index : archinstall32 | |
Archlinux32 installer | gitolite user |
summaryrefslogtreecommitdiff |
-rw-r--r-- | archinstall/lib/luks.py | 25 |
diff --git a/archinstall/lib/luks.py b/archinstall/lib/luks.py index 19c21795..62067ec1 100644 --- a/archinstall/lib/luks.py +++ b/archinstall/lib/luks.py @@ -1,4 +1,5 @@ import os +import shlex from .exceptions import * from .general import * from .disk import Partition @@ -64,9 +65,23 @@ class luks2(): with open(key_file, 'wb') as fh: fh.write(password) + cryptsetup_args = shlex.join([ + '/usr/bin/cryptsetup', + '--batch-mode', + '--verbose', + '--type', 'luks2', + '--pbkdf', 'argon2i', + '--hash', hash_type, + '--key-size', str(key_size), + '--iter-time', str(iter_time), + '--key-file', os.path.abspath(key_file), + '--use-urandom', + 'luksFormat', partition.path, + ]) + try: # Try to setup the crypt-device - cmd_handle = sys_command(f'/usr/bin/cryptsetup -q -v --type luks2 --pbkdf argon2i --hash {hash_type} --key-size {key_size} --iter-time {iter_time} --key-file {os.path.abspath(key_file)} --use-urandom luksFormat {partition.path}') + cmd_handle = sys_command(cryptsetup_args) except SysCallError as err: if err.exit_code == 256: log(f'{partition} is being used, trying to unmount and crypt-close the device and running one more attempt at encrypting the device.', level=LOG_LEVELS.Debug) @@ -90,12 +105,12 @@ class luks2(): sys_command(f"cryptsetup close {child['name']}") # Then try again to set up the crypt-device - cmd_handle = sys_command(f'/usr/bin/cryptsetup -q -v --type luks2 --pbkdf argon2i --hash {hash_type} --key-size {key_size} --iter-time {iter_time} --key-file {os.path.abspath(key_file)} --use-urandom luksFormat {partition.path}') + cmd_handle = sys_command(cryptsetup_args) else: raise err - if b'Command successful.' not in b''.join(cmd_handle): - raise DiskError(f'Could not encrypt volume "{partition.path}": {o}') + if cmd_handle.exit_code != 0: + raise DiskError(f'Could not encrypt volume "{partition.path}": {cmd_output}') return key_file @@ -126,4 +141,4 @@ class luks2(): def format(self, path): if (handle := sys_command(f"/usr/bin/cryptsetup -q -v luksErase {path}")).exit_code != 0: - raise DiskError(f'Could not format {path} with {self.filesystem} because: {b"".join(handle)}')
\ No newline at end of file + raise DiskError(f'Could not format {path} with {self.filesystem} because: {b"".join(handle)}') |