Last active
June 22, 2023 02:23
-
-
Save DennisLfromGA/f0abd21fba3a527b43749040ddd4f5d4 to your computer and use it in GitHub Desktop.
A script to remove rootfs verification and install an openssh server - needs to be run twice with two reboots.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| ### | |
| APPLICATION="${0##*/}" | |
| ARCHIVE='' | |
| CURRENTROOT="$(rootdev -s)" | |
| GO='' | |
| HOM=$HOME | |
| NUM='0' | |
| SUDO='' | |
| TMOUT='5' | |
| ret=0 | |
| ## Exits the script with exit code $1, spitting out message $@ to stderr | |
| error() { | |
| local ecode="$1" | |
| shift | |
| echo "$*" 1>&2 | |
| exit "$ecode" | |
| } | |
| #### | |
| #### If we're not running as root, restart as root. | |
| if [ ${UID:-$(id -u)} -ne 0 ]; then | |
| # echo "...elevating $USER to superuser..." | |
| # echo | |
| # exec sudo /bin/sh "$0" "$@" | |
| ### If we're not running as root, use sudo | |
| echo "...elevating $USER to superuser via 'sudo'..." | |
| echo | |
| SUDO='sudo' | |
| fi | |
| ### | |
| ### Check to see if rootfs is read-write | |
| if ${SUDO} mount -i -o remount,rw / 2>/dev/null; then | |
| echo "Your rootfs (${CURRENTROOT}) is mounted read-write ..." | |
| echo "*** $(mount | grep ' / ') ***"; echo | |
| else | |
| ## Check for bootcache fix ... | |
| ret=$(grep -iq bootcache /usr/share/vboot/bin/make_dev_ssd.sh; echo $?) | |
| if [ "$ret" -gt 0 ]; then | |
| echo "$ret: No 'bootcache' fix appplied yet. :(" | |
| error 2 "Not safe to continue, exiting..." | |
| else echo "$ret: The 'bootcache' fix has been appplied - yay. :)" | |
| echo "You can now run 'rw-rootfs' safely." | |
| fi | |
| echo "Making your rootfs read-write ..." | |
| if grep -q CHROMEOS_RELEASE_BOARD=chromeover64 /etc/lsb-release; then | |
| echo "...using CloudReady, disabling verity." | |
| echo "$SUDO disable_verity" 1>&2 | |
| $SUDO disable_verity || ret=$? | |
| else | |
| echo "$SUDO /usr/libexec/debugd/helpers/dev_features_rootfs_verification" 1>&2 | |
| $SUDO /usr/libexec/debugd/helpers/dev_features_rootfs_verification || ret=$? | |
| fi | |
| if [ "$ret" -gt 0 ]; then | |
| error 2 "Sorry but REMOVAL of rootfs verification failed." | |
| else | |
| echo | |
| echo "*** Rebooting in $TMOUT seconds to make changes effective ***" 1>&2 | |
| read -t $TMOUT -p "... ENTER 'a' TO ABORT! " GO | |
| if [ -n "${GO}" ]; then error 0 "Okay, ABORTING ..."; fi | |
| $SUDO reboot && exit $ret | |
| fi | |
| fi | |
| ### | |
| ### Check for crouton functions file ( for mounting custom partitions ) | |
| crouton_mount='/var/crouton' | |
| linux_mount='/var/linux' | |
| if [ -s /usr/local/bin/cros_funcs ]; then | |
| . /usr/local/bin/cros_funcs | |
| ## mount Linux partition if it exists | |
| mountlinux $linux_mount && echo "...a LINUX partition is${PRIOR} mounted on '$MOUNTLINUX'." | |
| # ${SUDO} mount -B /var/linux/ /mnt/stateful_partition/crouton/shared/linux/ | |
| ## mount CROUTON partition if it exists | |
| mountcrouton $crouton_mount && echo "...a CROUTON partition is${PRIOR} mounted on '$MOUNTCROUTON'." | |
| else | |
| ROOTDEVICE="`rootdev -d -s`" | |
| ## mount Linux partition if it exists | |
| linuxpart="`${SUDO} cgpt find -n -l ROOT-C "$ROOTDEVICE" 2>/dev/null`" | |
| if [ -n "$linuxpart" ]; then | |
| if [ "`${SUDO} cgpt show -i "$linuxpart" -s "$ROOTDEVICE"`" -gt 1 ]; then | |
| [ ! -d $linux_mount ] && ${SUDO} mkdir -p $linux_mount 2>/dev/null | |
| [ -d $linux_mount ] && ${SUDO} mount ${ROOTDEVICE}/$linuxpart $linux_mount 2>/dev/null | |
| [ -d ${linux_mount}/crouton ] && ${SUDO} mount -o bind ${linuxpart}/crouton $crouton_mount 2>/dev/null | |
| fi | |
| fi | |
| ## mount crouton partition if it exists | |
| croutonpart="`${SUDO} cgpt find -n -l CROUTON "$ROOTDEVICE" 2>/dev/null`" | |
| if [ -n "$croutonpart" ]; then | |
| if [ "`${SUDO} cgpt show -i "$croutonpart" -s "$ROOTDEVICE"`" -gt 1 ]; then | |
| [ ! -d $crouton_mount ] && ${SUDO} mkdir -p $crouton_mount 2>/dev/null | |
| [ -d $crouton_mount ] && ${SUDO} mount ${ROOTDEVICE}/$croutonpart $crouton_mount 2>/dev/null | |
| fi | |
| fi | |
| fi | |
| # ### | |
| # ### Make chronos/user HOME | |
| # if [ $SUDO_USER=chronos ]; then | |
| # HOM="/home/chronos/user" | |
| # fi | |
| # | |
| ### | |
| ### CHECKING FOR ARCHIVE FOLDER | |
| ARCHIVE=/var/crouton/archive | |
| if [ ! -d $ARCHIVE ]; then | |
| echo "Standard location of folder $ARCHIVE not found..." | |
| if [ -d ${HOM}/Downloads/archive ]; then | |
| echo -n "Found one... " | |
| ARCHIVE="${HOM}/Downloads/archive" | |
| echo "Using $ARCHIVE ..." | |
| elif [ -d /var/linux/archive ]; then | |
| echo -n "Found one... " | |
| ARCHIVE="/var/linux/archive" | |
| echo "Using $ARCHIVE ..." | |
| elif [ -r ./$APPLICATION ]; then | |
| echo -n "Found one... " | |
| ARCHIVE="`pwd`" | |
| echo "Using $ARCHIVE ..." | |
| else | |
| echo "Sorry, an archive folder could not be found..." | |
| error 1 "Aborting..." | |
| fi | |
| else | |
| echo "Using $ARCHIVE ..." | |
| fi | |
| ### | |
| ### ROUTINE TO INSTALL CONF FILES IF NEEDED | |
| INIT=/etc/init | |
| OPENSSH=0 | |
| cd $ARCHIVE | |
| echo "Checking upstart files in /etc/init." | |
| for CONF in *.conf | |
| do | |
| if [ ! -s ${INIT}/$CONF ]; then | |
| echo -n"file " | |
| if ${SUDO} cp -v $ARCHIVE/$CONF $INIT; then | |
| echo "installed..." | |
| NUM=$(($NUM+1)) | |
| else | |
| ret=1 | |
| fi | |
| elif ! diff ${INIT}/$CONF ${ARCHIVE}/$CONF 2>/dev/null 1>&2; then | |
| echo -n "file " | |
| if ${SUDO} cp -v ${ARCHIVE}/$CONF $INIT; then | |
| echo "updated..." | |
| NUM=$(($NUM+1)) | |
| else | |
| ret=1 | |
| fi | |
| else | |
| echo "file '${INIT}/$CONF' previously installed..." | |
| fi | |
| # if [ "$CONF" = "openssh-server.conf" ]; then | |
| # OPENSSH=1 | |
| # fi | |
| # echo "ret is $ret" | |
| if [ "$ret" -gt 0 ]; then | |
| echo "$ret: Copying to /etc/init/ has failed.:(" | |
| error 2 "No point in continuing, exiting..." | |
| fi | |
| done | |
| # | |
| # ### | |
| # ### CHANGE chromeos-boot-alert script delay from 30 seconds to 3 seconds | |
| # SBIN=/sbin | |
| # if ! diff ${SBIN}/chromeos-boot-alert ${ARCHIVE}/chromeos-boot-alert 2>/dev/null 1>&2; then | |
| # echo "file `${SUDO} cp -v ${ARCHIVE}/chromeos-boot-alert $SBIN` updated..." | |
| # ${SUDO} chmod +x ${SBIN}/chromeos-boot-alert 2>/dev/null | |
| # NUM=$(($NUM+1)) | |
| # else | |
| # echo "file '${SBIN}/chromeos-boot-alert' not present or previously installed..." | |
| # fi | |
| ### | |
| ### Check for openssh server setup | |
| echo | |
| if ! /usr/libexec/debugd/helpers/dev_features_ssh --q ; then | |
| ### | |
| ### Setup openssh-server | |
| echo "Setting up new openssh server ..." | |
| ${SUDO} /usr/libexec/debugd/helpers/dev_features_ssh | |
| NUM=$(($NUM+1)) | |
| echo "'openssh' server will start in /etc/init ..." | |
| else | |
| echo "An openssh server was previously setup ..." | |
| ls -Ll /etc/init/openssh-server.conf | |
| fi | |
| ### | |
| ### Reboot if needed. | |
| echo | |
| if [ "$NUM" -gt 0 ]; then | |
| echo "NOTE: Reboot for $NUM changes to be applied." | |
| echo "*** Rebooting in $TMOUT seconds to make changes effective ***" 1>&2 | |
| read -t $TMOUT -p "... ENTER 'a' TO ABORT! " GO | |
| if [ -n "${GO}" ]; then error 0 "Okay, ABORTING ..."; fi | |
| $SUDO reboot && exit $ret | |
| else | |
| echo "### No changes needed/made." | |
| fi |
Revision 3: Minor changes.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Revision 2: add CloudReady detection, restore archive scripts, use sudo.