summaryrefslogtreecommitdiff
path: root/app-admin
diff options
context:
space:
mode:
authorV3n3RiX <venerix@rogentos.ro>2016-10-20 16:28:14 +0100
committerV3n3RiX <venerix@rogentos.ro>2016-10-20 16:28:14 +0100
commit67ca8315ade73be94fef0ae901574b2d9057c7b2 (patch)
treeec43114cf97f1e550a7174ba817c463ea87b16c0 /app-admin
parent4733b3b9aa80f3bfc71887f717c06b36229fba28 (diff)
enable luks unlocking of /root, swap and home
Diffstat (limited to 'app-admin')
-rw-r--r--app-admin/calamares/calamares-2.4.2-r4.ebuild (renamed from app-admin/calamares/calamares-2.4.2-r3.ebuild)4
-rw-r--r--app-admin/calamares/files/calamares-2.4.2-grubcfg-luks-unlock.patch78
2 files changed, 81 insertions, 1 deletions
diff --git a/app-admin/calamares/calamares-2.4.2-r3.ebuild b/app-admin/calamares/calamares-2.4.2-r4.ebuild
index d4cba4e5..5591da27 100644
--- a/app-admin/calamares/calamares-2.4.2-r3.ebuild
+++ b/app-admin/calamares/calamares-2.4.2-r4.ebuild
@@ -51,8 +51,10 @@ RDEPEND=">=app-misc/calamares-runtime-3.1[branding]"
src_prepare() {
# patch dracut module to be called the way we want it, until the module becomes configurable
epatch ${FILESDIR}/${P}-dracut-kogaion.patch
- # calamares dracut luks patch
+ # calamares dracut enable luks encryption
epatch ${FILESDIR}/${P}-dracut-luks-fde.patch
+ # calamares grubcfg enable luks unlock
+ epatch ${FILESDIR}/${P}-grubcfg-luks-unlock.patch
# replace calamares installer desktop icon
sed -i "s/Icon=calamares/Icon=start-here/g" "${S}/calamares.desktop"
# fix installer doesn't start from desktop launcher (IMPROVE THIS UGLY THINGY)
diff --git a/app-admin/calamares/files/calamares-2.4.2-grubcfg-luks-unlock.patch b/app-admin/calamares/files/calamares-2.4.2-grubcfg-luks-unlock.patch
new file mode 100644
index 00000000..83e4ad4d
--- /dev/null
+++ b/app-admin/calamares/files/calamares-2.4.2-grubcfg-luks-unlock.patch
@@ -0,0 +1,78 @@
+diff -Nur a/src/modules/grubcfg/main.py b/src/modules/grubcfg/main.py
+--- a/src/modules/grubcfg/main.py 2016-10-14 15:11:26.000000000 +0100
++++ b/src/modules/grubcfg/main.py 2016-10-20 16:19:17.574463144 +0100
+@@ -36,8 +36,11 @@
+ default_grub = os.path.join(default_dir, "grub")
+ distributor_replace = distributor.replace("'", "'\\''")
+ plymouth_bin = libcalamares.utils.target_env_call(["sh", "-c", "which plymouth"])
++ dracut_bin = libcalamares.utils.target_env_call(["sh", "-c", "which plymouth"])
+ use_splash = ""
+ swap_uuid = ""
++ swap_outer_uuid = ""
++ home_outer_uuid = ""
+
+ libcalamares.utils.debug("which plymouth exit code: {!s}".format(plymouth_bin))
+
+@@ -46,27 +49,48 @@
+
+ cryptdevice_params = []
+
+- for partition in partitions:
+- if partition["fs"] == "linuxswap":
+- swap_uuid = partition["uuid"]
+-
+- if partition["mountPoint"] == "/" and "luksMapperName" in partition:
+- cryptdevice_params = [
+- "cryptdevice=UUID={!s}:{!s}".format(partition["luksUuid"],
+- partition["luksMapperName"]),
+- "root=/dev/mapper/{!s}".format(partition["luksMapperName"])
+- ]
+-
+- kernel_params = ["quiet"]
++ if dracut_bin == "0":
++ for partition in partitions:
++ if partition["fs"] == "linuxswap":
++ swap_uuid = partition["uuid"]
++
++ if partition["fs"] == "linuxswap" and "luksMapperName" in partition:
++ swap_outer_uuid = partition["luksUuid"]
++
++ if partition["mountPoint"] == "/home" and "luksMapperName" in partition:
++ home_outer_uuid = partition["luksUuid"]
++
++ if partition["mountPoint"] == "/" and "luksMapperName" in partition:
++ cryptdevice_params = ["rd.luks.uuid={!s}".format(partition["luksUuid"])]
++
++ else:
++ for partition in partitions:
++ if partition["fs"] == "linuxswap":
++ swap_uuid = partition["uuid"]
++
++ if partition["mountPoint"] == "/" and "luksMapperName" in partition:
++ cryptdevice_params = [
++ "cryptdevice=UUID={!s}:{!s}".format(partition["luksUuid"],
++ partition["luksMapperName"]),
++ "root=/dev/mapper/{!s}".format(partition["luksMapperName"])
++ ]
+
+ if cryptdevice_params:
+ kernel_params.extend(cryptdevice_params)
+
++ if swap_uuid:
++ kernel_params.append("resume=UUID={!s}".format(swap_uuid))
++
++ if swap_outer_uuid:
++ kernel_params.append("rd.luks.uuid={!s}".format(swap_outer_uuid))
++
++ if home_outer_uuid:
++ kernel_params.append("rd.luks.uuid={!s}".format(home_outer_uuid))
++
+ if use_splash:
+ kernel_params.append(use_splash)
+
+- if swap_uuid:
+- kernel_params.append("resume=UUID={!s}".format(swap_uuid))
++ kernel_params = ["quiet"]
+
+ distributor_line = "GRUB_DISTRIBUTOR=\"{!s}\"".format(distributor_replace)
+