Fix and enhance networking

build-deb.sh

@@ -2,10 +2,12 @@
 
 chmod u=rwx src/etc/initramfs-tools/hooks/*.sh
 chmod u=rwx src/etc/initramfs-tools/scripts/init-premount/*.sh
+chmod u=rwx src/etc/initramfs-tools/scripts/init-bottom/*.sh
 chmod u=rwx src/lib/cryptsetup/scripts/wget_or_ask
 
 chmod og=rx src/etc/initramfs-tools/hooks/*.sh
 chmod og=rx src/etc/initramfs-tools/scripts/init-premount/*.sh
+chmod og=rx src/etc/initramfs-tools/scripts/init-bottom/*.sh
 chmod og=rx src/lib/cryptsetup/scripts/wget_or_ask
 
-dpkg-deb -b src dist
+dpkg-deb -b src dist

src/etc/initramfs-tools/scripts/init-bottom/networking.sh

@@ -0,0 +1,31 @@
+#!/bin/sh
+
+PREREQ=""
+
+prereqs() {
+	echo "$PREREQ"
+}
+
+case "$1" in
+	prereqs)
+		prereqs
+		exit 0
+	;;
+esac
+
+. /scripts/functions
+
+# Bring all interfaces down or set variable IFACE to none
+IFDOWN=*
+
+if [ "$BOOT" != nfs ] && [ "$IFDOWN" != none ]; then
+    for IFACE in /sys/class/net/$IFDOWN; do
+        [ -e "$IFACE" ] || continue
+        IFACE="${IFACE#/sys/class/net/}"
+        log_begin_msg "Bringing down $IFACE"
+        ip link    set   dev "$IFACE" down
+        ip address flush dev "$IFACE"
+        ip route   flush dev "$IFACE"
+	log_end_msg
+    done
+fi

src/etc/initramfs-tools/scripts/init-premount/networking.sh

@@ -1,32 +1,49 @@
 #!/bin/sh
-set -e
 
-PREREQ=""
+PREREQ="udev"
 
-prereqs()
-{
+prereqs() {
     echo "$PREREQ"
 }
 
-case $1 in
+case "$1" in
     prereqs)
         prereqs
         exit 0
-        ;;
+    ;;
 esac
 
 . /scripts/functions
 
-# The more sensible approach might be use the configure_networking function
-# but I struggled to make this work well independently of configuring NFS
-wait_for_udev 10
-ipconfig -t 30 -c dhcp -d eth0
-
-
-# Cloudflare
-echo 'nameserver 1.1.1.1' > /etc/resolv.conf
-echo 'nameserver 1.0.0.1' >> /etc/resolv.conf
-
-# Quad 9
-echo 'nameserver 9.9.9.9' >> /etc/resolv.conf
-echo 'nameserver 9.9.9.10' >> /etc/resolv.conf
+# Network is manually configured.
+[ "$IP" != off ] && [ "$IP" != none ] || exit 0
+
+# Always run configure_networking() before fetching the key; on NFS 
+# mounts this has been already done
+[ "$BOOT" != nfs ] && configure_networking
+
+# Waiting a moment to get a valid network connection before 
+# configuring resolv.conf
+connection_wait=30
+seconds=0
+while [ $seconds -le $connection_wait ]; do
+    if [ "$(/sbin/ip addr | grep -c inet )" -ne 0 ]; then
+        break
+    fi
+    if [ $seconds -ge $connection_wait ]; then
+        log_failure_msg "No working networking connection found in $connection_wait seconds"
+    fi
+    sleep 1
+    seconds=$(( seconds + 1))
+done
+
+# Configure a basic resolv.conf just to get domain name resolving 
+# working.
+if ! [ -s /etc/resolv.conf ]; then
+    # Cloudflare
+    [ -z "$IPV4DNS0" ] && IPV4DNS0="1.1.1.1"
+    # Quad9
+    [ -z "$IPV4DNS1" ] && IPV4DNS1="9.9.9.9"
+    echo "nameserver $IPV4DNS0" > /etc/resolv.conf
+    echo "nameserver $IPV4DNS1" >> /etc/resolv.conf
+fi

tests/shellcheck.sh

@@ -3,4 +3,5 @@ SC_EXCLUDE="SC2181,SC2162,SC1091,SC2129"
 
 shellcheck -s sh --exclude="$SC_EXCLUDE" src/lib/cryptsetup/scripts/wget_or_ask \
   src/etc/initramfs-tools/hooks/*.sh \
-  src/etc/initramfs-tools/scripts/init-premount/networking.sh
+  src/etc/initramfs-tools/scripts/init-premount/networking.sh
+  src/etc/initramfs-tools/scripts/init-bottom/networking.sh