The firstboot interface might pop-up also during live mode (because it's
just very useful to have the right kbd mapping applied), and that's
hardly a "new installation". Hence use more generic terms
The keymap only really matters if there's local access to a system, i.e.
if there's actually a physical kbd directly connected to it, to apply it
to. If during firstboot we are not talked to via a VT (but via SSH,
container, or hypervisor console or so instead), then it's very unlikely
we ever are. Hence, don't ask for a keymap, and let#s shortcut the
questions asked at boot.
We only show this blurb on the first question, but the first question is
interactive anyway, hence no need to wait for input first explicitly, we
won't progress anyway without user input.
(similar for homectl's firstboot)
Some configuration files that need updates are directly under in /etc. To
update them atomically, we need write access to /etc. For Ubuntu Core this is
an issue as /etc is not writable. Only a selection of subdirectories can be
writable. The general solution is symlinks or bind mounts to writable places.
But for atomic writes in /etc, that does not work. So Ubuntu has had a patch
for that that did not age well.
Instead we would like to introduce some environment variables for alternate
paths.
* SYSTEMD_ETC_HOSTNAME: /etc/hostname
* SYSTEMD_ETC_MACHINE_INFO: /etc/machine-info
* SYSTEMD_ETC_LOCALTIME: /etc/localtime
* SYSTEMD_ETC_LOCALE_CONF: /etc/locale.conf
* SYSTEMD_ETC_VCONSOLE_CONF: /etc/vconsole.conf
* SYSTEMD_ETC_ADJTIME: /etc/adjtime
While it is for now expected that there is a symlink from the standard, we
still try to read them from that alternate path. This is important for
`/etc/localtime`, which is a symlink, so we cannot have an indirect symlink or
bind mount for it.
Since machine-id is typically written only once and not updated. This commit
does not cover it. An initrd can properly create it and bind mount it.
Let's make more use of label_ops_pre()/label_ops_post(), and replace
write_env_file_label() by a flag to write_env_file().
This simplifies and normalizes the code.
This also makes one relevant change: it sets the new
WRITE_ENV_FILE_LABEL flag in firstboot.c when we write locale.conf,
where we previously did not (but should have). This should address one
detail of #37857.
More porting work to label_ops_pre()/label_ops_post()
This also enables labelling of the /etc/localtime symlink in
systemd-firstboot, which should address one small facet of #37857
This commit cleans up the includes for all the small tools across
the tree.
A few cases of returning EXIT_SUCCESS are replaced with returning
0 to avoid including <stdlib.h>.
Split out of #37344.
Admittedly, some of our glyphs _are_ special, e.g. "O=" for SPECIAL_GLYPH_TOUCH ;)
But we don't need this in the name. The very long names make some invocations
very wordy, e.g. special_glyph(SPECIAL_GLYPH_SLIGHTLY_UNHAPPY_SMILEY).
Also, I want to add GLYPH_SPACE, which is not special at all.
let's convert the 2nd argumeng form a boolean to a proper flags
parameter. Doesn't change behaviour in anyway, but is more readable, and
prepares ground for adding more flags soon.
This adds TAB-based auto-completion to various fields we query from the
user, such as locale, keymap, timezone, group membership.
It makes it a lot easier to quickly iterate through firstboot without
typing too much.
This modernizes the function a bit, and adds some bits:
1. whether to show numbers before entries is now optional, and if they
are shown they are displayed in grey.
2. a common prefix can now be grayed out (later useful for completion
support)
3. some variables have been named to clarify their purpose
4. the table display dimensions can now be auto-sized (by specifying
SIZE_MAX and number of columns and column width)
1. Make the message a bit more visible, by adding ANSI color. This
matters in particular during boot, where the message otherwise might
be overprinted by other output
2. Let's turn off terminal echo so that whatever key is entered is not
made visible on screen, and we can handle newline and other keys
reasonably uniformly.
Let's derive XKBLAYOUT and friends from the given keymap and populate
these as well in vconsole.conf so that if the user configures a keymap
it's also respected in display managers such as gdm.
This new field allows specification of an fd on which the password
prompt logic will look for POLLHUP events for, and if seen will abort
the query.
The usecase for this is that when we query for a pw on behalf of a
Varlink client we can abort the query automatically if the client dies.
Allows unifying the custom logic for the hostname and root shell. Root
password prompting remains separate as it's logic is substantially
different to the other prompts.
This uses the same logic as similar verb suggestion for command line
utilities. Try to be helpful when the user entered something invalid
instead of just showing the prompt again.
An error message is already printed directly after, so the user already
knows that the validation failed. This also isn't done for the other
validation functions.
When sd-firstboot is ran during first boot of a new system this missing
newline leads to a bootup message being appended on the same line as the
message instructing to press a key.
Remove an early return that prevents --prompt-root-password or
--prompt-root-shell and systemd.firstboot=off using credentials. In that case,
arg_prompt_root_password and arg_prompt_root_shell will be false, but the
prompt helpers still need to be called to read the credentials. Furthermore, if
only the root shell has been set, don't overwrite the root password.
If /etc/passwd and/or /etc/shadow exist but don't have an existing root entry,
one needs to be added. Previously this only worked if the files didn't exist.
Although locked and empty passwords in /etc/passwd are treated the same, in all
other cases the entry is configured to read the password from /etc/shadow.
We nowadays reset TTYs by writing ANSI sequences to them. This can only
work if we operate on an *output* fd, not an input fd. Hence switch
various cases where we erroneously used an input fd to use an output fd
instead.
