calamares/src/modules/luksbootkeyfile/LuksBootKeyFileJob.cpp

/* === This file is part of Calamares - <https://calamares.io> ===
 *
 *   SPDX-FileCopyrightText: 2019 Adriaan de Groot <groot@kde.org>
 *   SPDX-License-Identifier: GPL-3.0-or-later
 *
 */

#include "LuksBootKeyFileJob.h"

#include "utils/CalamaresUtilsSystem.h"
#include "utils/Entropy.h"
#include "utils/Logger.h"
#include "utils/NamedEnum.h"
#include "utils/UMask.h"
#include "utils/Variant.h"

#include "GlobalStorage.h"
#include "JobQueue.h"

#include <QDir>

LuksBootKeyFileJob::LuksBootKeyFileJob( QObject* parent )
    : Calamares::CppJob( parent )
{
}

LuksBootKeyFileJob::~LuksBootKeyFileJob() {}

QString
LuksBootKeyFileJob::prettyName() const
{
    return tr( "Configuring LUKS key file." );
}

struct LuksDevice
{
    LuksDevice( const QMap< QString, QVariant >& pinfo )
        : isValid( false )
        , isRoot( false )
    {
        if ( pinfo.contains( "luksMapperName" ) )
        {
            QString fs = pinfo[ "fs" ].toString();
            QString mountPoint = pinfo[ "mountPoint" ].toString();

            if ( !mountPoint.isEmpty() || fs == QStringLiteral( "linuxswap" ) )
            {
                isValid = true;
                isRoot = mountPoint == '/';
                device = pinfo[ "device" ].toString();
                passphrase = pinfo[ "luksPassphrase" ].toString();
            }
        }
    }

    bool isValid;
    bool isRoot;
    QString device;
    QString passphrase;
};

/** @brief Extract the luks passphrases setup.
 *
 * Given a list of partitions (as set up by the partitioning module,
 * so there's maps with keys inside), returns just the list of
 * luks passphrases for each device.
 */
static QList< LuksDevice >
getLuksDevices( const QVariantList& list )
{
    QList< LuksDevice > luksItems;

    for ( const auto& p : list )
    {
        if ( p.canConvert< QVariantMap >() )
        {
            LuksDevice d( p.toMap() );
            if ( d.isValid )
            {
                luksItems.append( d );
            }
        }
    }
    return luksItems;
}

struct LuksDeviceList
{
    LuksDeviceList( const QVariant& partitions )
        : valid( false )
    {
        if ( partitions.canConvert< QVariantList >() )
        {
            devices = getLuksDevices( partitions.toList() );
            valid = true;
        }
    }

    QList< LuksDevice > devices;
    bool valid;
};

static const char keyfile[] = "/crypto_keyfile.bin";

static bool
generateTargetKeyfile()
{
    CalamaresUtils::UMask m( CalamaresUtils::UMask::Safe );

    // Get the data
    QByteArray entropy;
    auto entropySource = CalamaresUtils::getEntropy( 2048, entropy );
    if ( entropySource != CalamaresUtils::EntropySource::URandom )
    {
        cWarning() << "Could not get entropy from /dev/urandom for LUKS.";
        return false;
    }

    auto fileResult = CalamaresUtils::System::instance()->createTargetFile(
        keyfile, entropy, CalamaresUtils::System::WriteMode::Overwrite );
    entropy.fill( 'A' );
    if ( !fileResult )
    {
        cWarning() << "Could not create LUKS keyfile:" << smash( fileResult.code() );
        return false;
    }

    // Give ample time to check that the file was created correctly;
    // we actually expect ls to return pretty-much-instantly.
    auto r = CalamaresUtils::System::instance()->targetEnvCommand(
        { "ls", "-la", "/" }, QString(), QString(), std::chrono::seconds( 5 ) );
    cDebug() << "In target system after creating LUKS file" << r.getOutput();
    return true;
}

static bool
setupLuks( const LuksDevice& d )
{
    // Adding the key can take some times, measured around 15 seconds with
    // a HDD (spinning rust) and a slow-ish computer. Give it a minute.
    auto r = CalamaresUtils::System::instance()->targetEnvCommand(
        { "cryptsetup", "luksAddKey", d.device, keyfile }, QString(), d.passphrase, std::chrono::seconds( 60 ) );
    if ( r.getExitCode() != 0 )
    {
        cWarning() << "Could not configure LUKS keyfile on" << d.device << ':' << r.getOutput() << "(exit code"
                   << r.getExitCode() << ')';
        return false;
    }
    return true;
}

static QVariantList
partitions()
{
    Calamares::GlobalStorage* globalStorage = Calamares::JobQueue::instance()->globalStorage();
    return globalStorage->value( QStringLiteral( "partitions" ) ).toList();
}

static bool
hasUnencryptedSeparateBoot()
{
    const QVariantList partitions = ::partitions();
    for ( const QVariant& partition : partitions )
    {
        QVariantMap partitionMap = partition.toMap();
        QString mountPoint = partitionMap.value( QStringLiteral( "mountPoint" ) ).toString();
        if ( QDir::cleanPath( mountPoint ) == QStringLiteral( "/boot" ) )
        {
            return !partitionMap.contains( QStringLiteral( "luksMapperName" ) );
        }
    }
    return false;
}

static bool
hasEncryptedRoot()
{
    const QVariantList partitions = ::partitions();
    for ( const QVariant& partition : partitions )
    {
        QVariantMap partitionMap = partition.toMap();
        QString mountPoint = partitionMap.value( QStringLiteral( "mountPoint" ) ).toString();
        if ( QDir::cleanPath( mountPoint ) == QStringLiteral( "/" ) )
        {
            return partitionMap.contains( QStringLiteral( "luksMapperName" ) );
        }
    }
    return false;
}

Calamares::JobResult
LuksBootKeyFileJob::exec()
{
    const auto* gs = Calamares::JobQueue::instance()->globalStorage();
    if ( !gs )
    {
        return Calamares::JobResult::internalError(
            "LuksBootKeyFile", "No GlobalStorage defined.", Calamares::JobResult::InvalidConfiguration );
    }
    if ( !gs->contains( "partitions" ) )
    {
        cError() << "No GS[partitions] key.";
        return Calamares::JobResult::internalError(
            "LuksBootKeyFile", tr( "No partitions are defined." ), Calamares::JobResult::InvalidConfiguration );
    }

    LuksDeviceList s( gs->value( "partitions" ) );
    if ( !s.valid )
    {
        cError() << "GS[partitions] is invalid";
        return Calamares::JobResult::internalError(
            "LuksBootKeyFile", tr( "No partitions are defined." ), Calamares::JobResult::InvalidConfiguration );
    }

    cDebug() << "There are" << s.devices.count() << "LUKS partitions";
    if ( s.devices.count() < 1 )
    {
        cDebug() << Logger::SubEntry << "Nothing to do for LUKS.";
        return Calamares::JobResult::ok();
    }

    auto it = std::partition( s.devices.begin(), s.devices.end(), []( const LuksDevice& d ) { return d.isRoot; } );
    for ( const auto& d : s.devices )
    {
        cDebug() << Logger::SubEntry << ( d.isRoot ? "root" : "dev." ) << d.device << "passphrase?"
                 << !d.passphrase.isEmpty();
    }

    if ( it == s.devices.begin() )
    {
        // Then there was no root partition
        cDebug() << Logger::SubEntry << "No root partition.";
        return Calamares::JobResult::ok();
    }

    // /boot partition is not encrypted, keyfile must not be used
    // But only if root partition is not encrypted
    if ( hasUnencryptedSeparateBoot() && !hasEncryptedRoot() )
    {
        cDebug() << Logger::SubEntry << "/boot partition is not encrypted, skipping keyfile creation.";
        return Calamares::JobResult::ok();
    }

    if ( s.devices.first().passphrase.isEmpty() )
    {
        cDebug() << Logger::SubEntry << "No root passphrase.";
        return Calamares::JobResult::error(
            tr( "Encrypted rootfs setup error" ),
            tr( "Root partition %1 is LUKS but no passphrase has been set." ).arg( s.devices.first().device ) );
    }

    if ( !generateTargetKeyfile() )
    {
        return Calamares::JobResult::error(
            tr( "Encrypted rootfs setup error" ),
            tr( "Could not create LUKS key file for root partition %1." ).arg( s.devices.first().device ) );
    }

    for ( const auto& d : s.devices )
    {
        // Skip setupLuks for root partition if system has an unencrypted /boot
        if ( d.isRoot && hasUnencryptedSeparateBoot() )
            continue;

        if ( !setupLuks( d ) )
            return Calamares::JobResult::error(
                tr( "Encrypted rootfs setup error" ),
                tr( "Could not configure LUKS key file on partition %1." ).arg( d.device ) );
    }

    return Calamares::JobResult::ok();
}

CALAMARES_PLUGIN_FACTORY_DEFINITION( LuksBootKeyFileJobFactory, registerPlugin< LuksBootKeyFileJob >(); )
REUSE: Giant boilerplate cleanup - point to main Calamares site in the 'part of' headers instead of to github (this is the "this file is part of Calamares" opening line for most files). - remove boilerplate from all source files, CMake modules and completions, this is the 3-paragraph summary of the GPL-3.0-or-later, which has a meaning entirely covered by the SPDX tag. 2020-08-25 16:05:56 +02:00			`/* === This file is part of Calamares - <https://calamares.io> ===`
[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`*`
REUSE: (GPL-3.0-or-later) C++ modules 2020-08-22 01:19:58 +02:00			`* SPDX-FileCopyrightText: 2019 Adriaan de Groot <groot@kde.org>`
			`* SPDX-License-Identifier: GPL-3.0-or-later`
[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`*`
			`*/`

			`#include "LuksBootKeyFileJob.h"`

			`#include "utils/CalamaresUtilsSystem.h"`
[luksbootkeyfile] Don't dd in the target to get entropy 2021-09-21 11:58:22 +02:00			`#include "utils/Entropy.h"`
[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`#include "utils/Logger.h"`
[luksbootkeyfile] Don't dd in the target to get entropy 2021-09-21 11:58:22 +02:00			`#include "utils/NamedEnum.h"`
[luksbootkeyfile] Fix lax permissions on file. 2019-07-04 15:55:54 +02:00			`#include "utils/UMask.h"`
[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`#include "utils/Variant.h"`

			`#include "GlobalStorage.h"`
			`#include "JobQueue.h"`

[LuksBootKeyFile] Remove trailing slashes when matching mountpoint 2022-02-16 23:21:52 +01:00			`#include <QDir>`

[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`LuksBootKeyFileJob::LuksBootKeyFileJob( QObject* parent )`
			`: Calamares::CppJob( parent )`
			`{`
			`}`

			`LuksBootKeyFileJob::~LuksBootKeyFileJob() {}`

			`QString`
			`LuksBootKeyFileJob::prettyName() const`
			`{`
			`return tr( "Configuring LUKS key file." );`
			`}`

[luksbootkeyfile] Extract devices that need cryptsetup - Rename classes and functions to be more descriptive (a LuksDevice is .. information for a LUKS device, for instance). - Move the smarts of unpacking a QVariantMap to LuksDevice. - Apply code formatting 2019-07-04 13:45:02 +02:00			`struct LuksDevice`
[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`{`
[luksbootkeyfile] Extract devices that need cryptsetup - Rename classes and functions to be more descriptive (a LuksDevice is .. information for a LUKS device, for instance). - Move the smarts of unpacking a QVariantMap to LuksDevice. - Apply code formatting 2019-07-04 13:45:02 +02:00			`LuksDevice( const QMap< QString, QVariant >& pinfo )`
			`: isValid( false )`
			`, isRoot( false )`
			`{`
			`if ( pinfo.contains( "luksMapperName" ) )`
			`{`
			`QString fs = pinfo[ "fs" ].toString();`
			`QString mountPoint = pinfo[ "mountPoint" ].toString();`

			`if ( !mountPoint.isEmpty() \|\| fs == QStringLiteral( "linuxswap" ) )`
			`{`
			`isValid = true;`
			`isRoot = mountPoint == '/';`
			`device = pinfo[ "device" ].toString();`
			`passphrase = pinfo[ "luksPassphrase" ].toString();`
			`}`
			`}`
			`}`

			`bool isValid;`
			`bool isRoot;`
[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`QString device;`
			`QString passphrase;`
			`};`

[luksbootkeyfile] Refactor static function to outside class 2019-07-04 19:38:10 +02:00			`/** @brief Extract the luks passphrases setup.`
			`*`
			`* Given a list of partitions (as set up by the partitioning module,`
			`* so there's maps with keys inside), returns just the list of`
			`* luks passphrases for each device.`
Modules: chase API change, use std::chrono::seconds 2019-08-01 22:59:06 +02:00			`*/`
[luksbootkeyfile] Refactor static function to outside class 2019-07-04 19:38:10 +02:00			`static QList< LuksDevice >`
			`getLuksDevices( const QVariantList& list )`
			`{`
			`QList< LuksDevice > luksItems;`

			`for ( const auto& p : list )`
			`{`
			`if ( p.canConvert< QVariantMap >() )`
			`{`
			`LuksDevice d( p.toMap() );`
			`if ( d.isValid )`
			`{`
			`luksItems.append( d );`
			`}`
			`}`
			`}`
			`return luksItems;`
			`}`

[luksbootkeyfile] Extract devices that need cryptsetup - Rename classes and functions to be more descriptive (a LuksDevice is .. information for a LUKS device, for instance). - Move the smarts of unpacking a QVariantMap to LuksDevice. - Apply code formatting 2019-07-04 13:45:02 +02:00			`struct LuksDeviceList`
[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`{`
[luksbootkeyfile] Extract devices that need cryptsetup - Rename classes and functions to be more descriptive (a LuksDevice is .. information for a LUKS device, for instance). - Move the smarts of unpacking a QVariantMap to LuksDevice. - Apply code formatting 2019-07-04 13:45:02 +02:00			`LuksDeviceList( const QVariant& partitions )`
[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`: valid( false )`
			`{`
[luksbootkeyfile] Extract devices that need cryptsetup - Rename classes and functions to be more descriptive (a LuksDevice is .. information for a LUKS device, for instance). - Move the smarts of unpacking a QVariantMap to LuksDevice. - Apply code formatting 2019-07-04 13:45:02 +02:00			`if ( partitions.canConvert< QVariantList >() )`
[luksbootkeyfile] Extract partitioning keyphrases from GS 2019-07-04 13:17:34 +02:00			`{`
[luksbootkeyfile] Extract devices that need cryptsetup - Rename classes and functions to be more descriptive (a LuksDevice is .. information for a LUKS device, for instance). - Move the smarts of unpacking a QVariantMap to LuksDevice. - Apply code formatting 2019-07-04 13:45:02 +02:00			`devices = getLuksDevices( partitions.toList() );`
[luksbootkeyfile] Extract partitioning keyphrases from GS 2019-07-04 13:17:34 +02:00			`valid = true;`
			`}`
			`}`

[luksbootkeyfile] Extract devices that need cryptsetup - Rename classes and functions to be more descriptive (a LuksDevice is .. information for a LUKS device, for instance). - Move the smarts of unpacking a QVariantMap to LuksDevice. - Apply code formatting 2019-07-04 13:45:02 +02:00			`QList< LuksDevice > devices;`
[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`bool valid;`
			`};`

[luksbootkeyfile] Implement keyfile creation and use - Just copy the commands from the existing Python code, including nonsensical dd. 2019-07-04 15:47:37 +02:00			`static const char keyfile[] = "/crypto_keyfile.bin";`

[luksbootkeyfile] Stub out an implementation - stubs for the actual work to be done - program-flow for looping over all the work 2019-07-04 15:14:06 +02:00			`static bool`
			`generateTargetKeyfile()`
			`{`
[luksbootkeyfile] Fix lax permissions on file. 2019-07-04 15:55:54 +02:00			`CalamaresUtils::UMask m( CalamaresUtils::UMask::Safe );`
[luksbootkeyfile] Don't dd in the target to get entropy 2021-09-21 11:58:22 +02:00
			`// Get the data`
			`QByteArray entropy;`
			`auto entropySource = CalamaresUtils::getEntropy( 2048, entropy );`
			`if ( entropySource != CalamaresUtils::EntropySource::URandom )`
			`{`
			`cWarning() << "Could not get entropy from /dev/urandom for LUKS.";`
			`return false;`
			`}`

			`auto fileResult = CalamaresUtils::System::instance()->createTargetFile(`
			`keyfile, entropy, CalamaresUtils::System::WriteMode::Overwrite );`
			`entropy.fill( 'A' );`
			`if ( !fileResult )`
[luksbootkeyfile] Implement keyfile creation and use - Just copy the commands from the existing Python code, including nonsensical dd. 2019-07-04 15:47:37 +02:00			`{`
[luksbootkeyfile] Don't dd in the target to get entropy 2021-09-21 11:58:22 +02:00			`cWarning() << "Could not create LUKS keyfile:" << smash( fileResult.code() );`
[luksbootkeyfile] Implement keyfile creation and use - Just copy the commands from the existing Python code, including nonsensical dd. 2019-07-04 15:47:37 +02:00			`return false;`
			`}`
[luksbootkeyfile] Don't dd in the target to get entropy 2021-09-21 11:58:22 +02:00
[luksbootkeyfile] Bump timeout for adding LUKS keyfile 2021-09-21 12:10:21 +02:00			`// Give ample time to check that the file was created correctly;`
			`// we actually expect ls to return pretty-much-instantly.`
			`auto r = CalamaresUtils::System::instance()->targetEnvCommand(`
			`{ "ls", "-la", "/" }, QString(), QString(), std::chrono::seconds( 5 ) );`
[luksbootkeyfile] Improve logging to distinguish from other modules 2019-07-04 22:08:36 +02:00			`cDebug() << "In target system after creating LUKS file" << r.getOutput();`
[luksbootkeyfile] Implement keyfile creation and use - Just copy the commands from the existing Python code, including nonsensical dd. 2019-07-04 15:47:37 +02:00			`return true;`
[luksbootkeyfile] Stub out an implementation - stubs for the actual work to be done - program-flow for looping over all the work 2019-07-04 15:14:06 +02:00			`}`

			`static bool`
			`setupLuks( const LuksDevice& d )`
			`{`
[luksbootkeyfile] Bump timeout for adding LUKS keyfile 2021-09-21 12:10:21 +02:00			`// Adding the key can take some times, measured around 15 seconds with`
			`// a HDD (spinning rust) and a slow-ish computer. Give it a minute.`
[luksbootkeyfile] Implement keyfile creation and use - Just copy the commands from the existing Python code, including nonsensical dd. 2019-07-04 15:47:37 +02:00			`auto r = CalamaresUtils::System::instance()->targetEnvCommand(`
[luksbootkeyfile] Bump timeout for adding LUKS keyfile 2021-09-21 12:10:21 +02:00			`{ "cryptsetup", "luksAddKey", d.device, keyfile }, QString(), d.passphrase, std::chrono::seconds( 60 ) );`
[luksbootkeyfile] Implement keyfile creation and use - Just copy the commands from the existing Python code, including nonsensical dd. 2019-07-04 15:47:37 +02:00			`if ( r.getExitCode() != 0 )`
			`{`
			`cWarning() << "Could not configure LUKS keyfile on" << d.device << ':' << r.getOutput() << "(exit code"`
			`<< r.getExitCode() << ')';`
			`return false;`
			`}`
			`return true;`
[luksbootkeyfile] Stub out an implementation - stubs for the actual work to be done - program-flow for looping over all the work 2019-07-04 15:14:06 +02:00			`}`

[luksbootkeyfile] Free functions that really are static (TU-local) 2020-11-30 14:15:35 +01:00			`static QVariantList`
Use free functions (I wish I had known I can do this) 2020-11-12 23:02:12 +01:00			`partitions()`
Try not to create the keyfile if not necessary 2020-11-06 20:31:28 +01:00			`{`
			`Calamares::GlobalStorage* globalStorage = Calamares::JobQueue::instance()->globalStorage();`
			`return globalStorage->value( QStringLiteral( "partitions" ) ).toList();`
			`}`

[luksbootkeyfile] Free functions that really are static (TU-local) 2020-11-30 14:15:35 +01:00			`static bool`
Use free functions (I wish I had known I can do this) 2020-11-12 23:02:12 +01:00			`hasUnencryptedSeparateBoot()`
Try not to create the keyfile if not necessary 2020-11-06 20:31:28 +01:00			`{`
call function at different scope to avoid name collision 2020-11-13 22:39:25 +01:00			`const QVariantList partitions = ::partitions();`
Try not to create the keyfile if not necessary 2020-11-06 20:31:28 +01:00			`for ( const QVariant& partition : partitions )`
			`{`
			`QVariantMap partitionMap = partition.toMap();`
			`QString mountPoint = partitionMap.value( QStringLiteral( "mountPoint" ) ).toString();`
[LuksBootKeyFile] Remove trailing slashes when matching mountpoint 2022-02-16 23:21:52 +01:00			`if ( QDir::cleanPath( mountPoint ) == QStringLiteral( "/boot" ) )`
Try not to create the keyfile if not necessary 2020-11-06 20:31:28 +01:00			`{`
			`return !partitionMap.contains( QStringLiteral( "luksMapperName" ) );`
			`}`
			`}`
			`return false;`
			`}`

Support unencrypted boot partition 2022-04-21 16:39:07 +02:00			`static bool`
			`hasEncryptedRoot()`
			`{`
			`const QVariantList partitions = ::partitions();`
			`for ( const QVariant& partition : partitions )`
			`{`
			`QVariantMap partitionMap = partition.toMap();`
			`QString mountPoint = partitionMap.value( QStringLiteral( "mountPoint" ) ).toString();`
			`if ( QDir::cleanPath( mountPoint ) == QStringLiteral( "/" ) )`
			`{`
			`return partitionMap.contains( QStringLiteral( "luksMapperName" ) );`
			`}`
			`}`
			`return false;`
			`}`

[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`Calamares::JobResult`
			`LuksBootKeyFileJob::exec()`
			`{`
			`const auto* gs = Calamares::JobQueue::instance()->globalStorage();`
			`if ( !gs )`
			`{`
			`return Calamares::JobResult::internalError(`
[luksbootkeyfile] Typo - Spotted by akspatole, no user-visible change FIXES #1277 2019-11-19 13:41:43 +01:00			`"LuksBootKeyFile", "No GlobalStorage defined.", Calamares::JobResult::InvalidConfiguration );`
[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`}`
			`if ( !gs->contains( "partitions" ) )`
			`{`
[luksbootkeyfile] Stub out an implementation - stubs for the actual work to be done - program-flow for looping over all the work 2019-07-04 15:14:06 +02:00			`cError() << "No GS[partitions] key.";`
[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`return Calamares::JobResult::internalError(`
[luksbootkeyfile] Typo - Spotted by akspatole, no user-visible change FIXES #1277 2019-11-19 13:41:43 +01:00			`"LuksBootKeyFile", tr( "No partitions are defined." ), Calamares::JobResult::InvalidConfiguration );`
[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`}`

[luksbootkeyfile] Extract devices that need cryptsetup - Rename classes and functions to be more descriptive (a LuksDevice is .. information for a LUKS device, for instance). - Move the smarts of unpacking a QVariantMap to LuksDevice. - Apply code formatting 2019-07-04 13:45:02 +02:00			`LuksDeviceList s( gs->value( "partitions" ) );`
[luksbootkeyfile] Stub out an implementation - stubs for the actual work to be done - program-flow for looping over all the work 2019-07-04 15:14:06 +02:00			`if ( !s.valid )`
			`{`
			`cError() << "GS[partitions] is invalid";`
			`return Calamares::JobResult::internalError(`
[luksbootkeyfile] Typo - Spotted by akspatole, no user-visible change FIXES #1277 2019-11-19 13:41:43 +01:00			`"LuksBootKeyFile", tr( "No partitions are defined." ), Calamares::JobResult::InvalidConfiguration );`
[luksbootkeyfile] Stub out an implementation - stubs for the actual work to be done - program-flow for looping over all the work 2019-07-04 15:14:06 +02:00			`}`

[luksbootkeyfile] Extract devices that need cryptsetup - Rename classes and functions to be more descriptive (a LuksDevice is .. information for a LUKS device, for instance). - Move the smarts of unpacking a QVariantMap to LuksDevice. - Apply code formatting 2019-07-04 13:45:02 +02:00			`cDebug() << "There are" << s.devices.count() << "LUKS partitions";`
[luksbootkeyfile] Stub out an implementation - stubs for the actual work to be done - program-flow for looping over all the work 2019-07-04 15:14:06 +02:00			`if ( s.devices.count() < 1 )`
			`{`
			`cDebug() << Logger::SubEntry << "Nothing to do for LUKS.";`
			`return Calamares::JobResult::ok();`
			`}`

			`auto it = std::partition( s.devices.begin(), s.devices.end(), []( const LuksDevice& d ) { return d.isRoot; } );`
			`for ( const auto& d : s.devices )`
			`{`
[luksbootkeyfile] Don't log passphrase 2019-07-04 19:37:37 +02:00			`cDebug() << Logger::SubEntry << ( d.isRoot ? "root" : "dev." ) << d.device << "passphrase?"`
			`<< !d.passphrase.isEmpty();`
[luksbootkeyfile] Stub out an implementation - stubs for the actual work to be done - program-flow for looping over all the work 2019-07-04 15:14:06 +02:00			`}`

			`if ( it == s.devices.begin() )`
			`{`
			`// Then there was no root partition`
			`cDebug() << Logger::SubEntry << "No root partition.";`
			`return Calamares::JobResult::ok();`
Try not to create the keyfile if not necessary 2020-11-06 20:31:28 +01:00			`}`

			`// /boot partition is not encrypted, keyfile must not be used`
Support unencrypted boot partition 2022-04-21 16:39:07 +02:00			`// But only if root partition is not encrypted`
			`if ( hasUnencryptedSeparateBoot() && !hasEncryptedRoot() )`
Try not to create the keyfile if not necessary 2020-11-06 20:31:28 +01:00			`{`
Replace tabs with 4 spaces 2022-04-21 17:13:50 +02:00			`cDebug() << Logger::SubEntry << "/boot partition is not encrypted, skipping keyfile creation.";`
Try not to create the keyfile if not necessary 2020-11-06 20:31:28 +01:00			`return Calamares::JobResult::ok();`
[luksbootkeyfile] Stub out an implementation - stubs for the actual work to be done - program-flow for looping over all the work 2019-07-04 15:14:06 +02:00			`}`

			`if ( s.devices.first().passphrase.isEmpty() )`
			`{`
			`cDebug() << Logger::SubEntry << "No root passphrase.";`
			`return Calamares::JobResult::error(`
			`tr( "Encrypted rootfs setup error" ),`
			`tr( "Root partition %1 is LUKS but no passphrase has been set." ).arg( s.devices.first().device ) );`
			`}`

			`if ( !generateTargetKeyfile() )`
			`{`
			`return Calamares::JobResult::error(`
			`tr( "Encrypted rootfs setup error" ),`
			`tr( "Could not create LUKS key file for root partition %1." ).arg( s.devices.first().device ) );`
			`}`

			`for ( const auto& d : s.devices )`
[luksbootkeyfile] Extract devices that need cryptsetup - Rename classes and functions to be more descriptive (a LuksDevice is .. information for a LUKS device, for instance). - Move the smarts of unpacking a QVariantMap to LuksDevice. - Apply code formatting 2019-07-04 13:45:02 +02:00			`{`
Replace tabs with 4 spaces 2022-04-21 17:13:50 +02:00			`// Skip setupLuks for root partition if system has an unencrypted /boot`
Support unencrypted boot partition 2022-04-21 16:39:07 +02:00			`if ( d.isRoot && hasUnencryptedSeparateBoot() )`
Replace tabs with 4 spaces 2022-04-21 17:13:50 +02:00			`continue;`
Support unencrypted boot partition 2022-04-21 16:39:07 +02:00
Replace tabs with 4 spaces 2022-04-21 17:13:50 +02:00			`if ( !setupLuks( d ) )`
[luksbootkeyfile] Stub out an implementation - stubs for the actual work to be done - program-flow for looping over all the work 2019-07-04 15:14:06 +02:00			`return Calamares::JobResult::error(`
			`tr( "Encrypted rootfs setup error" ),`
Fix minor typo Many thanks in advance for reviewing. 2020-02-16 13:09:30 +01:00			`tr( "Could not configure LUKS key file on partition %1." ).arg( d.device ) );`
[luksbootkeyfile] Extract devices that need cryptsetup - Rename classes and functions to be more descriptive (a LuksDevice is .. information for a LUKS device, for instance). - Move the smarts of unpacking a QVariantMap to LuksDevice. - Apply code formatting 2019-07-04 13:45:02 +02:00			`}`

[luksbootkeyfile] Stub job implementation in C++ 2019-07-03 00:01:19 +02:00			`return Calamares::JobResult::ok();`
			`}`

			`CALAMARES_PLUGIN_FACTORY_DEFINITION( LuksBootKeyFileJobFactory, registerPlugin< LuksBootKeyFileJob >(); )`