-
Notifications
You must be signed in to change notification settings - Fork 2
/
zz-dropbear-init-fix
executable file
·141 lines (124 loc) · 4.5 KB
/
zz-dropbear-init-fix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
#!/bin/sh
# *****************************
# A script to fix the inconsistency found in dropbear-initramfs package in Ubuntu 18.04.x
# https://github.com/HRomie/dropbear-init-fix
#
# Hamy - https://hamy.io
# *****************************
# Any error, should result in script failure
set -e
PREREQ="dropbear"
DB_INIT_BTM_ORG="$DESTDIR/scripts/init-bottom/dropbear"
DB_INIT_BTM_TMP="$DESTDIR/scripts/init-bottom/dropbear-init-fix.tmp"
COMMANDS_LIST="md5sum cut cp patch mv"
OLD_IFS="$IFS"
DB_INIT_VER=""
TMP_FILE_STATUS=0
# Handles errors
error_out()
{
echo "************* WARNING *************"
echo "$1"
# If we have created the tmp file, it's time to delete it
if [ $TMP_FILE_STATUS -eq 1 ]; then
rm "$DB_INIT_BTM_TMP" || echo "Could not delete \"$DB_INIT_BTM_TMP\""
fi
echo "\"$0\" will not be applied"
echo "***********************************"
# exit code is always 0 so it wouldn't stop the initram build.
# This means that worst case scenario, this script would simply
# act as if it hadn't been existed.
exit 0
}
# Calculating md5 hashes
md5hash()
{
echo $(md5sum "$1" | cut -d ' ' -f 1)
}
# Handles the prereqs functionality of the initramfs-tools
prereqs()
{
echo "$PREREQ"
}
# Protect the script from direct execution
if [ -z "$DESTDIR" ]; then
echo "Error: This script is not be run directly" >&2
exit 1
fi
# Handles the prereqs functionality of the initramfs-tools
case $1 in
prereqs)
prereqs
exit 0
;;
esac
# Ensuring all the required commands exist
IFS=" "
for i in $COMMANDS_LIST; do
if ! command -v $i >/dev/null; then
error_out "\"$i\" command not be found in PATH (how is that even possible?)"
fi
done
IFS="$OLD_IFS"
# We need to import the provided hook functions
[ -r /usr/share/initramfs-tools/hook-functions ] || error_out "Could not find the hook functions"
. /usr/share/initramfs-tools/hook-functions
# Testing the presence of dropbear init-bottom script
[ -x "$DB_INIT_BTM_ORG" ] || error_out "Could not find dropbear init-bottom script (is dropbear-initramfs installed?)"
[ -h "$DB_INIT_BTM_ORG" ] && error_out "dropbear init-bottom script is a symlink (why?)"
# Supported versions must be specifically added here. This is to reduce the chance
# of breaking things after an upgrade to dropbear-initramfs. If the script in question
# doesn't change between upgrades though, it might still work.
case "$(md5hash $DB_INIT_BTM_ORG)" in
# v2017.75-3build1
506f966b4f3df7fdb41f98d5d54fd9e4)
DB_INIT_VER=75
;;
*)
error_out "dropbear init-bottom script hash did not match. This is probably due to updates to dropbear-initramfs package. This calls for a new evaluation of the script (the patch might not be needed anymore)."
;;
esac
# We do the patching on a tmp file first
[ -e "$DB_INIT_BTM_TMP" ] && error_out "destination tmp file already exists"
if ! cp -p "$DB_INIT_BTM_ORG" "$DB_INIT_BTM_TMP"; then
error_out "Could not create the tmp file"
fi
TMP_FILE_STATUS=1
# This is where the magic happens. Basically, it fixes the
# offending commands in dropbear init-bottom script (the arguments
# originally used in those commands, require a busybox build with
# the support of extended options). Based on the supported versions,
# we patch them and to top it off, we check the md5 hash of the pacthed
# file.
case $DB_INIT_VER in
75)
# This patch is ported from dropbear-initramfs 2018.76-5 in debian 10
if ! patch -s "$DB_INIT_BTM_TMP" <<'EOF'
@@ -28,2 +28,2 @@
- ps -o ppid= -o pid= -o pgid= | \
- sed -nr "s/^\s*$PID\s+([0-9]+)\s+\1\s*$/\1/p" | \
+ sed -nr "s/^([0-9]+) \\(.*\\) \\S $PID \\1 .*/\\1/p" \
+ /proc/[0-9]*/stat 2>/dev/null | \
@@ -33,2 +33,2 @@
- ps -o ppid= -o pid= | \
- sed -nr "s/^\s*$PID\s+([0-9]+)\s*$/\1/p" | \
+ sed -nr "s/^([0-9]+) \\(.*\\) \\S $PID [0-9]+ .*/\\1/p" \
+ /proc/[0-9]*/stat 2>/dev/null | \
EOF
then
error_out "could not apply the patch"
fi
[ "$(md5hash $DB_INIT_BTM_TMP)" = "5424920866450179ec08b486eb60f531" ] || error_out "patch hash mismatch"
;;
*)
error_out "Could not match against any valid patch (This should have never happened)"
;;
esac
# Now it should be safe to replace the original dropbear init-bottom script.
# This is the last step and it really should not fail at this point, but if it does,
# we're not going to handle it. Instead, we let the script fail so initram build is stopped.
# That way the user can investigate wth is going on.
mv -f "$DB_INIT_BTM_TMP" "$DB_INIT_BTM_ORG"
TMP_FILE_STATUS=2
# And we are done!
echo "successfully applied: $0"