fix encrypt uuids

This commit is contained in:
Ward from fusion-voyager-3 2023-10-20 19:07:27 +03:00
parent 076b08d270
commit 01dbb44974
3 changed files with 40 additions and 22 deletions

View File

@ -1,4 +1,4 @@
pikainstall (1.0.3-100pika1) pikauwu; urgency=medium
pikainstall (1.0.4-100pika1) pikauwu; urgency=medium
* Initial release.

View File

@ -29,7 +29,7 @@ then
echo "setting flag $3 to $4 on $2 ($PART_DEVICE)"
parted $PART_BLOCK set $PART_DEVICE_NUM $3 $4
fi
elif [[ $1 == "encrypt" ]]
elif [[ $1 == "encrypt-part" ]]
then
if blkid -o value -s TYPE $(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name') | grep -i luks > /dev/null 2>&1
then
@ -37,7 +37,15 @@ then
else
echo "luks_none"
fi
elif [[ $1 == "encrypt-uuid" ]]
then
if blkid -o value -s TYPE $(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name') | grep -i luks > /dev/null 2>&1
then
blkid "$(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name')" -s UUID -o value
else
echo "luks_none"
fi
else
echo "invalid first args not in: part, block, uuid" && exit 1
echo "invalid first args not in: part, block, uuid, encrypt-part, encrypt-uuid" && exit 1
fi

View File

@ -6,7 +6,7 @@ import subprocess
import os
# Version
version="1.0.3"
version="1.0.4"
dist="PikaOS 3"
image="/cdrom/casper/filesystem.squashfs"
@ -60,15 +60,20 @@ print("\nParsed arguments: {}".format(args))
## Root UUID
root_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
root_uuid = root_uuid_command.stdout.readline().decode("utf-8").strip()
## Root Encryption Device
root_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
root_encrypt = root_encrypt_command.stdout.readline().decode("utf-8").strip()
## Root Encryption Partition
root_part_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-part'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
root_part_encrypt = root_part_encrypt_command.stdout.readline().decode("utf-8").strip()
## Root Encryption UUID
root_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
root_uuid_encrypt = root_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
## Print Root info
print("\nRoot UUID: {}".format(root_uuid))
if root_encrypt == "luks_none":
print("Root Encryption Device: Root is not encrypted!")
if root_part_encrypt == "luks_none":
print("Root Encryption Partition: Root is not encrypted!")
print("Root Encryption UUID: Root is not encrypted!")
else:
print("Root Encryption Device: {}".format(root_encrypt))
print("Root Encryption Partition: {}".format(root_part_encrypt))
print("Root Encryption UUID: {}".format(root_uuid_encrypt))
# Get Boot info
## Boot UUID
boot_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.boot, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
@ -86,16 +91,21 @@ if args.home is not None:
## Home UUID
home_uuid_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
home_uuid = home_uuid_command.stdout.readline().decode("utf-8").strip()
## Encryption
home_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
home_encrypt = home_encrypt_command.stdout.readline().decode("utf-8").strip()
print("\nHome UUID: {}".format(home_uuid))
if home_encrypt == "luks_none":
print("Home Encryption Device: Home is not encrypted!")
## Home Encryption Partition
home_part_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-part'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
home_part_encrypt = home_part_encrypt_command.stdout.readline().decode("utf-8").strip()
## Home Encryption UUID
home_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
home_uuid_encrypt = home_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
print("\nHome UUID: {}".format(home_uuid))
if home_part_encrypt == "luks_none":
print("Home Encryption Partition: Home is not encrypted!")
print("Home Encryption UUID: Home is not encrypted!")
else:
print("Home Encryption Device: {}".format(home_encrypt))
print("Home Encryption Partition: {}".format(home_part_encrypt))
print("Home Encryption UUID: {}".format(home_uuid_encrypt))
## Ask user for Home luks partition password for the key-filing process
print("\nPlease enter the LUKS password for the device" + home_encrypt + " :")
print("\nPlease enter the LUKS password for the device" + home_part_encrypt + " :")
home_passwd = input("Warning: Do not enter this incorrectly or late installation will fail! ")
@ -135,27 +145,27 @@ subprocess.run(efi_flag_cmd)
CHROOT_PATH = listToString(args.root)
# Write crypttab script if system has encryption
if root_encrypt != "luks_none":
if root_part_encrypt != "luks_none":
CRYPTTAB_ROOT_FILE_PATH = '/var/albius-crypttab-root.sh'
CHROOT_CRYPTTAB_ROOT_FILE_PATH = CHROOT_PATH+CRYPTTAB_ROOT_FILE_PATH
print("writing to:")
print(CHROOT_CRYPTTAB_ROOT_FILE_PATH)
with open(CHROOT_CRYPTTAB_ROOT_FILE_PATH, "w") as file:
albius_crypttab_root_file = _CRYPTTAB_ROOT_SETUP_FILE.format(
ROOT_PART_UUID=root_uuid,
ROOT_PART_UUID=root_uuid_encrypt,
)
file.write(albius_crypttab_root_file)
# Write crypttab script if system has encryption
if args.home is not None:
if home_encrypt != "luks_none":
if home_part_encrypt != "luks_none":
CRYPTTAB_FILE_PATH = '/var/albius-crypttab.sh'
CHROOT_CRYPTTAB_FILE_PATH = CHROOT_PATH+CRYPTTAB_FILE_PATH
print("writing to:")
print(CHROOT_CRYPTTAB_FILE_PATH)
with open(CHROOT_CRYPTTAB_FILE_PATH, "w") as file:
albius_crypttab_file = _CRYPTTAB_SETUP_FILE.format(
HOME_PART_UUID=home_uuid,
HOME_PART_UUID=home_uuid_encrypt,
LUKS_PASSWD=home_passwd,
)
file.write(albius_crypttab_file)