Preservation/kaiten-yaki
1
0
Fork 0
mirror of https://github.com/suikan4github/kaiten-yaki.git synced 2025-12-20 02:21:17 -03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Brush up the README and INSTALL

Browse source
This commit is contained in:
Suikan 2021-07-03 14:01:27 +09:00
parent c291e77fd6
commit 3858839105
2 changed files with 56 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

76
INSTALL.md
View file

@ -5,43 +5,43 @@ Installation requires mainly 2 steps.
- Configure the parameters in config.sh.
- Run the kaiten-yaki script
You can execute the install script without command line parameter. For example :
You can execute the install script without the command line parameter. For example :
```shell
source ubuntu-kaiten-yaki.sh
```
The first stage of the script is preparation like : erasing disk, format partition, and encryption. This is most critical stage of the entire installation process. This part is controlled by the configuration parameter. Thus, you have to edit the config.txt carefully.
The first stage of the script is preparation like: erasing a disk, format partition, and encryption. This is the most critical stage of the entire installation process. This part is controlled by the configuration parameter. Thus, you have to edit the config.txt carefully.
In the second stage, the distribution dependent GUI/TUI installer is invoked from the running script. That is the Ubiquity/void-installer of Ubuntu/Void linux, respectively.
In the second stage, the distribution-dependent GUI/TUI installer is invoked from the running script. That is the Ubiquity/void-installer of Ubuntu/Void Linux, respectively.
The third stage is easy. There is nothing user can do. Everything is automatic.
The third stage is easy. There is nothing the user can do. Everything is automatic.
# Installation
Follow the steps below.
## Shell preparation
First of all, promote the shell to root. Almost of the procedure requires root privilege. Note that the scripts requires Bash.
First of all, promote the shell to root. Almost of the procedure requires root privilege. Note that the scripts require Bash.
In case of Ubuntu :
In the case of Ubuntu :
```bash
# Promote to the root user
sudo -i /bin/bash
```
In case of Void-Linux :
In the case of Void-Linux :
```bash
sudo -i /bin/bash
xbps-install -Su xbps nano
```
The nano is editor package to configure the config.txt. The editor choice is up to you. Kaiten-yaki script doesn't have dependency to nano editor.
The nano is an editor package to configure the config.txt. The choice of editor is up to you. Kaiten-yaki script doesn't have a dependency on nano editor.
Then, edit the config.txt.
## Configuration parameters
This is very critical part of the installation. The configuration parameters are in the the config.sh. Edit these parameters before the installation.
This is a very critical part of the installation. The configuration parameters are in the config.sh. Edit these parameters before the installation.
Followings are the set of the default settings of the parameters :
- Install to **/dev/sda** (DEV).
- Erase entire disk (ERASEALL).
- Erase the entire disk (ERASEALL).
- Overwrite install is disabled.
- In case of EFI firmware, 200MB is allocated to the EFI partition (EFISIZE).
- In the case of EFI firmware, 200MB is allocated to the EFI partition (EFISIZE).
- Create a logical volume group named "vg1" in the encrypted volume (VGNAME)
- Create a swap logical volume named "swap" in the "vg1". The size is 8GB (LVSWAPNAME,LVSWAPSIZE)
- Create a logical volume named **"anko"** for / in the "vg1". The size of the **50%** of the entire free space (LVROOTNAME, LVROOTSIZE).
@ -53,30 +53,30 @@ Followings are the set of the default settings of the parameters :
export DEV="/dev/sda"
# Whether you want to erase all contents of the storage device or not.
# 1 : Yes, I want to erase all.
# 0 : No, I don't. I want to add to the existing LUKS volume.
# 1: Yes, I want to erase all.
# 0: No, I don't. I want to add to the existing LUKS volume.
export ERASEALL=1
# Logical Volume name for your Linux installation. Keep it unique from other distribution.
# Logical Volume name for your Linux installation. Keep it unique from other distributions.
export LVROOTNAME="anko"
# Logical volume size of the Linux installation.
# 30% mean, new logical volume will use 30% of the free space in the LVM volume group.
# For example, assume the free space is 100GB, and LVROOTSIZE is 30%FREE. Script will create 30GB logical volume.
# 30% means the new logical volume will use 30% of the free space in the LVM volume group.
# For example, assume the free space is 100GB, and LVROOTSIZE is 30%FREE. The script will create a 30GB logical volume.
export LVROOTSIZE="50%FREE"
# Set the size of EFI partition and swap partition. The unit is Byte. you can use M,G... notation.
# Set the size of the EFI partition and swap partition. The unit is Byte. you can use M, G... notation.
export EFISIZE="200M"
export LVSWAPSIZE="8G"
# Usually, these names can be left untouched.
# If you change, keep them consistent through all instllation in your system.
# If you change, keep them consistent through all installations in your system.
export CRYPTPARTNAME="luks_volume"
export VGNAME="vg1"
export LVSWAPNAME="swap"
# Do not touch this parameter, unless you understand precisely what you are doing.
# 1 : Overwrite the existing logical volume as root vlume. 0 : Create new logical volume as root volume.
# Do not touch this parameter unless you understand precisely what you are doing.
# 1: Overwrite the existing logical volume as root volume. 0: Create new logical volume as root volume.
export OVERWRITEINSTALL=0
# Void Linux only. Ignored in Ubuntu.
@ -85,53 +85,53 @@ export XTERMFONTSIZE=11
```
There are several restrictions :
- For the first distribution installation, you must set ERASEALL to 1, to erase entire screen and create a LUKS partition. Kaiten-yaki script creates a maximum LUKS partition as possible.
- The LVROOMNAME must be unique among all installations in a computer. Otherwise, Kaiten-yaki terminate at a middle.
- The LVSWAPNAME must be unique among all installations in a computer. Otherwise, Kaiten-yaki creates an unnecessary logical volume. This is waste of storage resource.
- For the first distribution installation, you must set ERASEALL to 1, to erase the entire screen and create a LUKS partition. Kaiten-yaki script creates a maximum LUKS partition as possible.
- The LVROOMNAME must be unique among all installations in a computer. Otherwise, Kaiten-yaki terminates in a middle.
- The LVSWAPNAME must be unique among all installations in a computer. Otherwise, Kaiten-yaki creates an unnecessary logical volume. This is a waste of storage resources.
- The EFISIZE and the LVSWAPSIZE are refereed during the first distribution installation only.
- The LVROOTSIZE is the size of a logical volume to create. This is a relative value to the existing free space in the volume group. If you want to install 3 distributions in a computer, you may want to set 33%FREE, 50%FREE, and 100%FREE for the first, second, and third distribution installation, respectively.
- The name with "-" is not allowed for the VGNAME, LVROOTNAME, and LVSWAPNAME. I saw some installer doesn't work if "-" in in the name.
## About the overwrite-install
The OVERWRITEINSTALL parameter allows you to use an existing logical volume as root volume of the new installation.
This is very danger because of the several aspect like destroying wrong volume and risk of security. But sometimes it is
The OVERWRITEINSTALL parameter allows you to use an existing logical volume as the root volume of the new installation.
This is very dangerous because of several aspects like destroying the wrong volume and the risk of security. But sometimes it is
very useful.
For example, assume you are installing a distribution by Kaiten-yaki. If you reboot the system at the end of GUI/TUI installer by mistake, your system will never boot again.
In this case, the overwrite-install can recycle this "bad" logical volume and let your system boot again.
To use the overwrite-install, you have to set some parameters as following :
To use the overwrite-install, you have to set some parameters as follows:
- ERASEALL : 0
- OVERWRITEINSTALL : 1
And set following parameters as same as previous installation.
And set the following parameters as same as the previous installation.
- LVROOTNAME
- VGNAME
- CRYPTPARTNAME
So, Kaiten-yaki will leave the "bad" logical volume and allow you to overwrite it by GUI/TUI installer.
## First stage : Setting up the volumes
After you set the configuration parameters correctly, execute the following command from the shell. Again, you have to be promoted as root user, and you have to use Bash.
## First stage: Setting up the volumes
After you set the configuration parameters correctly, execute the following command from the shell. Again, you have to be promoted as the root user, and you have to use Bash.
In case of Ubuntu :
In the case of Ubuntu :
```bash
source ubuntu-kaiten-yaki.sh
```
In case of Void Linux
In the case of Void Linux
```bash
source void-kaiten-yaki.sh
```
After the several interactive confirmations, Kaiten-yaki will ask you to input a passphrase. This passphrase will be applied to the encryption of the LUKS volume. Make sure you use identical passphrase between all installation of the distributions in a computer. Otherwise, install process terminates with error.
After several interactive confirmations, Kaiten-yaki will ask you to input a passphrase. This passphrase will be applied to the encryption of the LUKS volume. Make sure you use identical passphrases between all installations of the distributions in a computer. Otherwise, the install process terminates with an error.
## Second stage : GUI/TUI installer
After the first script finishes, the GUI/TUI installer starts automatically. Configure it as usual and run it. Ensure you map the followings correctly.
After the first script finishes, the GUI/TUI installer starts automatically. Configure it as usual and run it. Ensure you map the following correctly.
Target Directory | Host Volume | Comment
-----------------|------------------------|---------------------------------------------------------------
/boot/efi | /dev/sda1 | BIOS system doesn't need this mapping
/ | /dev/mapper/vg1-ubuntu | Host volume name is up to your configuration parameter.
swap | /dev/mapper/swap | Only the first distribution installation requires this mapping.
During the GUI/TUI installer copying files, Kaiten-yaki modifies the /etc/default/grub of target system. This is pretty dirty way. But if we don't modify this file, GUI/TUI installer fails at last.
During the GUI/TUI installer copying files, Kaiten-yaki modifies the /etc/default/grub of the target system. This is the pretty dirty way. But if we don't modify this file, GUI/TUI installer fails at last.
![Ubuntu Partitioning](image/ubuntu_partitioning.png)
![Void Partitioning](image/void_partitioning.png)
@ -142,10 +142,10 @@ At the end of the GUI/TUI installing, do not reboot the system. Click "Continue"
![Ubuntu done](image/ubuntu_done.png)
![Void done](image/void_done.png)
## Third stage : Finalizing
After GUI/TUI installer quit without rebooting, final part of the install process automatically starts.
## Third stage: Finalizing
After GUI/TUI installer quits without rebooting, the final part of the install process automatically starts.
In this section, Kaiten-yaki put the encryption key of the LUKS volume in to the ramfs initial stage to allow the Linux kernel decrypt the LUKS partition which contains root logical volume. So, system will ask you passphrase only once when GRUB start.
In this section, Kaiten-yaki put the encryption key of the LUKS volume into the ramfs initial stage to allow the Linux kernel to decrypt the LUKS partition which contains root logical volume. So, the system will ask you passphrase only once when GRUB starts.
You can reboot the system, if you see the "Ready to reboot" message on the console.
You can reboot the system if you see the "Ready to reboot" message on the console.

35
README.md
View file

@ -1,19 +1,20 @@
# Kaiten-yaki : Yet another full disk encryption for GRUB/Linux
Kaiten-yaki is a script set to help you to make a full disk encryption install to your desktop system.
# Kaiten-yaki: Full disk encryption install script for Linux
Kaiten-yaki is a script set helping to install Linux as full disk encryption to your desktop system. With these scripts, you can install Ubuntu/Void Linux to an encrypted partition easily.
Followings are the list of functionality.
- Support Ubuntu and Void Linux.
The followings are the list of functionalities:
- Ubuntu and Void Linux.
- Install from LiveCD/USB.
- Invoke GUI/TUI installer at the middle of script execution, for the ease of installation.
- Invoke GUI/TUI installer automatically at the middle of script execution, for the ease of installation.
- Automatic detection of BIOS/EFI firmware and create MBR/GPT, respectively.
- Support to install multiple distributions in a LUKS partition.
- The "/boot" is located in the same logical volume with the "/".
- The swap logical volume is located inside encrypted volume.
- Create an EFI partition, if needed.
- Support multiple boot in a LUKS partition.
- The "/boot" is located in the same logical volume as the "/".
- The swap logical volume is located inside the encrypted volume.
- You need to type a passphrase only once in the boot sequence.
With the configuration parameters, you can customize each installation. For example, you can configure the system to have 2, 3 or 4,... distributions in a HDD/SSD, as you want.
With the configuration parameters, you can customize each installation. For example, you can configure the system to have 2, 3, or 4,... distributions in an HDD/SSD, as you want.
Following is the HDD/SSD partitioning plan of these scripts ( In case of BIOS, the disk has MBR and doesn't have EFI partition, while it is depicted here).
Following is the HDD/SSD partitioning plan of these scripts ( In the case of BIOS, the disk has MBR and doesn't have an EFI partition, while it is depicted here).
![Partition Diagram](image/partition_diagram_0.png)
@ -22,7 +23,7 @@ The logical volume size of each Linux distribution (LVROOTSIZE) can be customize
As depicted above, the LVM volume group has only one physical volume.
# Tested environment
These scripts are tested with following environment.
These scripts are tested with the following environment.
- VMWare Workstation 15.5.7 ( EFI/BIOS )
- Ubuntu 20.04.2 amd64 desktop
- Ubuntu Mate 20.04.2 amd64 desktop
@ -31,20 +32,20 @@ These scripts are tested with following environment.
- void-live-x86_64-20210218.iso
# Installation
Start the PC with the LiveCD/LiveUSB of the distribution to install. Download this repository from github, and expand it.
Start the PC with the LiveCD/LiveUSB of the distribution to install. Download this repository from GitHub, and expand it.
Then, go to script directory and follow the procedure in the [INSTALL.md](INSTALL.md)
Then, go to the script directory and follow the procedure in the [INSTALL.md](INSTALL.md)
# Known issues
If you install two or more Void Linux in to the EFI system, only the last one can boot without trouble. This is not the problem of Kaiten-yaki.
If you install two or more Void Linux into the EFI system, only the last one can boot without trouble. This is not the problem of Kaiten-yaki.
# Variants considerations
Ubuntu has several variants ( flavors ). While I have tested only MATE flavor, other flavor may work correctly as far as it uses Ubiquity installer.
Ubuntu has several variants ( flavors ). While I have tested only MATE flavor, other flavors may work correctly as far as it uses Ubiquity installer.
# Acknowledgments
These scripts are based on the script shared on the [myn's diary](https://myn.hatenablog.jp/entry/install-ubuntu-focal-with-lvm-on-luks). That page contains rich information, hint and techniques around the encrypted volume and Ubiquity installer.
These scripts are based on the script shared on [myn's diary](https://myn.hatenablog.jp/entry/install-ubuntu-focal-with-lvm-on-luks). That page contains rich information, hint, and techniques around the encrypted volume and Ubiquity installer.
Also, following documents were very important to study how Void Linux installation works.
Also, the following documents were very important to study how Void Linux installation works.
- [Full Disk Encryption](https://docs.voidlinux.org/installation/guides/fde.html) in the Void Handbook.
- [Install LVM LUKS](https://wiki.voidlinux.org/Install_LVM_LUKS) (deprecated)
# Kaiten-yaki