Some updates
This commit is contained in:
parent
86e785a28d
commit
132f9ff3c8
@ -1,4 +1,4 @@
|
|||||||
pikainstall (1.1.4-100pika2) pikauwu; urgency=medium
|
pikainstall (1.1.5-100pika1) pikauwu; urgency=medium
|
||||||
|
|
||||||
* Initial release.
|
* Initial release.
|
||||||
|
|
||||||
|
@ -46,6 +46,15 @@ then
|
|||||||
echo "luks_none"
|
echo "luks_none"
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
echo "invalid first args not in: part, block, uuid, encrypt-part, encrypt-uuid" && exit 1
|
elif [[ $1 == "encrypt-name" ]]
|
||||||
|
then
|
||||||
|
if blkid -o value -s TYPE $(lsblk -sJp | jq -r --arg dsk "$(df -P -h -T "$2" | awk 'END{print $1}')" '.blockdevices | .[] | select(.name == $dsk) | .children | .[0] | .name') | grep -i luks > /dev/null 2>&1
|
||||||
|
then
|
||||||
|
df -P -h -T "$2" | awk 'END{print $1}' | awk -F '/dev/mapper/' '{print $2}'
|
||||||
|
else
|
||||||
|
echo "luks_none"
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo "invalid first args not in: part, block, uuid, encrypt-part, encrypt-uuid, encrypt-name" && exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -32,7 +32,7 @@ apt install -y /var/cache/apt/archives/pika-refind-theme*.deb /var/cache/apt/arc
|
|||||||
mkdir -p /boot/efi/EFI/BOOT
|
mkdir -p /boot/efi/EFI/BOOT
|
||||||
cp -vf /boot/efi/EFI/refind/refind_x64.efi /boot/efi/EFI/BOOT/BOOTX64.EFI
|
cp -vf /boot/efi/EFI/refind/refind_x64.efi /boot/efi/EFI/BOOT/BOOTX64.EFI
|
||||||
# Remove installer from installed system
|
# Remove installer from installed system
|
||||||
apt remove casper vanilla-installer -y || true
|
apt remove casper pika-installer-gtk4 -y || true
|
||||||
apt autoremove -y || true
|
apt autoremove -y || true
|
||||||
# Create first setup user
|
# Create first setup user
|
||||||
useradd -m -k -U pikaos || true
|
useradd -m -k -U pikaos || true
|
||||||
|
@ -6,7 +6,7 @@ import subprocess
|
|||||||
import os
|
import os
|
||||||
|
|
||||||
# Version
|
# Version
|
||||||
version="1.1.4"
|
version="1.1.5"
|
||||||
dist="PikaOS 3"
|
dist="PikaOS 3"
|
||||||
image="/cdrom/casper/filesystem.squashfs"
|
image="/cdrom/casper/filesystem.squashfs"
|
||||||
|
|
||||||
@ -23,18 +23,18 @@ echo '"'Boot with safe graphics'"' '"'amd_pstate=active nowatchdog amd_prefcore
|
|||||||
|
|
||||||
_REFIND_CRYPT_SETUP_FILE = """#!/usr/bin/bash
|
_REFIND_CRYPT_SETUP_FILE = """#!/usr/bin/bash
|
||||||
touch /boot/refind_linux.conf
|
touch /boot/refind_linux.conf
|
||||||
echo '"'Boot with standard options'"' '"'rd.luks.name={ROOT_CRYPT_UUID}=crypt_root amd_pstate=active nowatchdog amd_prefcore=enable nvidia-drm.modeset=1 root=/dev/mapper/crypt_root quiet splash ---'"' > /boot/refind_linux.conf
|
echo '"'Boot with standard options'"' '"'rd.luks.name={ROOT_CRYPT_UUID}={ROOT_ENCRYPT_NAME} amd_pstate=active nowatchdog amd_prefcore=enable nvidia-drm.modeset=1 root=/dev/mapper/{ROOT_ENCRYPT_NAME} quiet splash ---'"' > /boot/refind_linux.conf
|
||||||
echo '"'Boot with logging'"' '"'rd.luks.name={ROOT_CRYPT_UUID}=crypt_root amd_pstate=active nowatchdog amd_prefcore=enable nvidia-drm.modeset=1 root=/dev/mapper/crypt_root ---'"' >> /boot/refind_linux.conf
|
echo '"'Boot with logging'"' '"'rd.luks.name={ROOT_CRYPT_UUID}={ROOT_ENCRYPT_NAME} amd_pstate=active nowatchdog amd_prefcore=enable nvidia-drm.modeset=1 root=/dev/mapper/{ROOT_ENCRYPT_NAME} ---'"' >> /boot/refind_linux.conf
|
||||||
echo '"'Boot with safe graphics'"' '"'rd.luks.name={ROOT_CRYPT_UUID}=crypt_root amd_pstate=active nowatchdog amd_prefcore=enable root=/dev/mapper/crypt_root nomodeset ---'"' >> /boot/refind_linux.conf
|
echo '"'Boot with safe graphics'"' '"'rd.luks.name={ROOT_CRYPT_UUID}={ROOT_ENCRYPT_NAME} amd_pstate=active nowatchdog amd_prefcore=enable root=/dev/mapper/{ROOT_ENCRYPT_NAME} nomodeset ---'"' >> /boot/refind_linux.conf
|
||||||
"""
|
"""
|
||||||
|
|
||||||
_CRYPTTAB_ROOT_SETUP_FILE = """#!/usr/bin/bash
|
_CRYPTTAB_ROOT_SETUP_FILE = """#!/usr/bin/bash
|
||||||
echo "crypt_root UUID={ROOT_PART_UUID} none luks,discard" > /etc/crypttab
|
echo "{ROOT_ENCRYPT_NAME} UUID={ROOT_PART_UUID} none luks,discard" > /etc/crypttab
|
||||||
cat /etc/crypttab
|
cat /etc/crypttab
|
||||||
"""
|
"""
|
||||||
|
|
||||||
_CRYPTTAB_SETUP_FILE = """#!/usr/bin/bash
|
_CRYPTTAB_SETUP_FILE = """#!/usr/bin/bash
|
||||||
echo "crypt_home UUID={HOME_PART_UUID} /keyfile.txt luks" >> /etc/crypttab
|
echo "{HOME_ENCRYPT_NAME} UUID={HOME_PART_UUID} /keyfile.txt luks" >> /etc/crypttab
|
||||||
cat /etc/crypttab
|
cat /etc/crypttab
|
||||||
touch /keyfile.txt
|
touch /keyfile.txt
|
||||||
openssl genrsa > /keyfile.txt
|
openssl genrsa > /keyfile.txt
|
||||||
@ -51,7 +51,7 @@ echo 'XKBOPTIONS=""' >> /etc/default/keyboard
|
|||||||
echo 'BACKSPACE="guess"' >> /etc/default/keyboard
|
echo 'BACKSPACE="guess"' >> /etc/default/keyboard
|
||||||
echo 'KEYMAP={KEYBOARD}' >> /etc/default/keyboard
|
echo 'KEYMAP={KEYBOARD}' >> /etc/default/keyboard
|
||||||
cp -fv /etc/default/keyboard /etc/vconsole.conf
|
cp -fv /etc/default/keyboard /etc/vconsole.conf
|
||||||
echo LC_ALL={LOCALE} >> /etc/environment
|
localectl set-locale LANG={LOCALE}
|
||||||
timedatectl set-timezone {TIMEZONE}
|
timedatectl set-timezone {TIMEZONE}
|
||||||
"""
|
"""
|
||||||
|
|
||||||
@ -89,14 +89,19 @@ root_part_encrypt = root_part_encrypt_command.stdout.readline().decode("utf-8").
|
|||||||
## Root Encryption UUID
|
## Root Encryption UUID
|
||||||
root_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid', CHROOT_PATH], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
root_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid', CHROOT_PATH], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
root_uuid_encrypt = root_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
|
root_uuid_encrypt = root_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||||
|
# Root Encryption Mapped Device
|
||||||
|
root_name_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-name', CHROOT_PATH], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
|
root_name_encrypt = root_name_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||||
## Print Root info
|
## Print Root info
|
||||||
print("\nRoot UUID: {}".format(root_uuid))
|
print("\nRoot UUID: {}".format(root_uuid))
|
||||||
if root_part_encrypt == "luks_none":
|
if root_part_encrypt == "luks_none":
|
||||||
print("Root Encryption Partition: Root is not encrypted!")
|
print("Root Encryption Partition: Root is not encrypted!")
|
||||||
print("Root Encryption UUID: Root is not encrypted!")
|
print("Root Encryption UUID: Root is not encrypted!")
|
||||||
|
print("Root Encryption Mapped Device Name: Root is not encrypted!")
|
||||||
else:
|
else:
|
||||||
print("Root Encryption Partition: {}".format(root_part_encrypt))
|
print("Root Encryption Partition: {}".format(root_part_encrypt))
|
||||||
print("Root Encryption UUID: {}".format(root_uuid_encrypt))
|
print("Root Encryption UUID: {}".format(root_uuid_encrypt))
|
||||||
|
print("Root Encryption Mapped Device Name: {}".format(root_name_encrypt))
|
||||||
# Get Boot info
|
# Get Boot info
|
||||||
## Boot UUID
|
## Boot UUID
|
||||||
boot_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid', CHROOT_PATH + "/boot"] , stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
boot_uuid_command= subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'uuid', CHROOT_PATH + "/boot"] , stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
@ -122,13 +127,18 @@ if root_uuid != home_uuid:
|
|||||||
## Home Encryption UUID
|
## Home Encryption UUID
|
||||||
home_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid', CHROOT_PATH + "/home"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
home_uuid_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-uuid', CHROOT_PATH + "/home"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
home_uuid_encrypt = home_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
|
home_uuid_encrypt = home_uuid_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||||
|
# Root Encryption Mapped Device
|
||||||
|
home_name_encrypt_command = subprocess.Popen(['/usr/lib/pika/pikainstall/partition-helper.sh', 'encrypt-name', CHROOT_PATH + "/home"], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
|
||||||
|
home_name_encrypt = home_name_encrypt_command.stdout.readline().decode("utf-8").strip()
|
||||||
print("\nHome UUID: {}".format(home_uuid))
|
print("\nHome UUID: {}".format(home_uuid))
|
||||||
if home_part_encrypt == "luks_none":
|
if home_part_encrypt == "luks_none":
|
||||||
print("Home Encryption Partition: Home is not encrypted!")
|
print("Home Encryption Partition: Home is not encrypted!")
|
||||||
print("Home Encryption UUID: Home is not encrypted!")
|
print("Home Encryption UUID: Home is not encrypted!")
|
||||||
|
print("Home Encryption Mapped Device Name: Home is not encrypted!")
|
||||||
else:
|
else:
|
||||||
print("Home Encryption Partition: {}".format(home_part_encrypt))
|
print("Home Encryption Partition: {}".format(home_part_encrypt))
|
||||||
print("Home Encryption UUID: {}".format(home_uuid_encrypt))
|
print("Home Encryption UUID: {}".format(home_uuid_encrypt))
|
||||||
|
print("Home Encryption Mapped Device Name: {}".format(home_name_encrypt))
|
||||||
if args.cryptkey is not None:
|
if args.cryptkey is not None:
|
||||||
home_passwd = args.cryptkey
|
home_passwd = args.cryptkey
|
||||||
else:
|
else:
|
||||||
@ -188,6 +198,7 @@ if root_part_encrypt != "luks_none":
|
|||||||
with open(CHROOT_CRYPTTAB_ROOT_FILE_PATH, "w") as file:
|
with open(CHROOT_CRYPTTAB_ROOT_FILE_PATH, "w") as file:
|
||||||
albius_crypttab_root_file = _CRYPTTAB_ROOT_SETUP_FILE.format(
|
albius_crypttab_root_file = _CRYPTTAB_ROOT_SETUP_FILE.format(
|
||||||
ROOT_PART_UUID=root_uuid_encrypt,
|
ROOT_PART_UUID=root_uuid_encrypt,
|
||||||
|
ROOT_ENCRYPT_NAME=root_name_encrypt,
|
||||||
)
|
)
|
||||||
file.write(albius_crypttab_root_file)
|
file.write(albius_crypttab_root_file)
|
||||||
|
|
||||||
@ -202,6 +213,7 @@ if root_uuid != home_uuid:
|
|||||||
with open(CHROOT_CRYPTTAB_FILE_PATH, "w") as file:
|
with open(CHROOT_CRYPTTAB_FILE_PATH, "w") as file:
|
||||||
albius_crypttab_file = _CRYPTTAB_SETUP_FILE.format(
|
albius_crypttab_file = _CRYPTTAB_SETUP_FILE.format(
|
||||||
HOME_PART_UUID=home_uuid_encrypt,
|
HOME_PART_UUID=home_uuid_encrypt,
|
||||||
|
ROOT_ENCRYPT_NAME=home_name_encrypt,
|
||||||
LUKS_PASSWD=home_passwd,
|
LUKS_PASSWD=home_passwd,
|
||||||
)
|
)
|
||||||
file.write(albius_crypttab_file)
|
file.write(albius_crypttab_file)
|
||||||
@ -243,6 +255,7 @@ else:
|
|||||||
with open(CHROOT_REFIND_FILE_PATH, "w") as file:
|
with open(CHROOT_REFIND_FILE_PATH, "w") as file:
|
||||||
refind_crypttab_file = _REFIND_CRYPT_SETUP_FILE.format(
|
refind_crypttab_file = _REFIND_CRYPT_SETUP_FILE.format(
|
||||||
ROOT_CRYPT_UUID=root_uuid_encrypt,
|
ROOT_CRYPT_UUID=root_uuid_encrypt,
|
||||||
|
ROOT_ENCRYPT_NAME=root_name_encrypt,
|
||||||
)
|
)
|
||||||
file.write(refind_crypttab_file)
|
file.write(refind_crypttab_file)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user