add /etc/shells to initramfs in order to allow login

[fabpiaf]

Fixes #84

It is a dropbear specific problem, so despite my former comment, it should be fixed here.

Problem is here:
https://github.com/mkj/dropbear/blob/bd12a8611b3c838f1ed1d1c2cbaff2da1072a315/src/svr-auth.c#L332
i.e.
The /etc/passwd shell is checked against /etc/shells - but /etc/shells does not exist in the initramfs

before:

lsinitrd /boot/efi/boot/bootx64.efi --file etc/shells
objcopy: /dev/null: file truncated

after:

lsinitrd /boot/efi/boot/bootx64.efi --file etc/shells
objcopy: /dev/null: file truncated
/bin/bash
/bin/sh

The commit just finds all /bin/*sh and adds them to the /etc/shells.
The passwd does not contain the root account at that point - this will be added by 60systemd-sysusers/module-setup.sh
So, if systemd changes the shell or another shell is used but not available at that point, it might lead to errors.

[ahesford]

Also, I reject the assertion that this is a dropbear-specific problem. Any number of tools that you might want to put in an initramfs that allow user authentication may wish to validate the shell specified for a user of interest.

[fabpiaf]

Might be, but this tool does not work only because of this dropbear code.

[ahesford]

We don't fix other modules here. If another module is creating the root user, it should ensure the root user has a valid interactive shell.

Copying the host shell list is an acceptable solution because it exactly duplicates user intent in the early boot environment. Any other approach to populating the list is a cheap kludge that is not appropriate.

[fabpiaf]

Copying the host shell list is an acceptable solution because it exactly duplicates user intent in the early boot environment.

That's plainly wrong. Otherwise hostonly=no would not make sense.

This module is unusable, you know that and you did not provide a solution.