[ { "path": ".github/CONTRIBUTING.md", "content": "## For users who want to report an issue\nPlease read [this wiki page]\n(https://github.com/dnschneid/crouton/wiki/Common-issues-and-reporting)\nfor instructions on reporting an issue.\n\n## For contributors\nPlease read [this\nsection](https://github.com/dnschneid/crouton#i-want-to-be-a-contributor)\nof the README and the following relevant sections first.\n" }, { "path": ".github/ISSUE_TEMPLATE.md", "content": "```\nPlease paste the output of the following command here: sudo edit-chroot -all\n```\n\n#### Please describe your issue:\n\n\n#### If known, describe the steps to reproduce the issue:\n" }, { "path": ".gitignore", "content": "*.tar.*\n.*.swp\n.*.tmp\nnacl_sdk/\n/crouton*\n/test/run\n/releases/\n" }, { "path": "AUTHORS", "content": "Google, Inc\n" }, { "path": "CONTRIBUTORS", "content": "Aaron Zauner\nAlex Bennée\nAlfred Suleymanov\nAlfriadox\nAlireza Ghasemi\nAndrew Kanner\nAron Griffis\nAurelien Lourot\nAvi Zajac\nBlaine Bublitz\nBraden Farmer\nbrannon\nbrmbrmcar\nBryce Thorup\nChris Galle\nChristopher Mårtensson\nChris Varga\nChuan Ji\nCorey Garst\nDaniel Haber\nDavid Reveman\nDavid Schneider\nDennis Lockhart\ndimonf\ndumpweed\nEugene Y. Q. Shen\nGeorge Shank\nIcecream95\nIgor Bukanov\nJackMacWindows\nJake Waksbaum\nJavi Merino\njessaustin\nJim Tittsler\nJohan Lorentzon\nJohn Tantalo\njoshua stein\nJustin Frankel\nJustin Guy\nKenny Strawn\nKerwin Hui\nLef Ioannidis\nMagnus Nyberg\nMasaki Muranaka\nMaurice van Kruchten\nMicah Lee\nMichael Mattioli\nMichael Moss\nMichael Orr\nMike Kasick\nMikito Takada\nMiles Whittaker\nNeal McBurnett\nNevada Romsdahl\nNicolas Boichat\nPete Baldridge\nPhillip Pearson\nRich Murphey\nRicky Brent\nRyan Fowler\nSamuel Dionne-Riel\nSimon Podhajsky\nStephen Barber\nSteve Desmond\nSteven Maude\nSteven Merrill\nTed Matsumura\nTobbe Lundberg\nTom Dunlap\nTony Xue\nWilliam Kong\nWilliam Ransohoff\nWilliam W. Wu\nYang Wang\nYu-Hsi Chiang\nYuri Pole\nYushin Washio\nzguithues\nZopolis4\n" }, { "path": "LICENSE", "content": "// Copyright (c) 2016 The crouton Authors. All rights reserved.\n//\n// Redistribution and use in source and binary forms, with or without\n// modification, are permitted provided that the following conditions are\n// met:\n//\n// * Redistributions of source code must retain the above copyright\n// notice, this list of conditions and the following disclaimer.\n// * Redistributions in binary form must reproduce the above\n// copyright notice, this list of conditions and the following disclaimer\n// in the documentation and/or other materials provided with the\n// distribution.\n// * Neither the name of Google Inc. nor the names of its\n// contributors may be used to endorse or promote products derived from\n// this software without specific prior written permission.\n//\n// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n// \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n" }, { "path": "Makefile", "content": "# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nTARGET = crouton\nEXTTARGET = crouton.zip\nLIBS = src/freon.c\nLIBSTARGETS = $(patsubst src/%.c, crouton%.so, $(LIBS))\nSRCTARGETS = $(patsubst src/%.c,crouton%,$(filter-out $(LIBS),$(wildcard src/*.c)))\nCONTRIBUTORS = CONTRIBUTORS\nWRAPPER = build/wrapper.sh\nSCRIPTS_NOSYM := \\\n\t$(wildcard host-bin/*) \\\n\t$(wildcard installer/*.sh) installer/functions \\\n\t$(wildcard installer/*/*) \\\n\t$(wildcard src/*) \\\n\t$(wildcard targets/*)\nSCRIPTS := \\\n\t$(wildcard chroot-bin/*) \\\n\t$(wildcard chroot-etc/*)\nEXTPEXE = host-ext/crouton/kiwi.pexe\nEXTPEXESOURCES = $(wildcard host-ext/nacl_src/*.h) \\\n\t\t\t\t $(wildcard host-ext/nacl_src/*.cc)\nEXTSOURCES = $(wildcard host-ext/crouton/*)\nBOOTSTRAPS := $(wildcard installer/*/bootstrap)\nBUILDDIR = crouton.build\nGENVERSION = build/genversion.sh\nCONTRIBUTORSSED = build/CONTRIBUTORS.sed\nRELEASE = build/release.sh\nVERSION = 1\nTARPARAMS ?= -j\n\nCFLAGS=-g -Wall -Werror -Wno-error=unused-function -Os\n\ncroutonfbserver_LIBS = -lX11 -lXdamage -lXext -lXfixes -lXtst\ncroutonxi2event_LIBS = -lX11 -lXi\ncroutonfreon.so_LIBS = -ldl -ldrm -I/usr/include/libdrm\n\ncroutonwebsocket_DEPS = src/websocket.h\ncroutonfbserver_DEPS = src/websocket.h\n\nifeq ($(wildcard .git/HEAD),)\n GITHEAD :=\nelse\n GITHEADFILE := .git/refs/heads/$(shell cut -d/ -f3 '.git/HEAD')\n ifeq ($(wildcard $(GITHEADFILE)),)\n GITHEAD := .git/HEAD\n else\n GITHEAD := .git/HEAD .git/refs/heads/$(shell cut -d/ -f3 '.git/HEAD')\n endif\nendif\n\n$(TARGET): $(WRAPPER) $(BUILDDIR) $(GENVERSION) $(GITHEAD) Makefile\n\t{ \\\n\t\tsed -e \"s/\\$$TARPARAMS/$(TARPARAMS)/\" \\\n\t\t\t-e \"s/VERSION=.*/VERSION='$(shell $(GENVERSION) $(VERSION))'/\" \\\n\t\t\t$(WRAPPER) \\\n\t\t&& (cd $(BUILDDIR) && tar --owner=root --group=root -c $(TARPARAMS) *)\\\n\t\t&& chmod +x /dev/stdout \\\n\t;} > $(TARGET) || ! rm -f $(TARGET)\n\n$(BUILDDIR): $(SCRIPTS) $(SCRIPTS_NOSYM) Makefile\n\trm -rf $(BUILDDIR) && mkdir -p $(BUILDDIR) \\\n\t&& cp -at $(BUILDDIR) --parents $(SCRIPTS) \\\n\t&& cp -Lprt $(BUILDDIR) --parents $(SCRIPTS_NOSYM) \\\n\t&& for bootstrap in $(BOOTSTRAPS); do \\\n\t\ttmp=$(BUILDDIR); \\\n\t\t[ -h \"$$bootstrap\" ] && continue; \\\n\t\techo \"Preparing bootstrap dependencies for $$bootstrap\" >&2; \\\n\t\ttmp=$(BUILDDIR) sh -e \"$$bootstrap\" \\\n\t\t\t|| ! rm -rf $(BUILDDIR) || exit 1; \\\n\tdone\n\n$(EXTTARGET): $(EXTSOURCES) Makefile\n\trm -f $(EXTTARGET) && zip -q --junk-paths $(EXTTARGET) $(EXTSOURCES)\n\n$(EXTPEXE): $(EXTPEXESOURCES)\n\t$(MAKE) -C host-ext/nacl_src\n\n$(SRCTARGETS): $(patsubst crouton%,src/%.c,$@) $($@_DEPS) Makefile\n\tgcc $(CFLAGS) $(patsubst crouton%,src/%.c,$@) $($@_LIBS) -o $@\n\n$(LIBSTARGETS): $(patsubst crouton%.so,src/%.c,$@) $($@_DEPS) Makefile\n\tgcc $(CFLAGS) -shared -fPIC $(patsubst crouton%.so,src/%.c,$@) $($@_LIBS) -o $@\n\nextension: $(EXTTARGET)\n\n$(CONTRIBUTORS): $(GITHEAD) $(CONTRIBUTORSSED)\n\tgit shortlog -s | sed -f $(CONTRIBUTORSSED) | sort -uf > $(CONTRIBUTORS)\n\ncontributors: $(CONTRIBUTORS)\n\nrelease: $(CONTRIBUTORS) $(TARGET) $(RELEASE)\n\t[ ! -d .git ] || git status | grep -q 'working [a-z]* clean' || \\\n\t\t{ echo \"There are uncommitted changes. Aborting!\" 1>&2; exit 2; }\n\t$(RELEASE) $(TARGET)\n\nforce-release: $(CONTRIBUTORS) $(TARGET) $(RELEASE)\n\t$(RELEASE) -f $(TARGET)\n\nall: $(TARGET) $(SRCTARGETS) $(LIBSTARGETS) $(EXTTARGET)\n\nclean:\n\trm -f $(TARGET) $(EXTTARGET) $(SRCTARGETS) $(LIBSTARGETS)\n\trm -rf $(BUILDDIR)\n\n.PHONY: all clean contributors extension release force-release\n" }, { "path": "README.md", "content": "# crouton: Chromium OS Universal Chroot Environment\n\ncrouton is a set of scripts that bundle up into an easy-to-use,\nChromium OS-centric chroot generator. Ubuntu, Debian, and Kali are supported\n(using debootstrap behind the scenes), but \"Chromium OS Debian and Ubuntu (plus\none distro) EOL'd Chroot Environment\" doesn't acronymize as well (crodupodece is\nadmittedly pretty fun to say, though).\n\n### 🪦 crouton is now end-of-life 🪦\n\nAll good things must come to an end, and considering\n * Chromium OS's introduction of increasingly strict shell safeguards,\n * the [change in cras's build tools](https://github.com/dnschneid/crouton/issues/4958),\n * the [removal of manifest v2 extensions](https://github.com/dnschneid/crouton/pull/5094),\n * the [removal of PNaCl, breaking xiwi](https://github.com/dnschneid/crouton/issues/5130),\n * oh, and Chromium OS being replaced by Android\n\nthere's really not much to gain from continued development. Put another way, the\nproverbial mixed salad is just about out of tasty crunchy bits, and the\nremaining morsels have gone a bit stale. And for some reason someone's about to\nswap all the lettuce out for onion rings? Point is, it's time to stop mixing\ndressings. Unless it's ranch, I guess, since that goes with just about anything.\nBut this is crouton, not some Ready-for-Android Native Chroot Host, alas.\n\nAnyway, this means that:\n * The repo is now locked, and no further changes will be considered.\n * Eventually someone will want the latest Ubuntu added to the release list. See\n [this commit](https://github.com/dnschneid/crouton/commit/6d80f57b91c39d10b29fde861aac5a2b5b9b3910)\n for an example of how to do it on your own copy.\n * Sometime around July 2025, the GitHub project will be archived, making the\n issue tracker, discussions, and wiki read-only.\n * For the safety of users and stability of crouton's functionality for those on\n EOL devices, offers to take over the dnschneid/crouton repo or extension will\n be declined, and requests to change link destinations will be rejected.\n\nIf you have an EOL device, though, crouton is still a great match for you!\n * Chromium OS version 110 and earlier, everything should work! Breathe new life\n into your old devices!!\n * Starting 111, crouton can't compile cras, so audio devices cannot be shared\n with Chromium OS\n * Starting 117, sudo in crosh is disabled and you'll need to use VT-2\n * Starting 133 (139 for enterprise devices), manifest v2 is disabled and you\n won't be able to run the extension (easy switching, clipboard sync, xiwi)\n * Also starting 133 (139 for enterprise devices), pnacl is disabled, so even if\n you somehow got the extension working, xiwi won't function\n * Beyond that, it's anybody's guess as to what will break\n\n## Moving right along...\n\n:warning: **Steps to install crouton have changed!** :warning:\n\nChromium OS has introduced several security features over the years that impede\nthe installation and usage of crouton. If your device is no longer receiving\nupdates, the steps below will likely work for you. However, if you are still\nhaving trouble, please try the [community-maintained instructions](https://github.com/dnschneid/crouton/wiki/Updated-Installation-Instructions-for-Crouton).\n\nIn addition, goo.gl is going away! That means the goo.gl/fd3zc you know and love\nhas been replaced with [git.io/JZEs0](https://git.io/JZEs0). That's a zero at\nthe end, if you were wondering. Both just point to\n[github](https://raw.githubusercontent.com/dnschneid/crouton/master/installer/crouton),\nso you can always just memorize the full link instead, which (fun fact) does not\ninclude any numbers at all!\n\n## \"crouton\"...an acronym?\n\nIt stands for _ChRomium Os Universal chrooT envirONment_\n...or something like that. Do capitals really matter if caps-lock has been\n(mostly) banished, and the keycaps are all lower-case?\n\nMoving on...\n\n\n## Who's this for?\n\nAnyone who wants to run straight Linux on their Chromium OS device, and doesn't\ncare about physical security. You're also better off having some knowledge of\nLinux tools and the command line in case things go funny, but it's not strictly\nnecessary.\n\n\n## What's a chroot?\n\nLike virtualization, chroots provide the guest OS with their own, segregated\nfile system to run in, allowing applications to run in a different binary\nenvironment from the host OS. Unlike virtualization, you are *not* booting a\nsecond OS; instead, the guest OS is running using the Chromium OS system. The\nbenefit to this is that there is zero speed penalty since everything is run\nnatively, and you aren't wasting RAM to boot two OSes at the same time. The\ndownside is that you must be running the correct chroot for your hardware, the\nsoftware must be compatible with Chromium OS's kernel, and machine resources are\ninextricably tied between the host Chromium OS and the guest OS. What this means\nis that while the chroot cannot directly access files outside of its view, it\n*can* access all of your hardware devices, including the entire contents of\nmemory. A root exploit in your guest OS will essentially have unfettered access\nto the rest of Chromium OS.\n\n...but hey, you can run [TuxRacer](https://en.wikipedia.org/wiki/Tux_Racer)!\n\n\n### What about dem crostinis though?\n\n[Crostini](https://chromium.googlesource.com/chromiumos/docs/+/HEAD/containers_and_vms.md)\nis an official project within Chromium OS to bring the Linux shell and apps to\nthe platform *in verified mode* with clean integration, multi-layered security,\nand all the polish you expect from Chromium OS proper.\n\nThat means compared to crouton, Crostini has official support, competent\nengineers, and code that looks a little less like ramen. crouton, in its\ndefense, has wider device compatibility, enables direct hardware access, and is\nnamed after an objectively tastier bread-based food item.\n\nThere's a solid community on [Reddit](https://www.reddit.com/r/Crostini/) if\nyou'd like to try Crostini out. If it works for you -- great! No hard\nfeelings. If in the end you decide that crouton suits you better, read on!\n\nNote: you can't get the best of both worlds by installing crouton inside of\nCrostini. The technology (and life itself) just doesn't work that way. Not to\nmention a crouton Crostini would look ridiculous and be impossible to eat\nwithout getting bits everywhere.\n\n\n## Prerequisites\n\nYou need a device running Chromium OS that has been switched to developer mode.\n\nFor instructions on how to do that, go to [this Chromium OS wiki page](https://www.chromium.org/chromium-os/developer-information-for-chrome-os-devices),\nclick on your device model and follow the steps in the *Entering Developer Mode*\nsection.\n\nNote that developer mode, in its default configuration, is *completely\ninsecure*, so don't expect a password in your chroot to keep anyone from your\ndata. crouton does support encrypting chroots, but the encryption is only as\nstrong as the quality of your passphrase. Consider this your warning.\n\nIt's also highly recommended that you install the [crouton extension](https://chromewebstore.google.com/detail/crouton-integration/gcpneefbbnfalgjniomfjknbcgkbijom),\nwhich, when combined with the `extension` or `xiwi` targets, provides much \nimproved integration with Chromium OS.\n\nThat's it! Surprised?\n\n\n## Usage\n\ncrouton is a powerful tool, and there are a *lot* of features, but basic usage\nis as simple as possible by design.\n\nIf you're just here to use crouton, you can grab the latest release from\n[https://git.io/JZEs0](https://git.io/JZEs0). Download it, pop open a\nshell (Ctrl+Alt+T, type `shell` and hit enter), make the installer executable\nwith `sudo install -Dt /usr/local/bin -m 755 ~/Downloads/crouton`, then launch\nit with `sudo crouton` to see the help text. See the \"examples\" section for some\nusage examples.\n\nIf you're modifying crouton, you'll probably want to clone or download the repo\ninto a subdirectory of `/usr/local` and then either run `installer/main.sh`\ndirectly, or use `make` to build your very own `crouton`. You can also download\nthe latest release, install it as above and run `crouton -x` to extract out the\njuicy scripts contained within, but you'll be missing build-time stuff like the\nMakefile. You also need to remember to place the unbundled scripts somewhere in\n`/usr/local` in order to be able to execute them.\n\ncrouton uses the concept of \"targets\" to decide what to install. While you will\nhave apt-get in your chroot, some targets may need minor hacks to avoid issues\nwhen running in the chrooted environment. As such, if you expect to want\nsomething that is fulfilled by a target, install that target when you make the\nchroot and you'll have an easier time. Don't worry if you forget to include a\ntarget; you can always update the chroot later and add it. You can see the list\nof available targets by running `crouton -t help`.\n\nOnce you've set up your chroot, you can easily enter it using the\nnewly-installed `enter-chroot` command, or one of the target-specific\nstart\\* commands. Ta-da! That was easy.\n\n\n## Examples\n\n### The easy way (assuming you want an Ubuntu LTS with Xfce)\n\n 1. Download `crouton`\n 2. Open a shell (Ctrl+Alt+T, type `shell` and hit enter)\n 3. Copy the installer to an executable location by running\n `sudo install -Dt /usr/local/bin -m 755 ~/Downloads/crouton`\n 4. Now that it's executable, run the installer itself: `sudo crouton -t xfce`\n 5. Wait patiently and answer the prompts like a good person.\n 6. Done! You can jump straight to your Xfce session by running\n `sudo enter-chroot startxfce4` or, as a special shortcut, `sudo startxfce4`\n 7. Cycle through Chromium OS and your running graphical chroots using\n Ctrl+Alt+Shift+Back and Ctrl+Alt+Shift+Forward.\n 8. Exit the chroot by logging out of Xfce.\n\n### With encryption!\n\n 1. Add the `-e` parameter when you run crouton to create an encrypted chroot\n or encrypt a non-encrypted chroot.\n 2. You can get some extra protection on your chroot by storing the decryption\n key separately from the place the chroot is stored. Use the `-k` parameter\n to specify a file or directory to store the keys in (such as a USB drive or\n SD card) when you create the chroot. Beware that if you lose this file,\n your chroot will not be decryptable. That's kind of the point, of course.\n\n### Hey now, Ubuntu 16.04 is pretty old; I'm young and hip\n\n 1. The `-r` parameter specifies which distro release you want to use.\n 2. Run `crouton -r list` to list the recognized releases and which distros\n they belong to.\n\n### Wasteful redundancies are wasteful: one clipboard, one browser, one window\n\n 1. Install the [crouton extension](https://chromewebstore.google.com/detail/crouton-integration/gcpneefbbnfalgjniomfjknbcgkbijom)\n into Chromium OS.\n 2. Add the `extension` or `xiwi` version to your chroot.\n 3. Try some copy-pasta, or uninstall all your web browsers from the chroot.\n\n*Installing the extension and its target gives you synchronized clipboards, the\noption of using Chromium OS to handle URLs, and allows chroots to create\ngraphical sessions as Chromium OS windows.*\n\n### I don't always use Linux, but when I do, I use CLI\n\n 1. You can save a chunk of space by ditching X and just installing\n command-line tools using `-t core` or `-t cli-extra`\n 2. Enter the chroot in as many crosh shells as you want simultaneously using\n `sudo enter-chroot`\n 3. Use the [Crosh Window](https://chromewebstore.google.com/detail/crosh-window/nhbmpbdladcchdhkemlojfjdknjadhmh)\n extension to keep Chromium OS from eating standard keyboard shortcuts.\n 4. If you installed cli-extra, `startcli` will launch a new VT right into the\n chroot.\n\n### A new version of crouton came out; my chroot is therefore obsolete and sad\n\n 1. Exit the chroot if you have it open.\n 2. If you haven't already, download `crouton`, and copy it so it works:\n `sudo install -Dt /usr/local/bin -m 755 ~/Downloads/crouton`\n 3. Update your chroot with `sudo crouton -u -n chrootname`. It will update\n all installed targets.\n\n### I want to open my desktop in a window or a tab but I don't have the 'xiwi' target/xmethod.\n\n 1. Add 'xiwi' or any other target to an existing chroot with the `-u` option:\n `sudo crouton -t xiwi -u -n chrootname`\n\n This will also make 'xiwi' the default xmethod.\n\n 2. If you want to keep the 'xorg' xmethod as the default then pick it first:\n `sudo sh crouton -t xorg,xiwi -u -n chrootname`\n\n### A backup a day keeps the price-gouging data restoration services away\n\n 1. `sudo edit-chroot -b chrootname` backs up your chroot to a timestamped\n tarball in the current directory. Chroots are named either via the `-n`\n parameter when created or by the release name if -n was not specified.\n 2. `sudo edit-chroot -r chrootname` restores the chroot from the most recent\n timestamped tarball. You can explicitly specify the tarball with `-f`\n 3. If your machine is new, powerwashed, or held upside-down and shaken, you\n can use the crouton installer to restore a chroot and relevant scripts:\n `sudo crouton -f mybackup.tar.gz`\n\n*Unlike with Chromium OS, the data in your chroot isn't synced to the cloud.*\n\n### This chroot's name/location/password/existence sucks. How to fix?\n\n 1. Check out the `edit-chroot` command; it likely does what you need it to do.\n 2. If you set a Chromium OS root password, you can change it with\n `sudo chromeos-setdevpasswd`\n 3. You can change the password inside your chroot with `passwd`\n\n### I want to install the chroot to another location\n\n 1. Use `-p` to specify the directory in which to install the chroot and\n scripts. Be sure to quote or escape spaces.\n 2. When entering the chroot for the first time each boot, you will first need\n to ensure the place you've installed the scripts is in a place that allows\n executables to run. Determine the mountpoint by running\n `df --output=target /path/to/enter-chroot`, then mark the mount exec with\n `sudo mount -o remount,exec /path/to/mountpoint`.\n 3. You can then launch the chroot by specifying the full path of any of the\n enter-chroot or start* scripts (i.e. `sudo /path/to/enter-chroot`), or use\n the `-c` parameter to explicitly specify the chroots directory.\n\n*If for some reason you have to run the installer without touching the local\ndisk, you can (for the time being) run\n`curl -fL https://git.io/JZEs0 | sudo sh -s -- options_for_crouton_installer`.\nNote that this will definitely break in the near future, so don't depend on it.*\n\n### Downloading bootstrap files over and over again is a waste of time\n\n 1. Download `crouton`\n 2. Open a shell (Ctrl+Alt+T, type `shell` and hit enter)\n 3. Copy the installer to an executable location by running\n `sudo install -Dt /usr/local/bin -m 755 ~/Downloads/crouton`\n 4. Now that it's executable, use the installer to build a bootstrap tarball:\n `sudo crouton -d -f ~/Downloads/mybootstrap.tar.bz2`\n 5. Include the `-r` parameter if you want to specify for which release to\n prepare a bootstrap.\n 6. You can then create chroots using the tarball by running\n `sudo crouton -f ~/Downloads/mybootstrap.tar.bz2`. Make sure you also\n specify the target environment with `-t`.\n\n*This is the quickest way to create multiple chroots at once, since you won't\nhave to determine and download the bootstrap files every time.*\n\n### Targets are cool. Abusing them for fun and profit is even cooler\n\n 1. You can make your own target files (start by copying one of the existing\n ones) and then use them with any version of crouton via the `-T` parameter.\n\n*This is great for automating common tasks when creating chroots.*\n\n### Help! I've created a monster that must be slain!\n\n 1. The delete-chroot command is your sword, shield, and only true friend.\n `sudo delete-chroot evilchroot`\n 2. It's actually just a shortcut to `sudo edit-chroot -d evilchroot`, which I\n suppose makes it a bit of a deceptive Swiss Army knife friend...still good?\n\n\n## Tips\n\n * Chroots are cheap! Create multiple ones using `-n`, break them, then make\n new, better ones!\n * You can change the distro mirror from the default by using `-m`\n * Want to use a proxy? `-P` lets you specify one (or disable it).\n * A script is installed in your chroot called `brightness`. You can assign\n this to keyboard shortcuts to adjust the brightness of the screen (e.g.\n `brightness up`) or keyboard (e.g. `brightness k down`).\n * Multiple monitors will work fine in the chroot, but you may have to switch\n to Chromium OS and back to enable them.\n * You can make commands run in the background so that you can close the\n terminal. This is particularly useful for desktop environments: try running\n `sudo startxfce4 -b`\n * Want to disable Chromium OS's power management? Run `croutonpowerd -i`\n * Only want power management disabled for the duration of a command?\n `croutonpowerd -i command and arguments` will automatically stop inhibiting\n power management when the command exits.\n * Have a Pixel or two or 4.352 million? `-t touch` improves touch support.\n * Want to share some files and/or folders between Chromium OS and your chroot?\n Check out the `/etc/crouton/shares` file, or read all about it in the wiki.\n * Want more tips? Check the [wiki](https://github.com/dnschneid/crouton/wiki).\n\n\n## Issues?\n\nRunning another OS in a chroot is a pretty messy technique (although it's hidden\nbehind very pretty scripts), and while these scripts are relatively mature,\nChromium OS is changing all the time so problems are not surprising. Check the\nissue tracker and file a bug if your issue isn't there. When filing a new bug,\ninclude the output of `croutonversion` run from inside the chroot or, if you\ncannot mount your chroot, include the output of `cat /etc/lsb-release` from Crosh.\n\n\n## I want to be a Contributor!\n\nThat's great! But before your code can be merged, you'll need to have signed\nthe [Individual Contributor License Agreement](https://cla.developers.google.com/clas/new?kind=KIND_INDIVIDUAL&domain=DOMAIN_GOOGLE).\nDon't worry, it only takes a minute and you'll definitely get to keep your\nfirstborn, probably. If you've already signed it for contributing to Chromium\nor Chromium OS, you're already done.\n\nIf you don't know what to do with your time as an official Contributor, keep in\nmind that crouton is maintenance-only and will only be accepting a limited amount\nof changes. That having been said, here's some suggestions:\n\n * Really like a certain desktop environment? Fork crouton, add the target, and\n let people know in the discussions area.\n * Is your distro underrepresented? Want to contribute to the elusive and\n mythical beast known as \"croagh\"? Fork crouton, add the distro, and people\n will come.\n * Discovered a bug lurking within the scripts, or a papercut that bothers you\n just enough to make you want to actually do something about it? You guessed\n it: fork crouton, fix everything, and create a pull request.\n * Are most bugs too high-level for you to defeat? Grind up some\n [EXP](https://en.wikipedia.org/wiki/Experience_point) by using\n your fork to eat [pie](https://github.com/dnschneid/crouton/labels/pie).\n\n\n## Are there other, non-Contributory ways I can help?\n\nYes!\n\n\n## But how?\n\nThere's a way For Everyone to help!\n\n * Something broken? File a bug! Bonus points if you try to fix it. It helps if\n you provide the output of `croutonversion` (or the output of\n `cat /etc/lsb-release` from Crosh) when you submit the bug.\n * Look through [open issues](https://github.com/dnschneid/crouton/issues?state=open)\n and see if there's a topic or application you happen to have experience\n with. And then, preferably, share that experience with others.\n * Find issues that need [wiki entries](https://github.com/dnschneid/crouton/issues?labels=needswiki&state=open,closed)\n and add the relevant info to the [wiki](https://github.com/dnschneid/crouton/wiki).\n Or just add things to/improve things in the wiki in general, but do try to\n keep it relevant and organized.\n * Really like a certain desktop environment, but not up for coding? Open or\n comment on a bug with steps to get things working well.\n\n\n## License\n\ncrouton (including this eloquently-written README) is copyright © 2016 The\ncrouton Authors. All rights reserved. Use of the source code included here is\ngoverned by a BSD-style license that can be found in the LICENSE file in the\nsource tree.\n" }, { "path": "README.zh.md", "content": "# Crouton中文版教程\r\n\r\n> 基于crouton项目README的英文版进行汉化,部分内容没有进行汉化,建议有能力者优先阅读英文版本。\r\n\r\n## 简介\r\n\r\n​\tChroot是Chromium OS Universal Chroot Environment 的简写,是一系列脚本的合集,利用Linux的Chroot,在Chromebook上同时运行Chrome OS和某个Linux发行版。\r\n\r\n## Chroot介绍\r\n\r\n​\tChroot命令用来在指定的根目录下运行指令。Chroot的这种功能可以为第二系统提供一个隔离的文件系统,就像虚拟化一样,但是第二系统实际上仍然在主系统的文件系统下面工作,在进程和网络层面,chroot并没有进行隔离。\r\n\r\n​\t至于详细的内容,为什么不去问问[百度搜索](https://www.baidu.com/s?wd=chroot)?\r\n\r\n## 进入正题\r\n\r\n### 环境\r\n\r\n- **良好的**网络环境\r\n- 进入**开发者模式**的Chromebook,相关操作请进入[这个页面](https://www.chromium.org/chromium-os/developer-information-for-chrome-os-devices)(英文页面),点击对应的设备型号,按照*Entering Developer Mode*章节的步骤进行\r\n- 强烈建议安装[Crouton插件](https://chromewebstore.google.com/detail/crouton-integration/gcpneefbbnfalgjniomfjknbcgkbijom),配合`extension`或者`xiwi`目标,可以提高第二系统与Chrome OS之间的交互体验\r\n\r\n### 用法\r\n\r\n1. 你需要从[这里](https://git.io/JZEs0)下载Crouton脚本。~~什么?下不下来?关我什么事~~\r\n\r\n2. 然后打开shell(`ctrl+alt+T`,在打开的窗口中输入`shell`,然后回车)。\r\n\r\n3. 输入`sudo install -Dt /usr/local/bin -m 755 ~/Downloads/crouton`,这一步是将下载下来的脚本安装到`/usr/local/bin`这个可执行目录里面。\r\n\r\n4. `sudo crouton`可以查看帮助,本教程**示例**部分会有一些命令使用举例。\r\n\r\n 如果你想对Crouton稍作修改,可以将本项目下载到`/usr/local`,直接运行`installer/main.sh`或者使用`make`进行编译。你也可以按上述四步安装crouton后,使用`crouton -x`将包含的脚本解压,不过那样的话你需要自己编写编译所需的文件,以及记住脚本所在的位置。\r\n\r\n Crouton使用“目标”('targets')来决定安装什么。可用的目标可以运行`crouton -t help`来查看。\r\n\r\n 安装之后,可以输入`enter-chroot`,或者由你选择的安装目标所决定的 start* 命令。具体的命令,安装完成后终端会有介绍(英文)。 \r\n\r\n## 示例\r\n\r\n**简单示例(安装Ubuntu LTS,使用Xfce桌面环境)**\r\n\r\n1. 下载Crouton\r\n2. 打开shell(`ctrl+alt+T`,在打开的窗口中输入`shell`,然后回车)。\r\n3. 输入`sudo install -Dt /usr/local/bin -m 755 ~/Downloads/crouton`\r\n4. `sudo crouton -t xfce`\r\n5. 等吧,可以喝杯星巴克\r\n6. 安装完成后,使用`sudo enter-chroot startxfce4`,或者`sudo startxfce4`运行chroot,会自动跳至Xfce\r\n7. 登出/注销(logout)Xfce来退出chroot,**在Xfce里点击关机是没有用的**。\r\n\r\n**加密**\r\n\r\n1. 运行crouton是可以添加`-e`参数来创建一个加密的chroot环境,或者加密一个未加密的chroot环境\r\n2. 使用`-k`参数来指定储存密钥的路径\r\n\r\n**想用别的系统?**\r\n\r\n1. `-r`参数可以指定你想要使用的发行版和版本代号\r\n2. `crouton -r list`可以查看支持的发行版和版本代号(英文)\r\n\r\n**说好的“更好的交互体验”?**\r\n\r\n1. 在Chrome OS安装[Crouton插件](https://chromewebstore.google.com/detail/crouton-integration/gcpneefbbnfalgjniomfjknbcgkbijom)\r\n\r\n2. 在chroot环境中添加`extension`或者`xiwi`目标\r\n\r\n 这样可以同步chroot环境和主系统的剪贴板,允许chroot环境的程序在Chrome OS界面中窗口化运行。\r\n\r\n**只使用命令行**\r\n\r\n1. 指定安装目标时可以只使用`-t core`或者`-t cli-extra`\r\n2. 使用`sudo enter-chroot`进入chroot环境\r\n3. 使用[Crosh Window插件](https://chromewebstore.google.com/detail/crosh-window/nhbmpbdladcchdhkemlojfjdknjadhmh),防止chroot命令行环境导致的快捷键失效\r\n\r\n**升级chroot环境**\r\n\r\n​\t使用`sudo crouton -u -n chrootname`来升级chroot环境中的系统。\r\n\r\n**安装后想添加一些安装目标?**\r\n\r\n​\t使用`-u`参数来添加安装目标。\r\n\r\n​\t比如,添加`xiwi`目标:`sudo crouton -t xiwi -u -n chrootname`\r\n\r\n​\t上述命令会让xiwi成为默认的[X窗口方法](https://baike.baidu.com/item/X%E7%AA%97%E5%8F%A3/1471357?fr=aladdin)(原默认方法为xorg),如果想让X窗口方法继续保持默认:\r\n\r\n​\t`sudo crouton -t xorg,xiwi -u -n chrootname`\r\n\r\n**备份**\r\n\r\n​\t`sudo edit-chroot -b chrootname`会在命令运行目录下生成chroot环境的tar格式的备份文件(带备份时间戳),Chroot环境的名字可以在安装时由`-n`参数指定,未指定时默认为所安装的Linux发行版版本代号(例如,默认的Ubuntu 16.04LTS版本代号为xenial)\r\n\r\n​\t`sudo edit-chroot -r chrootname`默认恢复最近一次的备份文件。可以用`-r`参数指定恢复文件\r\n\r\n​\t对全新或者重置过的电脑,可以使用Crouton的恢复命令:`sudo crouton -f mybackup.tar.gz`\r\n\r\n**更改安装位置**\r\n\r\n​\t`-p`参数可指定chroot的安装位置。\r\n\r\n​\t每次启动电脑后第一次启动chroot,请确定chroot的安装位置是可执行(executable)的:\r\n\r\n\t1. 确定挂载点:`df --output=target /path/to/enterchroot`\r\n \t2. 使挂载点可读写:`sudo mount -o remount,exec /path/to/mountpoint`\r\n\r\n**删除Chroot环境**\r\n\r\n​\t`sudo delete-chroot chrootname`\r\n\r\n## 使用提醒\r\n\r\n- 使用`-n`来指定Chroot环境的名字,可以创建多个chroot环境\r\n- 使用`-m`参数更改镜像源\r\n- `-P`参数开启/关闭Chroot环境的代理,仅支持http/https\r\n- chroot内置`brightness`脚本,可以:\r\n - 调节屏幕亮度(比如,在chroot内运行`brightness up`)\r\n - 调节背光键盘亮度(比如,在chroot内运行:`brightness k down`)\r\n- 使用多屏可能需要先切换到Chrome OS界面,然后再切换回来\r\n- 运行命令添加`-b`参数可以让chroot在后台运行,比如:`sudo startxfce4 -b`\r\n- `croutonpowerd -i`可以关闭Chrome OS的电源管理\r\n- `croutonpowerd -i command and arguments`可以指定在chroot执行某些命令时关闭Chrome OS的电源管理\r\n- `touch`安装目标可以改善触摸屏设备的使用体验\r\n- 本项目Wiki中有关于文件共享的介绍\r\n- [Wiki](https://github.com/dnschneid/crouton/wiki)中也有更多其他提示(英文)\r\n" }, { "path": "build/CONTRIBUTORS.sed", "content": "s/^[ \\t0-9]*//\ns/^DennisL.*$/Dennis Lockhart/\ns/^drinkcat$/Nicolas Boichat/\ns/^divx118$/Maurice van Kruchten/\ns/^haberda$/Daniel Haber/\ns/^tedm$/Ted Matsumura/\ns/^magnus$/Magnus Nyberg/\ns/^eyqs$/Eugene Y. Q. Shen/\n/^nromsdahl$/d\n/^root$/d\n/^ttk153$/d\n/^lnxsrt$/d\n/\\?/d\n" }, { "path": "build/genversion.sh", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# Outputs a version string with the specified prefix.\n\nif [ \"$#\" != 1 ]; then\n echo \"Usage: ${0##*/} VERSION\" 1>&2\n exit 1\nfi\n\nsource=''\n\n# Get the branch from git\ngit=\"`dirname \"$0\"`/../.git\"\nif [ -f \"$git/HEAD\" ]; then\n source=\"`cut -d/ -f3 \"$git/HEAD\"`\"\n if [ -n \"$source\" ]; then\n if [ -f \"$git/refs/heads/$source\" ]; then\n source=\"$source:`head -c 8 \"$git/refs/heads/$source\"`\"\n else\n source=\"${source%\"${source#????????}\"}\"\n fi\n source=\"~$source\"\n fi\nfi\n\nVERSION=\"$1-%Y%m%d%H%M%S$source\"\n\nexec date \"+$VERSION\"\n" }, { "path": "build/release.sh", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\n# Generates a release in the releases/ directory (which should be a checkout of\n# the releases branch of the same repo) and pushes it.\n\nUSAGE=\"Usage: ${0##*/} [-f] bundle [..]\n -f Hard-reset the releases branch in case of unpushed releases.\"\nFORCE=''\n\n# CD into the repo's root directory\ndir=\"`readlink -f -- \"$0\"`\"\ncd \"${dir%/*}/..\"\n\n# Import common functions\n. installer/functions \n\nif [ \"$1\" = '-f' ]; then\n FORCE=y\n shift\nfi\n\nif [ \"$#\" = 0 ]; then\n error 2 \"$USAGE\"\nfi\n\n# Check the releases directory and update, or create it if necessary\nif [ -d releases/.git ]; then\n if ! grep -q 'releases$' releases/.git/HEAD; then\n error 1 'releases/ is not in the releases branch.'\n fi\n if ! awk \"/'releases'/{print \\$1}\" releases/.git/FETCH_HEAD | \\\n diff -q releases/.git/refs/heads/releases - >/dev/null; then\n echo 'releases/ is ahead of or not up-to-date with remote' 1>&2\n if [ -z \"$FORCE\" ]; then\n exit 1\n fi\n fi\n git -C releases fetch origin releases\n git -C releases reset --hard origin/releases\nelif [ -e releases ]; then\n error 1 \"releases/ is not a git repo\"\nelse\n url=\"`git remote -v | awk '$1==\"origin\" && $3==\"(fetch)\" {print $2}'`\"\n git clone --single-branch --branch releases --reference . \"$url\" releases\nfi\n\n# Apply the releases\nfor bundle in \"$@\"; do\n bundle=\"${bundle##*/}\"\n if [ ! -f \"$bundle\" ]; then\n error 1 \"$bundle bundle does not exist\"\n fi\n version=\"`sh \"$bundle\" -V`\"\n if [ \"$version\" = \"${version#crouton*:}\" ]; then\n error 1 \"$bundle bundle is invalid\"\n fi\n branch=\"${version#*~}\"\n branch=\"${branch%:*}\"\n dest=\"${branch#master}\"\n dest=\"crouton${dest:+-}$dest\"\n # Compare the current release to avoid duplicates\n if [ -f \"releases/$dest\" ] && \\\n sh \"releases/$dest\" -V | grep -q \"${version#*~}\"; then\n echo \"Release already current: `sh \"$bundle\" -V`\"\n continue\n fi\n # Copy it in and make a commit\n cp -fv \"$bundle\" \"releases/$dest\"\n git -C releases add \"$dest\"\n git -C releases commit -m \"$version\"\ndone\n\n# Push the resulting releases\ngit -C releases push origin releases\ngit -C releases fetch origin releases\n\nexit 0\n" }, { "path": "build/wrapper.sh", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file of the source repository, which has been replicated\n# below for convenience of distribution:\n#\n# Redistribution and use in source and binary forms, with or without\n# modification, are permitted provided that the following conditions are\n# met:\n#\n# * Redistributions of source code must retain the above copyright\n# notice, this list of conditions and the following disclaimer.\n# * Redistributions in binary form must reproduce the above\n# copyright notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# * Neither the name of Google Inc. nor the names of its\n# contributors may be used to endorse or promote products derived from\n# this software without specific prior written permission.\n#\n# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n# \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n\n# This is a wrapped tarball. This script untars itself to a temporary directory\n# and then runs installer/main.sh with the parameters passed to it.\n# You can pass -x [directory] to extract the contents somewhere.\n\nset -e\n\nVERSION='git'\n\n# Minimum Chromium OS version is R45 stable\nCROS_MIN_VERS=7262\n\nif [ \"$1\" = '-x' -a \"$#\" -le 2 ]; then\n # Extract to the specified directory.\n SCRIPTDIR=\"${2:-\"${0##*/}.unbundled\"}\"\n mkdir -p \"$SCRIPTDIR\"\nelse\n # Make a temporary directory and auto-remove it when the script ends.\n SCRIPTDIR='/tmp'\n # If we're running from a directory in /tmp, make the temporary directory a\n # subdirectory of it.\n if [ \"${0#/tmp/}\" != \"$0\" ]; then\n SCRIPTDIR=\"${0%/*}\"\n fi\n SCRIPTDIR=\"`mktemp -d --tmpdir=\"$SCRIPTDIR\" \"${0##*/}.XXX\"`\"\n TRAP=\"rm -rf --one-file-system '$SCRIPTDIR';$TRAP\"\n trap \"$TRAP\" INT HUP 0\nfi\n\n# Extract this file after the ### line\n# TARPARAMS will be set by the Makefile to match the compression method.\nline=\"`awk '/^###/ { print FNR+1; exit 0; }' \"$0\"`\"\ntail -n \"+$line\" \"$0\" | tar -x $TARPARAMS -C \"$SCRIPTDIR\"\n\n# Exit here if we're just extracting\nif [ -z \"$TRAP\" ]; then\n exit\nfi\n\n# See if we want to just run a script from the bundle\nif [ \"$1\" = '-X' ]; then\n script=\"$SCRIPTDIR/$2\"\n if [ ! -f \"$script\" ]; then\n cd \"$SCRIPTDIR\"\n echo \"USAGE: ${0##*/} -X DIR/SCRIPT [ARGS]\nRuns a script directly from the bundle. Valid DIR/SCRIPT combos:\" 1>&2\n ls chroot-bin/* host-bin/* 1>&2\n if [ -n \"$2\" ]; then\n echo 1>&2\n echo \"Invalid script '$2'\" 1>&2\n fi\n exit 2\n fi\n shift 2\n # If this script was called with '-x' or '-v', pass that on\n SETOPTIONS=\"-e\"\n if set -o | grep -q '^xtrace.*on$'; then\n SETOPTIONS=\"$SETOPTIONS -x\"\n fi\n if set -o | grep -q '^verbose.*on$'; then\n SETOPTIONS=\"$SETOPTIONS -v\"\n fi\n sh $SETOPTIONS \"$script\" \"$@\"\n exit \"$?\"\nfi\n\n# Execute the main script inline. It will use SCRIPTDIR to find what it needs.\n. \"$SCRIPTDIR/installer/main.sh\"\n\nexit\n### end of script; tarball follows\n" }, { "path": "chroot-bin/brightness", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# A shortcut script to control device brightness.\n# Usage:\n# brightness [b|k] [up|down|# [instant]]\n\n# Choose the device\ndevice='Screen'\nnokbd=''\ncase \"$1\" in\nk*) device='Keyboard'\n nokbd='echo \"Command not supported with keyboard backlight.\" 1>&2; exit 1' \n shift;;\nb*) shift;;\nesac\n\n# Handle user command\nprint=''\npostcmd=''\ncase \"$1\" in\nu*) precmd='Increase';;\nd*) precmd='Decrease';;\n[0-9]*) eval $nokbd;\n precmd='Set'; postcmd=\"Percent double:$1 int32:${2:-\"1\"}${2:+\"2\"}\";;\n*) eval $nokbd; precmd='Get'; postcmd='Percent'; print='--print-reply';;\nesac\n\nhost-dbus dbus-send --system --dest=org.chromium.PowerManager \\\n --type=method_call $print /org/chromium/PowerManager \\\n org.chromium.PowerManager.${precmd}${device}Brightness${postcmd} | {\n read -r junk\n read -r double percent\n if [ -n \"$print\" ]; then\n echo \"${percent%.*}\"\n fi\n}\n\nexit 0\n" }, { "path": "chroot-bin/crouton-noroot", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# Wrapper for scripts that shouldn't be launched as root.\n# Symlink to launch the application with the same name in /usr/bin/\n# Launch directly with a parameter to launch that executable\n# Launch directly with a blank or - first parameter and a word to just check and\n# exit with an exit code, printing out the second parameter as the app name.\n\nAPPLICATION=\"${0##*/}\"\nif [ \"$APPLICATION\" = 'crouton-noroot' ]; then\n if [ -z \"$1\" -o \"$1\" = '-' -o \"$1\" = '--' ]; then\n APPLICATION=''\n else\n APPLICATION=\"$1\"\n shift\n fi\nelse\n APPLICATION=\"/usr/bin/$APPLICATION\"\nfi\n\nif [ \"$USER\" = root -o \"$UID\" = 0 ]; then\n app=\"${APPLICATION:-\"$2\"}\"\n echo \"Do not launch ${app##*/} as root inside the chroot.\" 1>&2\n exit 2\nelif [ -z \"$APPLICATION\" ]; then\n exit 0\nfi\n\nexec \"$APPLICATION\" \"$@\"\n" }, { "path": "chroot-bin/crouton-unity-autostart", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n#\n# Helper script for launching services normally managed by upstart.\n# Called during session's XDG autostart.\n\nRELEASE=\"`/usr/local/bin/croutonversion -r`\"\n\n# Run the exec line from an Upstart conf file. Right now this assumes no space\n# in the path and no arguments.\nexecfromconf() {\n local exec_cmd=\"`awk '/^exec/{print $2; exit}' \"$1\"`\"\n if [ -x \"$exec_cmd\" ]; then\n \"$exec_cmd\" &\n fi\n}\n\n# Upstart launches unity on utopic+, and this needs to be started before\n# any dependent services.\nif [ \"$RELEASE\" = 'xenial' ]; then\n PATH=\"$PATH\":/sbin /usr/bin/unity &\nfi\n\n# Launch window-stack-bridge for Unity HUD support, and unity-panel-service for\n# indicators.\nif [ \"$RELEASE\" != 'precise' ]; then\n services=\"unity-panel-service window-stack-bridge\"\n for service in $services; do\n conf_file=/usr/share/upstart/sessions/\"$service\".conf\n execfromconf \"$conf_file\"\n done\nfi\n\n# If on trusty or later, indicators also need to be started.\nif [ \"$RELEASE\" = 'trusty' -o \"$RELEASE\" = 'xenial' ]; then\n for conf_file in /usr/share/upstart/sessions/*.conf; do\n if grep -q '^start on.* indicator-services-start' \"$conf_file\"; then\n execfromconf \"$conf_file\"\n fi\n done\nfi\n" }, { "path": "chroot-bin/croutonclip", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n#\n# Synchronizes clipboard between X displays, making use of crouton's WebSocket\n# server and Chromium extension to synchronize the clipboard with Chromium OS\n\nVERBOSE=''\n\n. \"`dirname \"$0\"`/../installer/functions\"\n\n# rundisplay :X cmd ...\n# Run a command on the specified display\nrundisplay() {\n local disp=\"$1\"\n shift\n DISPLAY=\"$disp\" \"$@\"\n}\n\ncopyclip() {\n next=\"$1\"\n\n # Do not copy if next is empty (display cannot be detected), or\n # if current == next. Also set current=$next if $current is empty\n if [ -z \"$next\" -o \"${current:=\"$next\"}\" = \"$next\" ]; then\n if [ -n \"$VERBOSE\" ]; then\n echo \"==Current: $current==Next: $next==\" 1>&2\n fi\n return 0\n fi\n\n if [ -n \"$VERBOSE\" ]; then\n echo \">>Current: $current>>\" 1>&2\n fi\n\n # Copy clipboard content from the current display\n {\n if [ \"$current\" = 'cros' ]; then\n echo -n 'R' | websocketcommand\n else\n # Check if display is still running\n if rundisplay \"$current\" xdpyinfo >/dev/null 2>&1; then\n echo -n 'R'\n rundisplay \"$current\" xsel -ob\n else\n echo -n \"EUnable to open display '$current'.\"\n fi\n fi\n } | (\n STATUS=\"`head -c 1`\"\n if [ \"$STATUS\" != 'R' ]; then\n echo -n \"croutonwebsocket error: \" >&2\n cat >&2\n # Stop here (the clipboard content is lost in this case)\n exit 0\n fi\n\n # Paste clipboard content to the next display\n if [ \"$next\" = 'cros' ]; then\n STATUS=\"`(echo -n 'W'; cat) | websocketcommand`\"\n if [ \"$STATUS\" != 'WOK' ]; then\n # Write failed, skip Chromium OS (do not update $current)\n echo -n \"croutonwebsocket error: $STATUS\" >&2\n exit 1\n fi\n else\n # Do not override content if it \"looks\" the same\n # (we might have rich text or other content in the clipboard)\n cliptmp=\"`mktemp \"croutonclip.XXX\" --tmpdir=/tmp`\"\n trap \"rm -f '$cliptmp'\" 0\n cat > $cliptmp\n\n if ! rundisplay \"$next\" xsel -ob \\\n | diff -q - \"$cliptmp\" > /dev/null; then\n rundisplay \"$next\" xsel -ib < \"$cliptmp\"\n fi\n fi\n ) && current=\"$next\"\n\n if [ -n \"$VERBOSE\" ]; then\n echo \"<&2\n fi\n}\n\n# Wait for the websocket server to get connected to the extension\n# Timeout after 10 seconds (twice crouton extension retry period)\nwaitwebsocket() {\n timeout=10\n while [ $timeout -gt 0 ]; do\n if [ -n \"$VERBOSE\" ]; then\n echo \"Ping...\" 1>&2\n fi\n\n # Prepare and send a ping message\n MSG=\"PING$$$timeout\"\n STATUS=\"`echo -n \"$MSG\" | websocketcommand`\"\n if [ \"$STATUS\" = \"$MSG\" ]; then\n if [ -n \"$VERBOSE\" ]; then\n echo \"OK!\" 1>&2\n fi\n return 0\n fi\n\n if [ -n \"$VERBOSE\" ]; then\n echo \"$STATUS\" 1>&2\n fi\n\n sleep 1\n timeout=$(($timeout-1))\n done\n echo \"Timeout waiting for extension to connect.\" >&2\n}\n\n# Assume current display is Chromium OS: avoid race as we may not be able to\n# detect the first VT/window change.\ncurrent='cros'\n\nmkdir -m 775 -p \"$CROUTONLOCKDIR\"\nexec 3>>\"$CROUTONLOCKDIR/clip\"\nchmod -Rf g+rwX \"$CROUTONLOCKDIR\" || true\nchgrp -Rf crouton \"$CROUTONLOCKDIR\" || true\nif ! flock -n 3; then\n echo \"Another instance of croutonclip running, waiting...\"\n flock 3\nfi\n\naddtrap \"echo -n > '$CROUTONLOCKDIR/clip' 2>/dev/null\"\n\n(\n # This subshell handles USR1 signals from croutoncycle.\n # It prints a line when it receives a signal, or on VT change (we are able\n # to filter out duplicate notifications).\n\n # Start croutonwebsocket here to give \"wait\" something to wait for\n croutonwebsocket &\n addtrap \"kill $! 2>/dev/null\"\n\n waitwebsocket\n\n # Update on VT change (if user types Ctrl-Alt instead of Ctrl-Alt-Shift)\n if hash croutonvtmonitor 2>/dev/null; then\n croutonvtmonitor &\n addtrap \"kill $! 2>/dev/null\"\n fi\n\n trap \"echo 'USR1'\" USR1\n\n # Set the PID of this subshell after the trap is in place\n sh -c 'echo -n \"$PPID\"' > \"$CROUTONLOCKDIR/clip\"\n\n # Force an update when started.\n echo \"Force\"\n\n # Wait until all the children have terminated (gets interrupted on signal,\n # which gives handlers a chance to run)\n while ! wait; do\n :\n done\n) | (\n # Do not hold the lock in this subshell and children (especially xsel)\n exec 3>/dev/null\n while read -r line; do\n display=\"`croutoncycle display`\"\n copyclip \"$display\"\n done\n)\n\nexit 1\n" }, { "path": "chroot-bin/croutoncycle", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n. \"$(dirname \"$0\")/../installer/functions\"\n\nUSAGE=\"${0##*/} next|prev|cros|list|#\nCycles through running graphical chroots.\n next: switch to the next display\n prev: switch to the previous display\n cros: switch directly to Chromium OS\n list: list all of the active displays and the associated chroot name\n #: switch to the nth item in the list, zero-indexed\n :#: switch directly to the chroot owning the specified display number\"\n\n# Undocumented:\n# display: return display associated with current window\n# (used from croutonclip):\n# - cros: Chromium OS\n# - :0: Chromium OS X11 display (non-aura window)\n# - :1-9: chroot displays\n# s: informs of a Chromium OS window change (called from extension):\n# - cros: any Chromium OS window\n# - :1-9: kiwi window: X11 display number\n# force [command]: Force switching display, even if it does not appear\n# to be necessary.\n\nforce=''\nif [ \"${1#[Ff]}\" != \"$1\" ]; then\n force='y'\n shift\nfi\n\ncase \"$1\" in\n[Ll]*) cmd='l';;\n[Dd]*) cmd='d';;\n[Cc]*) cmd='0';;\n[Pp]*) cmd='p';;\n[Nn]*) cmd='n';;\n[Ss]*) cmd='s' disp=\"${1#s}\";;\n:*) cmd=\"${1%%.*}\"; cmd=\":$((${cmd#:}))\";;\n[0-9]*) cmd=\"$(($1))\";;\n*) error 2 \"$USAGE\";;\nesac\n\n# Returns the chroot name of an X11 display specified in $1 on stdout\ngetname() {\n local name='Unknown'\n if [ \"$1\" = 'cros' ]; then\n if [ -r '/var/host/lsb-release' ]; then\n name=\"$(awk -F= '/_RELEASE_NAME=/{print $2}' \\\n '/var/host/lsb-release')\"\n fi\n else\n local crname=\"$(DISPLAY=\":${1#:}\" xprop -root CROUTON_NAME 2>/dev/null)\"\n if [ \"${crname%\\\"}\" != \"$crname\" ]; then\n crname=\"${crname%\\\"}\"\n name=\"${crname#*\\\"}\"\n fi\n fi\n echo \"$name\"\n}\n\n# Only let one instance run at a time to avoid nasty race conditions\n# Make sure to release this before running websocket commands\nmkdir -m 775 -p \"$CROUTONLOCKDIR\"\nexec 3>\"$CROUTONLOCKDIR/cycle\"\nchmod -Rf g+rwX \"$CROUTONLOCKDIR\" || true\nchgrp -Rf crouton \"$CROUTONLOCKDIR\" || true\nflock 3\n\n# set display command from extension\nif [ \"$cmd\" = 's' ]; then\n echo \"$disp\" > \"$CRIATDISPLAY\"\n if [ -s \"$CROUTONLOCKDIR/clip\" ]; then\n kill -USR1 \"$(cat \"$CROUTONLOCKDIR/clip\")\" || true\n fi\n exit 0\nfi\n\n# Ensure environment sanity\nexport XAUTHORITY=''\n\n# Set to y if there is any xiwi instance running\nxiwiactive=''\n\n# Prepare display list for easier looping\ndisplist='cros'\nfor disp in /tmp/.X*-lock; do\n disp=\"${disp#*X}\"\n disp=\":${disp%-lock}\"\n # Only add VT-based and xiwi-based chroots here (that excludes Xephyr)\n if [ \"$disp\" = ':0' ]; then\n continue\n elif DISPLAY=\"$disp\" xprop -root 'XFree86_VT' 2>/dev/null \\\n | grep -q 'INTEGER'; then\n displist=\"$displist $disp\"\n elif DISPLAY=\"$disp\" xprop -root 'CROUTON_XMETHOD' 2>/dev/null \\\n | grep -q '= \"xiwi'; then\n displist=\"$displist $disp\"\n xiwiactive='y'\n fi\ndone\n\n# Set to the freon display owner if freon is used\nfreonowner=''\nif [ ! -f \"/sys/class/tty/tty0/active\" ]; then\n if [ -f \"$CROUTONLOCKDIR/display\" ]; then\n read -r freonowner < \"$CROUTONLOCKDIR/display\"\n fi\n freonowner=\"${freonowner:-0}\"\n tty=''\nelse\n tty=\"$(cat '/sys/class/tty/tty0/active')\"\nfi\n\n# Determine current display\nif [ \"$freonowner\" = 0 -o \"$tty\" = 'tty1' ]; then\n # In Chromium OS or xiwi chroot\n curdisp='cros'\n if [ -n \"$xiwiactive\" -a -s \"$CRIATDISPLAY\" ]; then\n kiwidisp=\"$(cat \"$CRIATDISPLAY\")\"\n if [ \"${kiwidisp#:[0-9]}\" != \"$kiwidisp\" ]; then\n curdisp=\"$kiwidisp\"\n fi\n fi\nelif [ -z \"$freonowner\" ]; then\n # Poll the displays to figure out which one owns this VT\n curdisp=\"$tty\"\n for disp in $displist; do\n if [ \"$disp\" = 'cros' ]; then\n continue\n fi\n if DISPLAY=\"$disp\" xprop -root 'XFree86_VT' 2>/dev/null \\\n | grep -q \" ${tty#tty}\\$\"; then\n curdisp=\"$disp\"\n break\n fi\n done\nelse\n # Match the pid to the current freon owner\n for lockfile in /tmp/.X*-lock; do\n if grep -q \"\\\\<$freonowner$\" \"$lockfile\"; then\n curdisp=\"${lockfile#*X}\"\n curdisp=\":${curdisp%%-*}\"\n fi\n done\nfi\n\n# List the displays if requested\nif [ \"$cmd\" = 'l' -o \"$cmd\" = 'd' ]; then\n for disp in $displist; do\n active=' '\n if [ \"$disp\" = \"$curdisp\" ]; then\n active='*'\n if [ \"$cmd\" = 'd' ]; then\n echo \"$disp\"\n exit 0\n fi\n fi\n\n if [ \"$cmd\" = 'l' ]; then\n echo -n \"$disp$active \"\n getname \"$disp\"\n fi\n done\n exit 0\nfi\n\n# Determine the target display\nif [ -n \"${cmd#[pn]}\" ]; then\n if [ \"${cmd#:}\" != \"$cmd\" ]; then\n destdisp=\"$cmd\"\n else\n i=0\n destdisp=''\n for disp in $displist; do\n if [ \"$i\" -eq \"$cmd\" ]; then\n destdisp=\"$disp\"\n break\n fi\n i=\"$((i+1))\"\n done\n if [ -z \"$destdisp\" ]; then\n error 2 \"Display number out of range.\"\n fi\n fi\nelif [ \"$cmd\" = 'p' ]; then\n destdisp=\"${displist##* }\"\n for disp in $displist; do\n if [ \"$disp\" = \"$curdisp\" ]; then\n break\n fi\n destdisp=\"$disp\"\n done\nelif [ \"$cmd\" = 'n' ]; then\n destdisp=''\n for disp in $displist; do\n if [ -n \"$destdisp\" ]; then\n destdisp=\"$disp\"\n break\n elif [ \"$disp\" = \"$curdisp\" ]; then\n destdisp=\"${displist%% *}\"\n fi\n done\n if [ -z \"$destdisp\" ]; then\n destdisp=\"${displist%% *}\"\n fi\nelse\n error 3 \"Bad command $cmd.\"\nfi\n\n# No-op on no-op\nif [ \"$destdisp\" = \"$curdisp\" -a -z \"$force\" ]; then\n exit 0\nfi\n\n# Determine if the target display is on a VT\nif [ \"${destdisp#:}\" = \"$destdisp\" ]; then\n if [ \"$destdisp\" != 'cros' ]; then\n error 3 \"Bad destination display $destdisp.\"\n fi\n if [ -z \"$freonowner\" ]; then\n export DISPLAY=\":0\"\n export XAUTHORITY='/var/host/Xauthority'\n if [ \"$tty\" != 'tty1' ]; then\n sudo -n chvt 1\n sleep .1\n fi\n elif [ \"${freonowner:-0}\" != 0 ]; then\n kill -USR1 \"$freonowner\"\n fi\n\n if [ -n \"$xiwiactive\" ]; then\n # Release the croutoncycle lock\n exec 3>&-\n STATUS=\"$(echo -n \"Xcros\" | websocketcommand)\"\n if [ \"$STATUS\" != 'XOK' ]; then\n error 1 \"${STATUS#?}\"\n fi\n fi\nelse\n export DISPLAY=\"$destdisp\"\n xmethod=\"$(xprop -root 'CROUTON_XMETHOD' 2>/dev/null \\\n | sed -n 's/^.*\\\"\\(.*\\)\\\"/\\1/p')\"\n if [ \"${xmethod%%-*}\" = 'xiwi' ]; then\n if [ -z \"$freonowner\" -a \"$tty\" != 'tty1' ]; then\n sudo -n chvt 1\n sleep .1\n elif [ \"${freonowner:-0}\" != 0 ]; then\n kill -USR1 \"$freonowner\"\n fi\n # Release the croutoncycle lock\n exec 3>&-\n STATUS=\"$(echo -n \"X${destdisp} ${xmethod#*-}\" | websocketcommand)\"\n if [ \"$STATUS\" != 'XOK' ]; then\n error 1 \"${STATUS#?}\"\n fi\n elif [ -z \"$freonowner\" ]; then\n dest=\"$(xprop -root 'XFree86_VT' 2>/dev/null)\"\n dest=\"${dest##* }\"\n if [ \"${dest#[1-9]}\" = \"$dest\" ]; then\n dest='1'\n fi\n # When the destination we are changing to is using fbdev driver in X, we\n # need first a change to vt 2, else only the session switches and the\n # display will be stuck on the old vt.\n sudo -n chvt 2\n sudo -n chvt \"$dest\"\n else\n dest=\"/tmp/.X${destdisp#:}-lock\"\n if [ -f \"$dest\" ]; then\n # Trigger the target before releasing the current owner\n kill -USR1 \"$(cat \"/tmp/.X${destdisp#:}-lock\")\"\n fi\n if [ \"${freonowner:-0}\" != 0 ]; then\n kill -USR1 \"$freonowner\"\n fi\n fi\nfi\n\nif [ -s \"$CROUTONLOCKDIR/clip\" ]; then\n kill -USR1 \"$(cat \"$CROUTONLOCKDIR/clip\")\" || true\nfi\n\n# Wait a flip and then refresh the display for good measure\nif [ -n \"$DISPLAY\" ] && hash xrefresh 2>/dev/null; then\n sleep .1\n xrefresh\nfi\n\nexit 0\n" }, { "path": "chroot-bin/croutonfindnacl", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# croutonfindnacl address signature [\"pids\"]\n#\n# This script is used by croutonfbserver to find the nacl_helper process it is\n# connected to, and, in particular, the file descriptor corresponding to the shm\n# memory that the nacl_helper process shares with Chromium.\n#\n# - address: NaCl-space address of the shared memory (hexadecimal). We assume\n# that the NaCl/hardware memory mapping conserves the address,\n# possibly with a prefix in the MSBs.\n# - signature: random 8 byte pattern (hexadecimal, machine byte order) that is\n# written at the beginning of the shared buffer by the NaCl\n# application. The first 8 bytes of each candidate buffer is read,\n# guaranteeing that the correct buffer is returned.\n# - pids: (normally ununsed, defaults to all processes named \"nacl_helper\")\n# Space-separated list of PIDs to scan for.\n#\n# On success, prints \"pid:filename\" and exits with code 0.\n# On error (shm not found, invalid parameters), exits with code >0.\n\nset -e\n\nVERBOSE=\n\nif [ \"$#\" -lt 2 -o \"$#\" -gt 3 ]; then\n echo \"Invalid parameters\"\n exit 2\nfi\n\nADDRESS=\"$1\"\nPATTERN=\"$2\"\nPIDS=\"${3:-\"`pgrep nacl_helper`\"}\"\n\nMATCH=\"\"\n\n# Iterate over all NaCl helper processes\nfor pid in $PIDS; do\n [ -n \"$VERBOSE\" ] && echo \"pid:$pid\" 1>&2\n # Find candidate mappings\n file=\"`awk '$1 ~ /^[0-9a-f]*'\"$ADDRESS\"'-/ && $2 == \"rw-s\" \\\n && $6 ~ /\\/shm\\/\\.(com\\.google\\.Chrome|org\\.chromium\\.Chromium)/ \\\n { print $6 }\n ' \"/proc/$pid/maps\"`\"\n [ -n \"$VERBOSE\" ] && echo \"file:$file\" 1>&2\n if [ -z \"$file\" ]; then\n continue\n fi\n\n # Iterate over mappings, and check signature\n for fd in \"/proc/$pid/fd\"/*; do\n link=\"$(readlink -- \"$fd\" || true)\"\n link=\"${link% (deleted)}\"\n if [ \"$link\" = \"$file\" ]; then\n # Check if signature matches\n pattern=\"`od -An -t x1 -N8 \"$fd\" | tr -d ' '`\"\n [ -n \"$VERBOSE\" ] && echo \"FD:$fd ($pattern)\" 1>&2\n if [ \"$pattern\" = \"$PATTERN\" ]; then\n # Second match? This should never happen\n if [ -n \"$MATCH\" ]; then\n echo -n \"-1:ambiguous\"\n exit 1\n fi\n MATCH=\"$pid:$fd\"\n fi\n fi\n done\ndone\n\nif [ -n \"$MATCH\" ]; then\n echo -n \"$MATCH\"\n exit 0\nelse\n echo -n \"-1:no match\"\n exit 1\nfi\n" }, { "path": "chroot-bin/croutonnotify", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nUSAGE=\"${0##*/} -j\n${0##*/} -t title [-m message] [-d] [-i icon] [-I id]\nRaises a notification in Chromium OS (requires crouton extension).\n\nWhen -j is specified, reads JSON data from stdin, in the format required\nby chrome.notifications API, with 2 additional fields, \\\"crouton_id\\\" and\n\\\"crouton_display\\\", corresponding respectively to the notification id, and the\ndisplay to switch to when the notification is clicked (croutoncycle parameter).\n\nOtherwise, constructs a \\\"basic\\\" notification with the requested fields.\n\nOptions:\n -j Read JSON data from stdin (see example below)\n -t Title to display (chrome.notifications field: \\\"title\\\")\n -m Message to display (chrome.notifications field: \\\"message\\\")\n -d Switch to display in environment variable DISPLAY ($DISPLAY) when\n the notification is clicked. Default: Do not switch display.\n -i Small icon to display on the left of the notification\n (chrome.notifications field: \\\"iconUrl\\\")\n -I ID to pass to chrome.notifications.create: only the last\n notification with a given ID is shown.\n Default: Display a new notification.\n\nExample JSON data:\n\"'{\n \"type\": \"basic\",\n \"title\": \"Primary Title\",\n \"message\": \"Primary message to display\",\n \"crouton_display\": \":1\",\n \"iconUrl\": \"data:image/png;base64,\"\n}'\n\n. \"$(dirname \"$0\")/../installer/functions\"\n\nSWITCHDISPLAY=\"\"\nMESSAGE=\"\"\nTITLE=\"\"\nID=\"\"\nICON=\"\"\nJSON=\"\"\n\n# Process arguments\nwhile getopts 'di:I:jm:t:' f; do\n case \"$f\" in\n d) SWITCHDISPLAY=\"$DISPLAY\";;\n i) ICON=\"$OPTARG\";;\n I) ID=\"$OPTARG\";;\n j) JSON=\"y\";;\n m) MESSAGE=\"$OPTARG\";;\n t) TITLE=\"$OPTARG\";;\n \\?) error 2 \"$USAGE\";;\n esac\ndone\n\n# No extra parameters, -j precludes other parameters, and at least title\n# must be specified (or -j)\nif [ \"$#\" != \"$((OPTIND-1))\" ] ||\n [ \"$JSON\" = 'y' -a -n \"$SWITCHDISPLAY$ICON$ID$MESSAGE$TITLE\" ] ||\n [ -z \"$JSON$TITLE\" ]; then\n error 2 \"$USAGE\"\nfi\n\nif [ -n \"$ICON\" ] && [ ! -r \"$ICON\" -o ! -f \"$ICON\" ]; then\n error 2 \"Cannot open $ICON.\"\nfi\n\n# Escape json string (backslash and double quotes)\njson_escape() {\n echo -n \"$1\" | sed -e 's/\\\\/\\\\u005C/g;s/\"/\\\\u0022/g;2~1s/^/\\\\u000A/;' \\\n | tr -d '\\n'\n}\n\nSTATUS=\"$({\n echo -n \"N\"\n if [ -z \"$JSON\" ]; then\n echo -n '{\n \"type\": \"basic\",\n \"title\": \"'\"$(json_escape \"$TITLE\")\"'\",\n \"message\": \"'\"$(json_escape \"$MESSAGE\")\"'\",\n \"crouton_display\": \"'\"$(json_escape \"$SWITCHDISPLAY\")\"'\",\n \"crouton_id\": \"'\"$(json_escape \"$ID\")\"'\"'\n if [ -n \"$ICON\" ]; then\n ext=\"${ICON##*.}\"\n if grep -Iq '&2\n exit 2\n fi\n exec \"$EXEC\" \"$@\";;\nesac\n\nhostdbus=''\nif hash host-dbus 2>/dev/null; then\n hostdbus='host-dbus'\nfi\n\npingpowerd() {\n $hostdbus dbus-send --system --dest=org.chromium.PowerManager \\\n --type=method_call /org/chromium/PowerManager \\\n org.chromium.PowerManager.HandleUserActivity \\\n int32:0 || true\n}\n\nif [ \"$CMD\" = 'p' ]; then\n # Ping\n pingpowerd\n exec \"${EXEC:-\"true\"}\" \"$@\"\nelif [ \"$CMD\" = 'i' ]; then\n # Inhibit\n while pingpowerd; do\n sleep \"$INHIBITSLEEP\"\n done &\n pid=$!\n addtrap \"kill '$pid' 2>/dev/null\"\n if [ -n \"$EXEC\" ]; then\n \"$EXEC\" \"$@\"\n elif [ -n \"$2\" ]; then\n shift\n \"$@\"\n else\n wait $pid\n fi\nelif [ -n \"$EXEC\" ]; then\n exec \"$EXEC\" \"$@\"\nelif [ \"$CMD\" = 's' ]; then\n if hash croutoncycle 2>/dev/null; then\n croutoncycle cros\n fi\n $hostdbus dbus-send --system --dest=org.chromium.PowerManager \\\n --type=method_call /org/chromium/PowerManager \\\n org.chromium.PowerManager.RequestSuspend || true\nelif [ \"$CMD\" = 'd' ]; then\n if [ -z \"$DISPLAY\" ]; then\n error 1 'Cannot launch daemon: $DISPLAY not specified.'\n fi\n\n # Daemon\n xdgs='/usr/bin/xdg-screensaver'\n xi2pid=''\n\n # Send pings to powerd at regular intervals, if the user is active (i.e.\n # there are input events), or if the screensaver is disabled.\n # For performance reason, we probably do not want to monitor every single\n # X input events. Therefore, we start a subshell that pings powerd upon\n # receiving a single event, then quits.\n # Every $DAEMONSLEEP seconds we check if that subshell if alive, and\n # restart it if necessary. This means that we miss events during up to \n # $DAEMONSLEEP seconds, and, if powerd timeout is X seconds, then the\n # screen may already dim after X-DAEMONSLEEP seconds of inactivity. This is\n # not noticeable if DAEMONSLEEP is much smaller than X (usually, X=300s).\n\n while sleep \"$DAEMONSLEEP\"; do\n if [ \"`\"$xdgs\" status 2>/dev/null`\" = 'disabled' ]; then\n # Screensaver disabled: ping\n pingpowerd\n elif [ -z \"$xi2pid\" ] || ! kill -0 \"$xi2pid\" 2>/dev/null; then\n # croutonxi2event subshell is not running\n\n if [ -n \"$xi2pid\" ]; then\n # Fail if return status from process != 0: wait returns the exit\n # status of the child, and this shell exits on error (-e)\n wait $xi2pid\n fi\n\n # Wait for input event, then ping immediately\n ( croutonxi2event -1 >/dev/null 2>&1 && pingpowerd ) &\n xi2pid=$!\n fi\n done\nfi\n\nexit 0\n" }, { "path": "chroot-bin/croutontriggerd", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n#\n# Monitors keyboard events for the crouton switch command.\n\n. \"`dirname \"$0\"`/../installer/functions\"\n\n# hexdump output format variables\nif getconf LONG_BIT | grep -q 32; then\n HEXDUMP_FMT='2/4 \"%u 0 \" \" \" 2/2 \"%u \" \" \" 1/4 \"%u \" \"\\n\"'\nelse\n HEXDUMP_FMT='4/4 \"%u \" \" \" 2/2 \"%u \" \" \" 1/4 \"%u \" \"\\n\"'\nfi\nSECONDS_LO='$1'\nSECONDS_HI='$2'\nUSECONDS_LO='$3'\nUSECONDS_HI='$4'\nTYPE='$5'\nKEY='$6'\nSTATE='$7'\n\n# constants\nTYPE_EV_KEY=1\nSTATE_DOWN=1\nSTATE_UP=0\nKEY_LEFTCTRL=29\nKEY_LEFTALT=56\nKEY_LEFTSHIFT=42\nKEY_RIGHTCTRL=97\nKEY_RIGHTALT=100\nKEY_RIGHTSHIFT=54\nKEY_F1=59\nKEY_F2=60\n\nEVENT_DEV_POLL=15\n\n# Only one at a time. xbindkeys lockfile is for legacy compatibility\nmkdir -m 775 -p \"$CROUTONLOCKDIR\"\nexec 3>>\"$CROUTONLOCKDIR/xbindkeys\"\nchmod -Rf g+rwX \"$CROUTONLOCKDIR\" || true\nchgrp -Rf crouton \"$CROUTONLOCKDIR\" || true\nif ! flock -n 3; then\n echo \"Another instance of ${0##*/} running, waiting...\"\n flock 3\nfi\n\n# Reset event variables to handle strange environments\nunset `set | grep -o '^event[0-9]*'` 2>/dev/null || true\n\n# Poll for new event files and dump the output\nwhile :; do\n # Clean up old hexdumps and start new ones\n for event in `set | grep -o '^event[0-9]*'` /dev/input/event*; do\n # Check if the event file is already monitored\n eval \"pid=\\\"\\${${event##*/}:-0}\\\"\"\n if [ \"$pid\" != 0 ]; then\n # Check if it's still running\n if kill -0 \"$pid\" 2>/dev/null; then\n continue\n fi\n wait \"$pid\" || true\n fi\n # Clean up old variables\n if [ \"${event#/}\" = \"$event\" ]; then\n unset \"$event\"\n else\n # Read in the event files and split into input_event fields\n stdbuf -oL hexdump -e \"$HEXDUMP_FMT\" \"$event\" &\n eval \"${event##*/}='$!'\"\n fi\n done\n # Avoid picking up the event variable\n unset event\n # Kill all event daemons\n pids=\"`set | sed -n 's/^event[0-9]*=.\\(.*\\).$/\\1/p' | tr '\\n' ' '`\"\n settrap \"kill $pids 2>/dev/null;\"\n # Wait for next poll\n sleep \"$EVENT_DEV_POLL\"\ndone | unbuffered_awk \"\n function update() {\n c = lc || rc; s = ls || rs; a = la || ra\n if (!cmd && c && s && a && p) {\n cmd = \\\"p\\\"\n } else if (!cmd && c && s && a && n) {\n cmd = \\\"n\\\"\n } else if (cmd && !c && !s && !a && !p && !n) {\n system(\\\"/usr/local/bin/croutoncycle \\\" cmd)\n cmd = \\\"\\\"\n }\n }\n $TYPE == $TYPE_EV_KEY && $KEY == $KEY_LEFTCTRL { lc = $STATE; update() }\n $TYPE == $TYPE_EV_KEY && $KEY == $KEY_LEFTSHIFT { ls = $STATE; update() }\n $TYPE == $TYPE_EV_KEY && $KEY == $KEY_LEFTALT { la = $STATE; update() }\n $TYPE == $TYPE_EV_KEY && $KEY == $KEY_RIGHTCTRL { rc = $STATE; update() }\n $TYPE == $TYPE_EV_KEY && $KEY == $KEY_RIGHTSHIFT { rs = $STATE; update() }\n $TYPE == $TYPE_EV_KEY && $KEY == $KEY_RIGHTALT { ra = $STATE; update() }\n $TYPE == $TYPE_EV_KEY && $KEY == $KEY_F1 { p = $STATE; update() }\n $TYPE == $TYPE_EV_KEY && $KEY == $KEY_F2 { n = $STATE; update() }\n\"\n" }, { "path": "chroot-bin/croutonurlhandler", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nNEWTABPAGE='chrome://newtab'\nUSAGE=\"${0##*/} [-n] [URL]\nOpen an URL in Chromium OS (requires crouton extension).\nIf no URL is specified, opens $NEWTABPAGE instead.\nSwitches back to Chromium OS unless -n is specified.\"\n\n. \"`dirname \"$0\"`/../installer/functions\"\n\nnoswitch=''\nif [ \"$1\" = '-n' ]; then\n noswitch='y'\n shift\nfi\n\nif [ -z \"$*\" ]; then\n set -- \"$NEWTABPAGE\"\nelif [ \"$1\" = '-h' -o \"$1\" = '--help' ]; then\n error 0 \"$USAGE\"\nfi\n\nSTATUS=\"`echo -n U\"$*\" | websocketcommand`\"\n\nif [ \"$STATUS\" != 'UOK' ]; then\n error 1 \"${STATUS#?}\"\nfi\n\nif [ -z \"$noswitch\" ]; then\n croutoncycle cros\nfi\n" }, { "path": "chroot-bin/croutonversion", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nVERSION='unknown'\nRELEASE='unknown'\nARCH='unknown'\n\nAPPLICATION=\"${0##*/}\"\nCHANGES=''\nDOWNLOAD=''\nUPDATES=''\n\nBRANCH=\"${VERSION##*~}\"\nBRANCH=\"${BRANCH%%:*}\"\nCOMMIT=\"${VERSION##*:}\"\nCHANGESURL=\"https://github.com/dnschneid/crouton/compare/$COMMIT...\"\nINSTALLER=\"crouton-$BRANCH\"\nINSTALLER=\"${INSTALLER%-master}\"\nCROUTONURL=\"https://github.com/dnschneid/crouton/raw/releases/$INSTALLER\"\nDEST=\"$HOME/Downloads/$INSTALLER\"\n\nUSAGE=\"$APPLICATION [options]\n\nReports the version of crouton installed, checks if updates are available,\nand/or launches a changelog.\n\nIf no options are specified, outputs crouton version information to STDOUT.\n\nOptions:\n -a Prints the architecture of this chroot to stdout.\n -c Launches a browser to view the list of changes.\n If -u is specified, only launches if a newer version exists.\n -d Downloads the latest version of crouton to the location specified.\n If -u is specified, only downloads if the version is newer.\n -f FILE Changes the destination of the downloaded crouton.\n Default: $DEST\n -h Prints out usage.\n -r Prints the release of this chroot to stdout.\n -u Checks for updates, and prints out the updated version number.\"\n\n\n# Function to exit with exit code $1, spitting out message $@ to stderr\nerror() {\n local ecode=\"$1\"\n shift\n echo \"$*\" 1>&2\n exit \"$ecode\"\n}\n\n# Process arguments\nwhile getopts 'acdf:ru' f; do\n case \"$f\" in\n a) echo \"$ARCH\"; exit 0;;\n c) CHANGES='y';;\n d) DOWNLOAD='y';;\n f) DEST=\"$OPTARG\";;\n r) echo \"$RELEASE\"; exit 0;;\n u) UPDATES='y';;\n \\?) error 2 \"$USAGE\";;\n esac\ndone\n\n# No extra parameters\nif [ \"$#\" != \"$((OPTIND-1))\" ]; then\n error 2 \"$USAGE\"\nfi\n\n# Print out version if nothing else specified\nif [ -z \"$CHANGES$DOWNLOAD$UPDATES\" ]; then\n echo \"crouton: version $VERSION\"\n echo \"release: $RELEASE\"\n echo \"architecture: $ARCH\"\n xmethodfile='/etc/crouton/xmethod'\n if [ -r \"$xmethodfile\" ]; then\n echo \"xmethod: `cat \"$xmethodfile\"`\"\n fi\n targetfile='/etc/crouton/targets'\n if [ -r \"$targetfile\" ]; then\n echo \"targets: `sed 's/^,//' \"$targetfile\"`\"\n fi\n hostrel='/var/host/lsb-release'\n if [ -r \"$hostrel\" ]; then\n host=\"`awk -F= '/_RELEASE_DESCRIPTION=/{print $2}' \"$hostrel\"`\"\n fi\n echo \"host: version ${host:-unknown}\"\n echo \"kernel: $(uname -a)\"\n freon=\"yes\"\n if [ -f /sys/class/tty/tty0/active ]; then\n freon=\"no\"\n fi\n echo \"freon: $freon\"\n exit 0\nfi\n\n# Print out version to stderr for info\necho \"crouton: version $VERSION\" 1>&2\n\nlatest=''\ntmpdir=''\nif [ -n \"$UPDATES$DOWNLOAD\" ]; then\n tmpdir=\"`mktemp -d --tmpdir=/tmp crouton.XXX`\"\n trap \"rm -rf --one-file-system '$tmpdir'\" INT HUP 0\n echo \"Retrieving latest version of $INSTALLER\" 1>&2\n if ! wget \"$CROUTONURL\" -O \"$tmpdir/$INSTALLER\" 2>\"$tmpdir/log\"; then\n cat \"$tmpdir/log\" 1>&2\n echo \"Failed to retrieve latest version of $INSTALLER\" 1>&2\n exit 1\n fi\n latest=\"`awk -F\"'\" '/^VERSION=/{print $2;exit}' \"$tmpdir/$INSTALLER\"`\"\nfi\n\n# Print out latest version number if requested\nif [ -n \"$UPDATES\" ]; then\n echo \"latest: version $latest\"\nelif [ -n \"$latest\" ]; then\n echo \"latest: version $latest\" 1>&2\nfi\n\n# Save latest version if requested\nif [ -n \"$DOWNLOAD\" -a \"$VERSION\" != \"$latest\" ]; then\n echo \"Saving latest version to $DEST\" 1>&2\n mv -f \"$tmpdir/$INSTALLER\" \"$DEST\"\nfi\n\n# Launch changelog if requested\nif [ -n \"$CHANGES\" -a \"$VERSION\" != \"$latest\" ]; then\n # Check if changelogs are available from this version / to this branch\n if ! wget \"$CHANGESURL$BRANCH\" -O/dev/full 2>&1 | grep -q '404 Not Found'; then\n CHANGESURL=\"$CHANGESURL$BRANCH\"\n elif ! wget \"${CHANGESURL}master\" -O/dev/full 2>&1 | grep -q '404 Not Found'; then\n CHANGESURL=\"${CHANGESURL}master\"\n else\n # Fall back on the main commit log\n CHANGESURL='https://github.com/dnschneid/crouton/commits/'\n fi\n # One of these will probably work...\n for x in exo-open gnome-open kde-open xdg-open \\\n sensible-browser x-www-browser www-browser; do\n if hash \"$x\" 2>/dev/null; then\n browser=\"$x\"\n break\n fi\n done\n if [ -z \"$browser\" ]; then\n error 2 \"No browser found to view $CHANGESURL\"\n fi\n # Launch the webpage\n if ! \"$browser\" \"$CHANGESURL\"; then\n error 1 \"Failed to launch browser to view $CHANGESURL\"\n fi\nfi\n\nexit 0\n" }, { "path": "chroot-bin/croutonxinitrc-wrapper", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# xinitrc wrapper for crouton:\n# 1. Runs crouton-specific commands\n# 2. Runs the provided client (emulating xinit behaviour)\n# 3. Runs crouton-specific commands before the server is destroyed\n\ncmd=''\nextraargs=''\nbinary=''\nret=0\n\n# This part is a translation of what is found in xorg's xinit.c\n\nif [ -z \"$1\" ] || [ \"${1#[/.]}\" = \"$1\" ]; then\n # No client parameter: find .xinitrc if possible, run xterm otherwise\n required=''\n\n if [ -n \"$XINITRC\" ]; then\n cmd=\"$XINITRC\"\n required='y'\n elif [ -n \"$HOME\" ]; then\n cmd=\"$HOME/.xinitrc\"\n fi\n\n if [ ! -e \"$cmd\" ]; then\n if [ -n \"$required\" ]; then\n echo \"Warning, no client init file \\\"$cmd\\\"\" 1>&2\n fi\n\n # If no client is given, use default command\n cmd=\"xterm\"\n extraargs=\"-geometry +1+1 -n login\"\n # Make sure xterm is executed directly: let sh resolve the path\n binary='y'\n fi\nelse\n cmd=\"$1\"\n shift\nfi\n\n# Run crouton-specific commands:\n\n# Show chroot specifics for troubleshooting\ncroutonversion 1>&2\n\nif [ -z \"$XMETHOD\" ]; then\n if [ -f '/etc/crouton/xmethod' ]; then\n read -r XMETHOD _ < /etc/crouton/xmethod\n export XMETHOD\n else\n echo 'X11 backend not set.' 1>&2\n exit 1\n fi\nfi\nxmethodtype=\"${XMETHOD%%-*}\"\nxmethodargs=\"${XMETHOD#*-}\"\n\n# Record the name of the chroot in the root window properties\nif [ -f '/etc/crouton/name' ] && hash xprop 2>/dev/null; then\n xprop -root -f CROUTON_NAME 8s -set CROUTON_NAME \"`cat '/etc/crouton/name'`\"\nfi\n\n# Record the crouton XMETHOD in the root window properties\nxprop -root -f CROUTON_XMETHOD 8s -set CROUTON_XMETHOD \"$XMETHOD\"\n\n# Launch the powerd poker daemon\ncroutonpowerd --daemon &\n\n# Launch the clipboard synchronization daemon\nif hash croutonclip 2>/dev/null; then\n croutonclip &\nfi\n\n# Launch system-wide trigger daemon\ncroutontriggerd &\n\n\n# Apply the Chromebook keyboard map. Not needed for non-Freon xiwi.\nif [ \"$xmethodtype\" != 'xiwi' -o ! -f \"/sys/class/tty/tty0/active\" ]; then\n # Apply the Chromebook keyboard map if installed.\n if [ -f '/usr/share/X11/xkb/compat/chromebook' ]; then\n setxkbmap -model chromebook\n fi\nfi\n\n# Input-related stuff is not needed for kiwi\nif [ \"$xmethodtype\" != \"xiwi\" ]; then\n\n # Launch X-server-local key binding daemon\n xbindkeys -fg /etc/crouton/xbindkeysrc.scm\n\n # Launch touchegg if it is requested.\n toucheggconf='/etc/touchegg.conf'\n if [ -f \"$toucheggconf\" ]; then\n mkdir -p \"$HOME/.config/touchegg\"\n ln -sf \"$toucheggconf\" \"$HOME/.config/touchegg/\"\n touchegg 2>/dev/null &\n fi\n\n # Configure trackpad settings if needed\n if synclient >/dev/null 2>&1; then\n # Elan trackpads usually like these settings\n if grep -q 'Elan Touchpad' /sys/class/input/event*/device/name; then\n SYNCLIENT=\"FingerLow=1 FingerHigh=5 $SYNCLIENT\"\n fi\n # Other special cases\n case \"`awk -F= '/_RELEASE_BOARD=/{print $2}' '/var/host/lsb-release'`\" in\n butterfly*|eve*|falco*)\n SYNCLIENT=\"FingerLow=1 FingerHigh=5 $SYNCLIENT\";;\n parrot*|peppy*|wolf*)\n SYNCLIENT=\"FingerLow=5 FingerHigh=10 $SYNCLIENT\";;\n esac\n if [ -n \"$SYNCLIENT\" ]; then\n synclient $SYNCLIENT\n fi\n fi\nfi\n\n# Crouton-in-a-tab: Start fbserver and launch display\nif [ \"$xmethodtype\" = 'xiwi' ]; then\n # The extension sends evdev key codes: fix the keyboard mapping rules\n setxkbmap -rules evdev\n # Reapply xkb map: This fixes autorepeat mask in \"xset q\"\n xkbcomp \"$DISPLAY\" - | xkbcomp - \"$DISPLAY\" 2>/dev/null\n\n # Set resolution to a default 1024x768, this is important so that the DPI\n # looks reasonable when the WM/DE start.\n setres 1024 768 > /dev/null\n croutonfbserver \"$DISPLAY\" &\n\n try=1\n while ! croutoncycle force \"$DISPLAY\"; do\n echo \"Cannot connect to extension, retrying...\"\n if [ \"$try\" -ge 10 ]; then\n echo \"\\\nUnable to start display, make sure the crouton extension is installed\nand enabled, and up to date. Download from:\n https://chromewebstore.google.com/detail/crouton-integration/gcpneefbbnfalgjniomfjknbcgkbijom\" 1>&2\n ret=1\n break\n fi\n sleep 1\n try=\"$((try+1))\"\n done\n if [ \"$ret\" -eq 0 ]; then\n echo \"Connected to extension, launched crouton in a window.\" 1>&2\n fi\nfi\n\nif [ \"$xmethodtype\" = \"xorg\" ]; then\n # Since Chromium 56.0.2923.0, Chromium tries to switch off the display when\n # switching VT (crbug.com/655770). For some unclear reason, running xrandr\n # forces the display to be back on, and this is not needed ever again\n # when switching VTs.\n # The loop tries to work around a race that is more likely on xenial\n try=1\n while xrandr --auto 2>&1 | grep . 1>&2; do\n echo \"Kicking xrandr again\" 1>&2\n if [ \"$try\" -ge 10 ]; then\n break\n fi\n sleep 1\n try=\"$((try+1))\"\n done\nfi\n\n# Only run if no error occured before (e.g. cannot connect to extension)\nif [ \"$ret\" -eq 0 ]; then\n # Shell is the leader of a process group, so signals sent to this process\n # are propagated to its children. We ignore signals in this process, but the\n # child handles them and exits. We use a no-op handler, as \"\" causes the\n # signal to be ignored in children as well (see NOTES in \"man 2 sigaction\"\n # for details). This process then runs exit commands, and terminates.\n trap \"true\" HUP INT TERM\n\n # Run the client itself if it is executable, otherwise run it in a shell.\n if [ -n \"$binary\" -o -x \"$cmd\" ]; then\n \"$cmd\" $extraargs \"$@\" || ret=$?\n else\n /bin/sh \"$cmd\" $extraargs \"$@\" || ret=$?\n fi\n\n trap - HUP INT TERM\nfi\n\n# Run crouton-specific commands before the server exits:\n\necho \"Running exit commands...\" 1>&2\n\nexit \"$ret\"\n" }, { "path": "chroot-bin/gnome-session-wrapper", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n#\n# Provides a wrapper around gnome-session to allow gnome-session based\n# desktop environments to work with crouton nicely\n\nUSAGE=\"${0##*/} [session]\nA wrapper around gnome-session that can be passed to xinit.\nProvide the session type in the DESKTOP_SESSION variable, \nor as an optional session argument.\n\nExamples:\n(launch GNOME from crosh with session in DESKTOP_SESSION)\nDESKTOP_SESSION=gnome xinit /etc/X11/xinit/xinitrc ${0##*/}\n\n(launch Unity from an xterm with session as an argument)\n${0##*/} ubuntu\"\n\nexport DESKTOP_SESSION=\"${DESKTOP_SESSION:-\"$1\"}\"\nexport XDG_SESSION_TYPE=\"${XDG_SESSION_TYPE:-\"x11\"}\"\nexport XDG_SESSION_CLASS=\"user\"\n\nSESSION='gnome-session'\nCINNAMON_SESSION='cinnamon-session'\n\nif [ -z \"$DESKTOP_SESSION\" ]; then\n echo \"$USAGE\" 1>&2\n exit 2\nfi\n\n# Cinnamon 2.0 and later uses its own fork of gnome-session\nif [ \"${DESKTOP_SESSION#cinnamon}\" != \"$DESKTOP_SESSION\" ] && \\\n hash \"$CINNAMON_SESSION\" 2>/dev/null; then\n SESSION=\"$CINNAMON_SESSION\"\nfi\n\nSESSION_FILE=\"/usr/share/$SESSION/sessions/$DESKTOP_SESSION.session\"\nXDG_CURRENT_DESKTOP=\"$(awk -F \"=\" '/DesktopName/ {print $2}' \"$SESSION_FILE\")\"\nif [ -n \"$XDG_CURRENT_DESKTOP\" ]; then\n XDG_SESSION_DESKTOP=\"$XDG_CURRENT_DESKTOP\"\n export XDG_CURRENT_DESKTOP XDG_SESSION_DESKTOP\nfi\n\nif [ -z \"$DISPLAY\" ]; then\n exec xinit /etc/X11/xinit/xinitrc \"$0\"\nelse\n exec \"$SESSION\" --session=\"$DESKTOP_SESSION\"\nfi\n" }, { "path": "chroot-bin/host-dbus", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# Either runs the specified command with the environment set to use the host's\n# system dbus instance, or prints out the environment changes required.\n\nexport DBUS_SYSTEM_BUS_ADDRESS='unix:path=/var/host/dbus/system_bus_socket'\nif [ \"$#\" = 0 ]; then\n echo \"export DBUS_SYSTEM_BUS_ADDRESS='$DBUS_SYSTEM_BUS_ADDRESS'\"\nelse\n exec \"$@\"\nfi\n" }, { "path": "chroot-bin/host-wayland", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# Either runs the specified command with the environment set to use the host's\n# wayland server, or prints out the environment changes required.\n\n# If wayland-0 socket does not exit, no Chromium OS wayland server exist\nif [ ! -S \"/var/run/chrome/wayland-0\" ]; then\n err=\"No Chromium OS Wayland server is available.\"\n if [ \"$#\" = 0 ]; then\n echo \"echo '$err' 1>&2\"\n else\n echo \"$err\" 1>&2\n exit 1\n fi\nelse\n export XDG_RUNTIME_DIR='/var/run/chrome'\n if [ \"$#\" = 0 ]; then\n echo \"export XDG_RUNTIME_DIR='$XDG_RUNTIME_DIR'\"\n else\n exec \"$@\"\n fi\nfi\n" }, { "path": "chroot-bin/setres", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# Changes the resolution of the current display.\n# If XMETHOD is xiwi, tries to create a new exact resolution, and change mode\n# to that. If that fails (e.g. non-patched xorg-dummy), take the closest,\n# smaller, available resolution in xrandr, and if no smaller resolution is\n# available, pick the closest one.\n# If XMETHOD is anything else, set a resolution from cvt output.\n# In all cases, outputs the applied resolution.\n\nset -e\n\nif [ \"$#\" -lt 2 -o \"$#\" -gt 4 ]; then\n echo \"USAGE: ${0##*/} x y [r [output]]\" 1>&2\n exit 2\nfi\nx=\"$1\"\ny=\"$2\"\nr=\"${3:-60}\"\no=\"${4}\"\nif [ -z \"$o\" ]; then\n o=\"`xrandr -q | awk 'x{print $1;exit}/^Screen 0/{x=1}'`\"\nfi\n\nxmethod=\"`xprop -root 'CROUTON_XMETHOD' | sed -n 's/^.*\\\"\\(.*\\)\\\"/\\1/p'`\"\n\nif [ \"${xmethod%%-*}\" != \"xiwi\" ]; then\n cvt \"$x\" \"$y\" \"$r\" | {\n read -r _\n read -r _ mode data\n mode=\"${mode#\\\"}\"\n mode=\"${mode%\\\"}\"\n xrandr --newmode \"$mode\" $data 2>/dev/null || true\n xrandr --addmode \"$o\" \"$mode\"\n xrandr --output \"$o\" --mode \"$mode\"\n echo \"$mode\"\n }\n exit 0\nfi\n\n# Replace mode $2 in output $1, with new data $3..$#\n# Deletes the mode if $3 is not provided\nreplacemode() {\n local o=\"$1\"\n local mode=\"$2\"\n shift 2\n xrandr --delmode \"$o\" \"$mode\" 2>/dev/null || true\n xrandr --rmmode \"$mode\" 2>/dev/null || true\n if [ \"$#\" -gt 0 ]; then\n xrandr --newmode \"$mode\" \"$@\"\n xrandr --addmode \"$o\" \"$mode\"\n fi\n}\n\n# Try to change to arbitrary resolution\nmhz=\"$((r*x*y/1000000))\"\nname=\"kiwi_${x}x${y}_${r}\"\n\n# Try to switch mode, if it already exists.\nif xrandr --output \"$o\" --mode \"$name\" 2>/dev/null; then\n echo \"${x}x${y}_${r}\"\n exit 0\nfi\n\n# Add the new mode\nxrandr --newmode \"$name\" $mhz $x $x $x $x $y $y $y $y\nxrandr --addmode \"$o\" \"$name\"\n\n# The next line fails on non-patched xorg-dummy\nif xrandr --output \"$o\" --mode \"$name\"; then\n # Success: remove old modes\n others=\"`xrandr | sed -n 's/^.*\\(kiwi[0-9x_]*\\)[^*]*$/\\1/p'`\"\n for othername in $others; do\n xrandr --delmode \"$o\" \"$othername\" 2>/dev/null || true\n xrandr --rmmode \"$othername\" 2>/dev/null || true\n done\n echo \"${x}x${y}_${r}\"\n exit 0\nelse\n # Delete the new mode\n xrandr --delmode \"$o\" \"$name\" 2>/dev/null || true\n xrandr --rmmode \"$name\" 2>/dev/null || true\nfi\n\n# Probably xorg-dummy got overwritten. Recommend an update.\necho \"Failed to set custom resolution. Update your chroot and try again.\" 1>&2\nexit 1\n" }, { "path": "chroot-bin/startgnome", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# Launches GNOME; automatically falls back to gnome-panel\n\nexec crouton-noroot gnome-session-wrapper gnome\n" }, { "path": "chroot-bin/startunity", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# Launches Unity; will fall back to Unity-2D on supported releases\n\n# Ensure global app menus work.\nexport UBUNTU_MENUPROXY=1\nexport GTK_MODULES=\"unity-gtk-module\"\n\nexec crouton-noroot gnome-session-wrapper ubuntu\n" }, { "path": "chroot-bin/volume", "content": "#!/bin/sh\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# This script uses amixer to present an interface similar to the brightness\n# script for crouton.\n\nset -e\nset -u\n\nDEFAULT_VOLUME_DELTA=5\n\nAPPLICATION=\"${0##*/}\"\nUSAGE=\"$APPLICATION [set] [0-100]\n$APPLICATION up|down [0-100]\n$APPLICATION mute [set|unset|toggle]\n$APPLICATION get [all|volume|mute]\n\nThis script changes the volume of the current output\ndevice, as would changing it with the shortcut keys or\nwith the GUI in Chrome OS.\n\nShortcut invocations:\n $APPLICATION up increases by $DEFAULT_VOLUME_DELTA\n $APPLICATION down decreases by $DEFAULT_VOLUME_DELTA\n $APPLICATION mute sets muted\n $APPLICATION 0-100 sets volume to given value\n $APPLICATION get shortcut for get all\n\"\n# The control which controls the current output.\nALSA_CONTROL=\"Master\"\n\n# Tiny sugar coating around amixer for common parameters.\n_amixer() {\n amixer -Dcras \"$@\"\n}\namixer_get_value() {\n # $1 is the control name to get the value for\n _amixer cget \"name=$1\" | sed -n \\\n -e \"/[[:space:]]\\+:/s/.*=//p\"\n # ^ ^ ^ Print the line.\n # ^ ^ Replace everything before the equal sign.\n # ^ Search for the line with spaces and a colon (the value).\n}\n\nget_volume() {\n amixer_get_value \"$ALSA_CONTROL Playback Volume\"\n}\n\nset_volume() {\n local volume=\"$1\"\n _amixer -q sset $ALSA_CONTROL \"$volume\"\n}\n\nget_is_muted() {\n # Get the alsa state of the control.\n local state=\"$(amixer_get_value \"$ALSA_CONTROL Playback Switch\")\"\n\n # Muted is off (control is off)\n if [ \"$state\" = \"on\" ]; then\n # Is not muted, so is_muted is false\n return 1\n else\n # Is muted, so is_muted is true\n return 0\n fi\n}\n\nget_is_muted_as_text() {\n if get_is_muted; then\n echo \"yes\"\n else\n echo \"no\"\n fi\n}\n\ntoggle_mute() {\n _amixer -q sset $ALSA_CONTROL toggle\n}\n\nmute() {\n _amixer -q sset $ALSA_CONTROL mute\n}\nunmute() {\n _amixer -q sset $ALSA_CONTROL unmute\n}\n\nrelative_volume() {\n local delta=\"$1\"\n\n # Check that this is integer-ish enough.\n if ! [ \"$delta\" -eq \"$delta\" ] 2>/dev/null; then\n error_help \"Error: $APPLICATION needs a number [0-100]\"\n exit 1\n fi\n\n if get_is_muted; then\n if [ \"$delta\" -lt 0 ]; then\n set_volume 0\n fi\n unmute\n else\n # Is the volume going down or up?\n if [ \"$delta\" -lt 0 ]; then\n # Going down, we strip the leading minus sign,\n # And suffix the minus sign.\n set_volume \"${delta#*-}-\"\n else\n # Only suffix the plus sign.\n set_volume \"${delta}+\"\n fi\n fi\n}\n\nprint_help() {\n echo \"$USAGE\"\n}\nerror_help() {\n # Prints an error message and the usage to stderr\n [ $# -gt 0 ] && echo \"$@\" 1>&2\n print_help 1>&2\n}\n\n# Do a sanity check with amixer.\n# An out of date crouton chroot might exhibit problems like:\n# amixer: Control cras element read error: Input/output error\n# We cannot do it in _amixer since it's executed in a subshell and its value is\n# used as a substitution.\nif ! _amixer > /dev/null 2>&1; then\n echo \"Failed to communicate with the audio server. Please update your chroot.\" 1>&2\n exit 2\nfi\n\nif [ $# -lt 1 ]; then\n error_help \"Error: $APPLICATION needs at least a command.\"\n exit 1\nfi\n\ncmd=\"$1\"\nshift\n\ncase \"$cmd\" in\nh*|-h*|--help)\n print_help\n ;;\nup)\n relative_volume \"${1:-$DEFAULT_VOLUME_DELTA}\"\n ;;\ndown)\n relative_volume \"-${1:-$DEFAULT_VOLUME_DELTA}\"\n ;;\nmute)\n action=\"${1-set}\"\n case \"$action\" in\n toggle) toggle_mute ;;\n set) mute ;;\n unset) unmute ;;\n *)\n error_help \"Invalid action: $action for mute.\"\n exit 1\n ;;\n esac\n ;;\nset|[0-9]|[0-9][0-9]|100)\n amount=\"$cmd\"\n # First, check that we received a value to set the volume to.\n if [ $# -eq 0 ] && [ \"$cmd\" = \"set\" ]; then\n error_help \"Error: $APPLICATION set needs an amount to set.\"\n exit 1\n fi\n # The value /could/ have been a parameter or the command itself.\n if [ $# -gt 0 ]; then\n amount=\"$1\"\n shift\n fi\n # Check that this is integer-ish enough.\n if ! [ \"$amount\" -eq \"$amount\" ] 2>/dev/null; then\n error_help \"Error: $APPLICATION set needs a number [0-100]\"\n exit 1\n fi\n set_volume \"$amount\"\n ;;\nget)\n action=\"${1-all}\"\n case \"$action\" in\n mute) get_is_muted_as_text ;;\n volume) get_volume ;;\n all)\n echo \"Volume: $(get_volume)\"\n echo \"Muted: $(get_is_muted_as_text)\"\n ;;\n *)\n error_help \"Invalid action: $action for get.\"\n exit 1\n ;;\n esac\n ;;\n*)\n error_help \"Error: Unkown command $cmd\"\n exit 1\n ;;\nesac\n" }, { "path": "chroot-bin/xinit", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# Adds a :# to the xinit command line, where # is the first available display\n# number. Also adds the -- to the command line and references the global\n# xserverrc if it isn't already there. By putting this in /usr/local/bin, PATH\n# will prefer it and scripts that call xinit will automagically work.\n\nxserverrc='/etc/X11/xinit/xserverrc'\ndash='--'\nfor arg in \"$@\"; do\n if [ -z \"$dash\" ]; then\n # Check if there's a xserverrc specified.\n if [ \"${arg#/}\" != \"$arg\" ]; then\n xserverrc=''\n fi\n break\n elif [ \"$arg\" = '--' ]; then\n dash=\n fi\ndone\n\n# Never use display :0 (confusing if aura does not use X11)\ndisp=1\nwhile [ -f \"/tmp/.X$disp-lock\" ]; do\n disp=$((disp+1))\ndone\n\n# If possible, switch to VT1 to avoid strangeness when launching from VT2\nchvt 1 2>/dev/null || true\n\nexec /usr/bin/xinit /usr/local/bin/croutonxinitrc-wrapper \"$@\" $dash $xserverrc \":$disp\"\n" }, { "path": "chroot-bin/xiwi", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# Runs the specified X11 application in its own X server in Chromium OS.\n\nUSAGE=\"Usage: ${0##*/} [-f] [-F|-T] APPLICATION [PARAMETERS ...]\nLaunches a windowed session in Chromium OS for any graphical application.\nApplications launched in this way show in independent windows or tabs.\nAll parameters are passed to the specified application.\n\nBy default, the app is launched in a window.\n\nOptions:\n -F Launch the APPLICATION full-screen.\n -T Launch the APPLICATION in a tab.\n -f Prevent ${0##*/} from quitting automatically. (see NOTE below)\n\nNOTE:\n${0##*/} will normally close when the application returns. Some gui applications\nfork before or during normal operation, which can confuse ${0##*/} and cause it to\nquit prematurely. If your application does not have a parameter that prevents\nit from forking, and crouton is unable to automatically detect the fork, you can\nuse -f to prevent ${0##*/} from quitting automatically.\n${0##*/} will quit if you close the Chromium OS window when nothing is displayed.\n\nA default window manager will full-screen all windows, unless APPLICATION begins\nwith 'start' or is 'xinit'. You can cycle through multiple windows inside the\napplication via Ctrl-Alt-Tab/Ctrl-Alt-Shift-Tab, or close them via\nCtrl-Alt-Shift-Escape. If APPLICATION begins with 'start' but you still want to\nuse the default window manager, specify the full path of the application.\"\n\n. \"`dirname \"$0\"`/../installer/functions\"\nxiwicmd=\"`readlink -f -- \"$0\"`\"\nOPTSTRING='FfTt'\n\nif [ \"$#\" = 0 ]; then\n error 2 \"$USAGE\"\nelif [ \"$1\" = '/' ]; then\n shift 1\n foreground=''\n while getopts \"$OPTSTRING\" f; do\n case \"$f\" in\n f) foreground='y';;\n t|T|F) :;;\n \\?) error 2 \"$USAGE\";;\n esac\n done\n shift \"$((OPTIND-1))\"\n xsetroot -cursor_name left_ptr\n if [ \"$1\" != 'xinit' -a \"${1#start}\" = \"$1\" ]; then\n i3 -c \"/etc/crouton/xiwi.conf\" &\n # Wait for i3 to launch\n xprop -spy -root | grep -q _NET_ACTIVE_WINDOW\n # Launch the window title monitoring daemon\n # _NET_ACTIVE_WINDOW is more reliable than _NET_CLIENT_LIST_STACKING for\n # keeping track of the topmost window.\n xprop -spy -notype -root 0i ' $0\\n' '_NET_ACTIVE_WINDOW' 2>/dev/null | {\n name=\"`cat /etc/crouton/name`\"\n monpid=''\n monwid=''\n while read _ wid; do\n if [ \"$wid\" = \"$monwid\" ]; then\n continue\n fi\n if [ -n \"$monpid\" ]; then\n kill \"$monpid\" 2>/dev/null\n fi\n monwid=\"$wid\"\n (xprop -spy -notype -id \"$wid\" 'WM_NAME' 2>/dev/null || echo) \\\n | while read _ title; do\n title=\"${title%\\\"}\"\n xprop -root -f CROUTON_NAME 8s -set CROUTON_NAME \\\n \"$name/$1${title:+\": \"}${title#*\\\"}\"\n {\n echo -n 'C'\n croutoncycle l\n } | websocketcommand >/dev/null\n done &\n monpid=\"$!\"\n done\n if [ -n \"$monpid\" ]; then\n kill \"$monpid\" 2>/dev/null\n fi\n } &\n # Launch user init scripts\n if [ -f \"$HOME/.xiwirc\" ]; then\n /bin/sh \"$HOME/.xiwirc\" || true\n fi\n fi\n starttime=\"$(date +%s)\"\n \"$@\"\n endtime=\"$(date +%s)\"\n if [ -n \"$foreground\" -o \"$(($endtime-$starttime))\" -le 2 ]; then\n xprop -spy -notype -root 0i ' $0\\n' 'CROUTON_CONNECTED' \\\n | while read _ connected; do\n if [ \"$connected\" != 0 ]; then\n continue\n fi\n # _NET_CLIENT_LIST_STACKING is more reliable than\n # _NET_ACTIVE_WINDOW for detecting when no windows exist\n if ! xprop -notype -root '_NET_CLIENT_LIST_STACKING' \\\n | grep -q '0x'; then\n kill \"$$\"\n break\n fi\n done\n fi\nelse\n export XMETHOD='xiwi-window'\n while getopts \"$OPTSTRING\" f; do\n case \"$f\" in\n f) :;;\n F) export XMETHOD='xiwi-fullscreen';;\n t|T) export XMETHOD='xiwi-tab';;\n \\?) error 2 \"$USAGE\";;\n esac\n done\n eval \"exe=\\\"\\$$OPTIND\\\"\"\n if ! hash \"$exe\" 2>/dev/null; then\n error 2 \"${0##*/}: $exe: not found\"\n fi\n exec /usr/local/bin/xinit \"$xiwicmd\" / \"$@\"\nfi\n" }, { "path": "chroot-etc/kodi-cycle.py", "content": "#!/usr/bin/env python\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n#\n# Python script to call croutoncycle. This is needed to let the \n# hotkeys ctr-shift-alt F1/F2 work when kodi is in fullscreen.\nimport subprocess\nimport sys\n\nif len(sys.argv) == 2 and sys.argv[1] in (\"prev\", \"next\"):\n exitcode = subprocess.call([\"/usr/local/bin/croutoncycle\", sys.argv[1]])\nelse:\n sys.stderr.write(\"Usage: %s prev|next\\n\" % str(sys.argv[0]))\n exitcode = 2\nsys.exit(exitcode)\n" }, { "path": "chroot-etc/kodi-keyboard.xml", "content": "\n\n\n\n\n\n \n \n RunScript(/etc/crouton/kodi-cycle.py,prev)\n RunScript(/etc/crouton/kodi-cycle.py,next)\n \n \n\n" }, { "path": "chroot-etc/pulseaudio-default.pa", "content": "#!/usr/bin/pulseaudio -nF\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# Include default configuration first\n.include /etc/pulse/default.pa\n\n# Forward audio to Chromium OS audio server\nload-module module-alsa-sink device=cras sink_name=cras-sink\nload-module module-alsa-source device=cras source_name=cras-source\nset-default-sink cras-sink\nset-default-source cras-source\n" }, { "path": "chroot-etc/unity-autostart.desktop", "content": "# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n[Desktop Entry]\nType=Application\nName=crouton autostart script for Unity\nExec=/usr/local/bin/crouton-unity-autostart\nOnlyShowIn=Unity;\nNoDisplay=true\nX-GNOME-Autostart-Phase=Initialization\nX-GNOME-Autostart-Notify=true\nX-GNOME-AutoRestart=true\n" }, { "path": "chroot-etc/unity-profiled", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n#\n# Helper script for Unity called at user login.\n# Right now this just sets up .desktop files in the user's autostart\n# directory to override global autostart.\n\nRELEASE=\"`/usr/local/bin/croutonversion -r`\"\n\n# unity-settings-daemon should run instead of gnome-settings-daemon in trusty\nif [ \"$RELEASE\" = 'trusty' -o \"$RELEASE\" = 'xenial' ]; then\n autostartdir=\"$HOME/.config/autostart\"\n mkdir -p \"$autostartdir\"\n cat > \"$autostartdir\"/gnome-settings-daemon.desktop <&2\n exit 1\n fi\nfi\n\nxserverrc=\"/etc/crouton/xserverrc-${XMETHOD%%-*}\"\nif [ \"${XMETHOD##*/}\" != \"$XMETHOD\" -o ! -f \"$xserverrc\" ]; then\n echo \"Invalid X11 backend '$XMETHOD'\" 1>&2\n exit 2\nfi\n\n. \"$xserverrc\"\n" }, { "path": "chroot-etc/xserverrc-local.example", "content": "#!/bin/sh\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# Sample script to customize X server invocation. To activate copy it to\n# /etc/crouton/xserverrc-local\n#\n# The file is sourced before invoking the X server with the variable\n# XMETHOD set to xiwi, or xorg and the variable XARGS containing the\n# command line arguments that will be passed to the server.\n#\n# Uncoment if fonts look too big on machines with 1366x768 11.6\" screen\n#XARGS=\"$XARGS -dpi 135x135\"\n" }, { "path": "chroot-etc/xserverrc-xiwi", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nlogfile=\"/tmp/Xorg.crouton.$$.log\"\nfor arg in \"$@\"; do\n disp=\"`echo \"$arg\" | sed -n 's/^\\:\\([0-9]*\\)$/\\1/p'`\"\n if [ -n \"$disp\" ]; then\n logfile=\"/tmp/Xorg.crouton.$disp.log\"\n fi\ndone\n\nif [ \"${XMETHOD%%-*}\" != 'xiwi' ]; then\n export XMETHOD='xiwi'\nfi\nXARGS=\"-nolisten tcp -config xorg-dummy.conf -logfile $logfile\"\nif [ -f /etc/crouton/xserverrc-local ]; then\n . /etc/crouton/xserverrc-local\nfi\n\nexec /usr/bin/Xorg $XARGS \"$@\"\n" }, { "path": "chroot-etc/xserverrc-xorg", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nif [ \"${XMETHOD%%-*}\" != 'xorg' ]; then\n export XMETHOD='xorg'\nfi\nXARGS='-nolisten tcp'\nif [ -f /etc/crouton/xserverrc-local ]; then\n . /etc/crouton/xserverrc-local\nfi\n\nX=/usr/bin/X\n\n# Handle Freon systems\nif [ ! -f \"/sys/class/tty/tty0/active\" ]; then\n # We won't be able to launch properly if running from frecon\n ppid=\"$$\"\n while [ -n \"$ppid\" -a \"$ppid\" -ne 1 ]; do\n ppid=\"`ps -p \"$ppid\" -o 'ppid=' 2>/dev/null | sed 's/ //g'`\"\n if ps -p \"$ppid\" -o 'comm=' | grep -q '^frecon$'; then\n echo 'Xorg X11 servers cannot be launched from Frecon.' 1>&2\n echo 'Return to Chromium OS and use crosh to launch X.' 1>&2\n exit 2\n fi\n done\n # Prepare lock file\n mkdir -p '/tmp/crouton-lock'\n touch '/tmp/crouton-lock/display'\n chmod -Rf g+rwX '/tmp/crouton-lock'\n chgrp -Rf crouton '/tmp/crouton-lock'\n # Freon necessitates the preload hack for X to coexist\n X=/usr/bin/Xorg\n logfile=\"/tmp/Xorg.crouton.$$.log\"\n for arg in \"$@\"; do\n disp=\"`echo \"$arg\" | sed -n 's/^\\:\\([0-9]*\\)$/\\1/p'`\"\n if [ -n \"$disp\" ]; then\n logfile=\"/tmp/Xorg.crouton.$disp.log\"\n fi\n done\n XARGS=\"$XARGS -logfile $logfile\"\n export LD_PRELOAD=\"/usr/local/lib/croutonfreon.so:$LD_PRELOAD\"\nfi\n\nexec \"$X\" $XARGS \"$@\"\n" }, { "path": "host-bin/crash_reporter_wrapper", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\n# When launched from the kernel, PATH is not set and stderr is closed\nif [ ! -t 0 ]; then\n exec 2>/var/log/crash_reporter_wrapper.log\n export PATH='/bin:/sbin:/usr/bin:/usr/sbin'\nfi\n\nAPPLICATION=\"${0##*/}\"\nCORE_PATTERN_PARAMS='%p %s %u %g %e %h %t %E'\nCORE_PATTERN_PARAMS_COUNT=8\nCORE_PATTERN=\"|`readlink -f -- \"$0\"` $CORE_PATTERN_PARAMS\"\nCORE_PATTERN_FILE='/var/run/crw/core_pattern'\nCORE_PATTERN_PROC='/proc/sys/kernel/core_pattern'\nDEFAULT_CHROOT_PATTERN=''\nIDEAL_LOCATION='/var/run/crw/crw'\n\nUSAGE=\"$APPLICATION register\n$APPLICATION $CORE_PATTERN_PARAMS\n\nHandles system core dumps, passing the dump through to Chromium OS's\ncrash_reporter or processing it as the chroot requests, depending on what\nnamespace the process belongs to.\n\nThe first form should be run as root, and sets $CORE_PATTERN_PROC\nto use this script as the core dump pipe program.\n\nThe second form is expected to be called by the kernel upon program crash, via\nthe core_pattern set with the first form. The script checks if the crashing\nPID's root has an /etc/crouton/core_pattern and uses that to emulate the\nkernel's handling of the core_pattern proc entry.\"\n\n\n# Outputs a parameter by core_pattern name (e.g. %p prints out the expanded $1)\n# If the parameter doesn't exist, outputs an error to stderr and returns $1\n# $1: the parameter name, either in the form of \"%p\" or just \"p\"\n# $2+: must be \"$@\"\nget_parameter() {\n local param=\"%${1#%}\" param_names=\"$CORE_PATTERN_PARAMS \"\n if [ \"$param\" = '%%' ]; then\n echo -n '%'\n return\n elif [ \"$param\" = '%c' ]; then\n echo -n \"$core_limit\"\n return\n fi\n shift\n while [ \"$param\" != \"${param_names%% *}\" ]; do\n param_names=\"${param_names#* }\"\n if [ -z \"$param_names\" ]; then\n echo \"$param not provided for core_pattern\" 1>&2\n echo -n \"$param\"\n return\n fi\n shift\n done\n echo -n \"$1\"\n}\n\n# Takes the specified string and expands included parameters\n# Outputs result to stdout\n# $1: the string to expand and escape\n# $2+: must be \"$@\"\nexpand_parameters() {\n local unexpanded=\"$1%\" remain param\n shift\n while [ -n \"$unexpanded\" ]; do\n param=\"${unexpanded%%%*}\"\n echo -n \"$param\"\n remain=\"${unexpanded#*%?}\"\n if [ \"$remain\" = \"$unexpanded\" ]; then\n break\n fi\n param=\"${unexpanded#\"$param\"}\"\n param=\"${param%\"$remain\"}\"\n unexpanded=\"$remain\"\n get_parameter \"$param\" \"$@\"\n done\n}\n\n# Takes stdin and escapes it to be safe within single-quotes\n# Outputs result to stdout\n# Converts ' to '\\''\nescape() {\n sed \"s/'/'\\\\\\\\\\\\''/g\"\n}\n\n\nif [ \"$#\" != 1 -a \"$#\" != \"$CORE_PATTERN_PARAMS_COUNT\" ]; then\n echo \"$USAGE\" 1>&2\n exit 2\nfi\n\nif [ \"$#\" = 1 -a \"$1\" != 'register' ]; then\n echo \"$USAGE\" 1>&2\n exit 2\nfi\n\nif [ \"${UID:-0}\" != 0 -o \"${USER:-root}\" != 'root' ]; then\n echo \"$APPLICATION must be run as root.\" 1>&2\n exit 2\nfi\n\nif [ \"$#\" = 1 ]; then\n # Always register the script from /var/run for safety\n if [ \"$0\" != \"$IDEAL_LOCATION\" ]; then\n dir=\"${IDEAL_LOCATION%/*}\"\n if ! mountpoint \"$dir\" >/dev/null 2>/dev/null; then\n mkdir -p \"$dir\"\n mount -t tmpfs \\\n -o 'rw,nosuid,nodev,exec,noatime,mode=700,size=128K' \\\n tmpfs \"$dir\"\n fi\n cp -fT \"$0\" \"$IDEAL_LOCATION\"\n chmod 500 \"$IDEAL_LOCATION\"\n exec \"$IDEAL_LOCATION\" \"$@\"\n fi\n # Store Chromium OS's core pattern for passthrough usage\n if [ ! -f \"$CORE_PATTERN_FILE\" ]; then\n cat \"$CORE_PATTERN_PROC\" > \"$CORE_PATTERN_FILE\"\n fi\n # Register ourselves as the coredump handler\n echo \"$CORE_PATTERN\" > \"$CORE_PATTERN_PROC\"\n exit 0\nfi\n\n# It's a core dump! See CORE(5) for details in emulating core_pattern.\npattern=''\n\n# $1 is the pid of the process. Check the process's root for etc/crouton\npid=\"$1\"\nroot=\"/proc/$pid/root\"\ncwd=\"/proc/$pid/cwd\"\ncroutondir=\"$root/etc/crouton\"\nif [ -d \"$croutondir\" ]; then\n # Looks like a chroot (or a very weird rootfs, but that's unlikely)\n # Grab the chroot's pattern or use the default if the file doesn't exist\n if [ -f \"$croutondir/core_pattern\" ]; then\n # File exists; first non-empty, non-comment line is the core_pattern\n pattern=\"`awk '/^[^#]/ { print $0; exit }' \"$croutondir/core_pattern\"`\"\n else\n pattern=\"$DEFAULT_CHROOT_PATTERN\"\n fi\nelse\n # Probably a Chromium process. Grab the backed-up core pattern.\n if [ -f \"$CORE_PATTERN_FILE\" ]; then\n pattern=\"`cat \"$CORE_PATTERN_FILE\"`\"\n else\n echo \"$APPLICATION was not properly registered as the core_pattern.\" 1>&2\n echo \"You must register using '$0 register'\" 1>&2\n exit 2\n fi\nfi\n\n# If the pattern is empty, just exit.\nif [ -z \"$pattern\" ]; then\n exit 0\nfi\n\n# Remove the pipe character so we can play with the path generically\nispipe=''\nif [ \"${pattern#|}\" != \"$pattern\" ]; then\n ispipe='y'\n pattern=\"${pattern#|}\"\n # Pipe paths must be absolute\n if [ \"${pattern#/}\" = \"$pattern\" ]; then\n echo \"core_pattern '|$pattern' is not absolute\" 1>&2\n exit 2\n fi\nfi\n\n# Get the core size limit for the process\ncore_limit=\"`awk '/^Max core file size/ {\n printf ($5==\"unlimited\") ? -1 : $5; exit\n }' \"/proc/$pid/limits\"`\"\n\n# Prepare the file to operate on\nif [ -z \"$ispipe\" ]; then\n # Don't bother if core file size limit is 0\n if [ \"$core_limit\" = 0 ]; then\n exit 0\n fi\n # If this is not a pipe, we need to expand the %'s here.\n file=\"`expand_parameters \"$pattern\" \"$@\"`\"\nelse\n # For pipes, path is anything up to a space\n file=\"${pattern%% *}\"\n pattern=\"${pattern#\"$file\"}\"\nfi\n\n# Fix up the path to be working directory-relative\nif [ \"${file#/}\" = \"$file\" ]; then\n file=\"$cwd/$file\"\nfi\n\n# Canonicalize within the chroot and escape the filename to work within quotes\nfile=\"`chroot \"$root\" readlink -m -- \"/${file%/*}\"`/${file##*/}\"\nfile=\"`echo -n \"$file\" | escape`\"\n\n# Prepare the command to run inside the chroot as the appropriate user\nif [ -z \"$ispipe\" ]; then\n cmd=\"\n if [ -e '$file' -a ! -f '$file' ] || [ -h '$file' ]; then\n echo \\\"Not overwriting '$file'; it is not a regular file\\\" 1>&2\n elif [ -f '$file' ] && [ \\\"\\`stat -c '%h' '$file'\\`\\\" != 1 ]; then\n echo \\\"Not overwriting '$file'; it is multiply linked\\\" 1>&2\n elif [ '$core_limit' = -1 ] && cat > '$file'; then\n exit 0\n elif [ '$core_limit' != -1 ] && head -c '$core_limit' > '$file'; then\n exit 0\n fi\n exit 1\n \"\n username=\"`chroot \"$root\" ps -ouser= -p \"$pid\"`\"\nelse\n # Finally need to expand the parameters here\n cmd=\"exec '$file'\"\n params=\"$pattern \"\n while [ -n \"$params\" ]; do\n param=\"${params%% *}\"\n params=\"${params#* }\"\n if [ -n \"$param\" ]; then\n cmd=\"$cmd '`expand_parameters \"$param\" \"$@\" | escape`'\"\n fi\n done\n username='root'\nfi\n\n# Run the generated command within the appropriate chroot\nexec chroot \"$root\" su -s '/bin/sh' -c \"$cmd\" - \"$username\"\n" }, { "path": "host-bin/edit-chroot", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\nAPPLICATION=\"${0##*/}\"\nALLCHROOTS=''\nBACKUP=''\nBINDIR=\"`dirname \"\\`readlink -f -- \"$0\"\\`\"`\"\nCHROOTS=\"`readlink -m -- \"$BINDIR/../chroots\"`\"\nDELETE=''\nENCRYPT=''\nKEYFILE=''\nLISTDETAILS=''\nMOVE=''\nCOPY=''\nNEEDS_UNMOUNT=''\nRESTORE=''\nSPLIT=''\nTARBALL=''\nYES=''\nYESPARAM=''\n\nUSAGE=\"$APPLICATION [options] name [...]\n\nEdits a chroot.\n\nOptions:\n -a Operates on all chroots in $CHROOTS.\n If no other operation is specified, prints out the names of the chroots.\n -c CHROOTS Directory the chroots are in. Default: $CHROOTS\n -b Backs up the chroot to a tarball. Compression format is chosen\n based on the tarball extension. Backups always take place before\n other actions on a given chroot.\n -d Deletes the chroot. Assumed if run as delete-chroot.\n -e If the chroot is not encrypted, encrypt it.\n If it is encrypted, change the encryption passphrase.\n -f TARBALL When used with -b, overrides the default tarball to back up to.\n If unspecified, assumes NAME-yyyymmdd-hhmm.tar[.gz], where .gz\n is included for unencrypted chroots, and not for encrypted ones.\n When used with -r, specifies the tarball to restore from.\n If TARBALL is a directory, automatic naming is still used.\n If multiple chroots are specified, TARBALL must be a directory.\n -k KEYFILE File or directory to store the (encrypted) encryption keys in.\n If unspecified, the keys will be stored in the chroot if doing a\n first encryption, or left in place on existing chroots.\n If specified, keyfile will be moved. Specify a dash - as the\n KEYFILE to move the key back into the chroot.\n If multiple chroots are specified, KEYFILE must either be -\n or a directory.\n -l Prints out croutonversion details on the chroot, if available.\n Specify twice to prompt and unlock encrypted chroots as necessary.\n -m DEST Moves a chroot. Specify a new name to keep it in the same\n directory, or an absolute path to move it entirely.\n DEST can be a directory, in which case it must end in a slash.\n If multiple chroots are specified, DEST must be a directory.\n If you are moving a chroot to a SD card/USB drive, make sure the\n storage is formatted to ext2/3/4.\n -C DEST Like -m, but copies instead of moves.\n -r Restores a chroot from a tarball. The tarball path can be\n specified with -f or detected from name. If both are specified,\n restores to that name instead of the one in the tarball.\n Will not overwrite a chroot when restoring unless -r is\n specified twice.\n -s SPLIT Force a backup archive to be split into SPLIT-sized chunks.\n SPLIT is specified in megabytes (1048576 bytes), and cannot be\n smaller than 10.\n FAT32 filesystems are split by default to fit within 4GB.\n -y Do all actions without confirmation.\"\n\n# Common functions\n. \"$BINDIR/../installer/functions\"\n\n# Process arguments\ngetopts_string='abc:C:def:k:lm:rs:y'\nwhile getopts_nextarg; do\n case \"$getopts_var\" in\n a) ALLCHROOTS='y';;\n b) BACKUP='y'; NEEDS_UNMOUNT='y';;\n c) CHROOTS=\"`readlink -m -- \"$getopts_arg\"`\";;\n C) COPY=\"$getopts_arg\"; NEEDS_UNMOUNT='y';;\n d) DELETE='y'; NEEDS_UNMOUNT='y';;\n e) ENCRYPT='y'; NEEDS_UNMOUNT='y';;\n f) TARBALL=\"$getopts_arg\";;\n k) KEYFILE=\"$getopts_arg\";;\n l) LISTDETAILS=$(($LISTDETAILS+1));;\n m) MOVE=\"$getopts_arg\"; NEEDS_UNMOUNT='y';;\n r) RESTORE=$(($RESTORE+1)); NEEDS_UNMOUNT='y';;\n s) SPLIT=\"$getopts_arg\";;\n y) YES='a'; YESPARAM='-y';;\n \\?) error 2 \"$USAGE\";;\n esac\ndone\n\n# If the executable name is delete*, assume DELETE.\nif [ \"${APPLICATION#delete}\" != \"$APPLICATION\" ]; then\n DELETE='y'\n NEEDS_UNMOUNT='y'\nfi\n\n# At least one command must be specified\nif [ -z \"$ALLCHROOTS$BACKUP$DELETE$ENCRYPT$KEYFILE$LISTDETAILS$MOVE$COPY$RESTORE\" ]; then\n error 2 \"$USAGE\"\nfi\n\n# Need at least one chroot listed if not using -r with -f or -a.\nif [ $# = 0 ] && ! [ -n \"$RESTORE\" -a -n \"$TARBALL\" -o -n \"$ALLCHROOTS\" ]; then\n error 2 \"$USAGE\"\nfi\n\n# Cannot specify a chroot and -a.\nif [ $# -gt 0 -a -n \"$ALLCHROOTS\" ]; then\n error 2 \"$USAGE\"\nfi\n\n# -f without -r or -b doesn't make sense\nif [ -n \"$TARBALL\" -a -z \"$BACKUP$RESTORE\" ]; then\n error 2 \"$USAGE\"\nfi\n\n# Cannot specify both backup and restore.\nif [ -n \"$BACKUP\" -a -n \"$RESTORE\" ]; then\n error 2 \"$USAGE\"\nfi\n\n# Cannot specify both copy and move.\nif [ -n \"$COPY\" -a -n \"$MOVE\" ]; then\n error 2 \"$USAGE\"\nfi\n\n# Cannot specify delete with anything else.\nif [ -n \"$DELETE\" -a -n \"$BACKUP$ENCRYPT$KEYFILE$MOVE$COPY$RESTORE\" ]; then\n error 2 \"$USAGE\"\nfi\n\n# Make sure SPLIT is reasonable\nif [ -n \"$SPLIT\" ] && [ \"$SPLIT\" -lt 10 -o -z \"$BACKUP\" ]; then\n error 2 \"$USAGE\"\nfi\n\n# If we specified -a option, bring in all chroots.\nif [ -n \"$ALLCHROOTS\" ]; then\n if [ ! -d \"$CHROOTS\" ]; then\n error 1 \"$CHROOTS not found.\"\n fi\n for crname in \"$CHROOTS\"/*; do\n if [ -d \"$crname\" ]; then\n set -- \"$@\" \"${crname##*/}\"\n fi\n done\n if [ $# = 0 ]; then\n error 1 \"No chroots found in $CHROOTS\"\n fi\nfi\n\n# If TARBALL is unspecified and we're in /, put the tarball in ~/Downloads\nif [ -n \"$BACKUP$RESTORE\" -a -z \"$TARBALL\" -a \"$PWD\" = '/' \\\n -a -d '/home/chronos/user/Downloads' ]; then\n TARBALL=\"/home/chronos/user/Downloads/\"\nfi\n\n# If multiple chroots are listed, KEYFILE and MOVE and COPY must be empty or directories.\nif [ $# -gt 1 -a -f \"$KEYFILE\" -a \"$KEYFILE\" != '-' ]; then\n error 2 \"Multiple chroots specified, but $KEYFILE is not a directory.\"\nelif [ $# -gt 1 -a -n \"$MOVE\" -a \"${MOVE%/}\" = \"$MOVE\" ]; then\n error 2 \"Multiple chroots specified, but $MOVE is not a directory.\"\nelif [ $# -gt 1 -a -n \"$COPY\" -a \"${COPY%/}\" = \"$COPY\" ]; then\n error 2 \"Multiple chroots specified, but $COPY is not a directory.\"\nelif [ $# -gt 1 -a -f \"$TARBALL\" ]; then\n error 2 \"Multiple chroots specified, but $TARBALL is not a directory.\"\nfi\n\n# Don't allow moving to non-ext filesystems (but don't check if just renaming)\nif [ -n \"$MOVE\" -a \"${MOVE#*/}\" != \"$MOVE\" ] && \\\n df -T \"`getmountpoint \"$MOVE\"`\" | awk '$2~\"^ext\"{exit 1}'; then\n error 2 \"Chroots can only be moved to ext filesystems.\"\nfi\n\n# Don't allow copying to non-ext filesystems (but don't check if in same directory)\nif [ -n \"$COPY\" -a \"${COPY#*/}\" != \"$COPY\" ] && \\\n df -T \"`getmountpoint \"$COPY\"`\" | awk '$2~\"^ext\"{exit 1}'; then\n error 2 \"Chroots can only be copied to ext filesystems.\"\nfi\n\n# Don't allow restoring to non-ext filesystems\nif [ -n \"$RESTORE\" ] && \\\n df -T \"`getmountpoint \"$CHROOTS\"`\" | awk '$2~\"^ext\"{exit 1}'; then\n error 2 \"Chroots can only be restored to ext filesystems.\"\nfi\n\n# Don't allow backing up to tmpfs filesystems\nif [ -n \"$BACKUP\" ] && ! df -T \"`getmountpoint \"${TARBALL:-.}\"`\" \\\n | awk '$2==\"tmpfs\"{exit 1}'; then\n error 2 \"Chroots cannot be backed up to temporary filesystems.\"\nfi\n\n# We need to run as root\nif [ \"$USER\" != root -a \"$UID\" != 0 ]; then\n error 2 \"$APPLICATION must be run as root.\"\nfi\n\n# Strongly advise against moving a keyfile to a tmpfs path\nif [ \"${KEYFILE:--}\" != '-' ] && \\\n ! df -T \"`getmountpoint \"$KEYFILE\"`\" | awk '$2==\"tmpfs\"{exit 1}'; then\n echo -n '\\\nMoving a keyfile to a temporary filesystem is a really good way to permanently\nlose access to your chroot. If you still want to do this, wait for 15 seconds.\nOtherwise: HIT CTRL-C RIGHT NOW > ' 1>&2\n sleep 15\n echo \\\n'...okay. Be sure to put the keyfile somewhere safe before you reboot.' 1>&2\nfi\n\n# If we're restoring and specified a tarball and no name, detect the name.\nif [ -n \"$RESTORE\" -a -n \"$TARBALL\" -a $# = 0 ]; then\n echo 'Detecting chroot name...' 1>&2\n label=\"`tar --test-label -f \"$TARBALL\" 2>/dev/null`\"\n if [ -n \"$label\" ]; then\n if [ \"${label#crouton:backup}\" = \"$label\" ]; then\n error 2 \"$TARBALL doesn't appear to be a valid crouton backup.\"\n fi\n NAME=\"${label#*-}\"\n else\n # Old backups just use the first folder name\n NAME=\"`tar -tf \"$TARBALL\" 2>/dev/null | head -n 1`\"\n NAME=\"${NAME%%/*}\"\n fi\n if [ -z \"$NAME\" ]; then\n error 2 \"$TARBALL doesn't appear to be a valid tarball.\"\n fi\n set -- \"$NAME\"\nfi\n\n# Make sure that all names are valid chroot names.\n# For anything but restore, make sure all chroots exist before doing anything.\nfor NAME in \"$@\"; do\n if ! validate_name \"$NAME\"; then\n error 2 \"Invalid chroot name '$NAME'.\"\n fi\n\n if [ -z \"$RESTORE\" ]; then\n CHROOT=\"$CHROOTS/$NAME\"\n\n # Check for existence\n if [ ! -d \"$CHROOT\" ]; then\n extra=''\n if [ \"${NAME#-}\" != \"$NAME\" ]; then\n extra=\"\nPlease specify all options before chroot names.\"\n fi\n error 2 \"$CHROOT not found.$extra\"\n fi\n fi\ndone\n\n# Display all chroot names if using -a without any other operations.\nif [ -n \"$ALLCHROOTS\" -a -z \"$BACKUP$DELETE$ENCRYPT$KEYFILE$LISTDETAILS$MOVE$COPY$RESTORE\" ]; then\n echo \"$@\"\n exit 0\nfi\n\n# If TARBALL ends in a slash or we're restoring multiple chroots, make directory\nif [ -n \"$TARBALL\" ] && \\\n [ $# -ge 2 -o -d \"$TARBALL\" -o \"${TARBALL%/}\" != \"$TARBALL\" ]; then\n TARBALL=\"${TARBALL%/}/\"\n mkdir -p \"$TARBALL\"\nfi\n\n# Avoid kernel panics due to slow I/O\ndisablehungtask\n\n# Make sure we always exit with echo on the tty.\naddtrap \"stty echo 2>/dev/null\"\n\n# Prints out a fancy spinner that updates every time a line is fed in, unless\n# the output is not to a tty, in which case it just prints a new line.\n# $1: number of lines between each update of the spinner\n# $2...: Command to be run\n# Erases the line each time, so it will always be at position 0.\n# Either expect this and put text later in the line, or give this its own line.\nspinner() {\n local spin=\"$1\"\n shift\n if [ -t 2 ]; then\n # Keep track of the exit status of the piped command\n local ret=\"`((\"$@\" || echo \"$?\" 1>&3) | mawk -Winteractive '\n BEGIN {\n printf \"\\r\"\n }\n {\n y = (y+1) % '\"$spin\"'\n if (y == 0) {\n x = (x+1) % 4\n printf substr(\"\\|/-\", x+1, 1) \"\\r\"\n }\n }' 1>&2) 3>&1`\"\n if [ -n \"$ret\" ]; then\n return \"$ret\"\n fi\n else\n echo 1>&2\n \"$@\" 1>/dev/null\n fi\n}\n\n# Process each chroot\nfor NAME in \"$@\"; do\n # Double check $NAME (better paranoid than sorry)\n if ! validate_name \"$NAME\"; then\n error 2 \"Invalid chroot name '$NAME'.\"\n fi\n CHROOT=\"$CHROOTS/$NAME\"\n\n # Check for existence and unmount/delete the chroot.\n if [ -d \"$CHROOT\" ]; then\n if [ -n \"$LISTDETAILS\" ]; then\n getversion='y'\n echo \"name: $NAME\"\n if [ -f \"$CHROOT/.ecryptfs\" ]; then\n if [ ! -d \"/var/run/crouton/$CHROOT\" \\\n -a \"$LISTDETAILS\" -gt 1 ]; then\n sh \"$BINDIR/mount-chroot\" -c \"$CHROOTS\" -- \"$NAME\" || true\n fi\n if mountpoint -q \"/var/run/crouton/$CHROOT\"; then\n echo \"encrypted: yes, unlocked\"\n else\n echo \"encrypted: yes, locked\"\n getversion='n'\n fi\n else\n echo \"encrypted: no\"\n fi\n if [ \"$getversion\" = 'y' ]; then\n CROUTON_NO_UNMOUNT=1 sh \"$BINDIR/enter-chroot\" \\\n -c \"$CHROOTS\" -n \"$NAME\" -x /usr/local/bin/croutonversion \\\n || true\n fi\n fi\n if [ \"$RESTORE\" = 1 ]; then\n error 2 \"$CHROOT already exists! Specify a second -r to overwrite it (dangerous).\"\n elif [ -n \"$RESTORE\" ]; then\n EXISTS='y'\n elif ! sh -e \"$BINDIR/unmount-chroot\" $YESPARAM \\\n -c \"$CHROOTS\" -- \"$NAME\"; then\n if [ -n \"$NEEDS_UNMOUNT\" ]; then\n exit 1\n fi\n fi\n elif [ -n \"$RESTORE\" ]; then\n EXISTS=''\n else\n # This should have been caught earlier\n error 2 \"$CHROOT not found.\"\n fi\n\n # Delete the chroot?\n if [ -n \"$DELETE\" ]; then\n # Confirm deletion\n if [ \"${YES#[Aa]}\" = \"$YES\" ]; then\n echo -n \"Delete $CHROOT? [a/y/N] \" 1>&2\n if [ -n \"$CROUTON_EDIT_RESPONSE\" ]; then\n YES=\"$CROUTON_EDIT_RESPONSE\"\n echo \"$YES\" 1>&2\n else\n read -r YES\n fi\n if [ \"${YES#[AaYy]}\" = \"$YES\" ]; then\n error 2 \"Aborting deletion of $CHROOT\"\n fi\n fi\n # Delete the chroot\n echo -n \" Deleting $CHROOT...\" 1>&2\n spinner 1000 rm -rvf --one-file-system \"$CHROOT\"\n echo \"Finished deleting $CHROOT\" 1>&2\n continue\n fi\n\n # Backup the chroot\n if [ -n \"$BACKUP\" ]; then\n dest=\"$TARBALL\"\n date=\"`date '+%Y%m%d-%H%M'`\"\n if [ -z \"$dest\" -o -d \"$TARBALL\" ]; then\n dest=\"$TARBALL$NAME-$date.tar\"\n # Only compress if it's not encrypted (it'd be a waste of time)\n if [ ! -f \"$CHROOT/.ecryptfs\" ]; then\n dest=\"$dest.gz\"\n fi\n fi\n # If we're writing to a fat32 filesystem, split the file at 4GB chunks\n if ! df -T \"`getmountpoint \"$dest\"`\" | awk '$2~\"^v?fat\"{exit 1}'; then\n SPLIT=\"${SPLIT:-4095}\"\n fi\n if [ -n \"$SPLIT\" ]; then\n tardest=\"`mktemp -d --tmpdir=/tmp 'crouton-backup.XXX'`\"\n addtrap \"rm -rf '$tardest'\"\n tardest=\"$tardest/pipe.${dest##*/}\"\n mkfifo -m 600 \"$tardest\"\n split -b \"${SPLIT}m\" -a 4 \"$tardest\" \"$dest.part-\" &\n splitpid=\"$!\"\n else\n tardest=\"$dest\"\n splitpid=''\n fi\n echo -n \" Backing up $CHROOT to $(readlink -m -- \"$dest\")...\" 1>&2\n addtrap \"echo 'Deleting partial archive.' 1>&2; \\\n kill '$splitpid' 2>/dev/null; rm -f '$dest' '$dest.part-'*\"\n ret=0\n spinner 1 tar --checkpoint=100 --checkpoint-action=exec=echo \\\n --one-file-system -V \"crouton:backup.${date%-*}${date#*-}-$NAME\" \\\n -caf \"$tardest\" -C \"$CHROOTS\" \"$NAME\" || ret=\"$?\"\n if [ -n \"$SPLIT\" ]; then\n wait \"$splitpid\" || ret=\"$?\"\n mv -f \"$dest.part-aaaa\" \"$dest\" || ret=\"$?\"\n fi\n if [ \"$ret\" -ne 0 ]; then\n echo \"Unable to backup $CHROOT.\" 1>&2\n exit \"$ret\"\n fi\n # Make sure filesystem is sync'ed\n sync\n undotrap\n echo \"Finished backing up $CHROOT to $dest\" 1>&2\n fi\n\n # Restore the chroot\n if [ -n \"$RESTORE\" ]; then\n src=\"$TARBALL\"\n if [ -z \"$src\" -o -d \"$TARBALL\" ]; then\n src=''\n file=\"$TARBALL$NAME\"\n # Search for the alphabetically last tarball with src.\n # Dated tarballs take precedence over undated tarballs.\n for file in \"$file.\"* \"$file-\"*; do\n if [ \"${file%.part-[a-z][a-z][a-z][a-z]}\" != \"$file\" \\\n -o ! -f \"$file\" ]; then\n continue\n fi\n # Confirm it's a tarball\n if ! tar --test-label -f \"$file\" >/dev/null 2>&1; then\n continue\n fi\n # Since * alphabetizes, always keep the last one\n src=\"$file\"\n done\n if [ -z \"$src\" ]; then\n error 2 \"Unable to find a tarball for $NAME. You can specify one with -f.\"\n fi\n echo \"Found $src for restoring $NAME.\" 1>&2\n elif ! tar --test-label -f \"$src\" >/dev/null 2>&1; then\n error 2 \"$src doesn't appear to be a valid tarball.\"\n fi\n if [ -n \"$EXISTS\" ]; then\n echo \"WARNING: $CHROOT already exists. Deleting it before restoring.\" 1>&2\n echo \"Press Control-C to abort; restoration will continue in 5 seconds.\" 1>&2\n sleep 5\n sh -e \"$BINDIR/edit-chroot\" -d -y -c \"$CHROOTS\" \"$NAME\"\n fi\n echo -n \" Restoring $src to $CHROOT...\" 1>&2\n mkdir -p \"$CHROOT\"\n if [ -f \"$src.part-aaab\" ]; then\n # Detect the type of compression before sending it through a fifo\n for tarparam in -z -j -J -Z --no-auto-compress fail; do\n if [ \"$tarparam\" = 'fail' ]; then\n error 2 \"Unable to detect compression method of $src\"\n elif tar $tarparam --test-label -f \"$src\" >/dev/null 2>&1; then\n break\n fi\n done\n # Don't let tar get tripped up by cat's incomplete writes\n tarparam=\"$tarparam -B\"\n tarsrc=\"`mktemp -d --tmpdir=/tmp 'crouton-restore.XXX'`\"\n addtrap \"rm -rf '$tarsrc'\"\n tarsrc=\"$tarsrc/pipe\"\n mkfifo -m 600 \"$tarsrc\"\n cat \"$src\" \"$src.part\"* >> \"$tarsrc\" &\n catpid=\"$!\"\n addtrap \"kill '$catpid' 2>/dev/null\"\n else\n tarsrc=\"$src\"\n tarparam='-a'\n catpid=''\n fi\n spinner 1 tar --checkpoint=200 --checkpoint-action=exec=echo $tarparam \\\n --one-file-system -xf \"$tarsrc\" -C \"$CHROOT\" --strip-components=1\n if [ -n \"$catpid\" ]; then\n wait \"$catpid\"\n fi\n # Make sure filesystem is sync'ed\n sync\n echo \"Finished restoring $src to $CHROOT\" 1>&2\n fi\n\n # Update the keyfile\n if [ -n \"$KEYFILE\" ]; then\n newkeyfile=\"$KEYFILE\"\n # Find the current keyfile\n oldkeyfile=\"$CHROOT/.ecryptfs\"\n if [ -f \"$oldkeyfile\" ]; then\n header=\"`head -n1 \"$oldkeyfile\"`\"\n if [ -n \"$header\" ]; then\n oldkeyfile=\"$header\"\n fi\n fi\n if [ \"$newkeyfile\" = '-' ]; then\n newkeyfile=\"$CHROOT/.ecryptfs\"\n fi\n if [ \"${newkeyfile#/}\" = \"$newkeyfile\" ]; then\n newkeyfile=\"$PWD/$newkeyfile\"\n fi\n if [ -d \"$newkeyfile\" -o \"${newkeyfile%/}\" != \"$newkeyfile\" ]; then\n newkeyfile=\"${newkeyfile%/}/$NAME\"\n fi\n oldkeyfile=\"`readlink -m -- \"$oldkeyfile\"`\"\n keyfilecanon=\"`readlink -m -- \"$newkeyfile\"`\"\n if [ ! -f \"$oldkeyfile\" ]; then\n # If there is no old keyfile, make sure we've requested encryption.\n if [ -z \"$ENCRYPT\" ]; then\n error 1 \"Old key file not found\"\n fi\n elif [ \"$oldkeyfile\" != \"$keyfilecanon\" ]; then\n chrootecryptfsfile=\"`readlink -m -- \"$CHROOT/.ecryptfs\"`\"\n # Don't clobber a file already there\n if [ -e \"$newkeyfile\" -a \"$newkeyfile\" != \"$chrootecryptfsfile\" ]; then\n error 1 \"Encryption key file $newkeyfile already exists. Refusing to overwrite!\"\n fi\n # Write the new keyfile before removing the old.\n if ! mkdir -p \"`dirname \"$newkeyfile\"`\"; then\n error 1 \"Unable to create directory for $newkeyfile\"\n fi\n echo \"Moving key file from $oldkeyfile to $newkeyfile\" 1>&2\n (echo; tail -n+2 \"$oldkeyfile\") > \"$newkeyfile\"\n # Remove old keyfile before writing .ecryptfs, as it may be the same\n rm -f \"$oldkeyfile\"\n if [ \"$chrootecryptfsfile\" != \"$newkeyfile\" ]; then\n echo \"$newkeyfile\" > \"$CHROOT/.ecryptfs\"\n fi\n elif [ -z \"$ENCRYPT$MOVE\" ]; then\n echo \"Keyfile is already located at $newkeyfile\" 1>&2\n fi\n fi\n\n # Encrypt/rewrap the chroot\n if [ -n \"$ENCRYPT\" ]; then\n # Use mount-chroot to do the heavy lifting\n unmount=\"sh -e '$BINDIR/unmount-chroot' -y -c '$CHROOTS' -- '$NAME'\"\n addtrap \"$unmount\"\n if [ -n \"$KEYFILE\" ]; then\n sh -e \"$BINDIR/mount-chroot\" -ee -k \"$KEYFILE\" -c \"$CHROOTS\" -- \"$NAME\"\n else\n sh -e \"$BINDIR/mount-chroot\" -ee -c \"$CHROOTS\" -- \"$NAME\"\n fi\n undotrap\n eval \"$unmount\"\n fi\n\n # Move the chroot if requested\n if [ -n \"$MOVE\" ]; then\n target=\"$MOVE\"\n if [ \"${target##*/}\" = \"$target\" ]; then\n # No slashes in the path. Assume renaming.\n if ! validate_name \"$target\"; then\n error 2 \"Invalid target chroot name '$target'.\"\n fi\n target=\"$CHROOTS/$target\"\n elif [ \"${target%/}\" != \"$target\" ]; then\n # Ends in a slash; append name.\n target=\"$target$NAME\"\n fi\n if [ -e \"$target\" ]; then\n # Can't tell if the destination is a directory or a chroot that\n # already exists; be safe and assume it was a mistake.\n error 2 \"$target already exists\"\n fi\n # Check if we're changing filesystems, because we should cp+rm for\n # safety. We don't do this when encrypting a chroot (see mount-chroot),\n # because that would require 2x the space on one device. When switching\n # filesystems like this, however, that isn't a concern.\n if [ \"`getmountpoint \"$target\"`\" != \"`getmountpoint \"$CHROOT\"`\" ]; then\n echo \"Moving $CHROOT across filesystems to $target\" 1>&2\n echo 'This will take a while.' 1>&2\n echo \"If the operation gets interrupted, you can safely delete $target\" 1>&2\n # Confirm long operation\n if [ \"${YES#[Aa]}\" = \"$YES\" ]; then\n echo -n \"Are you sure you want to continue? [a/y/N] \" 1>&2\n if [ -n \"$CROUTON_EDIT_RESPONSE\" ]; then\n YES=\"$CROUTON_EDIT_RESPONSE\"\n echo \"$YES\" 1>&2\n else\n read -r YES\n fi\n if [ \"${YES#[AaYy]}\" = \"$YES\" ]; then\n error 2 \"Aborting move of $CHROOT\"\n fi\n fi\n if ! mkdir -p \"`dirname \"$target\"`\"; then\n error 1 \"Unable to create directory for $target\"\n fi\n echo -n \" Copying to $target...\" 1>&2\n spinner 200 cp -av --one-file-system \"$CHROOT\" \"$target\"\n echo \"Finished copying to $target\" 1>&2\n echo -n \" Deleting old $CHROOT...\" 1>&2\n spinner 1000 rm -rfv --one-file-system \"$CHROOT\"\n echo \"Finished deleting old $CHROOT\" 1>&2\n else\n if ! mkdir -p \"`dirname \"$target\"`\"; then\n error 1 \"Unable to create directory for $target\"\n fi\n echo \"Moving $CHROOT to $target\" 1>&2\n mv \"$CHROOT\" \"$target\"\n fi\n fi\n\n # Copy the chroot if requested\n if [ -n \"$COPY\" ]; then\n target=\"$COPY\"\n if [ \"${target##*/}\" = \"$target\" ]; then\n # No slashes in the path. Assume same directory.\n if ! validate_name \"$target\"; then\n error 2 \"Invalid target chroot name '$target'.\"\n fi\n target=\"$CHROOTS/$target\"\n elif [ \"${target%/}\" != \"$target\" ]; then\n # Ends in a slash; append name.\n target=\"$target$NAME\"\n fi\n if [ -e \"$target\" ]; then\n # Can't tell if the destination is a directory or a chroot that\n # already exists; be safe and assume it was a mistake.\n error 2 \"$target already exists\"\n fi\n if ! mkdir -p \"`dirname \"$target\"`\"; then\n error 1 \"Unable to create directory for $target\"\n fi\n echo \"Copying $CHROOT to $target\" 1>&2\n spinner 200 cp -av --one-file-system \"$CHROOT\" \"$target\"\n fi\ndone\n\nexit 0\n" }, { "path": "host-bin/enter-chroot", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\nAPPLICATION=\"${0##*/}\"\nBACKGROUND=''\nBINDIR=\"`dirname \"\\`readlink -f -- \"$0\"\\`\"`\"\nCHROOTS=\"`readlink -m -- \"$BINDIR/../chroots\"`\"\nKEYFILE=''\nLOGIN=''\nNAME=''\nTARGET=''\nUSERNAME='1000'\nTMPXMETHOD=''\nNOLOGIN=''\nSETUPSCRIPT='/prepare.sh'\n\nUSAGE=\"$APPLICATION [options] [command [args...]]\n\nEnters an installed Debian-based chroot for running alongside Chromium OS.\n\nBy default, it will log into the primary user on the first chroot found.\nYou can specify a command and parameters to run instead of an interactive shell.\n\nOptions:\n -b Fork and run the specified command silently in the background.\n -c CHROOTS Directory the chroots are in. Default: $CHROOTS\n -l Make the command part of a login. Parameters are passed directly\n to the chroot command, and a call to su is appended.\n -k KEYFILE Override the auto-detected encryption key location.\n -n NAME Name of the chroot to enter. Default: first one found in CHROOTS\n -t TARGET Only enter the chroot if it contains the specified TARGET.\n -u USERNAME Username (or UID) to log into. Default: 1000 (the primary user)\n -X XMETHOD Override the auto-detected XMETHOD for this session.\n -x Does not log in, but directly executes the command instead.\n Note that the environment will be empty (sans TERM).\n Specify -x a second time to run the $SETUPSCRIPT script.\"\n\n# Common functions\n. \"$BINDIR/../installer/functions\"\n\n# Safely launch a command ($*) via /bin/sh within the chroot as the root user.\nchrootcmd() {\n # env may be overridden when running in the background; don't let it fork.\n local ret=0 oldtrap=\"$TRAP\"\n TRAP=''\n env -i chroot \"$CHROOT\" su -s '/bin/sh' -c \"$*\" - root || ret=$?\n local pid=\"$!\"\n # $pid might not be set if env has not been redefined yet\n if [ -n \"$BACKGROUND\" ] && [ -n \"$pid\" ]; then\n wait \"$pid\" || ret=$?\n fi\n TRAP=\"$oldtrap\"\n return \"$ret\"\n}\n\n# Process arguments\nprevoptind=1\nwhile getopts 'bc:k:ln:t:u:X:x' f; do\n # Disallow empty string as option argument\n if [ \"$((OPTIND-prevoptind))\" = 2 -a -z \"$OPTARG\" ]; then\n error 2 \"$USAGE\"\n fi\n prevoptind=\"$OPTIND\"\n case \"$f\" in\n b) BACKGROUND='y';;\n c) CHROOTS=\"`readlink -m -- \"$OPTARG\"`\";;\n k) KEYFILE=\"$OPTARG\";;\n l) LOGIN='y';;\n n) NAME=\"$OPTARG\";;\n t) TARGET=\"$OPTARG\";;\n u) USERNAME=\"$OPTARG\";;\n X) TMPXMETHOD=\"$OPTARG\";;\n x) NOLOGIN=\"$((NOLOGIN+1))\"\n [ \"$NOLOGIN\" -gt 2 ] && NOLOGIN=2;;\n \\?) error 2 \"$USAGE\";;\n esac\ndone\nshift \"$((OPTIND-1))\"\n\n# Shift away empty string as first argument (used in start* scripts to mark\n# the end of user-specified parameters)\nif [ \"$#\" -ge 1 -a -z \"$1\" ]; then\n shift\nfi\n\n# We need to run as root\nif [ \"$USER\" != root -a \"$UID\" != 0 ]; then\n error 2 \"$APPLICATION must be run as root.\"\nfi\n\n# We need a command if we specified to run in the background\nif [ -n \"$BACKGROUND\" -a $# = 0 ]; then\n error 2 \"A command must be specified in order to run in the background.\"\nfi\n\n# If -x is specified twice, our command is the setup script.\nif [ \"$NOLOGIN\" = 2 ]; then\n if [ $# != 0 ]; then\n error 2 \"A command cannot be specified with -xx.\"\n fi\n if [ -n \"$BACKGROUND\" ]; then\n error 2 \"Cannot run the setup script in the background.\"\n fi\n set -- \"$SETUPSCRIPT\"\nfi\n\n# Select the first chroot available if one hasn't been specified\nif [ -z \"$NAME\" ]; then\n haschroots=''\n for CHROOT in \"$CHROOTS\"/*; do\n if [ ! -d \"$CHROOT/etc\" -a ! -f \"$CHROOT/.ecryptfs\" ]; then\n continue\n fi\n haschroots='y'\n if [ -n \"$TARGET\" ]; then\n if ! grep -q \"^$TARGET$\" \"$CHROOT/.crouton-targets\" 2>/dev/null; then\n continue\n fi\n fi\n NAME=\"${CHROOT##*/}\"\n break\n done\n if [ -z \"$haschroots\" ]; then\n error 1 \"No chroots found in $CHROOTS\"\n fi\n if [ -z \"$NAME\" ]; then\n error 1 \"No chroots with target '$TARGET' found in $CHROOTS\"\n fi\nelif [ -n \"$TARGET\" ]; then\n if ! grep -q \"^$TARGET$\" \"$CHROOTS/$NAME/.crouton-targets\" 2>/dev/null; then\n error 1 \"$CHROOTS/$NAME does not contain target '$TARGET'\"\n fi\nfi\n\n# Check to ensure that the XMETHOD requested has been installed\nif [ -n \"$TMPXMETHOD\" ]; then\n if ! grep -q \"^${TMPXMETHOD%%-*}$\" \"$CHROOTS/$NAME/.crouton-targets\"; then\n error 1 \"$CHROOTS/$NAME does not contain XMETHOD '${TMPXMETHOD%%-*}'\"\n fi\nfi\n\n# Avoid kernel panics due to slow I/O\ndisablehungtask\n\n# Allow X server running as normal user to set/drop DRM master\ndrm_relax_file=\"/sys/kernel/debug/dri/drm_master_relax\"\nif [ -f \"$drm_relax_file\" ]; then\n echo 'Y' > \"$drm_relax_file\"\nfi\n\n# Make sure we always exit with echo on the tty.\naddtrap \"stty echo 2>/dev/null\"\n\n# Mount the chroot and update our CHROOT path\nCHROOTSRC=\"$CHROOTS/$NAME\"\nif [ -n \"$KEYFILE\" ]; then\n CHROOT=\"`sh -e \"$BINDIR/mount-chroot\" \\\n -k \"$KEYFILE\" -p -c \"$CHROOTS\" -- \"$NAME\"`\"\nelse\n CHROOT=\"`sh -e \"$BINDIR/mount-chroot\" -p -c \"$CHROOTS\" -- \"$NAME\"`\"\nfi\n\nif [ \"$NOLOGIN\" != 2 ]; then\n echo \"Entering $CHROOTSRC...\" 1>&2\nfi\n\n# In disk full situations, mount-chroot can be empty. Good time to check sanity.\nif [ -z \"$CHROOT\" ]; then\n error 1 'Something is wrong with the crouton install. Please make sure you have\nsufficient space available, then re-install the chroot and try again.'\nfi\n\n# Register the crash_reporter_wrapper to properly handle coredumps\nif [ -f \"$BINDIR/crash_reporter_wrapper\" ]; then\n if ! sh -e \"$BINDIR/crash_reporter_wrapper\" register; then\n echo 'WARNING: Unable to register core dump handler.' 1>&2\n fi\nfi\n\nif [ -z \"$CROUTON_NO_UNMOUNT\" ]; then\n # Auto-unmount everything below and including the chroot upon exit\n addtrap \"sh -e '$BINDIR/unmount-chroot' -yc '$CHROOTS' -- '$NAME'\"\nfi\n\n# If our root is on an external disk we need to ensure USB device persistence is\n# enabled otherwise we will lose the file-system after a suspend event.\nif [ \"${CHROOTSRC#/media}\" != \"$CHROOTSRC\" ]; then\n for usbp in /sys/bus/usb/devices/*/power/persist; do\n if [ -e \"$usbp\" ]; then\n echo 1 > \"$usbp\"\n fi\n done\nfi\n\n# Offer to run the setup script if it exists and yet we're logging in.\nif [ -z \"$NOLOGIN\" -a -f \"$CHROOT$SETUPSCRIPT\" ]; then\n echo 'A chroot setup script still exists inside the chroot.' 1>&2\n echo 'The chroot may not be fully set up.' 1>&2\n response=''\n # A finished setup script will have permissions 500\n if [ \"`stat -c '%a' \"$CHROOT$SETUPSCRIPT\"`\" != '500' ]; then\n echo 'However, it appears the setup script is invalid.' 1>&2\n response='d'\n fi\n if [ -t 0 -a -z \"$response\" ]; then\n echo -n 'Would you like to finish the setup? [Y/n/d] ' 1>&2\n read -r response\n fi\n if [ -z \"$response\" -o \"${response#[Yy]}\" != \"$response\" ]; then\n echo 'Preparing chroot environment...' 1>&2\n if CROUTON_NO_UNMOUNT=1 sh -e \"$BINDIR/enter-chroot\" \\\n -c \"$CHROOTS\" -n \"$NAME\" -xx; then\n echo 'Setup completed. Entering chroot...' 1>&2\n response=''\n else\n echo 'The chroot setup script may be broken. Your chroot is not fully configured.' 1>&2\n response='d'\n fi\n fi\n if [ \"${response#[Dd]}\" != \"$response\" ]; then\n echo 'Removing the chroot setup script. You may want to update your chroot again.' 1>&2\n rm -f \"$CHROOT$SETUPSCRIPT\"\n elif [ -n \"$response\" ]; then\n echo 'Skipping setup. You will be prompted again next time.' 1>&2\n fi\nfi\n\n# Resolve USERNAME if it is a UID (and we're logging in)\npasswd=\"$CHROOT/etc/passwd\"\nif [ -z \"$NOLOGIN\" ]; then\n if [ ! -r \"$passwd\" ]; then\n error 1 \"$CHROOTSRC doesn't appear to be a valid chroot.\"\n fi\n case \"$USERNAME\" in\n ''|*[!0-9]*)\n # Make sure the username exists\n if ! grep -q \"^$USERNAME:\" \"$passwd\"; then\n error 1 \"User $USERNAME not found in $NAME\"\n fi;;\n *)\n # Resolve the UID\n uid=\"$USERNAME\"\n USERNAME=\"`awk -F: '$3=='\"$uid\"'{print $1; exit}' \"$passwd\"`\"\n if [ -z \"$USERNAME\" ]; then\n error 1 \"UID $uid not found in $NAME\"\n fi\n esac\n # Detect the home directory and shell for the user\n CHROOTHOME=\"`awk -F: '$1==\"'\"$USERNAME\"'\"{print $6; exit}' \"$passwd\"`\"\n CHROOTSHELL=\"`awk -F: '$1==\"'\"$USERNAME\"'\"{print $NF; exit}' \"$passwd\"`\"\nelse\n CHROOTSHELL='/bin/sh'\nfi\n\n# Save the chroot name to the chroot\necho \"$NAME\" > \"$CHROOT/etc/crouton/name\"\n\n# Ensure $CHROOT/var/host exists.\nmkdir -p \"$CHROOT/var/host\"\n\n# Copy in the current Chromium OS version for reference\ncp -f '/etc/lsb-release' \"$CHROOT/var/host/\"\n\n# Copy CRAS version into the chroot\ncras_test_client --version 2>/dev/null > \"$CHROOT/var/host/cras-version\" || true\n\n# Copy the latest Xauthority into the chroot\nif [ -f \"${XAUTHORITY:=/home/chronos/.Xauthority}\" ]; then\n cp -f \"$XAUTHORITY\" \"$CHROOT/var/host/Xauthority\"\n chmod 444 \"$CHROOT/var/host/Xauthority\"\n # Be backwards-compatible, just in case\n if [ -f \"$CHROOT/etc/X11/host-Xauthority\" ]; then\n ln -sfT '/var/host/Xauthority' \"$CHROOT/etc/X11/host-Xauthority\"\n fi\nfi\n\n# Prepare chroot filesystem\n# Soft-link resolv.conf so that updates are automatically propagated\nln -sfT '/var/host/shill/resolv.conf' \"$CHROOT/etc/resolv.conf\"\n\n# Sanity check of the timezone setting\nlocaltime=\"$CHROOT/etc/localtime\"\nhostlocaltime='/var/host/timezone/localtime'\nif [ -h \"$localtime\" ] && [ \"`readlink -- \"$localtime\"`\" = \"$hostlocaltime\" ]; then\n timezone=\"`readlink -m -- /var/lib/timezone/localtime || true`\"\n if [ -z \"$timezone\" -o ! -e \"$CHROOT$LOCALTIME\" ]; then\n echo \"\\\nWARNING: the timezone selected in Chromium OS does not exist inside the chroot.\nTo set the chroot's timezone, run the following: sudo dpkg-reconfigure tzdata\" 1>&2\n else\n # Set /etc/timezone in chroot - fixes the clock in Unity\n echo \"${timezone#/usr/share/zoneinfo/}\" > \"$CHROOT/etc/timezone\"\n fi\nfi\n\n# Follows and fixes dangerous symlinks, returning the canonicalized path.\nfixabslinks() {\n local p=\"$CHROOT/$1\" c\n # Follow and fix dangerous absolute symlinks\n while c=\"`readlink -m -- \"$p\"`\" && [ \"$c\" != \"$p\" ]; do\n p=\"$CHROOT${c#\"$CHROOT\"}\"\n done\n echo \"$p\"\n}\n\n# Bind-mounts $1 into $CHROOT/${2:-\"$1\"} if $2 is not already mounted\n# If $3 is specified, remounts with the specified options.\n# If $1 starts with a -, it's considered options to the bind mount, and the rest\n# of the parameters are shifted.\nbindmount() {\n bindopts=''\n if [ \"${1#\"-\"}\" != \"$1\" ]; then\n bindopts=\"$1\"\n shift\n fi\n local target=\"`fixabslinks \"${2:-\"$1\"}\"`\"\n if mountpoint -q \"$target\"; then\n return 0\n fi\n mkdir -p \"$target\"\n mount --bind $bindopts \"$1\" \"$target\"\n mount -i -o 'remount,symfollow' \"$target\" 2>/dev/null || true\n if [ -n \"$3\" ]; then\n mount -i -o \"remount,$3\" \"$target\"\n fi\n}\n\n# Creates a tmpfs mount at $CHROOT/$1 with options $2 if not already mounted\ntmpfsmount() {\n local target=\"`fixabslinks \"$1\"`\"\n if mountpoint -q \"$target\"; then\n return 0\n fi\n mkdir -p \"$target\"\n mount -i -t tmpfs -o \"rw${2:+,}$2\" tmpfs \"$target\"\n mount -i -o 'remount,symfollow' \"$target\" 2>/dev/null || true\n}\n\n# If /var/run isn't mounted, we know the chroot hasn't been started yet.\nif mountpoint -q \"`fixabslinks '/var/run'`\"; then\n firstrun=''\nelse\n firstrun='y'\nfi\n\nbindmount /dev\nbindmount /dev/pts\nbindmount /dev/shm\nbindmount /tmp /tmp exec\nbindmount /proc\ntmpfsmount /var/run 'noexec,nosuid,mode=0755,size=10%'\ntmpfsmount /var/run/lock 'noexec,nosuid,nodev,size=5120k'\nbindmount /var/run/dbus /var/host/dbus\nbindmount /var/run/shill /var/host/shill\nbindmount /var/lib/timezone /var/host/timezone\nfor m in /lib/modules/*; do\n if [ -d \"$m\" ]; then\n bindmount '-o ro' \"$m\"\n fi\ndone\n\n# Add a shm symlink to our new /var/run\nln -sfT /dev/shm \"`fixabslinks '/var/run'`/shm\"\n\n# Setup udev control directory in the chroot\n# Chromium OS >=6092 uses /run/udev, older versions /dev/.udev\nif [ -d /var/run/udev ]; then\n bindmount /var/run/udev /var/host/udev\n ln -sfT /var/host/udev \"`fixabslinks '/var/run'`/udev\"\nelse\n # Add a /run/udev symlink for later versions of udev in chroot\n ln -sfT /dev/.udev \"`fixabslinks '/var/run'`/udev\"\nfi\n\nif [ -d /var/run/cras ]; then\n bindmount /var/run/cras /var/host/cras\n # Add a /var/host/cras symlink for CRAS clients\n ln -sfT /var/host/cras \"$(fixabslinks '/var/run')/cras\"\nelse\n echo \"\\\nWARNING: CRAS not running in Chromium OS. Audio forwarding will not work.\" 1>&2\nfi\n\nif [ -d /var/run/chrome ]; then\n bindmount /var/run/chrome /var/host/chrome\n # Add a /var/host/chrome symlink for display clients\n ln -sfT /var/host/chrome \"$(fixabslinks '/var/run')/chrome\"\nelse\n echo \"\\\nWARNING: Chrome not running in Chromium OS. Display forwarding will not work.\" 1>&2\nfi\n\n# Bind-mount /media, specifically the removable directory\ndestmedia=\"`fixabslinks '/var/host/media'`\"\nif ! mountpoint -q \"$destmedia\"; then\n mount --make-shared /media\n mkdir -p \"$destmedia\" \"$CHROOT/media\"\n ln -sfT \"/var/host/media/removable\" \"$CHROOT/media/removable\"\n mount --rbind /media \"$destmedia\"\nfi\n\n# Provide a default /etc/crouton/shares file\nshares=\"`fixabslinks '/etc/crouton/shares'`\"\nif [ -e \"$shares\" -a ! -f \"$shares\" ]; then\n echo \"Not mounting shares: /etc/crouton/shares is not a file.\" 1>&2\nelif [ ! -f \"$shares\" ]; then\n cat > \"$shares\" <&2\n continue\n fi\n src=\"$localmyfiles/${src#*/}\";;\n download|downloads)\n if [ -z \"$localdownloads\" ]; then\n echo \"Not mounting share (no Chromium OS user):$line\" 1>&2\n continue\n fi\n src=\"$localdownloads/${src#*/}\";;\n encrypt|encrypted)\n if [ -z \"$localencrypted\" ]; then\n echo \"Not mounting share (no Chromium OS user):$line\" 1>&2\n continue\n fi\n src=\"$localencrypted/${src#*/}\";;\n share|shares|shared)\n src=\"$localshare/${src#*/}\";;\n error)\n # Print the error message from awk script.\n echo \"$dest\" 1>&2\n echo \"$opts\" 1>&2\n continue;;\n *)\n echo \"Invalid share:$line\" 1>&2\n continue;;\n esac\n # Expand dest for homedirs\n if [ \"${dest#\"~\"}\" != \"$dest\" ]; then\n destuser=\"${dest%%/*}\"\n if [ \"$destuser\" = '~' ]; then\n if [ -z \"$CHROOTHOME\" ]; then\n echo \"Not mounting share (no chroot user):$line\" 1>&2\n continue\n fi\n dest=\"$CHROOTHOME/${dest#*/}\"\n else\n dest=\"/home/${destuser#\"~\"}/${dest#*/}\"\n fi\n fi\n # Do the bindmount\n mkdir -m 700 -p \"$src\"\n if ! bindmount \"$src\" \"$dest\" \"${opts:-exec}\"; then\n echo \"Failed to mount share:$line\" 1>&2\n fi\n done\nfi\n\n# Bind-mount /sys recursively, making it a slave in the chroot\nif ! mountpoint -q \"$CHROOT/sys\"; then\n mkdir -p \"$CHROOT/sys\"\n mount --make-rshared /sys\n mount --rbind /sys \"$CHROOT/sys\"\n mount --make-rslave \"$CHROOT/sys\"\n # Unmount selinux in the chroot, make a fake entry to set enforce=0\n if mountpoint -q \"$CHROOT/sys/fs/selinux\"; then\n umount \"$CHROOT/sys/fs/selinux\"\n mount -t tmpfs none \"$CHROOT/sys/fs/selinux\"\n echo 0 > \"$CHROOT/sys/fs/selinux/enforce\"\n mount -o remount,ro \"$CHROOT/sys/fs/selinux\"\n fi\nfi\n\n# Modify chroot's /sys/class/drm and /dev/dri to avoid vgem/mfgsys\nvarrundrm=\"$(fixabslinks '/var/run/drm')\"\nvarrundri=\"$(fixabslinks '/var/run/dri')\"\nsysclassdrm=\"$(fixabslinks '/sys/class/drm')\"\ndevdri=\"$(fixabslinks '/dev/dri')\"\nif [ ! -d \"$varrundrm\" -a -d \"$sysclassdrm\" -a -d \"$devdri\" ]; then\n cp -Ta \"$sysclassdrm\" \"$varrundrm\"\n cp -Ta \"$devdri\" \"$varrundri\"\n for f in \"$varrundrm\"/*; do\n if [ -h \"$f\" ] && readlink -- \"$f\" | grep -qF -e /vgem/ -e mfgsys; then\n rm -f \"$f\" \"$varrundri/${f##*/}\"\n fi\n done\n # Scanning of /dev/dri is done sequentially, so make sure there's a card0\n for f in \"$varrundri/card\"*; do\n [ -e \"$varrundri/card0\" ] || mv -f \"$f\" \"$varrundri/card0\"\n done\n mount --bind \"$varrundrm\" \"$sysclassdrm\"\n mount --bind \"$varrundri\" \"$devdri\"\nfi\n\n# Get croutonversion variables\ncroutonversion=\"$CHROOT/usr/local/bin/croutonversion\"\nCHROOTRELEASE=\"unknown\"\nif [ -x \"$croutonversion\" ]; then\n CHROOTRELEASE=\"`\"$croutonversion\" -r 2>/dev/null || echo \"$CHROOTRELEASE\"`\"\nfi\n\n# For test machines with low entropy, bind mount /dev/urandom to /dev/random\nif [ -n \"$CROUTON_WEAK_RANDOM\" ]; then\n mount --bind \"$CHROOT/dev/urandom\" \"$CHROOT/dev/random\"\nfi\n\n# Fix group numbers for critical groups to match Chromium OS. This is necessary\n# so that users have access to shared hardware, such as video and audio.\ngfile=\"$CHROOT/etc/group\"\nif [ -f \"$gfile\" ]; then\n for group in audio:hwaudio cras:audio cdrom chronos-access:crouton \\\n devbroker-access dialout disk floppy i2c input lp serial \\\n tape tty usb:plugdev uucp video wayland; do\n hostgroup=\"${group%:*}\"\n chrootgroup=\"${group#*:}\"\n gid=\"$(awk -F: '$1==\"'\"$hostgroup\"'\"{print $3; exit}' '/etc/group')\"\n curgid=\"$(awk -F: '$1==\"'\"$chrootgroup\"'\"{print $3; exit}' \"$gfile\")\"\n if [ -z \"$gid\" ]; then\n if [ -z \"$curgid\" ]; then\n echo \"Creating unassociated $chrootgroup group...\" 1>&2\n chrootcmd groupadd --system \"$chrootgroup\"\n fi\n continue\n fi\n if [ \"$gid\" = \"$curgid\" ]; then\n continue\n elif [ -z \"$curgid\" ]; then\n echo \"Creating $chrootgroup group with GID $gid...\" 1>&2\n groupcmd=groupadd\n else\n echo \"Changing $chrootgroup GID from $curgid to $gid...\" 1>&2\n groupcmd=groupmod\n fi\n move=\"`awk -F: '$3=='\"$gid\"'{print $1; exit}' \"$gfile\"`\"\n if [ -n \"$move\" ]; then\n ngid=\"$gid\"\n while grep -q \":$ngid:\" \"$gfile\"; do\n ngid=\"$((ngid+1))\"\n done\n echo \"Moving $move GID from $gid to $ngid...\" 1>&2\n chrootcmd groupmod -g \"$ngid\" \"$move\"\n fi\n chrootcmd \"$groupcmd\" -g \"$gid\" \"$chrootgroup\"\n done\nfi\n\n# To run silently, we override the env command to launch a background process,\n# and move the trap code to happen there.\nif [ -n \"$BACKGROUND\" ]; then\n env() {\n # Shuffle FDs around to preserve stdin\n { (\n trap '' INT HUP\n trap \"$TRAP\" 0\n exec 0<&9 9<&-\n [ -t 0 ] && exec < /dev/null\n [ -t 1 ] && exec > /dev/null\n [ -t 2 ] && exec 2>&1\n /usr/bin/env \"$@\"\n ) & } 9<&0\n }\nfi\n\nret=0\n\n# Launch the system dbus unless we are entering a basic shell.\nif [ \"$NOLOGIN\" != 1 ] && grep -q '^root:' \"$passwd\" 2>/dev/null; then\n # Try to detect the dbus user by parsing its configuration file\n # If it fails, or if the user does not exist, `id -un '$dbususer'`\n # will fail, and we fallback on a default user name (\"messagebus\")\n dbususer=\"`echo \"cat /busconfig/user/text()\" \\\n | xmllint --shell \"$CHROOT/etc/dbus-1/system.conf\" 2>/dev/null \\\n | grep '^[a-z][-a-z0-9_]*$' || true`\"\n chrootcmd \"\n if ! hash dbus-daemon 2>/dev/null; then\n exit 0\n fi\n dbususer='$dbususer'\"'\n pidfile=\"/var/run/dbus/pid\"\n if [ -f \"$pidfile\" ]; then\n if grep -q \"^dbus-daemon\" \"/proc/`cat \"$pidfile\"`/cmdline\" \\\n 2>/dev/null; then\n exit 0\n fi\n rm -f \"$pidfile\"\n fi\n mkdir -p /var/run/dbus\n dbususer=\"`id -un \"$dbususer\" 2>/dev/null || echo \"messagebus\"`\"\n dbusgrp=\"`id -gn \"$dbususer\" 2>/dev/null || echo \"messagebus\"`\"\n chown \"$dbususer:$dbusgrp\" /var/run/dbus\n exec dbus-daemon --system --fork' || ret=$?\n if [ \"$ret\" != 0 ]; then\n echo \"WARNING: starting chroot system dbus daemon failed with code $ret\" 1>&2\n ret=0\n fi\n\n # Launch systemd-logind if available and not already running\n # Whitelisted for saucy and trusty\n systemd_dir=\"`fixabslinks '/run/systemd'`\"\n if [ -x \"$CHROOT/lib/systemd/systemd-logind\" ] && \\\n [ ! -d \"$systemd_dir\" ] && \\\n [ \"$CHROOTRELEASE\" = 'saucy' -o \"$CHROOTRELEASE\" = 'trusty' ]; then\n # Every piece of systemd code ever assumes that this directory exists\n mkdir -p \"$systemd_dir\"\n\n # Create systemd cgroup if necessary\n if ! mountpoint -q \"$CHROOT/sys/fs/cgroup/systemd\"; then\n mkdir -p \"$CHROOT/sys/fs/cgroup/systemd\"\n mount -t cgroup -o nosuid,noexec,nodev,none,name=systemd systemd \\\n \"$CHROOT/sys/fs/cgroup/systemd\"\n fi\n # systemd-logind doesn't fork\n chrootcmd \"/lib/systemd/systemd-logind >/dev/null 2>&1 /dev/null 2>&1 &1 ) &\n noticepid=\"$!\"\n addtrap \"kill '$noticepid' 2>/dev/null\"\n chrootcmd 'exec /etc/rc.local >/dev/null 2>/dev/null /dev/null || true\n wait \"$noticepid\" || true\n if [ \"$ret\" != 0 ]; then\n echo \"WARNING: /etc/rc.local failed with code $ret\" 1>&2\n ret=0\n fi\n fi\n\n if [ $# = 0 -o -n \"$LOGIN\" ]; then\n env -i TERM=\"$TERM\" chroot \"$CHROOT\" \"$@\" su - \"$USERNAME\" || ret=$?\n else\n # Escape out the command\n cmd=\"export SHELL='$CHROOTSHELL';\"\n if [ -n \"$TMPXMETHOD\" ]; then\n cmd=\"$cmd export XMETHOD='$TMPXMETHOD';\"\n fi\n for param in \"$@\"; do\n cmd=\"$cmd'`echo -n \"$param\" | sed \"s/'/'\\\\\\\\\\\\''/g\"`' \"\n done\n env -i TERM=\"$TERM\" chroot \"$CHROOT\" \\\n su -s '/bin/sh' -c \"$cmd\" - \"$USERNAME\" \\\n || ret=$?\n fi\nfi\n\n# We don't want to trap for this proccess if we're running in the background\nif [ -n \"$BACKGROUND\" ]; then\n settrap ''\nfi\n\n# Cleanup all happens in the exit trap\nexit $ret\n" }, { "path": "host-bin/mount-chroot", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\nAPPLICATION=\"${0##*/}\"\nBINDIR=\"`dirname \"\\`readlink -f -- \"$0\"\\`\"`\"\nCHROOTS=\"`readlink -m -- \"$BINDIR/../chroots\"`\"\nCREATE=''\nENCRYPT=''\nKEYFILE=''\nPRINT=''\nROOT=\"`readlink -m -- '/var/run/crouton'`\"\nMOUNTOPTS='rw,dev,exec,suid'\nMETRICSDIR='/run/metrics/external/crouton'\n\nUSAGE=\"$APPLICATION [options] name [...]\n\nMounts one or more chroots into a root-only subdirectory of $ROOT\n\nOptions:\n -c CHROOTS Directory the chroots are in. Default: $CHROOTS\n -e If the chroot is not encrypted, encrypt it.\n If specified twice, prompt to change the encryption passphrase.\n -k KEYFILE File or directory to store the (encrypted) encryption keys in.\n If unspecified, the keys will be stored in the chroot if doing a\n first encryption, or auto-detected on existing chroots.\n -n Create the chroot if it doesn't exist.\n -p Prints out the path to the mounted directory on stdout.\"\n\n# Common functions\n. \"$BINDIR/../installer/functions\"\n\n# Process arguments\ngetopts_string='c:ek:np'\nwhile getopts_nextarg; do\n case \"$getopts_var\" in\n c) CHROOTS=\"`readlink -m -- \"$getopts_arg\"`\";;\n e) ENCRYPT=\"$((ENCRYPT+1))\";;\n k) KEYFILE=\"$getopts_arg\";;\n n) CREATE='y';;\n p) PRINT='y';;\n \\?) error 2 \"$USAGE\";;\n esac\ndone\n\n# Need at least one chroot listed\nif [ $# = 0 ]; then\n error 2 \"$USAGE\"\nfi\n\n# We need to run as root\nif [ \"$USER\" != root -a \"$UID\" != 0 ]; then\n error 2 \"$APPLICATION must be run as root.\"\nfi\n\n# Make sure we always exit with echo on the tty.\naddtrap \"stty echo 2>/dev/null\"\n\n# Whitelists a directory for symlink and other hardening\nwhitelist() {\n # As of 67, symlinks and fifos are blocked in stateful partitions.\n # Add exceptions for this chroot.\n local sec='/sys/kernel/security' mounted=''\n if mountpoint -q \"$sec\"; then\n mounted=y\n elif ! mount -n -t securityfs -o nodev,noexec,nosuid securityfs \"$sec\"; then\n return\n fi\n # Ensure it's mounted rw\n if ! mount -o remount,rw \"$sec\"; then\n echo \"Failed to make inode security policies writeable\" >&2\n return 1\n fi\n policies=\"$sec/chromiumos/inode_security_policies\"\n if [ -d \"$policies\" ]; then\n # Touch allow_symlink first to avoid kernel crash on chromeos-5.15 R126.\n printf \"$CHROOT\" > \"$policies/allow_symlink\"\n printf \"$CHROOT\" > \"$policies/allow_fifo\"\n fi\n if [ -z \"$mounted\" ]; then\n umount \"$sec\"\n fi\n}\n\n# Function to prompt the user for a passphrase. Sets $passphrase.\npromptNewPassphrase() {\n echo_tty -n \"Choose an encryption passphrase for $NAME: \"\n [ -t 0 ] && stty -echo\n while [ -z \"$passphrase\" ]; do\n read -r passphrase\n if [ -z \"$passphrase\" ]; then\n echo_tty ''\n echo_tty -n 'You must specify a passphrase: '\n continue\n fi\n echo_tty ''\n echo_tty -n 'Please confirm your passphrase: '\n read -r confirmation\n if [ \"$confirmation\" != \"$passphrase\" ]; then\n passphrase=''\n echo_tty ''\n echo_tty -n 'Passphrases do not match; try again: '\n fi\n confirmation=''\n done\n [ -t 0 ] && stty echo\n echo_tty ''\n}\n\n# Mount each chroot\nfor NAME in \"$@\"; do\n if ! validate_name \"$NAME\"; then\n error 2 \"Invalid chroot name '$NAME'.\"\n fi\n\n # Check for existence\n CHROOT=\"$CHROOTS/$NAME\"\n movesrc=''\n if [ -d \"$CHROOT\" ]; then\n if [ -f \"$CHROOT/.ecryptfs\" -o -n \"$ENCRYPT\" ]; then\n if [ -z \"$ENCRYPT\" ]; then\n ENCRYPT=0\n fi\n # Check for non-encrypted files that we may need to move\n for file in \"$CHROOT/\"*; do\n if [ \"${file#*/ECRYPTFS_FNEK_ENCRYPTED}\" = \"$file\" ]; then\n movesrc=\"$CHROOT\"\n break\n fi\n done\n fi\n elif [ -z \"$CREATE\" ]; then\n error 1 \"$CHROOT not found.\"\n else\n mkdir -p \"$CHROOT\"\n fi\n\n CHROOTSRC=\"$CHROOT\"\n CHROOT=\"$ROOT/${CHROOT#/}\"\n\n # Ensure there's a root-only folder for the bind-mounted chroot\n mkdir -p -m 0700 \"$CHROOT\"\n chown root:root \"$ROOT\"\n chmod 700 \"$ROOT\"\n\n # Extraordinarily vague usage stat; see https://crbug.com/989219\n if [ -z \"${CROUTON_DISABLE_STATS-}\" -a -d \"${METRICSDIR%/*}\" ]; then\n mkdir -p -m 0777 \"$METRICSDIR\"\n chown root:root \"$METRICSDIR\"\n chmod 777 \"$METRICSDIR\"\n touch \"$METRICSDIR/crouton-started\"\n fi || true\n\n if [ -n \"$PRINT\" ]; then\n echo \"$CHROOT\"\n fi\n\n # Check if we actually need to mount\n if ! mountpoint -q \"$CHROOT\"; then\n if [ -z \"$ENCRYPT\" ]; then\n mount --bind \"$CHROOTSRC\" \"$CHROOT\"\n mount -i -o \"remount,$MOUNTOPTS\" \"$CHROOT\"\n mount -i -o 'remount,symfollow' \"$CHROOT\" 2>/dev/null || true\n mount --make-private \"$CHROOT\"\n whitelist \"$CHROOT\"\n continue\n fi\n\n # We must be on a terminal, unless we already have a password in env.\n if [ ! -t 0 -a -z \"$CROUTON_PASSPHRASE$CROUTON_NEW_PASSPHRASE\" ]; then\n error 2 'STDIN is not a terminal; cannot request passwords.'\n fi\n\n # Ensure that there's a root password set before decrypting the chroot,\n # unless the passphrase was specified via env, which isn't secure anyway\n if [ ! -f '/mnt/stateful_partition/etc/devmode.passwd' ]; then\n echo_tty \\\n'You must have a root password in Chromium OS to mount encrypted chroots.'\n if [ -z \"$CROUTON_PASSPHRASE$CROUTON_NEW_PASSPHRASE\" ]; then\n while ! chromeos-setdevpasswd; do :; done\n fi\n fi\n\n # Detect the key file\n if [ -z \"$KEYFILE\" ]; then\n KEYFILE=\"$CHROOTSRC/.ecryptfs\"\n if [ -f \"$KEYFILE\" ]; then\n header=\"`head -n1 \"$KEYFILE\"`\"\n if [ -n \"$header\" ]; then\n KEYFILE=\"$header\"\n fi\n fi\n elif [ \"${KEYFILE#/}\" = \"$KEYFILE\" ]; then\n KEYFILE=\"$PWD/$KEYFILE\"\n fi\n if [ -d \"$KEYFILE\" -o \"${KEYFILE%/}\" != \"$KEYFILE\" ]; then\n KEYFILE=\"${KEYFILE%/}/$NAME\"\n fi\n if ! mkdir -p \"`dirname \"$KEYFILE\"`\"; then\n error 1 \"Unable to create directory for $KEYFILE\"\n fi\n\n # If we just created it, choose and create the keyfile.\n passphrase=\"${CROUTON_PASSPHRASE:-\"$CROUTON_NEW_PASSPHRASE\"}\"\n if [ ! -f \"$CHROOTSRC/.ecryptfs\" ]; then\n if [ -e \"$KEYFILE\" ]; then\n error 1 \"Encryption key file $KEYFILE already exists. Refusing to overwrite!\"\n fi\n\n promptNewPassphrase\n\n if [ -z \"$CROUTON_WEAK_RANDOM\" ]; then\n random=\"/dev/random\"\n echo 'Generating keys (move the mouse to generate entropy)...' 1>&2\n else\n random=\"/dev/urandom\"\n echo 'Generating keys from /dev/urandom...' 1>&2\n fi\n key=\"`hexdump -v -n32 -e'32/1 \"%02x\"' \"$random\"`\"\n fnek=\"`hexdump -v -n32 -e'32/1 \"%02x\"' \"$random\"`\"\n echo 'done' 1>&2\n\n # Create key file\n wrappedkey=\"`mktemp`\"\n wrappedfnek=\"`mktemp`\"\n addtrap \"rm -f '$wrappedkey' '$wrappedfnek'\"\n echo -n \"$key\n$passphrase\" | ecryptfs-wrap-passphrase \"$wrappedkey\" -\n echo -n \"$fnek\n$passphrase\" | ecryptfs-wrap-passphrase \"$wrappedfnek\" -\n unset key fnek\n echo | cat - \"$wrappedkey\" \"$wrappedfnek\" > \"$KEYFILE\"\n if [ ! -f \"$CHROOTSRC/.ecryptfs\" ]; then\n echo \"$KEYFILE\" > \"$CHROOTSRC/.ecryptfs\"\n fi\n elif [ ! -f \"$KEYFILE\" ]; then\n error 1 \"Unable to find encryption key file $KEYFILE\"\n else\n echo_tty -n \"Enter encryption passphrase for $NAME: \"\n [ -t 0 ] && stty -echo\n if [ -z \"$passphrase\" ]; then\n read -r passphrase\n fi\n [ -t 0 ] && stty echo\n echo_tty ''\n\n wrappedkey=\"`mktemp`\"\n wrappedfnek=\"`mktemp`\"\n addtrap \"rm -f '$wrappedkey' '$wrappedfnek'\"\n\n # Extract wrapped keys from keyfile\n wrappedtotal=\"$(($(wc -c < \"$KEYFILE\") - $(head -n 1 \"$KEYFILE\" | wc -c)))\"\n wrappedsize=\"$((wrappedtotal / 2))\"\n tail -c \"$wrappedtotal\" \"$KEYFILE\" | head -c \"$wrappedsize\" > \"$wrappedkey\"\n tail -c \"$wrappedsize\" \"$KEYFILE\" > \"$wrappedfnek\"\n\n # Change the passphrase if requested\n if [ \"${ENCRYPT:-0}\" -ge 2 ]; then\n oldpassphrase=\"$passphrase\"\n passphrase=\"$CROUTON_NEW_PASSPHRASE\"\n promptNewPassphrase\n\n echo \"Applying passphrase change\" 1>&2\n echo -n \"$oldpassphrase\n$passphrase\" | ecryptfs-rewrap-passphrase \"$wrappedkey\" -\n echo -n \"$oldpassphrase\n$passphrase\" | ecryptfs-rewrap-passphrase \"$wrappedfnek\" -\n echo | cat - \"$wrappedkey\" \"$wrappedfnek\" > \"$KEYFILE\"\n\n unset oldpassphrase\n fi\n fi\n\n # Add keys to keychain and extract\n keysig=\"`echo -n \"$passphrase\" \\\n | ecryptfs-unwrap-passphrase \"$wrappedkey\" - 2>/dev/null \\\n | ecryptfs-add-passphrase - 2>/dev/null \\\n | sed -n 's/.*\\[\\([0-9a-zA-Z]*\\)\\].*/\\1/p'`\"\n fneksig=\"`echo -n \"$passphrase\" \\\n | ecryptfs-unwrap-passphrase \"$wrappedfnek\" - 2>/dev/null \\\n | ecryptfs-add-passphrase - 2>/dev/null \\\n | sed -n 's/.*\\[\\([0-9a-zA-Z]*\\)\\].*/\\1/p'`\"\n if [ -z \"$keysig\" -o -z \"$fneksig\" ]; then\n error 1 \"Failed to decrypt $NAME.\"\n fi\n\n # Create a new session, and link user keyring to that session,\n # as required by ecryptfs.\n keyctl new_session >/dev/null\n keyctl link @u @s\n\n mnt=\"ecryptfs_sig=$keysig,ecryptfs_fnek_sig=$fneksig\"\n mnt=\"$mnt,ecryptfs_cipher=aes,ecryptfs_key_bytes=16\"\n mnt=\"$mnt,ecryptfs_unlink_sigs,$MOUNTOPTS\"\n\n if ! mount -i -t ecryptfs -o \"$mnt\" \"$CHROOTSRC\" \"$CHROOT\"; then\n error 1 \"Failed to mount $NAME.\"\n fi\n\n mount -i -o 'remount,symfollow' \"$CHROOT\" 2>/dev/null || true\n\n whitelist \"$CHROOT\"\n fi\n\n # Perform the move\n if [ -z \"$movesrc\" ]; then\n continue\n fi\n response=y\n for file in \"$movesrc/\"*; do\n if [ \"${file#*/ECRYPTFS_FNEK_ENCRYPTED}\" != \"$file\" ]; then\n echo -n \\\n\"About to continue encrypting the unencrypted portion of $NAME.\nIf this is unexpected, then it could mean that someone's trying to inject files\ninto your encrypted chroot, potentially allowing them to steal your data.\nPlease choose one of the following options:\nyes -- You are sure you want to continue moving the files in. They're yours.\ndel -- You do not like these files and want them deleted permanently.\nlist -- You do not know what these files are and want to list them.\nno -- You don't want to decide one way or another quite yet.\n> \" 1>&2\n # Don't allow a response to be specified in env unless the password\n # was also specified in env.\n if [ -n \"$CROUTON_PASSPHRASE\" -a \\\n -n \"$CROUTON_MOUNT_RESPONSE\" ]; then\n response=\"$CROUTON_MOUNT_RESPONSE\"\n echo \"$response\" 1>&2\n else\n read -r response\n fi\n break\n fi\n done\n case \"$response\" in\n y*|Y*) (\n echo -n \"Encrypting $NAME; please wait...\" 1>&2\n cd \"$movesrc\"\n tmp=\"`mktemp -d --tmpdir=. 'ECRYPTFS_MOVE_STAGING_XXXXXX'`\"\n find -not -name 'ECRYPTFS_FNEK_ENCRYPTED*' \\\n -not -wholename './ECRYPTFS_MOVE_STAGING_*' \\\n -not -wholename '.' \\\n -not -wholename './.ecryptfs' \\\n -not -wholename './.crouton-targets' \\\n -exec mkdir -p \"$tmp/{}\" ';' \\\n -exec rmdir \"$tmp/{}\" ';' \\\n '(' -prune , -exec mv -fT '{}' \"$tmp/{}\" ';' ')' 1>&2\n for tmp in ECRYPTFS_MOVE_STAGING_*; do\n (\n cd \"$tmp\"\n find '!' '(' -type d -exec test -d \"$CHROOT/{}\" ';' ')' \\\n '(' -prune , -exec mv -fT '{}' \"$CHROOT/{}\" ';' ')' \\\n -exec echo -n . ';' 1>&2\n find -depth -type d -not -wholename . \\\n -exec test -d \"$CHROOT/{}\" ';' \\\n -exec rmdir '{}' ';' 1>&2\n )\n rmdir \"$tmp\" 2>/dev/null || true\n done\n echo 'done.' 1>&2\n );;\n d*|D*) (\n echo \"Deleting unencrypted files in $NAME; please wait...\" 1>&2\n cd \"$movesrc\"\n find -not -name 'ECRYPTFS_FNEK_ENCRYPTED*' \\\n -not -wholename '.' \\\n -not -wholename './.ecryptfs' \\\n -not -wholename './.crouton-targets' \\\n '(' -prune , -exec rm -rvf '{}' ';' ')' 1>&2\n echo 'Done.' 1>&2\n );;\n l*|L*) (\n echo \"Listing unencrypted files in $NAME; please wait...\" 1>&2\n cd \"$movesrc\"\n find -not -name 'ECRYPTFS_FNEK_ENCRYPTED*' \\\n -not -name 'ECRYPTFS_MOVE_STAGING_*' \\\n -not -wholename '.' \\\n -not -wholename './.ecryptfs' \\\n -not -wholename './.crouton-targets' \\\n -print -prune | cut -b2- 1>&2\n echo 'Done.' 1>&2\n exit 2\n );;\n esac\ndone\n\nexit 0\n" }, { "path": "host-bin/startcli", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\nAPPLICATION=\"${0##*/}\"\n\nUSAGE=\"$APPLICATION [options]\n\nWraps enter-chroot to start a CLI session in a new VT.\nBy default, it will log into the primary user on the first chroot found.\n\nOptions are directly passed to enter-chroot; run enter-chroot to list them.\"\n\nif [ -f /sbin/frecon ]; then\n # Until we get a stable interface to controlling frecon, just use the pty\n openvt=''\nelse\n openvt='openvt -vws --'\nfi\n\nexport TERM='linux'\nexec sh -e \"`dirname \"\\`readlink -f -- \"$0\"\\`\"`/enter-chroot\" -t cli-extra -l \\\n \"$@\" \"\" $openvt\n" }, { "path": "host-bin/starte17", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\nAPPLICATION=\"${0##*/}\"\n\nUSAGE=\"$APPLICATION [options]\n\nWraps enter-chroot to start an e17 session.\nBy default, it will log into the primary user on the first chroot found.\n\nOptions are directly passed to enter-chroot; run enter-chroot to list them.\"\n\nexec sh -e \"`dirname \"\\`readlink -f -- \"$0\"\\`\"`/enter-chroot\" -t e17 \"$@\" \"\" \\\n exec xinit /usr/bin/enlightenment_start\n" }, { "path": "host-bin/startgnome", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\nAPPLICATION=\"${0##*/}\"\n\nUSAGE=\"$APPLICATION [options]\n\nWraps enter-chroot to start a GNOME session.\nBy default, it will log into the primary user on the first chroot found.\n\nOptions are directly passed to enter-chroot; run enter-chroot to list them.\"\n\nexec sh -e \"`dirname \"\\`readlink -f -- \"$0\"\\`\"`/enter-chroot\" -t gnome \"$@\" \"\" \\\n exec startgnome\n" }, { "path": "host-bin/startkde", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\nAPPLICATION=\"${0##*/}\"\n\nUSAGE=\"$APPLICATION [options]\n\nWraps enter-chroot to start a KDE session.\nBy default, it will log into the primary user on the first chroot found.\n\nOptions are directly passed to enter-chroot; run enter-chroot to list them.\"\n\nexec sh -e \"`dirname \"\\`readlink -f -- \"$0\"\\`\"`/enter-chroot\" -t kde \"$@\" \"\" \\\n exec xinit /usr/bin/startkde\n" }, { "path": "host-bin/startkodi", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\nAPPLICATION=\"${0##*/}\"\n\nUSAGE=\"$APPLICATION [options]\n\nWraps enter-chroot to start an KODI session.\nBy default, it will log into the primary user on the first chroot found.\n\nOptions are directly passed to enter-chroot; run enter-chroot to list them.\"\n\nexec sh -e \"`dirname \"\\`readlink -f -- \"$0\"\\`\"`/enter-chroot\" -t kodi \"$@\" \"\" \\\n exec croutonpowerd -i xinit /usr/bin/kodi --standalone\n" }, { "path": "host-bin/startlxde", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\nAPPLICATION=\"${0##*/}\"\n\nUSAGE=\"$APPLICATION [options]\n\nWraps enter-chroot to start an LXDE session.\nBy default, it will log into the primary user on the first chroot found.\n\nOptions are directly passed to enter-chroot; run enter-chroot to list them.\"\n\nexec sh -e \"`dirname \"\\`readlink -f -- \"$0\"\\`\"`/enter-chroot\" -t lxde \"$@\" \"\" \\\n exec xinit /usr/bin/startlxde\n" }, { "path": "host-bin/startunity", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\nAPPLICATION=\"${0##*/}\"\n\nUSAGE=\"$APPLICATION [options]\n\nWraps enter-chroot to start a Unity session.\nBy default, it will log into the primary user on the first chroot found.\n\nOptions are directly passed to enter-chroot; run enter-chroot to list them.\"\n\nexec sh -e \"`dirname \"\\`readlink -f -- \"$0\"\\`\"`/enter-chroot\" -t unity \"$@\" \"\" \\\n exec startunity\n" }, { "path": "host-bin/startxfce4", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\nAPPLICATION=\"${0##*/}\"\n\nUSAGE=\"$APPLICATION [options]\n\nWraps enter-chroot to start an Xfce session.\nBy default, it will log into the primary user on the first chroot found.\n\nOptions are directly passed to enter-chroot; run enter-chroot to list them.\"\n\nexec sh -e \"`dirname \"\\`readlink -f -- \"$0\"\\`\"`/enter-chroot\" -t xfce \"$@\" \"\" \\\n exec startxfce4\n" }, { "path": "host-bin/startxiwi", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\nAPPLICATION=\"${0##*/}\"\nENTERCHROOT=\"$(dirname \"$(readlink -f -- \"$0\")\")/enter-chroot\"\nOPTS_ENTER=''\nOPTS_XIWI=''\n\nUSAGE=\"$APPLICATION [options] chroot_app [parameters]\n\nWraps enter-chroot to launch a window or tab in Chromium OS for any graphical application.\nApplications launched in this way show in independent windows or tabs.\n\nBy default, it will use the primary user on the first xiwi-enabled chroot found and launch\nthe chroot_app in a window.\n\nOptions:\n$(\"$ENTERCHROOT\" -h 2>&1 | grep -e ' -[bckntu]')\n -F Launch the chroot_app full-screen.\n -T Launch the chroot_app in a tab.\n -f Prevent xiwi from quitting automatically. (see NOTE below)\n\nNOTE:\nxiwi will normally close when the application returns. Some gui applications\nfork before or during normal operation, which can confuse xiwi and cause it to\nquit prematurely. If your application does not have a parameter that prevents\nit from forking, and crouton is unable to automatically detect the fork, you can\nuse -f to prevent xiwi from quitting automatically.\nxiwi will quit if you close the Chromium OS window when nothing is displayed.\n \nYou can cycle through multiple windows inside the application\nvia Ctrl-Alt-Tab/Ctrl-Alt-Shift-Tab, or close them via Ctrl-Alt-Shift-Escape.\nIf the chroot_app begins with 'start' but you still want to\nuse the default window manager, specify the full path of the application.\n\"\n\nwhile getopts 'bc:k:n:t:u:FTf' OPT; do\n case \"$OPT\" in\n b) OPTS_ENTER=\"$OPTS_ENTER -$OPT\";;\n c|k|n|t|u)\n OPTARG=\"$(echo -n \"$OPTARG\" | sed -e \"s/'/'\\\\\\\\\\\\''/g\")\"\n OPTS_ENTER=\"$OPTS_ENTER -$OPT '$OPTARG'\";;\n f|F|T) OPTS_XIWI=\"$OPTS_XIWI -$OPT\";;\n \\?) echo \"$USAGE\" 1>&2\n exit 2;;\n esac\ndone\nshift \"$((OPTIND-1))\"\n\nif [ \"$#\" = \"0\" ]; then \n echo \"$USAGE\" 1>&2\n exit 2\nfi\n\neval \"exec sh -e \\\"\\$ENTERCHROOT\\\" -t xiwi $OPTS_ENTER \\\n exec xiwi $OPTS_XIWI \\\"\\$@\\\"\"\n \n" }, { "path": "host-bin/unmount-chroot", "content": "#!/bin/sh -e\n# Copyright (c) 2016 The crouton Authors. All rights reserved.\n# Use of this source code is governed by a BSD-style license that can be\n# found in the LICENSE file.\n\nset -e\n\nAPPLICATION=\"${0##*/}\"\nALLCHROOTS=''\nBINDIR=\"`dirname \"\\`readlink -f -- \"$0\"\\`\"`\"\nCHROOTS=\"`readlink -m -- \"$BINDIR/../chroots\"`\"\nEXCLUDEROOT=''\nFORCE=''\nPRINT=''\nSIGNAL='TERM'\nTRIES=5\nYES=''\nROOT=\"`readlink -m -- '/var/run/crouton'`\"\n\nUSAGE=\"$APPLICATION [options] name [...]\n\nUnmounts one or more chroots, optionally killing any processes still running\ninside them.\n\nBy default, it will run in interactive mode where it will ask to kill any\nremaining processes if unable to unmount the chroot within 5 seconds.\n\nOptions:\n -a Unmount all chroots in the CHROOTS directory.\n -c CHROOTS Directory the chroots are in. Default: $CHROOTS\n -f Forces a chroot to unmount, potentially breaking or killing\n other instances of the same chroot.\n -k KILL Send the processes SIGKILL instead of SIGTERM.\n -p Print to STDOUT the processes stopping a chroot from unmounting.\n -t TRIES Number of seconds to try before signalling the processes.\n Use -t inf to be exceedingly patient. Default: $TRIES\n -x Keep the root directory of the chroot mounted.\n -y Signal any remaining processes without confirmation.\n Automatically escalates from SIGTERM to SIGKILL.\"\n\n# Common functions\n. \"$BINDIR/../installer/functions\"\n\n# Process arguments\ngetopts_string='ac:fkpt:xy'\nwhile getopts_nextarg; do\n case \"$getopts_var\" in\n a) ALLCHROOTS='y';;\n c) CHROOTS=\"`readlink -m -- \"$getopts_arg\"`\";;\n f) FORCE='y';;\n k) SIGNAL=\"KILL\";;\n p) PRINT='y';;\n t) TRIES=\"$getopts_arg\";;\n x) EXCLUDEROOT='y';;\n y) YES='a';;\n \\?) error 2 \"$USAGE\";;\n esac\ndone\n\n# Need at least one chroot listed, or -a; not both.\nif [ $# = 0 -a -z \"$ALLCHROOTS\" ] || [ $# != 0 -a -n \"$ALLCHROOTS\" ]; then\n error 2 \"$USAGE\"\nfi\n\n# Make sure TRIES is valid\nif [ \"$TRIES\" = inf ]; then\n TRIES=-1\nelif [ \"$TRIES\" -lt -1 ]; then\n error 2 \"$USAGE\"\nfi\n\n# We need to run as root\nif [ \"$USER\" != root -a \"$UID\" != 0 ]; then\n error 2 \"$APPLICATION must be run as root.\"\nfi\n\n# Check if a chroot is running with this directory. We detect the\n# appropriate commands by checking if the command's parent root is not equal\n# to the pid's root. This avoids not unmounting due to a lazy-quitting\n# background application within the chroot. We also don't consider processes\n# that have a parent PID of 1 or that of session_manager's (which would mean an\n# orphaned process in this case), as enter-chroot never orphans its children.\n# $1: $base; the canonicalized base path of the chroot\n# Returns: non-zero if the chroot is in use.\ncheckusage() {\n if [ -n \"$FORCE\" ]; then\n return 0\n fi\n local b=\"${1%/}/\" pid ppid proot prootdir root rootdir pids=''\n local smgrpid=\"`pgrep -o -u 0 -x session_manager || echo 1`\"\n for root in /proc/*/root; do\n if [ ! -r \"$root\" ]; then\n continue\n fi\n rootdir=\"`readlink -f -- \"$root\"`\"\n rootdir=\"${rootdir%/}/\"\n if [ \"${rootdir#\"$b\"}\" = \"$rootdir\" ]; then\n continue\n fi\n pid=\"${root#/proc/}\"\n pid=\"${pid%/root}\"\n ppid=\"`ps -p \"$pid\" -o ppid= 2>/dev/null | sed 's/ //g'`\"\n if [ -z \"$ppid\" ] || [ \"$ppid\" -eq 1 -o \"$ppid\" -eq \"$smgrpid\" ]; then\n continue\n fi\n proot=\"/proc/$ppid/root\"\n if [ -r \"$proot\" ]; then\n prootdir=\"`readlink -f -- \"$proot\"`\"\n if [ \"${prootdir%/}/\" = \"$rootdir\" ]; then\n continue\n fi\n fi\n if [ -n \"$PRINT\" ]; then\n pids=\"$pids $pid\"\n continue\n fi\n return 1\n done\n if [ -n \"$PRINT\" -a -n \"$pids\" ]; then\n ps -p \"${pids# }\" -o pid= -o cmd= || true\n return 1\n fi\n return 0\n}\n\n# If we specified all chroots, bring in all chroots.\nif [ -n \"$ALLCHROOTS\" ]; then\n if [ ! -d \"$CHROOTS\" ]; then\n error 1 \"$CHROOTS not found.\"\n fi\n set -- \"$CHROOTS/\"*\nfi\n\n# Follows and fixes dangerous symlinks, returning the canonicalized path.\nfixabslinks() {\n local p=\"$CHROOT/$1\" c\n # Follow and fix dangerous absolute symlinks\n while c=\"`readlink -m -- \"$p\"`\" && [ \"$c\" != \"$p\" ]; do\n p=\"$CHROOT${c#\"$CHROOT\"}\"\n done\n echo \"$p\"\n}\n\n# Unmount the specified chroot $1\n# sets oldstyle if the chroot was unmounted in an old location.\n# if oldstyle is set upon entry, skips the check for old-style mounts.\nunmount() {\n NAME=\"${1#\"$CHROOTS/\"}\"\n\n # Check for existence\n CHROOT=\"$CHROOTS/$NAME\"\n if [ ! -d \"$CHROOT\" ]; then\n if [ -z \"$ALLCHROOTS\" ]; then\n echo \"$CHROOT not found.\" 1>&2\n ret=1\n fi\n return 0\n fi\n\n # Switch to the true mount point, but sort of support old-style mounted\n # chroots with minimal false-positives to ease transition. Don't unmount\n # old-style twice in a row, though.\n CHROOTSRC=\"$CHROOT\"\n oldencr=\"$CHROOTS/.secure/$NAME\"\n if mountpoint -q \"$oldencr\" \\\n && [ -d \"$oldencr/etc/crouton\" -a -z \"$oldstyle\" ]; then\n # Old encrypted chroots\n oldstyle='y'\n CHROOT=\"$oldencr\"\n echo \"$CHROOTSRC appears to be mounted in $CHROOT\" 1>&2\n elif mountpoint -q \"$CHROOT\" \\\n && [ -d \"$CHROOT/etc/crouton\" -a -z \"$oldstyle\" ]; then\n # Keep the chroot the same\n oldstyle='y'\n echo \"$CHROOTSRC appears to be mounted in place\" 1>&2\n else\n oldstyle=''\n CHROOT=\"$ROOT/${CHROOT#/}\"\n if [ ! -d \"$CHROOT\" ]; then\n # Not mounted\n return 0\n fi\n fi\n\n base=\"`readlink -f -- \"$CHROOT\"`\"\n\n if ! checkusage \"$base\"; then\n echo \"Not unmounting $CHROOTSRC as another instance is using it.\" 1>&2\n ret=1\n return 0\n fi\n\n # Kill the chroot's system dbus if one is running; failure is fine\n env -i chroot \"$CHROOT\" su -s '/bin/sh' -c '\n pidfile=\"/var/run/dbus/pid\"\n if [ ! -f \"$pidfile\" ]; then\n exit 0\n fi\n pid=\"`cat \"$pidfile\"`\"\n if ! grep -q \"^dbus-daemon\" \"/proc/$pid/cmdline\" 2>/dev/null; then\n exit 0\n fi\n kill $pid' - root 2>/dev/null || true\n\n # Unmount all mounts\n ntries=0\n if [ -z \"$EXCLUDEROOT\" ]; then\n echo \"Unmounting $CHROOTSRC...\" 1>&2\n else\n echo \"Pruning $CHROOTSRC mounts...\" 1>&2\n fi\n baseesc=\"`echo \"$base\" | sed 's= =//=g'`\"\n\n # Define the mountpoint filter to only unmount specific mounts.\n # The filter is run on the escaped version of the mountpoint.\n filter() {\n if [ -z \"$EXCLUDEROOT\" ]; then\n grep \"^$baseesc\\\\(/.*\\\\)\\\\?\\$\"\n else\n # Don't include the base directory\n grep \"^$baseesc/.\"\n fi\n }\n\n # Sync for safety\n sync\n\n # Make sure the chroot's system media bind-mount is marked as slave to avoid\n # unmounting devices system-wide. We still want to unmount locally-mounted\n # media, though.\n media=\"`fixabslinks '/var/host/media'`\"\n if mountpoint -q \"$media\"; then\n mount --make-rslave \"$media\"\n fi\n\n # Some /proc/mounts entries may end with \\040(deleted), in that case, try to\n # umount them with and without the suffix (in the unlikely case the mount\n # point actually ends with ' (deleted)')\n # umount has a bug and may return 0 when many mount points cannot be\n # unmounted, so we call it once per mount point ('-n 1')\n while ! sed \"s=\\\\\\\\040=//=g\" /proc/mounts | cut -d' ' -f2 | filter \\\n | sed -e 's=//= =g;s/^\\(\\(.*\\) (deleted)\\)$/\\1\\n\\2/' \\\n | sort -r | xargs --no-run-if-empty -d '\n' -n 1 umount 2>/dev/null; do\n if [ \"$ntries\" -eq \"$TRIES\" ]; then\n # Send signal to all processes running under the chroot\n # ...but confirm first.\n printonly=''\n if [ \"${YES#[Aa]}\" = \"$YES\" ]; then\n echo -n \"Failed to unmount $CHROOTSRC. Kill processes? [a/k/y/p/N] \" 1>&2\n if [ -n \"$CROUTON_UNMOUNT_RESPONSE\" ]; then\n YES=\"$CROUTON_UNMOUNT_RESPONSE\"\n echo \"$YES\" 1>&2\n else\n read -r YES\n fi\n if [ \"${YES#[Kk]}\" != \"$YES\" ]; then\n SIGNAL='KILL'\n elif [ \"${YES#[Pp]}\" != \"$YES\" ]; then\n printonly=y\n elif [ \"${YES#[AaYy]}\" = \"$YES\" ]; then\n echo \"Skipping unmounting of $CHROOTSRC\" 1>&2\n ret=1\n break\n fi\n fi\n if [ -z \"$printonly\" ]; then\n echo \"Sending SIG$SIGNAL to processes under $CHROOTSRC...\" 1>&2\n fi\n for root in /proc/*/root; do\n if [ ! -r \"$root\" ] \\\n || [ ! \"`readlink -f -- \"$root\"`\" = \"$base\" ]; then\n continue\n fi\n pid=\"${root#/proc/}\"\n pid=\"${pid%/root}\"\n if [ -n \"${printonly:-\"$PRINT\"}\" ]; then\n ps -p \"$pid\" -o pid= -o cmd= || true\n fi\n if [ -z \"$printonly\" ]; then\n kill \"-$SIGNAL\" \"$pid\" 2>/dev/null || true\n fi\n done\n\n # Escalate\n if [ \"${YES#[Aa]}\" != \"$YES\" ]; then\n SIGNAL='KILL'\n fi\n\n if [ -z \"$printonly\" ]; then\n ntries=0\n fi\n else\n ntries=\"$((ntries+1))\"\n fi\n sleep 1\n if ! checkusage \"$base\"; then\n echo \"Aborting unmounting $CHROOTSRC as another instance has begun using it.\" 1>&2\n ret=1\n break\n fi\n done\n\n # More sync for more safety\n sync\n}\n\n# Unmount each chroot\nret=0\nfor NAME in \"$@\"; do\n if [ -z \"$NAME\" ]; then\n continue\n fi\n oldstyle=''\n unmount \"$NAME\"\n # If we unmounted old-style, do it again in case the new-style was also mounted.\n if [ -n \"$oldstyle\" ]; then\n unmount \"$NAME\"\n fi\ndone\n\n# HACK: restart debugd when running tests to avoid namespace issues.\n# This will go away when we start using mount namespaces.\nif [ -n \"$CROUTON_UNMOUNT_RESTART_DEBUGD\" ]; then\n restart debugd >/dev/null || true\nfi\n\n# Re-disable USB persistence (the Chromium OS default) if we no longer\n# have chroots running with a root in removable media\nif checkusage \"$ROOT/media\"; then\n for usbp in /sys/bus/usb/devices/*/power/persist; do\n if [ -e \"$usbp\" ]; then\n echo 0 > \"$usbp\"\n fi\n done\nfi\n\nexit $ret\n" }, { "path": "host-ext/.gitignore", "content": "crouton.crx\ncrouton.zip\ncrouton.pem\ncrouton/kiwi.pexe\n" }, { "path": "host-ext/crouton/background.html", "content": "\n\n\n \n \n \n \n \n \n