3
# This script will be run by 'mkinitramfs' when it creates the image.
4
# Its job is to decide which files to install, then install them into
5
# the staging area, where the initramfs is being created. This
6
# happens when a new 'linux-image' package is installed, or when the
7
# administrator runs 'update-initramfs' by hand to update an initramfs
10
# The environment contains at least:
12
# DESTDIR -- The staging directory where the image is being built.
14
# No initramfs pre-requirements
30
. /usr/share/initramfs-tools/hook-functions
32
for d in /usr /usr/local; do
33
if [ -d "$d"/lib/mandos ]; then
38
if [ -z "$prefix" ]; then
43
for d in /etc/keys/mandos /usr/local/lib/mandos/keys; do
49
if [ -z "$keydir" ]; then
50
# Mandos key directory not found
54
# The Mandos network client uses the network
56
# The Mandos network client uses IPv6
59
# These are directories inside the initrd
60
CONFDIR="/conf/conf.d/mandos"
61
MANDOSDIR="/lib/mandos"
62
PLUGINDIR="${MANDOSDIR}/plugins.d"
65
mkdir --parents "${DESTDIR}${CONFDIR}"
66
mkdir --parents "${DESTDIR}${PLUGINDIR}"
68
# Copy the Mandos plugin runner
69
copy_exec "$prefix"/lib/mandos/plugin-runner "${MANDOSDIR}"
73
# Copy the packaged plugins
74
for file in "$prefix"/lib/mandos/plugins.d/*; do
75
base="`basename \"$file\"`"
76
# Is this plugin overridden?
77
if [ -e "/etc/mandos/plugins.d/$base" ]; then
81
*~|.*|\#*\#|*.dpkg-old|*.dpkg-new|*.dpkg-divert) : ;;
83
*) copy_exec "$file" "${PLUGINDIR}";;
87
# Copy any user-supplied plugins
88
for file in /etc/mandos/plugins.d/*; do
89
base="`basename \"$file\"`"
91
*~|.*|\#*\#|*.dpkg-old|*.dpkg-new|*.dpkg-divert) : ;;
93
*) copy_exec "$file" "${PLUGINDIR}";;
97
# GPGME needs /usr/bin/gpg
98
if ! [ -e "${DESTDIR}/usr/bin/gpg" ] \
99
&& [ -n "`ls \"${DESTDIR}\"/usr/lib/libgpgme.so* 2>/dev/null`" ]; then
100
copy_exec /usr/bin/gpg
103
# Config files and key files
104
for file in /etc/mandos/* "$keydir"/*; do
105
if [ -d "$file" ]; then
108
cp --archive --sparse=always "$file" "${DESTDIR}${CONFDIR}"
111
# /lib/mandos/plugin-runner will drop priviliges, but needs access to
112
# its plugin directory and its config file. However, since almost all
113
# files in initrd have been created with umask 027, this opening of
114
# permissions is needed.
116
# (The umask is not really intended to affect the files inside the
117
# initrd; it is intended to affect the initrd.img file itself, since
118
# it now contains secret key files. There is, however, no other way
119
# to set the permission of the initrd.img file without a race
120
# condition. This umask is set by "initramfs-tools-hook-conf",
121
# installed as "/usr/share/initramfs-tools/conf-hooks.d/mandos".)
123
for full in "${PLUGINDIR}" "${CONFDIR}"; do
124
while [ "$full" != "/" ]; do
125
chmod a+rX "${DESTDIR}$full"
126
full="`dirname \"$full\"`"
130
# Reset some other things to sane permissions which we have
131
# inadvertently affected with our umask setting.
132
for dir in / /bin /etc /keyscripts /sbin /scripts /usr /usr/bin; do
133
if [ -d "${DESTDIR}$dir" ]; then
134
chmod a+rX "${DESTDIR}$dir"
137
for dir in /lib /usr/lib; do
138
find "${DESTDIR}$dir" \! -perm /u+rw,g+r -prune -o -print0 \
139
| xargs --null --no-run-if-empty chmod a+rX
added
removed
initramfs-tools-hook
