From 2b323d0c0d227d4ddcb006a6b34cd7ab568ea8e8 Mon Sep 17 00:00:00 2001 From: oddlama Date: Fri, 24 Apr 2020 23:02:00 +0200 Subject: [PATCH] Removed need to save resolve entries altogether; WIP: Dracut integration --- scripts/functions.sh | 11 ++----- scripts/internal_config.sh | 15 ++++++++-- scripts/main.sh | 61 +++++++++++++++++++++++++++++++++++--- scripts/utils.sh | 39 ++---------------------- 4 files changed, 75 insertions(+), 51 deletions(-) diff --git a/scripts/functions.sh b/scripts/functions.sh index 6b52a33..5ca61da 100644 --- a/scripts/functions.sh +++ b/scripts/functions.sh @@ -59,7 +59,6 @@ check_config() { preprocess_config() { check_config - load_resolvable_entries } prepare_installation_environment() { @@ -138,7 +137,6 @@ disk_create_gpt() { fi local ptuuid="${DISK_ID_TO_UUID[$new_id]}" - create_resolve_entry "$new_id" ptuuid "$ptuuid" einfo "Creating new gpt partition table ($new_id) on $device_desc" sgdisk -Z -U "$ptuuid" "$device" >/dev/null \ @@ -175,8 +173,6 @@ disk_create_partition() { *) ;; esac - create_resolve_entry "$new_id" partuuid "$partuuid" - einfo "Creating partition ($new_id) with type=$type, size=$size on $device" # shellcheck disable=SC2086 sgdisk -n "0:0:$arg_size" -t "0:$type" -u "0:$partuuid" $extra_args "$device" >/dev/null \ @@ -215,7 +211,6 @@ disk_create_raid() { local mddevice="/dev/md/$name" local uuid="${DISK_ID_TO_UUID[$new_id]}" - create_resolve_entry "$new_id" mdadm "$uuid" einfo "Creating raid$level ($new_id) on $devices_desc" mdadm \ @@ -232,6 +227,7 @@ disk_create_raid() { disk_create_luks() { local new_id="${arguments[new_id]}" + local name="${arguments[name]}" local id="${arguments[id]}" if [[ $disk_action_summarize_only == "true" ]]; then add_summary_entry "$id" "$new_id" "luks" "" "" @@ -240,7 +236,6 @@ disk_create_luks() { local device="$(resolve_device_by_id "$id")" local uuid="${DISK_ID_TO_UUID[$new_id]}" - create_resolve_entry "$new_id" luks "$uuid" einfo "Creating luks ($new_id) on $device ($id)" local keyfile @@ -269,8 +264,8 @@ disk_create_luks() { || die "Could not backup luks header on '$device' ($id)" cryptsetup open --type luks2 \ --key-file "$keyfile" \ - "$device" "${uuid,,}" \ - || die "Could not open luks header on '$device' ($id)" + "$device" "$name" \ + || die "Could not open luks encrypted device '$device' ($id)" } disk_format() { diff --git a/scripts/internal_config.sh b/scripts/internal_config.sh index f521f43..c487c2d 100644 --- a/scripts/internal_config.sh +++ b/scripts/internal_config.sh @@ -110,6 +110,8 @@ create_gpt() { [[ -v arguments[id] ]] \ && verify_existing_id id + local new_id="${arguments[new_id]}" + create_resolve_entry "$new_id" ptuuid "${DISK_ID_TO_UUID[$new_id]}" DISK_ACTIONS+=("action=create_gpt" "$@" ";") } @@ -133,7 +135,9 @@ create_partition() { [[ ${arguments[size]} == "remaining" ]] \ && DISK_GPT_HAD_SIZE_REMAINING[${arguments[id]}]=true - DISK_ID_PART_TO_GPT_ID[${arguments[new_id]}]="${arguments[id]}" + local new_id="${arguments[new_id]}" + DISK_ID_PART_TO_GPT_ID[$new_id]="${arguments[id]}" + create_resolve_entry "$new_id" partuuid "${DISK_ID_TO_UUID[$new_id]}" DISK_ACTIONS+=("action=create_partition" "$@" ";") } @@ -153,6 +157,8 @@ create_raid() { verify_option level 0 1 5 6 verify_existing_unique_ids ids + local new_id="${arguments[new_id]}" + create_resolve_entry "$new_id" mdadm "${DISK_ID_TO_UUID[$new_id]}" DISK_ACTIONS+=("action=create_raid" "$@" ";") } @@ -162,13 +168,16 @@ create_raid() { create_luks() { USED_LUKS=true - local known_arguments=('+new_id' '+id') + local known_arguments=('+new_id' '+name' '+id') local extra_arguments=() declare -A arguments; parse_arguments "$@" create_new_id new_id verify_existing_id id + local new_id="${arguments[new_id]}" + local name="${arguments[name]}" + create_resolve_entry "$new_id" luks "$name" DISK_ACTIONS+=("action=create_luks" "$@" ";") } @@ -271,7 +280,7 @@ create_raid0_luks_layout() { [[ $size_swap != "false" ]] && \ create_raid new_id=part_raid_swap name="swap" level=0 ids="$(expand_ids '^part_swap_dev[[:digit:]]$')" create_raid new_id=part_raid_root name="root" level=0 ids="$(expand_ids '^part_root_dev[[:digit:]]$')" - create_luks new_id=part_luks_root id=part_raid_root + create_luks new_id=part_luks_root name="root" id=part_raid_root format id="part_${type}_dev0" type="$type" label="$type" [[ $size_swap != "false" ]] && \ diff --git a/scripts/main.sh b/scripts/main.sh index c0730b0..b25dbb8 100755 --- a/scripts/main.sh +++ b/scripts/main.sh @@ -107,6 +107,46 @@ install_sshd() { || die "Could not create group 'sshusers'" } +generate_initramfs() { + local output="$1" + + # Generate initramfs + einfo "Generating initramfs" + + local modules=() + [[ $USED_RAID == "true" ]] \ + modules+=("mdraid") + [[ $USED_LUKS == "true" ]] \ + modules+=("crypt crypt-gpg") + + local kver="$(readlink /usr/src/linux)" + kver="${kver#linux-}" + + # Generate initramfs + try dracut \ + --conf "/dev/null" \ + --confdir "/dev/null" \ + --kver "$kver" \ + --no-compress \ + --hostonly \ + --hostonly-mode "strict" \ + --no-hostonly-cmdline \ + --no-hostonly-default-device \ + --ro-mnt \ + --modules "bash ${modules[*]}" \ + --force \ + "$output" +} + +get_cmdline() { + local cmdline=() + cmdline+=("root=UUID=$rootuuid") + # TODO in order.... + cmdline+=("rd.md.uuid=$todo") + cmdline+=("rd.luks.uuid=$todo") + echo -n "${cmdline[*]}" +} + install_kernel_efi() { try emerge --verbose sys-boot/efibootmgr @@ -118,18 +158,19 @@ install_kernel_efi() { || die "Could not find kernel version" mkdir_or_die 0755 "/boot/efi/EFI" - cp "/boot/initramfs-$kernel_version"* "/boot/efi/EFI/initramfs.img" \ - || die "Could not copy initramfs to EFI partition" cp "/boot/vmlinuz-$kernel_version"* "/boot/efi/EFI/vmlinuz.efi" \ || die "Could not copy kernel to EFI partition" + # Generate initramfs + generate_initramfs "/boot/efi/EFI/initramfs.img" + # Create boot entry einfo "Creating efi boot entry" local linuxdev="$(resolve_device_by_id "$DISK_ID_ROOT")" local efipartdev="$(resolve_device_by_id "$DISK_ID_EFI")" local efipartnum="${efipartdev: -1}" local gptdev="$(resolve_device_by_id "${DISK_ID_PART_TO_GPT_ID[$DISK_ID_EFI]}")" - try efibootmgr --verbose --create --disk "$gptdev" --part "$efipartnum" --label "gentoo" --loader '\EFI\vmlinuz.efi' --unicode "root=$linuxdev initrd=\\EFI\\initramfs.img" + try efibootmgr --verbose --create --disk "$gptdev" --part "$efipartnum" --label "gentoo" --loader '\EFI\vmlinuz.efi' --unicode 'initrd=\EFI\initramfs.img' } install_kernel_bios() { @@ -140,6 +181,9 @@ install_kernel_bios() { local gptdev="$(resolve_device_by_id "${DISK_ID_PART_TO_GPT_ID[$DISK_ID_BIOS]}")" try dd bs=440 conv=notrunc count=1 if=/usr/share/syslinux/gptmbr.bin of="$gptdev" + # Generate initramfs + generate_initramfs "/boot/initramfs.img" + # Install syslinux einfo "Installing syslinux" local biosdev="$(resolve_device_by_id "$DISK_ID_BIOS")" @@ -147,8 +191,11 @@ install_kernel_bios() { } install_kernel() { + einfo "Installing dracut" + try emerge --verbose sys-kernel/dracut + # Install vanilla kernel - einfo "Installing binary vanilla kernel" + einfo "Installing vanilla kernel" try emerge --verbose sys-kernel/gentoo-kernel-bin if [[ $IS_EFI == "true" ]]; then @@ -242,6 +289,12 @@ main_install_gentoo_in_chroot() { try emerge --verbose sys-fs/mdadm fi + # Install cryptsetup if we used luks + if [[ $USED_LUKS == "true" ]]; then + einfo "Installing cryptsetup" + try emerge --verbose sys-fs/cryptsetup + fi + # Install kernel and initramfs install_kernel diff --git a/scripts/utils.sh b/scripts/utils.sh index 095380f..0ef198c 100644 --- a/scripts/utils.sh +++ b/scripts/utils.sh @@ -166,31 +166,8 @@ get_device_by_mdadm_uuid() { echo -n "$dev" } -get_device_by_luks_uuid() { - echo -n "/dev/mapper/${1,,}" -} - -save_map_entry() { - local mapname="$1" - local key="$2" - local value="$3" - mkdir -p "$RESOLVABLE_MAP_DIR/$mapname" \ - || die "Could not create '$RESOLVABLE_MAP_DIR/$mapname'" - echo -n "$value" > "$RESOLVABLE_MAP_DIR/$mapname/$(base64 -w 0 <<< "$key")" -} - -load_map_entries() { - local mapname="$1" - local lambda="$2" - - local base64_key - local key - local value - for base64_key in "$RESOLVABLE_MAP_DIR/$mapname/"*; do - key="$(base64 -d <<< "$(basename "$base64_key")")" - value="$(cat "$base64_key")" - "$lambda" "$key" "$value" - done +get_device_by_luks_name() { + echo -n "/dev/mapper/$1" } create_resolve_entry() { @@ -199,16 +176,6 @@ create_resolve_entry() { local arg="${3,,}" DISK_ID_TO_RESOLVABLE[$id]="$type:$arg" - save_map_entry DISK_ID_TO_RESOLVABLE "$id" "$type:$arg" -} - -load_resolvable_entries() { - [[ -d $RESOLVABLE_MAP_DIR ]] \ - || return 0 - - lambda() { - DISK_ID_TO_RESOLVABLE[$1]="$2" - }; load_map_entries DISK_ID_TO_RESOLVABLE lambda } resolve_device_by_id() { @@ -224,7 +191,7 @@ resolve_device_by_id() { 'ptuuid') get_device_by_ptuuid "$arg" ;; 'uuid') get_device_by_uuid "$arg" ;; 'mdadm') get_device_by_mdadm_uuid "$arg" ;; - 'luks') get_device_by_luks_uuid "$arg" ;; + 'luks') get_device_by_luks_name "$arg" ;; *) die "Cannot resolve '$type:$arg' to device (unknown type)" esac }