#!/bin/bash -
# a-fedora-appliance
# Copyright (C) 2011-2014 Red Hat Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

# supermin doesn't run any RPM %pre or %post scripts.  For
# libguestfs this doesn't matter, but when trying to boot a real
# distro it matters quite a bit.  This script runs once, the first
# time the appliance boots.  It contains a selection of %post scripts
# from important packages.
#
# In debootstrap, this is generated from the packages themselves.  We
# should generate it for supermin too.  (XXX)

# There is no /etc/fstab in Fedora.  It is possibly generated by
# Anaconda for a normal distro.  Fake one here.
cat <<EOF >/etc/fstab
/dev/root / ext2 defaults 1 1
EOF

# This is probably also done by Anaconda.
rm -f /etc/mtab
ln -s /proc/mounts /etc/mtab

# Also probably Anaconda.
cat <<EOF >/etc/sysconfig/network
HOSTNAME=localhost.localnet
NETWORKING=yes
EOF
cat <<EOF >/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
BOOTPROTO=dhcp
ONBOOT=yes
EOF

# Combined user accounts from all packages.  XXX Because useradd and
# groupadd are non-readable by non-root, they are not copied into the
# appliance.

cat <<EOF >>/etc/passwd
sshd:x:74:482:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
EOF

cat <<EOF >>/etc/shadow
sshd:!!:14742::::::
dbus:!!:14742::::::
EOF

cat <<EOF >>/etc/group
cdrom:x:11:
dialout:x:18:
floppy:x:19:
utmp:x:22:
tape:x:33:
utempter:x:35:
dbus:x:81
ssh_keys:x:106:
sshd:x:482:
EOF

cat <<EOF >>/etc/gshadow
cdrom:!::
dialout:!::
floppy:!::
utmp:!::
tape:!::
utempter:!::
dbus:!::
ssh_keys:!::
sshd:!::
EOF

# systemd
/bin/systemd-machine-id-setup
/bin/systemctl daemon-reexec

# systemd-units
target="/lib/systemd/system/runlevel2.target"
ln -sf "$target" /etc/systemd/system/default.target
/bin/systemctl enable getty@.service

# openssh-server
/bin/systemctl enable sshd.service
/bin/systemctl enable sshd-keygen.service
chown root.root /var/empty/sshd

# syslog
touch /var/log/messages
touch /var/log/secure
/bin/systemctl enable rsyslog.service

# NetworkManager
/sbin/chkconfig --add NetworkManager
/sbin/chkconfig NetworkManager resetpriorities
/bin/systemctl enable NetworkManager.service

# Set the root password to empty string.
mv /etc/passwd /etc/passwd-
sed 's/^root:[^:]*:/root::/' < /etc/passwd- > /etc/passwd

# Set up an /etc/issue file.
cat <<'EOF' >/etc/issue

Welcome to a-fedora-appliance, a small Fedora appliance.

Log in with 'root', no password.

EOF

# Only run this script once.
touch /firstboot.done