Warning!

--- a/TODO	Mon Apr 16 18:29:04 2007 +0200
+++ b/TODO	Mon Apr 16 19:10:52 2007 +0200
@@ -6,7 +6,7 @@ TODO list for grml-debootstrap
   * grml-etc-core
   * grml-x + xserver-xorg [configuration of X]
 * support selection between DESKTOP/WORKSTATION and SERVER (provide default packages selection)
-* support *full* automatic installation where not a single keypress is necessary (in progress)
+* support *full* automatic installation where not a single keypress is necessary (done)
   -> support bootoption debian2hd for installation through bootoption on live-cd
 * support for LVM + SW-RAID [should work through installation into directory, needs testing though]
 * support rpmstrap (bootstrap a basic RPM-based system)

--- a/chroot-script	Mon Apr 16 18:29:04 2007 +0200
+++ b/chroot-script	Mon Apr 16 19:10:52 2007 +0200
@@ -4,7 +4,7 @@
 # Authors:       grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
 # Bug-Reports:   see http://grml.org/bugs/
 # License:       This file is licensed under the GPL v2.
-# Latest change: Mon Apr 16 15:26:11 CEST 2007 [mika]
+# Latest change: Mon Apr 16 18:39:21 CEST 2007 [mika]
 ################################################################################
 
 set -e # exit on any error
@@ -13,6 +13,8 @@ set -e # exit on any error
 . /etc/debootstrap/variables || exit 1
 
 [ -r /proc/1 ] || mount -t proc   none /proc
+
+# variable checks {{{
 
 # use aptitude only if it's available
 if [ -x /usr/bin/aptitude ] ; then
@@ -23,7 +25,6 @@ else
    APTUPDATE='apt-get update'
 fi
 
-# variable checks {{{
 if [ -z "$STAGES" ] ; then
    STAGES='/etc/debootstrap/stages'
    [ -d "$STAGES" ] || mkdir -p "$STAGES"
@@ -139,14 +140,79 @@ reconfigure() {
 # }}}
 
 # set password of user root {{{
+setpassword() {
+# Set a password, via chpasswd.
+# Use perl rather than echo, to avoid the password
+# showing in the process table. (However, this is normally
+# only called when first booting the system, when root has no
+# password at all, so that should be an unnecessary precaution).
+#
+# Pass in three arguments: the user, the password, and 'true' if the
+# password has been pre-crypted (by preseeding).
+#
+# Taken from /var/lib/dpkg/info/passwd.config
+        SETPASSWD_PW="$2"
+        export SETPASSWD_PW
+
+        # This is very annoying. chpasswd cannot handle generating md5
+        # passwords as it is not PAM-aware. Thus, I have to work around
+        # that by crypting the password myself if md5 is used.
+        USE_MD5=1
+        export USE_MD5
+
+        if [ "$3" = true ]; then
+                PRECRYPTED=1
+        else
+                PRECRYPTED=''
+        fi
+        export PRECRYPTED
+        LC_ALL=C LANGUAGE=C LANG=C perl -e '
+                sub CreateCryptSalt {
+                        my $md5 = shift;
+
+                        my @valid = split(//, "./0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ");
+                        my ($in, $out);
+
+                        my $cryptsaltlen = ($md5 ? 8 : 2);
+
+                        open (F, "</dev/urandom") || die "No /dev/urandom found!";
+                        foreach (1..$cryptsaltlen) {
+                                read(F, $in, 1);
+                                $out .= $valid[ord($in) % ($#valid + 1)];
+                        }
+                        close F;
+                        return ($md5 ? "\$1\$$out\$" : $out);
+                }
+
+                open(P,"| chpasswd -e");
+                if ($ENV{PRECRYPTED}) {
+                        print P shift().":$ENV{SETPASSWD_PW}\n";
+                } else {
+                        print P shift().":".
+                                crypt($ENV{SETPASSWD_PW}, CreateCryptSalt($ENV{USE_MD5})).
+                                "\n";
+                }
+                close P;
+        ' "$1"
+        SETPASSWD_PW=''
+        USE_MD5=''
+        PRECRYPTED=''
+}
+
 passwords() {
   echo "Activating shadow passwords."
   shadowconfig on
-  echo "Setting password for user root:"
-  set +e # do not exit if passwd returns error due to missmatching passwords
-  passwd
-  echo ""
-  set -e # restore default behaviour again
+
+  if [ -n "$ROOTPASSWORD" ] ; then
+     setpassword root "$ROOTPASSWD" false
+     export ROOTPASSWD=''
+  else
+     echo "Setting password for user root:"
+     set +e # do not exit if passwd returns error due to missmatching passwords
+     passwd
+     echo ""
+     set -e # restore default behaviour again
+  fi
 }
 # }}}
 
@@ -289,6 +355,8 @@ services() {
 
 # unmount all filesystems in chroot, make sure nothing is left {{{
 finalize() {
+  # make sure we don't leave any sensible data
+  rm -f /etc/debootstrap/variables
   umount -a    1>/dev/null 2>/dev/null || true
   umount /proc 1>/dev/null 2>/dev/null || true
   umount /proc 1>/dev/null 2>/dev/null || true
@@ -305,7 +373,6 @@ finalize() {
   stage mkinitrd       && mkinitrd       && stage mkinitrd done
   stage kernel         && kernel         && stage kernel done
   stage reconfigure    && reconfigure    && stage reconfigure done
-  stage passwords      && passwords      && stage passwords done
   stage hosts          && hosts          && stage hosts done
   stage interfaces     && interfaces     && stage interfaces done
   stage timezone       && timezone       && stage timezone done
@@ -313,6 +380,7 @@ finalize() {
   stage hostname       && hostname       && stage hostname done
   stage initrd         && initrd         && stage initrd done
   stage grub           && grub           && stage grub done
+  stage passwords      && passwords      && stage passwords done
   stage services       && services       && stage services done
   stage finalize       && finalize       && stage finalize done
 # }}}

--- a/config	Mon Apr 16 18:29:04 2007 +0200
+++ b/config	Mon Apr 16 19:10:52 2007 +0200
@@ -3,7 +3,7 @@
 # Authors:       grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
 # Bug-Reports:   see http://grml.org/bugs/
 # License:       This file is licensed under the GPL v2.
-# Latest change: Mon Apr 16 14:17:19 CEST 2007 [mika]
+# Latest change: Mon Apr 16 18:45:19 CEST 2007 [mika]
 ################################################################################
 
 ################################################################################
@@ -76,6 +76,10 @@ HOSTNAME='grml'
 # use 2.6-686 for i386 and 2.6-amd64 for amd64
 # KERNEL='2.6-686'
 
+# set password of user root without prompting, please use with caution
+# only, because you usually don't want to share your password(s) ;-)
+# ROOTPASSWORD=''
+
 # name of debootstrap executable
 # supported values: debootstrap cdebootstrap
 DEBOOTSTRAP='debootstrap'

--- a/grml-debootstrap	Mon Apr 16 18:29:04 2007 +0200
+++ b/grml-debootstrap	Mon Apr 16 19:10:52 2007 +0200
@@ -4,7 +4,7 @@
 # Authors:       grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
 # Bug-Reports:   see http://grml.org/bugs/
 # License:       This file is licensed under the GPL v2.
-# Latest change: Mon Apr 16 15:42:34 CEST 2007 [mika]
+# Latest change: Mon Apr 16 19:10:16 CEST 2007 [mika]
 ################################################################################
 # http://www.debian.org/releases/stable/i386/index.html.en
 
@@ -33,14 +33,32 @@ fi
 
 # cmdline handling {{{
 usage() {
-  einfo "$0 - wrapper around debootstrap for installing plain Debian via grml"
-  einfo "Adjust /etc/debootstrap/config and invoke $0 afterwards."
+  einfo "$0 - version $VERSION"
+  echo  "   A wrapper around debootstrap for installing plain Debian via grml"
+  echo
+  einfo "Usage: $0 [options]"
+  echo  "   Adjust /etc/debootstrap/config and invoke $0 afterwards or use the cmdline option:"
+  echo
+  einfo "Valid options:"
+  echo  "
+    -h|--help              Print this usage information and exit.
+    -v|--version           Show summary of options and exit.
+
+    -t|--target <target>   Target partition (/dev/...) or directory.
+    -r|--release <release> Specify release of new Debian system. Supported relases: sarge, etch, lenny and sid.
+    -m|--mirror <URL>      Specify mirror which should be used for apt-get/aptitude.
+    -p|--mntpoint <mnt>    Specify mountpoint that should be used for mounting the target system.
+    --groot <device>       Specify root device for usage in grub (corresponds with \$TARGET).
+    --grub <device>        Where do you want to install grub to? Use grub syntax for specifying.
+    --password <pwd>       Use specified password as password for user root. Use with caution.
+
+"
 }
 
 while [ "$#" -gt "0" ] ; do
     case $1 in
         -v|--version)
-            einfo "$0 version $VERSION"
+            einfo "$0 - version $VERSION"
             einfo "Send bug reports to Michael Prokop <mika@grml.org>."
             eend 0
             exit 0
@@ -64,6 +82,10 @@ while [ "$#" -gt "0" ] ; do
         -p|--mntpoint)
             shift
             MNTPOINT=$1
+            ;;
+        --password)
+            shift
+            ROOTPASSWORD=$1
             ;;
         -m|--mirror)
             shift
@@ -132,12 +154,15 @@ fi
 fi
 
 # provide variables to chroot system
-[ -n "$ARCH" ]   && echo "ARCH=$ARCH"     > /etc/debootstrap/variables
+touch /etc/debootstrap/variables
+chmod 600 /etc/debootstrap/variables # make sure nobody except root can read it
+[ -n "$ARCH" ]   && echo "ARCH=$ARCH"     >  /etc/debootstrap/variables
 [ -n "$GRUB" ]   && echo "GRUB=$GRUB"     >> /etc/debootstrap/variables
 [ -n "$GROOT" ]  && echo "GROOT=$GROOT"   >> /etc/debootstrap/variables
 [ -n "$TARGET" ] && echo "TARGET=$TARGET" >> /etc/debootstrap/variables
 [ -n "$MIRROR" ] && echo "MIRROR=$MIRROR" >> /etc/debootstrap/variables
-[ -n "$CHROOTMIRROR" ] && echo "CHROOTMIRROR=$CHROOTMIRROR" >> /etc/debootstrap/variables
+[ -n "$MIRROR" ] && echo "MIRROR=$MIRROR" >> /etc/debootstrap/variables
+[ -n "$ROOTPASSWORD" ] && echo "ROOTPASSWORD=$ROOTPASSWORD" >> /etc/debootstrap/variables
 
 # make sure at least $TARGET is set [the partition for the new system]
 if [ -z "$TARGET" ] ; then
@@ -182,20 +207,38 @@ stage() {
 # }}}
 
 # user should recheck his configuration {{{
-einfo "$0 - Please recheck configuration before execution:"
-echo "
-   Target:           $TARGET"
-   case "$MNTPOINT" in "$TARGET") ;; *) echo "   Mount-point:      $MNTPOINT" ;; esac
-   [ -n "$GRUB" ]   && echo "   Install grub to:  $GROOT / $GRUB"
-   [ -n "$MIRROR" ] && echo "   Using mirror:     $MIRROR"
-   case "$MNTPOINT" in "$TARGET") ;; *) echo "  Important! Continuing will delete all data from ${TARGET}!" ;; esac
-   echo
-einfon "Is this ok for you? [y/N] "
-
-read a
-if ! [ "$a" = 'y' -o "$a" = 'Y' ] ; then
-   eerror "Exiting as requested." ; eend 1
-   exit 1
+# support full automatic installation:
+checkforrun() {
+   dialog --timeout 10 --title "$0" \
+          --yesno "Do you want to stop at this stage?
+
+Notice: you are running grml-debootstrap in non-interactive mode.
+grml-debootstrap will install Debian ${RELEASE} on ${TARGET}.
+Last chance to quit. Timeout of 10 seconds running....
+
+Do you want to stop now?" 0 0 2>/dev/null
+}
+
+if [ -n "$AUTOINSTALL" ] ; then
+   if checkforrun ; then
+      eerror "Exiting as requested" ; eend 0
+      exit 1
+   fi
+else # if not running automatic installation display configuration and prompt for execution:
+   einfo "$0 - Please recheck configuration before execution:"
+   echo "
+      Target:           $TARGET"
+      case "$MNTPOINT" in "$TARGET") ;; *) echo "   Mount-point:      $MNTPOINT" ;; esac
+      [ -n "$GRUB" ]   && echo "   Install grub to:  $GROOT / $GRUB"
+      [ -n "$MIRROR" ] && echo "   Using mirror:     $MIRROR"
+      case "$MNTPOINT" in "$TARGET") ;; *) echo "  Important! Continuing will delete all data from ${TARGET}!" ;; esac
+      echo
+   einfon "Is this ok for you? [y/N] "
+   read a
+   if ! [ "$a" = 'y' -o "$a" = 'Y' ] ; then
+      eerror "Exiting as requested." ; eend 1
+      exit 1
+   fi
 fi
 # }}}
 

--- a/grml-debootstrap.txt	Mon Apr 16 18:29:04 2007 +0200
+++ b/grml-debootstrap.txt	Mon Apr 16 19:10:52 2007 +0200
@@ -60,6 +60,12 @@ Corresponding with configuration variabl
 
 Specify mountpoint that should be used for mounting the target system.
 Corresponding with configuration variable MNTPOINT.
+
+  --password <password>
+
+Use specified password as password for user root. Use with caution, as your
+commandline might be visible in the process list and the shell history.
+It's meant for automatic installation only.
 
   -r, --release <releasename>