Bug#496252: network-console: Add support for launching an SSH server during installer startup

[Jérémy Bobbio]

Package: network-console
Version: 1.20
Severity: wishlist

Hi!

While debugging #484366, I needed to debug cdebconf on a computer that
lacked a serial connection.  As I needed to have a shell to be able to
start gdb, I thought that I could use an SSH server in order to do that.

The attached patch against network-console adds an extra step during
debian-installer startup that just does that when "BOOT_DEBUG=3" and
"device=ethX" are specified on the command-line.

It's a little bit crude, but was truly helpful on solving that issue.
So even if we don't get this in tree, this can be left as a reference.

Cheers,
-- 
Jérémy Bobbio.''`. 
[EMAIL PROTECTED]: :Ⓐ  :  # apt-get install anarchism
`. `'` 
  `-   
commit 6c68d46b0eb8e8dcd73551eeb6a227175506082c
Author: Jérémy Bobbio <[EMAIL PROTECTED]>
Date:   Sat Aug 23 21:33:33 2008 +0200

Add support for starting an SSH server during the installer startup.

In order to ease the debugging of issues arising in cdebconf, an SSH
server can now be launched during the installer startup.

In order to do so, network-console must be built in the initrd, and the
kernel command line must contain the "BOOT_DEBUG=3" and
"device=" options.

The shell will be started after configuring the device using the
DHCP client.

diff --git a/installer/doc/devel/internals/internals.xml b/installer/doc/devel/internals/internals.xml
index a3b4748..a0acb84 100644
--- a/installer/doc/devel/internals/internals.xml
+++ b/installer/doc/devel/internals/internals.xml
@@ -340,6 +340,16 @@ The boot process for the installer is similar to the boot of a regular system. A
 
 
 
+When network-console is built-in the initrd, it is also
+possible to start a SSH server during the installer startup. On top of
+specifiying BOOT_DEBUG=3 on the command-line,
+device=ethX must be added. A DHCP request
+will be issued on this device before starting the server. The connection can
+then be made by using "root" as user and "debug" as password. This method has
+proven useful to debug issues in cdebconf.
+
+
+
 It is possible to pass additional kernel and boot parameters. Kernel parameters are sometimes needed to get non-conformant hardware supported, or to install from serial console instead of an attached keyboard/display.
 
 
diff --git a/packages/network-console/Makefile b/packages/network-console/Makefile
index f982bd8..e000840 100644
--- a/packages/network-console/Makefile
+++ b/packages/network-console/Makefile
@@ -11,6 +11,8 @@ install-network-console:
 	install -m644 sshd_config $(DESTDIR)/etc/ssh
 	install -d $(DESTDIR)/usr/lib/post-base-installer.d/
 	install -m755 post-base-installer $(DESTDIR)/usr/lib/post-base-installer.d/80network-console
+	install -d $(DESTDIR)/lib/debian-installer-startup.d/
+	install -m755 debian-installer-startup $(DESTDIR)/lib/debian-installer-startup.d/S09network-console
 
 clean:
 	rm -f gen-crypt
diff --git a/packages/network-console/debian-installer-startup b/packages/network-console/debian-installer-startup
new file mode 100755
index 000..73835d0
--- /dev/null
+++ b/packages/network-console/debian-installer-startup
@@ -0,0 +1,26 @@
+#!/bin/sh
+
+if [ "$BOOT_DEBUG" -le 2 ] || ! grep -q device= /proc/cmdline; then
+	exit 0
+fi
+
+KEY_FILE=/etc/ssh/ssh_host_rsa_key
+
+DEVICE=$(sed -e 's/.* device=\([^ ]*\).*/\1/p' /proc/cmdline)
+dhclient $device
+
+if [ ! -f $KEY_FILE ]; then
+	ssh-keygen -b 2048 -t rsa -N '' -f $KEY_FILE -q
+fi
+echo "root:$(gen-crypt "debug"):1:0:9:7:::" >> /etc/shadow
+/usr/sbin/sshd
+
+KEY_FINGERPRINT=$(ssh-keygen -l -f $KEY_FILE | cut -f2 -d ' ')
+IPADDR=$(ip addr | grep '^[[:space:]]*inet ' | grep -v "127\.0\." | \
+	 head -n 1 | sed 's/.*inet \([0-9.]*\).*/\1/')
+echo "--- Debug SSH access enabled on $IPADDR"
+echo "---fingerprint: $KEY_FINGERPRINT"
+echo ""
+echo "Press enter to continue."
+
+read dummy
diff --git a/packages/network-console/debian/changelog b/packages/network-console/debian/changelog
index f54de42..d003734 100644
--- a/packages/network-console/debian/changelog
+++ b/packages/network-console/debian/changelog
@@ -1,3 +1,13 @@
+network-console (1.21) UNRELEASED; urgency=low
+
+  [ Jérémy Bobbio ]
+  * Add support for starting an SSH server during the installer startup.
+"BOOT_DEBUG=3" and "device=" must be specified on the
+command line.  The shell will be started after configuring the device
+using the DHCP client.
+
+ -- Jérémy Bobbio <[EMAIL PROTECTED]>  Sat, 23 Aug 2008 21:24:35 +0200
+
 network-console (1.20) unstable; urgency=low
 
   [ Martin Michlmayr ]


signature.asc
Description: Digital signature

Bug#496252: network-console: Add support for launching an SSH server during installer startup

[Otavio Salvador]

Jérémy Bobbio <[EMAIL PROTECTED]> writes:

> The attached patch against network-console adds an extra step during
> debian-installer startup that just does that when "BOOT_DEBUG=3" and
> "device=ethX" are specified on the command-line.
>
> It's a little bit crude, but was truly helpful on solving that issue.
> So even if we don't get this in tree, this can be left as a reference.

It does look useful. I agree that regular users won't use that feature
but for debugging this is a great tool to be available. I think that
this doesn't hurt to be available and could be commited IMO. Others?

-- 
O T A V I OS A L V A D O R
-
 E-mail: [EMAIL PROTECTED]  UIN: 5906116
 GNU/Linux User: 239058 GPG ID: 49A5F855
 Home Page: http://otavio.ossystems.com.br
-
"Microsoft sells you Windows ... Linux gives
 you the whole house."



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#496252: network-console: Add support for launching an SSH server during installer startup

[Jérémy Bobbio]

On Mon, Aug 25, 2008 at 10:03:27AM -0300, Otavio Salvador wrote:
> > The attached patch against network-console adds an extra step during
> > debian-installer startup that just does that when "BOOT_DEBUG=3" and
> > "device=ethX" are specified on the command-line.
> >
> > It's a little bit crude, but was truly helpful on solving that issue.
> > So even if we don't get this in tree, this can be left as a reference.
> 
> It does look useful. I agree that regular users won't use that feature
> but for debugging this is a great tool to be available. I think that
> this doesn't hurt to be available and could be commited IMO. Others?

I would rather prefer to make this change post-Lenny.  I should have
been clearer on that in my initial report.

Cheers,
-- 
Jérémy Bobbio.''`. 
[EMAIL PROTECTED]: :Ⓐ  :  # apt-get install anarchism
`. `'` 
  `-   


signature.asc
Description: Digital signature

Bug#496252: network-console: Add support for launching an SSH server during installer startup

[Otavio Salvador]

Jérémy Bobbio <[EMAIL PROTECTED]> writes:

> On Mon, Aug 25, 2008 at 10:03:27AM -0300, Otavio Salvador wrote:
>> > The attached patch against network-console adds an extra step during
>> > debian-installer startup that just does that when "BOOT_DEBUG=3" and
>> > "device=ethX" are specified on the command-line.
>> >
>> > It's a little bit crude, but was truly helpful on solving that issue.
>> > So even if we don't get this in tree, this can be left as a reference.
>> 
>> It does look useful. I agree that regular users won't use that feature
>> but for debugging this is a great tool to be available. I think that
>> this doesn't hurt to be available and could be commited IMO. Others?
>
> I would rather prefer to make this change post-Lenny.  I should have
> been clearer on that in my initial report.

Since this is not used by users by default, personally I don't see any
reason to delay it but it's more up to you then me.

-- 
O T A V I OS A L V A D O R
-
 E-mail: [EMAIL PROTECTED]  UIN: 5906116
 GNU/Linux User: 239058 GPG ID: 49A5F855
 Home Page: http://otavio.ossystems.com.br
-
"Microsoft sells you Windows ... Linux gives
 you the whole house."



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]