V8.13.440.2025.11.19

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-11-23 19:25:48 +00:00
parent a7472420b4
commit 009335577f
4 changed files with 399 additions and 70 deletions
--- a/config/includes.chroot/usr/lib/live/boot/0024-ciss-crypt-squash
+++ b/config/includes.chroot/usr/lib/live/boot/0024-ciss-crypt-squash
@@ -43,8 +43,6 @@ ask_pass_console() {
  ### Non-canonical mode, no echo, 1 byte at a time.
  stty -echo -icanon time 0 min 1 </dev/console 2>/dev/null || return 1

-  printf '\e[93m[INFO] Enter LUKS passphrase: \n\e[0m' > /dev/console
-
  cr=$(printf '\r')
  bs=$(printf '\b')
  del=$(printf '\177')
@@ -67,13 +65,13 @@ ask_pass_console() {
    case "${c}" in

      "${cr}")
-        ### Enter: finish input.
+      ### Enter: finish input.
        printf '\n' > /dev/console
        break
        ;;

      "${bs}"|"${del}")
-        ### Backspace, delete: delete one character, if available.
+      ### Backspace, delete: delete one character, if available.
        if [ -n "${PASSPHRASE}" ]; then

          PASSPHRASE=${PASSPHRASE%?}
@@ -83,7 +81,7 @@ ask_pass_console() {
        ;;

      *)
-        ### Normal character: append and mask output.
+      ### Normal character: append and mask output.
        PASSPHRASE="${PASSPHRASE}${c}"
        printf '*' > /dev/console
        ;;
@@ -99,60 +97,6 @@ ask_pass_console() {
  return 0
 }

-#######################################
-# Ask for a passphrase on /dev/console, mask input with '*'.
-# Globals:
-#   None
-# Arguments:
-#   None
-# Returns:
-#   0: on success
-#   1: on failure / empty
-#######################################
-ask_pass_console_old() {
-  PASSPHRASE=""
-  SAVED_STTY=""
-
-  if command -v stty >/dev/null 2>&1; then
-
-    SAVED_STTY="$(stty -g </dev/console 2>/dev/null || printf '')"
-    stty -echo </dev/console >/dev/console 2>/dev/null || SAVED_STTY=""
-
-  fi
-
-  printf "\e[93m[INFO] Enter LUKS passphrase: \n\e[0m" >/dev/console 2>/dev/null || return 1
-
-  while :; do
-
-    C="$(dd if=/dev/console bs=1 count=1 2>/dev/null | tr -d '\r\n')"
-
-    [ -z "${C}" ] && break
-
-    PASSPHRASE="${PASSPHRASE}${C}"
-
-    printf "*" >/dev/console 2>/dev/null || :
-
-  done
-
-  if [ -n "${SAVED_STTY}" ]; then
-
-    stty "${SAVED_STTY}" </dev/console >/dev/console 2>/dev/null || :
-
-  else
-
-    stty echo </dev/console >/dev/console 2>/dev/null || :
-
-  fi
-
-  printf "\n" >/dev/console 2>/dev/null || :
-
-  [ -n "${PASSPHRASE}" ] || return 1
-
-  printf '%s\n' "${PASSPHRASE}"
-
-  return 0
-}
-
 #######################################
 # Premount logging helper.
 # Globals:
@@ -336,6 +280,8 @@ PID_BROKER="$!"
  set +e

  PASS=""
+  PASS_SENT=0
+  WAIT_LOOP=0

  while :; do

@@ -345,22 +291,38 @@ PID_BROKER="$!"

    fi

-    #printf "\e[93m[INFO] Enter LUKS passphrase on console: \n\e[0m" >/dev/console 2>/dev/null || break
+    if [ "${PASS_SENT}" -eq 0 ]; then

-    #if ! IFS= read -r PASS </dev/console 2>/dev/null; then
+      printf '\e[93m[INFO] Enter LUKS passphrase: \n\e[0m' > /dev/console

-    #  break
+      # shellcheck disable=SC2310
+      PASS="$(ask_pass_console)" || continue

-    #fi
+      printf '%s\n' "${PASS}" >| /lib/cryptsetup/passfifo 2>/dev/null || :

-    #[ -n "${PASS}" ] || continue
+      PASS_SENT=1
+      WAIT_LOOP=0

-    # shellcheck disable=SC2310
-    PASS="$(ask_pass_console)" || continue
+    else

-    printf '%s\n' "${PASS}" >| /lib/cryptsetup/passfifo 2>/dev/null || :
+      WAIT_LOOP=$((WAIT_LOOP + 1))
+
+      if [ "${WAIT_LOOP}" -ge 160 ]; then
+
+        printf '\e[91m[WARN] Please try again     : \n\e[0m' > /dev/console
+
+        PASS_SENT=0
+        WAIT_LOOP=0
+
+      fi
+
+    fi
+
+    sleep 0.1

  done
+
+  return 0
 ) &
 PID_PROMPT="$!"

@@ -401,7 +363,7 @@ kill "${PID_PROMPT}" 2>/dev/null || true
 wait "${PID_BROKER}" 2>/dev/null || true
 rm -f /lib/cryptsetup/passfifo 2>/dev/null || true

-printf "\e[92m[INFO] LUKS mapper          : [%s] is now present.\n\e[0m" "${CDLB_MAPPER_DEV}"
+printf "\e[92m[INFO] CISS LUKS decryption : [%s] is now present.\n\e[0m" "${CDLB_MAPPER_DEV}"

 ### Expose the decrypted root device for live-boot overlay. The live-boot components will pick this up in '9990-overlay.sh'. ---
 echo "${CDLB_MAPPER_DEV}" >| /run/ciss-rootdev
--- a/config/includes.chroot/usr/lib/live/boot/9990-main.sh
+++ b/config/includes.chroot/usr/lib/live/boot/9990-main.sh
@@ -77,8 +77,9 @@ Live ()
      printf "\e[93m[DEBUG] live(): Do a local boot from hd [livefs_root=%s] \e[0m\n" "${ROOT?}"
      livefs_root=${ROOT}
    else
-      printf "\e[93m[DEBUG] live(): [Setup_Memdisk] \e[0m\n"
+      printf "\e[93m[DEBUG] live(): [Setup_Memdisk] starting ... \e[0m\n"
      Setup_Memdisk
+      printf "\e[93m[DEBUG] live(): [Setup_Memdisk] finished. \e[0m\n"

      # If the live media location is given via command line and access to it
      # involves LVM volumes, the corresponding volumes need to be activated.
@@ -86,6 +87,7 @@ Live ()
      # shellcheck disable=SC2116
      for dev in $(echo "${LIVE_MEDIA}")
      do
+        printf "\e[93m[DEBUG] live(): [%s] -> dev \e[0m\n" "${dev}"
        case "${dev}" in
          /dev/mapper/*)
            # shellcheck disable=SC2046,SC2312
@@ -125,6 +127,7 @@ Live ()
    fi
  fi

+  printf "\e[93m[DEBUG] live(): [%s] -> livefs_root. \e[0m\n" "${livefs_root}"
  if [ -z "${livefs_root}" ]
  then
    panic "Unable to find a medium containing a live file system"
--- a/config/includes.chroot/usr/lib/live/boot/9990-overlay.sh
+++ b/config/includes.chroot/usr/lib/live/boot/9990-overlay.sh
@@ -20,7 +20,7 @@

 #set -e

-printf "\e[95m[INFO] Sourcing            : [/usr/lib/live/boot/9990-overlay.sh] \n\e[0m"
+printf "\e[95m[INFO] Sourcing             : [/usr/lib/live/boot/9990-overlay.sh] \n\e[0m"

 setup_unionfs ()
 {