quico-os-setup/mkinitcpio-dropbear-pacman-hook
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(meta): Initial commit

Browse Source
This commit is contained in:
hygienic-books 2023-11-03 01:19:50 +01:00
parent a39e1ba3dc
commit 7cbd98de4d
6 changed files with 101 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
dropbear_hook.override.patch

56
README.md
View File

@ -1,3 +1,57 @@
# mkinitcpio-dropbear-pacman-hook # mkinitcpio-dropbear-pacman-hook
A pacman hook that patches one of the files in Arch Linux package mkinitcpio-dropbear Two pacman hooks that patch Arch Linux package `mkinitcpio-dropbear` for use in ZFSBootMenu
# Setup
> Not explicitly listed here as a step but still relevant: These `pacman` hooks only make sense if you're using ZFSBootMenu images and have `mkinitcpio-dropbear` package installed.
Get started like so:
1. Clone repo into arbitrary path `<repo>`
1. Symlink to hook files, for example
```
sudo ln -s <repo>/pacman-mkinitcpio-dropbear-hook.hook /usr/share/libalpm/hooks/pacman-mkinitcpio-dropbear-hook.hook
sudo ln -s <repo>/pacman-mkinitcpio-dropbear-install.hook /usr/share/libalpm/hooks/pacman-mkinitcpio-dropbear-install.hook
```
1. Optionally in hook files change base paths to patch files. These default to:
```
/opt/git/quico.space/quico-os-setup/mkinitcpio-dropbear-pacman-hook
```
# What's it do?
When either the hook or installation script of Arch Linux package `mkinitcpio-dropbear` changes these hooks apply patches to them.
The installation script `/usr/lib/initcpio/install/dropbear` gets two additional commands to create a `root` username and group in initrd; the hook script `/usr/lib/initcpio/hooks/dropbear` has its Dropbear settings changed to send SSH keepalive messages and to define a custom listening port.
Both actions happen as a `PostTransaction` in `pacman`.
# Assumptions
Per [headline](#mkinitcpio-dropbear-pacman-hook) these hooks is intended to work with [quico.space/quico-os-setup/arch-zbm](https://quico.space/quico-os-setup/arch-zbm). Before using them for any purpose other than an `arch-zbm` Arch Linux installation please closely review what they do and adapt to your use case as needed.
These hooks manipulate how SSH is done inside a ZFSBootMenu boot loader.
# Development
## Conventional commits
This project uses [Conventional Commits](https://www.conventionalcommits.org/) for its commit messages.
### Commit types
Commit _types_ besides `fix` and `feat` are:
- `build`: Project structure, directory layout, build instructions for roll-out
- `refactor`: Keeping functionality while streamlining or otherwise improving function flow
- `test`: Working on test coverage
- `docs`: Documentation for project or components
### Commit scopes
The following _scopes_ are known for this project. A Conventional Commits commit message may optionally use one of the following scopes or none:
- `patch`: Work related to patch files
- `hook`: Configuring the hook(s)
- `meta`: Affects the project's repo layout, readme content, file names etc.

11
dropbear_hook.patch Normal file
View File

@ -0,0 +1,11 @@
--- /usr/lib/initcpio/hooks/dropbear 2023-11-02 23:27:18.466666725 +0000
+++ /usr/lib/initcpio/hooks/dropbear 2023-11-02 23:28:40.846666723 +0000
@@ -6,7 +6,7 @@
mount -t devpts devpts /dev/pts
echo "Starting dropbear"
- /usr/sbin/dropbear -E -s -j -k
+ /usr/sbin/dropbear -E -s -j -k -K 1 -p 22
}
run_cleanuphook ()

12
dropbear_install.patch Normal file
View File

@ -0,0 +1,12 @@
--- /usr/lib/initcpio/install/dropbear 2023-09-12 11:32:10.000000000 +0000
+++ /usr/lib/initcpio/install/dropbear 2023-11-02 22:59:29.226666775 +0000
@@ -86,6 +86,9 @@
add_dir "/root/.ssh"
cat /etc/dropbear/root_key > "${BUILDROOT}"/root/.ssh/authorized_keys
+ groupadd --prefix "${BUILDROOT}" --system -g 0 root
+ useradd --prefix "${BUILDROOT}" --system -g root -u 0 -M -d /root -s /bin/sh root
+
add_full_dir "/etc/dropbear"
add_file "/lib/libnss_files.so.2"
add_dir "/var/run"

11
pacman-mkinitcpio-dropbear-hook.hook Normal file
View File

@ -0,0 +1,11 @@
[Trigger]
Type = Path
Operation = Install
Operation = Upgrade
Target = usr/lib/initcpio/hooks/dropbear
[Action]
Description = Patch mkinitcpio-dropbear hook script
When = PostTransaction
Exec = [ -f /opt/git/quico.space/quico-os-setup/mkinitcpio-dropbear-pacman-hook/dropbear_hook.override.patch ] && </opt/git/quico.space/quico-os-setup/mkinitcpio-dropbear-pacman-hook/dropbear_hook.override.patch patch --backup --batch /usr/lib/initcpio/hooks/dropbear || </opt/git/quico.space/quico-os-setup/mkinitcpio-dropbear-pacman-hook/dropbear_hook.patch patch --backup --batch /usr/lib/initcpio/hooks/dropbear
Depends = mkinitcpio-dropbear

11
pacman-mkinitcpio-dropbear-install.hook Normal file
View File

@ -0,0 +1,11 @@
[Trigger]
Type = Path
Operation = Install
Operation = Upgrade
Target = usr/lib/initcpio/install/dropbear
[Action]
Description = Patch mkinitcpio-dropbear installation script
When = PostTransaction
Exec = </opt/git/quico.space/quico-os-setup/mkinitcpio-dropbear-pacman-hook/dropbear_install.patch patch --backup --batch /usr/lib/initcpio/install/dropbear
Depends = mkinitcpio-dropbear