Some updates

This commit is contained in:
Ward Nakchbandi (Cosmic Fusion) 2024-01-26 17:18:55 +03:00 committed by GitHub
parent 86e785a28d
commit 132f9ff3c8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 32 additions and 10 deletions

View File

@ -1,4 +1,4 @@
pikainstall (1.1.4-100pika2) pikauwu; urgency=medium pikainstall (1.1.5-100pika1) pikauwu; urgency=medium
* Initial release. * Initial release.

View File

@ -46,6 +46,15 @@ then
echo "luks_none" echo "luks_none"
fi fi
else else
echo "invalid first args not in: part, block, uuid, encrypt-part, encrypt-uuid" && exit 1 elif [[ $1 == "encrypt-name" ]]
then
if blkid -o value -s TYPE $(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name') | grep -i luks > /dev/null 2>&1
then
df -P -h -T "$2" | awk 'END{print $1}' | awk -F '/dev/mapper/' '{print $2}'
else
echo "luks_none"
fi
else
echo "invalid first args not in: part, block, uuid, encrypt-part, encrypt-uuid, encrypt-name" && exit 1
fi fi

View File

@ -32,7 +32,7 @@ apt install -y /var/cache/apt/archives/pika-refind-theme*.deb /var/cache/apt/arc
mkdir -p /boot/efi/EFI/BOOT mkdir -p /boot/efi/EFI/BOOT
cp -vf /boot/efi/EFI/refind/refind_x64.efi /boot/efi/EFI/BOOT/BOOTX64.EFI cp -vf /boot/efi/EFI/refind/refind_x64.efi /boot/efi/EFI/BOOT/BOOTX64.EFI
# Remove installer from installed system # Remove installer from installed system
apt remove casper vanilla-installer -y || true apt remove casper pika-installer-gtk4 -y || true
apt autoremove -y || true apt autoremove -y || true
# Create first setup user # Create first setup user
useradd -m -k -U pikaos || true useradd -m -k -U pikaos || true

View File

@ -6,7 +6,7 @@ import subprocess
import os import os
# Version # Version
version="1.1.4" version="1.1.5"
dist="PikaOS 3" dist="PikaOS 3"
image="/cdrom/casper/filesystem.squashfs" image="/cdrom/casper/filesystem.squashfs"
@ -23,18 +23,18 @@ echo '"'Boot with safe graphics'"' '"'amd_pstate=active nowatchdog amd_prefcore
_REFIND_CRYPT_SETUP_FILE = """#!/usr/bin/bash _REFIND_CRYPT_SETUP_FILE = """#!/usr/bin/bash
touch /boot/refind_linux.conf touch /boot/refind_linux.conf
echo '"'Boot with standard options'"' '"'rd.luks.name={ROOT_CRYPT_UUID}=crypt_root amd_pstate=active nowatchdog amd_prefcore=enable nvidia-drm.modeset=1 root=/dev/mapper/crypt_root quiet splash ---'"' > /boot/refind_linux.conf echo '"'Boot with standard options'"' '"'rd.luks.name={ROOT_CRYPT_UUID}={ROOT_ENCRYPT_NAME} amd_pstate=active nowatchdog amd_prefcore=enable nvidia-drm.modeset=1 root=/dev/mapper/{ROOT_ENCRYPT_NAME} quiet splash ---'"' > /boot/refind_linux.conf
echo '"'Boot with logging'"' '"'rd.luks.name={ROOT_CRYPT_UUID}=crypt_root amd_pstate=active nowatchdog amd_prefcore=enable nvidia-drm.modeset=1 root=/dev/mapper/crypt_root ---'"' >> /boot/refind_linux.conf echo '"'Boot with logging'"' '"'rd.luks.name={ROOT_CRYPT_UUID}={ROOT_ENCRYPT_NAME} amd_pstate=active nowatchdog amd_prefcore=enable nvidia-drm.modeset=1 root=/dev/mapper/{ROOT_ENCRYPT_NAME} ---'"' >> /boot/refind_linux.conf
echo '"'Boot with safe graphics'"' '"'rd.luks.name={ROOT_CRYPT_UUID}=crypt_root amd_pstate=active nowatchdog amd_prefcore=enable root=/dev/mapper/crypt_root nomodeset ---'"' >> /boot/refind_linux.conf echo '"'Boot with safe graphics'"' '"'rd.luks.name={ROOT_CRYPT_UUID}={ROOT_ENCRYPT_NAME} amd_pstate=active nowatchdog amd_prefcore=enable root=/dev/mapper/{ROOT_ENCRYPT_NAME} nomodeset ---'"' >> /boot/refind_linux.conf
""" """
_CRYPTTAB_ROOT_SETUP_FILE = """#!/usr/bin/bash _CRYPTTAB_ROOT_SETUP_FILE = """#!/usr/bin/bash
echo "crypt_root UUID={ROOT_PART_UUID} none luks,discard" > /etc/crypttab echo "{ROOT_ENCRYPT_NAME} UUID={ROOT_PART_UUID} none luks,discard" > /etc/crypttab
cat /etc/crypttab cat /etc/crypttab
""" """
_CRYPTTAB_SETUP_FILE = """#!/usr/bin/bash _CRYPTTAB_SETUP_FILE = """#!/usr/bin/bash
echo "crypt_home UUID={HOME_PART_UUID} /keyfile.txt luks" >> /etc/crypttab echo "{HOME_ENCRYPT_NAME} UUID={HOME_PART_UUID} /keyfile.txt luks" >> /etc/crypttab
cat /etc/crypttab cat /etc/crypttab
touch /keyfile.txt touch /keyfile.txt
openssl genrsa > /keyfile.txt openssl genrsa > /keyfile.txt
@ -51,7 +51,7 @@ echo 'XKBOPTIONS=""' >> /etc/default/keyboard
echo 'BACKSPACE="guess"' >> /etc/default/keyboard echo 'BACKSPACE="guess"' >> /etc/default/keyboard
echo 'KEYMAP={KEYBOARD}' >> /etc/default/keyboard echo 'KEYMAP={KEYBOARD}' >> /etc/default/keyboard
cp -fv /etc/default/keyboard /etc/vconsole.conf cp -fv /etc/default/keyboard /etc/vconsole.conf
echo LC_ALL={LOCALE} >> /etc/environment localectl set-locale LANG={LOCALE}
timedatectl set-timezone {TIMEZONE} timedatectl set-timezone {TIMEZONE}
""" """
@ -89,14 +89,19 @@ root_part_encrypt = root_part_encrypt_command.stdout.readline().decode("utf-8").
## Root Encryption UUID ## Root Encryption UUID
root_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid', CHROOT_PATH], stdout=subprocess.PIPE, stderr=subprocess.PIPE) root_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid', CHROOT_PATH], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
root_uuid_encrypt = root_uuid_encrypt_command.stdout.readline().decode("utf-8").strip() root_uuid_encrypt = root_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
# Root Encryption Mapped Device
root_name_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-name', CHROOT_PATH], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
root_name_encrypt = root_name_encrypt_command.stdout.readline().decode("utf-8").strip()
## Print Root info ## Print Root info
print("\nRoot UUID: {}".format(root_uuid)) print("\nRoot UUID: {}".format(root_uuid))
if root_part_encrypt == "luks_none": if root_part_encrypt == "luks_none":
print("Root Encryption Partition: Root is not encrypted!") print("Root Encryption Partition: Root is not encrypted!")
print("Root Encryption UUID: Root is not encrypted!") print("Root Encryption UUID: Root is not encrypted!")
print("Root Encryption Mapped Device Name: Root is not encrypted!")
else: else:
print("Root Encryption Partition: {}".format(root_part_encrypt)) print("Root Encryption Partition: {}".format(root_part_encrypt))
print("Root Encryption UUID: {}".format(root_uuid_encrypt)) print("Root Encryption UUID: {}".format(root_uuid_encrypt))
print("Root Encryption Mapped Device Name: {}".format(root_name_encrypt))
# Get Boot info # Get Boot info
## Boot UUID ## Boot UUID
boot_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid', CHROOT_PATH + "/boot"] , stdout=subprocess.PIPE, stderr=subprocess.PIPE) boot_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid', CHROOT_PATH + "/boot"] , stdout=subprocess.PIPE, stderr=subprocess.PIPE)
@ -122,13 +127,18 @@ if root_uuid != home_uuid:
## Home Encryption UUID ## Home Encryption UUID
home_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid', CHROOT_PATH + "/home"], stdout=subprocess.PIPE, stderr=subprocess.PIPE) home_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid', CHROOT_PATH + "/home"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
home_uuid_encrypt = home_uuid_encrypt_command.stdout.readline().decode("utf-8").strip() home_uuid_encrypt = home_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
# Root Encryption Mapped Device
home_name_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-name', CHROOT_PATH + "/home"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
home_name_encrypt = home_name_encrypt_command.stdout.readline().decode("utf-8").strip()
print("\nHome UUID: {}".format(home_uuid)) print("\nHome UUID: {}".format(home_uuid))
if home_part_encrypt == "luks_none": if home_part_encrypt == "luks_none":
print("Home Encryption Partition: Home is not encrypted!") print("Home Encryption Partition: Home is not encrypted!")
print("Home Encryption UUID: Home is not encrypted!") print("Home Encryption UUID: Home is not encrypted!")
print("Home Encryption Mapped Device Name: Home is not encrypted!")
else: else:
print("Home Encryption Partition: {}".format(home_part_encrypt)) print("Home Encryption Partition: {}".format(home_part_encrypt))
print("Home Encryption UUID: {}".format(home_uuid_encrypt)) print("Home Encryption UUID: {}".format(home_uuid_encrypt))
print("Home Encryption Mapped Device Name: {}".format(home_name_encrypt))
if args.cryptkey is not None: if args.cryptkey is not None:
home_passwd = args.cryptkey home_passwd = args.cryptkey
else: else:
@ -188,6 +198,7 @@ if root_part_encrypt != "luks_none":
with open(CHROOT_CRYPTTAB_ROOT_FILE_PATH, "w") as file: with open(CHROOT_CRYPTTAB_ROOT_FILE_PATH, "w") as file:
albius_crypttab_root_file = _CRYPTTAB_ROOT_SETUP_FILE.format( albius_crypttab_root_file = _CRYPTTAB_ROOT_SETUP_FILE.format(
ROOT_PART_UUID=root_uuid_encrypt, ROOT_PART_UUID=root_uuid_encrypt,
ROOT_ENCRYPT_NAME=root_name_encrypt,
) )
file.write(albius_crypttab_root_file) file.write(albius_crypttab_root_file)
@ -202,6 +213,7 @@ if root_uuid != home_uuid:
with open(CHROOT_CRYPTTAB_FILE_PATH, "w") as file: with open(CHROOT_CRYPTTAB_FILE_PATH, "w") as file:
albius_crypttab_file = _CRYPTTAB_SETUP_FILE.format( albius_crypttab_file = _CRYPTTAB_SETUP_FILE.format(
HOME_PART_UUID=home_uuid_encrypt, HOME_PART_UUID=home_uuid_encrypt,
ROOT_ENCRYPT_NAME=home_name_encrypt,
LUKS_PASSWD=home_passwd, LUKS_PASSWD=home_passwd,
) )
file.write(albius_crypttab_file) file.write(albius_crypttab_file)
@ -243,6 +255,7 @@ else:
with open(CHROOT_REFIND_FILE_PATH, "w") as file: with open(CHROOT_REFIND_FILE_PATH, "w") as file:
refind_crypttab_file = _REFIND_CRYPT_SETUP_FILE.format( refind_crypttab_file = _REFIND_CRYPT_SETUP_FILE.format(
ROOT_CRYPT_UUID=root_uuid_encrypt, ROOT_CRYPT_UUID=root_uuid_encrypt,
ROOT_ENCRYPT_NAME=root_name_encrypt,
) )
file.write(refind_crypttab_file) file.write(refind_crypttab_file)