g/PrawnOS-nonfree
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make crypto setup more user friendly, see comment in #121

Browse Source 
Make confirmation hit correct, fixes #113
This commit is contained in:
Hal Emmerich 2019-10-08 23:56:07 -05:00
parent 4a816f1234
commit 5907bcec22
1 changed files with 35 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
scripts/InstallScripts/InstallToInternal.sh
View File

@ -28,7 +28,7 @@ echo "PrawnOS Install To Internal Emmc Script"
echo "Sets up the internal emmc partitions, root encryption, and copies the filesystem from the bootable media" echo "Sets up the internal emmc partitions, root encryption, and copies the filesystem from the bootable media"
echo "This script can be quit and re-ran at any point" echo "This script can be quit and re-ran at any point"
echo "--------------------------------------------------------------------------------------------------------" echo "--------------------------------------------------------------------------------------------------------"
read -p "This will ERASE ALL DATA ON THE INTERNAL STORAGE (EMMC) and reboot when finished, do you want to continue? [Y/n]" -n 1 -r read -p "This will ERASE ALL DATA ON THE INTERNAL STORAGE (EMMC) and reboot when finished, do you want to continue? [y/N]" -n 1 -r
echo echo
if [[ $REPLY =~ ^[Yy]$ ]] if [[ $REPLY =~ ^[Yy]$ ]]
then then
@ -53,14 +53,19 @@ then
else else
echo ERROR! Not a known EMMC type, please open an issue on github or send SolidHal an email with the Total disk size reported above echo ERROR! Not a known EMMC type, please open an issue on github or send SolidHal an email with the Total disk size reported above
echo Try a fallback value? This will allow installation to continue, at the cost of a very small amoutnt of disk space. This may not work. echo Try a fallback value? This will allow installation to continue, at the cost of a very small amoutnt of disk space. This may not work.
read -p "[Y/n]" -n 1 -r select yn in "Yes" "No"
if [[ $REPLY =~ ^[Yy]$ ]] do
then case $yn,$REPLY in
echo Trying Emmc Type 2 Yes,*|*,Yes )
sfdisk /dev/mmcblk2 < $RESOURCES/mmc_type2.partmap echo Trying Emmc Type 2
else sfdisk /dev/mmcblk2 < $RESOURCES/mmc_type2.partmap
exit break
fi ;;
* )
echo "Invalid Option, please enter Yes or No, 1 or 2"
;;
esac
done
fi fi
dmesg -E dmesg -E
@ -78,18 +83,27 @@ then
mount /dev/$BOOT_DEV_NAME /mnt/boot mount /dev/$BOOT_DEV_NAME /mnt/boot
#Handle full disk encryption #Handle full disk encryption
read -p "Would you like to setup full disk encrytion using LUKs/DmCrypt? [Y/n]" -n 1 -r echo "Would you like to setup full disk encrytion using LUKs/DmCrypt?"
if [[ $REPLY =~ ^[Yy]$ ]] select yn in "Yes" "No"
then do
CRYPTO=true case $yn,$REPLY in
# Since iteration count is based on cpu power, and the rk3288 isn't as fast as a usual Yes,*|*,Yes )
# desktop cpu, maually supply -i 15000 for security at the cost of a slightly slower unlock CRYPTO=true
cryptsetup -s 512 luksFormat -i 15000 /dev/$ROOT_DEV_NAME # Since iteration count is based on cpu power, and the rk3288 isn't as fast as a usual
cryptsetup luksOpen /dev/$ROOT_DEV_NAME luksroot # desktop cpu, manually supply -i 15000 for security at the cost of a slightly slower unlock
ROOT_DEV_NAME=mapper/luksroot cryptsetup -q -y -s 512 luksFormat -i 15000 /dev/$ROOT_DEV_NAME
#set the root encryption flag echo "Now unlock the newly created encrypted partition so we can mount it and install the filesystem"
touch /mnt/boot/root_encryption cryptsetup luksOpen /dev/$ROOT_DEV_NAME luksroot || exit 1
fi ROOT_DEV_NAME=mapper/luksroot
#set the root encryption flag
touch /mnt/boot/root_encryption
break
;;
* )
echo "Invalid Option, please enter Yes or No, 1 or 2"
;;
esac
done
echo Writing Filesystem, this will take about 4 minutes... echo Writing Filesystem, this will take about 4 minutes...
mkfs.ext4 -F -b 1024 /dev/$ROOT_DEV_NAME mkfs.ext4 -F -b 1024 /dev/$ROOT_DEV_NAME