Fedora 16 add-ons required for GRUB 2 and modification concerning SEL…

…inux

Fedora 15 and others still work with these modifications

usr/share/rear/backup/NETFS/GNU/Linux/60_start_selinux.sh

@@ -1,6 +1,6 @@
 # Start SELinux if it was stopped - check presence of /tmp/selinux.mode
 [ -f $TMP_DIR/selinux.mode ] && {
-	cat $TMP_DIR/selinux.mode > /selinux/enforce
+	cat $TMP_DIR/selinux.mode > $SELINUX_ENFORCE
 	Log "Restored original SELinux mode"
 	touch "${BUILD_DIR}/outputfs/${NETFS_PREFIX}/selinux.autorelabel"
 	Log "Trigger autorelabel (SELinux) file"

usr/share/rear/backup/RSYNC/GNU/Linux/31_stop_selinux.sh

@@ -3,7 +3,7 @@
 case "$(basename ${BACKUP_PROG})" in
 	(tar|rsync)
 		#cat /selinux/enforce > $TMP_DIR/selinux.mode
-		echo "0" > /selinux/enforce
+		echo "0" > $SELINUX_ENFORCE
 		Log "Temporarely stop SELinux enforce mode with BACKUP=${BACKUP} and BACKUP_PROG=${BACKUP_PROG} backup"
 	;;
 	(*) # do nothing

usr/share/rear/backup/RSYNC/GNU/Linux/61_start_selinux.sh

@@ -2,7 +2,7 @@
 
 [ -f $TMP_DIR/selinux.mode ] && {
 	touch "${TMP_DIR}/selinux.autorelabel"
-	cat $TMP_DIR/selinux.mode > /selinux/enforce
+	cat $TMP_DIR/selinux.mode > $SELINUX_ENFORCE
 	Log "Restored original SELinux mode"
 	case $RSYNC_PROTO in
 

usr/share/rear/finalize/Fedora/i386/20_install_grub.sh

@@ -10,6 +10,9 @@
 #    guarantee a correct boot-order, or even a working boot-lader config (eg.
 #    GRUB stage2 might not be at the exact same location)
 
+# Only for GRUB Legacy - GRUB2 will be handled by its own script
+[[ $(type -p grub) ]] || return
+
 LogPrint "Installing GRUB boot loader"
 mount -t proc none /mnt/local/proc
 

usr/share/rear/finalize/Fedora/i386/21_install_grub2.sh

@@ -0,0 +1,88 @@
+#  This  script is an improvement over the default grub-install '(hd0)'
+#
+# However the following issues still exist:
+#
+#  * We don't know what the first disk will be, so we cannot be sure the MBR
+#    is written to the correct disk(s). That's why we make all disks bootable.
+#
+#  * There is no guarantee that GRUB was the boot loader used originally. One
+#    solution is to save and restore the MBR for each disk, but this does not
+#    guarantee a correct boot-order, or even a working boot-lader config (eg.
+#    GRUB stage2 might not be at the exact same location)
+
+# Only for GRUB2 - GRUB Legacy will be handled by its own script
+[[ $(type -p grub-install) || $(type -p grub2-install) ]] || return
+
+LogPrint "Installing GRUB2 boot loader"
+mount -t proc none /mnt/local/proc
+#for i in /dev /dev/pts /proc /sys; do mount -B $i /mnt/local${i} ; done
+
+if [[ -r "$LAYOUT_FILE" && -r "$LAYOUT_DEPS" ]]; then
+
+    # Check if we find GRUB where we expect it
+    [[ -d "/mnt/local/boot" ]]
+    StopIfError "Could not find directory /boot"
+    [[ -d "/mnt/local/boot/grub2" ]]
+    StopIfError "Could not find directory /boot/grub2"
+    [[ -r "/mnt/local/boot/grub2/grub.cfg" ]]
+    LogIfError "Unable to find /boot/grub2/grub.cfg."
+
+    # Find exclusive partitions belonging to /boot (subtract root partitions from deps)
+    bootparts=$( (find_partition fs:/boot; find_partition fs:/) | sort | uniq -u )
+    grub_prefix=/grub
+    if [[ -z "$bootparts" ]]; then
+        bootparts=$(find_partition fs:/)
+        grub_prefix=/boot/grub2
+    fi
+    # Should never happen
+    [[ "$bootparts" ]]
+    BugIfError "Unable to find any /boot partitions"
+
+    # Find the disks that need a new GRUB MBR
+    disks=$(grep '^disk ' $LAYOUT_FILE | cut -d' ' -f2)
+    [[ "$disks" ]]
+    StopIfError "Unable to find any disks"
+
+    for disk in $disks; do
+        # Use first boot partition by default
+        part=$(echo $bootparts | cut -d' ' -f1)
+
+        # Use boot partition that matches with this disk, if any
+        for bootpart in $bootparts; do
+            bootdisk=$(find_disk "$bootpart")
+            if [[ "$disk" == "$bootdisk" ]]; then
+                part=$bootpart
+                break
+            fi
+        done
+
+        # Find boot-disk and partition number
+        bootdisk=$(find_disk "$part")
+        partnr=${part#$bootdisk}
+        partnr=${partnr#p}
+        partnr=$((partnr - 1))
+
+        if [[ "$bootdisk" == "$disk" ]]; then
+            #chroot /mnt/local grub2-mkconfig -o /boot/grub2/grub.cfg
+	    #chroot /mnt/local grub2-install "$bootdisk"
+	    grub2-install --root-directory=/mnt/local/ $bootdisk
+        else
+            chroot /mnt/local grub2-mkconfig -o /boot/grub2/grub.cfg
+	    #chroot /mnt/local grub2-install "$bootdisk"
+	    grub2-install --root-directory=/mnt/local/ $bootdisk
+        fi
+
+        if (( $? == 0 )); then
+            NOBOOTLOADER=
+        fi
+    done
+fi
+
+if [[ "$NOBOOTLOADER" ]]; then
+    if chroot /mnt/local grub2-install "$disk" >&2 ; then
+        NOBOOTLOADER=
+    fi
+fi
+
+#for i in /dev /dev/pts /proc /sys; do umount  /mnt/local${i} ; done
+umount /mnt/local/proc

usr/share/rear/prep/GNU/Linux/30_include_grub_tools.sh

@@ -0,0 +1,15 @@
+# GRUB2 has much more commands then the legacy grub command, including modules
+# check if we're using grub2 before doing something...
+[ ! -d $VAR_LIB/recovery ] && mkdir -p $VAR_DIR/recovery
+if has_binary grub-probe; then
+	grub-probe -t device /boot/grub > $VAR_DIR/recovery/bootdisk 2>/dev/null || return
+elif has_binary grub2-probe; then
+	grub2-probe -t device /boot/grub >$VAR_DIR/recovery/bootdisk 2>/dev/null || return
+fi
+
+PROGS=( "${PROGS[@]}"
+grub-install grub-mkdevicemap grub-probe grub-set-default grub-mkconfig grub-reboot grub-setup grub-mkimage
+grub2-install grub2-mkdevicemap grub2-probe grub2-set-default grub2-mkconfig grub2-reboot grub2-setup grub2-mkimage
+)
+
+COPY_AS_IS=( "${COPY_AS_IS[@]}" /etc/default/grub /etc/grub.d/* /etc/grub*.cfg /boot/grub* /usr/lib/grub* )

usr/share/rear/prep/RSYNC/GNU/Linux/20_selinux_in_use.sh

@@ -1,9 +1,18 @@
 # check if SELinux is in use, if not, just silently return
-[[ -f /selinux/enforce ]] || return
+[[ -f /selinux/enforce || -f /sys/fs/selinux/enforce ]] || return
+
+if [ -f /selinux/enforce ]; then
+        SELINUX_ENFORCE=/selinux/enforce
+elif [ -f /sys/fs/selinux/enforce ]; then
+        SELINUX_ENFORCE=/sys/fs/selinux/enforce
+else
+        SELINUX_ENFORCE=
+        BugError "SELinux enforce file is not found. Please enhance this script."
+fi
 
 # check global settings (see default.conf) - non-empty means disable SELinux during backup
 if [ -n "$BACKUP_SELINUX_DISABLE" ]; then
-        cat /selinux/enforce > $TMP_DIR/selinux.mode
+        cat $SELINUX_ENFORCE  > $TMP_DIR/selinux.mode
         RSYNC_SELINUX=
         return
 fi
@@ -19,7 +28,7 @@ case $(basename $BACKUP_PROG) in
 			# no xattrs compiled in remote rsync, so saving SELinux attributes are not possible
 			Log "WARNING: --xattrs not possible on system ($RSYNC_HOST) (no xattrs compiled in rsync)"
 			# $TMP_DIR/selinux.mode is a trigger during backup to disable SELinux
-			cat /selinux/enforce > $TMP_DIR/selinux.mode
+			cat $SELINUX_ENFORCE > $TMP_DIR/selinux.mode
 			RSYNC_SELINUX=		# internal variable used in recover mode (empty means disable SELinux)
 		else
 			# if --xattrs is already set; no need to do it again
@@ -38,14 +47,14 @@ case $(basename $BACKUP_PROG) in
 			touch $TMP_DIR/force.autorelabel
 		else
 			# during backup we will disable SELinux
-			cat /selinux/enforce > $TMP_DIR/selinux.mode
+			cat $SELINUX_ENFORCE > $TMP_DIR/selinux.mode
 			# after reboot the restored system does a SELinux relabeling
 		fi
 		;;
 
 	(*)
 		# disable SELinux for unlisted BACKUP_PROGs
-		cat /selinux/enforce > $TMP_DIR/selinux.mode
+		cat $SELINUX_ENFORCE > $TMP_DIR/selinux.mode
 		;;
 
 esac

usr/share/rear/skel/Fedora/16/lib/systemd/system/udev-control.socket

@@ -0,0 +1,7 @@
+[Unit]
+Description=udev Control Socket
+DefaultDependencies=no
+
+[Socket]
+Service=udev.service
+ListenSequentialPacket=@/org/kernel/udev/udevd

usr/share/rear/skel/Fedora/16/lib/systemd/system/udev-kernel.socket

@@ -0,0 +1,8 @@
+[Unit]
+Description=udev Kernel Socket
+DefaultDependencies=no
+
+[Socket]
+Service=udev.service
+ReceiveBuffer=134217728
+ListenNetlink=kobject-uevent 1

usr/share/rear/skel/Fedora/16/lib/systemd/system/udev-settle.service

@@ -0,0 +1,25 @@
+# This service is usually not enabled by default. If enabled, it
+# acts as a barrier for basic.target -- so all later services will
+# wait for udev completely finishing its coldplug run.
+#
+# If needed, to work around broken or non-hotplug-aware services,
+# it might be enabled unconditionally, or pulled-in on-demand by
+# the services that assume a fully populated /dev at startup. It
+# should not be used or pulled-in ever on systems without such
+# legacy services running.
+
+[Unit]
+Description=udev Wait for Complete Device Initialization
+DefaultDependencies=no
+Wants=udev.service
+After=udev-trigger.service
+Before=basic.target
+
+[Service]
+Type=oneshot
+TimeoutSec=180
+RemainAfterExit=yes
+ExecStart=/sbin/udevadm settle
+
+[Install]
+WantedBy=basic.target

usr/share/rear/skel/Fedora/16/lib/systemd/system/udev-trigger.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=udev Coldplug all Devices
+Wants=udev.service
+After=udev-kernel.socket udev-control.socket
+DefaultDependencies=no
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/sbin/udevadm trigger --type=subsystems --action=add ; /sbin/udevadm trigger --type=devices --action=add

usr/share/rear/skel/Fedora/16/lib/systemd/system/udev.service

@@ -0,0 +1,13 @@
+[Unit]
+Description=udev Kernel Device Manager
+Wants=udev-control.socket udev-kernel.socket
+After=udev-control.socket udev-kernel.socket
+Before=basic.target
+DefaultDependencies=no
+
+[Service]
+Type=notify
+OOMScoreAdjust=-1000
+Sockets=udev-control.socket udev-kernel.socket
+Restart=on-failure
+ExecStart=/sbin/udevd