| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
If petitboot,password exists set it as the root password. This will be
the password used to authenticate clients.
This is the *hash* of a password as it would appear in /etc/shadow, not
the password itself.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
| |
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If crypt support is enabled restrict what actions clients can perform by
default. Initial authorisation is set at connection time; clients
running as root are unrestricted, anything else runs as restricted until
it makes an authentication to pb-discover.
Unprivileged clients may only perform the following actions:
- Boot the default boot option.
- Cancel the autoboot timeout.
- Make an authentication request.
If a group named "petitgroup" exists then the socket permissions are
also modified so that only clients running as root or in that group may
connect to the socket.
The user-event socket is only usable by root since the two main
usecases are by utilities called by pb-discover or by a user in the
shell who will need to su to root anyway.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
| |
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
| |
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
| |
The pb_urls for the boot resources use 'opt' as the talloc parent but
this may be NULL, for example if this is a user-created boot option.
Move the boot_task initialisation so it can be used as the talloc parent
instead.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
| |
This commit adds support for the initrd16 builtin
which compliments the existing linux16 support and
improves usability on x86 platforms.
Signed-off-by: Shawn Anastasio <shawn@anastas.io>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A few places where we print out the response buffer from an IPMI command
weren't updated when log timestamps were added, resulting in very hard
to read output. Add a little helper to format buffers and use it to
print these with only one timestamp.
Example:
[04:59:01] ipmi_get_bmc_versions: BMC version resp [0][16]:
0x00 0x20 0x01 0x02 0x13 0x02 0xbf 0x00
0x00 0x00 0xbb 0xaa 0x58 0x98 0x01 0x00
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ncurses UI sets a few console options at startup that are needed for
ncurses to work properly. These aren't reset however and can lead to
quirks like the cursor being invisible after kexecing to the next
kernel.
The UI process doesn't have time to reset these when it is killed by
kexec, so instead add a 'boot_active' field to status updates. This is
set by boot.c's update handler so the UI can assume it is about to boot
if it receives a status update with this field, and resets the console
options. If the boot is cancelled for any reason the status update will
reflect that and the console options are restored.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Occasionally you look at some code and realise that a) this never gets
built, and b) even if it did it would never compile. Today's example is
native-parser.c which we must have just assumed worked for quite a
while.
The native parser has bitrotted entirely and needs to be brought up to
date. While we're here, lets take the chance to implement a proper
grammar for it. This helps us reason more effectively about the parser,
lets us extend it easily in the future, and.. I wanted to write a Bison
parser too.
This implements most of the old functionality, but drops off some
smaller details like settings icons which needs some separate attention
to bring up to date.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
| |
The discover/params code is an artifact from a long time ago, and isn't
used by anything today: remove it.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The kboot parser doesn't set a default option. Change it so that if we
see the 'default' parameter we match against this value when deciding if
an option should be set as default.
For example:
default=linux
linux='/vmlinux initrd=/initrd arg1=value1 arg2'
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a device requery is triggered we cancel any default boot option on
the device. This also disables autoboot which we don't want; any boot
options found after the requery will not be able to autoboot.
To avoid this restore the existing autoboot setting after checking for
default options.
This prevents a particular corner case where a default boot option has
been selected for boot but one of its boot files has stalled or is
taking more time to download than the requery timeout and the requery
accidentally cancels autoboot preventing Petitboot from trying to boot
again.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
| |
If a 'name' parameter is used for a boot user event, search existing
boot options for one that matches that name on the given device.
This allows a pb-event user to boot based on name rather than having to
specify the exact boot arguments.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
| |
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
| |
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
| |
For convenience, add a new efi data attributes macro
EFI_DEFALT_ATTRIBUTES.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
| |
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
| |
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
| |
Signed-off-by: Ge Song <ge.song@hxt-semitech.com>
[Split from a larger patch and cleaned up]
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add configure --enable-platform-XXX options to allow specifying
which platform support to build.
--enable-platform-auto, the default, will use the host
triplet to guess which platforms to build.
--enable-platform-all will build all platforms.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
| |
With the new configure enable-platform parameters it is possible
configure no platform support. Add a new minimal 'dummy' platform
so that the __start_platforms and __stop_platforms variables needed
by platform_init are created.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
| |
Move the generic params routines from platform-powerpc to platform.
Also, for clarity, add a params prefix to the names.
Signed-off-by: Ge Song <ge.song@hxt-semitech.com>
[Split from a larger patch and cleaned up]
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
| |
Move the generic config routines from platform-powerpc to platform.
Also, for clarity, add a config_ prefix to the names.
Signed-off-by: Ge Song <ge.song@hxt-semitech.com>
[Split from a larger patch and cleaned up]
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
| |
Signed-off-by: Geoff Levand <geoff@infradead.org>
[Name string fixup]
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
| |
Update update_network_config and update_bootdev_config to
operate on a generic parameter name passed as an argument.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
| |
Rearange update_config and save_config so that update_config
only operates on the platform params list.
Signed-off-by: Ge Song <ge.song@hxt-semitech.com>
[Split from a larger patch and cleaned up]
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
| |
To avoid name clash with other 'struct param'.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
| |
Signed-off-by: Ge Song <ge.song@hxt-semitech.com>
[Split from a larger patch]
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
| |
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
|
| |
General cleanup of async stdout processing.
The process_stdout_cb and process_stdout_custom routines were doing the
same thing, so rename process_stdout_custom to process_process_stdout
and make process_stdout_cb a wrapper that calls process_process_stdout.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
| |
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
| |
Add a new routine parser_is_unique that tests a file's inode
against a list of known file inodes. Useful when searching
case-insensitive filesystems.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
| |
To aid in debugging print some additinal discover messages
to the log.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
| |
Other parsers look in /boot for config files, so add
it to the kboot parser.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
| |
If verbose logging is enabled then add '--debug' to the kexec command line.
Adds a new routine pb_log_get_debug() that can be used to query the log
debug state.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
| |
The only functional change should be an additional '/n' to
a few log messagees that seemed to be missing it.
Signed-off-by: Geoff Levand <geoff@infradead.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
| |
Fixes Coverity defect #187192.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
| |
This avoids the log filling up with "Couldn't recognise suffix" messages
if a lot of partial stdout updates are received.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
| |
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
| |
Use getaddrinfo() to determine if a remote URL is reachable instead of
only checking if we have an addresses configured. This avoids, for
example, trying to load an IPv4 URL when only an IPv6 address is
available.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
| |
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
| |
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
| |
Support handling IPv6 addresses from user events and call the udhcpc6
client in addition to the udhcpc client.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
| |
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a few mappings to specify temporary autoboot settings:
F10: Only autoboot from disk
F11: Only autoboot from USB devices
F12: Only autoboot from network
These use the new code to prevent cancelling autoboot.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
| |
Handle incoming requests for temporary autoboot settings.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
[indenting fixup]
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
| |
A future change will want to match autoboot option settings, so abstract
this into its own function.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we boot a machine before external (network) dependencies are properly
configured, it will have tried once to download configuration, and
possibly failed due to that configuration not being present.
This change introduces a periodic requery of network resources. After a
timeout, petitboot will either re-acquire its DHCP lease (causing any
downloads to be re-processed, possibly with different parameters from
the new lease), or re-download a statically defined URL.
This timeout defaults to five minutes (similar to pxelinux), and is
configurable by DHCP option 211, "reboot time".
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
[added test stub]
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|
|
|
|
|
|
|
|
| |
Check for some required parameters in the 'dhcp' handler, and in the
'add' handler return an error if parse_user_event() fails rather than
charging ahead into a segfault.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
|