Commit 2e9a9bbc authored by Nikos Skalkotos's avatar Nikos Skalkotos
Browse files

Add needed command entries in Unattend.xml

Do not expect the ChangeAdminPassword.cmd and diskpart.exe
RunSynchronousCommand entries to be present in the Unattend.xml file.
Check for their presence and add them if needed.
parent f21f9ca7
......@@ -583,6 +583,38 @@ create_unattend_component() {
fi
}
windows_add_synchronous_command() {
local unattend arch description order path component run_synchronous \
token rsc
unattend="$1"
arch="$2"
description="$3"
order="$4"
path="$5"
# Create 'Microsoft-Windows-Deployment' if missing
create_unattend_component "$unattend" specialize 'Microsoft-Windows-Deployment' "$arch"
component='/_:unattend/_:settings[@pass="specialize"]'
component+='/_:component[@name="Microsoft-Windows-Deployment" and @processorArchitecture="'"$arch"'"]'
if ! $XMLSTARLET sel -t -v "$component/_:RunSynchronous" "$unattend" &>/dev/null; then
$XMLSTARLET ed -L -s "$component" -t elem -n RunSynchronous "$unattend"
fi
token=$(cat /proc/sys/kernel/random/uuid)
$XMLSTARLET ed -L -s "$component/_:RunSynchronous" -t elem -n RunSynchronousCommand "$unattend"
$XMLSTARLET ed -L -s "($component/_:RunSynchronous/_:RunSynchronousCommand[count(@*)=0])[1]" -t attr -n randomToken -v "$token" "$unattend"
rsc="$component/_:RunSynchronous/_:RunSynchronousCommand[@randomToken=\"$token\"]"
$XMLSTARLET ed -L \
-s "$rsc" -t elem -n Description -v "$description" \
-s "$rsc" -t elem -n Order -v "$order" \
-s "$rsc" -t elem -n Path -v "$path" \
-i "$rsc" -t attr -n wcm:action -v add \
-d "$rsc/@randomToken" "$unattend"
}
bsd2linux() {
local partition device
partition="$1"
......
......@@ -49,9 +49,32 @@ if [ ! -f "@commondir@/unattend.xml" ]; then
fi
target=$SNF_IMAGE_TARGET
arch=$(get_windows_architecture "$target")
if [ -z "$arch" ]; then
log_error "Unable to determine windows architecture"
fi
mkdir -p "$target/Windows/Setup/Scripts"
touch "$target/Windows/Setup/Scripts/SetupComplete.cmd"
mkdir -p "$target/Windows/SnfScripts"
echo "exit" > "$target/Windows/SnfScripts/ExtendFilesystem"
echo "del /Q /F C:\Windows\SnfScripts\ExtendFilesystem" >> \
"$target/Windows/Setup/Scripts/SetupComplete.cmd"
echo "@echo off" > "$target/Windows/SnfScripts/ChangeAdminPassword.cmd"
# For security reasons, overwrite the file before deleting...
spaces=$(printf "%200s");
echo "echo ${spaces// /X} > C:\Windows\SnfScripts\ChangeAdminPassword.cmd" >> \
"$target/Windows/Setup/Scripts/SetupComplete.cmd"
echo "del /Q /F C:\Windows\SnfScripts\ChangeAdminPassword.cmd" >> \
"$target/Windows/Setup/Scripts/SetupComplete.cmd"
echo "rmdir C:\Windows\SnfScripts" >> \
"$target/Windows/Setup/Scripts/SetupComplete.cmd"
if [ "$SNF_IMAGE_PROPERTY_OSFAMILY" = windows ]; then
unattend=$(get_unattend "$target")
if test -n "$unattend" && ! check_yes_no SNF_IMAGE_PROPERTY_IGNORE_UNATTEND; then
......@@ -68,37 +91,40 @@ if [ "$SNF_IMAGE_PROPERTY_OSFAMILY" = windows ]; then
else
cat "@commondir@/unattend.xml" > "$target/Unattend.xml"
fi
unattend="$target/Unattend.xml"
fi
# FIXME: There is no guarantee the answer file is actually named
# C:\unattend.xml. These may have to be modified to use the actual
# name of the answer file, as returned by get_unattend().
echo "del /Q /F C:\unattend.xml" >> \
echo 'del /Q /F C:\unattend.xml' >> \
"$target/Windows/Setup/Scripts/SetupComplete.cmd"
echo "del /Q /F C:\windows\panther\unattend.xml" >> \
echo 'del /Q /F C:\windows\panther\unattend.xml' >> \
"$target/Windows/Setup/Scripts/SetupComplete.cmd"
fi
mkdir -p "$target/Windows/SnfScripts"
echo "exit" > "$target/Windows/SnfScripts/ExtendFilesystem"
echo "del /Q /F C:\Windows\SnfScripts\ExtendFilesystem" >> \
"$target/Windows/Setup/Scripts/SetupComplete.cmd"
echo "@echo off" > "$target/Windows/SnfScripts/ChangeAdminPassword.cmd"
# For security reasons, overwrite the file before deleting...
spaces=$(printf "%200s");
echo "echo ${spaces// /X} > C:\Windows\SnfScripts\ChangeAdminPassword.cmd" >> \
"$target/Windows/Setup/Scripts/SetupComplete.cmd"
echo "del /Q /F C:\Windows\SnfScripts\ChangeAdminPassword.cmd" >> \
"$target/Windows/Setup/Scripts/SetupComplete.cmd"
echo "rmdir C:\Windows\SnfScripts" >> \
"$target/Windows/Setup/Scripts/SetupComplete.cmd"
# Check if ChangeAdminPassword.cmd and ExtendFilesystem are executed by
# this unattend.xml file. If this is not the case, then add the proper
# entries
xpath='/_:unattend/_:settings/_:component[@processorArchitecture="'"$arch"'"]/_:RunSynchronous/_:RunSynchronousCommand'
commands=$($XMLSTARLET sel -t -v "$xpath/_:Path" "$unattend") || true
max_order=$($XMLSTARLET sel -t -v "($xpath/_:Order[not(. < $xpath/_:Order)])[1]" "$unattend") || true
order=$((max_order+1)) || true
if ! grep -i ChangeAdminPassword.cmd <<< "$commands" &> /dev/null; then
windows_add_synchronous_command "$unattend" "$arch" \
"Change user passwords" \
"$((order++))" \
'C:\Windows\SnfScripts\ChangeAdminPassword.cmd'
fi
if [ "$SNF_IMAGE_PROPERTY_OSFAMILY" = "windows-legacy" ]; then
if ! grep -i ExtendFilesystem <<< "$commands" &> /dev/null; then
windows_add_synchronous_command "$unattend" "$arch" \
"Extend the file system" \
"$((order++))" \
'diskpart.exe /s C:\Windows\SnfScripts\ExtendFilesystem'
fi
elif [ "$SNF_IMAGE_PROPERTY_OSFAMILY" = "windows-legacy" ]; then
# If using an old-style (XP / Server 2003) SYSPREP.INF answer file,
# ensure C:\SnfScripts\SetupComplete.cmd is executed via CmdLines.txt
# which must be installed in the InstalledfilesPath from SYSPREP.INF.
......
......@@ -17,48 +17,28 @@
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Description>Change User Passwords</Description>
<Order>1</Order>
<Path>C:\Windows\SnfScripts\ChangeAdminPassword.cmd</Path>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Description>Extend the filesystem</Description>
<Order>2</Order>
<Path>diskpart.exe /s C:\Windows\SnfScripts\ExtendFilesystem</Path>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Description>Enable Automatic Updates</Description>
<Order>3</Order>
<Order>1</Order>
<Path>cmd /C reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v AUOptions /t REG_DWORD /d 4 /f</Path>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Description>Supress local user account setup</Description>
<Order>4</Order>
<Order>2</Order>
<Path>cmd /C reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Setup\OOBE /v UnattendCreatedUser /t REG_DWORD /d 1 /f</Path>
</RunSynchronousCommand>
</RunSynchronous>
</component>
<component name="Microsoft-Windows-Deployment" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Description>Change User Passwords</Description>
<Order>1</Order>
<Path>C:\Windows\SnfScripts\ChangeAdminPassword.cmd</Path>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Description>Extend the filesystem</Description>
<Order>2</Order>
<Path>diskpart.exe /s C:\Windows\SnfScripts\ExtendFilesystem</Path>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Description>Enable Automatic Updates</Description>
<Order>3</Order>
<Order>1</Order>
<Path>cmd /C reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update" /v AUOptions /t REG_DWORD /d 4 /f</Path>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Description>Supress local user account setup</Description>
<Order>4</Order>
<Order>2</Order>
<Path>cmd /C reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Setup\OOBE /v UnattendCreatedUser /t REG_DWORD /d 1 /f</Path>
</RunSynchronousCommand>
</RunSynchronous>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment