Detect encrypted volumes using blkid instead of another partition
This commit is contained in:
tslil clingman
parent
677742a76b
commit
c57507aff4
@ -21,8 +21,7 @@ echo In PrawnOS Init
|
||||
|
||||
#add this to start shell at desired point
|
||||
rescue_shell() {
|
||||
[ "{$1}" != "debug" ] && echo "Something went wrong. Dropping to a shell." > /dev/tty1
|
||||
[ "{$1}" == "debug" ] && echo "Debug flag detected, entering debug shell" > /dev/tty1
|
||||
echo "Something went wrong. Dropping to a shell." > /dev/tty1
|
||||
exec setsid /bin/sh -c 'exec /bin/sh </dev/tty1 >/dev/tty1 2>&1'
|
||||
}
|
||||
|
||||
@ -44,7 +43,7 @@ rootpartuuid() {
|
||||
[ "${value}" != "" ] && echo "${value}"
|
||||
}
|
||||
|
||||
# mount the bare necesities
|
||||
# mount the bare necesities
|
||||
mount -n -t proc proc /proc
|
||||
mount -n -t sysfs sysfs /sys
|
||||
mount -n -t devtmpfs devtmpfs /dev
|
||||
@ -65,28 +64,20 @@ echo ${ROOT_DEV} > /dev/tty1
|
||||
# the next boot stage
|
||||
CMDLINE='cat /proc/cmdline'
|
||||
|
||||
[ -d "/boot" ] || mkdir -p /boot
|
||||
mount ${ROOT_DEV}2 /boot
|
||||
|
||||
#Debugging can be facilitated by creating /boot/debug
|
||||
[ -f "/boot/debug" ] && rescue_shell debug
|
||||
|
||||
if [ -f "/boot/root_encryption" ]
|
||||
if [ -n "$(blkid ${ROOT_DEV}2 | grep crypto_LUKS)" ]
|
||||
then
|
||||
#decrypt and mount the root filesystem
|
||||
echo "Opening encrypted root partition, this will take 30s..."
|
||||
cryptsetup --tries 5 luksOpen ${ROOT_DEV}3 luksroot || rescue_shell debug
|
||||
cryptsetup --tries 5 luksOpen ${ROOT_DEV}2 luksroot || rescue_shell
|
||||
mount /dev/mapper/luksroot /newroot
|
||||
else
|
||||
# mount the unencrypted root filesystem
|
||||
[ -d "/newroot" ] || mkdir -p /newroot
|
||||
mount ${ROOT_DEV}3 /newroot
|
||||
mount ${ROOT_DEV}2 /newroot
|
||||
fi
|
||||
|
||||
umount /sys
|
||||
umount /proc
|
||||
|
||||
|
||||
|
||||
#swith to the new rootfs
|
||||
exec switch_root /newroot /sbin/init ${CMDLINE}
|
||||
|
||||
@ -6,5 +6,4 @@ first-lba: 34
|
||||
last-lba: 30785502
|
||||
|
||||
/dev/mmcblk2p1 : start= 20480, size= 65536, type=FE3A2A5D-4F32-41A7-B725-ACCC3285A309, uuid=89B31CDB-1147-5241-8271-C1ADBB9BBB44, name="Kernel", attrs="GUID:49,51,52,54,56"
|
||||
/dev/mmcblk2p2 : start= 86016, size= 976562, name="Boot"
|
||||
/dev/mmcblk2p3 : start= 1062578, size= 29722924, type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, uuid=63DB8E49-63C4-984E-90A0-8AC3222C4771, name="Root"
|
||||
/dev/mmcblk2p2 : start= 86016, size= 30699486, type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, uuid=63DB8E49-63C4-984E-90A0-8AC3222C4771, name="Root"
|
||||
|
||||
@ -1,4 +1,3 @@
|
||||
|
||||
label: gpt
|
||||
label-id: EBA5A923-2F33-7C4E-AC9A-1555FD600D19
|
||||
device: /dev/mmcblk2
|
||||
@ -7,5 +6,4 @@ first-lba: 34
|
||||
last-lba: 30777310
|
||||
|
||||
/dev/mmcblk2p1 : start= 20480, size= 65536, type=FE3A2A5D-4F32-41A7-B725-ACCC3285A309, uuid=89B31CDB-1147-5241-8271-C1ADBB9BBB44, name="Kernel", attrs="GUID:49,51,52,54,56"
|
||||
/dev/mmcblk2p2 : start= 86016, size= 976562, name="Boot"
|
||||
/dev/mmcblk2p3 : start= 1062578, size= 29714732, type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, uuid=63DB8E49-63C4-984E-90A0-8AC3222C4771, name="Root"
|
||||
/dev/mmcblk2p3 : start= 86016, size= 30699486, type=EBD0A0A2-B9E5-4433-87C0-68B6B72699C7, uuid=63DB8E49-63C4-984E-90A0-8AC3222C4771, name="Root"
|
||||
|
||||
@ -36,7 +36,6 @@ then
|
||||
dmesg -D
|
||||
umount /dev/mmcblk2p1 || /bin/true
|
||||
umount /dev/mmcblk2p2 || /bin/true
|
||||
umount /dev/mmcblk2p3 || /bin/true
|
||||
|
||||
echo Writing partition map
|
||||
DISK_SZ="$(blockdev --getsz /dev/mmcblk2)"
|
||||
@ -73,15 +72,9 @@ then
|
||||
dd if=/dev/zero of=/dev/mmcblk2p1 bs=512 count=65536
|
||||
dd if="$BOOT_DEVICE"1 of=/dev/mmcblk2p1
|
||||
|
||||
BOOT_DEV_NAME=mmcblk2p2
|
||||
ROOT_DEV_NAME=mmcblk2p3
|
||||
ROOT_DEV_NAME=mmcblk2p2
|
||||
CRYPTO=false
|
||||
|
||||
#ready /boot
|
||||
mkfs.ext4 -F -b 1024 /dev/$BOOT_DEV_NAME
|
||||
mkdir -p /mnt/boot
|
||||
mount /dev/$BOOT_DEV_NAME /mnt/boot
|
||||
|
||||
#Handle full disk encryption
|
||||
echo "Would you like to setup full disk encrytion using LUKs/DmCrypt?"
|
||||
select yn in "Yes" "No"
|
||||
@ -96,8 +89,6 @@ then
|
||||
echo "Now unlock the newly created encrypted root partition so we can mount it and install the filesystem"
|
||||
cryptsetup luksOpen /dev/$ROOT_DEV_NAME luksroot || exit 1
|
||||
ROOT_DEV_NAME=mapper/luksroot
|
||||
#set the root encryption flag
|
||||
touch /mnt/boot/root_encryption
|
||||
break
|
||||
;;
|
||||
No,*|*,No )
|
||||
@ -120,7 +111,7 @@ then
|
||||
then
|
||||
echo "/dev/mapper/luksroot / ext4 defaults,noatime 0 1" > /mnt/mmc/etc/fstab
|
||||
else
|
||||
echo "/dev/mmcblk2p3 / ext4 defaults,noatime 0 1" > /mnt/mmc/etc/fstab
|
||||
echo "/dev/mmcblk2p2 / ext4 defaults,noatime 0 1" > /mnt/mmc/etc/fstab
|
||||
fi
|
||||
umount /dev/$ROOT_DEV_NAME
|
||||
echo Running fsck
|
||||
|
||||
@ -43,7 +43,7 @@ install_resources=resources/InstallResources
|
||||
build_resources=resources/BuildResources
|
||||
|
||||
#A hacky way to ensure the loops are properly unmounted and the temp files are properly deleted.
|
||||
#Without this, a reboot is sometimes required to properly clean the loop devices and ensure a clean build
|
||||
#Without this, a reboot is sometimes required to properly clean the loop devices and ensure a clean build
|
||||
cleanup() {
|
||||
set +e
|
||||
|
||||
@ -67,27 +67,18 @@ create_image() {
|
||||
cgpt create $1
|
||||
kernel_start=8192
|
||||
kernel_size=65536
|
||||
boot_size=409600 # 200 MB
|
||||
cgpt add -i 1 -t kernel -b $kernel_start -s $kernel_size -l Kernel -S 1 -T 5 -P 10 $1
|
||||
#create the initramfs partiton, aka /boot
|
||||
boot_start=$(($kernel_start + $kernel_size))
|
||||
cgpt add -i 2 -t data -b $boot_start -s $boot_size -l Boot $1
|
||||
#Now the main filesystem
|
||||
root_start=$(($boot_start + $boot_size))
|
||||
root_start=$(($kernel_start + $kernel_size))
|
||||
end=`cgpt show $1 | grep 'Sec GPT table' | awk '{print $1}'`
|
||||
root_size=$(($end - $root_start))
|
||||
cgpt add -i 3 -t data -b $root_start -s $root_size -l Root $1
|
||||
# $size is in 512 byte blocks while ext4 uses a block size of 1024 bytes
|
||||
losetup -P $2 $1
|
||||
mkfs.ext4 -F -b 1024 -m 0 ${2}p2 $(($boot_size / 2))
|
||||
mkfs.ext4 -F -b 1024 -m 0 ${2}p3 $(($root_size / 2))
|
||||
mkfs.ext4 -F -b 1024 -m 0 ${2}p2 $(($root_size / 2))
|
||||
|
||||
# mount the / partition
|
||||
mount -o noatime ${2}p3 $5
|
||||
|
||||
# mount the /boot partiton
|
||||
mkdir -p $5/boot
|
||||
mount -o noatime ${2}p2 $5/boot
|
||||
mount -o noatime ${2}p2 $5
|
||||
}
|
||||
|
||||
# use buster if no suite is specified
|
||||
|
||||
@ -33,7 +33,7 @@ outdev=/dev/loop7
|
||||
build_resources=resources/BuildResources
|
||||
|
||||
#A hacky way to ensure the loops are properly unmounted and the temp files are properly deleted.
|
||||
#Without this, a reboot is sometimes required to properly clean the loop devices and ensure a clean build
|
||||
#Without this, a reboot is sometimes required to properly clean the loop devices and ensure a clean build
|
||||
cleanup() {
|
||||
set +e
|
||||
|
||||
@ -54,9 +54,7 @@ trap cleanup INT TERM EXIT
|
||||
|
||||
losetup -P $outdev $2
|
||||
#mount the root filesystem
|
||||
mount -o noatime ${outdev}p3 $outmnt
|
||||
#mount the initramfs partition
|
||||
# mount -o noatime ${outdev}p2 $outmnt/boot
|
||||
mount -o noatime ${outdev}p2 $outmnt
|
||||
|
||||
# put the kernel in the kernel partition, modules in /lib/modules and AR9271
|
||||
# firmware in /lib/firmware
|
||||
|
||||
Loading…
Reference in New Issue
Block a user