public inbox for passt-dev@passt.top
 help / color / mirror / code / Atom feed
blob 75d1260f434c07c1c45e5c8aae91f96f30846d5e 3117 bytes (raw)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
 
#!/bin/sh
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# PASST - Plug A Simple Socket Transport
#  for qemu/UNIX domain socket mode
#
# test/passt.mbuto - mbuto (https://mbuto.sh) profile for test images
#
# Copyright (c) 2022 Red Hat GmbH
# Author: Stefano Brivio <sbrivio@redhat.com>

PROGS="${PROGS:-ash,dash,bash ip mount ls insmod mkdir ln cat chmod lsmod
       modprobe find grep mknod mv rm umount jq iperf3 dhclient hostname
       sed tr chown sipcalc cut socat dd strace ping tail killall sleep sysctl
       nproc tcp_rr tcp_crr udp_rr which tee seq bc sshd ssh-keygen cmp}"

KMODS="${KMODS:- virtio_net virtio_pci vmw_vsock_virtio_transport}"

LINKS="${LINKS:-
	 ash,dash,bash		/init
	 ash,dash,bash		/bin/sh}"

DIRS="${DIRS} /tmp /sbin /usr/share /var/log /var/lib /etc/ssh /run/sshd /root/.ssh"

COPIES="${COPIES} small.bin,/root/small.bin medium.bin,/root/medium.bin big.bin,/root/big.bin"

FIXUP="${FIXUP}"'
	mv /sbin/* /usr/sbin || :
	rm -rf /sbin
	ln -s /usr/sbin /sbin
	cat > /sbin/dhclient-script << EOF
#!/bin/sh
LOG=/var/log/dhclient-script.log
echo \${reason} \${interface} >> \$LOG
set >> \$LOG

[ -n "\${new_interface_mtu}" ]       && ip link set dev \${interface} mtu \${new_interface_mtu}

[ -n "\${new_ip_address}" ]          && ip addr add \${new_ip_address}/\${new_subnet_mask} dev \${interface}
[ -n "\${new_routers}" ]             && for r in \${new_routers}; do ip route add default via \${r} dev \${interface}; done
:> /etc/resolv.conf
[ -n "\${new_domain_name_servers}" ] && for d in \${new_domain_name_servers}; do echo "nameserver \${d}" >> /etc/resolv.conf; done
[ -n "\${new_domain_name}" ]         && echo "search \${new_domain_name}" >> /etc/resolf.conf
[ -n "\${new_domain_search}" ]       && (printf "search"; for d in \${new_domain_search}; do printf " %s" "\${d}"; done; printf "\n") >> /etc/resolv.conf
[ -n "\${new_ip6_address}" ]         && ip addr add \${new_ip6_address}/\${new_ip6_prefixlen} dev \${interface}
[ -n "\${new_dhcp6_name_servers}" ]  && for d in \${new_dhcp6_name_servers}; do echo "nameserver \${d}%\${interface}" >> /etc/resolv.conf; done
[ -n "\${new_dhcp6_domain_search}" ] && (printf "search"; for d in \${new_dhcp6_domain_search}; do printf " %s" "\${d}"; done; printf "\n") >> /etc/resolv.conf
[ -n "\${new_host_name}" ]           && hostname "\${new_host_name}"
exit 0
EOF
	chmod 755 /sbin/dhclient-script
	ln -s /bin /usr/bin
	ln -s /run /var/run
	:> /etc/fstab

	# sshd(dropbear) via vsock
	cat > /etc/passwd << EOF
root:x:0:0:root:/root:/bin/sh
sshd:x:100:100:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
EOF
	cat > /etc/shadow << EOF
root:::0:99999:7:::
EOF
	chmod 000 /etc/shadow

	:> /etc/ssh/sshd_config
	ssh-keygen -A
	chmod 700 /root/.ssh
	chmod 700 /run/sshd
	# Alternative location for the priv separation dir
	ln -s /run/sshd /usr/share/empty.sshd

	cat > /root/.ssh/authorized_keys <<EOF
'"$(cat guest-key.pub 2>/dev/null || :)"'
EOF
	chmod 600 /root/.ssh/authorized_keys
	chmod 700 /root
	socat VSOCK-LISTEN:22,fork EXEC:"sshd -i -e" 2> /var/log/vsock-ssh.log &
	sh +m
'

OUTPUT="KERNEL=__KERNEL__
INITRD=__INITRD__
"

debug log:

solving 75d1260 ...
found 75d1260 in https://passt.top/passt

Code repositories for project(s) associated with this public inbox

	https://passt.top/passt

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for IMAP folder(s).