From 7262ae5ec6f63883c5e35318ecf06c6d68a62230 Mon Sep 17 00:00:00 2001 From: Tim Eertmoed Date: Thu, 12 Dec 2024 19:32:44 +0100 Subject: [PATCH] sbin/overlayRoot.sh aktualisiert --- sbin/overlayRoot.sh | 68 +++++++++++++++++++++++++++++++++++++ usr/bin/overlayfs.sh | 80 -------------------------------------------- 2 files changed, 68 insertions(+), 80 deletions(-) create mode 100644 sbin/overlayRoot.sh delete mode 100644 usr/bin/overlayfs.sh diff --git a/sbin/overlayRoot.sh b/sbin/overlayRoot.sh new file mode 100644 index 0000000..440cf4f --- /dev/null +++ b/sbin/overlayRoot.sh @@ -0,0 +1,68 @@ +#!/bin/bash + +# This script will mount the root filesystem read-only and overlay it with a temporary tempfs +# Install: +# copy this script to /sbin/overlayRoot.sh and add "init=/sbin/overlayRoot.sh" to the cmdline.txt +# file in the raspbian image's boot partition. +# Execute the following commands as root: +# sudo dphys-swapfile swapoff +# sudo dphys-swapfile uninstall +# sudo update-rc.d dphys-swapfile remove +# +# To install software, run upgrades and do other changes to the raspberry setup, simply remove the init=/sbin/overlayRoot.sh +# entry from the cmdline.txt file and reboot, make the changes, add the init= entry and reboot once more. + +set -e +sleep 10 +fail() { + echo -e "$1" >&2 + exit 1 +} + +# Prüfen und Modul laden +modprobe overlay || fail "ERROR: OverlayFS-Modul nicht geladen." + +# /proc einbinden +mountpoint -q /proc || mount -t proc proc /proc + +# Temporäres Dateisystem für Overlay erstellen +mount -t tmpfs tmpfs /mnt || fail "ERROR: tmpfs konnte nicht gemountet werden." +mkdir -p /mnt/lower /mnt/rw/upper /mnt/rw/work /mnt/newroot + +# Root-Dateisystem schreibgeschützt einbinden +rootDev=$(awk '$2 == "/" {print $1}' /proc/mounts) +rootMountOpt=$(awk '$2 == "/" {print $4}' /proc/mounts) +rootFsType=$(awk '$2 == "/" {print $3}' /proc/mounts) + +mount -t "${rootFsType}" -o "${rootMountOpt},ro" "${rootDev}" /mnt/lower || \ + fail "ERROR: Ursprüngliches Root-Dateisystem konnte nicht schreibgeschützt eingebunden werden." + +# OverlayFS einbinden +mount -t overlay \ + -o lowerdir=/mnt/lower,upperdir=/mnt/rw/upper,workdir=/mnt/rw/work \ + overlay /mnt/newroot || fail "ERROR: OverlayFS konnte nicht gemountet werden." + +# Neue Root-Overlay-Verzeichnisse erstellen +mkdir -p /mnt/newroot/ro /mnt/newroot/rw + +# Originale fstab modifizieren +grep -v "$rootDev" /mnt/lower/etc/fstab > /mnt/newroot/etc/fstab +cat <> /mnt/newroot/etc/fstab +# Das originale Root-Dateisystem wurde durch overlayRoot.sh entfernt. +# Diese Änderung ist temporär. Die originale fstab ist in /ro/etc/fstab verfügbar. +EOF + +# Root wechseln und alte Root aufräumen +cd /mnt/newroot +pivot_root . mnt || fail "ERROR: pivot_root fehlgeschlagen." + +exec chroot . /bin/bash -c " + mount --move /mnt/mnt/lower /ro || fail 'ERROR: /ro konnte nicht verschoben werden.' + mount --move /mnt/mnt/rw /rw || fail 'ERROR: /rw konnte nicht verschoben werden.' + umount /mnt/mnt || true + umount /mnt/proc || true + umount -l -f /mnt/dev || true + umount -l -f /mnt || true + + exec /sbin/init +" diff --git a/usr/bin/overlayfs.sh b/usr/bin/overlayfs.sh deleted file mode 100644 index dd26703..0000000 --- a/usr/bin/overlayfs.sh +++ /dev/null @@ -1,80 +0,0 @@ -#!/bin/sh -# Raspberry Pi OverlayFS Initialization Script with NFS Logging -# Version: 1.2 - -set -e - -echo "Starting OverlayFS and NFS logging setup..." - -# Mount root filesystem as read-only -mount -o remount,ro / - -# Start the DHCP client to get the hostname -dhclient eth0 -1 # Wait for DHCP to complete - -# Get the hostname from DHCP -DHCP_HOSTNAME=$(cat /var/lib/dhcp/dhclient.* | grep "option host-name" | awk '{print $3}' | tr -d '";') -if [ -n "$DHCP_HOSTNAME" ]; then - echo "Setting hostname to $DHCP_HOSTNAME" - hostnamectl set-hostname "$DHCP_HOSTNAME" -else - echo "No DHCP hostname found, using default hostname." - DHCP_HOSTNAME="default" -fi - -# Set up OverlayFS for /tmp -OVERLAY_BASE=/overlay -mkdir -p ${OVERLAY_BASE}/{tmp_upper,tmp_work,varlog_work} - -# Mount /tmp as an overlay filesystem -mkdir -p /tmp -mount -t overlay overlay \ - -o lowerdir=/tmp,upperdir=${OVERLAY_BASE}/tmp_upper,workdir=${OVERLAY_BASE}/tmp_work \ - /tmp - -# Mount /var/log via NFS -NFS_SERVER="192.168.12.239" -NFS_PATH="/clients/$DHCP_HOSTNAME" -LOCAL_MOUNT_POINT="/var/log" - -echo "Creating local mount point: $LOCAL_MOUNT_POINT" -mkdir -p $LOCAL_MOUNT_POINT - -# Ensure NFS utilities are available -if ! command -v mount.nfs > /dev/null; then - echo "NFS utilities not found! Installing nfs-common..." - sudo apt-get update - sudo apt-get install -y nfs-common -fi - -echo "Mounting NFS: $NFS_SERVER:$NFS_PATH to $LOCAL_MOUNT_POINT" -mount -t nfs "$NFS_SERVER:$NFS_PATH" $LOCAL_MOUNT_POINT || { - echo "NFS mount failed, using OverlayFS for /var/log." - # If NFS fails, use OverlayFS for /var/log - mkdir -p ${OVERLAY_BASE}/varlog_upper - mount -t overlay overlay \ - -o lowerdir=/var/log,upperdir=${OVERLAY_BASE}/varlog_upper,workdir=${OVERLAY_BASE}/varlog_work \ - /var/log -} - -# Mount Chromium user data directory as an overlay -mkdir -p /home/loginuser/.config/chromium -mount -t overlay overlay \ - -o lowerdir=/home/loginuser/.config/chromium,upperdir=${OVERLAY_BASE}/chromium_upper,workdir=${OVERLAY_BASE}/chromium_work \ - /home/loginuser/.config/chromium - -# Fix permissions for loginuser -chown -R loginuser:loginuser /home/loginuser/.config/chromium -chmod 700 /home/loginuser/.config/chromium - -# Ensure that /var/log and /tmp are set up for the next boot -echo "Adding NFS /var/log mount to /etc/fstab" -if ! grep -q "$NFS_SERVER:$NFS_PATH" /etc/fstab; then - echo "$NFS_SERVER:$NFS_PATH $LOCAL_MOUNT_POINT nfs defaults 0 0" | sudo tee -a /etc/fstab -fi - -echo "OverlayFS and NFS logging setup completed successfully." -echo "Starting system..." - -# Continue with the regular boot process -exec /sbin/init \ No newline at end of file