Commit Graph

6182 Commits

Author SHA1 Message Date
Philip Müller
7bc8781d16 Merge branch 'master' of https://github.com/calamares/calamares into development 2019-07-09 21:39:45 +02:00
Adriaan de Groot
ca58b67eb9 Changes: post-release housekeeping 2019-07-06 01:16:28 +02:00
Adriaan de Groot
e88269089b Changes: pre-release housekeeping 2019-07-06 00:52:35 +02:00
Adriaan de Groot
c9b675cbc6 Merge remote-tracking branch 'origin/more-permissions'
FIXES #1190
FIXES #1191
2019-07-06 00:45:34 +02:00
Adriaan de Groot
937dac47d8 Changes: refer to CVE numbers for both issues 2019-07-06 00:44:53 +02:00
Adriaan de Groot
940c990268 [initcpio] [initramfs] Allow turning off CVE mitigations
- The mitigations are slightly intrusive, and may clash
   with other, similar mitigations (especially for initramfs,
   the recommended solution is to configure the system with
   the snippet outside of Calamares).
2019-07-06 00:04:16 +02:00
Calamares CI
b43dee45e1 i18n: [python] Automatic merge of Transifex translations 2019-07-05 23:31:28 +02:00
Calamares CI
263c0166c6 i18n: [calamares] Automatic merge of Transifex translations 2019-07-05 23:31:28 +02:00
Adriaan de Groot
a761bf0280 [initramfs] Add tests
- These tests exercise the createTargetFile() logic,
   which is essential for creating a safe initramfs
   configuration snippet.
 - Could be moved into libcalamares instead, since the tests
   are not really initramfs specific.
2019-07-05 23:21:24 +02:00
Adriaan de Groot
76ce0e4f2b [libcalamares] Don't crash when creating System object
- In tests, a System object might be created without first
   setting up a JobQueue. In that case, there's no instance,
   so no GS to insert into. Avoid crash here.
2019-07-05 23:20:19 +02:00
Adriaan de Groot
39d618c61e [initcpio] Simple test for fixPermissions() 2019-07-05 13:28:32 +02:00
Adriaan de Groot
5f6efd2822 [initcpio] Improve security by making initramfs files not world-readable 2019-07-05 13:17:55 +02:00
Adriaan de Groot
1a85435372 [libcalamares] Get target path relative to host / 2019-07-05 13:05:49 +02:00
Adriaan de Groot
43eb664e7d [initramfs] Configure mkinitramfs to be safe
SEE #1191
2019-07-05 11:43:40 +02:00
Adriaan de Groot
b697461497 [libcalamares] Add System::createTargetFile()
- Calamares may need to create files in the target system;
   provide a convenient API for doing so.
 - This is mostly intended for small files with constant contents.
2019-07-05 11:29:14 +02:00
Adriaan de Groot
d220fcea24 CI: allow different versions of clang-format 2019-07-05 10:47:31 +02:00
Adriaan de Groot
315e1ac54e [luksbootkeyfile] Improve logging to distinguish from other modules 2019-07-04 22:08:36 +02:00
Adriaan de Groot
bb6530577d [initcpio] Replace Python implementation with C++
- This is a simple variation on the theme of things-that-call-a-
   initramfs-updater, so the code is mostly a copy of initramfs/
   module. I didn't even bother to strip out the configuration-
   handling (I figure it might be good for *something*) so now
   "" and "$uname" are valid kernel names as well.
 - Fixes security issue where the initramfs ends up readable
   by all, and that includes the cryptfile for LUKS.

SEE #1190
2019-07-04 20:23:40 +02:00
Adriaan de Groot
d5340f9743 [initramfs] Drop timeout entirely, even two minutes too short 2019-07-04 20:05:48 +02:00
Adriaan de Groot
efd409cf78 [luksbootkeyfile] Refactor static function to outside class 2019-07-04 19:38:10 +02:00
Adriaan de Groot
7d7d4c69ef [luksbootkeyfile] Don't log passphrase 2019-07-04 19:37:37 +02:00
Adriaan de Groot
8a7884d476 [luksbootkeyfile] More debugging of the crypt file 2019-07-04 19:30:11 +02:00
Adriaan de Groot
97e44f971d [initramfs] That's not a safety setting
- Don't confuse a method declaration with an object.
 - Thanks clang for warning me.
2019-07-04 16:23:21 +02:00
Adriaan de Groot
e2028cf85b [libcalamaresui] Warnings--, no copy constructor for CDebug 2019-07-04 16:20:26 +02:00
Adriaan de Groot
4c5008ecb1 Merge branch 'issue-1190'
SEE #1190
2019-07-04 16:14:33 +02:00
Adriaan de Groot
af2a900276 [luksbootkeyfile] Fix lax permissions on file. 2019-07-04 16:05:58 +02:00
Adriaan de Groot
856a2eaa1d [luksbootkeyfile] Implement keyfile creation and use
- Just copy the commands from the existing Python code,
   including nonsensical dd.
2019-07-04 16:05:54 +02:00
Adriaan de Groot
8706b579ec [luksbootkeyfile] Stub out an implementation
- stubs for the actual work to be done
 - program-flow for looping over all the work
2019-07-04 16:05:54 +02:00
Adriaan de Groot
f6c50564cd [luksbootkeyfile] Extract devices that need cryptsetup
- Rename classes and functions to be more descriptive
   (a LuksDevice is .. information for a LUKS device, for instance).
 - Move the smarts of unpacking a QVariantMap to LuksDevice.
 - Apply code formatting
2019-07-04 16:05:54 +02:00
Adriaan de Groot
745b4b1693 [luksbootkeyfile] Extract partitioning keyphrases from GS 2019-07-04 16:05:48 +02:00
Adriaan de Groot
676df86712 [luksbootkeyfile] Stub job implementation in C++ 2019-07-04 16:05:47 +02:00
Adriaan de Groot
c2fa315735 [luksbootkeyfile] Prepare for C++-ification
- Mess around with the CMakeFile in preparation of new code
 - Drop the Python implementation already
2019-07-04 16:05:47 +02:00
Adriaan de Groot
fff5a43469 Changes: document luksbootkey issue 2019-07-04 16:05:47 +02:00
Adriaan de Groot
4825916f09 [branding] Improve log message when slideshow starts
- Having just "component activated" is confusing in the whole
   mess of log messages around job activation.
2019-07-04 13:24:40 +02:00
Adriaan de Groot
e2aa4e59e2 CI: massage the coding style a little 2019-07-04 11:36:37 +02:00
Adriaan de Groot
1be81ec3b0 [initramfs] Bump the timeout much higher
- Use 120 seconds for update-initramfs, instead of 10. Previous
   Python code had no timeout at all, which wasn't so hot either.
   10 seconds, though, is too short for slow CPU & slow disk.
2019-07-03 21:20:08 +02:00
Adriaan de Groot
0030966986 [initramfs] Set umask before update-initramfs
SEE #1191
2019-07-03 00:43:40 +02:00
Adriaan de Groot
aa3f909be7 [libcalamares] Tests for UMask handling 2019-07-03 00:40:05 +02:00
Adriaan de Groot
0685e3a96c [libcalamares] Move tests of the utils classes into utils/
- while here, adjust include paths (to changed dir)
 - while here, apply new code formatting
2019-07-03 00:40:05 +02:00
Adriaan de Groot
31e78ff0c2 [libcalamares] Add umask helper functions 2019-07-03 00:40:05 +02:00
Philip Müller
d07b529c92 Merge branch 'master' of https://github.com/calamares/calamares into development 2019-07-02 07:27:35 +02:00
Adriaan de Groot
69032ab5a0 Changes: post-release housekeeping 2019-06-28 13:47:25 +02:00
Adriaan de Groot
c0cd14df47 [initramfs] Fix sample config file for tests
- the tests want a non-empty config, so put something in there:
   a kernel setting that matches the legacy behavior.
2019-06-28 13:04:40 +02:00
Adriaan de Groot
1bb3ea35b5 Changes: pre-release housekeeping 2019-06-28 12:59:44 +02:00
Calamares CI
a85b5e8549 i18n: [python] Automatic merge of Transifex translations 2019-06-28 12:52:42 +02:00
Calamares CI
db4c23d403 i18n: [calamares] Automatic merge of Transifex translations 2019-06-28 12:52:41 +02:00
Adriaan de Groot
18bf925a11 [libcalamaresui] Name pending requirements checks
- Give each check a name (based on the module it runs for, so
   there might be overlaps when there are multiple module instances).
 - Log the remaining checks each time the timeout fires, to help
   figure out which one is hanging.
2019-06-27 15:30:32 +02:00
Adriaan de Groot
0bd2bfa708 CI: apply coding style to libcalamaresui/modulesystem 2019-06-27 15:15:47 +02:00
Adriaan de Groot
bd8c3fd893 CI: apply coding style to libcalamares/modulesystem 2019-06-27 15:13:32 +02:00
Philip Müller
da8f45ae18 [machineid] use force for symlink creation 2019-06-26 23:41:09 +02:00