synit
/
pmbootstrap
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add osk-sdl as default luks unlock mechanism on boot (#476) 

More information: <https://postmarketos.org/osk-port>
This commit is contained in:
clayton craft 2017-10-14 18:10:12 +00:00 committed by Oliver Smith
parent 383e3c8ab8
commit de84ec61a4
5 changed files with 70 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
aports/main/postmarketos-mkinitfs/APKBUILD
View File

@ -1,10 +1,10 @@
pkgname=postmarketos-mkinitfs
pkgver=0.4.0
pkgver=0.5.0
pkgrel=0
pkgdesc="Tool to generate initramfs images for postmarketOS"
url="https://github.com/postmarketOS"
# multipath-tools: kpartx
depends="busybox-extras lddtree cryptsetup kmod multipath-tools postmarketos-splash device-mapper parted e2fsprogs e2fsprogs-extra"
depends="busybox-extras lddtree cryptsetup kmod multipath-tools postmarketos-splash device-mapper parted e2fsprogs e2fsprogs-extra osk-sdl"
triggers="$pkgname.trigger=/etc/postmarketos-mkinitfs/hooks:/usr/share/kernel/*"
source="init.sh.in init_functions.sh mkinitfs.sh"
arch="noarch"
@ -22,5 +22,5 @@ package() {
mkdir -p "$pkgdir/etc/postmarketos-mkinitfs/hooks/"
}
sha512sums="e1849a13ee696e76dc6c734eda984bcc6a6e2e3d8a62a4df0778a8e338dc0bf9d967fa263ae6e57c14a0cb516c6004c6e251262a1711ad47f1ce4c622727a1d7 init.sh.in
a107e9b49859aa99852a42dc7cbd9815de11c6983c00a2ebd6b9ff53ab6db82aff974d6e715da6aacee3796ae6865a599db5b56a618d90a44c3c4a01fd7bcb01 init_functions.sh
9461cd531489c8254a47a17f80e5cc10d52b2a5c854aa9b9faab8ca647e78c945933eb5d8257368ed2e53ac0438b7a1f396f53e7ed11a367b3f81e6881e5fa5e mkinitfs.sh"
e01ecaf38b0e09558812b7031451bf02afad5e3e409919d69006e2b137b7e9c578dec2d9a1de09b81c0bd360cdef66aff1b7b4e1e5873418eb7ec7a1211d4f82 init_functions.sh
3948f1f49a6d9b9817dbc4ac14f2609b10e9bd6f819b6556477d400bae0226dc64cb2702ca7afd75c10aa8917fe82622b39cbf5df94412df9bcd97d84687e245 mkinitfs.sh"

56
aports/main/postmarketos-mkinitfs/init_functions.sh
View File

@ -1,7 +1,6 @@
#!/bin/sh
# This file will be in /init_functions.sh inside the initramfs.
IP=172.16.42.1
TELNET_PORT=23
# Redirect stdout and stderr to logfile
setup_log() {
@ -72,15 +71,17 @@ find_root_partition() {
# what we want.
#
# To deal with the side-effect, we use the partitions from
# /dev/mapper first, and then fall back to partitions with all paths
# (in case the user inserted an SD card after mount_subpartitions()
# ran!).
# /dev/mapper and /dev/dm-* first, and then fall back to partitions
# with all paths (in case the user inserted an SD card after
# mount_subpartitions() ran!).
# Try the partitions in /dev/mapper first.
# Try partitions in /dev/mapper and /dev/dm-* first
for id in pmOS_root crypto_LUKS; do
DEVICE="$(blkid | grep /dev/mapper | grep "$id" \
| cut -d ":" -f 1)"
[ -z "$DEVICE" ] || break
for path in /dev/mapper /dev/dm; do
DEVICE="$(blkid | grep "$path" | grep "$id" \
| cut -d ":" -f 1)"
[ -z "$DEVICE" ] || break 2
done
done
# Then try all devices
@ -162,8 +163,7 @@ unlock_root_partition() {
partition="$(find_root_partition)"
if cryptsetup isLuks "$partition"; then
until cryptsetup status root | grep -qwi active; do
start_usb_unlock
cryptsetup luksOpen "$partition" root || continue
start_onscreen_keyboard
done
# Show again the loading splashscreen
show_splash /splash-loading.ppm.gz
@ -264,30 +264,18 @@ start_udhcpd() {
udhcpd
}
start_usb_unlock() {
# Only run once
_marker="/tmp/_start_usb_unlock"
[ -e "$_marker" ] && return
touch "$_marker"
# Set up networking
setup_usb_network
start_udhcpd
# Telnet splash
show_splash /splash-telnet.ppm.gz
echo "Start the telnet daemon (unlock encrypted partition)"
{
echo '#!/bin/sh'
echo '. /init_functions.sh'
echo 'unlock_root_partition'
echo 'echo_connect_ssh_message'
echo 'killall cryptsetup'
echo "pkill -f telnetd.*:${TELNET_PORT}"
} >/telnet_connect.sh
chmod +x /telnet_connect.sh
telnetd -b "${IP}:${TELNET_PORT}" -l /telnet_connect.sh
start_onscreen_keyboard(){
# Set up directfb and tslib for osk-sdl
# Note: linux_input module is disabled since it will try to take over
# the touchscreen device from tslib (e.g. on the N900)
export DFBARGS="system=fbdev,no-cursor,disable-module=linux_input"
# shellcheck disable=SC2154
if [ ! -z "$deviceinfo_dev_touchscreen" ]; then
export TSLIB_TSDEVICE="$deviceinfo_dev_touchscreen"
fi
osk-sdl -n root -d "$partition" -c /etc/osk.conf -v > /osk-sdl.log 2>&1
unset DFBARGS
unset TSLIB_TSDEVICE
}
# $1: path to ppm.gz file

35
aports/main/postmarketos-mkinitfs/mkinitfs.sh
View File

@ -93,6 +93,24 @@ get_binaries()
lddtree -l $BINARIES | sort -u
}
# Collect non-binary files for osk-sdl and its dependencies
# This gets called as $(get_osk_config), so the exit code can be checked/handled.
get_osk_config()
{
fontpath=$(awk '/^keyboard-font/{print $3}' /etc/osk.conf)
if [ ! -f $fontpath ]; then
exit 1
fi
ret="
/etc/osk.conf
/etc/ts.conf
/etc/pointercal
/etc/fb.modes
$fontpath
"
echo "${ret}"
}
get_binaries_extra()
{
BINARIES_EXTRA="
@ -101,6 +119,12 @@ get_binaries_extra()
/usr/sbin/parted
/sbin/e2fsck
/usr/sbin/resize2fs
/usr/bin/osk-sdl
/usr/lib/libGL.so.1
/usr/lib/ts/*
/usr/lib/libts*
$(find /usr/lib/directfb-* -name '*.so')
/lib/libz.so.1
"
tmp1=$(mktemp /tmp/mkinitfs.XXXXXX)
get_binaries > "$tmp1"
@ -208,8 +232,7 @@ generate_splash_screens()
# $1: splash_name
# $2: text
# $3: arguments
set -- "splash-telnet" "On-screen keyboard is not implemented yet, plug in a USB cable and run on your PC:\\ntelnet 172.16.42.1" "" \
"splash-loading" "Loading..." "--center" \
set -- "splash-loading" "Loading..." "--center" \
"splash-noboot" "boot partition not found\\nhttps://postmarketos.org/troubleshooting" "--center" \
"splash-noinitramfsextra" "initramfs-extra not found\\nhttps://postmarketos.org/troubleshooting" "--center" \
"splash-nosystem" "system partition not found\\nhttps://postmarketos.org/troubleshooting" "--center" \
@ -224,7 +247,7 @@ generate_splash_screens()
splash_name=$1
splash_text=$2
splash_args=$3
# Compute hash using the following values concatenated:
# - postmarketos-splash package version
# - splash config file
@ -306,6 +329,12 @@ tmpdir_extra=$(mktemp -d /tmp/mkinitfs.XXXXXX)
# set up initfs-extra in temp folder
mkdir -p "$tmpdir_extra"
copy_files "$(get_binaries_extra)" "$tmpdir_extra"
osk_conf="$(get_osk_config)"
if [ $? -eq 1 ]; then
echo "ERROR: Font specified in /etc/osk.conf does not exist!"
exit 1
fi
copy_files "$osk_conf" "$tmpdir_extra"
# finish up
create_cpio_image "$tmpdir_extra" "$outfile_extra"

10
pmb/flasher/frontend.py
View File

@ -47,12 +47,10 @@ def kernel(args):
pmb.flasher.run(args, "flash_kernel", flavor)
logging.info("You will get an IP automatically assigned to your "
"USB interface shortly.")
logging.info("Connect to the telnet session and type your LUKS password"
" to boot postmarketOS (not necessary if full disk"
" encryption is disabled):")
logging.info("telnet " + pmb.config.default_ip)
logging.info("Then you can connect to your device using ssh:")
logging.info("ssh " + args.user + "@" + pmb.config.default_ip)
logging.info("Then you can connect to your device using ssh after pmOS has booted:")
logging.info("ssh user@" + pmb.config.default_ip)
logging.info("NOTE: If you enabled full disk encryption, you should make sure that"
" osk-sdl has been properly configured for your device")
def list_flavors(args):

8
pmb/install/install.py
View File

@ -192,6 +192,14 @@ def install_system_image(args):
(size_image, size_boot) = get_subpartitions_size(args)
pmb.install.blockdevice.create(args, size_image)
pmb.install.partition(args, size_boot)
if args.full_disk_encryption:
logging.info("WARNING: Full disk encryption is enabled!")
logging.info("Make sure that osk-sdl has been properly configured for your device")
logging.info("or else you will be unable to unlock the rootfs on boot!")
logging.info("If you started a device port, it is recommended you disable")
logging.info("FDE by re-running the install command with '--no-fde' until")
logging.info("you have properly configured osk-sdl. More information:")
logging.info("<https://postmarketos.org/osk-port>")
pmb.install.format(args)
# Just copy all the files