summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xinitramfs-tools/hooks/samizdat2
-rw-r--r--src/initrd/btrfs-create.sh15
-rwxr-xr-xsrc/initrd/grok-block38
-rwxr-xr-xsrc/initrd/menu-select23
4 files changed, 67 insertions, 11 deletions
diff --git a/initramfs-tools/hooks/samizdat b/initramfs-tools/hooks/samizdat
index 78ece68..9b8a335 100755
--- a/initramfs-tools/hooks/samizdat
+++ b/initramfs-tools/hooks/samizdat
@@ -10,7 +10,7 @@ PATH=/usr/local/bin:$PATH
10 10
11repo_execs=$(echo "${samizdat_initrd_files_dir}"/*) 11repo_execs=$(echo "${samizdat_initrd_files_dir}"/*)
12 12
13path_execs='mountpoint openvt rsync gpg2 gpg-agent pinentry-curses truncate cryptsetup mkfs.btrfs btrfs fsck.hfsplus wait_for_files samizdat-pinentry dynmenu samizdat-password-agent samizdat-gpg-agent' 13path_execs='mountpoint openvt rsync gpg2 gpg-agent pinentry-curses truncate cryptsetup mkfs.btrfs btrfs fsck.hfsplus wait_for_files samizdat-pinentry dynmenu samizdat-password-agent samizdat-gpg-agent parted'
14 14
15graft_paths=" 15graft_paths="
16 /bin/OpenVT=/bin/openvt 16 /bin/OpenVT=/bin/openvt
diff --git a/src/initrd/btrfs-create.sh b/src/initrd/btrfs-create.sh
index c13d981..5d359a9 100644
--- a/src/initrd/btrfs-create.sh
+++ b/src/initrd/btrfs-create.sh
@@ -168,6 +168,21 @@ filesystem_incomplete()
168 [ "$n" != 1 ] 168 [ "$n" != 1 ]
169} 169}
170 170
171partition_new_hard_drive_DESTROYING_EVERYTHING()
172{
173 local target="$1"
174 # [ "$(parted -sm "$target" print | grep -c :)" = 1 ] || return
175 parted "$target" -sm \
176 unit B \
177 mklabel gpt \
178 mkpart primary 32KiB 4MiB \
179 set 1 bios_grub on \
180 mkpart primary btrfs 4MiB 1GiB \
181 name 2 gpg-incomplete \
182 mkpart primary 1GiB 100% \
183 name 3 luks-incomplete
184}
185
171open_samizdat() 186open_samizdat()
172{ 187{
173 local imgfile="$1" keyfile="$2" 188 local imgfile="$1" keyfile="$2"
diff --git a/src/initrd/grok-block b/src/initrd/grok-block
index 081238a..086722d 100755
--- a/src/initrd/grok-block
+++ b/src/initrd/grok-block
@@ -46,6 +46,16 @@ addmenu_makeroot()
46 ) & 46 ) &
47} 47}
48 48
49addmenu_destroy_hard_drive()
50{
51 local device="$1"
52 (
53 addmenu "$device//$loopfile" \
54 "[ Install Samizdat to $device -- THIS DESTROYS ALL DATA ]" \
55 "menu-select boot-destroy-disk $device"
56 ) &
57}
58
49retry_mount() 59retry_mount()
50{ 60{
51 tries=20 61 tries=20
@@ -75,6 +85,7 @@ gpg_verify()
75 export GNUPGHOME=/gpg/gnupghome 85 export GNUPGHOME=/gpg/gnupghome
76 gpg2 --lock-never --no-permission-warning --no-auto-check-trustdb --no-options --verify "$1" 86 gpg2 --lock-never --no-permission-warning --no-auto-check-trustdb --no-options --verify "$1"
77} 87}
88
78is_lvm() 89is_lvm()
79{ 90{
80 for n in 0 1 2 3; do 91 for n in 0 1 2 3; do
@@ -83,6 +94,19 @@ is_lvm()
83 return 1 94 return 1
84} 95}
85 96
97is_device_without_partitions()
98{
99 case "$1" in /dev/nbd*|/dev/sr*|*[0-9]) return 1 ;; esac
100
101 [ "$(parted -sm "$1" print | grep -c :)" = 1 ]
102}
103
104is_incomplete_samizdat_install()
105{
106 local partition_names="$(parted -sm "$1" print | sed 1,2d | awk -F: -e '{printf "%s:", $6}')"
107 [ "$partition_names" = 'primary:gpg-incomplete:luks-incomplete:' ]
108}
109
86grok_block() 110grok_block()
87{ 111{
88 local mountpoint="/mnt/${DEVNAME##*/}" 112 local mountpoint="/mnt/${DEVNAME##*/}"
@@ -108,14 +132,22 @@ grok_block()
108 retry_mount $mount_type -o ro "$DEVNAME" "$mountpoint" 132 retry_mount $mount_type -o ro "$DEVNAME" "$mountpoint"
109 fi 133 fi
110 134
111 if [ "$DEVNAME" = /dev/nbd0 ] && mountpoint -q "$mountpoint"; then 135 if ! mountpoint -q "$mountpoint"; then
136 rmdir "$mountpoint"
137 is_device_without_partitions "$DEVNAME" ||
138 is_incomplete_samizdat_install "$DEVNAME" &&
139 addmenu_destroy_hard_drive "$DEVNAME"
140
141 # TODO: Need option to boot the partitions we create
142 # TODO: And what if we create partitions and then reboot the machine mid-install?
112 143
144 elif [ "$DEVNAME" = /dev/nbd0 ]; then
113 # This is our rootfs, over the network 145 # This is our rootfs, over the network
114 umount "$mountpoint" 146 umount "$mountpoint"
115 rmdir "$mountpoint" 147 rmdir "$mountpoint"
116 bootdone samizdat-nbd-dev 148 bootdone samizdat-nbd-dev
117 149
118 elif mountpoint -q "$mountpoint"; then 150 else
119 umount=true 151 umount=true
120 # Device has an unencrypted filesystem on it. 152 # Device has an unencrypted filesystem on it.
121 # So we mount it and look for loop-back overlays. 153 # So we mount it and look for loop-back overlays.
@@ -164,8 +196,6 @@ grok_block()
164 umount "$mountpoint" 196 umount "$mountpoint"
165 rmdir "$mountpoint" 197 rmdir "$mountpoint"
166 fi 198 fi
167 else
168 rmdir "$mountpoint"
169 fi 199 fi
170} 200}
171 201
diff --git a/src/initrd/menu-select b/src/initrd/menu-select
index 129d685..4908b03 100755
--- a/src/initrd/menu-select
+++ b/src/initrd/menu-select
@@ -1,10 +1,11 @@
1#!/bin/sh 1#!/bin/sh
2# usage: 2# usage:
3# $0 boot-ram - use memory-only overlay 3# $0 boot-ram - use memory-only overlay
4# $0 boot-new [dev name] [loop file] [megabytes] - create new luks-encrypted overlay 4# $0 boot-new [dev name] [loop file] [megabytes] - create new luks-encrypted overlay
5# $0 boot-overwrite [dev name] [loop file] [megabytes] - overwrite with new luks overlay 5# $0 boot-overwrite [dev name] [loop file] [megabytes] - overwrite with new luks overlay
6# $0 boot-luks [dev name] [loop file] - boot existing luks-encrypted overlay 6# $0 boot-luks [dev name] [loop file] - boot existing luks-encrypted overlay
7# $0 boot-gpg [key id] [gnupg homedir] [???] - boot any device signed with the key 7# $0 boot-destroy-disk [dev-name] - install to a fresh hard disk
8# $0 boot-gpg [key id] [gnupg homedir] [???] - boot any device signed with the key
8 9
9. btrfs-create.sh 10. btrfs-create.sh
10. common.sh 11. common.sh
@@ -37,7 +38,7 @@ while [ $# -ge 1 ]; do
37done 38done
38[ -z "$badopts" ] || error 'usage error' 39[ -z "$badopts" ] || error 'usage error'
39 40
40[ $# -ge 2 -o "$1" = 'boot-ram' ] || error 'usage error' 41[ $# -ge 2 -o "$1" = 'boot-ram' -o "$1" = boot-destroy-disk ] || error 'usage error'
41 42
42remountrw() 43remountrw()
43{ 44{
@@ -80,6 +81,16 @@ case "$1" in
80 error 81 error
81 } 82 }
82 ;; 83 ;;
84 boot-destroy-disk)
85 dev="$2"
86 partition_new_hard_drive_DESTROYING_EVERYTHING "$dev" || error
87
88
89 # TODO: IMPLEMENT ME
90 # partition disk
91 # init_samizdat
92
93 ;;
83 boot-overwrite|boot-new|boot-luks) 94 boot-overwrite|boot-new|boot-luks)
84 dev="$2" 95 dev="$2"
85 loopfile="$3" 96 loopfile="$3"