:00
|
|
|
|
|
2009-02-01 19:53:59 +00:00
|
|
|
|
# Only check block devices.
|
2012-06-28 14:55:44 +00:00
|
|
|
|
if [ ! -b "$device" ]; then return 0; fi
|
2009-06-15 15:50:36 +00:00
|
|
|
|
|
|
|
|
|
# Don't check ROM filesystems.
|
2012-06-28 14:55:44 +00:00
|
|
|
|
if [ "$fsType" = iso9660 -o "$fsType" = udf ]; then return 0; fi
|
|
|
|
|
|
2014-08-02 22:50:28 +00:00
|
|
|
|
# Don't check resilient COWs as they validate the fs structures at mount time
|
2018-11-03 11:34:35 +00:00
|
|
|
|
if [ "$fsType" = btrfs -o "$fsType" = zfs -o "$fsType" = bcachefs ]; then return 0; fi
|
2017-08-31 10:24:48 +00:00
|
|
|
|
|
2021-02-09 23:37:24 +00:00
|
|
|
|
# Skip fsck for apfs as the fsck utility does not support repairing the filesystem (no -a option)
|
|
|
|
|
if [ "$fsType" = apfs ]; then return 0; fi
|
|
|
|
|
|
2018-06-05 22:24:04 +00:00
|
|
|
|
# Skip fsck for nilfs2 - not needed by design and no fsck tool for this filesystem.
|
|
|
|
|
if [ "$fsType" = nilfs2 ]; then return 0; fi
|
|
|
|
|
|
2015-02-16 18:41:08 +00:00
|
|
|
|
# Skip fsck for inherently readonly filesystems.
|
|
|
|
|
if [ "$fsType" = squashfs ]; then return 0; fi
|
|
|
|
|
|
2023-05-11 12:35:00 +00:00
|
|
|
|
# Skip fsck.erofs because it is still experimental.
|
|
|
|
|
if [ "$fsType" = erofs ]; then return 0; fi
|
|
|
|
|
|
2012-06-28 14:55:44 +00:00
|
|
|
|
# If we couldn't figure out the FS type, then skip fsck.
|
|
|
|
|
if [ "$fsType" = auto ]; then
|
|
|
|
|
echo 'cannot check filesystem with type "auto"!'
|
|
|
|
|
return 0
|
|
|
|
|
fi
|
2009-06-15 15:50:36 +00:00
|
|
|
|
|
2019-09-22 15:14:47 +00:00
|
|
|
|
# Device might be already mounted manually
|
2018-09-01 13:26:16 +00:00
|
|
|
|
# e.g. NBD-device or the host filesystem of the file which contains encrypted root fs
|
|
|
|
|
if mount | grep -q "^$device on "; then
|
|
|
|
|
echo "skip checking already mounted $device"
|
|
|
|
|
return 0
|
|
|
|
|
fi
|
|
|
|
|
|
2009-06-15 16:47:37 +00:00
|
|
|
|
# Optionally, skip fsck on journaling filesystems. This option is
|
|
|
|
|
# a hack - it's mostly because e2fsck on ext3 takes much longer to
|
|
|
|
|
# recover the journal than the ext3 implementation in the kernel
|
|
|
|
|
# does (minutes versus seconds).
|
|
|
|
|
if test -z "@checkJournalingFS@" -a \
|
2012-06-28 14:55:44 +00:00
|
|
|
|
\( "$fsType" = ext3 -o "$fsType" = ext4 -o "$fsType" = reiserfs \
|
2014-03-25 20:39:10 +00:00
|
|
|
|
-o "$fsType" = xfs -o "$fsType" = jfs -o "$fsType" = f2fs \)
|
2009-06-15 16:47:37 +00:00
|
|
|
|
then
|
|
|
|
|
return 0
|
|
|
|
|
fi
|
2011-09-13 18:49:50 +00:00
|
|
|
|
|
2012-06-28 14:55:44 +00:00
|
|
|
|
echo "checking $device..."
|
|
|
|
|
|
2022-05-03 14:15:51 +00:00
|
|
|
|
fsck -V -a "$device"
|
2009-02-01 19:53:59 +00:00
|
|
|
|
fsckResult=$?
|
|
|
|
|
|
|
|
|
|
if test $(($fsckResult | 2)) = $fsckResult; then
|
|
|
|
|
echo "fsck finished, rebooting..."
|
|
|
|
|
sleep 3
|
2013-01-09 21:31:57 +00:00
|
|
|
|
reboot -f
|
2007-02-06 16:53:36 +00:00
|
|
|
|
fi
|
|
|
|
|
|
2009-02-01 19:53:59 +00:00
|
|
|
|
if test $(($fsckResult | 4)) = $fsckResult; then
|
|
|
|
|
echo "$device has unrepaired errors, please fix them manually."
|
|
|
|
|
fail
|
|
|
|
|
fi
|
2008-11-28 12:03:56 +00:00
|
|
|
|
|
2009-02-01 19:53:59 +00:00
|
|
|
|
if test $fsckResult -ge 8; then
|
|
|
|
|
echo "fsck on $device failed."
|
|
|
|
|
fail
|
|
|
|
|
fi
|
2008-11-28 12:03:56 +00:00
|
|
|
|
|
2009-02-01 19:53:59 +00:00
|
|
|
|
return 0
|
|
|
|
|
}
|
2008-11-28 12:03:56 +00:00
|
|
|
|
|
2022-10-22 21:55:04 +00:00
|
|
|
|
escapeFstab() {
|
|
|
|
|
local original="$1"
|
|
|
|
|
|
|
|
|
|
# Replace space
|
|
|
|
|
local escaped="${original// /\\040}"
|
|
|
|
|
# Replace tab
|
|
|
|
|
echo "${escaped//$'\t'/\\011}"
|
|
|
|
|
}
|
2007-02-06 16:53:36 +00:00
|
|
|
|
|
2009-02-01 19:53:59 +00:00
|
|
|
|
# Function for mounting a file system.
|
|
|
|
|
mountFS() {
|
|
|
|
|
local device="$1"
|
|
|
|
|
local mountPoint="$2"
|
|
|
|
|
local options="$3"
|
|
|
|
|
local fsType="$4"
|
|
|
|
|
|
2012-06-28 14:55:44 +00:00
|
|
|
|
if [ "$fsType" = auto ]; then
|
|
|
|
|
fsType=$(blkid -o value -s TYPE "$device")
|
|
|
|
|
if [ -z "$fsType" ]; then fsType=auto; fi
|
|
|
|
|
fi
|
|
|
|
|
|
2015-09-24 16:13:14 +00:00
|
|
|
|
# Filter out x- options, which busybox doesn't do yet.
|
|
|
|
|
local optionsFiltered="$(IFS=,; for i in $options; do if [ "${i:0:2}" != "x-" ]; then echo -n $i,; fi; done)"
|
2020-02-05 18:27:16 +00:00
|
|
|
|
# Prefix (lower|upper|work)dir with /mnt-root (overlayfs)
|
|
|
|
|
local optionsPrefixed="$( echo "$optionsFiltered" | sed -E 's#\<(lowerdir|upperdir|workdir)=#\1=/mnt-root#g' )"
|
2015-09-24 16:13:14 +00:00
|
|
|
|
|
2020-02-05 18:27:16 +00:00
|
|
|
|
echo "$device /mnt-root$mountPoint $fsType $optionsPrefixed" >> /etc/fstab
|
2012-06-28 14:55:44 +00:00
|
|
|
|
|
|
|
|
|
checkFS "$device" "$fsType"
|
|
|
|
|
|
2020-02-05 18:27:16 +00:00
|
|
|
|
# Create backing directories for overlayfs
|
|
|
|
|
if [ "$fsType" = overlay ]; then
|
|
|
|
|
for i in upper work; do
|
|
|
|
|
dir="$( echo "$optionsPrefixed" | grep -o "${i}dir=[^,]*" )"
|
|
|
|
|
mkdir -m 0700 -p "${dir##*=}"
|
2014-07-30 13:44:47 +00:00
|
|
|
|
done
|
|
|
|
|
fi
|
|
|
|
|
|
2021-01-03 09:09:30 +00:00
|
|
|
|
info "mounting $device on $mountPoint..."
|
2009-06-10 15:02:39 +00:00
|
|
|
|
|
2023-05-26 13:26:48 +00:00
|
|
|
|
makeMountPoint "$device" "$mountPoint" "$optionsPrefixed"
|
2010-01-06 00:25:14 +00:00
|
|
|
|
|
2017-09-25 11:07:25 +00:00
|
|
|
|
# For ZFS and CIFS mounts, retry a few times before giving up.
|
|
|
|
|
# We do this for ZFS as a workaround for issue NixOS/nixpkgs#25383.
|
2010-01-06 00:25:14 +00:00
|
|
|
|
local n=0
|
|
|
|
|
while true; do
|
2012-08-06 18:05:35 +00:00
|
|
|
|
mount "/mnt-root$mountPoint" && break
|
2017-09-25 11:07:25 +00:00
|
|
|
|
if [ \( "$fsType" != cifs -a "$fsType" != zfs \) -o "$n" -ge 10 ]; then fail; break; fi
|
2010-01-06 00:25:14 +00:00
|
|
|
|
echo "retrying..."
|
2017-09-25 11:07:25 +00:00
|
|
|
|
sleep 1
|
2010-01-06 00:25:14 +00:00
|
|
|
|
n=$((n + 1))
|
|
|
|
|
done
|
2016-08-22 00:15:13 +00:00
|
|
|
|
|
2022-09-29 06:33:44 +00:00
|
|
|
|
# For bind mounts, busybox has a tendency to ignore options, which can be a
|
|
|
|
|
# security issue (e.g. "nosuid"). Remounting the partition seems to fix the
|
|
|
|
|
# issue.
|
|
|
|
|
mount "/mnt-root$mountPoint" -o "remount,$optionsPrefixed"
|
|
|
|
|
|
2016-08-22 00:15:13 +00:00
|
|
|
|
[ "$mountPoint" == "/" ] &&
|
|
|
|
|
[ -f "/mnt-root/etc/NIXOS_LUSTRATE" ] &&
|
|
|
|
|
lustrateRoot "/mnt-root"
|
2017-01-03 16:28:55 +00:00
|
|
|
|
|
|
|
|
|
true
|
2007-02-06 16:53:36 +00:00
|
|
|
|
}
|
|
|
|
|
|
2016-08-22 00:15:13 +00:00
|
|
|
|
lustrateRoot () {
|
|
|
|
|
local root="$1"
|
|
|
|
|
|
|
|
|
|
echo
|
2022-12-17 23:00:58 +00:00
|
|
|
|
echo -e "\e[1;33m<<< @distroName@ is now lustrating the root filesystem (cruft goes to /old-root) >>>\e[0m"
|
2016-08-22 00:15:13 +00:00
|
|
|
|
echo
|
|
|
|
|
|
|
|
|
|
mkdir -m 0755 -p "$root/old-root.tmp"
|
|
|
|
|
|
|
|
|
|
echo
|
|
|
|
|
echo "Moving impurities out of the way:"
|
|
|
|
|
for d in "$root"/*
|
|
|
|
|
do
|
|
|
|
|
[ "$d" == "$root/nix" ] && continue
|
|
|
|
|
[ "$d" == "$root/boot" ] && continue # Don't render the system unbootable
|
|
|
|
|
[ "$d" == "$root/old-root.tmp" ] && continue
|
|
|
|
|
|
|
|
|
|
mv -v "$d" "$root/old-root.tmp"
|
|
|
|
|
done
|
|
|
|
|
|
2023-05-20 02:11:38 +00:00
|
|
|
|
# Use .tmp to make sure subsequent invocations don't clash
|
2016-08-22 00:15:13 +00:00
|
|
|
|
mv -v "$root/old-root.tmp" "$root/old-root"
|
|
|
|
|
|
|
|
|
|
mkdir -m 0755 -p "$root/etc"
|
|
|
|
|
touch "$root/etc/NIXOS"
|
|
|
|
|
|
|
|
|
|
exec 4< "$root/old-root/etc/NIXOS_LUSTRATE"
|
|
|
|
|
|
|
|
|
|
echo
|
|
|
|
|
echo "Restoring selected impurities:"
|
|
|
|
|
while read -u 4 keeper; do
|
|
|
|
|
dirname="$(dirname "$keeper")"
|
|
|
|
|
mkdir -m 0755 -p "$root/$dirname"
|
|
|
|
|
cp -av "$root/old-root/$keeper" "$root/$keeper"
|
|
|
|
|
done
|
|
|
|
|
|
|
|
|
|
exec 4>&-
|
|
|
|
|
}
|
2007-02-06 16:53:36 +00:00
|
|
|
|
|
2016-08-07 22:32:18 +00:00
|
|
|
|
|
|
|
|
|
|
2016-08-07 22:34:23 +00:00
|
|
|
|
if test -e /sys/power/resume -a -e /sys/power/disk; then
|
2016-08-07 22:35:43 +00:00
|
|
|
|
if test -n "@resumeDevice@" && waitDevice "@resumeDevice@"; then
|
2016-08-07 22:34:23 +00:00
|
|
|
|
resumeDev="@resumeDevice@"
|
|
|
|
|
resumeInfo="$(udevadm info -q property "$resumeDev" )"
|
|
|
|
|
else
|
|
|
|
|
for sd in @resumeDevices@; do
|
|
|
|
|
# Try to detect resume device. According to Ubuntu bug:
|
|
|
|
|
# https://bugs.launchpad.net/ubuntu/+source/pm-utils/+bug/923326/comments/1
|
|
|
|
|
# when there are multiple swap devices, we can't know where the hibernate
|
|
|
|
|
# image will reside. We can check all of them for swsuspend blkid.
|
2016-08-07 22:35:43 +00:00
|
|
|
|
if waitDevice "$sd"; then
|
|
|
|
|
resumeInfo="$(udevadm info -q property "$sd")"
|
|
|
|
|
if [ "$(echo "$resumeInfo" | sed -n 's/^ID_FS_TYPE=//p')" = "swsuspend" ]; then
|
|
|
|
|
resumeDev="$sd"
|
|
|
|
|
break
|
|
|
|
|
fi
|
2016-08-07 22:34:23 +00:00
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
fi
|
2016-08-07 22:35:43 +00:00
|
|
|
|
if test -n "$resumeDev"; then
|
2016-08-07 22:34:23 +00:00
|
|
|
|
resumeMajor="$(echo "$resumeInfo" | sed -n 's/^MAJOR=//p')"
|
|
|
|
|
resumeMinor="$(echo "$resumeInfo" | sed -n 's/^MINOR=//p')"
|
|
|
|
|
echo "$resumeMajor:$resumeMinor" > /sys/power/resume 2> /dev/null || echo "failed to resume..."
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
|
2019-09-21 15:08:00 +00:00
|
|
|
|
# If we have a path to an iso file, find the iso and link it to /dev/root
|
|
|
|
|
if [ -n "$isoPath" ]; then
|
|
|
|
|
mkdir -p /findiso
|
|
|
|
|
|
|
|
|
|
for delay in 5 10; do
|
|
|
|
|
blkid | while read -r line; do
|
|
|
|
|
device=$(echo "$line" | sed 's/:.*//')
|
|
|
|
|
type=$(echo "$line" | sed 's/.*TYPE="\([^"]*\)".*/\1/')
|
|
|
|
|
|
|
|
|
|
mount -t "$type" "$device" /findiso
|
|
|
|
|
if [ -e "/findiso$isoPath" ]; then
|
|
|
|
|
ln -sf "/findiso$isoPath" /dev/root
|
|
|
|
|
break 2
|
|
|
|
|
else
|
|
|
|
|
umount /findiso
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
|
|
|
|
|
sleep "$delay"
|
|
|
|
|
done
|
|
|
|
|
fi
|
2016-08-07 22:34:23 +00:00
|
|
|
|
|
2006-11-12 18:48:47 +00:00
|
|
|
|
# Try to find and mount the root device.
|
2015-06-13 13:02:41 +00:00
|
|
|
|
mkdir -p $targetRoot
|
2006-11-12 18:48:47 +00:00
|
|
|
|
|
2012-05-21 19:26:07 +00:00
|
|
|
|
exec 3< @fsInfo@
|
2008-08-08 23:01:30 +00:00
|
|
|
|
|
2012-05-21 19:26:07 +00:00
|
|
|
|
while read -u 3 mountPoint; do
|
|
|
|
|
read -u 3 device
|
|
|
|
|
read -u 3 fsType
|
|
|
|
|
read -u 3 options
|
2008-08-08 23:01:30 +00:00
|
|
|
|
|
|
|
|
|
# !!! Really quick hack to support bind mounts, i.e., where the
|
|
|
|
|
# "device" should be taken relative to /mnt-root, not /. Assume
|
2009-02-01 19:53:59 +00:00
|
|
|
|
# that every device that starts with / but doesn't start with /dev
|
|
|
|
|
# is a bind mount.
|
2009-06-22 14:44:48 +00:00
|
|
|
|
pseudoDevice=
|
2008-08-08 23:01:30 +00:00
|
|
|
|
case $device in
|
|
|
|
|
/dev/*)
|
|
|
|
|
;;
|
2009-06-18 16:47:00 +00:00
|
|
|
|
//*)
|
|
|
|
|
# Don't touch SMB/CIFS paths.
|
2009-06-22 14:44:48 +00:00
|
|
|
|
pseudoDevice=1
|
2009-06-18 16:47:00 +00:00
|
|
|
|
;;
|
2008-08-08 23:01:30 +00:00
|
|
|
|
/*)
|
|
|
|
|
device=/mnt-root$device
|
|
|
|
|
;;
|
2009-06-22 14:44:48 +00:00
|
|
|
|
*)
|
|
|
|
|
# Not an absolute path; assume that it's a pseudo-device
|
|
|
|
|
# like an NFS path (e.g. "server:/path").
|
|
|
|
|
pseudoDevice=1
|
|
|
|
|
;;
|
2008-08-08 23:01:30 +00:00
|
|
|
|
esac
|
2007-02-06 16:53:36 +00:00
|
|
|
|
|
2016-08-07 22:32:18 +00:00
|
|
|
|
if test -z "$pseudoDevice" && ! waitDevice "$device"; then
|
|
|
|
|
# If it doesn't appear, try to mount it anyway (and
|
|
|
|
|
# probably fail). This is a fallback for non-device "devices"
|
|
|
|
|
# that we don't properly recognise.
|
|
|
|
|
echo "Timed out waiting for device $device, trying to mount anyway."
|
2008-08-08 23:15:36 +00:00
|
|
|
|
fi
|
|
|
|
|
|
2012-04-06 14:20:43 +00:00
|
|
|
|
# Wait once more for the udev queue to empty, just in case it's
|
|
|
|
|
# doing something with $device right now.
|
2015-09-28 18:28:51 +00:00
|
|
|
|
udevadm settle
|
2012-04-06 14:20:43 +00:00
|
|
|
|
|
2017-04-18 11:45:30 +00:00
|
|
|
|
# If copytoram is enabled: skip mounting the ISO and copy its content to a tmpfs.
|
|
|
|
|
if [ -n "$copytoram" ] && [ "$device" = /dev/root ] && [ "$mountPoint" = /iso ]; then
|
|
|
|
|
fsType=$(blkid -o value -s TYPE "$device")
|
2021-08-24 22:46:45 +00:00
|
|
|
|
fsSize=$(blockdev --getsize64 "$device" || stat -Lc '%s' "$device")
|
2017-04-18 11:45:30 +00:00
|
|
|
|
|
|
|
|
|
mkdir -p /tmp-iso
|
|
|
|
|
mount -t "$fsType" /dev/root /tmp-iso
|
|
|
|
|
mountFS tmpfs /iso size="$fsSize" tmpfs
|
|
|
|
|
|
|
|
|
|
cp -r /tmp-iso/* /mnt-root/iso/
|
|
|
|
|
|
|
|
|
|
umount /tmp-iso
|
|
|
|
|
rmdir /tmp-iso
|
2022-08-17 04:56:58 +00:00
|
|
|
|
if [ -n "$isoPath" ] && [ $fsType = "iso9660" ] && mountpoint -q /findiso; then
|
|
|
|
|
umount /findiso
|
|
|
|
|
fi
|
2017-04-18 11:45:30 +00:00
|
|
|
|
continue
|
|
|
|
|
fi
|
|
|
|
|
|
2020-04-01 01:54:21 +00:00
|
|
|
|
if [ "$mountPoint" = / ] && [ "$device" = tmpfs ] && [ ! -z "$persistence" ]; then
|
|
|
|
|
echo persistence...
|
|
|
|
|
waitDevice "$persistence"
|
|
|
|
|
echo enabling persistence...
|
|
|
|
|
mountFS "$persistence" "$mountPoint" "$persistence_opt" "auto"
|
|
|
|
|
continue
|
|
|
|
|
fi
|
|
|
|
|
|
2022-10-22 21:55:04 +00:00
|
|
|
|
mountFS "$device" "$(escapeFstab "$mountPoint")" "$(escapeFstab "$options")" "$fsType"
|
2008-08-08 23:01:30 +00:00
|
|
|
|
done
|
2006-11-03 00:36:08 +00:00
|
|
|
|
|
2012-08-07 14:05:33 +00:00
|
|
|
|
exec 3>&-
|
|
|
|
|
|
2008-01-24 16:56:09 +00:00
|
|
|
|
|
2009-06-18 16:03:18 +00:00
|
|
|
|
@postMountCommands@
|
|
|
|
|
|
|
|
|
|
|
2014-10-10 15:16:10 +00:00
|
|
|
|
# Emit a udev rule for /dev/root to prevent systemd from complaining.
|
2014-11-11 22:48:31 +00:00
|
|
|
|
if [ -e /mnt-root/iso ]; then
|
2015-09-28 18:28:51 +00:00
|
|
|
|
eval $(udevadm info --export --export-prefix=ROOT_ --device-id-of-file=/mnt-root/iso)
|
2014-11-11 22:48:31 +00:00
|
|
|
|
else
|
2015-09-28 18:28:51 +00:00
|
|
|
|
eval $(udevadm info --export --export-prefix=ROOT_ --device-id-of-file=$targetRoot)
|
2014-11-11 22:48:31 +00:00
|
|
|
|
fi
|
2014-10-10 15:16:10 +00:00
|
|
|
|
if [ "$ROOT_MAJOR" -a "$ROOT_MINOR" -a "$ROOT_MAJOR" != 0 ]; then
|
|
|
|
|
mkdir -p /run/udev/rules.d
|
|
|
|
|
echo 'ACTION=="add|change", SUBSYSTEM=="block", ENV{MAJOR}=="'$ROOT_MAJOR'", ENV{MINOR}=="'$ROOT_MINOR'", SYMLINK+="root"' > /run/udev/rules.d/61-dev-root-link.rules
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
2008-08-08 22:44:45 +00:00
|
|
|
|
# Stop udevd.
|
2015-09-28 18:28:51 +00:00
|
|
|
|
udevadm control --exit
|
2011-09-22 08:26:58 +00:00
|
|
|
|
|
2016-02-22 05:42:24 +00:00
|
|
|
|
# Reset the logging file descriptors.
|
|
|
|
|
# Do this just before pkill, which will kill the tee process.
|
2016-04-05 14:06:53 +00:00
|
|
|
|
exec 1>&$logOutFd 2>&$logErrFd
|
|
|
|
|
eval "exec $logOutFd>&- $logErrFd>&-"
|
2016-02-22 05:42:24 +00:00
|
|
|
|
|
2011-09-22 08:26:58 +00:00
|
|
|
|
# Kill any remaining processes, just to be sure we're not taking any
|
2014-05-21 13:19:01 +00:00
|
|
|
|
# with us into stage 2. But keep storage daemons like unionfs-fuse.
|
nixos/stage-1: Don't kill kernel threads
Unfortunately, pkill doesn't distinguish between kernel and user space
processes, so we need to make sure we don't accidentally kill kernel
threads.
Normally, a kernel thread ignores all signals, but there are a few that
do. A quick grep on the kernel source tree (as of kernel 4.6.0) shows
the following source files which use allow_signal():
drivers/isdn/mISDN/l1oip_core.c
drivers/md/md.c
drivers/misc/mic/cosm/cosm_scif_server.c
drivers/misc/mic/cosm_client/cosm_scif_client.c
drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
drivers/staging/rtl8188eu/core/rtw_cmd.c
drivers/staging/rtl8712/rtl8712_cmd.c
drivers/target/iscsi/iscsi_target.c
drivers/target/iscsi/iscsi_target_login.c
drivers/target/iscsi/iscsi_target_nego.c
drivers/usb/atm/usbatm.c
drivers/usb/gadget/function/f_mass_storage.c
fs/jffs2/background.c
fs/lockd/clntlock.c
fs/lockd/svc.c
fs/nfs/nfs4state.c
fs/nfsd/nfssvc.c
While not all of these are necessarily kthreads and some functionality
may still be unimpeded, it's still quite harmful and can cause
unexpected side-effects, especially because some of these kthreads are
storage-related (which we obviously don't want to kill during bootup).
During discussion at #15226, @dezgeg suggested the following
implementation:
for pid in $(pgrep -v -f '@'); do
if [ "$(cat /proc/$pid/cmdline)" != "" ]; then
kill -9 "$pid"
fi
done
This has a few downsides:
* User space processes which use an empty string in their command line
won't be killed.
* It results in errors during bootup because some shell-related
processes are already terminated (maybe it's pgrep itself, haven't
checked).
* The @ is searched within the full command line, not just at the
beginning of the string. Of course, we already had this until now, so
it's not a problem of his implementation.
I posted an alternative implementation which doesn't suffer from the
first point, but even that one wasn't sufficient:
for pid in $(pgrep -v -f '^@'); do
readlink "/proc/$pid/exe" &> /dev/null || continue
echo "$pid"
done | xargs kill -9
This one spawns a subshell, which would be included in the processes to
kill and actually kills itself during the process.
So what we have now is even checking whether the shell process itself is
in the list to kill and avoids killing it just to be sure.
Also, we don't spawn a subshell anymore and use /proc/$pid/exe to
distinguish between user space and kernel processes like in the comments
of the following StackOverflow answer:
http://stackoverflow.com/a/12231039
We don't need to take care of terminating processes, because what we
actually want IS to terminate the processes.
The only point where this (and any previous) approach falls short if we
have processes that act like fork bombs, because they might spawn
additional processes between the pgrep and the killing. We can only
address this with process/control groups and this still won't save us
because the root user can escape from that as well.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #15226
2016-05-06 10:36:58 +00:00
|
|
|
|
#
|
|
|
|
|
# Storage daemons are distinguished by an @ in front of their command line:
|
|
|
|
|
# https://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons/
|
2016-10-28 20:50:44 +00:00
|
|
|
|
for pid in $(pgrep -v -f '^@'); do
|
nixos/stage-1: Don't kill kernel threads
Unfortunately, pkill doesn't distinguish between kernel and user space
processes, so we need to make sure we don't accidentally kill kernel
threads.
Normally, a kernel thread ignores all signals, but there are a few that
do. A quick grep on the kernel source tree (as of kernel 4.6.0) shows
the following source files which use allow_signal():
drivers/isdn/mISDN/l1oip_core.c
drivers/md/md.c
drivers/misc/mic/cosm/cosm_scif_server.c
drivers/misc/mic/cosm_client/cosm_scif_client.c
drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c
drivers/staging/rtl8188eu/core/rtw_cmd.c
drivers/staging/rtl8712/rtl8712_cmd.c
drivers/target/iscsi/iscsi_target.c
drivers/target/iscsi/iscsi_target_login.c
drivers/target/iscsi/iscsi_target_nego.c
drivers/usb/atm/usbatm.c
drivers/usb/gadget/function/f_mass_storage.c
fs/jffs2/background.c
fs/lockd/clntlock.c
fs/lockd/svc.c
fs/nfs/nfs4state.c
fs/nfsd/nfssvc.c
While not all of these are necessarily kthreads and some functionality
may still be unimpeded, it's still quite harmful and can cause
unexpected side-effects, especially because some of these kthreads are
storage-related (which we obviously don't want to kill during bootup).
During discussion at #15226, @dezgeg suggested the following
implementation:
for pid in $(pgrep -v -f '@'); do
if [ "$(cat /proc/$pid/cmdline)" != "" ]; then
kill -9 "$pid"
fi
done
This has a few downsides:
* User space processes which use an empty string in their command line
won't be killed.
* It results in errors during bootup because some shell-related
processes are already terminated (maybe it's pgrep itself, haven't
checked).
* The @ is searched within the full command line, not just at the
beginning of the string. Of course, we already had this until now, so
it's not a problem of his implementation.
I posted an alternative implementation which doesn't suffer from the
first point, but even that one wasn't sufficient:
for pid in $(pgrep -v -f '^@'); do
readlink "/proc/$pid/exe" &> /dev/null || continue
echo "$pid"
done | xargs kill -9
This one spawns a subshell, which would be included in the processes to
kill and actually kills itself during the process.
So what we have now is even checking whether the shell process itself is
in the list to kill and avoids killing it just to be sure.
Also, we don't spawn a subshell anymore and use /proc/$pid/exe to
distinguish between user space and kernel processes like in the comments
of the following StackOverflow answer:
http://stackoverflow.com/a/12231039
We don't need to take care of terminating processes, because what we
actually want IS to terminate the processes.
The only point where this (and any previous) approach falls short if we
have processes that act like fork bombs, because they might spawn
additional processes between the pgrep and the killing. We can only
address this with process/control groups and this still won't save us
because the root user can escape from that as well.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Fixes: #15226
2016-05-06 10:36:58 +00:00
|
|
|
|
# Make sure we don't kill kernel processes, see #15226 and:
|
|
|
|
|
# http://stackoverflow.com/questions/12213445/identifying-kernel-threads
|
|
|
|
|
readlink "/proc/$pid/exe" &> /dev/null || continue
|
|
|
|
|
# Try to avoid killing ourselves.
|
|
|
|
|
[ $pid -eq $$ ] && continue
|
|
|
|
|
kill -9 "$pid"
|
|
|
|
|
done
|
2008-08-08 22:44:45 +00:00
|
|
|
|
|
2007-05-30 10:32:42 +00:00
|
|
|
|
if test -n "$debug1mounts"; then fail; fi
|
|
|
|
|
|
2006-11-24 00:04:29 +00:00
|
|
|
|
|
2009-12-15 18:31:21 +00:00
|
|
|
|
# Restore /proc/sys/kernel/modprobe to its original value.
|
|
|
|
|
echo /sbin/modprobe > /proc/sys/kernel/modprobe
|
|
|
|
|
|
|
|
|
|
|
2010-06-01 15:53:24 +00:00
|
|
|
|
# Start stage 2. `switch_root' deletes all files in the ramfs on the
|
2021-02-25 20:27:02 +00:00
|
|
|
|
# current root. The path has to be valid in the chroot not outside.
|
|
|
|
|
if [ ! -e "$targetRoot/$stage2Init" ]; then
|
|
|
|
|
stage2Check=${stage2Init}
|
|
|
|
|
while [ "$stage2Check" != "${stage2Check%/*}" ] && [ ! -L "$targetRoot/$stage2Check" ]; do
|
|
|
|
|
stage2Check=${stage2Check%/*}
|
|
|
|
|
done
|
|
|
|
|
if [ ! -L "$targetRoot/$stage2Check" ]; then
|
|
|
|
|
echo "stage 2 init script ($targetRoot/$stage2Init) not found"
|
|
|
|
|
fail
|
|
|
|
|
fi
|
2010-07-22 14:40:29 +00:00
|
|
|
|
fi
|
2009-06-10 15:02:39 +00:00
|
|
|
|
|
2011-07-24 23:36:30 +00:00
|
|
|
|
mkdir -m 0755 -p $targetRoot/proc $targetRoot/sys $targetRoot/dev $targetRoot/run
|
|
|
|
|
|
2012-07-25 02:04:28 +00:00
|
|
|
|
mount --move /proc $targetRoot/proc
|
|
|
|
|
mount --move /sys $targetRoot/sys
|
|
|
|
|
mount --move /dev $targetRoot/dev
|
|
|
|
|
mount --move /run $targetRoot/run
|
2010-06-01 15:53:24 +00:00
|
|
|
|
|
2013-01-23 10:51:58 +00:00
|
|
|
|
exec env -i $(type -P switch_root) "$targetRoot" "$stage2Init"
|
2008-08-16 00:59:12 +00:00
|
|
|
|
|
2009-06-10 15:02:39 +00:00
|
|
|
|
fail # should never be reached
|