File: dropbear-hook

package info (click to toggle)
dropbear 2012.55-1.3
  • links: PTS
  • area: main
  • in suites: wheezy
  • size: 7,556 kB
  • sloc: ansic: 67,976; sh: 3,159; makefile: 645; perl: 409; asm: 30
file content (56 lines) | stat: -rw-r--r-- 2,082 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
 
#!/bin/sh

PREREQ=""

prereqs() {
	echo "$PREREQ"
}

case "$1" in
	prereqs)
		prereqs
		exit 0
	;;
esac

. "${CONFDIR}/initramfs.conf"
. /usr/share/initramfs-tools/hook-functions

# Install dropbear if explicitly enabled, or in case of a cryptroot setup if not explicitly disabled
if [ "${DROPBEAR}" = "y" ] || ( [ "${DROPBEAR}" != "n" ] && [ -r "/etc/crypttab" ] ); then
	if [ ! -x "/usr/sbin/dropbear" ]; then
		if [ "${DROPBEAR}" = "y" ]; then
			echo "dropbear: FAILURE: Dropbear not found!"
		else
			echo "dropbear: WARNING: Dropbear not found, remote unlocking of cryptroot via ssh won't work!"
		fi
	else
		rm -f "${DESTDIR}/sbin/dropbear"
		copy_exec "/usr/sbin/dropbear" "/sbin/"
		LIBC_DIR=$(ldd /usr/sbin/dropbear | sed -n -e 's,.* => \(/lib.*\)/libc\.so\..*,\1,p')
		for so in $(find "${LIBC_DIR}" -name 'libnss_compat*'); do
			copy_exec "${so}"
		done
		echo 'passwd: compat' > "${DESTDIR}/etc/nsswitch.conf"
		echo "root:x:0:0:root:/root:/bin/sh" > "${DESTDIR}/etc/passwd"
		for keytype in "dss" "rsa"; do
			if [ ! -f "/etc/initramfs-tools/etc/dropbear/dropbear_${keytype}_host_key" ]; then
				mkdir -p "/etc/initramfs-tools/etc/dropbear"
				dropbearkey -t "${keytype}" -f "/etc/initramfs-tools/etc/dropbear/dropbear_${keytype}_host_key"
			fi
		done
		cp -R /etc/initramfs-tools/etc/dropbear "${DESTDIR}/etc/"
		if [ ! -f "/etc/initramfs-tools/root/.ssh/authorized_keys" ]; then
			mkdir -p "/etc/initramfs-tools/root/.ssh"
			if [ ! -f "/etc/initramfs-tools/root/.ssh/id_rsa.pub" ]; then
				dropbearkey -t rsa -f /etc/initramfs-tools/root/.ssh/id_rsa.dropbear
				/usr/lib/dropbear/dropbearconvert dropbear openssh /etc/initramfs-tools/root/.ssh/id_rsa.dropbear /etc/initramfs-tools/root/.ssh/id_rsa
				dropbearkey -y -f /etc/initramfs-tools/root/.ssh/id_rsa.dropbear | grep "^ssh-rsa " > /etc/initramfs-tools/root/.ssh/id_rsa.pub
			fi
			cat /etc/initramfs-tools/root/.ssh/id_rsa.pub >> /etc/initramfs-tools/root/.ssh/authorized_keys
		fi
		mkdir -p "${DESTDIR}/root/.ssh"
		cp /etc/initramfs-tools/root/.ssh/authorized_keys "${DESTDIR}/root/.ssh/"
	fi
fi