OpenSDE
/
rocklinux
mirror of https://github.com/amery/rocklinux.git
2
0
Fork 0
Code Releases Wiki Activity
mirror of the now-defunct rocklinux.org
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7275 Commits
1 Branch
0 Tags
34 MiB
 
 
 
 
 
 
Tree: 93632209e6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '93632209e6'
${ noResults }
rocklinux/target/tor/fixedfiles/mod_rockate.sh

278 lines
9.3 KiB
Raw Blame History

#!/bin/bash
# --- ROCK-COPYRIGHT-NOTE-BEGIN ---
#
# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
# Please add additional copyright information _after_ the line containing
# the ROCK-COPYRIGHT-NOTE-END tag. Otherwise it might get removed by
# the ./scripts/Create-CopyPatch script. Do not edit this copyright text!
#
# ROCK Linux: rock-src/target/tor/fixedfiles/mod_rockate.sh
# ROCK Linux is Copyright (C) 1998 - 2007 Clifford Wolf
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version. A copy of the GNU General Public
# License can be found at Documentation/COPYING.
#
# Many people helped and are helping developing ROCK Linux. Please
# have a look at http://www.rocklinux.org/ and the Documentation/TEAM
# file for details.
#
# --- ROCK-COPYRIGHT-NOTE-END ---
#
# ROCKate network setup
rockate_add_bootmenu() {
read VERSION < /etc/ROCKATE_VERSION
disk="${1}"
installon="${2}"
mount ${disk} /mnt/generic
path=/
[ -d /mnt/generic/boot ] && path=/boot
read menulst < <( find /mnt/generic$path -name menu.lst | head -n 1)
read devicemap < <( find /mnt/generic$path -name device.map | head -n 1)
read physical < <( readlink -f ${installon} )
physical=${physical%[0-9]}
if ! grep -q ${physical} ${devicemap} ; then
for x in /dev /proc /sys /tmp ; do
mount --bind $x /mnt/generic$x
done
chroot /mnt/generic stone -text grub create_device_map
for x in /dev /proc /sys /tmp ; do
umount /mnt/generic$x
done
fi
read grubdevice linuxdevice < <( grep ${physical} ${devicemap} )
if [ -z "${grubdevice}" ] ; then
echo "WTF?"
return
fi
cat >> ${menulst} <<-EOF
title ROCKate ${VERSION} 1024
kernel ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/vmlinuz root=/dev/ram init=/linuxrc video=vesa:ywrap,mtrr vga=0x317 rw
initrd ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/initrd.img
title ROCKate ${VERSION} 1280
kernel ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/vmlinuz root=/dev/ram init=/linuxrc video=vesa:ywrap,mtrr vga=0x31A rw
initrd ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/initrd.img
title ROCKate ${VERSION} 800
kernel ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/vmlinuz root=/dev/ram init=/linuxrc video=vesa:ywrap,mtrr vga=0x314 rw
initrd ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/initrd.img
title ROCKate ${VERSION} 640
kernel ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/vmlinuz root=/dev/ram init=/linuxrc video=vesa:ywrap,mtrr vga=0x311 rw
initrd ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/initrd.img
title ROCKate ${VERSION} Text only
kernel ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/vmlinuz root=/dev/ram init=/linuxrc vga=0 rw 3
initrd ${grubdevice%)},$(( ${installon##*part} - 1 )))/boot/initrd.img
EOF
umount /mnt/generic
}
rockate_install_on() {
disk="${1}"
mount ${disk} /mnt/generic || return
cp -arv /mnt/cowfs_ro/* /mnt/generic/
find /mnt/cowfs_rw/ -type f | while read file ; do
target="${file#/mnt/cowfs_rw/}"
mkdir -p /mnt/generic/$( dirname ${target} )
cp -v ${file} /mnt/generic/${target}
done
touch /mnt/generic/etc/HDINSTALL
for x in /dev /proc /sys /tmp ; do
mount --bind $x /mnt/generic$x
done
echo -n > /mnt/generic/etc/ld.so.preload
tmp="$(mktemp)"
grep -v ' / ' /mnt/generic/etc/fstab > $tmp
echo "${disk} / auto defaults 0 0" >> $tmp
mv $tmp /mnt/generic/etc/fstab
chmod 0644 /mnt/generic/etc/fstab
chown rocker.users /mnt/generic/home/rocker -R
chroot /mnt/generic mkinitrd
for x in /dev /proc /sys /tmp ; do
umount /mnt/generic$x
done
umount /mnt/generic
}
rockate_install() {
unset bootparts menu
mkdir -p /mnt/generic
for disk in /dev/disk/by-id/* ; do
mount ${disk} /mnt/generic >/dev/null 2>&1 || continue
if [ -f /mnt/generic/menu.lst -o -f /mnt/generic/boot/menu.lst -o \
-f /mnt/generic/boot/grub/menu.lst -o -f /mnt/generic/grub/menu.lst ] ; then
bootparts="${bootparts} ${disk}"
fi
menu="${menu} 'Install on ${disk##*/} (contains: $( ls -d /mnt/generic/* 2>/dev/null | sed -e 's,^/mnt/generic/,,g' | sed -e 's/^\(.{,80}\).*$/\1/g' ))' 'installon=${disk}; rockate_install_on ${disk}'"
umount /mnt/generic >/dev/null 2>&1
done
eval gui_menu FOO "'ROCKate installation'" ${menu} || return
unset menu
if [ -n "${bootparts}" ] ; then
for x in ${bootparts} ; do
mount $x /mnt/generic
menu="${menu} 'Add ROCKate to $x (contains:"
while read y title ; do
menu="${menu} ${title}"
done < <( grep -i title $( find /mnt/generic -name menu.lst ) )
umount /mnt/generic
menu="${menu})' 'rockate_add_bootmenu ${x} ${installon}'"
done
eval gui_menu FOO "'ROCKate installation'" ${menu} || return
else
mount $disk /mnt/generic
for x in /dev /proc /sys /tmp ; do
mount --bind $x /mnt/generic$x
done
chroot /mnt/generic stone -text grub grub_setup
for x in /dev /proc /sys /tmp ; do
umount /mnt/generic$x
done
umount $disk
fi
}
rockate_configure() {
local device="${1}"
read inet ip rest < <( ip addr show ${device} | grep 'inet ' )
gui_input "Enter IP address for ${device}" "${ip}" newip
if [ -n "${newip}" -a "${newip}" != "${ip}" ] ; then
ip addr del "${ip}" dev "${device}"
ip addr add "${newip}" dev "${device}"
fi
}
rockate_defaultroute(){
local gw="${1}"
gui_input "Enter IP Address for the default router" "${gw}" newgw
if [ -n "${newgw}" -a "${gw}" != "${newgw}" ] ; then
route del -net default ${gw}
route add -net default ${newgw}
fi
}
rockate_update(){
read version < /etc/ROCKATE_VERSION
tmp="/tmp/update.${$}"
echo "Downloading Updatelist"
wget -O ${tmp} http://xsanr2oqmett7ovm.onion/UPDATES_${version}
if [ ! -s "${tmp}" ] ; then
echo "No updates available for version ${version}."
rm -f ${tmp}
return
fi
while read url description ; do
echo "Downloading update: ${description}"
wget -O /tmp/update.tar.bz2 "${url}"
cd /
echo "Installing update: ${description}"
tar xf /tmp/update.tar.bz2
cd -
rm -f /tmp/update.tar.bz2
if [ -f /tmp/postupdate.sh ] ; then
chmod +x /tmp/postupdate.sh
/tmp/postupdate.sh
rm -f /tmp/postupdate.sh
fi
done < ${tmp}
rm -f ${tmp}
}
rockate_transparent_tor(){
# based on http://wiki.noreply.org/noreply/TheOnionRouter/TransparentProxy
# destinations you don't want routed through Tor
NON_TOR=""
while read inet addr brd bcast rest ; do
# inet 127.0.0.1/8 scope host lo
# inet 213.239.220.170/27 brd 213.239.220.191 scope global eth0
[ "${addr:0:3}" == "127" ] && continue
read addr1 addr2 addr3 addr4 subnet <<< "${addr//[.\/]/ }"
read bcast1 bcast2 bcast3 bcast4 <<< "${bcast//./ }"
unset netaddr
for x in 1 2 3 4 ; do
eval a="\${addr${x}}"
eval b="\${bcast${x}}"
if [ ${subnet} -ge 8 ] ; then
# the simple case
netaddr="${netaddr}${netaddr:+.}${a}"
subnet=$(( ${subnet} - 8 ))
elif [ ${subnet} -eq 0 ] ; then
# the other simple case
netaddr="${netaddr}${netaddr:+.}0"
else
# 0 < subnet < 8
b="$(( ( ${b} + 1 ) - ( 2 ** ( 8 - ${subnet} ) ) ))"
netaddr="${netaddr}${netaddr:+.}${b}"
subnet=0
fi
done
NON_TOR="${NON_TOR} ${netaddr}/${addr##*/}"
done < <( ip a | grep inet | grep -v inet6 )
# the UID Tor runs as
TOR_UID="79"
# Tor's TransPort
TRANS_PORT="9040"
lsmod | grep ipt_owner || modprobe ipt_owner
iptables -F
iptables -t nat -F
iptables -t nat -A OUTPUT -m owner --uid-owner $TOR_UID -j RETURN
for NET in $NON_TOR 127.0.0.0/9 127.128.0.0/10; do
iptables -t nat -A OUTPUT -d $NET -j RETURN
done
iptables -t nat -A OUTPUT -p tcp --syn -j DNAT --to-dest 127.0.0.1:$TRANS_PORT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
for NET in $NON_TOR 127.0.0.0/8; do
iptables -A OUTPUT -d $NET -j ACCEPT
done
iptables -A OUTPUT -m owner --uid-owner $TOR_UID -j ACCEPT
iptables -A OUTPUT -j REJECT
}
main() {
#eth0 Link encap:Ethernet HWaddr 00:10:DC:7C:EE:8A
while
menu=""
while read name a b c mac ; do
read inet ip rest < <( ip addr show ${name} | grep 'inet ' )
menu="${menu} 'Device ${name} (${mac})' ''"
menu="${menu} ' IP Address: ${ip}' ''"
menu="${menu} ' Configure via dhcp' 'dhclient -v ${name}'"
menu="${menu} ' Configure manually' 'rockate_configure ${name}'"
done < <( ifconfig -a | grep HWaddr ) # we only want 'real' interfaces
menu="${menu} '' ''"
read dest gw msk fl met ref use dev < <( route -n | grep ^0.0.0.0 )
menu="${menu} 'Default Route: ${gw} (via ${dev})' 'rockate_defaultroute ${gw}'"
menu="${menu} '' ''"
menu="${menu} 'Setup transparent Tor proxy (use after network setup)' 'rockate_transparent_tor'"
if [ ! -e /etc/HDINSTALL ] ; then
menu="${menu} 'The following option can be used to update the ROCKate environment at' ''"
menu="${menu} 'runtime if an update file has been provided. These changes will be' ''"
menu="${menu} 'gone after reboot, so please use only if you really want to.' ''"
fi
menu="${menu} 'Update ROCKate' 'rockate_update'"
if [ -f /etc/ULTIMATE -a ! -e /etc/HDINSTALL ] ; then
menu="${menu} '' ''"
menu="${menu} 'Install ROCKate to disk' 'rockate_install'"
menu="${menu} 'See http://xsanr2oqmett7ovm.onion/wiki/show/PostInstall for steps' ''"
menu="${menu} 'to do after installation!' ''"
fi
eval gui_menu FOO "'ROCKate Configuration'" ${menu}
do : ; done
}