2016-07-25 10:08:53 -04:00
|
|
|
#!/bin/ash
|
2017-04-12 06:57:58 -04:00
|
|
|
# This is the very first script invoked by the Linux kernel and is
|
|
|
|
# running out of the ram disk. There are no fileysstems mounted.
|
|
|
|
# It is important to have a way to invoke a recovery shell in case
|
|
|
|
# the boot scripts are messed up, but also important to modify the
|
|
|
|
# PCRs if this happens to prevent the TPM disk keys from being revealed.
|
|
|
|
|
2016-07-31 22:39:07 -04:00
|
|
|
# First thing it is vital to mount the /dev and other system directories
|
2017-04-01 23:02:00 -04:00
|
|
|
mkdir /proc /sys /dev /tmp /boot /media 2>&- 1>&-
|
2017-04-10 13:11:19 -04:00
|
|
|
mount /dev
|
|
|
|
mount /proc
|
|
|
|
mount /sys
|
2016-07-31 22:39:07 -04:00
|
|
|
|
2017-04-12 06:57:58 -04:00
|
|
|
# Recovery shells will erase anything from here
|
|
|
|
mkdir -p /tmp/secret
|
|
|
|
|
2017-03-31 11:18:46 -04:00
|
|
|
# Setup our path
|
|
|
|
export PATH=/sbin:/bin
|
|
|
|
|
2016-07-31 22:39:07 -04:00
|
|
|
# Now it is safe to print a banner
|
2017-03-31 11:18:46 -04:00
|
|
|
if [ -r /etc/motd ]; then
|
|
|
|
cat /etc/motd
|
|
|
|
fi
|
2016-07-25 10:08:53 -04:00
|
|
|
|
2016-07-31 22:39:07 -04:00
|
|
|
# Load the date from the hardware clock, setting it in local time
|
|
|
|
hwclock -l -s
|
|
|
|
|
2017-03-31 11:18:46 -04:00
|
|
|
# Read the system configuration parameters
|
2017-04-12 06:57:58 -04:00
|
|
|
. /etc/functions
|
|
|
|
. /etc/config
|
|
|
|
|
|
|
|
if [ ! -x "$CONFIG_BOOTSCRIPT" ]; then
|
|
|
|
recovery 'Boot script missing? Entering recovery shell'
|
|
|
|
# just in case...
|
2017-04-23 16:12:08 -04:00
|
|
|
tpm extend -ix 4 -ic recovery
|
2017-04-12 06:57:58 -04:00
|
|
|
exec /bin/ash
|
2016-07-31 22:39:07 -04:00
|
|
|
fi
|
2017-03-27 18:03:09 -04:00
|
|
|
|
2017-04-12 06:57:58 -04:00
|
|
|
# Give the user a second to enter a recovery shell
|
|
|
|
read \
|
|
|
|
-t "1" \
|
|
|
|
-p "Press 'r' for recovery shell: " \
|
|
|
|
-n 1 \
|
|
|
|
boot_option
|
|
|
|
echo
|
|
|
|
|
|
|
|
if [ "$boot_option" = "r" ]; then
|
|
|
|
# Start an interactive shell
|
|
|
|
recovery 'User requested recovery shell'
|
|
|
|
# just in case...
|
2017-04-23 16:12:08 -04:00
|
|
|
tpm extend -ix 4 -ic recovery
|
2017-04-12 06:57:58 -04:00
|
|
|
exec /bin/ash
|
|
|
|
fi
|
2017-03-31 11:18:46 -04:00
|
|
|
|
2017-04-12 06:57:58 -04:00
|
|
|
echo '***** Normal boot'
|
|
|
|
exec "$CONFIG_BOOTSCRIPT"
|
2017-03-31 11:18:46 -04:00
|
|
|
|
2017-04-12 06:57:58 -04:00
|
|
|
# We should never reach here, but just in case...
|
|
|
|
recovery 'Boot script failure? Entering recovery shell'
|
|
|
|
# belts and suspenders, just in case...
|
2017-04-23 16:12:08 -04:00
|
|
|
tpm extend -ix 4 -ic recovery
|
2017-04-12 06:57:58 -04:00
|
|
|
exec /bin/ash
|