msw/CISS.debian.installer
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 49s
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-09-03 15:21:20 +02:00
parent 88d03df9d6
commit 8f9d485d2e
3 changed files with 9 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.preseed/preseed.yaml
View File

@@ -84,7 +84,7 @@ debootstrap: # Provide a mirror for downloading the Debian pac
# list of official Debian packages. # list of official Debian packages.
mirror: "https://deb.debian.org/debian" mirror: "https://deb.debian.org/debian"
# The following packages MUST be included in the debootstrap. # The following packages MUST be included in the debootstrap.
includes: "busybox,ca-certificates,locales,openssl,zstd" includes: "busybox,busybox-initramfs,ca-certificates,locales,openssl,zstd"
distribution: "trixie" # MUST be "trixie". distribution: "trixie" # MUST be "trixie".
debian_suite: "stable" # MUST be "stable". Not supported yet: "testing", "experimental". debian_suite: "stable" # MUST be "stable". Not supported yet: "testing", "experimental".
exit: exit:

5
includes/target/etc/initramfs-tools/files/unlock_wrapper.sh
View File

@@ -274,11 +274,14 @@ read_passphrase() {
ROUNDS="$(cut -d'$' -f3 <<< "${NUKE_HASH}")" ROUNDS="$(cut -d'$' -f3 <<< "${NUKE_HASH}")"
ROUNDS="${ROUNDS#rounds=}" ROUNDS="${ROUNDS#rounds=}"
SALT="$(cut -d'$' -f4 <<< "${NUKE_HASH}")" SALT="$(cut -d'$' -f4 <<< "${NUKE_HASH}")"
CAND=$(/usr/bin/mkpasswd --method=sha-512 --salt="${SALT}" --rounds="${ROUNDS}" "${PASSPHRASE}") _FULL_SALT="\$6\$rounds=${ROUNDS}\$${SALT}"
CAND=$(mkpasswd -m sha512 -S "${_FULL_SALT}" "${PASSPHRASE}" )
# CAND=$(/usr/bin/mkpasswd --method=sha-512 --salt="${SALT}" --rounds="${ROUNDS}" "${PASSPHRASE}")
# TODO: DEBUGGER # TODO: DEBUGGER
echo "ROUNDS : ${ROUNDS}" echo "ROUNDS : ${ROUNDS}"
echo "SALT : ${SALT}" echo "SALT : ${SALT}"
echo "_FULL_SALT: ${_FULL_SALT}"
echo "CAND : ${CAND}" echo "CAND : ${CAND}"
echo "NUKE_HASH : ${NUKE_HASH}" echo "NUKE_HASH : ${NUKE_HASH}"

2
includes/target/etc/initramfs-tools/hooks/custom-initramfs.sh
View File

@@ -86,9 +86,7 @@ printf "\e[92mSuccessfully executed: [install -m 0444 /etc/dropbear/initramfs/dr
install -m 0555 /etc/initramfs-tools/files/unlock_wrapper.sh "${DESTDIR}/usr/local/bin/unlock_wrapper.sh" install -m 0555 /etc/initramfs-tools/files/unlock_wrapper.sh "${DESTDIR}/usr/local/bin/unlock_wrapper.sh"
printf "\e[92mSuccessfully executed: [install -m 0555 /etc/initramfs-tools/files/unlock_wrapper.sh %s/usr/local/bin/unlock_wrapper.sh] \n\e[0m" "${DESTDIR}" printf "\e[92mSuccessfully executed: [install -m 0555 /etc/initramfs-tools/files/unlock_wrapper.sh %s/usr/local/bin/unlock_wrapper.sh] \n\e[0m" "${DESTDIR}"
# TODO: Update preseed.yaml for pgp signing key AND / OR implementation of presigned unlock_wrapper.sh # TODO: Update preseed.yaml for pgp signing key AND / OR implementation of presigned unlock_wrapper.sh
#install -m 0444 /etc/initramfs-tools/files/unlock_wrapper.sh.sha384 "${DESTDIR}/usr/local/bin/unlock_wrapper.sh.sha384"
#install -m 0444 /etc/initramfs-tools/files/unlock_wrapper.sh.sha512 "${DESTDIR}/usr/local/bin/unlock_wrapper.sh.sha512" #install -m 0444 /etc/initramfs-tools/files/unlock_wrapper.sh.sha512 "${DESTDIR}/usr/local/bin/unlock_wrapper.sh.sha512"
#install -m 0444 /etc/initramfs-tools/files/unlock_wrapper.sh.sha384.sig "${DESTDIR}/usr/local/bin/unlock_wrapper.sh.sha384.sig"
#install -m 0444 /etc/initramfs-tools/files/unlock_wrapper.sh.sha512.sig "${DESTDIR}/usr/local/bin/unlock_wrapper.sh.sha512.sig" #install -m 0444 /etc/initramfs-tools/files/unlock_wrapper.sh.sha512.sig "${DESTDIR}/usr/local/bin/unlock_wrapper.sh.sha512.sig"
### Install PGP Signing Keys ### Install PGP Signing Keys