| index : archinstall32 | |
| Archlinux32 installer | gitolite user |
| summaryrefslogtreecommitdiff |
| author | advaithm <advaith.madhukar@gmail.com> | 2021-04-02 09:48:41 +0530 |
|---|---|---|
| committer | advaithm <advaith.madhukar@gmail.com> | 2021-04-02 09:48:41 +0530 |
| commit | f4e616cd9e1328a83fdf6f1541fd495292474642 (patch) | |
| tree | 605a932306254bec6a232888791897a1eb099ef2 /archinstall/lib/luks.py | |
| parent | 72284e2b2a96f4c8c6603f3a900b956121253b92 (diff) | |
| parent | 2c90f02b6b26cc489e90f7536fe8931a4b2b9195 (diff) | |
| -rw-r--r-- | archinstall/lib/luks.py | 35 |
diff --git a/archinstall/lib/luks.py b/archinstall/lib/luks.py index e54641b8..19c21795 100644 --- a/archinstall/lib/luks.py +++ b/archinstall/lib/luks.py @@ -64,8 +64,37 @@ class luks2(): with open(key_file, 'wb') as fh: fh.write(password) - o = b''.join(sys_command(f'/usr/bin/cryptsetup -q -v --type luks2 --pbkdf argon2i --hash {hash_type} --key-size {key_size} --iter-time {iter_time} --key-file {os.path.abspath(key_file)} --use-urandom luksFormat {partition.path}')) - if b'Command successful.' not in o: + try: + # Try to setup the crypt-device + cmd_handle = sys_command(f'/usr/bin/cryptsetup -q -v --type luks2 --pbkdf argon2i --hash {hash_type} --key-size {key_size} --iter-time {iter_time} --key-file {os.path.abspath(key_file)} --use-urandom luksFormat {partition.path}') + except SysCallError as err: + if err.exit_code == 256: + log(f'{partition} is being used, trying to unmount and crypt-close the device and running one more attempt at encrypting the device.', level=LOG_LEVELS.Debug) + # Partition was in use, unmount it and try again + partition.unmount() + + # Get crypt-information about the device by doing a reverse lookup starting with the partition path + # For instance: /dev/sda + devinfo = json.loads(b''.join(sys_command(f"lsblk --fs -J {partition.path}")).decode('UTF-8'))['blockdevices'][0] + + # For each child (sub-partition/sub-device) + if len(children := devinfo.get('children', [])): + for child in children: + # Unmount the child location + if child_mountpoint := child.get('mountpoint', None): + log(f'Unmounting {child_mountpoint}', level=LOG_LEVELS.Debug) + sys_command(f"umount -R {child_mountpoint}") + + # And close it if possible. + log(f"Closing crypt device {child['name']}", level=LOG_LEVELS.Debug) + sys_command(f"cryptsetup close {child['name']}") + + # Then try again to set up the crypt-device + cmd_handle = sys_command(f'/usr/bin/cryptsetup -q -v --type luks2 --pbkdf argon2i --hash {hash_type} --key-size {key_size} --iter-time {iter_time} --key-file {os.path.abspath(key_file)} --use-urandom luksFormat {partition.path}') + else: + raise err + + if b'Command successful.' not in b''.join(cmd_handle): raise DiskError(f'Could not encrypt volume "{partition.path}": {o}') return key_file @@ -84,7 +113,7 @@ class luks2(): sys_command(f'/usr/bin/cryptsetup open {partition.path} {mountpoint} --key-file {os.path.abspath(key_file)} --type luks2') if os.path.islink(f'/dev/mapper/{mountpoint}'): self.mapdev = f'/dev/mapper/{mountpoint}' - unlocked_partition = Partition(self.mapdev, encrypted=True, filesystem=get_filesystem_type(self.mapdev), autodetect_filesystem=False) + unlocked_partition = Partition(self.mapdev, None, encrypted=True, filesystem=get_filesystem_type(self.mapdev), autodetect_filesystem=False) unlocked_partition.allow_formatting = self.partition.allow_formatting return unlocked_partition |