napcok/calamares
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[luksbootkeyfile] Prepare for C++-ification

Browse Source 
- Mess around with the CMakeFile in preparation of new code
 - Drop the Python implementation already
This commit is contained in:
Adriaan de Groot 2019-07-02 22:52:22 +02:00
parent fff5a43469
commit c2fa315735
3 changed files with 9 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/modules/luksbootkeyfile/CMakeLists.txt Normal file
View File

@ -0,0 +1,9 @@
calamares_add_plugin( luksbootkeyfile
TYPE job
EXPORT_MACRO PLUGINDLLEXPORT_PRO
SOURCES
LuksBootKeyFileJob.cpp
LINK_PRIVATE_LIBRARIES
calamares
SHARED_LIB
)

103
src/modules/luksbootkeyfile/main.py
View File

@ -1,103 +0,0 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
#
# === This file is part of Calamares - <https://github.com/calamares> ===
#
# Copyright 2016, Teo Mrnjavac <teo@kde.org>
# Copyright 2017, Alf Gaida <agaida@siduction.org>
# Copyright 2017, 2019, Adriaan de Groot <groot@kde.org>
#
# Calamares is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Calamares is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Calamares. If not, see <http://www.gnu.org/licenses/>.
import libcalamares
from libcalamares.utils import check_target_env_call
import gettext
_ = gettext.translation("calamares-python",
localedir=libcalamares.utils.gettext_path(),
languages=libcalamares.utils.gettext_languages(),
fallback=True).gettext
def pretty_name():
return _("Configuring LUKS key file.")
def run():
"""
This module sets up a file crypto_keyfile.bin on the rootfs, assuming the
rootfs is LUKS encrypted and a passphrase is provided. This file is then
included in the initramfs and used for unlocking the rootfs from a
previously unlocked GRUB2 session.
:return:
"""
partitions = libcalamares.globalstorage.value("partitions")
if not partitions:
libcalamares.utils.warning("partitions is empty, {!s}".format(partitions))
return (_("Configuration Error"),
_("No partitions are defined for <pre>{!s}</pre> to use." ).format("luksbootkey"))
luks_root_device = ""
luks_root_passphrase = ""
additional_luks_devices = []
for partition in partitions:
if partition["mountPoint"] == "/" and "luksMapperName" in partition:
luks_root_device = partition["device"]
luks_root_passphrase = partition["luksPassphrase"]
elif "luksMapperName" in partition and\
(partition["mountPoint"] or partition["fs"] == "linuxswap"):
additional_luks_devices.append((partition["device"],
partition["luksPassphrase"]))
if not luks_root_device:
return None
if not luks_root_passphrase:
libcalamares.utils.debug("No LUKS passphrase, root {!s}".format(luks_root_device))
return (
_("Encrypted rootfs setup error"),
_("Rootfs partition {!s} is LUKS but no passphrase found.").format(luks_root_device))
# Generate random keyfile
check_target_env_call(["dd",
"bs=512",
"count=4",
"if=/dev/urandom",
"of=/crypto_keyfile.bin"])
check_target_env_call(["cryptsetup",
"luksAddKey",
luks_root_device,
"/crypto_keyfile.bin"],
luks_root_passphrase,
15) # timeout 15s
for additional_device in additional_luks_devices:
check_target_env_call(["cryptsetup",
"luksAddKey",
additional_device[0],
"/crypto_keyfile.bin"],
additional_device[1],
15) # timeout 15s
check_target_env_call(["chmod",
"g-rwx,o-rwx",
"/crypto_keyfile.bin"])
return None

5
src/modules/luksbootkeyfile/module.desc
View File

@ -1,5 +0,0 @@
---
type: "job"
name: "luksbootkeyfile"
interface: "python"
script: "main.py"