diff options
author | Andrew Cady <d@jerkface.net> | 2023-06-22 00:01:50 -0400 |
---|---|---|
committer | u <u@billy> | 2023-11-17 08:44:10 -0500 |
commit | 0535cb9565891eb15de2dddcbf85828c8503dac0 (patch) | |
tree | 7cb993ba502f6bddaf30db4c2852adc65958773c /src/initrd | |
parent | 069b67461cc33d373d030b87744e11ea87fe927e (diff) |
Removal of functionality that depended on gpg
This material wasn't removed in the original commit removing gpg,
because it seemed to have documentary value. This commit serves
as the documentation index. Some of this functionality should be
reimplemented.
Diffstat (limited to 'src/initrd')
-rw-r--r-- | src/initrd/btrfs-create.sh | 13 | ||||
-rwxr-xr-x | src/initrd/grok-block | 67 |
2 files changed, 4 insertions, 76 deletions
diff --git a/src/initrd/btrfs-create.sh b/src/initrd/btrfs-create.sh index efd8728..5ed0f89 100644 --- a/src/initrd/btrfs-create.sh +++ b/src/initrd/btrfs-create.sh | |||
@@ -43,18 +43,7 @@ cdrom_has_rootfs() | |||
43 | 43 | ||
44 | losetup_layers() | 44 | losetup_layers() |
45 | { | 45 | { |
46 | if cdrom_has_rootfs | 46 | if [ -e /dev/disk/by-partlabel/samizdat-rootfs ] |
47 | then | ||
48 | # TODO: This is some kind of shortcut or short circuit to find these | ||
49 | # files, that ought to be found through the grok-block system (i.e., | ||
50 | # event-driven rather than polling). | ||
51 | local fs fs_rw | ||
52 | for fs in /cdrom/rootfs/*.btrfs; do | ||
53 | fs_rw=/"${fs##*/}".rw | ||
54 | dd if=/dev/zero of="$fs_rw" bs=1M count=10 | ||
55 | losetup_snapshot "$fs" "$fs_rw" || return | ||
56 | done | ||
57 | elif [ -e /dev/disk/by-partlabel/samizdat-rootfs ] | ||
58 | then | 47 | then |
59 | # TODO: prevent raciness | 48 | # TODO: prevent raciness |
60 | umount /dev/disk/by-partlabel/samizdat-rootfs | 49 | umount /dev/disk/by-partlabel/samizdat-rootfs |
diff --git a/src/initrd/grok-block b/src/initrd/grok-block index d194486..1d20850 100755 --- a/src/initrd/grok-block +++ b/src/initrd/grok-block | |||
@@ -146,19 +146,8 @@ grok_block() | |||
146 | ;; | 146 | ;; |
147 | esac | 147 | esac |
148 | case "$ID_PART_ENTRY_NAME" in | 148 | case "$ID_PART_ENTRY_NAME" in |
149 | samizdat-grub-incomplete|samizdat-plaintext-incomplete|samizdat-luks-encrypted-incomplete) return ;; | 149 | samizdat-*-incomplete|samizdat-plaintext|samizdat-keys|samizdat-grub) return ;; |
150 | samizdat-plaintext) | ||
151 | # . /verity.sh | ||
152 | # cp /verity.sh /run/initramfs/samizdat/ | ||
153 | # veritysetup --hash-offset="$verity_hash_offset" \ | ||
154 | # create samizverity \ | ||
155 | # "$DEVNAME" "$DEVNAME" "$verity_root_hash" | ||
156 | # bootdone veritysetup | ||
157 | return | ||
158 | ;; | ||
159 | samizdat-keys) ;; | ||
160 | samizdat-rootfs) ;; | 150 | samizdat-rootfs) ;; |
161 | samizdat-grub) return ;; | ||
162 | samizdat-luks-encrypted) | 151 | samizdat-luks-encrypted) |
163 | if ! [ -f /autobooted ] | 152 | if ! [ -f /autobooted ] |
164 | then | 153 | then |
@@ -196,9 +185,6 @@ grok_block() | |||
196 | is_incomplete_samizdat_install "$DEVNAME" && | 185 | is_incomplete_samizdat_install "$DEVNAME" && |
197 | addmenu_destroy_hard_drive "$DEVNAME" | 186 | addmenu_destroy_hard_drive "$DEVNAME" |
198 | 187 | ||
199 | # TODO: Need option to boot the partitions we create | ||
200 | # TODO: And what if we create partitions and then reboot the machine mid-install? | ||
201 | |||
202 | elif [ "$ID_PART_ENTRY_NAME" = samizdat-rootfs ]; then | 188 | elif [ "$ID_PART_ENTRY_NAME" = samizdat-rootfs ]; then |
203 | bootdone samizdat-rootfs | 189 | bootdone samizdat-rootfs |
204 | elif [ "$DEVNAME" = /dev/nbd1 ]; then | 190 | elif [ "$DEVNAME" = /dev/nbd1 ]; then |
@@ -206,56 +192,9 @@ grok_block() | |||
206 | umount "$mountpoint" | 192 | umount "$mountpoint" |
207 | rmdir "$mountpoint" | 193 | rmdir "$mountpoint" |
208 | bootdone samizdat-nbd-dev | 194 | bootdone samizdat-nbd-dev |
209 | |||
210 | else | 195 | else |
211 | umount=true | 196 | umount "$mountpoint" |
212 | # Device has an unencrypted filesystem on it. | 197 | rmdir "$mountpoint" |
213 | # So we mount it and look for loop-back overlays. | ||
214 | |||
215 | if [ -d "$mountpoint/samizdat.gpg" ]; then | ||
216 | # check the key somehow? | ||
217 | addmenu_choosekey "$DEVNAME" "$mountpoint/samizdat.gpg" | ||
218 | fi | ||
219 | |||
220 | N=1; while [ -e "$mountpoint/samizdat.$N" ] | ||
221 | do | ||
222 | if gpg_verify "$mountpoint/samizdat.$N"k; then | ||
223 | addmenu_chooseroot "$DEVNAME" "$mountpoint/samizdat.$N" | ||
224 | # this menu entry chooses the root fs, and should prompt and wait for the matching key | ||
225 | umount=false | ||
226 | fi | ||
227 | N=$((N+1)) | ||
228 | done | ||
229 | |||
230 | freeblocks=$(stat -f -c %f "$mountpoint") | ||
231 | blocksize=$(stat -f -c %S "$mountpoint") | ||
232 | freemegs=$((freeblocks * blocksize / 1024 / 1024)) | ||
233 | |||
234 | if [ "$freemegs" -ge 300 ]; then | ||
235 | |||
236 | umount=false | ||
237 | # bootwait samizdat-cdrom | ||
238 | # cdromblocks=$(stat -f -c %b /cdrom) | ||
239 | # cdromblocksize=$(stat -f -c %S /cdrom) | ||
240 | # cdrommegs=$((cdromblocks * cdromblocksize / 1024 / 1024)) | ||
241 | |||
242 | cdrommegs=700 # TODO: go back to checking the size | ||
243 | |||
244 | if [ "$freemegs" -ge "$((cdrommegs * 3))" ]; then | ||
245 | addmenu_makeroot "$DEVNAME" "${mountpoint}/samizdat.$N" "$((cdrommegs * 3))" 1 | ||
246 | elif [ "$freemegs" -ge "$((cdrommegs * 2))" ]; then | ||
247 | addmenu_makeroot "$DEVNAME" "${mountpoint}/samizdat.$N" "$((cdrommegs * 2))" 1 | ||
248 | elif [ "$freemegs" -ge "$cdrommegs" ]; then | ||
249 | addmenu_makeroot "$DEVNAME" "${mountpoint}/samizdat.$N" "$((freemegs / 2))" 0 | ||
250 | else | ||
251 | addmenu_makeroot "$DEVNAME" "${mountpoint}/samizdat.$N" 256 0 | ||
252 | fi | ||
253 | fi | ||
254 | |||
255 | if $umount; then | ||
256 | umount "$mountpoint" | ||
257 | rmdir "$mountpoint" | ||
258 | fi | ||
259 | fi | 198 | fi |
260 | } | 199 | } |
261 | 200 | ||