From f5d7884eb22ab15a5a5c7a70cfcecec8cce360b8 Mon Sep 17 00:00:00 2001 From: xengineering Date: Tue, 17 Dec 2019 13:47:27 +0100 Subject: Renamed boot_partition to efi_partition and root_partition to main_partition. --- stages/second_stage.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'stages/second_stage.sh') diff --git a/stages/second_stage.sh b/stages/second_stage.sh index 7020b6b..5ad7745 100644 --- a/stages/second_stage.sh +++ b/stages/second_stage.sh @@ -31,6 +31,6 @@ bash configure_network.sh $hostname bash configure_users.sh $admin_username $DEFAULT_PASSWORD -bash install_bootloader.sh $boot_partition_path +bash install_bootloader.sh $efi_partition_path bash configure_desktop.sh -- cgit v1.2.3-70-g09d2 From 9050875a8d36640d7068afd6b6632a97104d8df4 Mon Sep 17 00:00:00 2001 From: xengineering Date: Sun, 22 Dec 2019 20:15:03 +0100 Subject: Some improvement for encrypted formatting. --- stages/first_stage.sh | 6 ++++++ stages/second_stage.sh | 2 ++ util/close_crypto_partition.sh | 26 ++++++++++++++++++++++++++ util/create_filesystems.sh | 2 +- util/format_crypto_partition.sh | 2 ++ util/open_crypto_partition.sh | 2 ++ 6 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 util/close_crypto_partition.sh (limited to 'stages/second_stage.sh') diff --git a/stages/first_stage.sh b/stages/first_stage.sh index 9520894..ea11fa4 100644 --- a/stages/first_stage.sh +++ b/stages/first_stage.sh @@ -79,4 +79,10 @@ bash copy_archinstall_log.sh $LOG_FILE_PATH bash unmount_filesystems.sh $boot_partition_path $root_partition_path +if [ $system_encryption == "yes" ];then + + bash close_crypto_partition.sh $main_partition_path + +fi + bash print_final_message.sh $DEFAULT_PASSWORD diff --git a/stages/second_stage.sh b/stages/second_stage.sh index 5ad7745..34c4a49 100644 --- a/stages/second_stage.sh +++ b/stages/second_stage.sh @@ -29,6 +29,8 @@ bash configure_timezone.sh /usr/share/zoneinfo/Europe/Berlin bash configure_network.sh $hostname +bash recreate_initramfs.sh + bash configure_users.sh $admin_username $DEFAULT_PASSWORD bash install_bootloader.sh $efi_partition_path diff --git a/util/close_crypto_partition.sh b/util/close_crypto_partition.sh new file mode 100644 index 0000000..52bc50f --- /dev/null +++ b/util/close_crypto_partition.sh @@ -0,0 +1,26 @@ +#!/bin/bash + + +# archinstall - A minimal Installation Script for Arch Linux +# Copyright (C) 2019 xengineering + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + + +main_partition_path=$1 + + +cryptsetup close $main_partition_path + +echo "Closed crypto partition - OK" diff --git a/util/create_filesystems.sh b/util/create_filesystems.sh index 41ed84a..972eefd 100644 --- a/util/create_filesystems.sh +++ b/util/create_filesystems.sh @@ -28,6 +28,6 @@ fatlabel $efi_partition_path "EFI" mkfs.ext4 $boot_partition_path e2label $boot_partition_path "BOOT" mkfs.ext4 $root_partition_path -e2label $root_partition_path "MAIN" +e2label $root_partition_path "ROOT" echo "Created filesystems - OK" diff --git a/util/format_crypto_partition.sh b/util/format_crypto_partition.sh index 97cdad4..688e280 100644 --- a/util/format_crypto_partition.sh +++ b/util/format_crypto_partition.sh @@ -23,3 +23,5 @@ DEFAULT_PASSWORD=$2 echo -n "$DEFAULT_PASSWORD" | cryptsetup luksFormat $main_partition_path - + +echo "Formatted crypto partition - OK" diff --git a/util/open_crypto_partition.sh b/util/open_crypto_partition.sh index 2a01c55..40e7a61 100644 --- a/util/open_crypto_partition.sh +++ b/util/open_crypto_partition.sh @@ -23,3 +23,5 @@ DEFAULT_PASSWORD=$2 echo -n "$DEFAULT_PASSWORD" | cryptsetup open $main_partition_path main - + +echo "Opened crypto partition - OK" -- cgit v1.2.3-70-g09d2 From e218e91ad0ec6b660ca9ae7f3c45d5cde5a36fdf Mon Sep 17 00:00:00 2001 From: xengineering Date: Wed, 8 Jan 2020 22:06:38 +0100 Subject: First version of luks encrypted archinstall. --- stages/second_stage.sh | 4 ++-- util/configure_initramfs.sh | 31 +++++++++++++++++++++++++++++++ util/install_bootloader.sh | 21 +++++++++++++++++++++ 3 files changed, 54 insertions(+), 2 deletions(-) create mode 100644 util/configure_initramfs.sh (limited to 'stages/second_stage.sh') diff --git a/stages/second_stage.sh b/stages/second_stage.sh index 34c4a49..015d89b 100644 --- a/stages/second_stage.sh +++ b/stages/second_stage.sh @@ -29,10 +29,10 @@ bash configure_timezone.sh /usr/share/zoneinfo/Europe/Berlin bash configure_network.sh $hostname -bash recreate_initramfs.sh +bash configure_initramfs.sh bash configure_users.sh $admin_username $DEFAULT_PASSWORD -bash install_bootloader.sh $efi_partition_path +bash install_bootloader.sh $efi_partition_path $system_encryption bash configure_desktop.sh diff --git a/util/configure_initramfs.sh b/util/configure_initramfs.sh new file mode 100644 index 0000000..3222a89 --- /dev/null +++ b/util/configure_initramfs.sh @@ -0,0 +1,31 @@ +#!/bin/bash + + +# archinstall - A minimal Installation Script for Arch Linux +# Copyright (C) 2019 xengineering + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + + +new_hooks_config_line="HOOKS=(base udev autodetect keyboard keymap modconf block encrypt filesystems fsck)" +echo "new_hooks_config_line: $new_hooks_config_line" +old_hooks_config_line=$(cat /etc/mkinitcpio.conf | grep "^HOOKS=") +echo "old_hooks_config_line: $old_hooks_config_line" + +sed -i "s|$old_hooks_config_line|$new_hooks_config_line|" /etc/mkinitcpio.conf + +mkinitcpio -P + + +echo "Configured initramfs - OK" diff --git a/util/install_bootloader.sh b/util/install_bootloader.sh index cf6c374..4d3e9b9 100644 --- a/util/install_bootloader.sh +++ b/util/install_bootloader.sh @@ -19,11 +19,32 @@ efi_partition_path=$1 +system_encryption=$2 + + +############ Add encryption setting in /etc/default/grub before calling grub-mkconfig +## to generate /boot/grub/grub.cfg + +## See: https://wiki.archlinux.org/index.php/Dm-crypt/System_configuration#Boot_loader mount $efi_partition_path /mnt grub-install --target=x86_64-efi --efi-directory=/mnt --bootloader-id=GRUB \ --removable + +if [ $system_encryption == "yes" ];then + + cryptdevice_uuid=$(lsblk --fs | grep $main_partition_path | awk '{print $3}') + echo "cryptdevice_uuid: $cryptdevice_uuid" + old_kernel_param_line=$(cat /etc/default/grub | grep "GRUB_CMDLINE_LINUX_DEFAULT") + echo "old_kernel_param_line: $old_kernel_param_line" + new_kernal_param_line="GRUB_CMDLINE_LINUX_DEFAULT=\"loglevel=3 quiet cryptdevice=UUID=${cryptdevice_uuid}:main root=/dev/mapper/main\"" + echo "new_kernel_param_line: $new_kernal_param_line" + echo "Adding kernel parameters to /etc/default/grub" + sed -i "s|$old_kernel_param_line|$new_kernal_param_line|" /etc/default/grub + +fi + grub-mkconfig -o /boot/grub/grub.cfg umount $efi_partition_path -- cgit v1.2.3-70-g09d2 From 457c01bfcd6346b8a06420d721fa02a216cea9bf Mon Sep 17 00:00:00 2001 From: xengineering Date: Thu, 9 Jan 2020 10:46:37 +0100 Subject: Bugfix for install_bootloader.sh. --- stages/second_stage.sh | 2 +- util/install_bootloader.sh | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'stages/second_stage.sh') diff --git a/stages/second_stage.sh b/stages/second_stage.sh index 015d89b..c2c0b92 100644 --- a/stages/second_stage.sh +++ b/stages/second_stage.sh @@ -33,6 +33,6 @@ bash configure_initramfs.sh bash configure_users.sh $admin_username $DEFAULT_PASSWORD -bash install_bootloader.sh $efi_partition_path $system_encryption +bash install_bootloader.sh $efi_partition_path $system_encryption $main_partition_path bash configure_desktop.sh diff --git a/util/install_bootloader.sh b/util/install_bootloader.sh index 1f3c4e3..db6c8bc 100644 --- a/util/install_bootloader.sh +++ b/util/install_bootloader.sh @@ -20,6 +20,7 @@ efi_partition_path=$1 system_encryption=$2 +main_partition_path=$3 ############ Add encryption setting in /etc/default/grub before calling grub-mkconfig @@ -34,7 +35,7 @@ grub-install --target=x86_64-efi --efi-directory=/mnt --bootloader-id=GRUB \ if [ $system_encryption == "yes" ];then - cryptdevice_uuid=$(lsblk --fs | grep "${basename $main_partition_path}" | awk '{print $3}') + cryptdevice_uuid=$(lsblk --fs | grep "$(basename $main_partition_path)" | awk '{print $3}') echo "cryptdevice_uuid: $cryptdevice_uuid" old_kernel_param_line=$(cat /etc/default/grub | grep "GRUB_CMDLINE_LINUX_DEFAULT") echo "old_kernel_param_line: $old_kernel_param_line" -- cgit v1.2.3-70-g09d2