fix encrypt uuids
This commit is contained in:
parent
076b08d270
commit
01dbb44974
@ -1,4 +1,4 @@
|
||||
pikainstall (1.0.3-100pika1) pikauwu; urgency=medium
|
||||
pikainstall (1.0.4-100pika1) pikauwu; urgency=medium
|
||||
|
||||
* Initial release.
|
||||
|
||||
|
@ -29,7 +29,7 @@ then
|
||||
echo "setting flag $3 to $4 on $2 ($PART_DEVICE)"
|
||||
parted $PART_BLOCK set $PART_DEVICE_NUM $3 $4
|
||||
fi
|
||||
elif [[ $1 == "encrypt" ]]
|
||||
elif [[ $1 == "encrypt-part" ]]
|
||||
then
|
||||
if blkid -o value -s TYPE $(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name') | grep -i luks > /dev/null 2>&1
|
||||
then
|
||||
@ -37,7 +37,15 @@ then
|
||||
else
|
||||
echo "luks_none"
|
||||
fi
|
||||
elif [[ $1 == "encrypt-uuid" ]]
|
||||
then
|
||||
if blkid -o value -s TYPE $(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name') | grep -i luks > /dev/null 2>&1
|
||||
then
|
||||
blkid "$(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name')" -s UUID -o value
|
||||
else
|
||||
echo "luks_none"
|
||||
fi
|
||||
else
|
||||
echo "invalid first args not in: part, block, uuid" && exit 1
|
||||
echo "invalid first args not in: part, block, uuid, encrypt-part, encrypt-uuid" && exit 1
|
||||
fi
|
||||
|
||||
|
@ -6,7 +6,7 @@ import subprocess
|
||||
import os
|
||||
|
||||
# Version
|
||||
version="1.0.3"
|
||||
version="1.0.4"
|
||||
dist="PikaOS 3"
|
||||
image="/cdrom/casper/filesystem.squashfs"
|
||||
|
||||
@ -60,15 +60,20 @@ print("\nParsed arguments: {}".format(args))
|
||||
## Root UUID
|
||||
root_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
root_uuid = root_uuid_command.stdout.readline().decode("utf-8").strip()
|
||||
## Root Encryption Device
|
||||
root_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
root_encrypt = root_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||
## Root Encryption Partition
|
||||
root_part_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-part'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
root_part_encrypt = root_part_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||
## Root Encryption UUID
|
||||
root_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
root_uuid_encrypt = root_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||
## Print Root info
|
||||
print("\nRoot UUID: {}".format(root_uuid))
|
||||
if root_encrypt == "luks_none":
|
||||
print("Root Encryption Device: Root is not encrypted!")
|
||||
if root_part_encrypt == "luks_none":
|
||||
print("Root Encryption Partition: Root is not encrypted!")
|
||||
print("Root Encryption UUID: Root is not encrypted!")
|
||||
else:
|
||||
print("Root Encryption Device: {}".format(root_encrypt))
|
||||
print("Root Encryption Partition: {}".format(root_part_encrypt))
|
||||
print("Root Encryption UUID: {}".format(root_uuid_encrypt))
|
||||
# Get Boot info
|
||||
## Boot UUID
|
||||
boot_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.boot, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
@ -86,16 +91,21 @@ if args.home is not None:
|
||||
## Home UUID
|
||||
home_uuid_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
home_uuid = home_uuid_command.stdout.readline().decode("utf-8").strip()
|
||||
## Encryption
|
||||
home_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
home_encrypt = home_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||
print("\nHome UUID: {}".format(home_uuid))
|
||||
if home_encrypt == "luks_none":
|
||||
print("Home Encryption Device: Home is not encrypted!")
|
||||
## Home Encryption Partition
|
||||
home_part_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-part'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
home_part_encrypt = home_part_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||
## Home Encryption UUID
|
||||
home_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||
home_uuid_encrypt = home_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||
print("\nHome UUID: {}".format(home_uuid))
|
||||
if home_part_encrypt == "luks_none":
|
||||
print("Home Encryption Partition: Home is not encrypted!")
|
||||
print("Home Encryption UUID: Home is not encrypted!")
|
||||
else:
|
||||
print("Home Encryption Device: {}".format(home_encrypt))
|
||||
print("Home Encryption Partition: {}".format(home_part_encrypt))
|
||||
print("Home Encryption UUID: {}".format(home_uuid_encrypt))
|
||||
## Ask user for Home luks partition password for the key-filing process
|
||||
print("\nPlease enter the LUKS password for the device" + home_encrypt + " :")
|
||||
print("\nPlease enter the LUKS password for the device" + home_part_encrypt + " :")
|
||||
home_passwd = input("Warning: Do not enter this incorrectly or late installation will fail! ")
|
||||
|
||||
|
||||
@ -135,27 +145,27 @@ subprocess.run(efi_flag_cmd)
|
||||
CHROOT_PATH = listToString(args.root)
|
||||
|
||||
# Write crypttab script if system has encryption
|
||||
if root_encrypt != "luks_none":
|
||||
if root_part_encrypt != "luks_none":
|
||||
CRYPTTAB_ROOT_FILE_PATH = '/var/albius-crypttab-root.sh'
|
||||
CHROOT_CRYPTTAB_ROOT_FILE_PATH = CHROOT_PATH+CRYPTTAB_ROOT_FILE_PATH
|
||||
print("writing to:")
|
||||
print(CHROOT_CRYPTTAB_ROOT_FILE_PATH)
|
||||
with open(CHROOT_CRYPTTAB_ROOT_FILE_PATH, "w") as file:
|
||||
albius_crypttab_root_file = _CRYPTTAB_ROOT_SETUP_FILE.format(
|
||||
ROOT_PART_UUID=root_uuid,
|
||||
ROOT_PART_UUID=root_uuid_encrypt,
|
||||
)
|
||||
file.write(albius_crypttab_root_file)
|
||||
|
||||
# Write crypttab script if system has encryption
|
||||
if args.home is not None:
|
||||
if home_encrypt != "luks_none":
|
||||
if home_part_encrypt != "luks_none":
|
||||
CRYPTTAB_FILE_PATH = '/var/albius-crypttab.sh'
|
||||
CHROOT_CRYPTTAB_FILE_PATH = CHROOT_PATH+CRYPTTAB_FILE_PATH
|
||||
print("writing to:")
|
||||
print(CHROOT_CRYPTTAB_FILE_PATH)
|
||||
with open(CHROOT_CRYPTTAB_FILE_PATH, "w") as file:
|
||||
albius_crypttab_file = _CRYPTTAB_SETUP_FILE.format(
|
||||
HOME_PART_UUID=home_uuid,
|
||||
HOME_PART_UUID=home_uuid_encrypt,
|
||||
LUKS_PASSWD=home_passwd,
|
||||
)
|
||||
file.write(albius_crypttab_file)
|
||||
|
Loading…
Reference in New Issue
Block a user