Warn user about encrypted root with unencrypted /boot.
This commit is contained in:
Teo Mrnjavac
Philip
parent
555f0ba6cf
commit
8d93c34031
@ -437,9 +437,36 @@ PartitionViewStep::onLeave()
|
|||||||
QMessageBox::warning( m_manualPartitionPage,
|
QMessageBox::warning( m_manualPartitionPage,
|
||||||
message,
|
message,
|
||||||
description );
|
description );
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Partition* root_p = m_core->findPartitionByMountPoint( "/" );
|
||||||
|
Partition* boot_p = m_core->findPartitionByMountPoint( "/boot" );
|
||||||
|
|
||||||
|
if ( root_p and boot_p )
|
||||||
|
{
|
||||||
|
QString message;
|
||||||
|
QString description;
|
||||||
|
|
||||||
|
// If the root partition is encrypted, and there's a separate boot
|
||||||
|
// partition which is not encrypted
|
||||||
|
if ( root_p->fileSystem().type() == FileSystem::Luks &&
|
||||||
|
boot_p->fileSystem().type() != FileSystem::Luks )
|
||||||
|
{
|
||||||
|
message = tr( "Boot partition not encrypted" );
|
||||||
|
description = tr( "A separate boot partition was set up together with "
|
||||||
|
"an encrypted root partition, but the boot partition "
|
||||||
|
"is not encrypted."
|
||||||
|
"<br/><br/>"
|
||||||
|
"There are security concerns with this kind of "
|
||||||
|
"setup, because important system files are kept "
|
||||||
|
"on an unencrypted partition.<br/>"
|
||||||
|
"You may continue if you wish, but filesystem "
|
||||||
|
"unlocking will happen later during system startup."
|
||||||
|
"<br/>To encrypt the boot partition, go back and "
|
||||||
|
"recreate it, selecting <strong>Encrypt</strong> "
|
||||||
|
"in the partition creation window." );
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user