1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
|
#!/bin/sh
set -e
. /usr/share/debconf/confmodule
INTERFACES=$(grep : /proc/net/dev | cut -d':' -f1 | sort | sed -e 's/ *//' | grep -E '^(en|eth|nas|tap|nic-)')
db_get ppp/interface
PPPOE="$RET"
db_capb backup
log() {
logger -t DEBUG:ppp-udeb $*
}
fail() {
logger -t FAIL:ppp-udeb $*
}
ppp_concentrator_on() {
db_subst ppp/detect_progress IFACE "${1}" || true
if [ -z "$(ip link show $1 up)" ]; then
log "$1 was not configured. ppp-udeb will bring it up"
PPPUP=yes
ip link set $1 up
else
log "$1 was already up"
PPPUP=no
fi
MAXWAIT=20; IW=5; TOTWAIT=$(($MAXWAIT + $MAXWAIT + $IW))
R=0
db_progress START 0 $TOTWAIT ppp/detect_progress
for P in "" "-U" ; do
rm -f /tmp/probe-finished /tmp/ppp-errors
( R=$(pppoe-discovery -A $P -I $1 2>/tmp/ppp-errors | \
grep AC | wc -l)
echo $R > /tmp/probe-finished ) &
WAIT=0
TO=0
while [ ! -f /tmp/probe-finished ]; do
log "Timeout detected $TO"
sleep 1
db_progress STEP 1
WAIT=$(($WAIT + 1))
if [ $WAIT -ge $MAXWAIT ]; then
touch /tmp/probe-finished
fi
TO=$(grep Timeout /tmp/ppp-errors 2>/dev/null | wc -l || true)
if [ $TO -eq 1 ]; then
touch /tmp/probe-finished
break
fi
log "pppoe probe output size: $(cat /tmp/probe-finished 2> /dev/null)"
done
R=$(cat /tmp/probe-finished 2>/dev/null || true)
if [ -n "$R" -a 1$R -ne 10 ]; then
break
fi
if [ -z "$P" ]; then
sleep $IW
db_progress STEP $IW
fi
done
PROCESS=$(ps -A | grep pppoe-discovery | sed s:^[[:space:]]::g | \
cut -f1 -d' ' || true)
if [ $TO -ne 1 -a "$PROCESS" ]; then
kill $PROCESS
fi
rm -f /tmp/probe-finished /tmp/ppp-errors
db_progress STOP
if [ -n "$R" -a 1$R -ne 10 ]; then
return 0
else
return 1
fi
}
reset_if_needed() {
# Bring down an earlier pppoe connection, if there is one
if [ -e $PIDF ]
then
PID=$(cat $PIDF)
log "found PID file $PIDF which refers to process $PID; searching for the pppd process"
if [ -z "$(ps | grep "^\s*$PID" | sed "s/^\s*$PID\s.*$/$PID/")" ]
then
log "$PID not found; removing pid file"
else
log "$PID found; killing it and removing pid file"
kill $PID || true
fi
rm -f $PIDF
fi
# Bring down previously raised interface
if [ "$PPPOE" != "_" ]; then
ip link set "$PPPOE" down
db_set ppp/interface "_"
fi
}
valid_hostname() {
if [ $(echo -n "$1" | wc -c) -lt 2 ] ||
[ $(echo -n "$1" | wc -c) -gt 63 ] ||
[ "$(echo -n "$1" | sed 's/[^-\.[:alnum:]]//g')" != "$1" ] ||
[ "$(echo -n "$1" | grep "\(^-\|-$\)")" ]; then
return 1
fi
return 0
}
# Sanity check: we rely on some netcfg functionality but cannot depend on it;
# netcfg should always be present, but bail out if it is not
if [ ! -e /bin/netcfg ]; then
fail "required package netcfg is not installed"
exit 1
fi
# Bring up the loopback interface
if [ -z "$(ip link show lo up)" ]; then
ip link set lo up
ip addr flush dev lo
ip addr add 127.0.0.1/8 dev lo
fi
if [ -z "$INTERFACES" ]; then
fail "no Ethernet interfaces detected"
db_input critical ppp/detect_failed || true
db_go || true
exit 1
fi
PIDF=/var/run/ppp-udeb.pid
reset_if_needed
# Test each of the interfaces for a concentrator; stop when one is found
for IFACE in $INTERFACES; do
if ppp_concentrator_on $IFACE; then
log "setting pppoe connection on $IFACE"
db_set ppp/interface $IFACE
break
else
if [ "$PPPUP" = yes ]; then
log "no concentrator found on $IFACE; will bring the interface back down"
ip link set $IFACE down
else
log "ppp-udeb no concentrator found on $IFACE"
fi
IFACE=''
fi
done
if [ -z "$IFACE" ]; then
fail "no concentrators detected"
db_input critical ppp/no_concentrators || true
db_go || true
exit 1
fi
db_input high ppp/username || true
db_go || exit 10
db_get ppp/username
USERNAME="$RET"
db_input high ppp/password || true
db_go || exit 10
db_get ppp/password
PASSWORD="$RET"
# Clear answers in case the script is run a second time
db_unregister ppp/password
db_unregister ppp/username
# Ask for the hostname and domainname to use for the system
# (using the netcfg templates!)
while true; do
db_input high netcfg/get_hostname || [ $? -eq 30 ]
db_input high netcfg/get_domain || [ $? -eq 30 ]
db_go || exit 10
db_get netcfg/get_hostname
HOSTNAME="$RET"
if valid_hostname "$HOSTNAME"; then
db_get netcfg/get_domain
DOMAINNAME="$RET"
break
else
db_input high netcfg/invalid_hostname || true
db_fset netcfg/get_hostname seen false
fi
done
# FIXME: lo snippet should not be ppp-udeb's job
cat > /etc/network/interfaces <<EOF
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# This configuration stanza prevents ifupdown-aware network daemons
# like NetworkManager from managing the interface which is used for
# the PPPoE connection
iface $IFACE inet manual
# PPPoE connection
auto provider
iface provider inet ppp
pre-up /bin/ip link set $IFACE up
provider provider
EOF
# Set hostname and create a basic /etc/hosts file
echo "127.0.0.1 localhost" > /etc/hosts
if [ "$HOSTNAME" ]; then
echo "$HOSTNAME" >/etc/hostname
if [ "$DOMAINNAME" ]; then
echo -e "127.0.1.1\t$HOSTNAME.$DOMAINNAME\t$HOSTNAME" >> /etc/hosts
else
echo -e "127.0.1.1\t$HOSTNAME" >> /etc/hosts
fi
fi
cat >> /etc/hosts <<EOF
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
EOF
cat <<EOF > /etc/ppp/peers/provider
# kernel space PPPoE driver configuration
#
# See the manual page pppd(8) for information on all the options.
# MUST CHANGE: Uncomment the following line, replacing the user@provider.net
# by the DSL user name given to your by your DSL provider.
# There should be a matching entry with the password in /etc/ppp/pap-secrets
# and/or /etc/ppp/chap-secrets.
#user "myusername@myprovider.net"
user "$USERNAME"
#linkname provider
#debug
# Load the pppoe plugin. Change the ethernet interface name if needed.
plugin rp-pppoe.so
$IFACE
# Assumes that your IP address is allocated dynamically by the ISP.
noipdefault
# Try to get the name server addresses from the ISP.
usepeerdns
# Use this connection as the default route.
# Comment out if you already have the correct default route installed.
defaultroute
# Make sure that sensitive data does not get into the logs
hide-password
# Peer should be alive
lcp-echo-interval 20
lcp-echo-failure 3
# Makes pppd "dial again" when the connection is lost.
persist
# Do not ask the remote to authenticate.
noauth
# RFC 2516, paragraph 7 mandates that the following options MUST NOT be
# requested and MUST be rejected if requested by the peer:
# Address-and-Control-Field-Compression (ACFC)
noaccomp
# Asynchronous-Control-Character-Map (ACCM)
default-asyncmap
# Do not try to negotiate other kinds of compression.
nopcomp
noccp
novj
EOF
: > /etc/ppp/pap-secrets
chmod 600 /etc/ppp/pap-secrets
cat <<EOF > /etc/ppp/pap-secrets
#GENERATED-BY-DEBIAN-INSTALLER#
"$USERNAME" * "$PASSWORD"
EOF
cp /etc/ppp/pap-secrets /etc/ppp/chap-secrets
log-output -t depmod
log-output -t ppp-udeb modprobe pppoe
log-output -t ppp-udeb pppd call provider
sleep 1 # allow forking
PID=`ps | grep 'call provider' | grep pppd | sed 's:\s*\([0-9]*\).*$:\1:g'`
echo $PID > $PIDF
STEP=0
db_progress START 0 31 ppp/please_wait
log "Waiting for message from pppd[$PID]"
while [ "$STEP" -lt 30 ]
do
ANSWER=$(grep -E "pppd\[$PID\]:.(PAP|CHAP)\ authentication\ (failed|succeeded)" /var/log/syslog | tail -n 1 | sed -e 's:^.*\(failed\).*$:\1:g' -e 's:^.*\(succeeded\).*$:\1:g')
if [ "$ANSWER" = "succeeded" ] || [ "$ANSWER" = "failed" ]
then
STEP=30
log "got result: authentication $ANSWER"
else
log "Answer unknown"
fi
sleep 1
STEP=$(expr $STEP + 1)
db_progress STEP 1
done
db_progress STOP
if [ "$ANSWER" = "failed" ]; then
fail "authentication failed"
(rm -f $PIDF && kill $PID) || true 2> /dev/null
db_input critical ppp/wrong_login || true
db_go || true
exit 1
elif [ -z "$ANSWER" ] && [ "$STEP" -ge 30 ]; then
fail "unhandled error detected"
(rm -f $PIDF && kill $PID) || true 2>/dev/null
db_input critical ppp/unhandled || true
db_go || true
exit 1
else
# Handle a fallback DNS
if ! [ -s /etc/resolv.conf ] && db_get netcfg/get_nameservers; then
for nameserver in $RET; do
echo "nameserver $nameserver" >>/etc/resolv.conf
done
fi
fi
exit 0
|
