mirror of
https://github.com/gryf/mkinitramfs.git
synced 2025-12-18 12:00:21 +01:00
Updated a bit init script
This commit is contained in:
@@ -84,8 +84,13 @@ umask 0077
|
|||||||
mount -t devtmpfs -o nosuid,relatime,size=10240k,mode=755 devtmpfs /dev
|
mount -t devtmpfs -o nosuid,relatime,size=10240k,mode=755 devtmpfs /dev
|
||||||
mount -t proc proc /proc
|
mount -t proc proc /proc
|
||||||
mount -t sysfs sysfs /sys
|
mount -t sysfs sysfs /sys
|
||||||
|
mount -t configfs none /sys/kernel/config
|
||||||
|
mount -t debugfs none /sys/kernel/debug
|
||||||
|
|
||||||
# clean i/o
|
# do not let kernel spill its messages to the console
|
||||||
|
echo 0 > /proc/sys/kernel/printk
|
||||||
|
|
||||||
|
# clean console i/o
|
||||||
exec >/dev/console </dev/console 2>&1
|
exec >/dev/console </dev/console 2>&1
|
||||||
|
|
||||||
# tty fix
|
# tty fix
|
||||||
@@ -124,7 +129,7 @@ done
|
|||||||
# be carefull, which disk you select to write.
|
# be carefull, which disk you select to write.
|
||||||
INIT_SD = """
|
INIT_SD = """
|
||||||
for counter in $(seq 5); do
|
for counter in $(seq 5); do
|
||||||
clear
|
$CLEAR
|
||||||
if [ -b /dev/mmcblk0p1 ]; then
|
if [ -b /dev/mmcblk0p1 ]; then
|
||||||
KEYDEV=/dev/mmcblk0p1
|
KEYDEV=/dev/mmcblk0p1
|
||||||
break
|
break
|
||||||
@@ -143,8 +148,7 @@ done
|
|||||||
# off.
|
# off.
|
||||||
INIT_LABELED = """
|
INIT_LABELED = """
|
||||||
for counter in $(seq 3); do
|
for counter in $(seq 3); do
|
||||||
sleep 1
|
$CLEAR
|
||||||
clear
|
|
||||||
for dev in /dev/sd* /dev/mmcblk*; do
|
for dev in /dev/sd* /dev/mmcblk*; do
|
||||||
if blkid "${dev}" | grep -w LABEL | grep -iqw "%(label)s"; then
|
if blkid "${dev}" | grep -w LABEL | grep -iqw "%(label)s"; then
|
||||||
KEYDEV="${dev}"
|
KEYDEV="${dev}"
|
||||||
@@ -152,6 +156,7 @@ for counter in $(seq 3); do
|
|||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
[ -n "${KEYDEV}" ] && break
|
[ -n "${KEYDEV}" ] && break
|
||||||
|
sleep 1
|
||||||
done
|
done
|
||||||
"""
|
"""
|
||||||
|
|
||||||
@@ -159,7 +164,6 @@ done
|
|||||||
# and interactively prompt for password
|
# and interactively prompt for password
|
||||||
DROPBEAR_SCRIPT = """
|
DROPBEAR_SCRIPT = """
|
||||||
for counter in $(seq 3); do
|
for counter in $(seq 3); do
|
||||||
sleep 1
|
|
||||||
$CLEAR
|
$CLEAR
|
||||||
for dev in /dev/sd* /dev/nvme*; do
|
for dev in /dev/sd* /dev/nvme*; do
|
||||||
if cryptsetup isLuks ${dev}; then
|
if cryptsetup isLuks ${dev}; then
|
||||||
@@ -170,6 +174,7 @@ for counter in $(seq 3); do
|
|||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
[ -n "${DEVICE}" ] && break
|
[ -n "${DEVICE}" ] && break
|
||||||
|
sleep 1
|
||||||
done
|
done
|
||||||
|
|
||||||
if [ -z "${DEVICE}" ]; then
|
if [ -z "${DEVICE}" ]; then
|
||||||
@@ -201,7 +206,6 @@ fi
|
|||||||
# Open encrypted fs
|
# Open encrypted fs
|
||||||
INIT_OPEN = """
|
INIT_OPEN = """
|
||||||
for counter in $(seq 3); do
|
for counter in $(seq 3); do
|
||||||
sleep 1
|
|
||||||
$CLEAR
|
$CLEAR
|
||||||
for dev in /dev/sd* /dev/nvme*; do
|
for dev in /dev/sd* /dev/nvme*; do
|
||||||
if cryptsetup isLuks ${dev}; then
|
if cryptsetup isLuks ${dev}; then
|
||||||
@@ -212,12 +216,12 @@ for counter in $(seq 3); do
|
|||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
[ -n "${DEVICE}" ] && break
|
[ -n "${DEVICE}" ] && break
|
||||||
|
sleep 1
|
||||||
done
|
done
|
||||||
|
|
||||||
if [ -z "${DEVICE}" ]; then
|
if [ -z "${DEVICE}" ]; then
|
||||||
echo "No LUKS device found to boot from! Giving up."
|
echo "No LUKS device found to boot from! Giving up."
|
||||||
sleep 3
|
exec reboot -f -d 3
|
||||||
exec reboot -f
|
|
||||||
fi
|
fi
|
||||||
"""
|
"""
|
||||||
|
|
||||||
@@ -234,8 +238,7 @@ fi
|
|||||||
|
|
||||||
if [[ ${ret} -ne 0 && ! -f ${KEY} ]]; then
|
if [[ ${ret} -ne 0 && ! -f ${KEY} ]]; then
|
||||||
echo "Failed to open boot system fs. Giving up."
|
echo "Failed to open boot system fs. Giving up."
|
||||||
sleep 3
|
reboot -f -d 3
|
||||||
reboot -f
|
|
||||||
fi
|
fi
|
||||||
"""
|
"""
|
||||||
|
|
||||||
@@ -243,7 +246,7 @@ DECRYPT_YUBICP = """
|
|||||||
for i in 1 2 3 4 5 6; do
|
for i in 1 2 3 4 5 6; do
|
||||||
pass=$(ykchalresp %(disk)s 2>/dev/null)
|
pass=$(ykchalresp %(disk)s 2>/dev/null)
|
||||||
if [ -n "$pass" ]; then
|
if [ -n "$pass" ]; then
|
||||||
ccrypt -K $pass -c "$KEY.yk" | \
|
echo "$pass" | ccrypt -c -k - "$KEY.yk" | \
|
||||||
cryptsetup open --allow-discards $DEVICE root
|
cryptsetup open --allow-discards $DEVICE root
|
||||||
break
|
break
|
||||||
fi
|
fi
|
||||||
@@ -347,7 +350,7 @@ class Config:
|
|||||||
self.authorized_keys = toml_.get('authorized_keys', ROOT_AK)
|
self.authorized_keys = toml_.get('authorized_keys', ROOT_AK)
|
||||||
|
|
||||||
|
|
||||||
class Initramfs(object):
|
class Initramfs:
|
||||||
def __init__(self, conf):
|
def __init__(self, conf):
|
||||||
self.conf = conf
|
self.conf = conf
|
||||||
self.key = None
|
self.key = None
|
||||||
|
|||||||
Reference in New Issue
Block a user