-
-
Save sethrandall/743d0b29c77aebfe2041ef3827d322c9 to your computer and use it in GitHub Desktop.
VRO VM diff
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff -urN --no-dereference -x run orig/etc/init.d/network/network-up.sh live/etc/init.d/network/network-up.sh | |
--- orig/etc/init.d/network/network-up.sh 2022-10-06 14:42:10.359151513 -0600 | |
+++ live/etc/init.d/network/network-up.sh 2023-02-16 11:52:29.118001335 -0700 | |
@@ -6,6 +6,73 @@ | |
. /etc/init.d/init-utils/init-utils | |
. /etc/init.d/init-utils/init-utils-ex | |
+configure_dhcp() { | |
+ local IFACE=$1 | |
+ local IFACEPATH=$2 | |
+ | |
+ $LOGGER "Settings for $IFNAME will be acquired by DHCP" | |
+ REQUEST_OPTION="`xmlstarlet sel -t -v \"/settings/network/$IFACEPATH/ipconf/dhcp/@options\" $CONFIG_FILE`" | |
+ | |
+ UDHCPC_OPTIONS="-b -R -F \"$FQDN\" -o -T 4 -t 5 -A 10 $REQUEST_OPTION" | |
+ | |
+ if [ -f $FLR_FLAG_FILE ]; then | |
+ UDHCPC_OPTIONS="-n -R -F \"$FQDN\" -o $REQUEST_OPTION" | |
+ fi | |
+ | |
+ error_message="`udhcpc -S -i \"$IFNAME\" -h \"$HOSTNAME\" $UDHCPC_OPTIONS 2>&1`" | |
+ exec_status=$? | |
+ | |
+ if [ "$exec_status" -ne "0" ]; then | |
+ $LOGGER "Unable to obtain settings by DHCP for interface $IFNAME: [$error_message]." | |
+ warning_messages="$warning_messages\nUnable to obtain settings by DHCP for interface $IFNAME: [$error_message]." | |
+ fi | |
+} | |
+ | |
+configure_static() { | |
+ local IFNAME=$1 | |
+ local IFACEPATH=$2 | |
+ | |
+ IPCONFCOUNT=`xmlstarlet sel -t -v "count(/settings/network/$IFACEPATH/ipconf)" $CONFIG_FILE` | |
+ for i in `seq 1 $IPCONFCOUNT`; do | |
+ IP="`xmlstarlet sel -t -v \"/settings/network/$IFACEPATH/ipconf[$i]/ip\" $CONFIG_FILE`" | |
+ NETMASK="`xmlstarlet sel -t -v \"/settings/network/$IFACEPATH/ipconf[$i]/netmask\" $CONFIG_FILE`" | |
+ PHYS_DEV="`echo $IFNAME | sed -e 's/:.*//'`" | |
+ NETPREFIX="`ipcalc -p $IP $NETMASK | sed -e 's/PREFIX=//'`" | |
+ NETADDR="`ipcalc -n $IP/$NETPREFIX | sed -e 's/NETWORK=//'`" | |
+ BROADCAST="`ipcalc -b $IP/$NETPREFIX | sed -e 's/BROADCAST=//'`" | |
+ $LOGGER "dev: $IFNAME ip: $IP, netmask: $NETMASK" | |
+ | |
+ if ! echo "$IFNAME" | grep -q ':'; then | |
+ arptables -A INPUT -d $IP -i $IFNAME -j ACCEPT | |
+ arptables -A OUTPUT -s $IP -o $IFNAME -j ACCEPT | |
+ ip addr add $IP/$NETPREFIX broadcast $BROADCAST dev $IFNAME | |
+ ip link set $IFNAME up | |
+ else | |
+ continue | |
+ fi | |
+ | |
+ if [ "$PHYS_DEV" != "eth0" ]; then | |
+ if [ -f /var/run/skip_routing ]; then | |
+ continue | |
+ fi | |
+ | |
+ ip route flush dev $IFNAME | |
+ $LOGGER "Adding route $NETADDR/$NETPREFIX dev $PHYS_DEV table 2" | |
+ | |
+ error_message="`ip route add $NETADDR/$NETPREFIX dev $PHYS_DEV table 2 2>&1`" | |
+ exec_status=$? | |
+ | |
+ if [ "$exec_status" -ne "0" ]; then | |
+ $LOGGER "Adding route [$NETADDR/$NETPREFIX] for device [$PHYS_DEV] in table [2] failed: [$error_message]." | |
+ warning_messages="$warning_messages\nAdding route [$NETADDR/$NETPREFIX] for device [$PHYS_DEV] in table [2] failed: [$error_message]." | |
+ fi | |
+ | |
+ if [ $ENABLE_INTERNAL_ROUTING ]; then | |
+ iptables -t mangle -A PREROUTING -i $PHYS_DEV \! -d $IP -j MARK --set-mark 2 | |
+ fi | |
+ fi | |
+ done | |
+} | |
CONFIG_FILE="$1" | |
@@ -27,9 +94,6 @@ | |
warning_messages='' | |
-# Getting number of interfaces | |
-IFACE_COUNT=`xmlstarlet sel -t -v "count(/settings/network/iface)" $CONFIG_FILE` | |
- | |
# Getting domain name & host name | |
HOSTNAME=`xmlstarlet sel -t -v '/settings/network/resolv/hostname' $CONFIG_FILE` | |
if [ ${#HOSTNAME} -gt "60" ]; then | |
@@ -64,9 +128,13 @@ | |
exit 1 | |
fi | |
+# Getting number of interfaces | |
+IFACE_COUNT=`xmlstarlet sel -t -v "count(/settings/network/iface)" $CONFIG_FILE` | |
+VLAN_COUNT=`xmlstarlet sel -t -v "count(/settings/network/vlan)" $CONFIG_FILE` | |
# ---------- Setting up interfaces ---------- | |
$LOGGER "Found $IFACE_COUNT interfaces" | |
+$LOGGER "Found $VLAN_COUNT Vlans" | |
#iptables -P INPUT DROP | |
#iptables -P OUTPUT DROP | |
@@ -80,76 +148,39 @@ | |
log_progress_msg "$IFNAME" | |
$LOGGER "Configuring dev $IFNAME" | |
- if [ -n "`xmlstarlet sel -t -c \"/settings/network/iface[$i]/ipconf/dhcp\" $CONFIG_FILE`" ]; then | |
- $LOGGER "Settings for $IFNAME will be acquired by DHCP" | |
- | |
- #ifconfig $IFNAME up | |
- ip link set dev $IFNAME up | |
- | |
- REQUEST_OPTION="`xmlstarlet sel -t -v \"/settings/network/iface[$i]/ipconf/dhcp/@options\" $CONFIG_FILE`" | |
- | |
- UDHCPC_OPTIONS="-b -R -F \"$FQDN\" -o -T 4 -t 5 -A 10 $REQUEST_OPTION" | |
- | |
- if [ -f $FLR_FLAG_FILE ]; then | |
- UDHCPC_OPTIONS="-n -R -F \"$FQDN\" -o $REQUEST_OPTION" | |
- fi | |
- | |
- error_message="`udhcpc -S -i \"$IFNAME\" -h \"$HOSTNAME\" $UDHCPC_OPTIONS 2>&1`" | |
- exec_status=$? | |
- | |
- if [ "$exec_status" -ne "0" ]; then | |
- $LOGGER "Unable to obtain settings by DHCP for interface $IFNAME: [$error_message]." | |
- warning_messages="$warning_messages\nUnable to obtain settings by DHCP for interface $IFNAME: [$error_message]." | |
- fi | |
+ # Enable the interface | |
+ ip link set dev $IFNAME up | |
+ if [ -n "`xmlstarlet sel -t -c \"/settings/network/iface[$i]/trunk\" $CONFIG_FILE`" ]; then | |
continue | |
- fi | |
- | |
- IP="`xmlstarlet sel -t -v \"/settings/network/iface[$i]/ipconf/ip\" $CONFIG_FILE`" | |
- NETMASK="`xmlstarlet sel -t -v \"/settings/network/iface[$i]/ipconf/netmask\" $CONFIG_FILE`" | |
- PHYS_DEV="`echo $IFNAME | sed -e 's/:.*//'`" | |
- NETPREFIX="`ipcalc -p $IP $NETMASK | sed -e 's/PREFIX=//'`" | |
- NETADDR="`ipcalc -n $IP/$NETPREFIX | sed -e 's/NETWORK=//'`" | |
- BROADCAST="`ipcalc -b $IP/$NETPREFIX | sed -e 's/BROADCAST=//'`" | |
- $LOGGER "dev: $IFNAME ip: $IP, netmask: $NETMASK" | |
- | |
- if ! echo "$IFNAME" | grep -q ':'; then | |
- arptables -A INPUT -d $IP -i $IFNAME -j ACCEPT | |
- arptables -A OUTPUT -s $IP -o $IFNAME -j ACCEPT | |
- #iptables -A INPUT -i $IFNAME -d $IP -j ACCEPT | |
- #iptables -A OUTPUT -o $IFNAME -s $IP -j ACCEPT | |
- ip addr add $IP/$NETPREFIX broadcast $BROADCAST dev $IFNAME | |
- ip link set $IFNAME up | |
-# ip route flush dev $IFNAME | |
else | |
-# iptables -A INPUT -i $PHYS_DEV -d $IP -j ACCEPT | |
-# iptables -A OUTPUT -o $PHYS_DEV -s $IP -j ACCEPT | |
-# ip addr add $IP/$NETMASK dev $PHYS_DEV label $IFNAME | |
-# ip link set $PHYS_DEV up | |
-# ip route flush dev $PHYS_DEV | |
- continue | |
- fi | |
- | |
- if [ "$PHYS_DEV" != "eth0" ]; then | |
- | |
- if [ -f /var/run/skip_routing ]; then | |
- continue | |
- fi | |
- | |
- ip route flush dev $IFNAME | |
- $LOGGER "Adding route $NETADDR/$NETPREFIX dev $PHYS_DEV table 2" | |
- | |
- error_message="`ip route add $NETADDR/$NETPREFIX dev $PHYS_DEV table 2 2>&1`" | |
- exec_status=$? | |
- | |
- if [ "$exec_status" -ne "0" ]; then | |
- $LOGGER "Adding route [$NETADDR/$NETPREFIX] for device [$PHYS_DEV] in table [2] failed: [$error_message]." | |
- warning_messages="$warning_messages\nAdding route [$NETADDR/$NETPREFIX] for device [$PHYS_DEV] in table [2] failed: [$error_message]." | |
+ if [ -n "`xmlstarlet sel -t -c \"/settings/network/iface[$i]/ipconf/dhcp\" $CONFIG_FILE`" ]; then | |
+ configure_dhcp $IFNAME "iface[$i]" | |
+ else | |
+ configure_static $IFNAME "iface[$i]" | |
fi | |
+ fi | |
+done | |
- if [ $ENABLE_INTERNAL_ROUTING ]; then | |
- iptables -t mangle -A PREROUTING -i $PHYS_DEV \! -d $IP -j MARK --set-mark 2 | |
- fi | |
+for i in `seq 1 $VLAN_COUNT`; do | |
+ PARENT="`xmlstarlet sel -t -v \"/settings/network/vlan[$i]/parent\" $CONFIG_FILE`" | |
+ VLANID="`xmlstarlet sel -t -v \"/settings/network/vlan[$i]/vlanid\" $CONFIG_FILE`" | |
+ VLANNAME="$PARENT.$VLANID" | |
+ | |
+ log_progress_msg "$VLANNAME" | |
+ $LOGGER "Configuring vlan dev $VLANNAME" | |
+ | |
+ if [ ! -f /sys/class/net/$VLANNAME ]; then | |
+ # Create the VLAN interface | |
+ ip link add link $PARENT name $VLANNAME type vlan id $VLANID | |
+ fi | |
+ ip link set dev $VLANNAME up | |
+ | |
+ ## TODO: function to configure DHCP | |
+ if [ -n "`xmlstarlet sel -t -c \"/settings/network/vlan[$i]/ipconf/dhcp\" $CONFIG_FILE`" ]; then | |
+ configure_dhcp $VLANNAME "vlan[$i]" | |
+ else | |
+ configure_static $VLANNAME "vlan[$i]" | |
fi | |
done | |
@@ -161,7 +192,6 @@ | |
ip rule add fwmark 2/2 table 2 | |
fi | |
- | |
# ---------- Setting up routes ---------- | |
$LOGGER "Setting routes" | |
@@ -220,4 +250,4 @@ | |
else | |
# All OK | |
log_end_msg 0 | |
-fi | |
+fi | |
\ No newline at end of file | |
diff -urN --no-dereference -x run orig/etc/init.d/rc.S live/etc/init.d/rc.S | |
--- orig/etc/init.d/rc.S 2022-10-06 14:42:10.356151248 -0600 | |
+++ live/etc/init.d/rc.S 2023-02-20 14:04:06.106649836 -0700 | |
@@ -10,6 +10,12 @@ | |
# Let's begin boot! | |
$LOGGER "Entering on level: S" | |
+function shell_on_exit { | |
+ /bin/sh | |
+} | |
+ | |
+# trap shell_on_exit EXIT | |
+ | |
# Mounting system fs | |
if ! /etc/init.d/mount-sysfs.sh; then | |
critical_error "Unable to mount system filesystems, exiting" | |
diff -urN --no-dereference -x run orig/etc/init.d/read-settings.sh live/etc/init.d/read-settings.sh | |
--- orig/etc/init.d/read-settings.sh 2022-10-06 14:42:10.359151513 -0600 | |
+++ live/etc/init.d/read-settings.sh 2023-02-15 15:57:39.947335616 -0700 | |
@@ -7,55 +7,49 @@ | |
CONFIG_FILE="$1" | |
+mdev -s | |
+ | |
i=1 | |
item='<>' | |
LINE=$(cat /proc/cmdline) | |
while( [ -n "$item" ] ) do | |
-item=$(echo $LINE | cut -d" " -f$i) | |
-i=$((i+1)) | |
-itemPart=${item:0:11} | |
-if [ "$itemPart" = "configfile=" ] | |
-then | |
- | |
-INPUT_DEVICE=${item:11} | |
- | |
-log_daemon_msg "Override config input device" "$INPUT_DEVICE" | |
-$LOGGER "Override config input device: $INPUT_DEVICE" | |
-log_end_msg 0 | |
- | |
-mdev -s | |
-mkdir /media | |
-mkdir /media/veeam_appliance_config | |
- | |
-log_daemon_msg "blkid output:" "`blkid`" | |
-$LOGGER "blkid output:" "`blkid`" | |
-log_end_msg 0 | |
- | |
+ item=$(echo $LINE | cut -d" " -f$i) | |
+ i=$((i+1)) | |
+ itemPart=${item:0:11} | |
+ if [ "$itemPart" = "configfile=" ]; then | |
+ INPUT_DEVICE=${item:11} | |
+ | |
+ log_daemon_msg "Override config input device" "$INPUT_DEVICE" | |
+ $LOGGER "Override config input device: $INPUT_DEVICE" | |
+ log_end_msg 0 | |
+ | |
+ mkdir /media | |
+ mkdir /media/veeam_appliance_config | |
+ | |
+ log_daemon_msg "blkid output:" "`blkid`" | |
+ $LOGGER "blkid output:" "`blkid`" | |
+ log_end_msg 0 | |
+ | |
+ if blkid --uuid '567B-25D1'; then | |
+ # take only first disk | |
+ DEV_NAME=$(blkid --uuid '567B-25D1' | head -n 1) | |
+ elif blkid | grep '559E-A8C7'; then | |
+ # take only first disk | |
+ DEV_NAME=$(blkid --uuid '559E-A8C7' | head -n 1) | |
+ else | |
+ log_daemon_msg "Config input device" "not found by UUID, fallback to /dev/sda2" | |
+ $LOGGER "Config input device: not found by UUID, fallback to /dev/sda2" | |
+ DEV_NAME=/dev/sda2 | |
+ fi | |
+ mount -t vfat -o ro,utf8 $DEV_NAME /media/veeam_appliance_config 2>&1 | head -n 5 | |
-if blkid --uuid '567B-25D1' | |
-then | |
- # take only first disk | |
- DEV_NAME=$(blkid --uuid '567B-25D1' | head -n 1) | |
-elif blkid | grep '559E-A8C7' | |
-then | |
- # take only first disk | |
- DEV_NAME=$(blkid --uuid '559E-A8C7' | head -n 1) | |
-else | |
- log_daemon_msg "Config input device" "not found by UUID, fallback to /dev/sda2" | |
- $LOGGER "Config input device: not found by UUID, fallback to /dev/sda2" | |
- DEV_NAME=/dev/sda2 | |
-fi | |
- | |
-mount -t vfat -o ro,utf8 $DEV_NAME /media/veeam_appliance_config 2>&1 | head -n 5 | |
- | |
-break | |
- | |
-fi | |
+ break | |
+ fi | |
done; | |
-DTD_FILE="/var/run/settings.dtd" | |
+DTD_FILE="/var/run/settings.dtd" | |
# ------------------------------------ | |
log_daemon_msg "Reading settings" "`basename $0`" | |
diff -urN --no-dereference -x run orig/etc/init.d/set-up-passwords.sh live/etc/init.d/set-up-passwords.sh | |
--- orig/etc/init.d/set-up-passwords.sh 2022-10-06 14:42:10.359151513 -0600 | |
+++ live/etc/init.d/set-up-passwords.sh 2023-02-15 15:04:34.627367630 -0700 | |
@@ -76,7 +76,7 @@ | |
$LOGGER < /etc/group | |
# Adding OpenSSH user and group | |
-$LOGGER "Adding OpenSSH privelege separation user and group" | |
+$LOGGER "Adding OpenSSH privilege separation user and group" | |
echo "sshd:x:50:" >> /etc/group | |
echo "sshd:x:50:50:sshd PrivSep:/var/lib/sshd:/bin/false" >> /etc/passwd | |
echo "sshd:!:1:0:99999:7:::" >> /etc/shadow | |
diff -urN --no-dereference -x run orig/var/dtd/settings.dtd live/var/dtd/settings.dtd | |
--- orig/var/dtd/settings.dtd 2022-10-06 14:42:09.815103570 -0600 | |
+++ live/var/dtd/settings.dtd 2023-02-16 10:34:45.045370591 -0700 | |
@@ -1,12 +1,10 @@ | |
-<?xml version="1.0" encoding="UTF-8" ?> | |
- | |
<!ELEMENT settings (preboot_commands, network, nat?, web?, dhcp_daemons?, passwd, ssh_settings?, postboot_commands)> | |
-<!ATTLIST settings version CDATA #REQUIRED> | |
+ <!ATTLIST settings version CDATA #REQUIRED> | |
<!ELEMENT preboot_commands (command*)> | |
<!ELEMENT command (#PCDATA)> | |
<!ATTLIST command required CDATA #REQUIRED> | |
- <!ELEMENT network (iface+, routes, resolv)> | |
- <!ELEMENT iface (dev, hwaddr?, ipconf)> | |
+ <!ELEMENT network (iface+, routes, resolv, vlan*)> | |
+ <!ELEMENT iface (dev, hwaddr?, (ipconf* | trunk))> | |
<!ELEMENT dev (#PCDATA)> | |
<!ELEMENT hwaddr (#PCDATA)> | |
<!ELEMENT ipconf ((ip, netmask)|dhcp)> | |
@@ -14,16 +12,20 @@ | |
<!ELEMENT netmask (#PCDATA)> | |
<!ELEMENT dhcp EMPTY> | |
<!ATTLIST dhcp options CDATA #REQUIRED> | |
- <!ELEMENT routes (route*)> | |
- <!ELEMENT route (#PCDATA)> | |
- <!ELEMENT resolv (hostname, domain, nameservers, hosts)> | |
- <!ELEMENT hostname (#PCDATA)> | |
- <!ELEMENT domain (#PCDATA)> | |
- <!ELEMENT nameservers (nameserver*)> | |
- <!ELEMENT nameserver (#PCDATA)> | |
- <!ELEMENT hosts (host*)> | |
- <!ELEMENT host (ip, name)> | |
- <!ELEMENT name (#PCDATA)> | |
+ <!ELEMENT trunk EMPTY> | |
+ <!ELEMENT routes (route*)> | |
+ <!ELEMENT route (#PCDATA)> | |
+ <!ELEMENT resolv (hostname, domain, nameservers, hosts)> | |
+ <!ELEMENT hostname (#PCDATA)> | |
+ <!ELEMENT domain (#PCDATA)> | |
+ <!ELEMENT nameservers (nameserver*)> | |
+ <!ELEMENT nameserver (#PCDATA)> | |
+ <!ELEMENT hosts (host*)> | |
+ <!ELEMENT host (ip, name)> | |
+ <!ELEMENT name (#PCDATA)> | |
+ <!ELEMENT vlan (vlanid, ipconf*, parent)> | |
+ <!ELEMENT vlanid (#PCDATA)> | |
+ <!ELEMENT parent (#PCDATA)> | |
<!ELEMENT nat (enable_internal_routing, map*, netmap*, netmap2*)> | |
<!ELEMENT enable_internal_routing (#PCDATA)> | |
<!ELEMENT map (src, src_dev, dst, dst_dev)> | |
@@ -77,4 +79,4 @@ | |
<!ELEMENT userlist (#PCDATA)> | |
<!ELEMENT ssh_settings (rsa_private_key)> | |
<!ELEMENT rsa_private_key (#PCDATA)> | |
- <!ELEMENT postboot_commands (command*)> | |
+ <!ELEMENT postboot_commands (command*)> | |
\ No newline at end of file |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment