# filter only what is wanted by this script: aliases and options
modprobe_c_cache=$(modprobe -c | grep -E '^(alias|options)')
+ echo "$modprobe_c_cache"
}
# parse kernel cmdline
if ! grep -Fq selinuxfs /proc/filesystems; then
# no support in kernel, no chance
SELINUX=no
- elif ! is_fsmounted selinuxfs /selinux; then
- mount -n -o gid=17 -t selinuxfs selinuxfs /selinux
+ elif ! is_fsmounted selinuxfs $selinuxfsdir; then
+ mount -n -t selinuxfs selinuxfs $selinuxfsdir
fi
# Check SELinux status
is_yes "$AUTOSWAP" && enable_autoswap
}
-# Remove duplicate entries from mtab (for vserver guest use only)
-clean_vserver_mtab() {
- > /etc/mtab.clean
- while read device mountpoint line; do
- grep -qs "$mountpoint" /etc/mtab.clean || \
- echo "$device $mountpoint $line" >> /etc/mtab.clean
- done < /etc/mtab
- cat /etc/mtab.clean > /etc/mtab
- rm -f /etc/mtab.clean
-}
-
# Loads modules from /etc/modules, /etc/modules.X.Y and /etc/modules.X.Y.Z
load_kernel_modules() {
local modules_file=$1
fi
}
-# mdadm - manage MD devices aka Linux Software RAID
+# Init software RAID arrays
init_mdadm() {
- if [ ! -x /sbin/mdadm -o ! -f /etc/mdadm.conf ]; then
+ local output
+
+ if [ ! -x /sbin/mdadm ]; then
return
fi
modprobe -s md
- local rc=0 golvm=0 have_md=0
if [ ! -f /proc/mdstat ]; then
return
fi
- # assume we have md if at least one ARRAY line is present
- if grep -qE "^([[:blank:]]|)ARRAY[[:blank:]]" /etc/mdadm.conf; then
- have_md=1
- fi
- # configured to do auto scanning
- if [ $have_md = 0 ] && grep -qE "^([[:blank:]]|)DEVICE[[:blank:]]partitions" /etc/mdadm.conf; then
- have_md=1
- fi
-
- # none found
- if [ $have_md = 0 ]; then
- return
- fi
-
show "Starting up RAID devices"; busy
- /sbin/mdadm --assemble --scan --auto=yes
- rc=$?
- if [ "$rc" -eq 0 -o "$rc" -eq 2 ]; then
- # rc is used later too, so set sane value
- rc=0
- deltext; ok
- golvm=1
- else
- deltext; fail
- fi
-
- # A non-zero return means there were problems
- if [ $rc -gt 0 ]; then
- [ -e /proc/splash ] && echo "verbose" > /proc/splash
- show "Starting up RAID devices"; fail
-
- PS1="$(nls '(RAID Repair)# ')"; export PS1
- repair_shell "$(nls '*** An error occurred during the RAID startup.')"
- fi
+ output=$(/sbin/mdadm --assemble --scan 2>&1)
+ ok
- # LVM on RAID (keep in sync with LVM init)
- if [ "$golvm" -eq "1" ]; then
- if [ -x /sbin/vgscan -a -x /sbin/vgchange ]; then
- run_cmd "Scanning for LVM volume groups (on RAID)" /sbin/vgscan $lvmignorelocking
- run_cmd "Activating LVM volume groups (on RAID)" /sbin/vgchange -a y $lvmsysinit
- [ "$lvmversion" = "2" ] && /sbin/vgmknodes
- fi
+ if [ -n "$output" ]; then
+ echo "$output"
fi
- show "Starting up RAID devices"; ok
- return $rc
}
# Init LVM
run_cmd "Scanning for LVM volume groups" /sbin/vgscan $lvmignorelocking
run_cmd "Activating LVM volume groups" /sbin/vgchange -a y $lvmsysinit
+
if [ "$lvmversion" = "2" ]; then
- /sbin/vgmknodes $lvmignorelocking
+ # silently refresh LV /dev nodes (just in case)
+ /sbin/vgmknodes $lvmignorelocking 1>/dev/null 2>&1
# display VG statistics
/sbin/vgdisplay -s $lvmignorelocking
fi
RC_BOOTLOG=
fi
-if ! is_yes "$VSERVER" && [[ "$container" != lxc* ]]; then
+if [[ "$container" != lxc* ]]; then
# we need /proc mounted before everything
is_fsmounted proc /proc || mount -n /proc || mount -n -o gid=17,hidepid=2 -t proc /proc /proc
parse_cmdline
if [ -d /run ]; then
- is_fsmounted tmpfs /run || mount -n -t tmpfs run /run
+ is_fsmounted tmpfs /run || mount -n -t tmpfs run /run -o mode=0755,noexec,nosuid,nodev
fi
# Early sysctls
# sysfs is also needed before any other things (under kernel > 2.5)
if ! is_fsmounted sysfs /sys; then
- grep -Fq sysfs /proc/filesystems && mount -n -o gid=17 -t sysfs sysfs /sys
+ grep -Fq sysfs /proc/filesystems && mount -n -t sysfs sysfs /sys
fi
if grep -Fq securityfs /proc/filesystems; then
- mount -n -o gid=17 -t securityfs securityfs /sys/kernel/security
+ mount -n -t securityfs securityfs /sys/kernel/security
+ fi
+ if [ -d /sys/firmware/efi ] && ! is_fsmounted efivarfs /sys/firmware/efi/efivars; then
+ mount -n -o rw -t efivarfs efivarfs /sys/firmware/efi/efivars
fi
- init_selinux
-
- # TLD Linux LiveCD support
- if [ -x /etc/rc.d/rc.live ]; then
- /etc/rc.d/rc.live
+ if [ -d /sys/fs/selinux ]; then
+ # Linux 3.0+
+ selinuxfsdir=/sys/fs/selinux
+ else
+ selinuxfsdir=/selinux
fi
+ init_selinux
# Choose Hardware profile
if ! is_no "$HWPROFILES" && [ -f /etc/sysconfig/hwprof ]; then
domainname ""
fi
-if ! is_yes "$VSERVER" && [[ "$container" != lxc* ]]; then
+if [[ "$container" != lxc* ]]; then
# Set console loglevel
if [ -n "$CONSOLE_LOGLEVEL" ]; then
dmesg -n $CONSOLE_LOGLEVEL
_ROOTFS_DEVICE=$(awk '($1 !~ /^#/ && $2 == "/" && NF >= 6) { print $1}' /etc/fstab)
_ROOTFS_TYPE=$(awk '$2 == "/" && $3 != "rootfs" { print $3 }' /proc/mounts 2>/dev/null)
- if [ -z "$fastboot" -a "$_ROOTFS_TYPE" != "aufs" -a "$_ROOTFS_TYPE" != "nfs" -a "$_ROOTFS_TYPE" != "romfs" -a "$_ROOTFS_TYPE" != "squashfs" -a "$_ROOTFS_PASSNO" != 0 -a -e $_ROOTFS_DEVICE ] && [[ "$container" != lxc* ]]; then
+ if [ -z "$fastboot" -a "$_ROOTFS_TYPE" != "aufs" -a "$_ROOTFS_TYPE" != "nfs" -a "$_ROOTFS_TYPE" != "romfs" -a "$_ROOTFS_TYPE" != "tmpfs" -a "$_ROOTFS_TYPE" != "squashfs" -a "$_ROOTFS_PASSNO" != 0 -a -e $_ROOTFS_DEVICE ] && [[ "$container" != lxc* ]]; then
check_root_fs
fi
IN_INITLOG=""
fi
-if ! is_yes "$VSERVER" && [[ "$container" != lxc* ]]; then
+if [[ "$container" != lxc* ]]; then
# Clear mtab
> /etc/mtab
[ -f /etc/cryptomtab ] && > /etc/cryptomtab
mount -f -t devtmpfs devtmpfs /dev 2> /dev/null
fi
if is_fsmounted tmpfs /run; then
- mount -f -t tmpfs run /run 2> /dev/null
+ mount -f -t tmpfs run /run -o mode=0755,noexec,nosuid,nodev 2> /dev/null
fi
if is_fsmounted usbfs /proc/bus/usb; then
if is_fsmounted securityfs /sys/kernel/security ; then
mount -f -t securityfs securityfs /sys/kernel/security 2> /dev/null
fi
+ if [ -d /sys/firmware/efi ] && is_fsmounted efivarfs /sys/firmware/efi/efivars ; then
+ mount -f -t efivarfs efivarfs /sys/firmware/efi/efivars 2> /dev/null
+ fi
fi
- if is_fsmounted selinuxfs /selinux; then
- mount -f -t selinuxfs selinuxfs /selinux 2> /dev/null
+ if is_fsmounted selinuxfs $selinuxfsdir; then
+ mount -f -t selinuxfs selinuxfs $selinuxfsdir 2> /dev/null
fi
if [ ! -f /proc/modules ]; then
fi
fi
- # Init LVM
+ if ! is_no "$MDADM"; then
+ init_mdadm
+ fi
+
if ! is_no "$LVM2"; then
init_lvm
fi
[ $delay_cryptsetup = 0 ] && ok || fail
fi
- if ! is_no "$MDADM"; then
- init_mdadm
- fi
-
_RUN_QUOTACHECK=0
# Check filesystems
if [ -z "$fastboot" ] && [ -z "$nofsck" ]; then
killall -IO blogd
fi
- clean_vserver_mtab
fi
is_yes "$SELINUX" && [ -f /.autorelabel ] && relabel_selinux
test -d /var/run/netreport || mkdir -m 770 /var/run/netreport
-if ! is_yes "$VSERVER"; then
- enable_swap
+enable_swap
- # If a SCSI tape has been detected, load the st module unconditionally
- # since many SCSI tapes don't deal well with st being loaded and unloaded
- if [ -f /proc/scsi/scsi ] && grep -q 'Type: Sequential-Access' /proc/scsi/scsi 2>/dev/null ; then
- if grep -qv ' 9 st' /proc/devices 2>/dev/null; then
- if [ -n "$USEMODULES" ] ; then
- # Try to load the module. If it fails, ignore it...
- insmod -p st >/dev/null 2>&1 && modprobe -s st
- fi
+# If a SCSI tape has been detected, load the st module unconditionally
+# since many SCSI tapes don't deal well with st being loaded and unloaded
+if [ -f /proc/scsi/scsi ] && grep -q 'Type: Sequential-Access' /proc/scsi/scsi 2>/dev/null ; then
+ if grep -qv ' 9 st' /proc/devices 2>/dev/null; then
+ if [ -n "$USEMODULES" ] ; then
+ # Try to load the module. If it fails, ignore it...
+ insmod -p st >/dev/null 2>&1 && modprobe -s st
fi
fi
+fi
- # Now that we have all of our basic modules loaded and the kernel going,
- # let's dump the syslog ring somewhere so we can find it later
- mode=0600
- if [ "$(cat /proc/sys/kernel/dmesg_restrict)" = 0 ]; then
- mode=0644
- fi
- dmesg --raw > /var/log/dmesg
- chmod $mode /var/log/dmesg
- i=5
- while [ $i -ge 0 ]; do
- if [ -f /var/log/dmesg.$i ]; then
- mv -f /var/log/dmesg.$i /var/log/dmesg.$(($i+1))
- fi
- i=$(($i-1))
- done
- cp -pf /var/log/dmesg /var/log/dmesg.0
+# Now that we have all of our basic modules loaded and the kernel going,
+# let's dump the syslog ring somewhere so we can find it later
+mode=0600
+if [ "$(cat /proc/sys/kernel/dmesg_restrict)" = 0 ]; then
+ mode=0644
fi
+dmesg --raw > /var/log/dmesg
+chmod $mode /var/log/dmesg
+i=5
+while [ $i -ge 0 ]; do
+ if [ -f /var/log/dmesg.$i ]; then
+ mv -f /var/log/dmesg.$i /var/log/dmesg.$(($i+1))
+ fi
+ i=$(($i-1))
+done
+cp -pf /var/log/dmesg /var/log/dmesg.0
if ! is_no "$RC_PROMPT"; then
while :; do
fi
} &
-# /proc extra check if the background process we just spawned is still running,
-# as in case of vserver bootup it finishes quite instantly.
+# /proc extra check if the background process we just spawned is still running
+# as it may finish quite instantly.
if ! is_no "$RC_PROMPT" && [ -d /proc/$! ]; then
/sbin/getkey i && touch /var/run/confirm
touch /var/run/getkey_done