From e4df3082509decd4bef8d3e47e716863cfc6f88b Mon Sep 17 00:00:00 2001 From: Eric Renfro Date: Tue, 2 Jul 2024 21:05:16 -0400 Subject: [PATCH] Update encryption option further --- linuxmint-postsetup.sh | 56 +++++++++++++++++++++++++++++++++--------- 1 file changed, 45 insertions(+), 11 deletions(-) diff --git a/linuxmint-postsetup.sh b/linuxmint-postsetup.sh index 118b072..0d0679b 100755 --- a/linuxmint-postsetup.sh +++ b/linuxmint-postsetup.sh @@ -50,11 +50,14 @@ function create_subvolumes() { subvols+=("${!SUBVOLS_DEFAULT[@]}") if [[ "$ENCRYPTION" ]]; then - ${cmd} cryptsetup luksOpen "$RootPart" luksvol - ${cmd} mount -o noatime,space_cache=v2,ssd "/dev/mapper/luksvol" /mnt + ${cmd} mount -o noatime,space_cache=v2,ssd "/dev/mapper/$ENC_VOL" /mnt else ${cmd} mount -o noatime,space_cache=v2,ssd "$RootPart" /mnt fi + if [[ "$?" -ne 0 ]]; then + echo "FATAL: Could not mount /mnt" + exit 100 + fi if [[ "$BootPart" == "@boot" ]]; then ${cmd} btrfs subvolume create /mnt/@boot @@ -99,7 +102,7 @@ function unmount_target() { ${cmd} umount /target if [[ "$ENCRYPTION" ]]; then - ${cmd} cryptsetup luksClose luksvol + ${cmd} cryptsetup luksClose "$ENC_VOL" fi } @@ -121,10 +124,14 @@ function prepare_target() { rootmount="$RootPart" if [[ "$ENCRYPTION" ]]; then - rootmount="/dev/mapper/luksvol" + rootmount="/dev/mapper/$ENC_VOL" fi ${cmd} mount -o noatime,space_cache=v2,ssd,subvol=@ "$rootmount" /target + if [[ "$?" -ne 0 ]]; then + echo "FATAL: Could not mount /target" + exit 101 + fi for subvol in "${!SUBVOLS_DEFAULT[@]}" do @@ -139,8 +146,16 @@ function prepare_target() { else ${cmd} mount "$BootPart" /target/boot fi + if [[ "$?" -ne 0 ]]; then + echo "FATAL: Could not mount /target/boot" + exit 102 + fi ${cmd} mount -o noatime,space_cache=v2,ssd,subvol=@home "$rootmount" /target/home + if [[ "$?" -ne 0 ]]; then + echo "FATAL: Could not mount /target/home" + exit 103 + fi for subvol in "${!SUBVOLS_DEFAULT[@]}" do @@ -151,12 +166,20 @@ function prepare_target() { ${cmd} mkdir -p /target/boot/efi fi ${cmd} mount "$EFIPart" /target/boot/efi + if [[ "$?" -ne 0 ]]; then + echo "FATAL: Could not mount /target/boot/efi" + exit 104 + fi if [[ "$SWAP" ]]; then if [[ ! -d "/target/swap" ]]; then ${cmd} mkdir -p /target/swap fi ${cmd} mount -o noatime,ssd,subvol=@swap "$rootmount" /target/swap + if [[ "$?" -ne 0 ]]; then + echo "FATAL: Could not mount /target/swap" + exit 105 + fi ${cmd} btrfs filesystem mkswapfile --size "$(get_hibernate_size)g" --uuid clear /target/swap/hibernate.swp fi @@ -184,9 +207,9 @@ function prepare_target() { ${cmd} sed -i "/^GRUB_CMDLINE_LINUX_DEFAULT=/ s/\(\"[^\"]*\)$/ resume=${SwapUUID} resume_offset=${SwapOffset}&/" /target/etc/default/grub fi - if [[ "$ENCRYPTION" ]]; then - - fi + #if [[ "$ENCRYPTION" ]]; then + # + #fi } function expert_step() { @@ -309,7 +332,7 @@ function install_cleanup() { ${cmd} umount /target if [[ "$ENCRYPTION" ]]; then - ${cmd} cryptsetup luksClose luksvol + ${cmd} cryptsetup luksClose "$ENC_VOL" fi ${cmd} dd if=/dev/zero of="${RootPart}" bs=1024 count=10 @@ -330,6 +353,7 @@ while [[ $# -gt 0 ]]; do ;; -e|--encryption) ENCRYPTION=true + ENC_VOL="$2" shift ;; -s|--swap) @@ -366,9 +390,19 @@ if [[ -z "$RootPart" || -z "$BootPart" || -z "$EFIPart" ]]; then exit 3 else if [[ "$ENCRYPTION" && "$BootPart" == "@boot" ]]; then - echo "While encryption is enabled, using @boot subvolume will cause issues." - echo "Please prepare and set boot volume for /boot while using encryption." - exit 4 + if [[ -z "$ENC_VOL" ]]; then + echo "Encryption volume needs to be set. Reliably determining this is" + echo "best done by human eyes. To find your current volume, you can" + echo "run:" + echo " dmsetup ls --target crypt" + echo "If it's not active for whatever reason, you can open it with:" + echo " cryptsetup luksOpen "$RootPart" " + exit 4 + elif [[ "$BootPart" == "@boot" ]]; then + echo "While encryption is enabled, using @boot subvolume will cause issues." + echo "Please prepare and set boot volume for /boot while using encryption." + exit 5 + fi fi case "$INSTALL_MODE" in