diff options
Diffstat (limited to 'defaults/login-remote.sh')
-rw-r--r-- | defaults/login-remote.sh | 80 |
1 files changed, 55 insertions, 25 deletions
diff --git a/defaults/login-remote.sh b/defaults/login-remote.sh index 7f711da7..4664d7bd 100644 --- a/defaults/login-remote.sh +++ b/defaults/login-remote.sh @@ -5,19 +5,33 @@ . /etc/initrd.scripts . "${CRYPT_ENV_FILE}" -splash() { - return 0 -} - [ -e /etc/initrd.splash ] && . /etc/initrd.splash +GK_INIT_LOG_PREFIX=${0} +if [ -n "${SSH_CLIENT}" ] +then + SSH_CLIENT_IP=$(echo "${SSH_CLIENT}" | awk '{ print $1 }') + SSH_CLIENT_PORT=$(echo "${SSH_CLIENT}" | awk '{ print $2 }') + + if [ -n "${SSH_CLIENT_IP}" ] && [ -n "${SSH_CLIENT_PORT}" ] + then + GK_INIT_LOG_PREFIX="${0}[${SSH_CLIENT_IP}:${SSH_CLIENT_PORT}]" + export SSH_CLIENT_IP + export SSH_CLIENT_PORT + fi +fi + receivefile() { case ${1} in root) - file=${CRYPT_KEYFILE_ROOT} + file=${CRYPT_ROOT_KEYFILE} ;; swap) - file=${CRYPT_KEYFILE_SWAP} + file=${CRYPT_SWAP_KEYFILE} + ;; + '') + bad_msg "No keyfile specified." ${CRYPT_SILENT} + exit 1 ;; *) bad_msg "Unknown '${1}' keyfile received." ${CRYPT_SILENT} @@ -26,24 +40,20 @@ receivefile() { esac # limit maximum stored bytes to 1M to avoid killing the server - dd of=${file} count=1k bs=1k 2>/dev/null + run dd of="${file}" count=1k bs=1k 2>/dev/null return $? } - - if [ "x${1}" = "x-c" ] then - command=$(echo ${2} | awk -F" " '{print $1}') - type=$(echo ${2} | awk -F" " '{print $2}') + command=$(echo "${2}" | awk '{ print $1 }') + type=$(echo "${2}" | awk '{ print $2 }') case ${command} in post) - receivefile ${type} - if [ $? -eq 0 ] + if receivefile "${type}" then - unlock-luks ${type} - if [ $? -eq 0 ] + if unlock-luks "${type}" then if [ "${type}" = 'root' ] then @@ -66,25 +76,45 @@ then exit 1 esac else + run touch "${GK_SSHD_LOCKFILE}" + + # Don't log further remote shell output + GK_INIT_LOG= + export PS1='remote rescueshell \w \# ' - touch "${GK_SSHD_LOCKFILE}" - good_msg "The lockfile '${GK_SSHD_LOCKFILE}' was created." - good_msg "In order to resume boot process, run 'resume-boot'." - good_msg "Be aware that it will kill your connection which means" - good_msg "you will no longer be able work in this shell." - if [ -n "${CRYPT_ROOT}" -a ! -f "${CRYPT_ROOT_OPENED_LOCKFILE}" ] + GOOD=${BLUE} good_msg "${NORMAL}Welcome to ${BOLD}${GK_META_VERSION}${NORMAL} (${GK_META_BUILD_DATE}) ${BOLD}remote rescue shell${NORMAL}!" + GOOD=${BLUE} good_msg "${NORMAL}...running Linux kernel ${BOLD}${KV}${NORMAL}" + echo + good_msg "${NORMAL}The lockfile '${BOLD}${GK_SSHD_LOCKFILE}${NORMAL}' was created." + good_msg "${NORMAL}In order to resume boot process, run '${BOLD}resume-boot${NORMAL}'." + good_msg "${NORMAL}Be aware that it will kill your connection which means" + good_msg "${NORMAL}you will no longer be able to work in this shell." + + if [ -n "${CRYPT_ROOT}" ] && [ ! -f "${CRYPT_ROOT_OPENED_LOCKFILE}" ] then - good_msg "To remote unlock LUKS-encrypted root device, run 'unlock-luks root'." + good_msg "${NORMAL}To remote unlock LUKS-encrypted root device, run '${BOLD}unlock-luks root${NORMAL}'." fi - if [ -n "${CRYPT_SWAP}" -a ! -f "${CRYPT_ROOT_OPENED_LOCKFILE}" ] + if [ -n "${CRYPT_SWAP}" ] && [ ! -f "${CRYPT_ROOT_OPENED_LOCKFILE}" ] then - good_msg "To remote unlock LUKS-encrypted swap device, run 'unlock-luks swap'." + good_msg "${NORMAL}To remote unlock LUKS-encrypted swap device, run '${BOLD}unlock-luks swap${NORMAL}'." fi + if [ -e "${ZFS_ENC_ENV_FILE}" ] && [ ! -f "${ZFS_ENC_OPENED_LOCKFILE}" ] + then + good_msg "${NORMAL}To remote unlock ZFS root device, run '${BOLD}unlock-zfs${NORMAL}'." + fi + + echo + [ -x /bin/sh ] && SH=/bin/sh || SH=/bin/ash - exec ${SH} --login + + exec \ + env \ + SSH_CLIENT_IP="${SSH_CLIENT_IP}" \ + SSH_CLIENT_PORT="${SSH_CLIENT_PORT}" \ + ${SH} --login fi exit 0 |