Preservation/kaiten-yaki
1
0
Fork 0
mirror of https://github.com/suikan4github/kaiten-yaki.git synced 2025-12-20 10:31:17 -03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: Preservation:v1.0.0
Branches Tags
Preservation:main
Preservation:develop
Preservation:v1.3.1
Preservation:v1.3.0
Preservation:v1.2.0
Preservation:v1.1.0
Preservation:v1.0.0
Preservation:v0.0.0
..
compare: Preservation:main
Branches Tags
Preservation:develop
Preservation:main
Preservation:v1.3.1
Preservation:v1.3.0
Preservation:v1.2.0
Preservation:v1.1.0
Preservation:v1.0.0
Preservation:v0.0.0

116 commits
v1.0.0 ... main

Author SHA1 Message Date
Suikan
fd5a51a070 Update CHANGELOG for v1.3.1 2023-04-15 07:13:14 +09:00
Seiichi "Suikan" Horie
851bfe6544
Merge pull request #43 from uraza/main 
Partition names should be prefixed by "p" for NVMe
 2023-04-15 07:04:06 +09:00
Uraza
b5adafafe6
Partition names should be prefixed by "p" for NVMe 2023-04-11 20:08:59 +00:00
Seiichi "Suikan" Horie
809dafa70c
Merge pull request #40 from suikan4github/develop 
Merge Develop for v1.3.0
 2022-05-15 10:17:54 +09:00
Suikan
09ae43b7c1 Changed README.md 
"maintained" -> "tested"
 2022-05-15 10:15:51 +09:00
Suikan
353a9dd8b4 Preparing release of the v1.3.0 2022-05-14 08:33:21 +09:00
Suikan
ecbafb4a6d Update README.md for v1.3.0 2022-05-12 07:54:33 +09:00
Suikan
70fa79a8d5 Issue #39 : Change message style 
https://github.com/suikan4github/kaiten-yaki/issues/39
 2022-05-11 07:30:19 +09:00
Suikan
73b3329cd7 Add "[Kaiten-Yaki]" to the message header 2022-05-11 07:16:08 +09:00
Suikan
555bf5a38e Refactor the closing sequence. 
All closing sequence is gathered to the post-install().
 2022-05-10 22:22:30 +09:00
Suikan
f725af8f44 Issue 38 : "Ready to reboot" message should be changed 
https://github.com/suikan4github/kaiten-yaki/issues/38
 2022-05-10 21:25:51 +09:00
Suikan
316131c2b3 Merge branch 'feature/36' into develop 2022-05-08 12:29:32 +09:00
Suikan
4a69ef1db6 Correct the informaiton in CHANGELOG. 
Issue 33 was written as 35. It was mistake.
 2022-05-08 12:28:41 +09:00
Suikan
b81ec5667c Record #36 to CHANGELOG. 
Issue 36 : Clear the PASSPHRASE variable at the end of installation
https://github.com/suikan4github/kaiten-yaki/issues/36
 2022-05-08 12:26:57 +09:00
Suikan
6722b160cb Clear passphrase information before exit. 2022-05-08 12:25:24 +09:00
Suikan
27a64ba066 Issue 34 : BIOS support should be obsoleted 
This is still documented only. Functionality exists. Just not tested anymore.
https://github.com/suikan4github/kaiten-yaki/issues/34
 2022-05-08 08:51:20 +09:00
Suikan
d45481b194 Update installatin and readme. 2022-05-08 07:44:13 +09:00
Suikan
d324960448 Merge branch 'feature/35' into develop 
For issue #33 ( not 35! )
Support "M/G/T" as size prefix
 2022-05-08 05:55:08 +09:00
Suikan
d7b319a89f Update CHANGELOG for feature/33 2022-05-08 05:53:44 +09:00
Suikan
425181aff1 Fix the duplicate awk match. 
Now, it exits the process when the first pattern is procesed.
 2022-05-07 22:02:42 +09:00
Suikan
d322e8d5c5 Unquoted first parameter of lvcreate. 
This is to use the IFS ( Internal Field Separator ). Without IFS
the string "-L 8G" will be wrapped by single quote like
'-L 8G', while we need -L 8G.
 2022-05-07 21:35:29 +09:00
Suikan
f0f081ad34 Modify to accespt the absolute volume size. 2022-05-07 21:05:47 +09:00
Suikan
b8db4d4977 Merge branch 'feature/35' into develop 2022-05-07 14:54:51 +09:00
Suikan
03a294b407 Unsed variables are removed 
Issue #35 Remove XTERMFONTSIZE variable.
https://github.com/suikan4github/kaiten-yaki/issues/35
 2022-05-07 14:53:31 +09:00
Suikan
ac709e1513 Removed GUIENV variable. It is not used anymore. 2022-05-07 14:48:01 +09:00
Suikan
64e2edd173 Removed XTERMFONTSIZE variable. 
This variable is not used anymore.
 2022-05-07 14:44:45 +09:00
Suikan
5ed04d3a0a Merge branch 'feature/32' into develop 2022-05-07 14:40:56 +09:00
Suikan
91cc1c3857 Add swap off to the script. 
At the end of the main() function of the scripts, added swapoff -a.

Issue 32 : Ubuntu 22.04 fails to deactivate the swap
https://github.com/suikan4github/kaiten-yaki/issues/32
 2022-05-07 14:39:41 +09:00
Suikan
7d3abc56b0 Add swapoff -a 2022-05-07 14:38:38 +09:00
Suikan
eb6f0eef0f test subdirectory is removed. 2022-05-07 14:34:47 +09:00
Suikan
121f1950b8 Update CHANGELOG to describe issue #31. 
Issue 31 : Add extra partition functionality.
https://github.com/suikan4github/kaiten-yaki/issues/31
 2022-05-07 14:30:52 +09:00
Suikan
3aef04ab97 Merge branch 'feature/31' into develop 2022-05-07 14:27:34 +09:00
Suikan
f6d43382fe Move lvremove. 
To simplify, removing new voluves are gathered to deactivate_and remove.
 2022-05-07 08:41:18 +09:00
Suikan
8cd947c912 fixed behavior of lvext 
When overwrite installing, the lvext# were not created.

The detection of the error processing was
 refactored to use the global variable to see the newly created or not.
 2022-05-06 08:44:16 +09:00
Suikan
a21470f594 Correct the display of the LVEXT1,2 2022-05-05 23:47:17 +09:00
Suikan
9ef15cc1f1 Add display of the additional volumes. 
The user
 2022-05-05 23:32:48 +09:00
Suikan
ed48590821 Test update. 2022-05-05 23:20:30 +09:00
Suikan
4699f87cc7 Add test script for development 2022-03-02 07:24:56 +09:00
Suikan
0f8cc7dbb1 Merge branch 'develop' into main for v1.2.0 releae 2021-10-16 07:52:37 +09:00
Suikan
fdfd8953d5 Update README and CHANGELOG 
prepare to release v1.2.0
 2021-10-16 07:51:31 +09:00
Suikan
95820a63d7 Change > to >> 
Item should be added to /etc/dracut.conf.d/10-crypt.conf ,
 rather than be overwritten

 Issue #29
 2021-07-28 08:22:45 +09:00
Suikan
2a7d5ff125 Update comment 
For keyfile registration to initfsram
 2021-07-24 15:22:25 +09:00
Suikan
44bb28e50a Refine the INSTALL.md 2021-07-23 08:17:47 +09:00
Suikan
47bfcac6cc Refinet the configuration parameter display 2021-07-21 21:14:59 +09:00
Suikan
f92e092295 Fixed link to wiki. 2021-07-21 09:31:55 +09:00
Suikan
00d506a017 Removed applicaiton notes. 
Move application notes to Wiki

  Issue #28
 2021-07-21 09:27:45 +09:00
Suikan
e0ff77c549 Explain the target is AMD64 explicitly. 2021-07-21 05:44:21 +09:00
Suikan
9bf7f36be8 Merge branch 'feature/27' into develop 2021-07-18 21:59:53 +09:00
Suikan
73c2e1e2e2 Update the INSTALL.md and CHANGELOG.md 
Eliminates the confirmation dialog #27
 2021-07-18 21:59:43 +09:00
Suikan
8bf48b9b0c Refine the parameter printing. 2021-07-18 21:53:48 +09:00
Suikan
36acfe505b Removed Y/N confirmation 
Eliminates the confirmation dialog
 Issue #27
 2021-07-18 21:11:26 +09:00
Suikan
fd6663d2f3 Add btrfs support in the README. 2021-07-17 16:00:03 +09:00
Suikan
d5e113259f Refactoring: Sourcing config.sys is not needed in the chrooted_job 
#25
 2021-07-17 15:05:43 +09:00
Suikan
e1e67af67c Correct spell. 2021-07-17 14:40:35 +09:00
Suikan
3bb2a5622c Update AN01 for btrfs 
Issue #26
 2021-07-17 14:38:01 +09:00
Suikan
885ac34a5a Merge branch 'feature/24' into develop 2021-07-12 23:12:27 +09:00
Suikan
ea1a1ae7fd Test OK 
Fail to install the ubuntu when the / volume is btrfs
 #24

 Tested on Ubuntu and Void Linux. Btrfs and ext4.
 2021-07-12 23:12:17 +09:00
Suikan
3c7691db07 Fix the blank option problem. 2021-07-12 22:03:36 +09:00
Suikan
47b40316c0 btrfs support 
Fail to install the ubuntu when the / volume is btrfs
 #24
 2021-07-12 17:55:02 +09:00
Seiichi "Suikan" Horie
c126247add
Merge pull request #23 from suikan4github/develop 
Merege Develop as v1.1.0 release
 2021-07-11 15:55:34 +09:00
Suikan
456cbf87cd Update changelog for v1.1.0 2021-07-11 15:53:46 +09:00
Suikan
ac70e126d8 Update changelog 2021-07-11 14:39:17 +09:00
Suikan
40972cebaf Update the documentation 2021-07-11 14:31:21 +09:00
Suikan
f1ad8ae660 Add AN04 to README 2021-07-11 13:59:42 +09:00
Suikan
a79ad35fe0 Correct the AN04 based on the experiment 2021-07-11 13:52:09 +09:00
Suikan
e3d957c4be Corrected spell. 2021-07-11 12:54:34 +09:00
Suikan
f6033433ad Add AN04 partition 
Add a considration of more flexible partitionning
Issue #19
 2021-07-11 12:51:21 +09:00
Suikan
aaa5609a9a Add number to the title 2021-07-11 10:41:06 +09:00
Suikan
1e3eb8943f Update changelog. 2021-07-11 10:39:46 +09:00
Suikan
75d7a7ccc3 ADD AN03 itertime 
Add a consideration of LUKS stretching
Issue #20
 2021-07-11 10:34:27 +09:00
Suikan
fe7a4a1439 Add AN02 to README 2021-07-10 22:21:39 +09:00
Suikan
81a0781616 Add AN02 key slot. 
Add a consideration of the number of key slot
Issue #18
 2021-07-10 22:18:09 +09:00
Suikan
8fd083a0eb Add an0. Still writing 2021-07-10 15:19:38 +09:00
Suikan
06a03441af Add AN01 to the README 2021-07-10 14:08:09 +09:00
Suikan
8ad1362a3b Add an01 
Add a document of how to receover from the mistyping of passphrase
Issue#21
 2021-07-10 14:05:23 +09:00
Suikan
badafda222 Update the README and INSTALL 2021-07-10 12:31:42 +09:00
Suikan
bde36aa1ea Refine the display message. 
No change on the executable code.
 2021-07-10 12:06:52 +09:00
Suikan
7a660f7f92 Merge branch 'feature/17' into develop 2021-07-08 23:10:48 +09:00
Suikan
20826f2f69 Update changelog 
Unmount fails #17
 2021-07-08 23:10:39 +09:00
Suikan
2ae4d6cd26 Add -l option ot unmount 
to surpress the "busy" error
 2021-07-08 23:09:02 +09:00
Suikan
c9b6941294 Revert "Fix the unmount fails" 
This reverts commit e5417d78a3.
 2021-07-08 22:48:19 +09:00
Suikan
e5417d78a3 Fix the unmount fails 
Trial fix.
Change the --rbinds to --make-slave.

#17
 2021-07-08 22:35:18 +09:00
Suikan
40264ce02f Refine the comment. 2021-07-08 21:19:16 +09:00
Suikan
be32e5e387 Update comment 
No program change.
 2021-07-08 07:47:23 +09:00
Suikan
97d3a46b72 Update Changelog. 
ITERTIME parameter is not passed to the chrooted_job
Issue #15
 2021-07-07 22:57:40 +09:00
Suikan
7ec2046e5a Add ITERTIME parameter to the rooted_job() 
ITERTIME parameter is not passed to the chrooted_job
Issue #15
 2021-07-07 22:41:53 +09:00
Suikan
2a6f861900 Change config.sh description 
Added explanation of ITERTIME parameter.
Change ERASEALL default value.
Update the config file contents in INSTALL.md

 Issue #14
 2021-07-07 21:32:01 +09:00
Suikan
e2aea91c11 Reformat the comment of config. 
For the easy modification by nano editor
 2021-07-07 14:10:25 +09:00
Suikan
373006dc90 Edit changelog. 
Add ITERTIME configuration parameter to config.txt

Issue  #13
 2021-07-07 14:07:42 +09:00
Suikan
ae1a48f8f5 Add ITERTIME parameter 
Add ITERTIME configuration parameter to config.txt
Issue #13
 2021-07-07 13:33:10 +09:00
Suikan
f2d4c8fee3 change ERASEALL=0 as default 
Issue #12
 2021-07-07 13:08:55 +09:00
Suikan
cb92595d31 Merge branch 'feature/11' into develop 2021-07-07 13:04:55 +09:00
Suikan
6a1df4f25b Update change log. 
Make chroot'ed job independent script file
#11
 2021-07-07 13:04:39 +09:00
Suikan
5930627ee7 Add explanation moving to script directory 2021-07-06 21:22:43 +09:00
Suikan
fd8e8f0af1 Fix the mistake of the copy pattern 
Now, even directiries are copied
 2021-07-06 08:22:16 +09:00
Suikan
d0200d88d8 Fix the name of funciton 2021-07-06 08:06:15 +09:00
Suikan
7b91fbd9f4 Additional changes 2021-07-06 07:41:56 +09:00
Suikan
3ce805c5ca Make chroot'ed job independent script file 
Issue #11
 2021-07-06 07:41:34 +09:00
Suikan
60a519f9ba Merge branch 'feature/7' into develop 2021-07-04 22:09:50 +09:00
Suikan
98ad669b13 Update changelog 
Add the return status validation
Issue #7
 2021-07-04 22:09:22 +09:00
Suikan
e3e3599561 Add error handling on lvcreate root 2021-07-04 22:00:55 +09:00
Suikan
95d8c6f62c Add and adjust erro rhanding. 
Add error handling afer dd.
Error message of pre-install is now conditional.
 2021-07-04 21:54:29 +09:00
Suikan
6810e4414a Added error handling 
Add the return status validation
Issue #7
 2021-07-04 21:41:49 +09:00
Suikan
8f8aecd275 Merge branch 'feature/8' into develop 2021-07-04 16:35:20 +09:00
Suikan
989ca530ce Changelog updated 2021-07-04 16:35:05 +09:00
Suikan
fb47c71a02 Cancelation message corrected. 
Wrong message after cancallation
Issue : #8
 2021-07-04 16:28:19 +09:00
Suikan
0177674c79 Merge branch 'feature/6' into develop 2021-07-04 16:20:13 +09:00
Suikan
2554ed823a Update changelog. 2021-07-04 16:19:47 +09:00
Suikan
717fe7687a Removed sed dependency 
Issue  #6
Remove loglevel dependency from the void-kaiten-yaki.sh
 2021-07-04 15:50:36 +09:00
Suikan
ac7b0bd932 Merge branch 'feature/5' into develop 2021-07-04 15:33:50 +09:00
Suikan
70ae04d1e1 Update changelog 2021-07-04 15:33:36 +09:00
Suikan
91db393dd2 Add double quote for ease-of-read 2021-07-04 15:18:14 +09:00
Suikan
c504de3d9b Fix unbalance if - fi 2021-07-04 15:15:06 +09:00
Suikan
1ca9e3465f Overwrite install is implemented 
Issue #5
OVERWRITEINSTALL confirmation is missing
 2021-07-04 15:08:59 +09:00
Seiichi "Suikan" Horie
858dadff8f
Merge pull request #4 from suikan4github/develop 
Merge Develop as hot fix
 2021-07-03 12:41:52 +00:00
Seiichi "Suikan" Horie
2aef4ae4a9
Merge pull request #3 from suikan4github/develop 
Merge Develop to main to release
 2021-07-03 12:36:50 +00:00
10 changed files with 1014 additions and 571 deletions
Download patch file Download diff file Expand all files Collapse all files

90
CHANGELOG.md
View file

@ -2,13 +2,93 @@
Record of the modification in project development.
## [Unreleased] - yyyy-mm-dd
### Added
### Changed
### Deprecated
### Removed
### Fixed
### Security
### Known Issue
## [1.3.1] - 2023-04-15
### Added
### Changed
### Deprecated
### Removed
### Fixed
- [Issue 43 : Partition names should be prefixed by "p" for NVMe](https://github.com/suikan4github/kaiten-yaki/pull/43). Thank you Uraza for your contribution.
### Known Issue
## [1.3.0] - 2022-05-15
### Added
- [Issue 31 : Add extra partition functionality.](https://github.com/suikan4github/kaiten-yaki/issues/31)
- [Issue 33 : Support "M/G/T" as size prefix.](https://github.com/suikan4github/kaiten-yaki/issues/33)
### Changed
- [Issue 38 : "Ready to reboot" message should be changed](https://github.com/suikan4github/kaiten-yaki/issues/38)
- [Issue 39 : Change message style](https://github.com/suikan4github/kaiten-yaki/issues/39)
### Deprecated
- [Issue 34 : BIOS support should be obsoleted ](https://github.com/suikan4github/kaiten-yaki/issues/34)
### Removed
- [Issue 35 : Remove XTERMFONTSIZE variable.](https://github.com/suikan4github/kaiten-yaki/issues/35)
### Fixed
- [Issue 32 : Ubuntu 22.04 fails to deactivate the swap](https://github.com/suikan4github/kaiten-yaki/issues/32)
- [Issue 36 : Clear the PASSPHRASE variable at the end of installation](https://github.com/suikan4github/kaiten-yaki/issues/36)
### Known Issue
## [1.2.0] - 2021-10-16
### Added
### Changed
- [Issue 25 : Refactoring: Sourcing config.sys is not needed in the chrooted_job](https://github.com/suikan4github/kaiten-yaki/issues/25)
- [Issue 26 : Update AN01 for btrfs](https://github.com/suikan4github/kaiten-yaki/issues/26)
- [Issue 27 : Eliminates the confirmation dialog](https://github.com/suikan4github/kaiten-yaki/issues/27)
### Deprecated
### Removed
- [Issue 28 : Move application notes to Wiki](https://github.com/suikan4github/kaiten-yaki/issues/28)
### Fixed
- [Issue 24 : Fail to install the ubuntu when the / volume is btrfs](https://github.com/suikan4github/kaiten-yaki/issues/24)
- [Issue 29 : Item should be added to /etc/dracut.conf.d/10-crypt.conf , rather than be overwritten](https://github.com/suikan4github/kaiten-yaki/issues/29)
### Known Issue
## [1.1.0] - 2021-07-11
Added ITERTIME parameter and corrected other small issues. Application notes AN01 - AN04 are added.
The Followings are tested distributions
- Ubuntu 20.04.2
- Ubuntu MATE 20.04.2
- Ubuntu 21.04
- Void Linux glibc 20210218 mate
- Void Linux musl 20210218 mate
- Void Linux glibc 20210218 base
See [Testing before release v1.1.0](https://github.com/suikan4github/kaiten-yaki/issues/16).
### Added
- [Issue 13 : Add ITERTIME configuration parameter to config.txt](https://github.com/suikan4github/kaiten-yaki/issues/13)
- [Issue 18 : Add a consideration of the number of key slot](https://github.com/suikan4github/kaiten-yaki/issues/18)
- [Issue 19 : Add a consideration of more flexible partitioning](https://github.com/suikan4github/kaiten-yaki/issues/19)
- [Issue 20 : Add a consideration of LUKS stretching](https://github.com/suikan4github/kaiten-yaki/issues/20)
- [Issue 21 : Add a document of how to recover from the mistyping of passphrase](https://github.com/suikan4github/kaiten-yaki/issues/21)
### Changed
- [Issue 5 : OVERWRITEINSTALL confirmation is missing](https://github.com/suikan4github/kaiten-yaki/issues/5)
- [Issue 6 : Remove loglevel dependency from the void-kaiten-yaki.sh ](https://github.com/suikan4github/kaiten-yaki/6)
- [Issue 7 : Add the return status validation ](https://github.com/suikan4github/kaiten-yaki/7)
- [Issue 11 : Make chroot'ed job independent script file ](https://github.com/suikan4github/kaiten-yaki/11)
- [Issue 12 : change ERASEALL=0 as default ](https://github.com/suikan4github/kaiten-yaki/12)
- [Issue 14 : Change config.sh description ](https://github.com/suikan4github/kaiten-yaki/14)
### Deprecated
### Removed
### Fixed
- [Issue 8 : Wrong message after cancellation ](https://github.com/suikan4github/kaiten-yaki/8)
- [Issue 15 : CITERTIME parameter is not passed to the chrooted_job ](https://github.com/suikan4github/kaiten-yaki/15)
- [Issue 17 : Unmount fails ](https://github.com/suikan4github/kaiten-yaki/17)
### Known Issue
## [1.0.0] - 2021-07-03
@ -24,5 +104,9 @@ Record of the modification in project development.
### Known Issue
[Unreleased]: https://github.com/suikan4github/kaiten-yaki/compare/v1.0.0...develop
[Unreleased]: https://github.com/suikan4github/kaiten-yaki/compare/v1.3.0...develop
[1.3.1]: https://github.com/suikan4github/kaiten-yaki/compare/v1.3.0...v1.3.1
[1.3.0]: https://github.com/suikan4github/kaiten-yaki/compare/v1.2.0...v1.3.0
[1.2.0]: https://github.com/suikan4github/kaiten-yaki/compare/v1.1.0...v1.2.0
[1.1.0]: https://github.com/suikan4github/kaiten-yaki/compare/v1.0.0...v1.1.0
[1.0.0]: https://github.com/suikan4github/kaiten-yaki/compare/v0.0.0...v1.0.0

169
INSTALL.md
View file

@ -6,47 +6,52 @@ Installation requires mainly 2 steps.
- Run the kaiten-yaki script
You can execute the install script without the command line parameter. For example :
```shell
```sh
source ubuntu-kaiten-yaki.sh
```
The first stage of the script is preparation like: erasing a disk, format partition, and encryption. This is the most critical stage of the entire installation process. This part is controlled by the configuration parameter. Thus, you have to edit the config.txt carefully.
The first stage of the script is preparation like: erasing a disk, format partition, and encryption. This is the most critical stage of the entire installation process. This part is controlled by the configuration parameter. Thus, you have to edit the config.sh carefully.
In the second stage, the distribution-dependent GUI/TUI installer is invoked from the running script. That is the Ubiquity/void-installer of Ubuntu/Void Linux, respectively.
The third stage is easy. There is nothing the user can do. Everything is automatic.
The third stage configures the target Linux system to decrypt the encrypted volume automatically, without prompting user to type passphrase. In this stage, Everything is automatic.
# Installation
Follow the steps below.
## Shell preparation
First of all, promote the shell to root. Almost of the procedure requires root privilege. Note that the scripts require Bash.
First of all, promote the shell to root. Kaiten-yaki script requires root permission to edit the storage device. Note that the scripts require Bash as shell.
In the case of Ubuntu :
```bash
In the case of Ubuntu installation:
```sh
# Promote to the root user
sudo -i /bin/bash
```
In the case of Void-Linux :
```bash
In the case of Void Linux installation:
```sh
# Promote to the root user
sudo -i /bin/bash
xbps-install -Su xbps nano
```
The nano is an editor package to configure the config.txt. The choice of editor is up to you. Kaiten-yaki script doesn't have a dependency on nano editor.
Then, edit the config.txt.
The nano is an editor package to configure the config.sh. The choice of editor is up to you. Kaiten-yaki script doesn't have a dependency on nano editor.
And then, go to the kaiten-yaki/script directory.
```sh
cd /the/downloaded/directory/kaiten-yaki/script
```
Now, ready to configure.
## Configuration parameters
This is a very critical part of the installation. The configuration parameters are in the config.sh. Edit these parameters before the installation.
Followings are the set of the default settings of the parameters :
- Install to **/dev/sda** (DEV).
- Erase the entire disk (ERASEALL).
- Overwrite install is disabled.
- Do not erase the entire disk (ERASEALL).
- Do not overwrite the existing logical volume (OVERWRITEINSTALL).
- In the case of EFI firmware, 200MB is allocated to the EFI partition (EFISIZE).
- Create a logical volume group named "vg1" in the encrypted volume (VGNAME)
- Create a swap logical volume named "swap" in the "vg1". The size is 8GB (LVSWAPNAME,LVSWAPSIZE)
- Create a logical volume named **"anko"** for / in the "vg1". The size of the **50%** of the entire free space (LVROOTNAME, LVROOTSIZE).
- Create a logical volume named **"anko"** as root volume, in the "vg1". The size of the new volume is the **10GB** (LVROOTNAME, LVROOTSIZE).
- No Extra volumes will be created (USELVEXT1, LVEXT1SUFFIX, LVEXT1SIZE, USELVEXT2, LVEXT2SUFFIX, LVEXT2SIZE).
```bash
```sh
# Configuration parameters for Kaiten-Yaki
# Storage device to install the linux.
@ -55,48 +60,97 @@ export DEV="/dev/sda"
# Whether you want to erase all contents of the storage device or not.
# 1 : Yes, I want to erase all.
# 0 : No, I don't. I want to add to the existing LUKS volume.
export ERASEALL=1
export ERASEALL=0
# Logical Volume name for your Linux installation. Keep it unique from other distributions.
# Logical Volume name for your Linux installation.
# Keep it unique from other distribution.
export LVROOTNAME="anko"
# Logical volume size of the Linux installation.
# 30% means the new logical volume will use 30% of the free space in the LVM volume group.
# For example, assume the free space is 100GB, and LVROOTSIZE is 30%FREE. The script will create a 30GB logical volume.
export LVROOTSIZE="50%FREE"
# Suffix of the optional logical volumes.
# If you want to have optional OVs, set USELVEXT# to 1.
# Then, the suffix will be added to the LVROOTNAME.
# For example, Assume you have setting below :
# LVROOTNAME="anko"
# USELVEXT1=1
# LVEXT1SUFFIX="_home"
# USELVEXT2=0
# LVEXT2SUFFIX="_var"
# You will have
# anko
# anko_home
# You will not have anko_var because the USELVEXT2=0.
export USELVEXT1=0
export LVEXT1SUFFIX="_home"
export USELVEXT2=0
export LVEXT2SUFFIX="_var"
# Set the size of the EFI partition and swap partition. The unit is Byte. you can use M, G... notation.
# Volume size parameters.
# Note that the order of the volume creation is :
# 1. EFI if needed
# 2. SWAP
# 3. LVROOT
# 4. LVEXT1 if needed
# 5. LVEXT2 if needed
# Set the size of EFI partition and swap partition.
# The unit is Byte. You can use M,G... notation.
# You CANNOT use the % notation.
export EFISIZE="200M"
# Logical volume size of the swap volumes.
export LVSWAPSIZE="8G"
# Logical volume size of the Linux installation.
# There are four posibble way to specify the volume.
# nnnM, nnnG, nnnT : Absolute size speicification. nnnMbyte, nnnGByte, nnnT byte.
# mm%VG : Use mm% of the entire volume group.
# mm%FREE : Use mm% of the avairable storage are in the volume group.
export LVROOTSIZE="10G"
# Logical volume size of the optional volumes.
export LVEXT1SIZE="30G"
export LVEXT2SIZE="10G"
# Usually, these names can be left untouched.
# If you change, keep them consistent through all installations in your system.
# If you change, keep them consistent through all installation in your system.
export CRYPTPARTNAME="luks_volume"
export VGNAME="vg1"
export LVSWAPNAME="swap"
# Do not touch this parameter unless you understand precisely what you are doing.
# 1: Overwrite the existing logical volume as root volume. 0: Create new logical volume as root volume.
# Do not touch this parameter, unless you understand what you are doing.
# 1 : Overwrite the existing logical volume as root volume.
# 0 : Create new logical volume as root volume.
export OVERWRITEINSTALL=0
# Void Linux only. Ignored in Ubuntu.
# The font size of the void-installer
export XTERMFONTSIZE=11
# Do not touch this parameter, unless you understand what you are doing.
# This is a paameter value of the --iter-time option for cyrptsetup command.
# If you specify 1000, that means 1000mSec. 0 means compile default.
export ITERTIME=0
```
There are several restrictions :
- For the first distribution installation, you must set ERASEALL to 1, to erase the entire screen and create a LUKS partition. Kaiten-yaki script creates a maximum LUKS partition as possible.
- The LVROOMNAME must be unique among all installations in a computer. Otherwise, Kaiten-yaki terminates in a middle.
- The LVSWAPNAME must be unique among all installations in a computer. Otherwise, Kaiten-yaki creates an unnecessary logical volume. This is a waste of storage resources.
- For the first distribution installation, you must set ERASEALL to 1, to erase the entire storage device and create a LUKS partition. Kaiten-yaki script creates a maximum LUKS partition as possible.
- The CRYPTPARTNAME and VGNAME must be unique among all installations in a physical disk. Otherwise, Kaiten-yaki terminates in a middle.
- The LVSWAPNAME must be identical among all installations in a physical disk. Otherwise, Kaiten-yaki creates an unnecessary logical volume. This is a waste of storage resources.
- The EFISIZE and the LVSWAPSIZE are refereed during the first distribution installation only.
- The LVROOTSIZE is the size of a logical volume to create. This is a relative value to the existing free space in the volume group. If you want to install 3 distributions in a computer, you may want to set 33%FREE, 50%FREE, and 100%FREE for the first, second, and third distribution installation, respectively.
- The name with "-" is not allowed for the VGNAME, LVROOTNAME, and LVSWAPNAME. I saw some installer doesn't work if "-" in in the name.
## About the overwrite-install
- The LVROOTSIZE, LVEXT1SIZE, LVEXT2SIZE are the size of a logical volumes to create. There are several way to specify the size ( where n is number) :
- nnnM : New logical volume size is nnn**MByte**.
- nnnG : New logical volume size is nnn**GByte**.
- nnnT : New logical volume size is nnn**TByte**.
- nn%VG : New logical volume size is nn% of the **entire volume group**.
- nn%FREE : New logical volume size is nn% of the **free space** in the volume group.
- The name with "-" is not allowed for the VGNAME, LVROOTNAME, and LVSWAPNAME. I saw some distribution installer doesn't work if "-" in in the name.
### About the overwrite-install
The OVERWRITEINSTALL parameter allows you to use an existing logical volume as the root volume of the new installation.
This is very dangerous because of several aspects like destroying the wrong volume and the risk of security. But sometimes it is
very useful.
For example, assume you are installing a distribution by Kaiten-yaki. If you reboot the system at the end of GUI/TUI installer by mistake, your system will never boot again.
For example, assume you are installing a distribution by Kaiten-yaki. If you reboot the system at the end of GUI/TUI installer by mistake, your system may never boot again.
In this case, the overwrite-install can recycle this "bad" logical volume and let your system boot again.
To use the overwrite-install, you have to set some parameters as follows:
@ -108,20 +162,51 @@ And set the following parameters as same as the previous installation.
- VGNAME
- CRYPTPARTNAME
So, Kaiten-yaki will leave the "bad" logical volume and allow you to overwrite it by GUI/TUI installer.
Kaiten-yaki will leave the LUKS encrypted partition and allow you to overwrite the "bad" logical volume by GUI/TUI installer.
### About ITERTIME parameter
This parameter is recommended to left as default value (=0), unless you understand what it mean well.
The ITERTIME parameter is passed as --iter-time parameter to the [cryptosetup command](https://man7.org/linux/man-pages/man8/cryptsetup.8.html), when script setup the LUKS crypto volume. See [AN03](https://github.com/suikan4github/kaiten-yaki/wiki/AN03:-The-ITERTIME-parameter-and-vulnerability)
The unit of value is milliseconds. The target linux kernel may take this duration, to calculate a hash value from the given passphrase. You can change this duration through this parameter.
The smaller value gives the weaker security.
### About the extra logical volume
From ver 1.3.0, Kaiten-yaki support two extra volume in addition to LVROOT and LVSWAP.
- LVEXT1
- LVEXT2
The usage of the extra logical volume is up to the user. Typically, user may want to use it for example separated /home partition.
The name of the extra volume is the concatenation of the LVROOTNAME and LVEXTnSUFFIX ( where n is 1 or 2 ). For example, let's assume following configuration :
- LVROOTNAME="FOO"
- LVEXT1SUFFIX="_BAR"
Thus, the name of the LVEXT1 is "FOO_BAR".
### Partition and logical volume creation order.
Kaiten-yaki creates the partition/volume in the following order :
1. EFI partition
1. LUKS partition
1. LVSWAP
1. LVROOT
1. LVEXT1
1. LVEXT2
## First stage: Setting up the volumes
After you set the configuration parameters correctly, execute the following command from the shell. Again, you have to be promoted as the root user, and you have to use Bash.
In the case of Ubuntu :
```bash
```sh
source ubuntu-kaiten-yaki.sh
```
In the case of Void Linux
```bash
```sh
source void-kaiten-yaki.sh
```
After several interactive confirmations, Kaiten-yaki will ask you to input a passphrase. This passphrase will be applied to the encryption of the LUKS volume. Make sure you use identical passphrases between all installations of the distributions in a computer. Otherwise, the install process terminates with an error.
After printing the configuration parameters, Kaiten-yaki will prompt you to input a passphrase. This passphrase will be applied to the encryption of the LUKS volume. Make sure you use identical passphrases between all installations of the distributions in a computer. Otherwise, the install process terminates with an error, except the case of the ERASEALL configuration parameter is 1.
## Second stage : GUI/TUI installer
After the first script finishes, the GUI/TUI installer starts automatically. Configure it as usual and run it. Ensure you map the following correctly.
@ -131,12 +216,12 @@ Target Directory | Host Volume | Comment
/ | /dev/mapper/vg1-ubuntu | Host volume name is up to your configuration parameter.
swap | /dev/mapper/swap | Only the first distribution installation requires this mapping.
During the GUI/TUI installer copying files, Kaiten-yaki modifies the /etc/default/grub of the target system. This is the pretty dirty way. But if we don't modify this file, GUI/TUI installer fails at last.
During the GUI/TUI installer copying files, Kaiten-yaki modifies the /etc/default/grub of the target system. This is a pretty dirty way. But if we don't modify this file, GUI/TUI installer fails at last.
![Ubuntu Partitioning](image/ubuntu_partitioning.png)
![Void Partitioning](image/void_partitioning.png)
## Do not reboot
### Do not reboot
At the end of the GUI/TUI installing, do not reboot the system. Click "Continue" and just exit the GUI/TUI installer without rebooting. Otherwise, we cannot finalize the entire installation process.
![Ubuntu done](image/ubuntu_done.png)
@ -145,7 +230,7 @@ At the end of the GUI/TUI installing, do not reboot the system. Click "Continue"
## Third stage: Finalizing
After GUI/TUI installer quits without rebooting, the final part of the install process automatically starts.
In this section, Kaiten-yaki put the encryption key of the LUKS volume into the ramfs initial stage to allow the Linux kernel to decrypt the LUKS partition which contains root logical volume. So, the system will ask you passphrase only once when GRUB starts.
In this section, Kaiten-yaki put the encryption key of the LUKS volume into the initramfs image to allow the Linux kernel decrypting the LUKS partition which contains root logical volume. Thus, the system will ask you the passphrase only once when GRUB starts.
You can reboot the system if you see the "Ready to reboot" message on the console.

43
README.md
View file

@ -1,20 +1,21 @@
# Kaiten-yaki: Full disk encryption install script for Linux
Kaiten-yaki is a script set to install to your desktop system. With these scripts, you can install Ubuntu/Void Linux to an encrypted partition easily.
Kaiten-yaki v1.3.0 is a script set to install Linux to your AMD64 desktop system. With these scripts, you can install Ubuntu/Void Linux to an encrypted partition easily.
The followings are the list of functionalities:
- Ubuntu and Void Linux.
- Install from LiveCD/USB.
- Ubuntu and Void Linux support.
- Help to install from LiveCD/USB.
- Invoke GUI/TUI installer automatically at the middle of script execution, for the ease of installation.
- Automatic detection of BIOS/EFI firmware and create MBR/GPT, respectively.
- Automatic detection of EFI firmware and create GPT (The BIOS detection and MBR creation function exist. But they are not test from v1.3.0).
- Create an EFI partition, if needed.
- Support multiple boot in a LUKS partition.
- The "/boot" is located in the same logical volume as the "/".
- The swap logical volume is located inside the encrypted volume.
- You need to type a passphrase only once in the boot sequence.
- Support btrfs in addition to the major file systems.
- The "/boot" is located in the same encrypted logical volume with the "/".
- The swap is located in the same encrypted logical volume with the "/".
- You need to type a passphrase only once in the boot sequence of the installed system.
With the configuration parameters, you can customize each installation. For example, you can configure the system to have 2, 3, or 4,... distributions in an HDD/SSD, as you want.
Following is the HDD/SSD partitioning plan of these scripts ( In the case of BIOS, the disk has MBR and doesn't have an EFI partition, while it is depicted here).
Following is the HDD/SSD partitioning plan of these scripts ( In the case of BIOS, the disk has MBR and doesn't have an EFI partition).
![Partition Diagram](image/partition_diagram_0.png)
@ -24,24 +25,34 @@ As depicted above, the LVM volume group has only one physical volume.
# Tested environment
These scripts are tested with the following environment.
- VMVare Workstation 15.5.7 ( EFI )
- Ubuntu 22.04 amd64 desktop
- void-live-x86_64-20210930-xfce.iso
- void-live-x86_64-20210930.iso
- Followings are the tested environment of the Kaiten-Yaki v1.2.0
- VMWare Workstation 15.5.7 ( EFI/BIOS )
- ThinkPad X220 (BIOS)
- Ubuntu 20.04.2 amd64 desktop
- Ubuntu Mate 20.04.2 amd64 desktop
- Ubuntu 20.04.3 amd64 desktop
- Ubuntu 21.04 amd64 desktop
- Ubuntu 21.10 amd64 desktop
- Ubuntu Mate 20.04.3 amd64 desktop
- void-live-x86_64-20210218-mate.iso
- void-live-x86_64-musl-20210218-mate.iso
- void-live-x86_64-20210218.iso
# Installation
Start the PC with the LiveCD/LiveUSB of the distribution to install. Download this repository from GitHub, and expand it.
Rough procedure of the installation is as followings :
1. Start the PC with the LiveCD/LiveUSB of the distribution to install
1. Download this repository from GitHub
3. Run the script.
Then, go to the script directory and follow the procedure in the [INSTALL.md](INSTALL.md)
# Known issues
If you install two or more Void Linux into the EFI system, only the last one can boot without trouble. This is not the problem of Kaiten-yaki.
The detail procedure is explained in the [INSTALL.md](INSTALL.md).
# Variants considerations
Ubuntu has several variants ( flavors ). While I have tested only MATE flavor, other flavors may work correctly as far as it uses Ubiquity installer.
Ubuntu has several variants ( flavors ). While while only the Ubuntu desktop is tested, other flavors may work correctly as far as it uses Ubiquity installer.
# Other resources
See [Wiki](https://github.com/suikan4github/kaiten-yaki/wiki) for the application notes and the useful links.
# Acknowledgments
These scripts are based on the script by [myn's diary](https://myn.hatenablog.jp/entry/install-ubuntu-focal-with-lvm-on-luks). That page contains rich information, hint, and techniques around the encrypted volume and Ubiquity installer.

90
script/config.sh
View file

@ -8,33 +8,75 @@ export DEV="/dev/sda"
# Whether you want to erase all contents of the storage device or not.
# 1 : Yes, I want to erase all.
# 0 : No, I don't. I want to add to the existing LUKS volume.
export ERASEALL=1
export ERASEALL=0
# Logical Volume name for your Linux installation. Keep it unique from other distribution.
# Logical Volume name for your Linux installation.
# Keep it unique from other distribution.
export LVROOTNAME="anko"
# Logical volume size of the Linux installation.
# 30% mean, new logical volume will use 30% of the free space in the LVM volume group.
# For example, assume the free space is 100GB, and LVROOTSIZE is 30%FREE. Script will create 30GB logical volume.
export LVROOTSIZE="50%FREE"
# Suffix of the optional logical volumes.
# If you want to have optional OVs, set USELVEXT# to 1.
# Then, the suffix will be added to the LVROOTNAME.
# For example, Assume you have setting below :
# LVROOTNAME="anko"
# USELVEXT1=1
# LVEXT1SUFFIX="_home"
# USELVEXT2=0
# LVEXT2SUFFIX="_var"
# You will have
# anko
# anko_home
# You will not have anko_var because the USELVEXT2=0.
export USELVEXT1=0
export LVEXT1SUFFIX="_home"
export USELVEXT2=0
export LVEXT2SUFFIX="_var"
# Set the size of EFI partition and swap partition. The unit is Byte. you can use M,G... notation.
# Volume size parameters.
# Note that the order of the volume creation is :
# 1. EFI if needed
# 2. SWAP
# 3. LVROOT
# 4. LVEXT1 if needed
# 5. LVEXT2 if needed
# Set the size of EFI partition and swap partition.
# The unit is Byte. You can use M,G[Kaiten-Yaki] notation.
# You CANNOT use the % notation.
export EFISIZE="200M"
# Logical volume size of the swap volumes.
export LVSWAPSIZE="8G"
# Logical volume size of the Linux installation.
# There are four posibble way to specify the volume.
# nnnM, nnnG, nnnT : Absolute size speicification. nnnMbyte, nnnGByte, nnnT byte.
# mm%VG : Use mm% of the entire volume group.
# mm%FREE : Use mm% of the avairable storage are in the volume group.
export LVROOTSIZE="10G"
# Logical volume size of the optional volumes.
export LVEXT1SIZE="30G"
export LVEXT2SIZE="10G"
# Usually, these names can be left untouched.
# If you change, keep them consistent through all instllation in your system.
# If you change, keep them consistent through all installation in your system.
export CRYPTPARTNAME="luks_volume"
export VGNAME="vg1"
export LVSWAPNAME="swap"
# Do not touch this parameter, unless you understand precisely what you are doing.
# 1 : Overwrite the existing logical volume as root vlume. 0 : Create new logical volume as root volume.
# Do not touch this parameter, unless you understand what you are doing.
# 1 : Overwrite the existing logical volume as root volume.
# 0 : Create new logical volume as root volume.
export OVERWRITEINSTALL=0
# Void Linux only. Ignored in Ubuntu.
# The font size of the void-installer
export XTERMFONTSIZE=11
# Do not touch this parameter, unless you understand what you are doing.
# This is a paameter value of the --iter-time option for cyrptsetup command.
# If you specify 1000, that means 1000mSec. 0 means compile default.
export ITERTIME=0
# !!!!!!!!!!!!!! DO NOT EDIT FOLLOWING LINES. !!!!!!!!!!!!!!
@ -45,20 +87,20 @@ else
export ISEFI=0 # No, BIOS
fi # is EFI firmaare?
# Detect drive type.
# For NVME drives, partition names should be prefixed by p.
if [[ ${DEV} == *"nvme"* ]] ; then
export PARTPREFIX="p" # Yes, NVME
else
export PARTPREFIX="" # No, regular
fi
# Set partition number based on the firmware type
if [ ${ISEFI} -ne 0 ] ; then
# EFI firmware
export EFIPARTITION=1
export CRYPTPARTITION=2
export EFIPARTITION=${PARTPREFIX}1
export CRYPTPARTITION=${PARTPREFIX}2
else
# BIOS firmware
export CRYPTPARTITION=1
export CRYPTPARTITION=${PARTPREFIX}1
fi # EFI firmware
# Detect the GUI environment
# This code is not efered. Just left because it is interestintg code.
if env | grep -w -e XDG_SESSION_TYPE -e DISPLAY -e WAYLAND_DISPLAY > /dev/null ; then
export GUIENV=1 # set 1 if GUI env.
else
export GUIENV=0 # set 0 if not GUI env.
fi

318
script/lib.sh
View file

@ -1,318 +0,0 @@
#!/bin/bash -u
# *******************************************************************************
# Confirmation and Passphrase setting
# *******************************************************************************
function confirmation(){
# Consistency check for the OVERWRITEINSTALL and ERASEALL
if [ "${ERASEALL}" -ne 0 ] && [ "${OVERWRITEINSTALL}" -ne 0 ] ; then
cat <<- HEREDOC
***** ERROR : Confliction between ERASEALL and OVERWRITEINSTALL *****
...ERASEALL = ${ERASEALL}
...OVERWRITEINSTALL = ${OVERWRITEINSTALL}
...Check configuration in your config.sh
...Installation process terminated..
HEREDOC
return 1 # with error status
fi
# Sanity check for volume group name
if echo "${VGNAME}" | grep "-" -i > /dev/null ; then # "-" is found in the volume group name.
cat <<- HEREDOC
***** ERROR : VGNAME is "${VGNAME}" *****
..."-" is not allowed in the volume name.
...Check configuration in your config.sh
...Installation process terminated..
HEREDOC
return 1 # with error status
fi # "-" is found in the volume group name.
# Sanity check for root volume name
if echo "${LVROOTNAME}" | grep "-" -i > /dev/null ; then # "-" is found in the volume name.
cat <<- HEREDOC
***** ERROR : LVROOTNAME is "${LVROOTNAME}" *****
..."-" is not allowed in the volume name.
...Check configuration in your config.sh
...Installation process terminated..
HEREDOC
return 1 # with error status
fi # "-" is found in the volume name.
# Sanity check for swap volume name
if echo "${LVSWAPNAME}" | grep "-" -i > /dev/null ; then # "-" is found in the volume name.
cat <<- HEREDOC
***** ERROR : LVSWAPNAME is "${LVSWAPNAME}" *****
..."-" is not allowed in the volume name.
...Check configuration in your config.sh
...Installation process terminated..
HEREDOC
return 1 # with error status
fi # "-" is found in the volume name.
# For surre ask the your config.sh is edited
cat <<- HEREDOC
The destination logical volume label is "${LVROOTNAME}"
"${LVROOTNAME}" uses ${LVROOTSIZE} of the LVM volume group.
Are you sure to install? [Y/N]
HEREDOC
read -r YESNO
if [ "${YESNO}" != "Y" ] && [ "${YESNO}" != "y" ] ; then
cat <<- HEREDOC
...Installation process terminated..
HEREDOC
return 1 # with error status
fi # if YES
# For sure ask to be sure to erase.
if [ "${ERASEALL}" -ne 0 ] ; then
echo "Are you sure you want to erase entire ${DEV}? [Y/N]"
read -r YESNO
if [ "${YESNO}" != "Y" ] && [ "${YESNO}" != "y" ] ; then
cat <<-HEREDOC
...Check your config.sh. The variable ERASEALL is ${ERASEALL}.
...Installation process terminated..
HEREDOC
return 1 # with error status
fi # if YES
fi # if erase all
# ----- Set Passphrase -----
# Input passphrase
echo ""
echo "Type passphrase for the disk encryption."
read -sr PASSPHRASE
export PASSPHRASE
echo "Type passphrase again, to confirm."
read -sr PASSPHRASE_C
# Validate whether both are indentical or not
if [ "${PASSPHRASE}" != "${PASSPHRASE_C}" ] ; then
cat <<-HEREDOC
***** ERROR : Passphrase doesn't match *****
...Installation process terminated..
HEREDOC
return 1 # with error status
fi # passphrase validation
# succesfull return
return 0
}
# *******************************************************************************
# Pre-install stage
# *******************************************************************************
function pre_install() {
# ----- Erase entire disk, create partitions, format them and encrypt the LUKS partition -----
if [ "${ERASEALL}" -ne 0 ] ; then
# Assign specified space and rest of disk to the EFI and LUKS partition, respectively.
if [ "${ISEFI}" -ne 0 ] ; then # EFI
# Zap existing partition table and create new GPT
echo "...Initializing \"${DEV}\" with GPT."
sgdisk --zap-all "${DEV}"
# Create EFI partition and format it
echo "...Creating an EFI partition on \"${DEV}\"."
# shellcheck disable=SC2140
sgdisk --new="${EFIPARTITION}":0:+"${EFISIZE}" --change-name="${EFIPARTITION}":"EFI System" --typecode="${EFIPARTITION}":ef00 "${DEV}"
echo "...Formatting the EFI parttion."
mkfs.vfat -F 32 -n EFI-SP "${DEV}${EFIPARTITION}"
# Create Linux partition
echo "...Creating a Linux partition on ${DEV}."
# shellcheck disable=SC2140
sgdisk --new="${CRYPTPARTITION}":0:0 --change-name="${CRYPTPARTITION}":"Linux LUKS" --typecode="${CRYPTPARTITION}":8309 "${DEV}"
# Then print them
sgdisk --print "${DEV}"
else # BIOS
# Zap existing partition table
echo "...Erasing partition table of \"${DEV}\"."
dd if=/dev/zero of="${DEV}" bs=512 count=1
# Create MBR and allocate max storage for Linux partition
echo "...Creating a Linux partition on ${DEV} with MBR."
sfdisk "${DEV}" <<- HEREDOC
2M,,L
HEREDOC
fi # if EFI firmware
# Encrypt the partition to install Linux
echo "...Initializing \"${DEV}${CRYPTPARTITION}\" as crypt partition"
printf %s "${PASSPHRASE}" | cryptsetup luksFormat --type=luks1 --key-file - --batch-mode "${DEV}${CRYPTPARTITION}"
fi # if erase all
# ----- Open the LUKS partition -----
# Open the crypt partition.
echo "...Opening a crypt partition \"${DEV}${CRYPTPARTITION}\" as \"${CRYPTPARTNAME}\""
printf %s "${PASSPHRASE}" | cryptsetup open -d - "${DEV}${CRYPTPARTITION}" "${CRYPTPARTNAME}"
# Check whether successful open. If mapped, it is successful.
if [ ! -e /dev/mapper/"${CRYPTPARTNAME}" ] ; then
cat <<- HEREDOC
***** ERROR : Cannot open LUKS volume "${CRYPTPARTNAME}" on "${DEV}${CRYPTPARTITION}". *****
...Check passphrase and your config.txt
...Installation process terminated..
HEREDOC
return 1 # with error status
fi # if crypt volume is unable to open
# ----- Configure the LVM in LUKS volume -----
# Check volume group ${VGNAME} exist or not
if vgdisplay -s "${VGNAME}" &> /dev/null ; then # if exist
echo "...Volume group \"${VGNAME}\" already exist. Skipped to create. No problem."
echo "...Activating all logical volumes in volume group \"${VGNAME}\"."
vgchange -ay
echo "...Scanning all logical volumes."
lvscan
else
echo "...Initializing a physical volume on \"${CRYPTPARTNAME}\""
pvcreate /dev/mapper/"${CRYPTPARTNAME}"
echo "...And then creating Volume group \"${VGNAME}\"."
vgcreate "${VGNAME}" /dev/mapper/"${CRYPTPARTNAME}"
fi # if /dev/volume-groupt exist
# Create a SWAP Logical Volume on VG, if it doesn't exist
if [ -e /dev/mapper/"${VGNAME}"-"${LVSWAPNAME}" ] ; then
echo "...Swap volume already exist. Skipped to create. No problem."
else
echo "...Creating logical volume \"${LVSWAPNAME}\" on \"${VGNAME}\"."
lvcreate -L "${LVSWAPSIZE}" -n "${LVSWAPNAME}" "${VGNAME}"
fi # if /dev/mapper/swap volume already exit.
# Create a ROOT Logical Volume on VG.
if [ -e /dev/mapper/"${VGNAME}"-"${LVROOTNAME}" ] ; then # exist
if [ "${OVERWRITEINSTALL}" -ne 0 ] ; then # exist and overwrite install
echo "...Logical volume \"${VGNAME}-${LVROOTNAME}\" already exists. OK."
else # exist and not overwriteinstall
cat <<- HEREDOC
***** ERROR : Logical volume "${VGNAME}-${LVROOTNAME}" already exists. *****
...Check LVROOTNAME environment variable in your config.txt.
HEREDOC
# Deactivate all lg and close the LUKS volume
deactivate_and_close
return 1 # with error status
fi
else # not exsit
if [ "${OVERWRITEINSTALL}" -ne 0 ] ; then
cat <<- HEREDOC
***** ERROR : Logical volume "${VGNAME}-${LVROOTNAME}" doesn't exist while overwrite install. *****
...Check consistency of your config.txt.
HEREDOC
# Deactivate all lg and close the LUKS volume
deactivate_and_close
return 1 # with error status
else # not exist and not overwrite install
echo "...Creating logical volume \"${LVROOTNAME}\" on \"${VGNAME}\"."
lvcreate -l "${LVROOTSIZE}" -n "${LVROOTNAME}" "${VGNAME}"
fi
fi
# successful return
return 0
}
# *******************************************************************************
# Common message in para-install stage
# *******************************************************************************
function para_install_msg() {
cat <<- HEREDOC
******************************************************************************
The pre-install process is done. We are ready to install the Linux to the
target storage device. By pressing return key, GUI/TUI installer starts.
Please pay attention to the partition/logical volume mapping configuration.
In this installation, you have to map the previously created partitions/logical
volumes to the appropriate directories of the target system as followings :
HEREDOC
# In the EFI system, add this mapping
if [ "${ISEFI}" -ne 0 ] ; then
echo "/boot/efi : ${DEV}${EFIPARTITION}"
fi
# Root volume mapping
echo "/ : /dev/mapper/${VGNAME}-${LVROOTNAME}"
# In case of erased storage, add this mapping
if [ "${ERASEALL}" -ne 0 ] ; then
echo "swap : /dev/mapper/${VGNAME}-${LVSWAPNAME}"
fi
return 0
}
# *******************************************************************************
# Deactivate all LV in the VG and close LUKS volume
# *******************************************************************************
function deactivate_and_close(){
echo "...Deactivating all logical volumes in volume group \"${VGNAME}\"."
vgchange -a n "${VGNAME}"
echo "...Closing LUKS volume \"${CRYPTPARTNAME}\"."
cryptsetup close "${CRYPTPARTNAME}"
cat <<- HEREDOC
...Installation process terminated..
HEREDOC
}
# *******************************************************************************
# Delete the nwe volume if overwrite install, and close all
# *******************************************************************************
function on_unexpected_installer_quit(){
echo "***** ERROR : The GUI/TUI installer terminated unexpectedly. *****"
if [ "${OVERWRITEINSTALL}" -eq 0 ] ; then # If not over install, volume is new. So delete it
echo "...Deleting the new logical volume \"${VGNAME}-${LVROOTNAME}\"."
lvremove -f /dev/mapper/"${VGNAME}"-"${LVROOTNAME}"
fi
# Deactivate all lg and close the LUKS volume
deactivate_and_close
echo "...The new logical volume has been deleted. You can retry Kaiten-yaki again."
}
# *******************************************************************************
# Check whether given signaure is in the system information
# *******************************************************************************
function distribution_check(){
if ! uname -a | grep "${DISTRIBUTIONSIGNATURE}" -i > /dev/null ; then # Signature is not found in the OS name.
echo "*******************************************************************************"
uname -a
cat <<- HEREDOC
*******************************************************************************
This system seems to be not $DISTRIBUTIONNAME, while this script is dediated to the $DISTRIBUTIONNAME.
Are you sure you want to run this script? [Y/N]
HEREDOC
read -r YESNO
if [ "${YESNO}" != "Y" ] && [ "${YESNO}" != "y" ] ; then
cat <<- HEREDOC
...Installation process terminated..
HEREDOC
return 1 # with error status
fi # if YES
fi # Distribution check
# no error
return 0
}

45
script/lib/chrooted_job_ubuntu.sh Normal file
View file

@ -0,0 +1,45 @@
#!/bin/bash
# Create a key file for LUKS and register it as contents of the initramfs image
function chrooted_job() {
# Mount the rest of partitions by target /etc/fstab
mount -a
# Prepare the crypto tool in the install target
echo "[Kaiten-Yaki] Installing cryptsetup-initramfs package."
apt -qq install -y cryptsetup-initramfs
# Prepare a new key file to embed in to the ramfs.
# This new file contains a new key to open the LUKS volume.
# The new key is 4096byte length binary value.
# Because this key is sotred as "cleartext", in the target file sysmte,
# only root is allowed to access this key file.
echo "[Kaiten-Yaki] Prepairing key file."
mkdir /etc/luks
dd if=/dev/urandom of=/etc/luks/boot_os.keyfile bs=4096 count=1 status=none
chmod u=rx,go-rwx /etc/luks
chmod u=r,go-rwx /etc/luks/boot_os.keyfile
# Add the new key to the LUKS 2nd key slot. The passphrase is required to modify the LUKS keyslot.
echo "[Kaiten-Yaki] Adding a key to the key file."
printf %s "${PASSPHRASE}" | cryptsetup luksAddKey --iter-time "${ITERTIME}" -d - "${DEV}${CRYPTPARTITION}" /etc/luks/boot_os.keyfile
# Register the LUKS voluem to /etc/crypttab to tell "This volume is encrypted"
echo "[Kaiten-Yaki] Adding LUKS volume info to /etc/crypttab."
echo "${CRYPTPARTNAME} UUID=$(blkid -s UUID -o value ${DEV}${CRYPTPARTITION}) /etc/luks/boot_os.keyfile luks,discard" >> /etc/crypttab
# Add key file to the list of the intems in initramfs.
# See https://cryptsetup-team.pages.debian.net/cryptsetup/README.initramfs.html for detail
echo "[Kaiten-Yaki] Directing to include keyfile into the initramfs"
echo "KEYFILE_PATTERN=/etc/luks/*.keyfile" >> /etc/cryptsetup-initramfs/conf-hook
echo "UMASK=0077" >> /etc/initramfs-tools/initramfs.conf
# Finally, update the ramfs initial image with the key file.
echo "[Kaiten-Yaki] Upadting initramfs."
update-initramfs -uk all
# Leave chroot
}
# Execute job
chrooted_job

46
script/lib/chrooted_job_void.sh Normal file
View file

@ -0,0 +1,46 @@
#!/bin/bash
# Create a key file for LUKS and register it as contents of the initramfs image
function chrooted_job() {
# Mount the rest of partitions by target /etc/fstab
mount -a
# Prepare the crypto tool in the install target
echo "[Kaiten-Yaki] Installing cryptsetup-initramfs package."
xbps-install -y lvm2 cryptsetup
# Prepare a new key file to embed in to the ramfs.
# This new file contains a new key to open the LUKS volume.
# The new key is 4096byte length binary value.
# Because this key is sotred as "cleartext", in the target file sysmte,
# only root is allowed to access this key file.
echo "[Kaiten-Yaki] Prepairing key file."
mkdir /etc/luks
dd if=/dev/urandom of=/etc/luks/boot_os.keyfile bs=4096 count=1 status=none
chmod u=rx,go-rwx /etc/luks
chmod u=r,go-rwx /etc/luks/boot_os.keyfile
# Add the new key to the LUKS 2nd key slot. The passphrase is required to modify the LUKS keyslot.
echo "[Kaiten-Yaki] Adding a key to the key file."
printf %s "${PASSPHRASE}" | cryptsetup luksAddKey --iter-time "${ITERTIME}" -d - "${DEV}${CRYPTPARTITION}" /etc/luks/boot_os.keyfile
# Register the LUKS voluem to /etc/crypttab to tell "This volume is encrypted"
echo "[Kaiten-Yaki] Adding LUKS volume info to /etc/crypttab."
echo "${CRYPTPARTNAME} UUID=$(blkid -s UUID -o value ${DEV}${CRYPTPARTITION}) /etc/luks/boot_os.keyfile luks,discard" >> /etc/crypttab
# Add key file to the list of the intems in initramfs.
# See https://man7.org/linux/man-pages/man5/dracut.conf.5.html for details.
echo "[Kaiten-Yaki] Directing to include keyfile into the initramfs"
echo 'install_items+=" /etc/luks/boot_os.keyfile /etc/crypttab " ' >> /etc/dracut.conf.d/10-crypt.conf
# Finally, update the ramfs initial image with the key file.
echo "[Kaiten-Yaki] Upadting initramfs."
xbps-reconfigure -fa
echo "[Kaiten-Yaki] grub-mkconfig."
grub-mkconfig -o /boot/grub/grub.cfg
# Leave chroot
}
# Execute job
chrooted_job

565
script/lib/common.sh Normal file
View file

@ -0,0 +1,565 @@
#!/bin/bash -u
# *******************************************************************************
# Confirmation and Passphrase setting
# *******************************************************************************
function confirmation(){
# Consistency check for the OVERWRITEINSTALL and ERASEALL
if [ "${ERASEALL}" -ne 0 ] && [ "${OVERWRITEINSTALL}" -ne 0 ] ; then
cat <<- HEREDOC
***** ERROR : Confliction between ERASEALL and OVERWRITEINSTALL *****
[Kaiten-Yaki] ERASEALL = ${ERASEALL}
[Kaiten-Yaki] OVERWRITEINSTALL = ${OVERWRITEINSTALL}
[Kaiten-Yaki] Check configuration in your config.sh
[Kaiten-Yaki] Installation process terminated..
HEREDOC
return 1 # with error status
fi
# Sanity check for volume group name
if echo "${VGNAME}" | grep "-" -i > /dev/null ; then # "-" is found in the volume group name.
cat <<- HEREDOC
***** ERROR : VGNAME is "${VGNAME}" *****
[Kaiten-Yaki] "-" is not allowed in the volume name.
[Kaiten-Yaki] Check configuration in your config.sh
[Kaiten-Yaki] Installation process terminated..
HEREDOC
return 1 # with error status
fi # "-" is found in the volume group name.
# Sanity check for root volume name
if echo "${LVROOTNAME}" | grep "-" -i > /dev/null ; then # "-" is found in the volume name.
cat <<- HEREDOC
***** ERROR : LVROOTNAME is "${LVROOTNAME}" *****
[Kaiten-Yaki] "-" is not allowed in the volume name.
[Kaiten-Yaki] Check configuration in your config.sh
[Kaiten-Yaki] Installation process terminated..
HEREDOC
return 1 # with error status
fi # "-" is found in the volume name.
# Sanity check for lvext1 volume suffix
if [ "${USELVEXT1}" -ne 0 ] ; then
if echo "${LVEXT1SUFFIX}" | grep "-" -i > /dev/null ; then # "-" is found in the volume name.
cat <<- HEREDOC
***** ERROR : LVEXT1SUFFIX is "${LVEXT1SUFFIX}" *****
[Kaiten-Yaki] "-" is not allowed in the volume name.
[Kaiten-Yaki] Check configuration in your config.sh
[Kaiten-Yaki] Installation process terminated..
HEREDOC
return 1 # with error status
fi # "-" is found in the volume suffix.
fi # USELVEXT1
# Sanity check for lvext2 volume suffix
if [ "${USELVEXT2}" -ne 0 ] ; then
if echo "${LVEXT2SUFFIX}" | grep "-" -i > /dev/null ; then # "-" is found in the volume name.
cat <<- HEREDOC
***** ERROR : LVEXT2SUFFIX is "${LVEXT2SUFFIX}" *****
[Kaiten-Yaki] "-" is not allowed in the volume name.
[Kaiten-Yaki] Check configuration in your config.sh
[Kaiten-Yaki] Installation process terminated..
HEREDOC
return 1 # with error status
fi # "-" is found in the volume suffix.
fi # USELVEXT2
# Sanity check for swap volume name
if echo "${LVSWAPNAME}" | grep "-" -i > /dev/null ; then # "-" is found in the volume name.
cat <<- HEREDOC
***** ERROR : LVSWAPNAME is "${LVSWAPNAME}" *****
[Kaiten-Yaki] "-" is not allowed in the volume name.
[Kaiten-Yaki] Check configuration in your config.sh
[Kaiten-Yaki] Installation process terminated..
HEREDOC
return 1 # with error status
fi # "-" is found in the volume name.
# For surre ask the your config.sh is edited
cat <<- HEREDOC
LUKS volume partition : ${DEV}${CRYPTPARTITION}
LUKS volume name : "${CRYPTPARTNAME}"
Volume group name : "${VGNAME}"
Root volume name : "${VGNAME}-${LVROOTNAME}"
Root volume size : "${LVROOTSIZE}"
HEREDOC
if [ "${USELVEXT1}" -ne 0 ] ; then
cat <<- HEREDOC
Extra volume name 1 : "${VGNAME}-${LVROOTNAME}${LVEXT1SUFFIX}"
Extra volume size 1 : "${LVEXT1SIZE}"
HEREDOC
fi # USELVEXT1
if [ "${USELVEXT2}" -ne 0 ] ; then
cat <<- HEREDOC
Extra volume name 2 : "${VGNAME}-${LVROOTNAME}${LVEXT2SUFFIX}"
Extra volume size 2 : "${LVEXT2SIZE}"
HEREDOC
fi # USELVEXT2
cat <<- HEREDOC
Swap volume name : "${VGNAME}-${LVSWAPNAME}"
Swap volume size : "${LVSWAPSIZE}"
--iter-time parameter : ${ITERTIME}
HEREDOC
if [ "${ERASEALL}" -ne 0 ] ; then
echo "[Kaiten-Yaki] Going to erase entire disk ${DEV}."
elif [ "${OVERWRITEINSTALL}" -ne 0 ] ; then
echo "[Kaiten-Yaki] Going to overwrite the logical volume \"${VGNAME}-${LVROOTNAME}\"."
else
echo "[Kaiten-Yaki] Going to create a new logical volume \"${VGNAME}-${LVROOTNAME}\"."
fi
# ----- Set Passphrase -----
# Input passphrase
echo ""
echo "[Kaiten-Yaki] Type passphrase for the disk encryption."
read -sr PASSPHRASE
export PASSPHRASE
echo "[Kaiten-Yaki] Type passphrase again, to confirm."
read -sr PASSPHRASE_C
# Validate whether both are indentical or not
if [ "${PASSPHRASE}" != "${PASSPHRASE_C}" ] ; then
cat <<-HEREDOC
***** ERROR : Passphrase doesn't match *****
[Kaiten-Yaki] Installation process terminated..
HEREDOC
return 1 # with error status
else
# Clear the PASSPHRASE for checking because we don't use it anymore.
PASSPHRASE_C=""
fi # passphrase validation
# Add -l or -L parameter to the size. The lvcreate command have two size parameter.
# -l ###%[FREE|VG|PVS|ORIGIN] : Size by relative value.
# -L ###[M|G|T|m|g|t] : Size by absolute value.
# Too preven the duplicated match, awk exists the process after it match the /%/ pattern.
# If Unit is not specified, installation will fail.
LVSWAPSIZE=$(echo "${LVSWAPSIZE}" | awk '/%/{print "-l", $0; exit} /M|G|T|m|g|t/{print "-L", $0}')
export LVSWAPSIZE
LVROOTSIZE=$(echo "${LVROOTSIZE}" | awk '/%/{print "-l", $0; exit} /M|G|T|m|g|t/{print "-L", $0}')
export LVROOTSIZE
LVEXT1SIZE=$(echo "${LVEXT1SIZE}" | awk '/%/{print "-l", $0; exit} /M|G|T|m|g|t/{print "-L", $0}')
export LVEXT1SIZE
LVEXT2SIZE=$(echo "${LVEXT2SIZE}" | awk '/%/{print "-l", $0; exit} /M|G|T|m|g|t/{print "-L", $0}')
export LVEXT2SIZE
# succesfull return
return 0
}
# *******************************************************************************
# Common Pre-install stage
# *******************************************************************************
function pre_install() {
# Internal variables.
# These variables displays whether the volumes are created in this installation.
IS_ROOT_CREATED=0
IS_LVEXT1_CREATED=0
IS_LVEXT2_CREATED=0
# ----- Erase entire disk, create partitions, format them and encrypt the LUKS partition -----
if [ "${ERASEALL}" -ne 0 ] ; then
# Assign specified space and rest of disk to the EFI and LUKS partition, respectively.
if [ "${ISEFI}" -ne 0 ] ; then # EFI
# Zap existing partition table and create new GPT
echo "[Kaiten-Yaki] Initializing \"${DEV}\" with GPT."
sgdisk --zap-all "${DEV}"
if is_error ; then return 1 ; fi; # If error, terminate
# Create EFI partition and format it
echo "[Kaiten-Yaki] Creating an EFI partition on \"${DEV}\"."
# shellcheck disable=SC2140
sgdisk --new="${EFIPARTITION}":0:+"${EFISIZE}" --change-name="${EFIPARTITION}":"EFI System" --typecode="${EFIPARTITION}":ef00 "${DEV}"
if is_error ; then return 1 ; fi; # If error, terminate
echo "[Kaiten-Yaki] Formatting the EFI parttion."
mkfs.vfat -F 32 -n EFI-SP "${DEV}${EFIPARTITION}"
if is_error ; then return 1 ; fi; # If error, terminate
# Create Linux partition
echo "[Kaiten-Yaki] Creating a Linux partition on ${DEV}."
# shellcheck disable=SC2140
sgdisk --new="${CRYPTPARTITION}":0:0 --change-name="${CRYPTPARTITION}":"Linux LUKS" --typecode="${CRYPTPARTITION}":8309 "${DEV}"
if is_error ; then return 1 ; fi; # If error, terminate
# Then print them
sgdisk --print "${DEV}"
else # BIOS
# Zap existing partition table
echo "[Kaiten-Yaki] Erasing partition table of \"${DEV}\"."
dd if=/dev/zero of="${DEV}" bs=512 count=1
if is_error ; then return 1 ; fi; # If error, terminate
# Create MBR and allocate max storage for Linux partition
echo "[Kaiten-Yaki] Creating a Linux partition on ${DEV} with MBR."
sfdisk "${DEV}" <<- HEREDOC
2M,,L
HEREDOC
if is_error ; then return 1 ; fi; # If error, terminate
fi # if EFI firmware
# Encrypt the partition to install Linux
echo "[Kaiten-Yaki] Initializing \"${DEV}${CRYPTPARTITION}\" as crypt partition"
printf %s "${PASSPHRASE}" | cryptsetup luksFormat --iter-time "${ITERTIME}" --type=luks1 --key-file - --batch-mode "${DEV}${CRYPTPARTITION}"
fi # if erase all
# ----- Open the LUKS partition -----
# Open the crypt partition.
echo "[Kaiten-Yaki] Opening a crypt partition \"${DEV}${CRYPTPARTITION}\" as \"${CRYPTPARTNAME}\""
printf %s "${PASSPHRASE}" | cryptsetup open -d - "${DEV}${CRYPTPARTITION}" "${CRYPTPARTNAME}"
# Check whether successful open. If mapped, it is successful.
if [ ! -e /dev/mapper/"${CRYPTPARTNAME}" ] ; then
cat <<- HEREDOC
***** ERROR : Cannot open LUKS volume "${CRYPTPARTNAME}" on "${DEV}${CRYPTPARTITION}". *****
[Kaiten-Yaki] Check passphrase and your config.txt
[Kaiten-Yaki] Installation process terminated..
HEREDOC
return 1 # with error status
fi # if crypt volume is unable to open
# ----- Configure the LVM in LUKS volume -----
# Check volume group ${VGNAME} exist or not
if vgdisplay -s "${VGNAME}" &> /dev/null ; then # if exist
echo "[Kaiten-Yaki] Volume group \"${VGNAME}\" already exist. Skipped to create. No problem."
echo "[Kaiten-Yaki] Activating all logical volumes in volume group \"${VGNAME}\"."
vgchange -ay
echo "[Kaiten-Yaki] Scanning all logical volumes."
lvscan
else
echo "[Kaiten-Yaki] Initializing a physical volume on \"${CRYPTPARTNAME}\""
pvcreate /dev/mapper/"${CRYPTPARTNAME}"
if [ $? -ne 0 ] ; then deactivate_and_close; return 1 ; fi;
echo "[Kaiten-Yaki] And then creating Volume group \"${VGNAME}\"."
vgcreate "${VGNAME}" /dev/mapper/"${CRYPTPARTNAME}"
if [ $? -ne 0 ] ; then deactivate_and_close; return 1 ; fi;
fi # if /dev/volume-groupt exist
# Create a SWAP Logical Volume on VG, if it doesn't exist
if [ -e /dev/mapper/"${VGNAME}"-"${LVSWAPNAME}" ] ; then
echo "[Kaiten-Yaki] Swap volume already exist. Skipped to create. No problem."
else
echo "[Kaiten-Yaki] Creating logical volume \"${LVSWAPNAME}\" on \"${VGNAME}\"."
# Too use the bash IFS, first parameter is not quoted.
lvcreate ${LVSWAPSIZE} -n "${LVSWAPNAME}" "${VGNAME}"
if [ $? -ne 0 ] ; then deactivate_and_close; return 1 ; fi;
fi # if /dev/mapper/swap volume already exit.
# Create a ROOT Logical Volume on VG.
if [ -e /dev/mapper/"${VGNAME}"-"${LVROOTNAME}" ] ; then # exist
if [ "${OVERWRITEINSTALL}" -ne 0 ] ; then # exist and overwrite install
echo "[Kaiten-Yaki] Logical volume \"${VGNAME}-${LVROOTNAME}\" already exists. OK."
# Create extended volumes if needed
create_ext_lv
if [ $? -ne 0 ] ; then deactivate_and_close; return 1 ; fi;
else # exist and not overwriteinstall
cat <<- HEREDOC
***** ERROR : Logical volume "${VGNAME}-${LVROOTNAME}" already exists. *****
[Kaiten-Yaki] Check LVROOTNAME environment variable in your config.txt.
HEREDOC
# Deactivate all lg and close the LUKS volume
deactivate_and_close
return 1 # with error status
fi
else # not exsit
if [ "${OVERWRITEINSTALL}" -ne 0 ] ; then # not exist and overwrite install
cat <<- HEREDOC
***** ERROR : Logical volume "${VGNAME}-${LVROOTNAME}" doesn't exist while overwrite install. *****
[Kaiten-Yaki] Check consistency of your config.txt.
HEREDOC
# Deactivate all lg and close the LUKS volume
deactivate_and_close
return 1 # with error status
else # not exist and not overwrite install
echo "[Kaiten-Yaki] Creating logical volume \"${LVROOTNAME}\" on \"${VGNAME}\"."
# Too use the bash IFS, first parameter is not quoted.
lvcreate ${LVROOTSIZE} -n "${LVROOTNAME}" "${VGNAME}"
if [ $? -ne 0 ] ; then deactivate_and_close; return 1 ; fi;
IS_ROOT_CREATED=1
# Create extended volumes if needed
create_ext_lv
if [ $? -ne 0 ] ; then deactivate_and_close; return 1 ; fi;
fi
fi
# successful return
return 0
}
# *******************************************************************************
# Common message in para-install stage
# *******************************************************************************
function para_install_msg() {
cat <<- HEREDOC
******************************************************************************
The pre-install process is done. We are ready to install the Linux to the
target storage device. By pressing return key, GUI/TUI installer starts.
Please pay attention to the partition/logical volume mapping configuration.
In this installation, you have to map the previously created partitions/logical
volumes to the appropriate directories of the target system as followings :
HEREDOC
# In the EFI system, add this mapping
if [ "${ISEFI}" -ne 0 ] ; then
echo "/boot/efi : ${DEV}${EFIPARTITION}"
fi
# Root volume mapping
echo "/ : /dev/mapper/${VGNAME}-${LVROOTNAME}"
# If USELVEXT1 exist.
if [ "${USELVEXT1}" -ne 0 ] ; then
echo "LVEXT1 : /dev/mapper/${VGNAME}-${LVROOTNAME}${LVEXT1SUFFIX}"
fi
# If USELVEXT2 exist.
if [ "${USELVEXT2}" -ne 0 ] ; then
echo "LVEXT2 : /dev/mapper/${VGNAME}-${LVROOTNAME}${LVEXT2SUFFIX}"
fi
# In case of erased storage, add this mapping
if [ "${ERASEALL}" -ne 0 ] ; then
echo "swap : /dev/mapper/${VGNAME}-${LVSWAPNAME}"
fi
return 0
}
# *******************************************************************************
# Common post-install stage
# *******************************************************************************
# In side this script, the chrooted job is parameterrized as by evn variable TARGETCHROOTEDJOB
function post_install() {
## Mount the target file system
# ${TARGETMOUNTPOINT} is created by the GUI/TUI installer
# ${BTRFSOPTION} is defined by the caller of this function for BTRFS formated volume.
# ${BTRFSOPTION} have to be NOT quoted. Otherwise, mount will receive an empty
# string as first option, when the veraible is empty.
echo "[Kaiten-Yaki] Mounting /dev/mapper/${VGNAME}-${LVROOTNAME} on ${TARGETMOUNTPOINT}."
mount ${BTRFSOPTION} /dev/mapper/"${VGNAME}"-"${LVROOTNAME}" "${TARGETMOUNTPOINT}"
# And mount other directories
echo "[Kaiten-Yaki] Mounting all other dirs."
for n in proc sys dev tmp etc/resolv.conf; do mount --rbind "/$n" "${TARGETMOUNTPOINT}/$n"; done
# Copy all scripts to the target /tmp for using in chroot session.
echo "[Kaiten-Yaki] Copying files in current dir to ${TARGETMOUNTPOINT}/tmp."
mkdir "${TARGETMOUNTPOINT}/tmp/kaiten-yaki"
cp -r ./* -t "${TARGETMOUNTPOINT}/tmp/kaiten-yaki"
# Change root and create the keyfile and ramfs image for Linux kernel.
# The here-document is script executed under chroot. At here we call
# the distribution dependent script "lib/chrooted_job_${DISTRIBUTIONSIGNATURE}.sh",
# which was copied to /temp at previous code.
echo "[Kaiten-Yaki] Chroot to ${TARGETMOUNTPOINT}. and execute chrooted_job_${DISTRIBUTIONSIGNATURE}.sh"
# shellcheck disable=SC2086
cat <<- HEREDOC | chroot "${TARGETMOUNTPOINT}" /bin/bash
cd /tmp/kaiten-yaki
# Execute copied script
source "lib/chrooted_job_${DISTRIBUTIONSIGNATURE}.sh"
HEREDOC
# Unmount all. -l ( lazy ) option is added to supress the busy error.
echo "[Kaiten-Yaki] Unmounting all."
umount -R -l "${TARGETMOUNTPOINT}"
echo "[Kaiten-Yaki] Post install process finished."
# Free LUKS volume as swap volume.
echo "[Kaiten-Yaki] Disabling swap to release the LUKS volume."
swapoff -a
# Close LUKS
echo "[Kaiten-Yaki] Deactivating all logical volumes in volume group \"${VGNAME}\"."
vgchange -a n "${VGNAME}"
echo "[Kaiten-Yaki] Closing LUKS volume \"${CRYPTPARTNAME}\"."
cryptsetup close "${CRYPTPARTNAME}"
# Deleting the passphrase information.
echo "[Kaiten-Yaki] Deleting passphrase information."
PASSPHRASE=""
export PASSPHRASE
# Finishing message
cat <<- HEREDOC
****************** Install process finished ******************
[Kaiten-Yaki] Ready to reboot.
HEREDOC
return 0
} # End of post_install_local()
# *******************************************************************************
# Deactivate all LV in the VG and close LUKS volume
# *******************************************************************************
function deactivate_and_close(){
if [ "${IS_ROOT_CREATED}" -ne 0 ] ; then # if extra volume 1 created
# Remove newly created root volume
echo "[Kaiten-Yaki] Deleting the new logical volume \"${VGNAME}-${LVROOTNAME}\"."
lvremove -f /dev/mapper/"${VGNAME}"-"${LVROOTNAME}"
fi
if [ "${IS_LVEXT1_CREATED}" -ne 0 ] ; then # if extra volume 1 created
# Remove newly created extra volume 1
echo "[Kaiten-Yaki] Deleting the new logical volume \"${VGNAME}-${LVROOTNAME}${LVEXT1SUFFIX}\"."
lvremove -f /dev/mapper/"${VGNAME}"-"${LVROOTNAME}${LVEXT1SUFFIX}"
fi
if [ "${IS_LVEXT2_CREATED}" -ne 0 ] ; then # if extra volume 2 created
# Remove newly created extra volume 2
echo "[Kaiten-Yaki] Deleting the new logical volume \"${VGNAME}-${LVROOTNAME}${LVEXT2SUFFIX}\"."
lvremove -f /dev/mapper/"${VGNAME}"-"${LVROOTNAME}${LVEXT2SUFFIX}"
fi
echo "[Kaiten-Yaki] Deactivating all logical volumes in volume group \"${VGNAME}\"."
vgchange -a n "${VGNAME}"
echo "[Kaiten-Yaki] Closing LUKS volume \"${CRYPTPARTNAME}\"."
cryptsetup close "${CRYPTPARTNAME}"
cat <<- HEREDOC
[Kaiten-Yaki] Installation process terminated..
HEREDOC
}
# *******************************************************************************
# Delete the nwe volume if overwrite install, and close all
# *******************************************************************************
function on_unexpected_installer_quit(){
echo "***** ERROR : The GUI/TUI installer terminated unexpectedly. *****"
if [ "${OVERWRITEINSTALL}" -ne 0 ] ; then # If overwrite install, keep the volume
echo "[Kaiten-Yaki] Keep logical volume \"${VGNAME}-${LVROOTNAME}\" untouched."
fi
# Deactivate all lg and close the LUKS volume
deactivate_and_close
echo "[Kaiten-Yaki] You can retry Kaiten-yaki again."
}
# *******************************************************************************
# Check whether given signaure is in the system information
# *******************************************************************************
function distribution_check(){
if ! uname -a | grep "${DISTRIBUTIONSIGNATURE}" -i > /dev/null ; then # Signature is not found in the OS name.
echo "*******************************************************************************"
uname -a
cat <<- HEREDOC
*******************************************************************************
This system seems to be not $DISTRIBUTIONNAME, while this script is dediated to the $DISTRIBUTIONNAME.
Are you sure you want to run this script? [Y/N]
HEREDOC
read -r YESNO
if [ "${YESNO}" != "Y" ] && [ "${YESNO}" != "y" ] ; then
cat <<- HEREDOC
[Kaiten-Yaki] Installation process terminated..
HEREDOC
return 1 # with error status
fi # if YES
fi # Distribution check
# no error
return 0
}
# *******************************************************************************
# Create extended volume, if needed.
# *******************************************************************************
function create_ext_lv() {
if [ "${USELVEXT1}" -ne 0 ] ; then # if using extra volume 1
if [ -e /dev/mapper/"${VGNAME}-${LVROOTNAME}${LVEXT1SUFFIX}" ] ; then # if extra volume 1 exist
echo "[Kaiten-Yaki] Logical volume \"${VGNAME}-${LVROOTNAME}${LVEXT1SUFFIX}\" already exists. OK."
else
echo "[Kaiten-Yaki] Creating logical volume \"${LVROOTNAME}${LVEXT1SUFFIX}\" on \"${VGNAME}\"."
# Too use the bash IFS, first parameter is not quoted.
lvcreate ${LVEXT1SIZE} -n "${LVROOTNAME}${LVEXT1SUFFIX}" "${VGNAME}"
if [ $? -ne 0 ] ; then # if fail
echo "***** ERROR : failed to create "${VGNAME}-${LVROOTNAME}${LVEXT1SUFFIX}" . *****"
return 1 ;
else # if success
IS_LVEXT1_CREATED=1 # Mark this volume is created
fi;
fi
fi
if [ "${USELVEXT2}" -ne 0 ] ; then # if using extra volume 2
if [ -e /dev/mapper/"${VGNAME}-${LVROOTNAME}${LVEXT2SUFFIX}" ] ; then # if extra volume 2 exist
echo "[Kaiten-Yaki] Logical volume \"${VGNAME}-${LVROOTNAME}${LVEXT2SUFFIX}\" already exists. OK."
else
echo "[Kaiten-Yaki] Creating logical volume \"${LVROOTNAME}${LVEXT2SUFFIX}\" on \"${VGNAME}\"."
# Too use the bash IFS, first parameter is not quoted.
lvcreate ${LVEXT2SIZE} -n "${LVROOTNAME}${LVEXT2SUFFIX}" "${VGNAME}"
if [ $? -ne 0 ] ; then # if fail
echo "***** ERROR : failed to create "${VGNAME}-${LVROOTNAME}${LVEXT1SUFFIX}" . *****"
return 1 ;
else # if success
IS_LVEXT2_CREATED=1 # Mark this volume is created
fi;
fi
fi
# no error
return 0
}
# *******************************************************************************
# Error report and return revsers status.
# *******************************************************************************
function is_error() {
if [ $? -eq 0 ] ; then # Is previous job OK?
return 1 # If OK, return error ( because it was not error )
else
cat <<- HEREDOC
**** ERROR ! ****
Installation process terminated.
HEREDOC
return 0 # If error, return OK ( because it was error )
fi;
}

99
script/ubuntu-kaiten-yaki.sh
View file

@ -5,14 +5,13 @@
source ./config.sh
# Load common functions
source ./lib.sh
source ./lib/common.sh
function main() {
# This is the mount point of the install target.
export TARGETMOUNTPOINT="/target"
# *******************************************************************************
# Confirmation before installation
# *******************************************************************************
@ -54,8 +53,18 @@ function main() {
# Post-install stage
# *******************************************************************************
# If the target volume is formated by btrfs, Ubiquity install the root into the
# @ sub-volume. Thus, mount command inside post_install have to use special option
# to specify @ as mount target.
if lsblk -o NAME,FSTYPE | grep -i "${VGNAME}-${LVROOTNAME}" | grep -i "btrfs" > /dev/null ; then
export BTRFSOPTION="-o subvol=@"
else
export BTRFSOPTION=""
fi
# Distribution dependent finalizing. Embedd encryption key into the ramfs image.
post_install_local
# The script is parameterized by env-variable to fit to the distribution
post_install
# Normal end
return 0
@ -72,13 +81,13 @@ function para_install_local() {
# Distrobution dependent message
cat <<- HEREDOC
************************ CAUTION! CAUTION! CAUTION! ****************************
Make sure to click "Continue Testing", at the end of the Ubiquity installer.
Just exit the installer without rebooting. Other wise, your system
is unable to boot.
Type return key to start Ubiquity.
**************** CAUTION! CAUTION! CAUTION! ********************
[Kaiten-Yaki]
[Kaiten-Yaki] Make sure to click "Continue Testing", at the end of
[Kaiten-Yaki] the Ubiquity installer. Just exit the installer without
[Kaiten-Yaki] rebooting. Otherwise, your system becomes unable to boot.
[Kaiten-Yaki]
[Kaiten-Yaki] Type return key to start Ubiquity.
HEREDOC
# waiting for a console input
@ -100,70 +109,6 @@ function para_install_local() {
return 0
}
# *******************************************************************************
# Ubuntu dependent post-installation process
function post_install_local() {
## Mount the target file system
# ${TARGETMOUNTPOINT} is created by the GUI/TUI installer
echo "...Mounting /dev/mapper/${VGNAME}-${LVROOTNAME} on ${TARGETMOUNTPOINT}."
mount /dev/mapper/"${VGNAME}"-"${LVROOTNAME}" ${TARGETMOUNTPOINT}
# And mount other directories
echo "...Mounting all other dirs."
for n in proc sys dev etc/resolv.conf; do mount --rbind "/$n" "${TARGETMOUNTPOINT}/$n"; done
# Change root and create the keyfile and ramfs image for Linux kernel.
echo "...Chroot to ${TARGETMOUNTPOINT}."
# shellcheck disable=SC2086
cat <<- HEREDOC | chroot ${TARGETMOUNTPOINT} /bin/bash
# Mount the rest of partitions by target /etc/fstab
mount -a
# Set up the kernel hook of encryption
echo "...Installing cryptsetup-initramfs package."
apt -qq install -y cryptsetup-initramfs
# Prepare a key file to embed in to the ramfs.
echo "...Prepairing key file."
mkdir /etc/luks
dd if=/dev/urandom of=/etc/luks/boot_os.keyfile bs=4096 count=1 status=none
chmod u=rx,go-rwx /etc/luks
chmod u=r,go-rwx /etc/luks/boot_os.keyfile
# Add a key to the key file. Use the passphrase in the environment variable.
echo "...Adding a key to the key file."
printf %s "${PASSPHRASE}" | cryptsetup luksAddKey -d - "${DEV}${CRYPTPARTITION}" /etc/luks/boot_os.keyfile
# Add the LUKS volume information to /etc/crypttab to decrypt by kernel.
echo "...Adding LUKS volume info to /etc/crypttab."
echo "${CRYPTPARTNAME} UUID=$(blkid -s UUID -o value ${DEV}${CRYPTPARTITION}) /etc/luks/boot_os.keyfile luks,discard" >> /etc/crypttab
# Putting key file into the ramfs initial image
echo "...Registering key file to the ramfs"
echo "KEYFILE_PATTERN=/etc/luks/*.keyfile" >> /etc/cryptsetup-initramfs/conf-hook
echo "UMASK=0077" >> /etc/initramfs-tools/initramfs.conf
# Finally, update the ramfs initial image with the key file.
echo "...Upadting initramfs."
update-initramfs -uk all
# Leave chroot
HEREDOC
# Unmount all
echo "...Unmounting all."
umount -R ${TARGETMOUNTPOINT}
# Finishing message
cat <<- HEREDOC
****************** Post-install process finished ******************
...Ready to reboot.
HEREDOC
return 0
} # End of post_install_local()
# *******************************************************************************
@ -189,12 +134,12 @@ function grub_check_and_modify_local() {
# Make target GRUB aware to the crypt partition
# This must do it after start of the file copy by installer, but before the end of the file copy.
echo "...Adding GRUB_ENABLE_CRYPTODISK entry to ${TARGETMOUNTPOINT}/etc/default/grub "
echo "[Kaiten-Yaki] Adding GRUB_ENABLE_CRYPTODISK entry to ${TARGETMOUNTPOINT}/etc/default/grub "
echo "GRUB_ENABLE_CRYPTODISK=y" >> ${TARGETMOUNTPOINT}/etc/default/grub
# And then, wait for the end of installer process
echo "...Waiting for the end of GUI/TUI installer."
echo "...Again, DO NOT reboot/restart here. Just exit the GUI/TUI installer."
echo "[Kaiten-Yaki] Waiting for the end of GUI/TUI installer."
echo "[Kaiten-Yaki] Again, DO NOT reboot/restart here. Just exit the GUI/TUI installer."
wait $INSTALLER_PID
# succesfull return

104
script/void-kaiten-yaki.sh
View file

@ -5,14 +5,13 @@
source ./config.sh
# Load common functions
source ./lib.sh
source ./lib/common.sh
function main() {
# This is the mount point of the install target.
export TARGETMOUNTPOINT="/mnt/target"
# *******************************************************************************
# Confirmation before installation
# *******************************************************************************
@ -46,18 +45,18 @@ function main() {
export GRUB_ADDITIONAL_PARAMETERS="rd.auto=1 cryptdevice=${DEV}${CRYPTPARTITION}:${CRYPTPARTNAME} root=/dev/mapper/${VGNAME}-${LVROOTNAME}"
if grep "$GRUB_ADDITIONAL_PARAMETERS" /etc/default/grub ; then # Is additonal parameter already added?
# Yes
echo ".../etc/default/grub already modified. OK, skipping to modiy."
echo "[Kaiten-Yaki] /etc/default/grub already modified. OK, skipping to modiy."
else
# Not yet. Let's add.
echo "...Modify /etc/default/grub."
sed -i "s#loglevel=4#loglevel=4 ${GRUB_ADDITIONAL_PARAMETERS}#" /etc/default/grub
echo "[Kaiten-Yaki] Modify /etc/default/grub."
sed -i -e "/GRUB_CMDLINE_LINUX_DEFAULT/{s#\"# ${GRUB_ADDITIONAL_PARAMETERS}\"#2}" /etc/default/grub
fi
# Common part of the pre-install stage
if ! pre_install ; then
echo "...restoring modified /etc/default/grub."
sed -i "s#loglevel=4 ${GRUB_ADDITIONAL_PARAMETERS}#loglevel=4#" /etc/default/grub
# If error, restore the modification.
echo "[Kaiten-Yaki] restoring /etc/default/grub, if needed"
sed -i -e "s#${GRUB_ADDITIONAL_PARAMETERS}##" /etc/default/grub
return 1 # with error status
fi
@ -75,8 +74,12 @@ function main() {
# Post-install stage
# *******************************************************************************
# We don't need special option for BTRFSOPTION.
export BTRFSOPTION=""
# Distribution dependent finalizing. Embedd encryption key into the ramfs image.
post_install_local
# The script is parameterized by env-variable to fit to the distribution
post_install
# Normal end
return 0
@ -93,13 +96,13 @@ function para_install_local() {
# Distrobution dependent message
cat <<- HEREDOC
************************ CAUTION! CAUTION! CAUTION! ****************************
Make sure to click "NO", if the void-installer ask you to reboot.
Just exit the installer without rebooting. Other wise, your system
is unable to boot.
Type return key to start void-installer.
******************** CAUTION! CAUTION! CAUTION! ************************
[Kaiten-Yaki]
[Kaiten-Yaki] Make sure to click "NO", if the void-installer ask you to
[Kaiten-Yaki] reboot.Just exit the installer without rebooting. Otherwise,
[Kaiten-Yaki] your system becomes unable to boot.
[Kaiten-Yaki]
[Kaiten-Yaki] Type return key to start void-installer.
HEREDOC
# waiting for a console input
@ -120,7 +123,7 @@ function para_install_local() {
# If exist, the grub was not modifyed -> void-installer termianted unexpectedly
# Delete the nwe volume if overwrite install, and close all
on_unexpected_installer_quit
echo "...restoring modified /etc/default/grub."
echo "[Kaiten-Yaki] restoring modified /etc/default/grub."
sed -i "s#loglevel=4 ${GRUB_ADDITIONAL_PARAMETERS}#loglevel=4#" /etc/default/grub
return 1 # with error status
fi
@ -128,71 +131,6 @@ function para_install_local() {
return 0
}
# *******************************************************************************
# Void Linux dependent post-installation process
function post_install_local() {
## Mount the target file system
# ${TARGETMOUNTPOINT} is created by the GUI/TUI installer
echo "...Mounting /dev/mapper/${VGNAME}-${LVROOTNAME} on ${TARGETMOUNTPOINT}."
mount /dev/mapper/"${VGNAME}"-"${LVROOTNAME}" ${TARGETMOUNTPOINT}
# And mount other directories
echo "...Mounting all other dirs."
for n in proc sys dev etc/resolv.conf; do mount --rbind "/$n" "${TARGETMOUNTPOINT}/$n"; done
# Change root and create the keyfile and ramfs image for Linux kernel.
echo "...Chroot to ${TARGETMOUNTPOINT}."
# shellcheck disable=SC2086
cat <<- HEREDOC | chroot ${TARGETMOUNTPOINT} /bin/bash
# Mount the rest of partitions by target /etc/fstab
mount -a
# Set up the kernel hook of encryption
echo "...Installing cryptsetup-initramfs package."
xbps-install -y lvm2 cryptsetup
# Prepare a key file to embed in to the ramfs.
echo "...Prepairing key file."
mkdir /etc/luks
dd if=/dev/urandom of=/etc/luks/boot_os.keyfile bs=4096 count=1 status=none
chmod u=rx,go-rwx /etc/luks
chmod u=r,go-rwx /etc/luks/boot_os.keyfile
# Add a key to the key file. Use the passphrase in the environment variable.
echo "...Adding a key to the key file."
printf %s "${PASSPHRASE}" | cryptsetup luksAddKey -d - "${DEV}${CRYPTPARTITION}" /etc/luks/boot_os.keyfile
# Add the LUKS volume information to /etc/crypttab to decrypt by kernel.
echo "...Adding LUKS volume info to /etc/crypttab."
echo "${CRYPTPARTNAME} UUID=$(blkid -s UUID -o value ${DEV}${CRYPTPARTITION}) /etc/luks/boot_os.keyfile luks,discard" >> /etc/crypttab
# Putting key file into the ramfs initial image
echo "...Registering key file to the ramfs"
echo 'install_items+=" /etc/luks/boot_os.keyfile /etc/crypttab " ' > /etc/dracut.conf.d/10-crypt.conf
# Finally, update the ramfs initial image with the key file.
echo "...Upadting initramfs."
xbps-reconfigure -fa
echo "...grub-mkconfig."
grub-mkconfig -o /boot/grub/grub.cfg
# Leave chroot
HEREDOC
# Unmount all
echo "...Unmounting all."
umount -R ${TARGETMOUNTPOINT}
# Finishing message
cat <<- HEREDOC
****************** Post-install process finished ******************
...Ready to reboot.
HEREDOC
return 0
} # End of post_install_local()
# *******************************************************************************
@ -211,7 +149,7 @@ function grub_check_and_modify_local() {
# Make target GRUB aware to the crypt partition
# This must do it after start of the file copy by installer, but before the end of the file copy.
echo "...Adding GRUB_ENABLE_CRYPTODISK entry to ${TARGETMOUNTPOINT}/etc/default/grub "
echo "[Kaiten-Yaki] Adding GRUB_ENABLE_CRYPTODISK entry to ${TARGETMOUNTPOINT}/etc/default/grub "
echo "GRUB_ENABLE_CRYPTODISK=y" >> ${TARGETMOUNTPOINT}/etc/default/grub
# succesfull return