fix encrypt uuids
This commit is contained in:
Ward from fusion-voyager-3
parent
076b08d270
commit
01dbb44974
@ -1,4 +1,4 @@
|
|||||||
pikainstall (1.0.3-100pika1) pikauwu; urgency=medium
|
pikainstall (1.0.4-100pika1) pikauwu; urgency=medium
|
||||||
|
|
||||||
* Initial release.
|
* Initial release.
|
||||||
|
|
||||||
|
|||||||
@ -29,7 +29,7 @@ then
|
|||||||
echo "setting flag $3 to $4 on $2 ($PART_DEVICE)"
|
echo "setting flag $3 to $4 on $2 ($PART_DEVICE)"
|
||||||
parted $PART_BLOCK set $PART_DEVICE_NUM $3 $4
|
parted $PART_BLOCK set $PART_DEVICE_NUM $3 $4
|
||||||
fi
|
fi
|
||||||
elif [[ $1 == "encrypt" ]]
|
elif [[ $1 == "encrypt-part" ]]
|
||||||
then
|
then
|
||||||
if blkid -o value -s TYPE $(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name') | grep -i luks > /dev/null 2>&1
|
if blkid -o value -s TYPE $(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name') | grep -i luks > /dev/null 2>&1
|
||||||
then
|
then
|
||||||
@ -37,7 +37,15 @@ then
|
|||||||
else
|
else
|
||||||
echo "luks_none"
|
echo "luks_none"
|
||||||
fi
|
fi
|
||||||
|
elif [[ $1 == "encrypt-uuid" ]]
|
||||||
|
then
|
||||||
|
if blkid -o value -s TYPE $(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name') | grep -i luks > /dev/null 2>&1
|
||||||
|
then
|
||||||
|
blkid "$(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name')" -s UUID -o value
|
||||||
|
else
|
||||||
|
echo "luks_none"
|
||||||
|
fi
|
||||||
else
|
else
|
||||||
echo "invalid first args not in: part, block, uuid" && exit 1
|
echo "invalid first args not in: part, block, uuid, encrypt-part, encrypt-uuid" && exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|||||||
@ -6,7 +6,7 @@ import subprocess
|
|||||||
import os
|
import os
|
||||||
|
|
||||||
# Version
|
# Version
|
||||||
version="1.0.3"
|
version="1.0.4"
|
||||||
dist="PikaOS 3"
|
dist="PikaOS 3"
|
||||||
image="/cdrom/casper/filesystem.squashfs"
|
image="/cdrom/casper/filesystem.squashfs"
|
||||||
|
|
||||||
@ -60,15 +60,20 @@ print("\nParsed arguments: {}".format(args))
|
|||||||
## Root UUID
|
## Root UUID
|
||||||
root_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
root_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
root_uuid = root_uuid_command.stdout.readline().decode("utf-8").strip()
|
root_uuid = root_uuid_command.stdout.readline().decode("utf-8").strip()
|
||||||
## Root Encryption Device
|
## Root Encryption Partition
|
||||||
root_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
root_part_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-part'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
root_encrypt = root_encrypt_command.stdout.readline().decode("utf-8").strip()
|
root_part_encrypt = root_part_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||||
|
## Root Encryption UUID
|
||||||
|
root_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid'] + args.root, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
|
root_uuid_encrypt = root_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||||
## Print Root info
|
## Print Root info
|
||||||
print("\nRoot UUID: {}".format(root_uuid))
|
print("\nRoot UUID: {}".format(root_uuid))
|
||||||
if root_encrypt == "luks_none":
|
if root_part_encrypt == "luks_none":
|
||||||
print("Root Encryption Device: Root is not encrypted!")
|
print("Root Encryption Partition: Root is not encrypted!")
|
||||||
|
print("Root Encryption UUID: Root is not encrypted!")
|
||||||
else:
|
else:
|
||||||
print("Root Encryption Device: {}".format(root_encrypt))
|
print("Root Encryption Partition: {}".format(root_part_encrypt))
|
||||||
|
print("Root Encryption UUID: {}".format(root_uuid_encrypt))
|
||||||
# Get Boot info
|
# Get Boot info
|
||||||
## Boot UUID
|
## Boot UUID
|
||||||
boot_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.boot, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
boot_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.boot, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
@ -86,16 +91,21 @@ if args.home is not None:
|
|||||||
## Home UUID
|
## Home UUID
|
||||||
home_uuid_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
home_uuid_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
home_uuid = home_uuid_command.stdout.readline().decode("utf-8").strip()
|
home_uuid = home_uuid_command.stdout.readline().decode("utf-8").strip()
|
||||||
## Encryption
|
## Home Encryption Partition
|
||||||
home_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
home_part_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-part'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
home_encrypt = home_encrypt_command.stdout.readline().decode("utf-8").strip()
|
home_part_encrypt = home_part_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||||
print("\nHome UUID: {}".format(home_uuid))
|
## Home Encryption UUID
|
||||||
if home_encrypt == "luks_none":
|
home_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid'] + args.home, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
print("Home Encryption Device: Home is not encrypted!")
|
home_uuid_encrypt = home_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||||
|
print("\nHome UUID: {}".format(home_uuid))
|
||||||
|
if home_part_encrypt == "luks_none":
|
||||||
|
print("Home Encryption Partition: Home is not encrypted!")
|
||||||
|
print("Home Encryption UUID: Home is not encrypted!")
|
||||||
else:
|
else:
|
||||||
print("Home Encryption Device: {}".format(home_encrypt))
|
print("Home Encryption Partition: {}".format(home_part_encrypt))
|
||||||
|
print("Home Encryption UUID: {}".format(home_uuid_encrypt))
|
||||||
## Ask user for Home luks partition password for the key-filing process
|
## Ask user for Home luks partition password for the key-filing process
|
||||||
print("\nPlease enter the LUKS password for the device" + home_encrypt + " :")
|
print("\nPlease enter the LUKS password for the device" + home_part_encrypt + " :")
|
||||||
home_passwd = input("Warning: Do not enter this incorrectly or late installation will fail! ")
|
home_passwd = input("Warning: Do not enter this incorrectly or late installation will fail! ")
|
||||||
|
|
||||||
|
|
||||||
@ -135,27 +145,27 @@ subprocess.run(efi_flag_cmd)
|
|||||||
CHROOT_PATH = listToString(args.root)
|
CHROOT_PATH = listToString(args.root)
|
||||||
|
|
||||||
# Write crypttab script if system has encryption
|
# Write crypttab script if system has encryption
|
||||||
if root_encrypt != "luks_none":
|
if root_part_encrypt != "luks_none":
|
||||||
CRYPTTAB_ROOT_FILE_PATH = '/var/albius-crypttab-root.sh'
|
CRYPTTAB_ROOT_FILE_PATH = '/var/albius-crypttab-root.sh'
|
||||||
CHROOT_CRYPTTAB_ROOT_FILE_PATH = CHROOT_PATH+CRYPTTAB_ROOT_FILE_PATH
|
CHROOT_CRYPTTAB_ROOT_FILE_PATH = CHROOT_PATH+CRYPTTAB_ROOT_FILE_PATH
|
||||||
print("writing to:")
|
print("writing to:")
|
||||||
print(CHROOT_CRYPTTAB_ROOT_FILE_PATH)
|
print(CHROOT_CRYPTTAB_ROOT_FILE_PATH)
|
||||||
with open(CHROOT_CRYPTTAB_ROOT_FILE_PATH, "w") as file:
|
with open(CHROOT_CRYPTTAB_ROOT_FILE_PATH, "w") as file:
|
||||||
albius_crypttab_root_file = _CRYPTTAB_ROOT_SETUP_FILE.format(
|
albius_crypttab_root_file = _CRYPTTAB_ROOT_SETUP_FILE.format(
|
||||||
ROOT_PART_UUID=root_uuid,
|
ROOT_PART_UUID=root_uuid_encrypt,
|
||||||
)
|
)
|
||||||
file.write(albius_crypttab_root_file)
|
file.write(albius_crypttab_root_file)
|
||||||
|
|
||||||
# Write crypttab script if system has encryption
|
# Write crypttab script if system has encryption
|
||||||
if args.home is not None:
|
if args.home is not None:
|
||||||
if home_encrypt != "luks_none":
|
if home_part_encrypt != "luks_none":
|
||||||
CRYPTTAB_FILE_PATH = '/var/albius-crypttab.sh'
|
CRYPTTAB_FILE_PATH = '/var/albius-crypttab.sh'
|
||||||
CHROOT_CRYPTTAB_FILE_PATH = CHROOT_PATH+CRYPTTAB_FILE_PATH
|
CHROOT_CRYPTTAB_FILE_PATH = CHROOT_PATH+CRYPTTAB_FILE_PATH
|
||||||
print("writing to:")
|
print("writing to:")
|
||||||
print(CHROOT_CRYPTTAB_FILE_PATH)
|
print(CHROOT_CRYPTTAB_FILE_PATH)
|
||||||
with open(CHROOT_CRYPTTAB_FILE_PATH, "w") as file:
|
with open(CHROOT_CRYPTTAB_FILE_PATH, "w") as file:
|
||||||
albius_crypttab_file = _CRYPTTAB_SETUP_FILE.format(
|
albius_crypttab_file = _CRYPTTAB_SETUP_FILE.format(
|
||||||
HOME_PART_UUID=home_uuid,
|
HOME_PART_UUID=home_uuid_encrypt,
|
||||||
LUKS_PASSWD=home_passwd,
|
LUKS_PASSWD=home_passwd,
|
||||||
)
|
)
|
||||||
file.write(albius_crypttab_file)
|
file.write(albius_crypttab_file)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user