g/PrawnOS-nonfree
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make crypto setup more user friendly, see comment in #121

Browse Source 
Make confirmation hit correct, fixes #113
This commit is contained in:
Hal Emmerich 2019-10-08 23:56:07 -05:00
parent 4a816f1234
commit 5907bcec22
1 changed files with 35 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
scripts/InstallScripts/InstallToInternal.sh
View File

@ -28,7 +28,7 @@ echo "PrawnOS Install To Internal Emmc Script"
echo "Sets up the internal emmc partitions, root encryption, and copies the filesystem from the bootable media" echo "Sets up the internal emmc partitions, root encryption, and copies the filesystem from the bootable media"
echo "This script can be quit and re-ran at any point" echo "This script can be quit and re-ran at any point"
echo "--------------------------------------------------------------------------------------------------------" echo "--------------------------------------------------------------------------------------------------------"
read -p "This will ERASE ALL DATA ON THE INTERNAL STORAGE (EMMC) and reboot when finished, do you want to continue? [Y/n]" -n 1 -r read -p "This will ERASE ALL DATA ON THE INTERNAL STORAGE (EMMC) and reboot when finished, do you want to continue? [y/N]" -n 1 -r
echo echo
if [[ $REPLY =~ ^[Yy]$ ]] if [[ $REPLY =~ ^[Yy]$ ]]
then then
@ -53,14 +53,19 @@ then
else else
echo ERROR! Not a known EMMC type, please open an issue on github or send SolidHal an email with the Total disk size reported above echo ERROR! Not a known EMMC type, please open an issue on github or send SolidHal an email with the Total disk size reported above
echo Try a fallback value? This will allow installation to continue, at the cost of a very small amoutnt of disk space. This may not work. echo Try a fallback value? This will allow installation to continue, at the cost of a very small amoutnt of disk space. This may not work.
read -p "[Y/n]" -n 1 -r select yn in "Yes" "No"
if [[ $REPLY =~ ^[Yy]$ ]] do
then case $yn,$REPLY in
Yes,*|*,Yes )
echo Trying Emmc Type 2 echo Trying Emmc Type 2
sfdisk /dev/mmcblk2 < $RESOURCES/mmc_type2.partmap sfdisk /dev/mmcblk2 < $RESOURCES/mmc_type2.partmap
else break
exit ;;
fi * )
echo "Invalid Option, please enter Yes or No, 1 or 2"
;;
esac
done
fi fi
dmesg -E dmesg -E
@ -78,18 +83,27 @@ then
mount /dev/$BOOT_DEV_NAME /mnt/boot mount /dev/$BOOT_DEV_NAME /mnt/boot
#Handle full disk encryption #Handle full disk encryption
read -p "Would you like to setup full disk encrytion using LUKs/DmCrypt? [Y/n]" -n 1 -r echo "Would you like to setup full disk encrytion using LUKs/DmCrypt?"
if [[ $REPLY =~ ^[Yy]$ ]] select yn in "Yes" "No"
then do
case $yn,$REPLY in
Yes,*|*,Yes )
CRYPTO=true CRYPTO=true
# Since iteration count is based on cpu power, and the rk3288 isn't as fast as a usual # Since iteration count is based on cpu power, and the rk3288 isn't as fast as a usual
# desktop cpu, maually supply -i 15000 for security at the cost of a slightly slower unlock # desktop cpu, manually supply -i 15000 for security at the cost of a slightly slower unlock
cryptsetup -s 512 luksFormat -i 15000 /dev/$ROOT_DEV_NAME cryptsetup -q -y -s 512 luksFormat -i 15000 /dev/$ROOT_DEV_NAME
cryptsetup luksOpen /dev/$ROOT_DEV_NAME luksroot echo "Now unlock the newly created encrypted partition so we can mount it and install the filesystem"
cryptsetup luksOpen /dev/$ROOT_DEV_NAME luksroot || exit 1
ROOT_DEV_NAME=mapper/luksroot ROOT_DEV_NAME=mapper/luksroot
#set the root encryption flag #set the root encryption flag
touch /mnt/boot/root_encryption touch /mnt/boot/root_encryption
fi break
;;
* )
echo "Invalid Option, please enter Yes or No, 1 or 2"
;;
esac
done
echo Writing Filesystem, this will take about 4 minutes... echo Writing Filesystem, this will take about 4 minutes...
mkfs.ext4 -F -b 1024 /dev/$ROOT_DEV_NAME mkfs.ext4 -F -b 1024 /dev/$ROOT_DEV_NAME