V8.13.440.2025.11.19

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-11-24 15:17:35 +00:00
parent 482822fac2
commit cc7f4db3ab
2 changed files with 43 additions and 14 deletions
--- a/config/includes.chroot/usr/lib/live/boot/0024-ciss-crypt-squash
+++ b/config/includes.chroot/usr/lib/live/boot/0024-ciss-crypt-squash
@@ -365,16 +365,45 @@ rm -f /lib/cryptsetup/passfifo 2>/dev/null || true

 printf "\e[92m[INFO] CISS LUKS decryption : [%s] is now present.\n\e[0m" "${CDLB_MAPPER_DEV}"

+### Mount the decrypted root device ready to use als PLAIN_ROOT artifact in '9990-main.sh'. ------------------------------------
+if ! mount -r -t squashfs "${CDLB_MAPPER_DEV}" "${MNT_ROOTFS}"; then
+
+  log "Failed to mount SquashFS from [${CDLB_MAPPER_DEV}] on [${MNT_ROOTFS}]"
+  printf "\e[91m[WARN] CISS LUKS decryption  : SquashFS mount failed: [%s] -> [%s] \n\e[0m" "${CDLB_MAPPER_DEV}" "${MNT_ROOTFS}"
+  exit 42
+
+else
+
+  printf "\e[92m[INFO] CISS LUKS decryption  : Mounted SquashFS: [%s] -> [%s] \n\e[0m" "${CDLB_MAPPER_DEV}" "${MNT_ROOTFS}"
+
+fi
+
 ### Expose the decrypted root device for live-boot overlay. The live-boot components will pick this up in '9990-overlay.sh'. ---
 echo "${CDLB_MAPPER_DEV}" >| /run/ciss-rootdev
 chmod 0644 /run/ciss-rootdev 2>/dev/null || true
 export CISS_ROOT_DEV="${CDLB_MAPPER_DEV}"
 export CISS_ROOT_DIR=""

-{
+# TODO: Remove Debug
+if [ -e /conf/param.conf ]; then
+  printf "\e[92m[INFO] CISS LUKS decryption : Printing existing [/conf/param.conf] \n\e[0m"
+  cat /conf/param.conf >/dev/console 2>&1 || :
+  {
+    printf '\n'
    printf 'PLAIN_ROOT=1\n'
-  printf 'ROOT=%s\n' "%s" "${MNT_ROOTFS}"
-} >> /conf/param.conf 2>/dev/null || true
+    printf 'ROOT=%s\n' "${MNT_ROOTFS}"
+  } >> /conf/param.conf 2>/dev/null || true
+else
+  printf "\e[92m[INFO] CISS LUKS decryption : Not existing [/conf/param.conf] \n\e[0m"
+  {
+    printf '\n'
+    printf 'PLAIN_ROOT=1\n'
+    printf 'ROOT=%s\n' "${MNT_ROOTFS}"
+  } >| /conf/param.conf 2>/dev/null || true
+fi
+
+printf "\e[92m[INFO] CISS LUKS decryption : Final state [/conf/param.conf] \n\e[0m"
+cat /conf/param.conf >/dev/console 2>&1 || :

 log "Decrypted root device exposed at [/run/ciss-rootdev] -> [${CDLB_MAPPER_DEV}]"
 printf "\e[92m[INFO] CISS LUKS decryption : Decrypted root device exposed at: [/run/ciss-rootdev] -> [%s] \n\e[0m" "${CDLB_MAPPER_DEV}"
--- a/config/includes.chroot/usr/lib/live/boot/9990-overlay.sh
+++ b/config/includes.chroot/usr/lib/live/boot/9990-overlay.sh
@@ -31,25 +31,25 @@ setup_unionfs ()
  addimage_directory="${3}"

  ### CISS hook: allow explicit root override ----------------------------------------------------------------------------------
-  if [ -z "${CISS_ROOT_DEV:-}" ] && [ -r /run/ciss-rootdev ]; then
+  #if [ -z "${CISS_ROOT_DEV:-}" ] && [ -r /run/ciss-rootdev ]; then

-    CISS_ROOT_DEV=$(cat /run/ciss-rootdev 2>/dev/null || printf '')
+  #  CISS_ROOT_DEV=$(cat /run/ciss-rootdev 2>/dev/null || printf '')

-  fi
+  #fi

-  if [ -n "${CISS_ROOT_DEV:-}" ]; then
+  #if [ -n "${CISS_ROOT_DEV:-}" ]; then

    ### Treat the decrypted block device as plain root (e.g., squashfs on LUKS).
-    PLAIN_ROOT=1
-    image_directory="${CISS_ROOT_DEV}"
+  #  PLAIN_ROOT=1
+  #  image_directory="${CISS_ROOT_DEV}"

-  elif [ -n "${CISS_ROOT_DIR:-}" ]; then
+  #elif [ -n "${CISS_ROOT_DIR:-}" ]; then

    ### Alternative: explicitly provided root directory.
-    PLAIN_ROOT=1
-    image_directory="${CISS_ROOT_DIR}"
+  #  PLAIN_ROOT=1
+  #  image_directory="${CISS_ROOT_DIR}"

-  fi
+  #fi
  ### --------------------------------------------------------------------------------------------------------------------------

  # shellcheck disable=SC2086