source: calamares/trunk/fuentes/src/modules/dracutlukscfg/DracutLuksCfgJob.cpp @ 7538

Last change on this file since 7538 was 7538, checked in by kbut, 17 months ago

sync with github

File size: 5.8 KB
Line 
1/* === This file is part of Calamares - <https://github.com/calamares> ===
2 *
3 *   Copyright 2016, Kevin Kofler <kevin.kofler@chello.at>
4 *
5 *   Calamares is free software: you can redistribute it and/or modify
6 *   it under the terms of the GNU General Public License as published by
7 *   the Free Software Foundation, either version 3 of the License, or
8 *   (at your option) any later version.
9 *
10 *   Calamares is distributed in the hope that it will be useful,
11 *   but WITHOUT ANY WARRANTY; without even the implied warranty of
12 *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 *   GNU General Public License for more details.
14 *
15 *   You should have received a copy of the GNU General Public License
16 *   along with Calamares. If not, see <http://www.gnu.org/licenses/>.
17 */
18
19#include "DracutLuksCfgJob.h"
20
21#include <QDir>
22#include <QFile>
23#include <QFileInfo>
24#include <QTextStream>
25
26#include "CalamaresVersion.h"
27#include "JobQueue.h"
28#include "GlobalStorage.h"
29
30#include "utils/Logger.h"
31
32// static
33const QLatin1Literal DracutLuksCfgJob::CONFIG_FILE( "/etc/dracut.conf.d/calamares-luks.conf" );
34
35// static
36const char *DracutLuksCfgJob::CONFIG_FILE_HEADER =
37    "# Configuration file automatically written by the Calamares system installer\n"
38    "# (This file is written once at install time and should be safe to edit.)\n"
39    "# Enables support for LUKS full disk encryption with single sign on from GRUB.\n"
40    "\n";
41
42// static
43const char *DracutLuksCfgJob::CONFIG_FILE_CRYPTTAB_KEYFILE_LINE =
44    "# force installing /etc/crypttab even if hostonly=\"no\", install the keyfile\n"
45    "install_items+=\" /etc/crypttab /crypto_keyfile.bin \"\n";
46
47// static
48const char *DracutLuksCfgJob::CONFIG_FILE_CRYPTTAB_LINE =
49    "# force installing /etc/crypttab even if hostonly=\"no\"\n"
50    "install_items+=\" /etc/crypttab \"\n";
51
52// static
53const QLatin1Literal DracutLuksCfgJob::CONFIG_FILE_SWAPLINE( "# enable automatic resume from swap\nadd_device+=\" /dev/disk/by-uuid/%1 \"\n" );
54
55// static
56QString
57DracutLuksCfgJob::rootMountPoint()
58{
59    Calamares::GlobalStorage *globalStorage = Calamares::JobQueue::instance()->globalStorage();
60    return globalStorage->value( QStringLiteral( "rootMountPoint" ) ).toString();
61}
62
63// static
64QVariantList
65DracutLuksCfgJob::partitions()
66{
67    Calamares::GlobalStorage *globalStorage = Calamares::JobQueue::instance()->globalStorage();
68    return globalStorage->value( QStringLiteral( "partitions" ) ).toList();
69}
70
71// static
72bool
73DracutLuksCfgJob::isRootEncrypted()
74{
75    const QVariantList partitions = DracutLuksCfgJob::partitions();
76    for ( const QVariant &partition : partitions )
77    {
78        QVariantMap partitionMap = partition.toMap();
79        QString mountPoint = partitionMap.value( QStringLiteral( "mountPoint" ) ).toString();
80        if ( mountPoint == QStringLiteral( "/" ) )
81            return partitionMap.contains( QStringLiteral( "luksMapperName" ) );
82    }
83    return false;
84}
85
86// static
87bool
88DracutLuksCfgJob::hasUnencryptedSeparateBoot()
89{
90    const QVariantList partitions = DracutLuksCfgJob::partitions();
91    for ( const QVariant &partition : partitions )
92    {
93        QVariantMap partitionMap = partition.toMap();
94        QString mountPoint = partitionMap.value( QStringLiteral( "mountPoint" ) ).toString();
95        if ( mountPoint == QStringLiteral( "/boot" ) )
96            return !partitionMap.contains( QStringLiteral( "luksMapperName" ) );
97    }
98    return false;
99}
100
101// static
102QString
103DracutLuksCfgJob::swapOuterUuid()
104{
105    const QVariantList partitions = DracutLuksCfgJob::partitions();
106    for ( const QVariant &partition : partitions )
107    {
108        QVariantMap partitionMap = partition.toMap();
109        QString fsType = partitionMap.value( QStringLiteral( "fs" ) ).toString();
110        if ( fsType == QStringLiteral( "linuxswap" ) && partitionMap.contains( QStringLiteral( "luksMapperName" ) ) )
111            return partitionMap.value( QStringLiteral( "luksUuid" ) ).toString();
112    }
113    return QString();
114}
115
116DracutLuksCfgJob::DracutLuksCfgJob( QObject* parent )
117    : Calamares::CppJob( parent )
118{
119}
120
121
122DracutLuksCfgJob::~DracutLuksCfgJob()
123{
124}
125
126
127QString
128DracutLuksCfgJob::prettyName() const
129{
130    if ( isRootEncrypted() )
131        return tr( "Write LUKS configuration for Dracut to %1" ).arg( CONFIG_FILE );
132    else
133        return tr( "Skip writing LUKS configuration for Dracut: \"/\" partition is not encrypted" );
134}
135
136
137Calamares::JobResult
138DracutLuksCfgJob::exec()
139{
140    if ( isRootEncrypted() )
141    {
142        const QString realConfigFilePath = rootMountPoint() + CONFIG_FILE;
143        cDebug() << "[DRACUTLUKSCFG]: Writing" << realConfigFilePath;
144        QDir( QStringLiteral( "/" ) ).mkpath( QFileInfo( realConfigFilePath ).absolutePath() );
145        QFile configFile( realConfigFilePath );
146        if ( ! configFile.open( QIODevice::WriteOnly | QIODevice::Text ) )
147        {
148            cDebug() << "[DRACUTLUKSCFG]: Failed to open" << realConfigFilePath;
149            return Calamares::JobResult::error( tr( "Failed to open %1" ).arg( realConfigFilePath ) );
150        }
151        QTextStream outStream( &configFile );
152        outStream << CONFIG_FILE_HEADER
153                  << ( hasUnencryptedSeparateBoot() ? CONFIG_FILE_CRYPTTAB_LINE
154                                                    : CONFIG_FILE_CRYPTTAB_KEYFILE_LINE );
155        const QString swapOuterUuid = DracutLuksCfgJob::swapOuterUuid();
156        if ( ! swapOuterUuid.isEmpty() )
157        {
158            cDebug() << "[DRACUTLUKSCFG]: Swap outer UUID" << swapOuterUuid;
159            outStream << QString(CONFIG_FILE_SWAPLINE).arg( swapOuterUuid ).toLatin1();
160        }
161        cDebug() << "[DRACUTLUKSCFG]: Wrote config to" << realConfigFilePath;
162    } else
163        cDebug() << "[DRACUTLUKSCFG]: / not encrypted, skipping";
164
165    return Calamares::JobResult::ok();
166}
167
168CALAMARES_PLUGIN_FACTORY_DEFINITION( DracutLuksCfgJobFactory, registerPlugin<DracutLuksCfgJob>(); )
Note: See TracBrowser for help on using the repository browser.