diff --git a/resources/BuildResources/initramfs-init b/resources/BuildResources/initramfs-init index 0317b4e..9cad70c 100644 --- a/resources/BuildResources/initramfs-init +++ b/resources/BuildResources/initramfs-init @@ -37,7 +37,7 @@ ROOT_DEV="${BLKID%1:*}" echo ${ROOT_DEV} #uncomment for debugging -# exec setsid /bin/sh -c 'exec /bin/sh /dev/tty1 2>&1' +exec setsid /bin/sh -c 'exec /bin/sh /dev/tty1 2>&1' # we use this to change what cmdline options get passed into # the next boot stage, aka to enable root encryption diff --git a/resources/BuildResources/kernel.its b/resources/BuildResources/kernel.its index ac2967f..549ef9c 100644 --- a/resources/BuildResources/kernel.its +++ b/resources/BuildResources/kernel.its @@ -27,24 +27,12 @@ algo = "sha1"; }; }; - ramdisk@1{ - description = "initrd.img"; - data = /incbin/("PrawnOS-initramfs.cpio.gz"); - type = "ramdisk"; - arch = "arm"; - os = "linux"; - compression = "none"; - hash@1{ - algo = "sha1"; - }; - }; }; configurations { default = "conf"; conf{ kernel = "kernel"; fdt = "fdt"; - ramdisk = "ramdisk@1"; }; }; }; diff --git a/resources/InstallResources/mmc.partmap b/resources/InstallResources/mmc.partmap index 28c33de..14fc283 100644 --- a/resources/InstallResources/mmc.partmap +++ b/resources/InstallResources/mmc.partmap @@ -6,4 +6,5 @@ first-lba: 34 last-lba: 30785502 /dev/mmcblk2p1 : start= 20480, size= 65536, type=FE3A2A5D-4F32-41A7-B725-ACCC3285A309, uuid=89B31CDB-1147-5241-8271-C1ADBB9BBB44, name="Kernel", attrs="GUID:49,51,52,54,56" -/dev/mmcblk2p2 : start= 86016, size= 30699486, type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, uuid=63DB8E49-63C4-984E-90A0-8AC3222C4771, name="Root" +/dev/mmcblk2p2 : start= 86016, size= 976562, name="Boot" +/dev/mmcblk2p3 : start= 1062578, size= 29722924, type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, uuid=63DB8E49-63C4-984E-90A0-8AC3222C4771, name="Root" diff --git a/scripts/InstallScripts/InstallToInternal.sh b/scripts/InstallScripts/InstallToInternal.sh index 01de641..1f46572 100755 --- a/scripts/InstallScripts/InstallToInternal.sh +++ b/scripts/InstallScripts/InstallToInternal.sh @@ -55,19 +55,46 @@ then fi fi dmesg -E + echo Writing kernel partition dd if="$BOOT_DEVICE"1 of=/dev/mmcblk2p1 + + BOOT_DEV_NAME=mmcblk2p2 + ROOT_DEV_NAME=mmcblk2p3 + CRYPTO=false + #Handle full disk encryption + read -p "Would you like to setup full disk encrytion using LUKs/DmCrypt? [Y/n]" -n 1 -r + if [[ $REPLY =~ ^[Yy]$ ]] + then + CRYPTO=true + # Since iteration count is based on cpu power, and the rk3288 isn't as fast as a usual + # desktop cpu, maually supply -i 15000 for security at the cost of a slightly slower unlock + cryptsetup -s 512 luksFormat -i 15000 /dev/mmcblk2p2 + cryptsetup luksOpen /dev/mmcblk2p2 mmcblk2p2-encrypted + ROOT_DEV_NAME=mapper/mmcblk2p2-encrypted + fi + echo Writing Filesystem, this will take about 4 minutes... - mkfs.ext4 -F -b 1024 /dev/mmcblk2p2 + mkfs.ext4 -F -b 1024 /dev/$ROOT_DEV_NAME mkdir -p /mnt/mmc/ - mount /dev/mmcblk2p2 /mnt/mmc + mount /dev/$ROOT_DEV_NAME /mnt/mmc rsync -ah --info=progress2 --info=name0 --numeric-ids -x / /mnt/mmc/ #Remove the live-fstab and install a base fstab rm /mnt/mmc/etc/fstab - echo "/dev/mmcblk2p2 / ext4 defaults,noatime 0 1" > /mnt/mmc/etc/fstab - umount /dev/mmcblk2p2 - echo Running fsck - e2fsck -p -f /dev/mmcblk2p2 + if [ $CRYPTO false] + then + echo "/dev/mmcblk2p2 / ext4 defaults,noatime 0 1" > /mnt/mmc/etc/fstab + umount /dev/mmcblk2p2 + echo Running fsck + e2fsck -p -f /dev/mmcblk2p2 + fi + if [ $CRYPTO true ] + then + # unmount and close encrypted storage + cryptsetup luksClose mmcblk2p2-encrypted + echo Running fsck + #TODO run fsck on luks part + fi echo Rebooting... Please remove the usb drive once shutdown is complete reboot fi diff --git a/scripts/buildInitramFs.sh b/scripts/buildInitramFs.sh index 5f5efcc..79168be 100755 --- a/scripts/buildInitramFs.sh +++ b/scripts/buildInitramFs.sh @@ -83,6 +83,7 @@ cp $outmnt/sbin/blkid $initramfs_src/bin/ #add the init script cp $build_resources/initramfs-init $initramfs_src/init chmod +x $initramfs_src/init +cp $initramfs_src/init $initramfs_src/sbin/init #compress and install rm -rf $outmnt/boot/PrawnOS-initramfs.cpio.gz