This repository has been archived by the owner on Feb 1, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
zfse
executable file
·71 lines (60 loc) · 2.72 KB
/
zfse
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#!/usr/bin/env bash
# Set preferred size for the EFI System Partition
efisize=1536
file=/usr/share/ubiquity/zsys-setup pw=
[[ ! -f $file ]] && echo "Ubiquity installer not present" && exit 1
# Get passphrase
echo -e '\n=== Modifying Ubiquity installer to use natively encrypted ZFS ==='
echo -e '\n To abort, enter an empty password or do Ctrl_C.\n'
while [[ -z $pw ]]
do
pw=$(systemd-ask-password ' Choose ZFS Encryption password:')
[[ -z $pw ]] && echo ' Aborted' && exit 2
((${#pw}<8)) && echo -e " Password must be at least 8 characters\n" &&
pw= && continue
pw2=$(systemd-ask-password ' Confirm the entered password:')
[[ -z $pw2 ]] && echo ' Aborted' && exit 2
[[ ! $pw = $pw2 ]] && pw= && echo -e ' Passwords not the same. Again:\n'
done
# For Linux Mint, pulls all required packages to enable ZFS
sudo apt-get install --yes zfs-initramfs
# If already modified, start afresh with the backup, backup otherwise
grep -q ' # rpool' "$file" &&
sudo cp /root/zsys-setup "$file" ||
sudo cp "$file" /root
# Modify ZFS compoment of Ubiquity (only modifies unmodified lines)
# Pipe the password into the rpool creation command
sudo sed -i "/[^ ]# rpool$/ s@# rpool@echo '$pw' | \0@" "$file"
# Add encryption options for rpool
sudo sed -i '/[^ ]-O/ s@-O sync=disabled @-O encryption=aes-256-gcm -O keylocation=prompt -O keyformat=passphrase \0@' "$file"
# Change EFI System Partition size
sudo sed -i "/[^1-9]512M,/ s@512M,@${efisize}M,@" "$file"
# Encrypt swap partition
#sudo sed -i "s#grep -Ev [^>]*@echo '/dev/mapper/cryptswap none swap sw 0 0' @" "$file"
sudo sed -i '/tdiscard/ s@UUID=[^>]*@/dev/mapper/cryptswap cryptswap swap sw 0 0\\n" @' "$file"
sudo sed -i '/swapon/ s@swapon.*$@echo "cryptswap /dev/sda2 /dev/urandom swap,cipher=aes-xts-plain64,size=256" >>$TARGET/etc/crypttab@' "$file"
# Remove EFI System Partition(s)
parts=$(ls -Al /dev/disk/by-partuuid 2>/dev/null |grep -o '[a-z][a-z0-9]*$')
for part in $parts
do num=${part##*[a-z]} disk=${part%$num} dev=/dev/$disk$num
esp=$(sudo sgdisk -i$num /dev/$disk |
grep C12A7328-F81F-11D2-BA4B-00A0C93EC93B)
if [[ $esp ]]
then
echo -e "\n OK to wipe EFI System Partition $dev?\n"
echo " (Ctrl_C to abort, K to keep, Enter to wipe)"
read -n1
[[ -z $REPLY ]] && echo " Wiping $dev..." &&
sudo wipefs -a "$dev" && sudo partprobe "/dev/$disk"
fi
done
cat <<EOM
The Ubiquity graphical installer will start next, go through its screens.
In its "Installation type" screen choose: "Erase disk and install ..."
and then click on "Advanced features" and select:
"EXPERIMENTAL: Erase disk and use ZFS" and click "OK" and then click
"Install Now". Follow the screens and the install will proceed.
(Ctrl_C to abort, Enter to start the Ubiquity installer)
EOM
read
ubiquity gtk_ui