diff options
author | V3n3RiX <venerix@rogentos.ro> | 2016-10-20 16:28:14 +0100 |
---|---|---|
committer | V3n3RiX <venerix@rogentos.ro> | 2016-10-20 16:28:14 +0100 |
commit | 67ca8315ade73be94fef0ae901574b2d9057c7b2 (patch) | |
tree | ec43114cf97f1e550a7174ba817c463ea87b16c0 /app-admin | |
parent | 4733b3b9aa80f3bfc71887f717c06b36229fba28 (diff) |
enable luks unlocking of /root, swap and home
Diffstat (limited to 'app-admin')
-rw-r--r-- | app-admin/calamares/calamares-2.4.2-r4.ebuild (renamed from app-admin/calamares/calamares-2.4.2-r3.ebuild) | 4 | ||||
-rw-r--r-- | app-admin/calamares/files/calamares-2.4.2-grubcfg-luks-unlock.patch | 78 |
2 files changed, 81 insertions, 1 deletions
diff --git a/app-admin/calamares/calamares-2.4.2-r3.ebuild b/app-admin/calamares/calamares-2.4.2-r4.ebuild index d4cba4e5..5591da27 100644 --- a/app-admin/calamares/calamares-2.4.2-r3.ebuild +++ b/app-admin/calamares/calamares-2.4.2-r4.ebuild @@ -51,8 +51,10 @@ RDEPEND=">=app-misc/calamares-runtime-3.1[branding]" src_prepare() { # patch dracut module to be called the way we want it, until the module becomes configurable epatch ${FILESDIR}/${P}-dracut-kogaion.patch - # calamares dracut luks patch + # calamares dracut enable luks encryption epatch ${FILESDIR}/${P}-dracut-luks-fde.patch + # calamares grubcfg enable luks unlock + epatch ${FILESDIR}/${P}-grubcfg-luks-unlock.patch # replace calamares installer desktop icon sed -i "s/Icon=calamares/Icon=start-here/g" "${S}/calamares.desktop" # fix installer doesn't start from desktop launcher (IMPROVE THIS UGLY THINGY) diff --git a/app-admin/calamares/files/calamares-2.4.2-grubcfg-luks-unlock.patch b/app-admin/calamares/files/calamares-2.4.2-grubcfg-luks-unlock.patch new file mode 100644 index 00000000..83e4ad4d --- /dev/null +++ b/app-admin/calamares/files/calamares-2.4.2-grubcfg-luks-unlock.patch @@ -0,0 +1,78 @@ +diff -Nur a/src/modules/grubcfg/main.py b/src/modules/grubcfg/main.py +--- a/src/modules/grubcfg/main.py 2016-10-14 15:11:26.000000000 +0100 ++++ b/src/modules/grubcfg/main.py 2016-10-20 16:19:17.574463144 +0100 +@@ -36,8 +36,11 @@ + default_grub = os.path.join(default_dir, "grub") + distributor_replace = distributor.replace("'", "'\\''") + plymouth_bin = libcalamares.utils.target_env_call(["sh", "-c", "which plymouth"]) ++ dracut_bin = libcalamares.utils.target_env_call(["sh", "-c", "which plymouth"]) + use_splash = "" + swap_uuid = "" ++ swap_outer_uuid = "" ++ home_outer_uuid = "" + + libcalamares.utils.debug("which plymouth exit code: {!s}".format(plymouth_bin)) + +@@ -46,27 +49,48 @@ + + cryptdevice_params = [] + +- for partition in partitions: +- if partition["fs"] == "linuxswap": +- swap_uuid = partition["uuid"] +- +- if partition["mountPoint"] == "/" and "luksMapperName" in partition: +- cryptdevice_params = [ +- "cryptdevice=UUID={!s}:{!s}".format(partition["luksUuid"], +- partition["luksMapperName"]), +- "root=/dev/mapper/{!s}".format(partition["luksMapperName"]) +- ] +- +- kernel_params = ["quiet"] ++ if dracut_bin == "0": ++ for partition in partitions: ++ if partition["fs"] == "linuxswap": ++ swap_uuid = partition["uuid"] ++ ++ if partition["fs"] == "linuxswap" and "luksMapperName" in partition: ++ swap_outer_uuid = partition["luksUuid"] ++ ++ if partition["mountPoint"] == "/home" and "luksMapperName" in partition: ++ home_outer_uuid = partition["luksUuid"] ++ ++ if partition["mountPoint"] == "/" and "luksMapperName" in partition: ++ cryptdevice_params = ["rd.luks.uuid={!s}".format(partition["luksUuid"])] ++ ++ else: ++ for partition in partitions: ++ if partition["fs"] == "linuxswap": ++ swap_uuid = partition["uuid"] ++ ++ if partition["mountPoint"] == "/" and "luksMapperName" in partition: ++ cryptdevice_params = [ ++ "cryptdevice=UUID={!s}:{!s}".format(partition["luksUuid"], ++ partition["luksMapperName"]), ++ "root=/dev/mapper/{!s}".format(partition["luksMapperName"]) ++ ] + + if cryptdevice_params: + kernel_params.extend(cryptdevice_params) + ++ if swap_uuid: ++ kernel_params.append("resume=UUID={!s}".format(swap_uuid)) ++ ++ if swap_outer_uuid: ++ kernel_params.append("rd.luks.uuid={!s}".format(swap_outer_uuid)) ++ ++ if home_outer_uuid: ++ kernel_params.append("rd.luks.uuid={!s}".format(home_outer_uuid)) ++ + if use_splash: + kernel_params.append(use_splash) + +- if swap_uuid: +- kernel_params.append("resume=UUID={!s}".format(swap_uuid)) ++ kernel_params = ["quiet"] + + distributor_line = "GRUB_DISTRIBUTOR=\"{!s}\"".format(distributor_replace) + |