Merge pull request #128 from SolidHal/tslilc-pr-crypto
Merge #127 into master along with fixes
This commit is contained in:
SolidHal
GitHub
commit
35913ee74f
@ -119,16 +119,17 @@ The initramfs is what runs initialy at boot, and allows us to enter a password a
|
||||
|
||||
In a normal system, when dmcrypt/LUKS is setup the initramfs image is modified to enable decrypting of the root partiton
|
||||
|
||||
Since we have to have a static initramfs image, and can't change it without recompiling the kernel, we have to be a little crafty to support unencrypted and encrypted root partitons with the same initramfs
|
||||
Since we have to have a static initramfs image, and can't change it without recompiling the kernel, we detect whether encryption is in use by checking for the tag `crypto_LUKS` on the root device at boot.
|
||||
|
||||
This is achieved by placing flags in the /boot partition, aka `/dev/mmcblk2p2` or `/dev/sda2`. The /boot partiton is empty on an unencrypted system. When root encryption is set up, the file `root_encryption` is created, which the initramfs init script uses to determine that it should try and decrypt the root partiton
|
||||
|
||||
### debugging the init script
|
||||
A rescue debug shell is entered when the init script encounters a problem, or if the `debug` flag is set
|
||||
A rescue debug shell is entered when the init script encounters a problem, or if a device with the partition label `RESCUESHELL` is present
|
||||
|
||||
You can enable the debug flag by mounting /boot and creating a file named `debug`
|
||||
Label any partition on the system with `RESCUESHELL` to enter the initramfs rescue shell before mount and root_switch.
|
||||
|
||||
To make the system boot normally, from the debug prompt, run `rm /boot/debug` and `exit` to reboot
|
||||
You can do this with `cgpt add -i 1 -l RESCUESHELL /dev/sda` for example to label the first partiton of a usb drive.
|
||||
|
||||
This is the suggested method, as then debugging can be enabled/disabled by plugging in/removing the usb device.
|
||||
|
||||
|
||||
|
||||
|
||||
@ -99,7 +99,7 @@ _This will show a bunch of scary red warnings that are a result of the emmc (int
|
||||
|
||||
#### Setting up root partition encryption
|
||||
PrawnOS supports encrypting the full root partition with the use of a custom initramfs and dmcrypt/LUKS
|
||||
Press "Y" at the prompt, type "YES" at the following prompt, then enter the password you would like to use and verify it
|
||||
Type "Yes" at the prompt, then enter the password you would like to use and verify it
|
||||
You will then be prompted one more time to enter your encryption password to mount and setup the filesystem
|
||||
If you are curious how the initramfs, and root partition encryption work on PrawnOS check out the Initramfs and Encryption section in [DOCUMENTATION.md](DOCUMENTATION.md)
|
||||
|
||||
|
||||
13
makefile
13
makefile
@ -38,7 +38,8 @@ clean:
|
||||
@echo " clean_kernel - which deletes the untar'd kernel folder from build"
|
||||
@echo " clean_ath - which deletes the untar'd ath9k driver folder from build"
|
||||
@echo " clean_img - which deletes the built PrawnOS image, this is ran when make image is ran"
|
||||
@echo " clean_fs - which deletes the built PrawnOS base image"
|
||||
@echo " clean_basefs - which deletes the built PrawnOS base image"
|
||||
@echo " clean_initramfs - which deletes the built PrawnOS initramfs image that gets injected into the kernel"
|
||||
@echo " clean_all - which does all of the above"
|
||||
@echo " in most cases none of these need to be used manually as most cleanup steps are handled automatically"
|
||||
|
||||
@ -54,16 +55,21 @@ clean_ath:
|
||||
clean_img:
|
||||
rm -f $(OUTNAME)
|
||||
|
||||
.PHONY: clean_fs
|
||||
clean_fs:
|
||||
.PHONY: clean_basefs
|
||||
clean_basefs:
|
||||
rm -r $(BASE)
|
||||
|
||||
.PHONY: clean_initramfs
|
||||
clean_initramfs:
|
||||
rm -r build/PrawnOS-initramfs.cpio.gz
|
||||
|
||||
.PHONY: clean_all
|
||||
clean_all:
|
||||
make clean_kernel
|
||||
make clean_ath
|
||||
make clean_img
|
||||
make clean_fs
|
||||
make clean_initramfs
|
||||
|
||||
|
||||
.PHONY: kernel
|
||||
@ -99,7 +105,6 @@ image:
|
||||
cp $(BASE) $(OUTNAME)
|
||||
make kernel_inject
|
||||
|
||||
|
||||
.PHONY: live_image
|
||||
live_image:
|
||||
echo "TODO"
|
||||
|
||||
@ -23,6 +23,7 @@ echo In PrawnOS Init
|
||||
rescue_shell() {
|
||||
[ "{$1}" != "debug" ] && echo "Something went wrong. Dropping to a shell." > /dev/tty1
|
||||
[ "{$1}" == "debug" ] && echo "Debug flag detected, entering debug shell" > /dev/tty1
|
||||
echo "Something went wrong. Dropping to a shell." > /dev/tty1
|
||||
exec setsid /bin/sh -c 'exec /bin/sh </dev/tty1 >/dev/tty1 2>&1'
|
||||
}
|
||||
|
||||
@ -65,28 +66,27 @@ echo ${ROOT_DEV} > /dev/tty1
|
||||
# the next boot stage
|
||||
CMDLINE='cat /proc/cmdline'
|
||||
|
||||
[ -d "/boot" ] || mkdir -p /boot
|
||||
mount ${ROOT_DEV}2 /boot
|
||||
# label any partition on the system with RESCUESHELL to enter the initramfs rescue shell before mount and root_switch.
|
||||
# you can do this with "cgpt add -i 1 -l RESCUESHELL /dev/sda" for example to label the first partiton of a usb drive.
|
||||
if [ -n "$(blkid | grep RESCUESHELL)" ]
|
||||
then
|
||||
rescue_shell debug
|
||||
fi
|
||||
|
||||
#Debugging can be facilitated by creating /boot/debug
|
||||
[ -f "/boot/debug" ] && rescue_shell debug
|
||||
|
||||
if [ -f "/boot/root_encryption" ]
|
||||
if [ -n "$(blkid ${ROOT_DEV}2 | grep crypto_LUKS)" ]
|
||||
then
|
||||
#decrypt and mount the root filesystem
|
||||
echo "Opening encrypted root partition, this will take 30s..."
|
||||
cryptsetup --tries 5 luksOpen ${ROOT_DEV}3 luksroot || rescue_shell debug
|
||||
cryptsetup --tries 5 luksOpen ${ROOT_DEV}2 luksroot || rescue_shell
|
||||
mount /dev/mapper/luksroot /newroot
|
||||
else
|
||||
# mount the unencrypted root filesystem
|
||||
[ -d "/newroot" ] || mkdir -p /newroot
|
||||
mount ${ROOT_DEV}3 /newroot
|
||||
mount ${ROOT_DEV}2 /newroot
|
||||
fi
|
||||
|
||||
umount /sys
|
||||
umount /proc
|
||||
|
||||
|
||||
|
||||
#swith to the new rootfs
|
||||
#switch to the new rootfs
|
||||
exec switch_root /newroot /sbin/init ${CMDLINE}
|
||||
|
||||
142
resources/BuildResources/linux-libre-signing-key.gpg
Normal file
142
resources/BuildResources/linux-libre-signing-key.gpg
Normal file
@ -0,0 +1,142 @@
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
Version: GnuPG v1.4.9 (GNU/Linux)
|
||||
|
||||
mQGiBEh9qqURBACKo3J5VyGBgApcm4QddrLyoS3Sxt+aUX1CQ5t8X8Ue2tXypHOR
|
||||
jzXRyKiBeAc/yIuLStyE05P0DVQTe6fXZyDIGZbw8Gc6kdzT+wtWmQHQbPLcXV3s
|
||||
T/7ZDbRg2ShmSleJUNgWABLIKNk8iKGfgMKrzHiUeeLKzr6elf+hYYNMfwCgrQal
|
||||
gQ/DPIlVjjmJvdnZOYN8ZC0D/3JEoAOFRFtmkufS5q17JMjL0XjDL7HANJc1/hQo
|
||||
Ap6OckhX6T7o2Pn1QJIJoQAR3fjIqYX/QQn6y+S2PrRtrX0fRqHNGHY/QyjWgdfq
|
||||
I7lw6H7a7a77O2sD0MfkLWqAU6PQp8xYEQFDwdDXgggmFUEhikWWbNJU/pNialhY
|
||||
hNypA/wPCAkz47/36RYPL79nZY/p6iCW+tfUtrM5RmkTZ5lqVKxaWv96WppHwoyp
|
||||
MWk66gkm/EK58zKZASpvh1a5nQ2niWHcazn2TfRfgBgBfFiyaHNgzb6eDwWcIMHF
|
||||
VglngbUL5hwmBkWVkg2GxSkMk26OCFhrxF59Ibmkf2YxQBXem7Q9bGludXgtbGli
|
||||
cmUgKEFsZXhhbmRyZSBPbGl2YSkgPGxpbnV4LWxpYnJlK2x4b2xpdmFAZnNmbGEu
|
||||
b3JnPohgBBMRAgAgBQJIfaqlAhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQ
|
||||
vLfPh359R6cNtACdF9Ff6ykp7UQxKkbIiCPkfaVd7+YAoIPqTHUhRFK9i82ROj68
|
||||
LH1xnzZxiEYEEBECAAYFAkh9rNYACgkQUjSEXfK5IPXoKgCcD5YlHa+OfVKbKRLf
|
||||
xaNHec7H5UAAoL2T964cyDQz8yyyqguEl1hjBCRviF4EEBEIAAYFAkwJhYAACgkQ
|
||||
Ir13u1gr1/CkrwD/SI3ilyOPdcy3kzEbv/D4J8Rj9lltWyD8WDqC7ZMFCokBAM3s
|
||||
//ZcZ/FttS/AYdL/xLgBKFBAkDY/U/yrIzt2SgGj0dTa1NgBEAABAQAAAAAAAAAA
|
||||
AAAAAP/Y/+AAEEpGSUYAAQECACMAIwAA/9sAQwAoHB4jHhkoIyEjLSsoMDxkQTw3
|
||||
Nzx7WF1JZJGAmZaPgIyKoLTmw6Cq2q2KjMj/y9ru9f///5vB////+v/m/f/4/9sA
|
||||
QwErLS08NTx2QUF2+KWMpfj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4
|
||||
+Pj4+Pj4+Pj4+Pj4+Pj4+Pj4/8AAEQgBGAEEAwEiAAIRAQMRAf/EABoAAQEBAQEB
|
||||
AQAAAAAAAAAAAAAFBAMCBgH/xABCEAABAwIDBAcGBAIIBwAAAAABAAIDBBEFEiET
|
||||
MUFRImFxkaGxwRQjMkKB0RVS4fAkNFNkc4KSoqPxBjM1RVRysv/EABgBAQEBAQEA
|
||||
AAAAAAAAAAAAAAACAwEE/8QAIREBAQACAgMAAgMAAAAAAAAAAAECESExAxJBIlET
|
||||
QnH/2gAMAwEAAhEDEQA/ALKIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICI
|
||||
iAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiIgIiICIiAiI
|
||||
gIiICIiAiIgIiICIiAiIgIiICIiAiIgIuVTUxUsZfK8DTQcT2BQ5q2rxF5jhBZHb
|
||||
VrT5lBanraanNpZmtN7W3kfQLl+LUX9P/kd9lNiwgWvNIb8m/daBhlKB8Lj/AHlX
|
||||
rXPaNkeJUcjrNnaDa/Su3zWppDmhzSCCLgjiosmEwuHQe5p69Qs2Stw5wexxMYNz
|
||||
YktPaFyyw3H0aLBh+JsrDs3gMlA3X0d2fZb1x0REQEREBERAREQEREBERAREQERc
|
||||
aqqhpGZpnWvuA1JQdl4lmjgYXyvDG8yVNkx2EN93DI433OsPuplbVvr5w7IWgCzW
|
||||
A3QUpMeiFtlC93PMQ37rx+P/ANW/1P0U5myYQyogc2/zAkHuK9lpo5GvFpYH8xoR
|
||||
91zbul2ir4q1pyXa8DVh9OYWpfNTxGnLKukcQw6gj5SrtBVe2UrZbAOvZwHApLss
|
||||
00IiLrguc8zKeF0sl8rRrZdFEx2cvljpmWIHSNjxO4fvmgyxsmxOqdJK7QbzwA5B
|
||||
WIomQsDI2hoC800Ip4GxjhvPMrzXSmGkke3faw+q0k0i3bo2WNzyxsjS4bwDqvai
|
||||
UlO9ldCMw1aJNOAIVLEJTFRvLd56PekvG3LOXZssb3FrJGucN4BXtRqGnfHiDGki
|
||||
4ZnNuRH6qykuyzSXX4cLGWAW4lg9FrwjENuzYzPvK34SfmH3WlSMRpzTTNqYdBmv
|
||||
u3OXMp9VK+hRT2YtAKRk0hOY6FrW8Ra9u9Zvx/8Aq3+p+ihSyi4UlXFWRl8ROhsW
|
||||
neF3QEREBERAREQEREBERAUCuca7FhAHdBpyC3Dn9d/cr6+fpv8Ar7v7R/qg3vw6
|
||||
GNofBE0vbwfqHd6/WOAia41McTXC9mtDfO62rG0bGpkZHAHF3TB0Fr9faEHKaKmq
|
||||
GFrnTTHgQCbd2inU4LXyUU9wHfDfgeCt/wAS7+iZ3u+yl4vE6KSKYyBz9261rbly
|
||||
zcdl08Yeb7WklGmunmv3DJTR4g6B56LzlPbwP75rxI7Z4jDM3QSBru/QpirTHUMl
|
||||
aSCRvHMKJfy/1VnD6NF+Me2RjXtN2uAIPUv1aIF87Sl1bibp3jcc1uXIeStYjII6
|
||||
CdxvYsLdOvT1UvBmWjkk5m3d/uuzty9KS4VkJqKZ0bTYnUXXWR7Y2F7zZoFyVLdV
|
||||
VVbIW092MHHd3lXlZJymS3p2w6ikp5HSSkXtYAG60VsBqaYsYRe9wsBw55LdtUdJ
|
||||
xsNCblG4fIG5oKjnzas/5Mel+lacPo5KdzpJSMxFgAb6LcpUVZUUsojqxdp+Y7/1
|
||||
VUEEXGoWmNlnCLLvkXiWNssTo3bnCy9rzK7JE935WkrqUKkpDUVuwJ0aTmI5BfRu
|
||||
o6d0WyMLMvIBTcAZcTSneSG38/RVKiYQQPldqGi9uayaoPTwjEubD1fE0+q+iaQ5
|
||||
oc0ggi4I4r5molq69u1czMxpNsrd3qt2HYsxscdPOC0t6Ifw+vLggsIiICIiAiIg
|
||||
IiICIiAoFV7jHQ7LlaXNO617gXPmr6j4/D0Ypxa98h1+o9UFVZqnSaJ20Md7tLhb
|
||||
t49i9UcwqKWOS9yRY9vFeazdF0M/vBpz0KDnendvllnPJpJHhosmJsaKO7KXZAOH
|
||||
SNgT3Le98rW3kkhgb3n0U7FHg07enM8l3xPFm/QaIMlVf2aldxykdxWvF7bKM8cy
|
||||
5SUsssVKGtu3LqeV1+4vIC6OMbxqVlObF/Kt0X8lB/Zt8l2XOnjMVPFG6xLGBpt1
|
||||
BdFqhLx6bJSsiF7yO17B+tl+4dHs6NgO93S71ixMiqxYRNt0bMuDfrPn4KsAAABu
|
||||
CrFOSXicjpZ46VnGxPat0MTYYgxg0Hip8PvMYlcflv8AZU15/Nlu6beOcBAJBIBI
|
||||
3dSABosAAOpEWLRkxOMPpHOO9pBBXXDnl9FGTvFx3FY8Sn2hFNF0nE9K3kqNPFsK
|
||||
dkf5Rr2r1+GWR5/LeXRcav8AlJrfkPkuy8vbnY5p4iy2ZOGAW9jk57T0C04o0uw6
|
||||
YDlfuKwf8PvsZ4z1FV5YxLC+M7ntLe9ZNUrCXXowOTiErqBs7S+MBso/zLPhr3U9
|
||||
RJSyaG+naqq0nMReKnYZiRhcKaqJDRo1x+XqPV5dm62o2JUe2ZtYx7xu8D5gumD1
|
||||
5laKaW2ZregeYHDtUWaVLtVREXHRERAREQEREBc6mBtTTvhdoHC1+R4FdEQfP4dU
|
||||
uoah9PUAsaTrf5St1bUwB0QdNZoJcch13abu1dq3DYay7vgl06YG/tCyR4DGHe8n
|
||||
c4W3Nbb7oMsmJsYT7LAGn879XLxDBPiHvJprtBt+xwVp9BAKWSKGKNpcwtBIv3nf
|
||||
vUjCJLOkiPEZgpztk3Hceby21UppqUuYLltgOpZcIpXVVQaqbVrHXBvvct08e1he
|
||||
z8wspeH4h7CyRpY5+Yizc1gN9/RR4ulZvpFlrMQgpGkOcHSAaMG/68lINfiFZ0Yr
|
||||
tG47MW8f1WappHUzGmRwzu3NHALXSGrC2OmqZKh+pF9eZKrLPQw7ClY0jpHU9q0L
|
||||
STUZ28pMPu8Zkafmv91TWSsoHTS7aGTJJ1/dcPZMQOhnt/fKwz8Vyu42xzkihJLH
|
||||
ELyPDR1lT5698x2VKxxJ+bivUeE5jmnlLjxy/crfDBHA3LG0NHiV3Hw67cy8n6Zq
|
||||
GhFP7yTpSnwW1EW8mmQiIjiZQn2fGnxnc+49Qrqg4q0xTxVLNCD4jcqGIOM+Eukj
|
||||
JF2h/wBFne2k6Zcbpyx7KuPQggOI8CtNNM2ogbI3jvHIr9w5zavCwyTpaFjv32WU
|
||||
2mc6grnU0p6DjofIruN0WKykYlSmGQVEV2gm5twPNV15exsjCxwu0ixCuzaJdPdB
|
||||
WNrKcP0Eg0e0cCtK+cgkfhmIZXOOyJs7rbz+i+jWTQREQEREBERAREQEReZZBFE+
|
||||
R1yGNLjbqQYcSxNtJ7uMB83EHc0dajQySRVrJpQQXm5JFrg7yu2HQ+1VT5pelY5j
|
||||
1kr1iz9pUMiawl7Rv53XbNxzfKopOzZFi2V7QWOduI5/qv32ysgsZoiW9bbeKYi5
|
||||
sscNTGers/eqxwlwy5a5WZThYAAFgLBSB/HYpffGzyH6rRUYhF7J0HgyOboBwTCY
|
||||
clOZDvefAL03lh03oimVNe+WTYUgJcdMw49i7bpyTbdNURQD3jw3q4rI/F4R8DHu
|
||||
8F7psFvZ9W8ucdS0HzKoR0VNF8EDB1kXKj2qvVI/GBwg/wA/6L23F4j8Ubx2aq1k
|
||||
YBYNb3LlJR00gIfBGb8cuq57V31jNDUwz/8ALkBPLiuqxVOCttnpXlrhqGuPkVxp
|
||||
66SGXYVgII0zHeO1VMk3FTRN6KkpeMEl8LOGpVsRN2OytdmXLbqUfF4S6JkrfkNj
|
||||
2FU6GpFVSsk+bc4cis8u2mPSXRPOG4g+mlPu3nQnwK2YvR+0QbVg95GO8cl0xGlp
|
||||
6iNrp5NnlOj7gfRa2gBoANwBouOpWG1W3hyOPvGb+sc1sUvEIHYfWNqYR7tx3cAe
|
||||
IVGKRs0bZGG7XBaY3aLNMeLQtdTiXc5h7wVrwed01A0O3xnJfmBu81PxiYZWQg63
|
||||
zO9FWoItjQwssQctyDvBOp81OXasemhERS6IiICIiAiIgLxNHtYJI72ztLb8rhe0
|
||||
QfOYfOKSeSGbo3NieRCrh8ZGYOaRzuvyuwyKsdnuY5LWzAXv2hYvwA5h/Ei1tTk/
|
||||
VVMtJs26VtTT+zSMc9riW2ABvqsdNE6TC5QRxzN+i4x07WYiaeYEgOLddL8j9Vaa
|
||||
1rWhrQA0aWCx8ubTDF821pc4NG8mwX00bBHG1g3NFlGo4R+J5BqGOJ7lYmkEUTpH
|
||||
bmi63x62zy/TBidS4uFLDcud8VvJUcPoW0cWtjK74negWDBYDNPJVyC5Bs3t4q0p
|
||||
t27JoREXHRERAWWvoWVkWukg+F3otSIIWHVDo5DST3Dmmzb8OpU1hxumLSyrj0cC
|
||||
A4jwK000wngbIOI1HIq8ajKOjmh7S1wuCLEKbhjzSYk+mcei/QdvAqmpWJe6roJh
|
||||
1HuKZGKjjMRloDlaXFrg6w/fWu1Bm9hhDwQ4NAsVoXGnq4alz2xOuWHXRQt6qIGV
|
||||
EDon7nDu6189T1UlA6WF7c1iQByK+lXz+NRCKubLlBa8AkHcSP2EHrC6J1XMamob
|
||||
mjvcX+Y/ZXl5iLHRMMdshaC2wtpwXpAREQEREBERAREQEREBERBBxthhro52i2YA
|
||||
3vvI/Sy3teHRh43EXX5jcQfQl+gMbgRpz0t4+CxUtQ38NcHOAcwEWJ7ll5JteFec
|
||||
IGeaaU77ef8AsuuLyZadsY+c+A/YX5gzfcyO5ut4LniQ2tfBDwNh3lejrFl9V6CH
|
||||
YUUTOOW57TqtCIoUIiICIiAiIg51EQngfEdzmkKNhDy10sDtCDe3gVdUJw9nx1w4
|
||||
PPmL+a7O3L0pqVjOr4RxsfRVVKxXSqgLvht6q8ukY9r6iYIclZPE74reRVtQq9r6
|
||||
DE21TBdrzf7hZtF1S8ejzUrH8Wvt9CqMUrJomyRm7XC4WDHX5aJrfzPHqg0YZIZM
|
||||
OhcbXDcunUbei1LHhILcNhBBBsTr2lbEBERAREQEREBERAREQEREHmWMSxPjdcB7
|
||||
S0261CrMI9lpnzbfNltpktfW3NX1nxGMSUE7TewYXadWvogm4P8Ayr//AHPkF4f0
|
||||
8djHIjyuvWDH3EjeTr+C8/8Af2do/wDlVekztdREUqEREBERAREQFDxXoYtA/mGn
|
||||
xVxRMa/nqfsHmgorFilOZqfO34o9fpxW1FreWceMKrBU0wa4+9Zo7r61pqKeOphM
|
||||
cguDx5HmodVBJQTipptG31HLq7FZpKplVTiVun5hyKys00nL55s8+H1MkcUtw1xB
|
||||
HA/Re63EXVsLGPjDXNN7g6Fd8KtPi0kpJ0zPH1NvVWZKWnldmkhjc4kEktF9OtBz
|
||||
w2Ta4fA61rNy92notKNAa0NaAABYAcEQEREBERAREQEREBERAREQF4mj2sEkd7Z2
|
||||
lt+VwvaIPn8Ff05WcwCvU/QxuF3Mt+y8QN9lxh8VsrS4tAvfQ6j0XrFrx1EEo4eh
|
||||
Vf1T9X0QEEAjcUUqEREBERAREQFDxXp4tAzqaPFXFCedvjzuTD5D7pCqaIi1ZMmK
|
||||
Oy0Th+YgKRDPLTteGXDZW214jn5rbjMtzHEDu6R9FTZhlOaeGOaIOdG21wTv4+N1
|
||||
GXbTHpxwSmMNKZXXBlNwOobvXwVJGgNaGtAAAsAOCKXRERAREQEREBERAREQEREB
|
||||
ERARFjq8Tp6a7c20kHyt4dp4IJuNRGCuZUNPx69hFv0XrEi2ooI5mbgQexZ5qirx
|
||||
NxaG+7zXDbCzfqvLHPptrSz6NeNOQPApLOnLPq9h8m1oIXcctj9NFoUnAJrxSQk6
|
||||
tOYdhVZHRERAREQEREHmWQRRPkduaCVDwlpfLLO7UnS/WdStWOVOSBsDT0pNT2L3
|
||||
Rw7CmYw/Fvd2qsZynLp3XOeZsETpH7h4r9mmZBGXyOsPNQqyqfVPzEERg2aFVuky
|
||||
ba8MhfWV5qZAcjDmvwvwH75K+peG19G2FsIGwI/MdCed/wDZVFm0EREBERAREQER
|
||||
EBERAREQEREBERBLxqrmp2xsiJYHg3d6Dv8AJTKFlK515368GnQd6+mexsjS17Q5
|
||||
p3gi4Uyvwqn2Ms0d43NaXWHw6a7lyzcdnDpG+IjLE5hA4NI0XOqpWVLLHRw3OWHC
|
||||
IrvfKdwGUKqvPfxvDWczlFp5ZMNrMz2X0sRzCv01dT1IGzkGb8p0KzyxMmblkaHD
|
||||
rWKXCmHWKQt6jqtJ5J9RcL8XUXzb5a2gIb7QbHcL5vAro3GqtgGdjHAi4JaRday7
|
||||
Q+gRQxj0nGBp7HL9/Hnf+OP8X6ILa8TzMp4nSSGzW+KiHG6l5DY4mAnQaElZaySt
|
||||
laDVNkDQdMzMoug7059rq31dQQ1jTpc6dQXeoxWNnRhGd3PcFmpsOM0bXulGU7g3
|
||||
VUIKOGDVjLu/MdSpvlmPEdnjt7YY6SorHiSpcWt4A7/oOCpMiYyPZtaAzkva8yZt
|
||||
m7J8Vja/NYZZXK8tZjIxVOGRvBdD0HcuBXOhr5aKXYVWYx7tdSzs6lnZV1ssgiY8
|
||||
l5NgA0LRHhFXO7NUPDOBzHMf39VtjMp2zysvS+0hzQ5pBBFwRxReYoxFEyNtyGND
|
||||
RfqXpWkREQEREBERAREQEREBERAREQFyqwXUc7WgkmNwAHHRdUQfNQe3U7C2Onks
|
||||
TfWMrxNVVrXZZS+MnUAtyr6hQccOXEIiRcBgPiVz1nbu63xZtkzafHYX7Vmq65lO
|
||||
C1tnScuXasjqypq37KnYRf8ALqe/gtlDgwaRJVWc69wwG4+vP971lj4/tXc/0zUF
|
||||
DJXy+0VBOyv/AIuodS+gaA1oa0AACwA4Ii2ZiIiAuNXTNq6d0Tja+oNr2K7Ig+co
|
||||
53Uc7qecFovrf5T9lWXnEsO9sAexwbK0W13EKVBWS0bzBOwkNNrcQss8N8xeOWuK
|
||||
711dJBUBkeWwFzcb1+x4rER7xjmnq1C40QNbizZCDlac+nADd42ViTDaOR13QNBt
|
||||
bo3b5Ls8c1ye12kUL2yY217PhcXEf4SvoVkpsNp6WZ0sYJcd2Y3y9i1rSIEREBER
|
||||
AREQEREBERAREQEREBERAREQFzlginAEsbX2Nxcbl0RB5jjjibljY1gvezRZekRA
|
||||
REQEREBERAXOenhqW5Zow8cL7x9V0RByp6WGlaRDGGhxudb3XVEQEREBERAREQER
|
||||
EBERAREQEREBERAREQEREBERAREQEREBERAREQEREBERAREQEREBERAREQEREBER
|
||||
AREQEREBERAREQEREBERAREQEREBERAREQEREBERAREQEREBERAREQf/2YhgBBMR
|
||||
AgAgBQJMCX7tAhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4AACgkQvLfPh359R6dA
|
||||
rgCgm6oaTjZw81cHYJCDbRqmgvPnVwUAmgORBOiTA8uJEZjLnW4nCuwr5hPiiEYE
|
||||
EBECAAYFAkwJf6IACgkQUjSEXfK5IPUN9ACeIxFILNIr1mgEVvssa9hPiS4rytMA
|
||||
oMCEApLI1XtbOqg/CkaB1lj/Fqq0iF4EEBEIAAYFAkwJhYAACgkQIr13u1gr1/DP
|
||||
NwD/fBDFJ9RDH/0OnfX7TQtMajowS07v8ZhMZGS8RiG0wxUBAMpk4sBenTzlKVG3
|
||||
7+1hts8o+2910W8DnrfsUKZTMKP6
|
||||
=JkKR
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
@ -6,5 +6,4 @@ first-lba: 34
|
||||
last-lba: 30785502
|
||||
|
||||
/dev/mmcblk2p1 : start= 20480, size= 65536, type=FE3A2A5D-4F32-41A7-B725-ACCC3285A309, uuid=89B31CDB-1147-5241-8271-C1ADBB9BBB44, name="Kernel", attrs="GUID:49,51,52,54,56"
|
||||
/dev/mmcblk2p2 : start= 86016, size= 976562, name="Boot"
|
||||
/dev/mmcblk2p3 : start= 1062578, size= 29722924, type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, uuid=63DB8E49-63C4-984E-90A0-8AC3222C4771, name="Root"
|
||||
/dev/mmcblk2p2 : start= 86016, size= 30699486, type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, uuid=63DB8E49-63C4-984E-90A0-8AC3222C4771, name="Root"
|
||||
|
||||
@ -1,4 +1,3 @@
|
||||
|
||||
label: gpt
|
||||
label-id: EBA5A923-2F33-7C4E-AC9A-1555FD600D19
|
||||
device: /dev/mmcblk2
|
||||
@ -7,5 +6,4 @@ first-lba: 34
|
||||
last-lba: 30777310
|
||||
|
||||
/dev/mmcblk2p1 : start= 20480, size= 65536, type=FE3A2A5D-4F32-41A7-B725-ACCC3285A309, uuid=89B31CDB-1147-5241-8271-C1ADBB9BBB44, name="Kernel", attrs="GUID:49,51,52,54,56"
|
||||
/dev/mmcblk2p2 : start= 86016, size= 976562, name="Boot"
|
||||
/dev/mmcblk2p3 : start= 1062578, size= 29714732, type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, uuid=63DB8E49-63C4-984E-90A0-8AC3222C4771, name="Root"
|
||||
/dev/mmcblk2p2 : start= 86016, size= 30691294, type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, uuid=63DB8E49-63C4-984E-90A0-8AC3222C4771, name="Root"
|
||||
|
||||
@ -39,12 +39,13 @@ then
|
||||
sgdisk -N 2 /dev/sda
|
||||
#Set the type to "data"
|
||||
sgdisk -t 2:0700 /dev/sda
|
||||
#Name is "properly" - Probably not required, but looks nice
|
||||
#Name it "properly" - Probably not required, but looks nice
|
||||
sgdisk -c 2:Root /dev/sda
|
||||
#Reload the partition mapping
|
||||
partprobe /dev/sda
|
||||
#Force the filesystem to fill the new partition
|
||||
resize2fs -f /dev/sda2
|
||||
echo "/dev/sda2 / ext4 defaults,noatime 0 1" > /etc/fstab
|
||||
fi
|
||||
|
||||
if [ "$TARGET" = "SD" ]
|
||||
@ -56,10 +57,11 @@ then
|
||||
sgdisk -N 2 /dev/mmcblk0
|
||||
#Set the type to "data"
|
||||
sgdisk -t 2:0700 /dev/mmcblk0
|
||||
#Name is "properly" - Probably not required, but looks nice
|
||||
#Name it "properly" - Probably not required, but looks nice
|
||||
sgdisk -c 2:Root /dev/mmcblk0
|
||||
#Reload the partition mapping
|
||||
partprobe /dev/mmcblk0
|
||||
#Force the filesystem to fill the new partition
|
||||
resize2fs -f /dev/mmcblk0p2
|
||||
echo "/dev/mmcblk1p2 / ext4 defaults,noatime 0 1" > /etc/fstab
|
||||
fi
|
||||
|
||||
@ -21,7 +21,7 @@
|
||||
|
||||
RESOURCES=/InstallResources
|
||||
# Grab the boot device, which is either /dev/sda for usb or /dev/mmcblk0 for an sd card
|
||||
BOOT_DEVICE=$(mount | head -n 1 | cut -d '3' -f 1)
|
||||
BOOT_DEVICE=$(mount | head -n 1 | cut -d '2' -f 1)
|
||||
|
||||
echo "--------------------------------------------------------------------------------------------------------"
|
||||
echo "PrawnOS Install To Internal Emmc Script"
|
||||
@ -36,7 +36,6 @@ then
|
||||
dmesg -D
|
||||
umount /dev/mmcblk2p1 || /bin/true
|
||||
umount /dev/mmcblk2p2 || /bin/true
|
||||
umount /dev/mmcblk2p3 || /bin/true
|
||||
|
||||
echo Writing partition map
|
||||
DISK_SZ="$(blockdev --getsz /dev/mmcblk2)"
|
||||
@ -73,15 +72,9 @@ then
|
||||
dd if=/dev/zero of=/dev/mmcblk2p1 bs=512 count=65536
|
||||
dd if="$BOOT_DEVICE"1 of=/dev/mmcblk2p1
|
||||
|
||||
BOOT_DEV_NAME=mmcblk2p2
|
||||
ROOT_DEV_NAME=mmcblk2p3
|
||||
ROOT_DEV_NAME=mmcblk2p2
|
||||
CRYPTO=false
|
||||
|
||||
#ready /boot
|
||||
mkfs.ext4 -F -b 1024 /dev/$BOOT_DEV_NAME
|
||||
mkdir -p /mnt/boot
|
||||
mount /dev/$BOOT_DEV_NAME /mnt/boot
|
||||
|
||||
#Handle full disk encryption
|
||||
echo "Would you like to setup full disk encrytion using LUKs/DmCrypt?"
|
||||
select yn in "Yes" "No"
|
||||
@ -96,8 +89,6 @@ then
|
||||
echo "Now unlock the newly created encrypted root partition so we can mount it and install the filesystem"
|
||||
cryptsetup luksOpen /dev/$ROOT_DEV_NAME luksroot || exit 1
|
||||
ROOT_DEV_NAME=mapper/luksroot
|
||||
#set the root encryption flag
|
||||
touch /mnt/boot/root_encryption
|
||||
break
|
||||
;;
|
||||
No,*|*,No )
|
||||
@ -120,7 +111,7 @@ then
|
||||
then
|
||||
echo "/dev/mapper/luksroot / ext4 defaults,noatime 0 1" > /mnt/mmc/etc/fstab
|
||||
else
|
||||
echo "/dev/mmcblk2p3 / ext4 defaults,noatime 0 1" > /mnt/mmc/etc/fstab
|
||||
echo "/dev/mmcblk2p2 / ext4 defaults,noatime 0 1" > /mnt/mmc/etc/fstab
|
||||
fi
|
||||
umount /dev/$ROOT_DEV_NAME
|
||||
echo Running fsck
|
||||
|
||||
@ -30,6 +30,7 @@ echo
|
||||
if [[ $REPLY =~ ^[Yy]$ ]]
|
||||
then
|
||||
echo Writing kernel partition
|
||||
dd if=/dev/zero of=/dev/mmcblk2p1 bs=512 count=65536
|
||||
dd if="$BOOT_DEVICE"1 of=/dev/mmcblk2p1
|
||||
echo You can now reboot
|
||||
fi
|
||||
|
||||
@ -67,27 +67,18 @@ create_image() {
|
||||
cgpt create $1
|
||||
kernel_start=8192
|
||||
kernel_size=65536
|
||||
boot_size=409600 # 200 MB
|
||||
cgpt add -i 1 -t kernel -b $kernel_start -s $kernel_size -l Kernel -S 1 -T 5 -P 10 $1
|
||||
#create the initramfs partiton, aka /boot
|
||||
boot_start=$(($kernel_start + $kernel_size))
|
||||
cgpt add -i 2 -t data -b $boot_start -s $boot_size -l Boot $1
|
||||
#Now the main filesystem
|
||||
root_start=$(($boot_start + $boot_size))
|
||||
root_start=$(($kernel_start + $kernel_size))
|
||||
end=`cgpt show $1 | grep 'Sec GPT table' | awk '{print $1}'`
|
||||
root_size=$(($end - $root_start))
|
||||
cgpt add -i 3 -t data -b $root_start -s $root_size -l Root $1
|
||||
# $size is in 512 byte blocks while ext4 uses a block size of 1024 bytes
|
||||
cgpt add -i 2 -t data -b $root_start -s $root_size -l Root $1
|
||||
# $root_size is in 512 byte blocks while ext4 uses a block size of 1024 bytes
|
||||
losetup -P $2 $1
|
||||
mkfs.ext4 -F -b 1024 -m 0 ${2}p2 $(($boot_size / 2))
|
||||
mkfs.ext4 -F -b 1024 -m 0 ${2}p3 $(($root_size / 2))
|
||||
mkfs.ext4 -F -b 1024 ${2}p2 $(($root_size / 2))
|
||||
|
||||
# mount the / partition
|
||||
mount -o noatime ${2}p3 $5
|
||||
|
||||
# mount the /boot partiton
|
||||
mkdir -p $5/boot
|
||||
mount -o noatime ${2}p2 $5/boot
|
||||
mount -o noatime ${2}p2 $5
|
||||
}
|
||||
|
||||
# use buster if no suite is specified
|
||||
|
||||
@ -54,9 +54,7 @@ trap cleanup INT TERM EXIT
|
||||
|
||||
losetup -P $outdev $ROOT_DIR/PrawnOS-*-c201-libre-2GB.img-BASE
|
||||
#mount the root filesystem
|
||||
mount -o noatime ${outdev}p3 $outmnt
|
||||
#mount the initramfs partition
|
||||
mount -o noatime ${outdev}p2 $outmnt/boot
|
||||
mount -o noatime ${outdev}p2 $outmnt
|
||||
|
||||
#make a skeleton filesystem
|
||||
initramfs_src=$outmnt/InstallResources/initramfs_src
|
||||
|
||||
@ -44,6 +44,12 @@ cd ..
|
||||
|
||||
# build Linux-libre, with ath9k_htc
|
||||
[ ! -f linux-libre-$KVER-gnu.tar.lz ] && wget https://www.linux-libre.fsfla.org/pub/linux-libre/releases/$KVER-gnu/linux-libre-$KVER-gnu.tar.lz
|
||||
[ ! -f linux-libre-$KVER-gnu.tar.lz.sign ] && wget https://www.linux-libre.fsfla.org/pub/linux-libre/releases/$KVER-gnu/linux-libre-$KVER-gnu.tar.lz.sign
|
||||
|
||||
#verify the signature
|
||||
gpg --import $RESOURCES/linux-libre-signing-key.gpg
|
||||
gpg --verify linux-libre-$KVER-gnu.tar.lz.sign linux-libre-$KVER-gnu.tar.lz
|
||||
|
||||
[ ! -d linux-$KVER ] && tar --lzip -xvf linux-libre-$KVER-gnu.tar.lz && FRESH=true
|
||||
cd linux-$KVER
|
||||
make clean
|
||||
|
||||
@ -54,9 +54,7 @@ trap cleanup INT TERM EXIT
|
||||
|
||||
losetup -P $outdev $2
|
||||
#mount the root filesystem
|
||||
mount -o noatime ${outdev}p3 $outmnt
|
||||
#mount the initramfs partition
|
||||
# mount -o noatime ${outdev}p2 $outmnt/boot
|
||||
mount -o noatime ${outdev}p2 $outmnt
|
||||
|
||||
# put the kernel in the kernel partition, modules in /lib/modules and AR9271
|
||||
# firmware in /lib/firmware
|
||||
|
||||
Loading…
Reference in New Issue
Block a user