def fn_00_start():
deflevel="2"
if "static4IP" in __opts__.opt_vals: deflevel="5"
print("id:"+deflevel+":initdefault:")
print ("")
print ("si:S:sysinit:/sbin/python -m boot")
print ("ca::ctrlaltdel:/sbin/init 6")
print ("l0:0:wait:/sbin/python -m poweroff")
print ("l6:6:wait:/sbin/python -m reboot")
print ("")
print("hd:2345:respawn:/usr/sbin/haveged -F >/tmp/haveged.log 2>&1")
if slimlib.opt_is_y("allowConsoleLogin"):
print ("c2:12345:respawn:/sbin/getty 38400 tty2 linux")
print ("c3:12345:respawn:/sbin/getty 38400 tty3 linux")
print ("c4:12345:respawn:/sbin/getty 38400 tty4 linux")
# print ("X5:12345:respawn:/sbin/sh < /dev/tty5 > /dev/tty5 2>&1")
# print ("X6:12345:respawn:/sbin/sh < /dev/tty6 > /dev/tty6 2>&1")
# print ("X7:12345:respawn:/sbin/sh < /dev/tty7 > /dev/tty7 2>&1")
print ("")
if slimlib.opt_is_y("syslogToDisk"):
extra_syslog=""
if "syslogSize" in __opts__.opt_vals:
extra_syslog="-s " + __opts__.opt_vals["syslogSize"]
print("sl:2345:respawn:/sbin/syslogd -n -b 5 -D",extra_syslog)
else:
print("sl:2345:respawn:/sbin/syslogd -n -C100")
print ("kl:2345:respawn:/sbin/klogd -n")
print ("ap:2345:respawn:/sbin/acpid -d -f >/dev/tty9 2>&1")
print ("")
if not "static4IP" in __opts__.opt_vals:
print ("dh:2345:respawn:/sbin/udhcpc -f -s /usr/python/udhcpc_script.py -S >/tmp/udhcpc.log 2>&1")
print ("")
print ("cr:345:respawn:/sbin/crond -l 10 -c /var/cron -f")
# allow some entropy to accumulate before running sshd
print ("wt:345:wait:/sbin/sleep 0.5")
if "ntpServers"in __opts__.opt_vals:
print ("ntp:345:respawn:/sbin/python -m start_ntpd > /tmp/ntpd.log 2>&1")
if slimlib.opt_is_y("runningSSHd"):
print ("sd:345:respawn:/sbin/python -m start_sshd > /tmp/sshd.log 2>&1")
def fn_40_dns():
if "dnsSecondary" in __opts__.opt_vals:
__opts__.opt_vals["dnsWithSecondary"] = "Y"
if "dnsPrimary" in __opts__.opt_vals:
__opts__.opt_vals["dnsWithPrimary"] = "Y"
dnsbase = "/ram/dns"
if (slimlib.opt_is_y("dnsLogging") or slimlib.opt_is_y("dnsWithSecondary")
or slimlib.opt_is_y("dnsWithPrimary")):
dnsbase = "/opt/data/dns"
__opts__.opt_vals["dnsbase"] = dnsbase
os.makedirs(dnsbase, exist_ok=True)
def fn_30_bgp(ipv):
if not slimlib.opt_is_y("runningBGPd"): return
print("-A BGPEER -p icmp -j ACCEPT")
print("-A BGPEER -p tcp --dport 179 -j ACCEPT")
print("-A BGPEER -p tcp --sport 179 -j ACCEPT")
if os.path.isfile("/opt/config/bgpd.conf"):
with open("/opt/config/bgpd.conf","r") as fd:
addrs = [ l.strip().split()[2] for l in fd if l.startswith("neighbor ") and l.find(" remote-as ") >= 0 ]
else:
with open(__opts__.syscfg,"r") as fd:
addrs= [ l[9:].strip('"').strip("'").split(",")[0] for l in fd if l.startswith("bgpPeers=") ]
for ip in addrs:
if select_addr(ip,ipv):
print ("-A INPUT -s",ip,"-j BGPEER")
print ("-A OUTPUT -d",ip,"-j BGPEER")
if "bgpRemoteAllow" in __opts__.opt_vals:
for all in slimlib.by_addr_type(__opts__.opt_vals["bgpRemoteAllow"],ipv):
print("-A INPUT -p tcp -m tcp -s "+all+" --dport 2601 -j ACCEPT")
print("-A INPUT -p tcp -m tcp -s "+all+" --dport 2605 -j ACCEPT")
print("-A OUTPUT -p tcp -m tcp -d "+all+" --sport 2601 -j ACCEPT")
print("-A OUTPUT -p tcp -m tcp -d "+all+" --sport 2605 -j ACCEPT")
def fn_99_end(ipv):
if slimlib.opt_is_y("firewallLogging"):
print("-A OUTPUT -j LOG --log-prefix <OUT>")
print("-A INPUT -j LOG --log-prefix <INP>")
print("-A INPUT -j DROP")
print("-A FORWARD -j DROP")
print("-A OUTPUT -j DROP")
print("COMMIT")
def fn_20_sshd(ipv):
if slimlib.opt_is_y("runningSSHd"):
if "sshRemoteAllow" in __opts__.opt_vals:
for all in slimlib.by_addr_type(
__opts__.opt_vals["sshRemoteAllow"], ipv):
print("-A INPUT -p tcp -s " + all + " --dport 22 -j ACCEPT")
print("-A OUTPUT -p tcp -d " + all + " --sport 22 -j ACCEPT")
else:
print("-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT")
print("-A OUTPUT -p tcp -m tcp --sport 22 -j ACCEPT")
def fn_10_snmp():
if slimlib.opt_is_y("runningSnmpd"):
print("sn:45:respawn:/sbin/python -m start_snmpd >/tmp/snmpd.log 2>&1")
#! /sbin/python # # (c) Copyright 2017-2018 James Stevens ([email protected]) - All Rights Reserved # see License.txt for details import __opts__,opts, slimlib if slimlib.opt_is_y("runningSnmpd"): if "snmpRemoteAllow" in __opts__.opt_vals: src=__opts__.opt_vals["snmpRemoteAllow"] else: src="0/0" for all in slimlib.by_addr_type(src): print("-A INPUT -p udp -m udp -s "+all+" --dport 161 -j ACCEPT") print("-A OUTPUT -p udp -m udp -d "+all+" --sport 161 -j ACCEPT")
#! /sbin/python # # (c) Copyright 2017-2018 James Stevens ([email protected]) - All Rights Reserved # see License.txt for details import subprocess import __opts__,opts, slimlib if slimlib.opt_is_y("dnsWithAS112"): with open("/dev/null","w") as fd: for ip in ["192.175.48.1","192.175.48.6","192.175.48.42","192.31.196.1"]: subprocess.run(["/sbin/ip","-4","add","addr",ip+"/32","dev","eth0"],stdout=fd,stderr=fd) for ip in ["2620:4f:8000::1","2620:4f:8000::6","2620:4f:8000::42","2001:4:112::1"]: subprocess.run(["/sbin/ip","-6","addr","add",ip+"/128","dev","eth0"],stdout=fd,stderr=fd)
def fn_40_dns(ipv):
dns_local = "1024:65535"
print("-A INPUT -p udp -m udp --dport 53 -j UDPDNS")
print("-A INPUT -p tcp -m tcp --dport 53 -j TCPDNS")
print("-A OUTPUT -p udp -m udp --sport 53 -j OUTUDPDNS")
print("-A OUTPUT -p tcp -m tcp --sport 53 -j OUTTCPDNS")
if slimlib.opt_is_y("dnsResolver"):
print("-A INPUT -p udp --dport " + dns_local + " --sport 53 -j ACCEPT")
print("-A INPUT -p tcp --dport " + dns_local + " --sport 53 -j ACCEPT")
print("-A OUTPUT -p udp --sport " + dns_local +
" --dport 53 -j ACCEPT")
print("-A OUTPUT -p tcp --sport " + dns_local +
" --dport 53 -j ACCEPT")
else:
add_external_resolvers(ipv)
if "dnsRndcKey" in __opts__.opt_vals:
if "dnsRndcAllow" in __opts__.opt_vals:
for all in slimlib.by_addr_type(__opts__.opt_vals["dnsRndcAllow"],
ipv):
print("-A INPUT -p tcp -s " + all + " --dport 953 -j ACCEPT")
print("-A OUTPUT -p tcp -d " + all + " --sport 953 -j ACCEPT")
else:
print("-A INPUT -p tcp --dport 953 -j ACCEPT")
print("-A OUTPUT -p tcp --sport 953 -j ACCEPT")
if slimlib.opt_is_y("dnsWithSecondary"):
with open(__opts__.syscfg, "r") as sysfd:
lines = [
l.strip()[14:].strip('"').strip("'") for l in sysfd
if l.startswith("dnsSecondary=")
]
for l in lines:
if l.find(" ") < 0: continue
l = l[l.find(" "):]
while l[0] == " ":
l = l[1:]
for all in slimlib.by_addr_type(l, ipv):
print("-A UDPDNS -s", all, " -j ACCEPT")
loc = "1b"
if ipv == "6": loc = "3d"
if slimlib.opt_is_y("firewallBlockResp"):
if slimlib.opt_is_y("firewallLogging"):
print("-A UDPDNS -m u32 --u32 0x" + loc +
"&0x80=0x80 -j LOG --log-prefix <RESP>")
print("-A UDPDNS -m u32 --u32 0x" + loc + "&0x80=0x80 -j DROP")
if ("firewallBlockRD1" in __opts__.opt_vals
and not __opts__.opt_vals["firewallBlockRD1"] == "N"):
for all in slimlib.by_addr_type(
__opts__.opt_vals["dnsResolverAllowed"], ipv):
print("-A RD1 -s " + all + " -j RETURN")
if not slimlib.opt_is_y("firewallBlockRD1"):
x = __opts__.opt_vals["firewallBlockRD1"]
if x.isdigit():
l = int(x)
if l <= 0: l = 10
else:
l = 10
b = l / 10
if b <= 5: b = 5
print("-A RD1 -m limit --limit " + str(l) + " --limit-burst " +
str(b) + " -j RETURN")
if slimlib.opt_is_y("firewallLogging"):
print("-A RD1 -j LOG --log-prefix <RD1>")
print("-A RD1 -j DROP")
print("-A UDPDNS -m u32 --u32 0x" + loc + "&0x1=1 -j RD1")
print("-A OUTUDPDNS -j ACCEPT")
print("-A OUTTCPDNS -j ACCEPT")
print("-A UDPDNS -j ACCEPT")
print("-A TCPDNS -j ACCEPT")
def make_dns_conf():
dnsbase=__opts__.opt_vals["dnsbase"]
(ux_fd,tname) = tempfile.mkstemp()
tfd = os.fdopen(ux_fd,"w")
print("""options {
listen-on {
127.0.0.1; // localhost
// The following address is node-dependent and should be set to
// something appropriate for the new AS112 node.
""",file=tfd)
with open("/ram/addrs","r") as fd:
lines=[ l.split()[2] for l in fd if l.startswith("4 ") ]
if len(lines) > 0: print("; ".join(lines),";",file=tfd)
if slimlib.opt_is_y("dnsWithAS112"):
print("""
// The following addresses are used to support Direct Delegation
// AS112 service and are the same for all AS112 nodes.
192.175.48.1; // prisoner.iana.org (anycast)
192.175.48.6; // blackhole-1.iana.org (anycast)
192.175.48.42; // blackhole-2.iana.org (anycast)
// The following address is used to support DNAME redirection
// AS112 service and is the same for all AS112 nodes.
192.31.196.1; // blackhole.as112.arpa (anycast)""",file=tfd)
print("""};
listen-on-v6 {
::1; // localhost
""",file=tfd)
if slimlib.opt_is_y("dnsWithAS112"):
print("""
// The following addresses are used to support Direct Delegation
// AS112 service and are the same for all AS112 nodes.
2620:4f:8000::1; // prisoner.iana.org (anycast)
2620:4f:8000::6; // blackhole-1.iana.org (anycast)
2620:4f:8000::42; // blackhole-2.iana.org (anycast)
// The following address is used to support DNAME redirection
// AS112 service and is the same for all AS112 nodes.
2001:4:112::1; // blackhole.as112.arpa (anycast)
""",file=tfd)
with open("/ram/addrs","r") as fd:
lines=[ l.strip() for l in fd if l.startswith("6 ") ]
if len(lines) > 0: print("; ".join(lines),";",file=tfd)
print("""
};
directory "/var/dns";
allow-update { none; };
allow-transfer { 127.0.0.0/8; };
notify no;
max-udp-size 4096;
edns-udp-size 4096;
""",file=tfd)
if slimlib.opt_is_y("dnsDNSSEC"):
print("dnssec-enable yes;",file=tfd)
else:
print("dnssec-enable no;",file=tfd)
if slimlib.opt_is_y("dnsResolver"):
print(" recursion yes;",file=tfd)
if "dnsResolverAllowed" in __opts__.opt_vals:
tfd.write(" allow-recursion { 127.0.0.0/8; ::1; ")
for svr in __opts__.opt_vals["dnsResolverAllowed"].split(): tfd.write(svr+"; ")
print("};",file=tfd)
else:
print(" recursion no; // authoritative-only server",file=tfd)
print(" }; ",file=tfd)
if slimlib.opt_is_y("dnsLogging"):
print("// dnsLogging = ",__opts__.opt_vals["dnsLogging"],file=tfd)
print("""
// Log queries, so that when people call us about unexpected
// answers to queries they did not realise they had sent, we
// have something to talk about. Note that activating this
// naively has the potential to create high CPU load and consume
// enormous amounts of disk space. This example retains 2 old
// versions at a maximum of 500 MB each before rotating out the
// oldest one.
logging {
channel "querylog" {
file "/var/log/query.log" versions 2 size 500m;
print-time yes;
};
category queries { querylog; };
};""",file=tfd)
if os.path.isfile("/opt/config/rndc.conf"):
shutil.copy2("/opt/config/rndc.conf","/ram/etc/rndc.conf")
elif "dnsRndcKey" in __opts__.opt_vals:
print("key \"rndc-key\" { algorithm hmac-md5; secret \""+__opts__.opt_vals["dnsRndcKey"]+"\"; };",file=tfd)
print("controls {",file=tfd)
print(" inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { \"rndc-key\"; };",file=tfd)
if ( "dnsRndcAllow" in __opts__.opt_vals
and not __opts__.opt_vals["dnsRndcAllow"] == "127.0.0.1"
):
addrs = __opts__.opt_vals["dnsRndcAllow"].split()
for ipv in ["4","6"]:
with open("/ram/addrs","r") as afd:
lines=[ l.strip() for l in afd if l.startswith(ipv+" ") ]
for l in lines:
print("\tinet",l.split()[2],"port 953 allow {",file=tfd)
for a in addrs:
if slimlib.select_addr(a,ipv): tfd.write(a+"; ")
print("} keys { \"rndc-key\"; };",file=tfd)
print("};",file=tfd)
with open("/ram/etc/rndc.conf","w") as rfd:
print("key \"rndc-key\" { algorithm hmac-md5; secret \""+__opts__.opt_vals["dnsRndcKey"]+"\"; };",file=rfd)
print("options { default-key \"rndc-key\"; default-server 127.0.0.1; default-port 953; };",file=rfd)
if slimlib.opt_is_y("dnsWithAS112"):
print("""
// Direct Delegation AS112 Service
// RFC 1918
zone "10.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "16.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "17.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "18.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "19.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "20.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "21.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "22.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "23.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "24.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "25.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "26.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "27.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "28.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "29.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "30.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "31.172.in-addr.arpa" { type master; file "db.dd-empty"; };
zone "168.192.in-addr.arpa" { type master; file "db.dd-empty"; };
// RFC 6890
zone "254.169.in-addr.arpa" { type master; file "db.dd-empty"; };
// DNAME redirection AS112 Service
zone "empty.as112.arpa" { type master; file "db.dr-empty"; };
// Also answer authoritatively for the HOSTNAME.AS112.NET and
// HOSTNAME.AS112.ARPA zones, which contain data of operational
// relevance.
zone "hostname.as112.net" {
type master;
file "db.hostname.as112.net";
};
zone "hostname.as112.arpa" {
type master;
file "db.hostname.as112.arpa";
};
""",file=tfd)
if slimlib.opt_is_y("dnsWithSecondary"):
os.makedirs(dnsbase+"/slave",exist_ok=True)
shutil.chown(dnsbase+"/slave","nobody","nobody")
with open(__opts__.syscfg,"r") as sysfd:
lines = [ l.strip()[13:].strip('"').strip("'") for l in sysfd if l.startswith("dnsSecondary=") ]
for l in lines:
a = l.split()
file=a[0].replace("/","_").replace(":","_")
tfd.write("zone \""+a[0]+"\" { type slave; file \"/slave/"+file+"\";\n\tmasters {")
del a[0]
tfd.write("; ".join(a))
print("; }; };\n",file=tfd)
if slimlib.opt_is_y("dnsWithPrimary"):
os.makedirs(dnsbase+"/master",exist_ok=True)
shutil.chown(dnsbase+"/slave","nobody","nobody")
with open(__opts__.syscfg,"r") as sysfd:
lines = [ l.strip()[11:].strip('"').strip("'") for l in sysfd if l.startswith("dnsPrimary=") ]
for l in lines:
a = l.split()
file=a[0].replace("/","_").replace(":","_")
tfd.write("zone \""+a[0]+"\" { type master; notify explicit; file \"/slave/"+file+"\";\n\tmasters {")
del a[0]
iplist = [ l.strip() for l in a if l.find("/") < 0 ]
tfd.write("\tallow-transfer { "+"; ".join(a)+"; 127.0.0.0/8; };\n")
tfd.write("\talso-notify { "+"; ".join(iplist)+"; };\n")
print("\t};\n",file=tfd)
tfd.close()
conf="/etc/dns.conf"
dst=dnsbase+conf
os.makedirs(dnsbase+"/etc",exist_ok=True)
tmp=dnsbase+conf+"_"+str(os.getpid())+"_"+str(random.randint(1,100000))
shutil.copy2(tname,tmp)
slimlib.remove(tname)
shutil.chown(tmp,"nobody","nobody")
os.chmod(tmp,0o400)
os.rename(tmp,dst)
if not subprocess.run(["/sbin/named-checkconf","-t",dnsbase,conf]).returncode == 0:
syslog.syslog("ERROR: \""+conf+"\" failed validation checks")
else:
subprocess.run(["/sbin/killall","-q","-HUP","named"])
def make_bgpd_conf():
with open("/ram/addrs") as fd:
lines = [l.strip() for l in fd if l.startswith("4 ")]
first4ip = lines[0].split()[2]
(tfd, tname) = tempfile.mkstemp()
fd = os.fdopen(tfd, "w")
print("! bgpd.conf\n!", file=fd)
print("hostname", __opts__.opt_vals["serverHostname"], file=fd)
passwd = "aa"
if "bgpPassword" in __opts__.opt_vals:
passwd = __opts__.opt_vals["bgpPassword"]
print("password", passwd, file=fd)
if "bgpEditPassword" in __opts__.opt_vals:
print("enable password", __opts__.opt_vals["bgpEditPassword"], file=fd)
if slimlib.opt_is_y("bgpWithAS112"):
print("!", file=fd)
print(
"! Note that all AS112 nodes use the local Autonomous System Number",
file=fd)
print("! 112, and originate the IPv4 prefixes 192.175.48.0/24 and",
file=fd)
print("! 192.31.196.0/24 and the IPv6 prefixes 2620:4f:8000::/48 and",
file=fd)
print("! 2001:4:112::/48.\n", file=fd)
print(
"! IPv4-only or IPv6-only AS112 nodes should omit advertisements",
file=fd)
print("! for address families they do not support.\n", file=fd)
print("ip prefix-list AS112-v4 permit 192.175.48.0/24", file=fd)
print("ip prefix-list AS112-v4 permit 192.31.196.0/24\n", file=fd)
print("ipv6 prefix-list AS112-v6 permit 2620:4f:8000::/48", file=fd)
print("ipv6 prefix-list AS112-v6 permit 2001:4:112::/48\n", file=fd)
print("ip as-path access-list 1 permit ^$\n", file=fd)
print("router bgp 112", file=fd)
print("bgp router-id", first4ip, file=fd)
print("network 192.175.48.0/24", file=fd)
print("network 192.31.196.0/24\n", file=fd)
else:
print("router bgp", __opts__.opt_vals["bgpMyASN"], file=fd)
print("bgp router-id", first4ip, file=fd)
with open(__opts__.syscfg, "r") as sysfd:
lines = [l.strip()[9:] for l in sysfd if l.startswith("bgpPeers=")]
for l in lines:
a = l.split(",")
addr = a[0]
del a[0]
asn = a[0]
del a[0]
if slimlib.select_addr(addr, "4"):
filter_name = "AS112-v4"
else:
filter_name = "AS112-v6"
print("neighbor", addr, "remote-as", asn, file=fd)
print("neighbor", addr, "next-hop-self", file=fd)
if slimlib.opt_is_y("bgpWithAS112"):
print("neighbor",
addr,
"prefix-list",
filter_name,
"out",
file=fd)
print("neighbor", addr, "filter-list 1 out", file=fd)
for x in a:
print("neighbor", addr, x, file=fd)
print("address-family ipv6 unicast", file=fd)
if slimlib.opt_is_y("bgpWithAS112"):
print("network 2620:4f:8000::/48", file=fd)
print("network 2001:4:112::/48", file=fd)
with open(__opts__.syscfg, "r") as sysfd:
lines = [l.strip()[9:] for l in sysfd if l.startswith("bgpPeers=")]
for l in lines:
a = l.split(",")
addr = a[0]
del a[0]
asn = a[0]
del a[0]
if slimlib.select_addr(addr, "6"):
print("neighbor", addr, "activate", file=fd)
if slimlib.opt_is_y("bgpWithAS112"):
print("neighbor",
addr,
"prefix-list AS112-v6 out",
file=fd)
print("neighbor", addr, "filter-list 1 out", file=fd)
for x in a:
print("neighbor", addr, x, file=fd)
fd.close()
shutil.chown(tname, "quagga", "quagga")
os.chmod(tname, 0o400)
os.rename(tname, "/ram/etc/bgpd.conf")
with open("/ram/ssh/moduli", "w") as fd:
subprocess.run(["/sbin/xz", "-dc", "/etc/moduli.xz"], stdout=fd)
store = "/opt/config/ssh"
if os.path.isdir(store):
slimlib.copytree(store, "/ram/ssh")
else:
subprocess.run(["/sbin/ssh-keygen", "-A"])
os.makedirs(store, exist_ok=True)
slimlib.copytree("/ram/ssh", store)
if not os.path.isdir("/opt/config/ssh/sshd_config"):
(tfd, tname) = tempfile.mkstemp()
myf = os.fdopen(tfd, "w")
if os.path.isdir("/etc/pam.d/."):
print("UsePAM yes", file=myf)
if slimlib.opt_is_y("allowRootSSH"):
print("PermitRootLogin Yes", file=myf)
print("PubkeyAcceptedKeyTypes=+ssh-dss,ssh-rsa", file=myf)
myf.close()
os.chmod(tname, stat.S_IRUSR)
os.rename(tname, "/ram/ssh/sshd_config")
slimlib.remove(tname)
os.execl("/usr/sbin/sshd", "/usr/sbin/sshd", "-D")
def fn_30_bgp():
if slimlib.opt_is_y("runningBGPd"):
print(
"zba:45:respawn:/sbin/python -m start_zebra >/tmp/zebra.log 2>&1")
print("bgp:5:respawn:/sbin/python -m start_bgpd >/tmp/zebra.log 2>&1")
#! /sbin/python # # (c) Copyright 2017-2018 James Stevens ([email protected]) - All Rights Reserved # see License.txt for details import time, os import slimlib, __opts__, opts slimlib.capture_entropy() slimlib.remove("/ram/just-booted") with open("/tmp/all_done.log", "w") as fd: print(time.ctime(), file=fd) with open("/dev/console", "w") as fd: if slimlib.opt_is_y("allowConsoleLogin"): print("--------------- Press Atl-F2 to Login ---------------", file=fd) else: print("------------------ Boot Complete ---------------------", file=fd)