diff options
-rw-r--r-- | Makefile | 48 | ||||
-rw-r--r-- | src/initrd/btrfs-create.sh | 13 | ||||
-rwxr-xr-x | src/initrd/grok-block | 67 |
3 files changed, 4 insertions, 124 deletions
@@ -227,54 +227,6 @@ apt = $(shell which apt || which apt-get) | |||
227 | apt-get-update-stamp: | 227 | apt-get-update-stamp: |
228 | @if $(stale); then set -x; sudo $(apt) update && touch $@; fi | 228 | @if $(stale); then set -x; sudo $(apt) update && touch $@; fi |
229 | 229 | ||
230 | samizdat.iso: patched.iso | ||
231 | cp --reflink $< $@ | ||
232 | |||
233 | patched.iso: gold.iso rootfs/samizdat.patch.btrfs | ||
234 | rm -f $@~tmp | ||
235 | cp --reflink $< $@~tmp | ||
236 | sudo xorrisofs -iso-level 3 -- \ | ||
237 | -indev $@~tmp \ | ||
238 | -outdev $@~tmp \ | ||
239 | -return_with FAILURE 32 \ | ||
240 | -pathspecs on \ | ||
241 | -follow link \ | ||
242 | -add /rootfs/z00.btrfs=rootfs/samizdat.patch.btrfs -- \ | ||
243 | -follow default \ | ||
244 | -as mkisofs -graft-points \ | ||
245 | -b grub/i386-pc/eltorito.img \ | ||
246 | -no-emul-boot -boot-info-table \ | ||
247 | --embedded-boot "${samizdat_grub_efi_dir}"/embedded.img \ | ||
248 | --protective-msdos-label | ||
249 | mv $@~tmp $@ | ||
250 | |||
251 | gold.iso: rootfs/seed.iso reused-child | ||
252 | sudo grub-efi.sh | ||
253 | ! grep 'vmlinuz.*nbdroot' -r ${samizdat_grub_efi_dir} | ||
254 | exit 1; initrd.sh | ||
255 | rm -f $@~tmp | ||
256 | cp --reflink $< $@~tmp | ||
257 | sudo xorrisofs -iso-level 3 -- \ | ||
258 | -indev $@~tmp \ | ||
259 | -outdev $@~tmp \ | ||
260 | -return_with FAILURE 32 \ | ||
261 | -pathspecs on \ | ||
262 | -rm_r linux -- \ | ||
263 | -add linux="${samizdat_linux_dir}" -- \ | ||
264 | -rm_r "${gpg_iso_path}" -- \ | ||
265 | -add "${gpg_iso_path}=${GPG_INPUT_DIR}" -- \ | ||
266 | -rm_r grub -- \ | ||
267 | -add grub="${samizdat_grub_efi_dir}"/grub -- \ | ||
268 | -chown_r 0 / -- \ | ||
269 | -chgrp_r 0 / -- \ | ||
270 | -chmod_r go-rwx "${gpg_iso_path}" -- \ | ||
271 | -as mkisofs -graft-points \ | ||
272 | -b grub/i386-pc/eltorito.img \ | ||
273 | -no-emul-boot -boot-info-table \ | ||
274 | --embedded-boot "${samizdat_grub_efi_dir}"/embedded.img \ | ||
275 | --protective-msdos-label | ||
276 | mv $@~tmp $@ | ||
277 | |||
278 | rootfs/seed.iso: $(addprefix rootfs/samizdat.seed.btrf, s \ | 230 | rootfs/seed.iso: $(addprefix rootfs/samizdat.seed.btrf, s \ |
279 | $(if $(VERITY), s.verity s.verity.log)) | 231 | $(if $(VERITY), s.verity s.verity.log)) |
280 | rm -f $@~tmp | 232 | rm -f $@~tmp |
diff --git a/src/initrd/btrfs-create.sh b/src/initrd/btrfs-create.sh index efd8728..5ed0f89 100644 --- a/src/initrd/btrfs-create.sh +++ b/src/initrd/btrfs-create.sh | |||
@@ -43,18 +43,7 @@ cdrom_has_rootfs() | |||
43 | 43 | ||
44 | losetup_layers() | 44 | losetup_layers() |
45 | { | 45 | { |
46 | if cdrom_has_rootfs | 46 | if [ -e /dev/disk/by-partlabel/samizdat-rootfs ] |
47 | then | ||
48 | # TODO: This is some kind of shortcut or short circuit to find these | ||
49 | # files, that ought to be found through the grok-block system (i.e., | ||
50 | # event-driven rather than polling). | ||
51 | local fs fs_rw | ||
52 | for fs in /cdrom/rootfs/*.btrfs; do | ||
53 | fs_rw=/"${fs##*/}".rw | ||
54 | dd if=/dev/zero of="$fs_rw" bs=1M count=10 | ||
55 | losetup_snapshot "$fs" "$fs_rw" || return | ||
56 | done | ||
57 | elif [ -e /dev/disk/by-partlabel/samizdat-rootfs ] | ||
58 | then | 47 | then |
59 | # TODO: prevent raciness | 48 | # TODO: prevent raciness |
60 | umount /dev/disk/by-partlabel/samizdat-rootfs | 49 | umount /dev/disk/by-partlabel/samizdat-rootfs |
diff --git a/src/initrd/grok-block b/src/initrd/grok-block index d194486..1d20850 100755 --- a/src/initrd/grok-block +++ b/src/initrd/grok-block | |||
@@ -146,19 +146,8 @@ grok_block() | |||
146 | ;; | 146 | ;; |
147 | esac | 147 | esac |
148 | case "$ID_PART_ENTRY_NAME" in | 148 | case "$ID_PART_ENTRY_NAME" in |
149 | samizdat-grub-incomplete|samizdat-plaintext-incomplete|samizdat-luks-encrypted-incomplete) return ;; | 149 | samizdat-*-incomplete|samizdat-plaintext|samizdat-keys|samizdat-grub) return ;; |
150 | samizdat-plaintext) | ||
151 | # . /verity.sh | ||
152 | # cp /verity.sh /run/initramfs/samizdat/ | ||
153 | # veritysetup --hash-offset="$verity_hash_offset" \ | ||
154 | # create samizverity \ | ||
155 | # "$DEVNAME" "$DEVNAME" "$verity_root_hash" | ||
156 | # bootdone veritysetup | ||
157 | return | ||
158 | ;; | ||
159 | samizdat-keys) ;; | ||
160 | samizdat-rootfs) ;; | 150 | samizdat-rootfs) ;; |
161 | samizdat-grub) return ;; | ||
162 | samizdat-luks-encrypted) | 151 | samizdat-luks-encrypted) |
163 | if ! [ -f /autobooted ] | 152 | if ! [ -f /autobooted ] |
164 | then | 153 | then |
@@ -196,9 +185,6 @@ grok_block() | |||
196 | is_incomplete_samizdat_install "$DEVNAME" && | 185 | is_incomplete_samizdat_install "$DEVNAME" && |
197 | addmenu_destroy_hard_drive "$DEVNAME" | 186 | addmenu_destroy_hard_drive "$DEVNAME" |
198 | 187 | ||
199 | # TODO: Need option to boot the partitions we create | ||
200 | # TODO: And what if we create partitions and then reboot the machine mid-install? | ||
201 | |||
202 | elif [ "$ID_PART_ENTRY_NAME" = samizdat-rootfs ]; then | 188 | elif [ "$ID_PART_ENTRY_NAME" = samizdat-rootfs ]; then |
203 | bootdone samizdat-rootfs | 189 | bootdone samizdat-rootfs |
204 | elif [ "$DEVNAME" = /dev/nbd1 ]; then | 190 | elif [ "$DEVNAME" = /dev/nbd1 ]; then |
@@ -206,56 +192,9 @@ grok_block() | |||
206 | umount "$mountpoint" | 192 | umount "$mountpoint" |
207 | rmdir "$mountpoint" | 193 | rmdir "$mountpoint" |
208 | bootdone samizdat-nbd-dev | 194 | bootdone samizdat-nbd-dev |
209 | |||
210 | else | 195 | else |
211 | umount=true | 196 | umount "$mountpoint" |
212 | # Device has an unencrypted filesystem on it. | 197 | rmdir "$mountpoint" |
213 | # So we mount it and look for loop-back overlays. | ||
214 | |||
215 | if [ -d "$mountpoint/samizdat.gpg" ]; then | ||
216 | # check the key somehow? | ||
217 | addmenu_choosekey "$DEVNAME" "$mountpoint/samizdat.gpg" | ||
218 | fi | ||
219 | |||
220 | N=1; while [ -e "$mountpoint/samizdat.$N" ] | ||
221 | do | ||
222 | if gpg_verify "$mountpoint/samizdat.$N"k; then | ||
223 | addmenu_chooseroot "$DEVNAME" "$mountpoint/samizdat.$N" | ||
224 | # this menu entry chooses the root fs, and should prompt and wait for the matching key | ||
225 | umount=false | ||
226 | fi | ||
227 | N=$((N+1)) | ||
228 | done | ||
229 | |||
230 | freeblocks=$(stat -f -c %f "$mountpoint") | ||
231 | blocksize=$(stat -f -c %S "$mountpoint") | ||
232 | freemegs=$((freeblocks * blocksize / 1024 / 1024)) | ||
233 | |||
234 | if [ "$freemegs" -ge 300 ]; then | ||
235 | |||
236 | umount=false | ||
237 | # bootwait samizdat-cdrom | ||
238 | # cdromblocks=$(stat -f -c %b /cdrom) | ||
239 | # cdromblocksize=$(stat -f -c %S /cdrom) | ||
240 | # cdrommegs=$((cdromblocks * cdromblocksize / 1024 / 1024)) | ||
241 | |||
242 | cdrommegs=700 # TODO: go back to checking the size | ||
243 | |||
244 | if [ "$freemegs" -ge "$((cdrommegs * 3))" ]; then | ||
245 | addmenu_makeroot "$DEVNAME" "${mountpoint}/samizdat.$N" "$((cdrommegs * 3))" 1 | ||
246 | elif [ "$freemegs" -ge "$((cdrommegs * 2))" ]; then | ||
247 | addmenu_makeroot "$DEVNAME" "${mountpoint}/samizdat.$N" "$((cdrommegs * 2))" 1 | ||
248 | elif [ "$freemegs" -ge "$cdrommegs" ]; then | ||
249 | addmenu_makeroot "$DEVNAME" "${mountpoint}/samizdat.$N" "$((freemegs / 2))" 0 | ||
250 | else | ||
251 | addmenu_makeroot "$DEVNAME" "${mountpoint}/samizdat.$N" 256 0 | ||
252 | fi | ||
253 | fi | ||
254 | |||
255 | if $umount; then | ||
256 | umount "$mountpoint" | ||
257 | rmdir "$mountpoint" | ||
258 | fi | ||
259 | fi | 198 | fi |
260 | } | 199 | } |
261 | 200 | ||