msw/CISS.debian.installer
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m45s
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-10-07 18:52:51 +01:00
parent 1be35bef2d
commit ca8c0d0592
2 changed files with 10 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
func/cdi_3200_partitioning/3280_mount_partition.sh
View File

@@ -230,7 +230,7 @@ mount_partition() {
var_partuuid="${HMP_PATH_PARTUUID["${var_mount_path}"]}"
cryptsetup open --type plain --hash=plain \
--key-file /dev/random --keyfile-size 64 \
--key-file /dev/urandom --keyfile-size 64 \
--cipher aes-xts-plain64 --key-size 512 \
"/dev/disk/by-partuuid/${var_partuuid}" "${var_encryption_label}"
@@ -250,7 +250,7 @@ mount_partition() {
var_partuuid="${HMP_PATH_PARTUUID["${var_mount_path}"]}"
cryptsetup open --type plain --hash=plain \
--key-file /dev/random --keyfile-size 64 \
--key-file /dev/urandom --keyfile-size 64 \
--cipher aes-xts-plain64 --key-size 512 \
"/dev/disk/by-partuuid/${var_partuuid}" "${var_encryption_label}"

14
func/cdi_4200_boot/4210_generate_crypttab.sh
View File

@@ -125,15 +125,17 @@ EOF
case "${var_key,,}" in
swap)
write_crypttab "${var_ephemeral_enclabel}" "PARTUUID=${var_host_partuuid}" "/dev/random" "plain,cipher=aes-xts-plain64,size=512,hash=plain,keyfile-size=64,discard,swap"
write_crypttab "${var_ephemeral_enclabel}" "PARTUUID=${var_host_partuuid}" "/dev/urandom" "plain,cipher=aes-xts-plain64,size=512,hash=plain,keyfile-size=64,discard,swap"
;;
/tmp)
write_crypttab "${var_ephemeral_enclabel}" "PARTUUID=${var_host_partuuid}" "/dev/random" "plain,cipher=aes-xts-plain64,size=512,hash=plain,keyfile-size=64,discard"
chroot_script "${TARGET}" "systemctl unmask tmp.mount"
do_log "info" "file_only" "4210() Executed: [systemctl unmask tmp.mount]"
chroot_script "${TARGET}" "systemctl disable tmp.mount"
do_log "info" "file_only" "4210() Executed: [systemctl disable tmp.mount]"
write_crypttab "${var_ephemeral_enclabel}" "PARTUUID=${var_host_partuuid}" "/dev/urandom" "plain,cipher=aes-xts-plain64,size=512,hash=plain,keyfile-size=64,discard"
chroot_script "${TARGET}" "systemctl mask tmp.mount"
do_log "info" "file_only" "4210() Executed: [systemctl mask tmp.mount]"
#chroot_script "${TARGET}" "systemctl unmask tmp.mount"
#do_log "info" "file_only" "4210() Executed: [systemctl unmask tmp.mount]"
#chroot_script "${TARGET}" "systemctl disable tmp.mount"
#do_log "info" "file_only" "4210() Executed: [systemctl disable tmp.mount]"
;;
*)