fix encrypt uuids

2023-10-20 19:07:27 +03:00 · 2023-10-20 19:07:27 +03:00 · 01dbb44974
commit 01dbb44974
parent 076b08d270
3 changed files with 40 additions and 22 deletions
--- a/pikainstall/debian/changelog
+++ b/pikainstall/debian/changelog
@ -1,4 +1,4 @@
-pikainstall (1.0.3-100pika1) pikauwu; urgency=medium
+pikainstall (1.0.4-100pika1) pikauwu; urgency=medium

  * Initial release.

--- a/pikainstall/usr/lib/pika/pikainstall/partition-helper.sh
+++ b/pikainstall/usr/lib/pika/pikainstall/partition-helper.sh
@ -29,7 +29,7 @@ then
 		echo "setting flag $3 to $4 on $2 ($PART_DEVICE)"
 		parted $PART_BLOCK set $PART_DEVICE_NUM $3 $4
 	fi
-elif [[ $1 == "encrypt" ]]
+elif [[ $1 == "encrypt-part" ]]
 then
 	if blkid -o value -s TYPE $(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name') | grep -i luks > /dev/null 2>&1
 	then
@ -37,7 +37,15 @@ then
 	else
 		echo "luks_none"
 	fi
+elif [[ $1 == "encrypt-uuid" ]]
+then
+	if blkid -o value -s TYPE $(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name') | grep -i luks > /dev/null 2>&1
+	then
+		blkid "$(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name')" -s UUID -o value
+	else
+		echo "luks_none"
+	fi
 else
-	echo "invalid first args not in: part, block, uuid" && exit 1
+	echo "invalid first args not in: part, block, uuid, encrypt-part, encrypt-uuid" && exit 1
 fi

--- a/pikainstall/usr/lib/pika/pikainstall/pikainstall
+++ b/pikainstall/usr/lib/pika/pikainstall/pikainstall
@ -6,7 +6,7 @@ import subprocess
 import os

 # Version
-version="1.0.3"
+version="1.0.4"
 dist="PikaOS 3"
 image="/cdrom/casper/filesystem.squashfs"

@ -60,15 +60,20 @@ print("\nParsed arguments: {}".format(args))
 ## Root UUID
 root_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
 root_uuid = root_uuid_command.stdout.readline().decode("utf-8").strip()
-## Root Encryption Device
-root_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-root_encrypt = root_encrypt_command.stdout.readline().decode("utf-8").strip()
+## Root Encryption Partition
+root_part_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-part'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+root_part_encrypt = root_part_encrypt_command.stdout.readline().decode("utf-8").strip()
+## Root Encryption UUID
+root_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+root_uuid_encrypt = root_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
 ## Print Root info
 print("\nRoot UUID: {}".format(root_uuid))  
-if root_encrypt == "luks_none":
-    print("Root Encryption Device: Root is not encrypted!") 
+if root_part_encrypt == "luks_none":
+    print("Root Encryption Partition: Root is not encrypted!") 
+    print("Root Encryption UUID: Root is not encrypted!") 
 else:
-    print("Root Encryption Device: {}".format(root_encrypt))  
+    print("Root Encryption Partition: {}".format(root_part_encrypt))
+    print("Root Encryption UUID: {}".format(root_uuid_encrypt))
 # Get Boot info
 ## Boot UUID
 boot_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.boot, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
@ -86,16 +91,21 @@ if args.home is not None:
    ## Home UUID
    home_uuid_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
    home_uuid = home_uuid_command.stdout.readline().decode("utf-8").strip()
-    ## Encryption
-    home_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
-    home_encrypt = home_encrypt_command.stdout.readline().decode("utf-8").strip()
-    print("\nHome UUID: {}".format(home_uuid))  
-    if home_encrypt == "luks_none":
-        print("Home Encryption Device: Home is not encrypted!") 
+    ## Home Encryption Partition
+    home_part_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-part'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    home_part_encrypt = home_part_encrypt_command.stdout.readline().decode("utf-8").strip()
+    ## Home Encryption UUID
+    home_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    home_uuid_encrypt = home_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
+    print("\nHome UUID: {}".format(home_uuid))
+    if home_part_encrypt == "luks_none":
+        print("Home Encryption Partition: Home is not encrypted!")
+        print("Home Encryption UUID: Home is not encrypted!") 
    else:
-        print("Home Encryption Device: {}".format(home_encrypt))
+        print("Home Encryption Partition: {}".format(home_part_encrypt))
+        print("Home Encryption UUID: {}".format(home_uuid_encrypt))
        ## Ask user for Home luks partition password for the key-filing process
-        print("\nPlease enter the LUKS password for the device" + home_encrypt + " :")
+        print("\nPlease enter the LUKS password for the device" + home_part_encrypt + " :")
        home_passwd = input("Warning: Do not enter this incorrectly or late installation will fail! ")
    
    
@ -135,27 +145,27 @@ subprocess.run(efi_flag_cmd)
 CHROOT_PATH = listToString(args.root)

 # Write crypttab script if system has encryption
-if root_encrypt != "luks_none":
+if root_part_encrypt != "luks_none":
    CRYPTTAB_ROOT_FILE_PATH = '/var/albius-crypttab-root.sh'
    CHROOT_CRYPTTAB_ROOT_FILE_PATH = CHROOT_PATH+CRYPTTAB_ROOT_FILE_PATH
    print("writing to:")
    print(CHROOT_CRYPTTAB_ROOT_FILE_PATH)
    with open(CHROOT_CRYPTTAB_ROOT_FILE_PATH, "w") as file:
        albius_crypttab_root_file = _CRYPTTAB_ROOT_SETUP_FILE.format(
-            ROOT_PART_UUID=root_uuid,
+            ROOT_PART_UUID=root_uuid_encrypt,
        )
        file.write(albius_crypttab_root_file)

 # Write crypttab script if system has encryption
 if args.home is not None:
-    if home_encrypt != "luks_none":
+    if home_part_encrypt != "luks_none":
        CRYPTTAB_FILE_PATH = '/var/albius-crypttab.sh'
        CHROOT_CRYPTTAB_FILE_PATH = CHROOT_PATH+CRYPTTAB_FILE_PATH
        print("writing to:")
        print(CHROOT_CRYPTTAB_FILE_PATH)
        with open(CHROOT_CRYPTTAB_FILE_PATH, "w") as file:
            albius_crypttab_file = _CRYPTTAB_SETUP_FILE.format(
-                HOME_PART_UUID=home_uuid,
+                HOME_PART_UUID=home_uuid_encrypt,
                LUKS_PASSWD=home_passwd,
            )
            file.write(albius_crypttab_file)