#!/bin/sh
. $CONFDIR/conf.d/remoteunlock
[ -z "$REMOTEUNLOCK" ] && exit 0

PREREQ=""
prereqs()
{
	echo "$PREREQ"
}

case $1 in
prereqs)
	prereqs
	exit 0
	;;
esac

. /usr/share/initramfs-tools/hook-functions




umask 022

#get binaries and their libs
for i in bash chmod chown dhclient-script dhclient3 hostname ifconfig mv rm route
do
	copy_exec $(which $i)
done
copy_exec /usr/lib/openssh/sftp-server
copy_exec /usr/sbin/sshd
copy_exec /lib/libcom_err.so.2
copy_exec /lib/libdl.so.2
copy_exec /lib/libnsl.so.1
copy_exec /lib/libnss_compat.so.2
copy_exec /lib/libnss_dns.so.2
copy_exec /usr/bin/strace

#ensure boot scripts are executable
find $DESTDIR/scripts -name remoteunlock -exec chmod 755 {} \;




#debug?
[ $allow_debug ] && touch $DESTDIR/conf/conf.d/remoteunlock_allow_debug

#etc/passwd
echo "root::0:0:root:/root:/bin/sh" > $DESTDIR/etc/passwd

#etc/resolv.conf
#prevents ssh login if no DNS available, doesn't make any sense anyway
#grep nameserver /etc/resolv.conf  > $DESTDIR/etc/resolv.conf

#ssh config
mkdir -m 755 $DESTDIR/etc/ssh
cp /etc/ssh/ssh_host_dsa_key $DESTDIR/etc/ssh/ssh_host_dsa_key
cp /etc/ssh/ssh_host_rsa_key $DESTDIR/etc/ssh/ssh_host_rsa_key
cat > $DESTDIR/etc/ssh/sshd_config <<EOF
	Port 22222
	Protocol 2
	HostKey /etc/ssh/ssh_host_rsa_key
	HostKey /etc/ssh/ssh_host_dsa_key
	UsePrivilegeSeparation no
	KeyRegenerationInterval 3600
	ServerKeyBits 768
	LoginGraceTime 5
	PermitRootLogin yes
	StrictModes yes
	RSAAuthentication yes
	PubkeyAuthentication yes
	IgnoreRhosts yes
	RhostsRSAAuthentication no
	HostbasedAuthentication no
	IgnoreUserKnownHosts yes
	PermitEmptyPasswords no
	ChallengeResponseAuthentication no
	PasswordAuthentication no
	X11Forwarding no
	PrintMotd no
	PrintLastLog no
	KeepAlive no
	AcceptEnv LANG LC_*
	Subsystem sftp /usr/lib/openssh/sftp-server
	UsePAM no
	AddressFamily inet
EOF

mkdir -pm 700 $DESTDIR/root/.ssh
cp /root/.ssh/authorized_keys $DESTDIR/root/.ssh/authorized_keys


#dhcp config
mkdir -m 755 $DESTDIR/etc/dhcp3
cat > $DESTDIR/etc/dhcp3/dhclient.conf <<EOF
send dhcp-lease-time 21600;
request subnet-mask, broadcast-address, time-offset, routers,
        domain-name, static-routes, host-name,
        domain-name-servers,
        netbios-name-servers, netbios-scope;
EOF
mkdir -pm755 $DESTDIR/var/lib/dhcp3

#tzconfig
cp /etc/localtime $DESTDIR/etc/localtime
