obmc-init.sh: Use u-boot env instead of password for emergency console
The password prompt doesn't work anymore. Since it relied on the
default password, remove the password prompt and just drop into
a shell if a new enable-initrd-debug-sh u-boot environment value is set.
The security implications are the same since the default
password is public and there is a need to have access to u-boot
to set the environment value.
If the environment value is not set, kernel panic the system.
Closes openbmc/openbmc#3649
Tested: Verified kernel panic if environment value was not set, and
if it was set the emergency console dropped into a shell and basic
linux commands worked:
Mounting read-write /dev/mtdblock5 filesystem failed. Please fix and run
mount /dev/mtdblock5 run/initramfs/rw -t jffs2 -o rw
or perform a factory reset with the clean-rwfs-filesystem option.
Try to manually fix.
After fixing run exit to continue this script, or reboot -f to retry, or
touch /takeover and exit to become PID 1 allowing editing of this script.
/bin/sh: can't access tty; job control turned off
/ #
(From meta-phosphor rev: 368550b2d259ac8d08c993b0d695f38aec8992fa)
Change-Id: I0431690b3b4facadbe224fc822d6bd06f35b51f5
Signed-off-by: Adriana Kobylak <anoo@us.ibm.com>
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
diff --git a/meta-phosphor/recipes-phosphor/initrdscripts/files/obmc-init.sh b/meta-phosphor/recipes-phosphor/initrdscripts/files/obmc-init.sh
index 62be89f..e61ede9 100644
--- a/meta-phosphor/recipes-phosphor/initrdscripts/files/obmc-init.sh
+++ b/meta-phosphor/recipes-phosphor/initrdscripts/files/obmc-init.sh
@@ -128,18 +128,25 @@
debug_takeover() {
echo "$@"
- test -n "$@" && echo Enter password to try to manually fix.
+
+ if ! grep -w enable-initrd-debug-sh "$optfile"
+ then
+ echo "Fatal error, triggering kernel panic!"
+ exit 1
+ fi
+
+ test -n "$@" && echo Try to manually fix.
cat << HERE
After fixing run exit to continue this script, or reboot -f to retry, or
touch /takeover and exit to become PID 1 allowing editing of this script.
HERE
- while ! sulogin && ! test -f /takeover
+ while ! /bin/sh && ! test -f /takeover
do
- echo getty failed, retrying
+ echo /bin/sh failed, retrying
done
- # Touch /takeover in the above getty to become pid 1
+ # Touch /takeover in the above shell to become pid 1
if test -e /takeover
then
cat << HERE
@@ -208,7 +215,12 @@
if grep -w debug-init-sh $optfile
then
- debug_takeover "Debug initial shell requested by command line."
+ if grep -w enable-initrd-debug-sh "$optfile"
+ then
+ debug_takeover "Debug initial shell requested by command line."
+ else
+ echo "Need to also add enable-initrd-debug-sh for debug shell."
+ fi
fi
if test "x$consider_download_files" = xy &&
@@ -394,7 +406,7 @@
Mounting read-write $rwdev filesystem failed. Please fix and run
mount $rwdev $rwdir -t $rwfst -o $rwopts
-to to continue, or do change nothing to run from RAM for this boot.
+or perform a factory reset with the clean-rwfs-filesystem option.
HERE
debug_takeover "$msg"
fi
@@ -411,7 +423,7 @@
Unable to confirm /sbin/init is an executable non-empty file
in merged file system mounted at /root.
-Change Root test failed! Invoking emergency shell.
+Change Root test failed!
HERE
debug_takeover "$msg"
done