xref: /dragonfly/nrelease/root/etc/rc.d/pfi (revision e75b5286) 
1#!/bin/sh
2
3# $Id: pfi,v 1.12 2005/03/07 06:18:21 cpressey Exp $
4#
5
6# PROVIDE: pfi
7# REQUIRE: mountcritremote
8
9. /etc/rc.subr
10
11name=pfi
12start_cmd="pfi_start"
13stop_cmd=":"
14
15get_pfi_config()
16{
17	[ -r /etc/pfi.conf ] && return 0
18
19	if [ -r $1/pfi.conf ]; then
20		echo " found!"
21		tr -d "\r" < $1/pfi.conf > /etc/pfi.conf
22		echo "pfi_found_on_device='$2'" >> /etc/pfi.conf
23
24		# If the pfi.conf says to run a custom script from the pfi
25		# media, run it now, so that it has access to the pfi media.
26
27		if [ -r /etc/defaults/pfi.conf ]; then
28			. /etc/defaults/pfi.conf
29		fi
30		. /etc/pfi.conf
31		if [ "$pfi_script" != "" -a -x "$1/$pfi_script" ]; then
32			$1/$pfi_script
33		fi
34		return 0
35	else
36		return 1
37	fi
38}
39
40get_authorized_hosts()
41{
42	[ -r /root/.ssh/authorized_hosts ] && return 0
43	if [ -r $1/authorized_hosts ]; then
44		echo "authorized_hosts found!"
45		mkdir -p /root/.ssh/
46		tr -d "\r" < $1/authorized_hosts > /root/.ssh/authorized_hosts
47	fi
48}
49
50get_authorized_keys()
51{
52	[ -r /root/.ssh/authorized_keys ] && return 0
53	if [ -r $1/authorized_keys ]; then
54		echo "authorized_keys found!"
55		mkdir -p /root/.ssh/
56		tr -d "\r" < $1/authorized_keys > /root/.ssh/authorized_keys
57	fi
58}
59
60look_for_pfi_config_msdos()
61{
62	[ -r /etc/pfi.conf ] && return 0
63
64	for try_device in da0s1 da1s1 da8s1 fd0 fd1; do
65		if [ -c /dev/${try_device} ]; then
66			echo -n "Looking for pfi.conf on /dev/${try_device}..."
67			if mount_msdos -o rdonly /dev/$try_device /mnt ; then
68				echo -n " /dev/$try_device ok..."
69				if get_pfi_config /mnt /dev/$try_device; then
70					get_authorized_hosts /mnt
71					get_authorized_keys /mnt
72					umount /mnt
73					return 0
74				fi
75				umount /mnt
76			fi
77			echo " not found"
78		fi
79	done
80	return 1
81}
82
83look_for_pfi_config_cd9660()
84{
85	[ -r /etc/pfi.conf ] && return 0
86
87	for try_device in acd0 cd0 acd1 cd1; do
88		if [ -c /dev/${try_device} ]; then
89			echo -n "Looking for pfi.conf on /dev/${try_device}..."
90			if mount_cd9660 /dev/$try_device /mnt ; then
91				echo -n " /dev/$try_device ok..."
92				if get_pfi_config /mnt /dev/$try_device; then
93					get_authorized_hosts /mnt
94					get_authorized_keys /mnt
95					umount /mnt
96					return 0
97				fi
98				umount /mnt
99			fi
100			echo " not found"
101		fi
102	done
103	return 1
104}
105
106pfi_start()
107{
108	echo "Starting pfi..."
109
110	# Get the pfi.conf file off the pfi media and into /etc/pfi.conf.
111
112	look_for_pfi_config_cd9660
113	look_for_pfi_config_msdos
114
115	# If the search was not successful, stub out a dummy pfi.conf.
116
117	if [ ! -r /etc/pfi.conf ]; then
118		echo '' >/etc/pfi.conf
119	fi
120
121	# Append the contents of pfi.conf onto rc.conf, so that settings
122	# (such as ifconfig_dc0="DHCP") will be picked up by pfi_rc_actions.
123
124	cp /etc/rc.conf /etc/rc.conf.orig
125	cat /etc/pfi.conf >>/etc/rc.conf
126
127	# Read in the pfi.conf we either found or created for ourselves.
128
129	if [ -r /etc/defaults/pfi.conf ]; then
130		. /etc/defaults/pfi.conf
131	fi
132	. /etc/pfi.conf
133
134	# We can perform any pre-install tasks here by
135	# examining the contents of pfi_* variables.
136
137	# Interpret pfi_sshd_* options.  These basically add settings
138	# to /etc/ssh/sshd_config; it is assumed "sshd" will appear
139	# in pfi_rc_actions to restart sshd.
140
141	case ${pfi_sshd_permit_root_login} in
142	YES)
143		echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
144		;;
145	without-password)
146		echo "PermitRootLogin without-password" >> /etc/ssh/sshd_config
147		;;
148	forced-commands-only)
149		echo "PermitRootLogin forced-commands-only" >> /etc/ssh/sshd_config
150		;;
151	*)
152		;;
153	esac
154
155	case ${pfi_sshd_permit_empty_passwords} in
156	YES)
157		echo "PermitEmptyPasswords yes" >> /etc/ssh/sshd_config
158		;;
159	*)
160		;;
161	esac
162
163	# Interpret pfi_set_root_password.  If it is not empty, use
164	# it to set root's LiveCD password.
165
166	if [ "X$pfi_set_root_password" != "X" ]; then
167		echo "$pfi_set_root_password" | \
168		    /usr/sbin/pw usermod root -h 0
169	fi
170
171	# The most important pre-install task is to restart
172	# any RCNG scripts listed in pfi_rc_actions with any new
173	# settings that might have been set up by pfi.conf.
174
175	if [ "X$pfi_rc_actions" != "X" ]; then
176		rev_actions=`reverse_list $pfi_rc_actions`
177
178		for _rc_elem in ${rev_actions}; do
179			echo "Stopping ${_rc_elem}..."
180			rcstop ${_rc_elem}
181		done
182		for _rc_elem in ${pfi_rc_actions}; do
183			echo "Starting ${_rc_elem}..."
184			rcstart ${_rc_elem}
185		done
186	fi
187
188	# Restore the original rc.conf.
189
190	mv /etc/rc.conf.orig /etc/rc.conf
191
192	# Set up auto-login if requested.
193
194	if [ "X$pfi_autologin" != "XNONE" ]; then
195		echo 'AL.pfi:\' >> /etc/gettytab
196		echo "        :al=${pfi_autologin}:tc=Pc:" >> /etc/gettytab
197		sed -i '' 's|^ttyv0.*|ttyv0 "/usr/libexec/getty AL.pfi" cons25 on secure|' /etc/ttys
198	fi
199
200	# Finally, start thttpd if the user wants to use
201	# the cgi frontend.
202
203	if [ "X$pfi_frontend" = "Xcgi" ]; then
204		echo "Starting thttpd..."
205		/usr/local/sbin/thttpd_wrapper &
206	fi
207}
208
209load_rc_config $name
210run_rc_command "$1"
211