OpenSDE
/
rocklinux
mirror of https://github.com/amery/rocklinux.git

#!/bin/bash
# --- ROCK-COPYRIGHT-NOTE-BEGIN ---
# 
# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
# Please add additional copyright information _after_ the line containing
# the ROCK-COPYRIGHT-NOTE-END tag. Otherwise it might get removed by
# the ./scripts/Create-CopyPatch script. Do not edit this copyright text!
# 
# ROCK Linux: rock-src/target/tor/fixedfiles/mod_rockate.sh
# ROCK Linux is Copyright (C) 1998 - 2007 Clifford Wolf
# 
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version. A copy of the GNU General Public
# License can be found at Documentation/COPYING.
# 
# Many people helped and are helping developing ROCK Linux. Please
# have a look at http://www.rocklinux.org/ and the Documentation/TEAM
# file for details.
# 
# --- ROCK-COPYRIGHT-NOTE-END ---
#
# ROCKate network setup

rockate_add_bootmenu() {
	read VERSION < /etc/ROCKATE_VERSION
	disk="${1}"
	installon="${2}"
	mount ${disk} /mnt/generic
	path=/
	[ -d /mnt/generic/boot ] && path=/boot
	read menulst < <( find /mnt/generic$path -name menu.lst | head -n 1)
	read devicemap < <( find /mnt/generic$path -name device.map | head -n 1)
	read physical < <( readlink -f ${installon} )
	physical=${physical%[0-9]}
	if ! grep -q ${physical} ${devicemap} ; then
		for x in /dev /proc /sys /tmp ; do
			mount --bind $x /mnt/generic$x
		done
		chroot /mnt/generic stone -text grub create_device_map
		for x in /dev /proc /sys /tmp ; do
			umount /mnt/generic$x
		done
	fi
	read grubdevice linuxdevice < <( grep ${physical} ${devicemap} )
	if [ -z "${grubdevice}" ] ; then
		echo "WTF?"
		return
	fi
	cat >> ${menulst} <<-EOF

title  ROCKate ${VERSION} 1024
kernel ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/vmlinuz root=/dev/ram init=/linuxrc video=vesa:ywrap,mtrr vga=0x317 rw
initrd ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/initrd.img

title  ROCKate ${VERSION} 1280
kernel ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/vmlinuz root=/dev/ram init=/linuxrc video=vesa:ywrap,mtrr vga=0x31A rw
initrd ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/initrd.img

title  ROCKate ${VERSION} 800
kernel ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/vmlinuz root=/dev/ram init=/linuxrc video=vesa:ywrap,mtrr vga=0x314 rw
initrd ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/initrd.img

title  ROCKate ${VERSION} 640
kernel ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/vmlinuz root=/dev/ram init=/linuxrc video=vesa:ywrap,mtrr vga=0x311 rw
initrd ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/initrd.img

title  ROCKate ${VERSION} Text only
kernel ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/vmlinuz root=/dev/ram init=/linuxrc vga=0 rw 3
initrd ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/initrd.img
	EOF
	umount /mnt/generic
}
rockate_install_on() {
	disk="${1}"
	mount ${disk} /mnt/generic || return
	cp -arv /mnt/cowfs_ro/* /mnt/generic/
	find /mnt/cowfs_rw/ -type f | while read file ; do
		target="${file#/mnt/cowfs_rw/}"
		mkdir -p /mnt/generic/$( dirname ${target} )
		cp -v ${file} /mnt/generic/${target}
	done
	touch /mnt/generic/etc/HDINSTALL
	for x in /dev /proc /sys /tmp ; do
		mount --bind $x /mnt/generic$x
	done

	echo -n > /mnt/generic/etc/ld.so.preload
	tmp="$(mktemp)"
	grep -v ' / ' /mnt/generic/etc/fstab > $tmp
	echo "${disk} / auto defaults 0 0" >> $tmp
	mv $tmp /mnt/generic/etc/fstab
	chmod 0644 /mnt/generic/etc/fstab
	chown rocker.users /mnt/generic/home/rocker -R
	chroot /mnt/generic mkinitrd

	for x in /dev /proc /sys /tmp ; do
		umount /mnt/generic$x
	done
	umount /mnt/generic
}

rockate_install() {
	unset bootparts menu
	mkdir -p /mnt/generic
	for disk in /dev/disk/by-id/* ; do
		mount ${disk} /mnt/generic >/dev/null 2>&1 || continue
		if [ -f /mnt/generic/menu.lst -o -f /mnt/generic/boot/menu.lst -o \
		     -f /mnt/generic/boot/grub/menu.lst -o -f /mnt/generic/grub/menu.lst ] ; then
		     bootparts="${bootparts} ${disk}"
		fi
		menu="${menu} 'Install on ${disk##*/} (contains: $( ls -d /mnt/generic/* 2>/dev/null | sed -e 's,^/mnt/generic/,,g' | sed -e 's/^\(.{,80}\).*$/\1/g' ))' 'installon=${disk}; rockate_install_on ${disk}'"
		umount /mnt/generic >/dev/null 2>&1
	done
	eval gui_menu FOO "'ROCKate installation'" ${menu} || return

	unset menu
	if [ -n "${bootparts}" ] ; then
		for x in ${bootparts} ; do
			mount $x /mnt/generic
			menu="${menu} 'Add ROCKate to $x (contains:"
			while read y title ; do
				menu="${menu} ${title}"
			done < <( grep -i title $( find /mnt/generic -name menu.lst ) )
			umount /mnt/generic
			menu="${menu})' 'rockate_add_bootmenu ${x} ${installon}'"
		done

		eval gui_menu FOO "'ROCKate installation'" ${menu} || return
	else
		mount $disk /mnt/generic
		for x in /dev /proc /sys /tmp ; do
			mount --bind $x /mnt/generic$x
		done
		chroot /mnt/generic stone -text grub grub_setup
		for x in /dev /proc /sys /tmp ; do
			umount /mnt/generic$x
		done
		umount $disk
	fi
}

rockate_configure() {
	local device="${1}"
	read inet ip rest < <( ip addr show ${device} | grep 'inet ' )
	gui_input "Enter IP address for ${device}" "${ip}" newip
	if [ -n "${newip}" -a "${newip}" != "${ip}" ] ; then
		ip addr del "${ip}" dev "${device}"
		ip addr add "${newip}" dev "${device}"
	fi
}

rockate_defaultroute(){
	local gw="${1}"
	gui_input "Enter IP Address for the default router" "${gw}" newgw
	if [ -n "${newgw}" -a "${gw}" != "${newgw}" ] ; then
		route del -net default ${gw}
		route add -net default ${newgw}
	fi
}

rockate_update(){
	read version < /etc/ROCKATE_VERSION
	tmp="/tmp/update.${$}"
	echo "Downloading Updatelist"
	wget -O ${tmp} http://xsanr2oqmett7ovm.onion/UPDATES_${version}
	if [ ! -s "${tmp}" ] ; then
		echo "No updates available for version ${version}."
		rm -f ${tmp}
		return
	fi
	while read url description ; do
		echo "Downloading update: ${description}"
		wget -O /tmp/update.tar.bz2 "${url}"
		cd /
		echo "Installing update: ${description}"
		tar xf /tmp/update.tar.bz2
		cd -
		rm -f /tmp/update.tar.bz2
		if [ -f /tmp/postupdate.sh ] ; then
			chmod +x /tmp/postupdate.sh
			/tmp/postupdate.sh
			rm -f /tmp/postupdate.sh
		fi
	done < ${tmp}
	rm -f ${tmp}
}

rockate_transparent_tor(){
	# based on http://wiki.noreply.org/noreply/TheOnionRouter/TransparentProxy
# destinations you don't want routed through Tor
	NON_TOR=""
	while read inet addr brd bcast rest ; do
# inet 127.0.0.1/8 scope host lo
# inet 213.239.220.170/27 brd 213.239.220.191 scope global eth0
		[ "${addr:0:3}" == "127" ] && continue

		read addr1 addr2 addr3 addr4 subnet <<< "${addr//[.\/]/ }"
		read bcast1 bcast2 bcast3 bcast4 <<< "${bcast//./ }"
		unset netaddr
		for x in 1 2 3 4 ; do
			eval a="\${addr${x}}"
			eval b="\${bcast${x}}"
			if [ ${subnet} -ge 8 ] ; then
				# the simple case
				netaddr="${netaddr}${netaddr:+.}${a}"
				subnet=$(( ${subnet} - 8 ))
			elif [ ${subnet} -eq 0 ] ; then
				# the other simple case
				netaddr="${netaddr}${netaddr:+.}0"
			else
				# 0 < subnet < 8
				b="$(( ( ${b} + 1 ) - ( 2 ** ( 8 - ${subnet} ) ) ))"
				netaddr="${netaddr}${netaddr:+.}${b}"
				subnet=0
			fi
		done
		NON_TOR="${NON_TOR} ${netaddr}/${addr##*/}"
	done < <( ip a | grep inet | grep -v inet6 )

# the UID Tor runs as
	TOR_UID="79"

# Tor's TransPort
	TRANS_PORT="9040"

	lsmod | grep ipt_owner || modprobe ipt_owner

	iptables -F
	iptables -t nat -F

	iptables -t nat -A OUTPUT -m owner --uid-owner $TOR_UID -j RETURN
	for NET in $NON_TOR 127.0.0.0/9 127.128.0.0/10; do
		iptables -t nat -A OUTPUT -d $NET -j RETURN
	done
	iptables -t nat -A OUTPUT -p tcp --syn -j DNAT --to-dest 127.0.0.1:$TRANS_PORT

	iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
	for NET in $NON_TOR 127.0.0.0/8; do
		iptables -A OUTPUT -d $NET -j ACCEPT
	done
	iptables -A OUTPUT -m owner --uid-owner $TOR_UID -j ACCEPT
	iptables -A OUTPUT -j REJECT
}

main() {
#eth0      Link encap:Ethernet  HWaddr 00:10:DC:7C:EE:8A  
	while
		menu=""
		while read name a b c mac ; do
			read inet ip rest < <( ip addr show ${name} | grep 'inet ' )
			menu="${menu} 'Device ${name} (${mac})' ''"
			menu="${menu} ' IP Address: ${ip}' ''"
			menu="${menu} ' Configure via dhcp' 'dhclient -v ${name}'"
			menu="${menu} ' Configure manually' 'rockate_configure ${name}'"
		done < <( ifconfig -a | grep HWaddr )	# we only want 'real' interfaces
		menu="${menu} '' ''"
		read dest gw msk fl met ref use dev < <( route -n | grep ^0.0.0.0 )
		menu="${menu} 'Default Route: ${gw} (via ${dev})' 'rockate_defaultroute ${gw}'"
		menu="${menu} '' ''"
		menu="${menu} 'Setup transparent Tor proxy (use after network setup)' 'rockate_transparent_tor'"
		if [ ! -e /etc/HDINSTALL ] ; then
			menu="${menu} 'The following option can be used to update the ROCKate environment at' ''"
			menu="${menu} 'runtime if an update file has been provided. These changes will be' ''"
			menu="${menu} 'gone after reboot, so please use only if you really want to.' ''"
		fi
		menu="${menu} 'Update ROCKate' 'rockate_update'"
		if [ -f /etc/ULTIMATE -a ! -e /etc/HDINSTALL ] ; then
			menu="${menu} '' ''"
			menu="${menu} 'Install ROCKate to disk' 'rockate_install'"
			menu="${menu} 'See http://xsanr2oqmett7ovm.onion/wiki/show/PostInstall for steps' ''"
			menu="${menu} 'to do after installation!' ''"
		fi
		eval gui_menu FOO "'ROCKate Configuration'" ${menu}
	do : ; done
}