|
|
@@
-8,23
+8,20
|
|
|
8
|
# Install and setup fstab
|
|
8
|
# Install and setup fstab
|
|
|
9
|
install_readonly files/mount/fstab "${ETC_DIR}/fstab"
|
|
9
|
install_readonly files/mount/fstab "${ETC_DIR}/fstab"
|
|
|
10
|
|
|
10
|
|
|
|
11
|
# Add usb/sda disk root partition to fstab
|
|
11
|
#USB BOOT /boot on sda1 / on sda2
|
|
|
12
|
if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_CRYPTFS" = false ] ; then
|
|
12
|
if [ "$ENABLE_USBBOOT" = true ] && [ "$ENABLE_CRYPTFS" = false ]; then
|
|
|
13
|
sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab"
|
|
|
|
|
|
14
|
fi
|
|
|
|
|
|
15
|
|
|
|
|
|
|
16
|
if [ "$ENABLE_USBBOOT" = true ] ; then
|
|
|
|
|
|
17
|
sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab"
|
|
13
|
sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab"
|
|
|
18
|
sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/fstab"
|
|
14
|
sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/fstab"
|
|
|
19
|
fi
|
|
15
|
fi
|
|
|
20
|
|
|
16
|
|
|
|
|
|
|
17
|
# Add usb/sda disk root partition to fstab
|
|
|
|
|
|
18
|
if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_CRYPTFS" = false ]; then
|
|
|
|
|
|
19
|
sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab"
|
|
|
|
|
|
20
|
fi
|
|
|
|
|
|
21
|
|
|
|
21
|
# Generate initramfs file
|
|
22
|
# Generate initramfs file
|
|
|
22
|
if [ "$ENABLE_INITRAMFS" = true ] ; then
|
|
23
|
if [ "$ENABLE_INITRAMFS" = true ] ; then
|
|
|
23
|
if [ "$ENABLE_CRYPTFS" = true ] ; then
|
|
24
|
if [ "$ENABLE_CRYPTFS" = true ] ; then
|
|
|
24
|
if [ "$ENABLE_USBBOOT" = true ] ; then
|
|
|
|
|
|
25
|
# Add usb/sda2 disk to crypttab
|
|
|
|
|
|
26
|
sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/crypttab"
|
|
|
|
|
|
27
|
fi
|
|
|
|
|
|
28
|
|
|
25
|
|
|
|
29
|
# Include initramfs scripts to auto expand encrypted root partition
|
|
26
|
# Include initramfs scripts to auto expand encrypted root partition
|
|
|
30
|
if [ "$EXPANDROOT" = true ] ; then
|
|
27
|
if [ "$EXPANDROOT" = true ] ; then
|
|
|
@@
-39,9
+36,15
if [ "$ENABLE_INITRAMFS" = true ] ; then
|
|
|
39
|
# Add encrypted partition to crypttab and fstab
|
|
36
|
# Add encrypted partition to crypttab and fstab
|
|
|
40
|
install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
|
|
37
|
install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
|
|
|
41
|
echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks,initramfs" >> "${ETC_DIR}/crypttab"
|
|
38
|
echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks,initramfs" >> "${ETC_DIR}/crypttab"
|
|
|
|
|
|
39
|
|
|
|
|
|
|
40
|
if [ "$ENABLE_USBBOOT" = true ] && [ "$ENABLE_SPLITFS" = false ]; then
|
|
|
|
|
|
41
|
sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab"
|
|
|
|
|
|
42
|
# Add usb/sda2 disk to crypttab
|
|
|
|
|
|
43
|
sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/crypttab"
|
|
|
|
|
|
44
|
fi
|
|
|
42
|
|
|
45
|
|
|
|
43
|
# Add encrypted root partition to fstab and crypttab
|
|
46
|
# Add encrypted root partition to fstab and crypttab
|
|
|
44
|
if [ "$ENABLE_SPLITFS" = true ] ; then
|
|
47
|
if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_USBBOOT" = false ]; then
|
|
|
45
|
# Add usb/sda1 disk to crypttab
|
|
48
|
# Add usb/sda1 disk to crypttab
|
|
|
46
|
sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
|
|
49
|
sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
|
|
|
47
|
fi
|
|
50
|
fi
|
|
|
@@
-56,9
+59,6
if [ "$ENABLE_INITRAMFS" = true ] ; then
|
|
|
56
|
|
|
59
|
|
|
|
57
|
# Write static ip settings to "${ETC_DIR}"/initramfs-tools/initramfs.conf
|
|
60
|
# Write static ip settings to "${ETC_DIR}"/initramfs-tools/initramfs.conf
|
|
|
58
|
sed -i "\$a\nIP=${NET_ADDRESS}::${NET_GATEWAY}:${NET_MASK}:${HOSTNAME}:" "${ETC_DIR}"/initramfs-tools/initramfs.conf
|
|
61
|
sed -i "\$a\nIP=${NET_ADDRESS}::${NET_GATEWAY}:${NET_MASK}:${HOSTNAME}:" "${ETC_DIR}"/initramfs-tools/initramfs.conf
|
|
|
59
|
|
|
|
|
|
|
60
|
#Regenerate initramfs
|
|
|
|
|
|
61
|
#chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
|
|
|
|
|
|
62
|
|
|
62
|
fi
|
|
|
63
|
|
|
63
|
|
|
|
64
|
if [ -n "$CRYPTFS_DROPBEAR_PUBKEY" ] && [ -f "$CRYPTFS_DROPBEAR_PUBKEY" ] ; then
|
|
64
|
if [ -n "$CRYPTFS_DROPBEAR_PUBKEY" ] && [ -f "$CRYPTFS_DROPBEAR_PUBKEY" ] ; then
|
|
|
@@
-100,10
+100,10
if [ "$ENABLE_INITRAMFS" = true ] ; then
|
|
|
100
|
fi
|
|
100
|
fi
|
|
|
101
|
|
|
101
|
|
|
|
102
|
# Add cryptsetup modules to initramfs
|
|
102
|
# Add cryptsetup modules to initramfs
|
|
|
103
|
printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook"
|
|
103
|
#printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook"
|
|
|
104
|
|
|
104
|
|
|
|
105
|
# Dummy mapping required by mkinitramfs
|
|
105
|
# Dummy mapping required by mkinitramfs
|
|
|
106
|
echo "0 1 crypt $(echo "${CRYPTFS_CIPHER}" | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
|
|
106
|
echo "0 1 crypt "${CRYPTFS_CIPHER}" ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
|
|
|
107
|
|
|
107
|
|
|
|
108
|
# Generate initramfs with encrypted root partition support
|
|
108
|
# Generate initramfs with encrypted root partition support
|
|
|
109
|
chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
|
|
109
|
chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
|
