Make crypto setup more user friendly, see comment in #121
Make confirmation hit correct, fixes #113
This commit is contained in:
parent
4a816f1234
commit
5907bcec22
@ -28,7 +28,7 @@ echo "PrawnOS Install To Internal Emmc Script"
|
||||
echo "Sets up the internal emmc partitions, root encryption, and copies the filesystem from the bootable media"
|
||||
echo "This script can be quit and re-ran at any point"
|
||||
echo "--------------------------------------------------------------------------------------------------------"
|
||||
read -p "This will ERASE ALL DATA ON THE INTERNAL STORAGE (EMMC) and reboot when finished, do you want to continue? [Y/n]" -n 1 -r
|
||||
read -p "This will ERASE ALL DATA ON THE INTERNAL STORAGE (EMMC) and reboot when finished, do you want to continue? [y/N]" -n 1 -r
|
||||
echo
|
||||
if [[ $REPLY =~ ^[Yy]$ ]]
|
||||
then
|
||||
@ -53,14 +53,19 @@ then
|
||||
else
|
||||
echo ERROR! Not a known EMMC type, please open an issue on github or send SolidHal an email with the Total disk size reported above
|
||||
echo Try a fallback value? This will allow installation to continue, at the cost of a very small amoutnt of disk space. This may not work.
|
||||
read -p "[Y/n]" -n 1 -r
|
||||
if [[ $REPLY =~ ^[Yy]$ ]]
|
||||
then
|
||||
select yn in "Yes" "No"
|
||||
do
|
||||
case $yn,$REPLY in
|
||||
Yes,*|*,Yes )
|
||||
echo Trying Emmc Type 2
|
||||
sfdisk /dev/mmcblk2 < $RESOURCES/mmc_type2.partmap
|
||||
else
|
||||
exit
|
||||
fi
|
||||
break
|
||||
;;
|
||||
* )
|
||||
echo "Invalid Option, please enter Yes or No, 1 or 2"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
fi
|
||||
dmesg -E
|
||||
|
||||
@ -78,18 +83,27 @@ then
|
||||
mount /dev/$BOOT_DEV_NAME /mnt/boot
|
||||
|
||||
#Handle full disk encryption
|
||||
read -p "Would you like to setup full disk encrytion using LUKs/DmCrypt? [Y/n]" -n 1 -r
|
||||
if [[ $REPLY =~ ^[Yy]$ ]]
|
||||
then
|
||||
echo "Would you like to setup full disk encrytion using LUKs/DmCrypt?"
|
||||
select yn in "Yes" "No"
|
||||
do
|
||||
case $yn,$REPLY in
|
||||
Yes,*|*,Yes )
|
||||
CRYPTO=true
|
||||
# Since iteration count is based on cpu power, and the rk3288 isn't as fast as a usual
|
||||
# desktop cpu, maually supply -i 15000 for security at the cost of a slightly slower unlock
|
||||
cryptsetup -s 512 luksFormat -i 15000 /dev/$ROOT_DEV_NAME
|
||||
cryptsetup luksOpen /dev/$ROOT_DEV_NAME luksroot
|
||||
# desktop cpu, manually supply -i 15000 for security at the cost of a slightly slower unlock
|
||||
cryptsetup -q -y -s 512 luksFormat -i 15000 /dev/$ROOT_DEV_NAME
|
||||
echo "Now unlock the newly created encrypted partition so we can mount it and install the filesystem"
|
||||
cryptsetup luksOpen /dev/$ROOT_DEV_NAME luksroot || exit 1
|
||||
ROOT_DEV_NAME=mapper/luksroot
|
||||
#set the root encryption flag
|
||||
touch /mnt/boot/root_encryption
|
||||
fi
|
||||
break
|
||||
;;
|
||||
* )
|
||||
echo "Invalid Option, please enter Yes or No, 1 or 2"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
echo Writing Filesystem, this will take about 4 minutes...
|
||||
mkfs.ext4 -F -b 1024 /dev/$ROOT_DEV_NAME
|
||||
|
Loading…
Reference in New Issue
Block a user