2 tool
=$
(readlink
-e "${0%/*}/..")
5 sudo debconf-set-selections
<<-EOF
6 grub-pc grub-pc/install_devices multiselect
8 "$tool"/local
/apt-get-install grub-pc
9 sudo
install -d -m 644 -o root
-g root
/boot
/grub
10 "$tool"/local
/apt-get-install linux-image-
$local_arch
11 sudo
install -m 644 -o root
-g root
/dev
/stdin \
12 /etc
/default
/grub
<<-EOF
15 GRUB_DISTRIBUTOR=\`lsb_release -i -s 2> /dev/null || echo Debian\`
16 GRUB_CMDLINE_LINUX_DEFAULT="quiet"
17 GRUB_CMDLINE_LINUX="vt.default_utf8=1 rootfstype=ext4 loglevel=5 console=hvc0 console=ttyS0 ip=$local_ipv4::$local_gateway:$local_dropbear_netmask:$vm:eth0:off resume=/dev/mapper/${vm}_swap_deciphered"
18 GRUB_DISABLE_RECOVERY="true"
19 #GRUB_PRELOAD_MODULES="lvm"
20 GRUB_TERMINAL="console serial"
21 GRUB_SERIAL_COMMAND="serial --unit=0 --speed=38400 --word=8 --parity=no --stop=1"
23 sudo
install -m 644 -o root
-g root
/dev
/stdin \
24 /boot
/grub
/device.map
<<-EOF
26 (hd0) /dev/mapper/domU-$(printf %s $local_fqdn-disk | sed -e 's/-/--/g')
28 sudo update-grub2
# NOTE: prend en compte /boot/grub/device.map
29 "$tool"/local
/initramfs-configure
30 "$tool"/local
/apt-get-install molly-guard
31 sudo
install -m 644 -o root
-g root
/dev
/stdin \
32 /etc
/molly-guard
/rc
<<-EOF
33 ALWAYS_QUERY_HOSTNAME=true
34 # NOTE: une alternative est de dire à sudo de conserver les SSH_*
35 # néamoins demander tout le temps n'est pas trop contraignant
36 # et davantage sécurisant.