From 6d6dfd00a192f7c96a6b47280fe788ecac3f90e6 Mon Sep 17 00:00:00 2001 From: Itxaka Date: Wed, 19 Apr 2023 14:44:33 +0200 Subject: [PATCH 1/5] :seedling: Make some functions public So they can be imported from different places as lib and re-used Signed-off-by: Itxaka --- main.go | 87 ++----------------------------------------- pkg/lib/unlock.go | 94 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 98 insertions(+), 83 deletions(-) create mode 100644 pkg/lib/unlock.go diff --git a/main.go b/main.go index 0094a94..10dff5e 100644 --- a/main.go +++ b/main.go @@ -8,13 +8,10 @@ import ( "strings" "time" - luks "github.com/anatol/luks.go" - multierror "github.com/hashicorp/go-multierror" "github.com/jaypipes/ghw" "github.com/jaypipes/ghw/pkg/block" - "github.com/kairos-io/kcrypt/pkg/bus" configpkg "github.com/kairos-io/kcrypt/pkg/config" - "github.com/mudler/go-pluggable" + "github.com/kairos-io/kcrypt/pkg/lib" cp "github.com/otiai10/copy" "github.com/urfave/cli" ) @@ -36,52 +33,6 @@ func waitdevice(device string, attempts int) error { return fmt.Errorf("no device found") } -// TODO: Ask to discovery a pass to unlock. keep waiting until we get it and a timeout is exhausted with retrials (exp backoff) -func getPassword(b *block.Partition) (password string, err error) { - bus.Reload() - - bus.Manager.Response(bus.EventDiscoveryPassword, func(p *pluggable.Plugin, r *pluggable.EventResponse) { - password = r.Data - if r.Errored() { - err = fmt.Errorf("failed discovery: %s", r.Error) - } - }) - _, err = bus.Manager.Publish(bus.EventDiscoveryPassword, b) - if err != nil { - return password, err - } - - if password == "" { - return password, fmt.Errorf("received empty password") - } - - return -} - -func luksUnlock(device, mapper, password string) error { - dev, err := luks.Open(device) - if err != nil { - // handle error - return err - } - defer dev.Close() - - err = dev.Unlock(0, []byte(password), mapper) - if err != nil { - return err - } - return nil -} - -func unlockDisk(b *block.Partition) error { - pass, err := getPassword(b) - if err != nil { - return fmt.Errorf("error retreiving password remotely: %w", err) - } - - return luksUnlock(fmt.Sprintf("/dev/%s", b.Name), b.Name, pass) -} - func createLuks(dev, password, version string, cryptsetupArgs ...string) error { if version == "" { version = "luks2" @@ -116,7 +67,7 @@ func luksify(label string) (string, error) { return "", err } - pass, err := getPassword(b) + pass, err := lib.GetPassword(b) if err != nil { return "", err } @@ -128,7 +79,7 @@ func luksify(label string) (string, error) { return "", err } - if err := luksUnlock(persistent, b.Name, pass); err != nil { + if err := lib.LuksUnlock(persistent, b.Name, pass); err != nil { return "", err } @@ -273,36 +224,6 @@ func injectInitrd(initrd string, file, dst string) error { } // TODO: a custom toolkit version, to build out initrd pre-built with this component -func unlockAll() error { - bus.Manager.Initialize() - - config, err := configpkg.GetConfiguration(configpkg.ConfigScanDirs) - if err != nil { - fmt.Printf("Warning: Could not read kcrypt configuration '%s'\n", err.Error()) - } - - block, err := ghw.Block() - if err != nil { - fmt.Printf("Warning: Error reading partitions '%s \n", err.Error()) - - return nil - } - - for _, disk := range block.Disks { - for _, p := range disk.Partitions { - if p.Type == "crypto_LUKS" { - p.Label = config.LookupLabelForUUID(p.UUID) - fmt.Printf("Unmounted Luks found at '%s' LABEL '%s' \n", p.Name, p.Label) - multiError := multierror.Append(err, unlockDisk(p)) - if multiError.ErrorOrNil() != nil { - fmt.Printf("Unlocking failed: '%s'\n", err.Error()) - } - time.Sleep(10 * time.Second) - } - } - } - return nil -} func main() { app := &cli.App{ @@ -363,7 +284,7 @@ Typically run during initrd to unlock all the LUKS partitions found &cli.StringFlag{}, }, Action: func(c *cli.Context) error { - return unlockAll() + return lib.UnlockAll() }, }, }, diff --git a/pkg/lib/unlock.go b/pkg/lib/unlock.go new file mode 100644 index 0000000..1478559 --- /dev/null +++ b/pkg/lib/unlock.go @@ -0,0 +1,94 @@ +package lib + +import ( + "fmt" + "time" + + "github.com/anatol/luks.go" + "github.com/hashicorp/go-multierror" + "github.com/jaypipes/ghw" + "github.com/jaypipes/ghw/pkg/block" + "github.com/kairos-io/kcrypt/pkg/bus" + configpkg "github.com/kairos-io/kcrypt/pkg/config" + "github.com/mudler/go-pluggable" +) + +// UnlockAll Unlocks all encrypted devices found in the system +func UnlockAll() error { + bus.Manager.Initialize() + + config, err := configpkg.GetConfiguration(configpkg.ConfigScanDirs) + if err != nil { + fmt.Printf("Warning: Could not read kcrypt configuration '%s'\n", err.Error()) + } + + blk, err := ghw.Block() + if err != nil { + fmt.Printf("Warning: Error reading partitions '%s \n", err.Error()) + + return nil + } + + for _, disk := range blk.Disks { + for _, p := range disk.Partitions { + if p.Type == "crypto_LUKS" { + p.Label = config.LookupLabelForUUID(p.UUID) + fmt.Printf("Unmounted Luks found at '%s' LABEL '%s' \n", p.Name, p.Label) + multiError := multierror.Append(err, UnlockDisk(p)) + if multiError.ErrorOrNil() != nil { + fmt.Printf("Unlocking failed: '%s'\n", err.Error()) + } + time.Sleep(10 * time.Second) + } + } + } + return nil +} + +// UnlockDisk unlocks a single block.Partition +func UnlockDisk(b *block.Partition) error { + pass, err := GetPassword(b) + if err != nil { + return fmt.Errorf("error retreiving password remotely: %w", err) + } + + return LuksUnlock(fmt.Sprintf("/dev/%s", b.Name), b.Name, pass) +} + +// GetPassword gets the password for a block.Partition +// TODO: Ask to discovery a pass to unlock. keep waiting until we get it and a timeout is exhausted with retrials (exp backoff) +func GetPassword(b *block.Partition) (password string, err error) { + bus.Reload() + + bus.Manager.Response(bus.EventDiscoveryPassword, func(p *pluggable.Plugin, r *pluggable.EventResponse) { + password = r.Data + if r.Errored() { + err = fmt.Errorf("failed discovery: %s", r.Error) + } + }) + _, err = bus.Manager.Publish(bus.EventDiscoveryPassword, b) + if err != nil { + return password, err + } + + if password == "" { + return password, fmt.Errorf("received empty password") + } + + return +} + +func LuksUnlock(device, mapper, password string) error { + dev, err := luks.Open(device) + if err != nil { + // handle error + return err + } + defer dev.Close() + + err = dev.Unlock(0, []byte(password), mapper) + if err != nil { + return err + } + return nil +} From 5f52d1f2f905b53be320fc63c48c7b5a378fef7c Mon Sep 17 00:00:00 2001 From: Itxaka Date: Wed, 3 May 2023 21:52:44 +0200 Subject: [PATCH 2/5] Store dracut artifacts in its own target So its easier to access them from other places. Alos stores the dracut.conf file for kcryt under the dracut dir and renames it to its proper final name Signed-off-by: Itxaka --- Earthfile | 15 +++++++++++---- dracut.conf => dracut/10-kcrypt.conf | 0 2 files changed, 11 insertions(+), 4 deletions(-) rename dracut.conf => dracut/10-kcrypt.conf (100%) diff --git a/Earthfile b/Earthfile index 41bbe6f..9a8be3b 100644 --- a/Earthfile +++ b/Earthfile @@ -16,13 +16,20 @@ build-kcrypt: RUN CGO_ENABLED=0 go build -o kcrypt -ldflags "-X main.Version=$VERSION" SAVE ARTIFACT /work/kcrypt AS LOCAL kcrypt +dracut-artifacts: + FROM $BASE_IMAGE + WORKDIR /build + COPY --dir dracut/29kcrypt . + COPY dracut/10-kcrypt.conf . + SAVE ARTIFACT 29kcrypt 29kcrypt + SAVE ARTIFACT 10-kcrypt.conf 10-kcrypt.conf + build-dracut: FROM $BASE_IMAGE - COPY . /work - COPY +build-kcrypt/kcrypt /usr/bin/kcrypt WORKDIR /work - RUN cp -r dracut/* /usr/lib/dracut/modules.d - RUN cp dracut.conf /etc/dracut.conf.d/10-kcrypt.conf + COPY +build-kcrypt/kcrypt /usr/bin/kcrypt + COPY +dracut-artifacts/29kcrypt /usr/lib/dracut/modules.d/29kcrypt + COPY +dracut-artifacts/10-kcrypt.conf /etc/dracut.conf.d/10-kcrypt.conf RUN kernel=$(ls /lib/modules | head -n1) && \ dracut -f "/boot/initrd-${kernel}" "${kernel}" && \ ln -sf "initrd-${kernel}" /boot/initrd diff --git a/dracut.conf b/dracut/10-kcrypt.conf similarity index 100% rename from dracut.conf rename to dracut/10-kcrypt.conf From 36f861fd0c25f0453408b8809fdfa0f44d1ddb14 Mon Sep 17 00:00:00 2001 From: Itxaka Date: Wed, 3 May 2023 15:18:56 +0200 Subject: [PATCH 3/5] Use reproducible UUIDs for partition identification Signed-off-by: Itxaka --- Earthfile | 2 +- go.mod | 18 +++++++++++ go.sum | 77 ++++++++++++++++++++++++++++++++++++++++++++ main.go | 18 ++++++----- pkg/config/config.go | 25 +++++++++++++- pkg/lib/unlock.go | 38 ++++++++++++++++------ 6 files changed, 159 insertions(+), 19 deletions(-) diff --git a/Earthfile b/Earthfile index 41bbe6f..4347ca2 100644 --- a/Earthfile +++ b/Earthfile @@ -14,7 +14,7 @@ build-kcrypt: WORKDIR /work ARG VERSION="$(git describe --tags)" RUN CGO_ENABLED=0 go build -o kcrypt -ldflags "-X main.Version=$VERSION" - SAVE ARTIFACT /work/kcrypt AS LOCAL kcrypt + SAVE ARTIFACT /work/kcrypt kcrypt AS LOCAL kcrypt build-dracut: FROM $BASE_IMAGE diff --git a/go.mod b/go.mod index c75d0c3..3d2c612 100644 --- a/go.mod +++ b/go.mod @@ -4,6 +4,7 @@ go 1.20 require ( github.com/anatol/luks.go v0.0.0-20230125211543-ada2562d4206 + github.com/gofrs/uuid v4.4.0+incompatible github.com/hashicorp/go-multierror v1.1.1 github.com/jaypipes/ghw v0.10.0 github.com/kairos-io/kairos v1.24.3-56.0.20230329142538-b6ae4b58c07d @@ -17,11 +18,16 @@ require ( ) require ( + atomicgo.dev/cursor v0.1.1 // indirect + atomicgo.dev/keyboard v0.2.9 // indirect github.com/StackExchange/wmi v1.2.1 // indirect github.com/anatol/devmapper.go v0.0.0-20220907161421-ba4de5fc0fd1 // indirect github.com/avast/retry-go v3.0.0+incompatible // indirect + github.com/aybabtme/rgbterm v0.0.0-20170906152045-cc83f3b3ce59 // indirect github.com/chuckpreslar/emission v0.0.0-20170206194824-a7ddd980baf9 // indirect + github.com/containerd/console v1.0.3 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect + github.com/denisbrodbeck/machineid v1.0.1 // indirect github.com/dgryski/go-camellia v0.0.0-20191119043421-69a8a13fb23d // indirect github.com/ghodss/yaml v1.0.0 // indirect github.com/go-logr/logr v1.2.3 // indirect @@ -30,19 +36,31 @@ require ( github.com/google/go-cmp v0.5.9 // indirect github.com/google/pprof v0.0.0-20230228050547-1710fef4ab10 // indirect github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect + github.com/gookit/color v1.5.2 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect github.com/imdario/mergo v0.3.15 // indirect github.com/itchyny/gojq v0.12.12 // indirect github.com/itchyny/timefmt-go v0.1.5 // indirect github.com/jaypipes/pcidb v1.0.0 // indirect + github.com/joho/godotenv v1.5.1 // indirect github.com/kairos-io/kairos-sdk v0.0.2-0.20230317135804-ad3c0f6cd6dd // indirect github.com/kr/text v0.1.0 // indirect + github.com/lithammer/fuzzysearch v1.1.5 // indirect + github.com/mattn/go-isatty v0.0.17 // indirect + github.com/mattn/go-runewidth v0.0.14 // indirect github.com/mitchellh/go-homedir v1.1.0 // indirect + github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 // indirect + github.com/pterm/pterm v0.12.57 // indirect + github.com/qeesung/image2ascii v1.0.1 // indirect + github.com/rivo/uniseg v0.4.4 // indirect github.com/rogpeppe/go-internal v1.9.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect + github.com/wayneashleyberry/terminal-dimensions v1.1.0 // indirect + github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect golang.org/x/crypto v0.7.0 // indirect golang.org/x/net v0.8.0 // indirect golang.org/x/sys v0.6.0 // indirect + golang.org/x/term v0.6.0 // indirect golang.org/x/text v0.8.0 // indirect golang.org/x/tools v0.7.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index f7774a3..d68f294 100644 --- a/go.sum +++ b/go.sum @@ -1,4 +1,15 @@ +atomicgo.dev/cursor v0.1.1 h1:0t9sxQomCTRh5ug+hAMCs59x/UmC9QL6Ci5uosINKD4= +atomicgo.dev/cursor v0.1.1/go.mod h1:Lr4ZJB3U7DfPPOkbH7/6TOtJ4vFGHlgj1nc+n900IpU= +atomicgo.dev/keyboard v0.2.9 h1:tOsIid3nlPLZ3lwgG8KZMp/SFmr7P0ssEN5JUsm78K8= +atomicgo.dev/keyboard v0.2.9/go.mod h1:BC4w9g00XkxH/f1HXhW2sXmJFOCWbKn9xrOunSFtExQ= github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= +github.com/MarvinJWendt/testza v0.1.0/go.mod h1:7AxNvlfeHP7Z/hDQ5JtE3OKYT3XFUeLCDE2DQninSqs= +github.com/MarvinJWendt/testza v0.2.1/go.mod h1:God7bhG8n6uQxwdScay+gjm9/LnO4D3kkcZX4hv9Rp8= +github.com/MarvinJWendt/testza v0.2.8/go.mod h1:nwIcjmr0Zz+Rcwfh3/4UhBp7ePKVhuBExvZqnKYWlII= +github.com/MarvinJWendt/testza v0.2.10/go.mod h1:pd+VWsoGUiFtq+hRKSU1Bktnn+DMCSrDrXDpX2bG66k= +github.com/MarvinJWendt/testza v0.2.12/go.mod h1:JOIegYyV7rX+7VZ9r77L/eH6CfJHHzXjB69adAhzZkI= +github.com/MarvinJWendt/testza v0.3.0/go.mod h1:eFcL4I0idjtIx8P9C6KkAuLgATNKpX4/2oUqKc6bF2c= +github.com/MarvinJWendt/testza v0.4.2/go.mod h1:mSdhXiKH8sg/gQehJ63bINcCKp7RtYewEjXsvsVUPbE= github.com/StackExchange/wmi v1.2.1 h1:VIkavFPXSjcnS+O8yTq7NI32k0R5Aj+v39y29VYDOSA= github.com/StackExchange/wmi v1.2.1/go.mod h1:rcmrprowKIVzvc+NUiLncP2uuArMWLCbu9SBzvHz7e8= github.com/anatol/devmapper.go v0.0.0-20220907161421-ba4de5fc0fd1 h1:6ok4FQsJFooNYKiSmrVUv476cG/NYmbM0LxazuL4sZU= @@ -6,15 +17,22 @@ github.com/anatol/devmapper.go v0.0.0-20220907161421-ba4de5fc0fd1/go.mod h1:k5R4 github.com/anatol/luks.go v0.0.0-20230125211543-ada2562d4206 h1:9kfvAJRm75SuSR185WrbYOco0cKFo9IglQfiFyRNvK0= github.com/anatol/luks.go v0.0.0-20230125211543-ada2562d4206/go.mod h1:XwLorksvNshI9TH9UOO/WfX7kYIdlljCQi5WPkN7K0c= github.com/anatol/vmtest v0.0.0-20220413190228-7a42f1f6d7b8 h1:t4JGeY9oaF5LB4Rdx9e2wARRRPAYt8Ow4eCf5SwO3fA= +github.com/atomicgo/cursor v0.0.1/go.mod h1:cBON2QmmrysudxNBFthvMtN32r3jxVRIvzkUiF/RuIk= github.com/avast/retry-go v3.0.0+incompatible h1:4SOWQ7Qs+oroOTQOYnAHqelpCO0biHSxpiH9JdtuBj0= github.com/avast/retry-go v3.0.0+incompatible/go.mod h1:XtSnn+n/sHqQIpZ10K1qAevBhOOCWBLXXy3hyiqqBrY= +github.com/aybabtme/rgbterm v0.0.0-20170906152045-cc83f3b3ce59 h1:WWB576BN5zNSZc/M9d/10pqEx5VHNhaQ/yOVAkmj5Yo= +github.com/aybabtme/rgbterm v0.0.0-20170906152045-cc83f3b3ce59/go.mod h1:q/89r3U2H7sSsE2t6Kca0lfwTK8JdoNGS/yzM/4iH5I= github.com/chuckpreslar/emission v0.0.0-20170206194824-a7ddd980baf9 h1:xz6Nv3zcwO2Lila35hcb0QloCQsc38Al13RNEzWRpX4= github.com/chuckpreslar/emission v0.0.0-20170206194824-a7ddd980baf9/go.mod h1:2wSM9zJkl1UQEFZgSd68NfCgRz1VL1jzy/RjCg+ULrs= +github.com/containerd/console v1.0.3 h1:lIr7SlA5PxZyMV30bDW0MGbiOPXwc63yRuCP0ARubLw= +github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U= github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/denisbrodbeck/machineid v1.0.1 h1:geKr9qtkB876mXguW2X6TU4ZynleN6ezuMSRhl4D7AQ= +github.com/denisbrodbeck/machineid v1.0.1/go.mod h1:dJUwb7PTidGDeYyUBmXZ2GphQBbjJCrnectwCyxcUSI= github.com/dgryski/go-camellia v0.0.0-20191119043421-69a8a13fb23d h1:CPqTNIigGweVPT4CYb+OO2E6XyRKFOmvTHwWRLgCAlE= github.com/dgryski/go-camellia v0.0.0-20191119043421-69a8a13fb23d/go.mod h1:QX5ZVULjAfZJux/W62Y91HvCh9hyW6enAwcrrv/sLj0= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= @@ -29,6 +47,8 @@ github.com/go-ole/go-ole v1.2.6 h1:/Fpf6oFPoeFik9ty7siob0G6Ke8QvQEuVcuChpwXzpY= github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/gofrs/uuid v4.4.0+incompatible h1:3qXRTX8/NbyulANqlc0lchS1gqAVxRgsuW1YrTJupqA= +github.com/gofrs/uuid v4.4.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= @@ -46,6 +66,10 @@ github.com/google/pprof v0.0.0-20230228050547-1710fef4ab10 h1:CqYfpuYIjnlNxM3msd github.com/google/pprof v0.0.0-20230228050547-1710fef4ab10/go.mod h1:79YE0hCXdHag9sBkw2o+N/YnZtTkXi0UT9Nnixa5eYk= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4= github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= +github.com/gookit/color v1.4.2/go.mod h1:fqRyamkC1W8uxl+lxCQxOT09l/vYfZ+QeiX3rKQHCoQ= +github.com/gookit/color v1.5.0/go.mod h1:43aQb+Zerm/BWh2GnrgOQm7ffz7tvQXEKV6BFMl7wAo= +github.com/gookit/color v1.5.2 h1:uLnfXcaFjlrDnQDT+NCBcfhrXqYTx/rcCa6xn01Y8yI= +github.com/gookit/color v1.5.2/go.mod h1:w8h4bGiHeeBpvQVePTutdbERIUf3oJE5lZ8HM0UgXyg= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= @@ -63,19 +87,34 @@ github.com/jaypipes/ghw v0.10.0/go.mod h1:jeJGbkRB2lL3/gxYzNYzEDETV1ZJ56OKr+CSeS github.com/jaypipes/pcidb v1.0.0 h1:vtZIfkiCUE42oYbJS0TAq9XSfSmcsgo9IdxSm9qzYU8= github.com/jaypipes/pcidb v1.0.0/go.mod h1:TnYUvqhPBzCKnH34KrIX22kAeEbDCSRJ9cqLRCuNDfk= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= +github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= +github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= github.com/kairos-io/kairos v1.24.3-56.0.20230329142538-b6ae4b58c07d h1:B01GinEZbowPwbWrqDIb6n2AaHIscJVOqsh0I5gAEXw= github.com/kairos-io/kairos v1.24.3-56.0.20230329142538-b6ae4b58c07d/go.mod h1:2aYSSCHw8csfuqA5g6BpxBJ89kZt84G5okeuJj7PH+w= github.com/kairos-io/kairos-sdk v0.0.2-0.20230317135804-ad3c0f6cd6dd h1:x3pwiwfj/eAv3OZ8BNFdmpjhh8ZInu7z8Xv/6+dhmFw= github.com/kairos-io/kairos-sdk v0.0.2-0.20230317135804-ad3c0f6cd6dd/go.mod h1:Wg/jfAQe8seka5VUXtcPvg+sA6GmQEy+DYlJmgKM8Zs= github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs= +github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= +github.com/klauspost/cpuid/v2 v2.0.10/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c= +github.com/klauspost/cpuid/v2 v2.0.12/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.3.0 h1:WgNl7dwNpEZ6jJ9k1snq4pZsg7DOEN8hP9Xw0Tsjwk0= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/lithammer/fuzzysearch v1.1.5 h1:Ag7aKU08wp0R9QCfF4GoGST9HbmAIeLP7xwMrOBEp1c= +github.com/lithammer/fuzzysearch v1.1.5/go.mod h1:1R1LRNk7yKid1BaQkmuLQaHruxcC4HmAH30Dh61Ih1Q= +github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= +github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= +github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= +github.com/mattn/go-runewidth v0.0.14/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mudler/go-pluggable v0.0.0-20230126220627-7710299a0ae5 h1:FaZD86+A9mVt7lh9glAryzQblMsbJYU2VnrdZ8yHlTs= github.com/mudler/go-pluggable v0.0.0-20230126220627-7710299a0ae5/go.mod h1:WmKcT8ONmhDQIqQ+HxU+tkGWjzBEyY/KFO8LTGCu4AI= +github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646 h1:zYyBkD/k9seD2A7fsi6Oo2LfFZAehjjQMERAvZLEDnQ= +github.com/nfnt/resize v0.0.0-20180221191011-83c6a9932646/go.mod h1:jpp1/29i3P1S/RLdc7JQKbRpFeM1dOBd8T9ki5s+AY8= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= @@ -100,14 +139,31 @@ github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pterm/pterm v0.12.27/go.mod h1:PhQ89w4i95rhgE+xedAoqous6K9X+r6aSOI2eFF7DZI= +github.com/pterm/pterm v0.12.29/go.mod h1:WI3qxgvoQFFGKGjGnJR849gU0TsEOvKn5Q8LlY1U7lg= +github.com/pterm/pterm v0.12.30/go.mod h1:MOqLIyMOgmTDz9yorcYbcw+HsgoZo3BQfg2wtl3HEFE= +github.com/pterm/pterm v0.12.31/go.mod h1:32ZAWZVXD7ZfG0s8qqHXePte42kdz8ECtRyEejaWgXU= +github.com/pterm/pterm v0.12.33/go.mod h1:x+h2uL+n7CP/rel9+bImHD5lF3nM9vJj80k9ybiiTTE= +github.com/pterm/pterm v0.12.36/go.mod h1:NjiL09hFhT/vWjQHSj1athJpx6H8cjpHXNAK5bUw8T8= +github.com/pterm/pterm v0.12.40/go.mod h1:ffwPLwlbXxP+rxT0GsgDTzS3y3rmpAO1NMjUkGTYf8s= +github.com/pterm/pterm v0.12.57 h1:HTjDUmILmh6hIsEidRdpxQAiqcoHCdvRCxIR3KZ0/XE= +github.com/pterm/pterm v0.12.57/go.mod h1:7rswprkyxYOse1IMh79w42jvReNHxro4z9oHfqjIdzM= +github.com/qeesung/image2ascii v1.0.1 h1:Fe5zTnX/v/qNC3OC4P/cfASOXS501Xyw2UUcgrLgtp4= +github.com/qeesung/image2ascii v1.0.1/go.mod h1:kZKhyX0h2g/YXa/zdJR3JnLnJ8avHjZ3LrvEKSYyAyU= +github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= +github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= +github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= @@ -115,6 +171,11 @@ github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ github.com/tmc/scp v0.0.0-20170824174625-f7b48647feef h1:7D6Nm4D6f0ci9yttWaKjM1TMAXrH5Su72dojqYGntFY= github.com/urfave/cli v1.22.12 h1:igJgVw1JdKH+trcLWLeLwZjU9fEfPesQ+9/e4MQ44S8= github.com/urfave/cli v1.22.12/go.mod h1:sSBEIC79qR6OvcmsD4U3KABeOTxDqQtdDnaFuUN30b8= +github.com/wayneashleyberry/terminal-dimensions v1.1.0 h1:EB7cIzBdsOzAgmhTUtTTQXBByuPheP/Zv1zL2BRPY6g= +github.com/wayneashleyberry/terminal-dimensions v1.1.0/go.mod h1:2lc/0eWCObmhRczn2SdGSQtgBooLUzIotkkEGXqghyg= +github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778/go.mod h1:2MuV+tbUrU1zIOPMxZ5EncGwgmMJsa+9ucAQZXxsObs= +github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no= +github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.7.0 h1:AvwMYaRytfdeVt3u6mLaxYtErKYjxA2OXjJ1HHq6t3A= @@ -136,12 +197,25 @@ golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20211013075003-97ac67df715c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220319134239-a9b59b0215f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw= +golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -156,17 +230,20 @@ google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzi google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0 h1:POO/ycCATvegFmVuPpQzZFJ+pGZeX22Ufu6fibxDVjU= gopkg.in/yaml.v1 v1.0.0-20140924161607-9f9df34309c0/go.mod h1:WDnlLJ4WF5VGsH/HVa3CI79GS0ol3YnhVnKP89i0kNg= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= howett.net/plist v1.0.0 h1:7CrbWYbPPO/PyNy38b2EB/+gYbjCe2DXBxgtOOZbSQM= diff --git a/main.go b/main.go index 10dff5e..7c6d6dd 100644 --- a/main.go +++ b/main.go @@ -8,6 +8,7 @@ import ( "strings" "time" + "github.com/gofrs/uuid" "github.com/jaypipes/ghw" "github.com/jaypipes/ghw/pkg/block" configpkg "github.com/kairos-io/kcrypt/pkg/config" @@ -43,8 +44,8 @@ func createLuks(dev, password, version string, cryptsetupArgs ...string) error { cmd.Stdin = strings.NewReader(password) cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr - - if err := cmd.Run(); err != nil { + err := cmd.Run() + if err != nil { return err } @@ -74,8 +75,9 @@ func luksify(label string) (string, error) { persistent = fmt.Sprintf("/dev/%s", persistent) devMapper := fmt.Sprintf("/dev/mapper/%s", b.Name) + partUUID := uuid.NewV5(uuid.NamespaceURL, label) - if err := createLuks(persistent, pass, "luks1"); err != nil { + if err := createLuks(persistent, pass, "luks1", []string{"--uuid", partUUID.String()}...); err != nil { return "", err } @@ -87,8 +89,8 @@ func luksify(label string) (string, error) { return "", err } - out, err := sh(fmt.Sprintf("mkfs.ext4 -L %s %s", label, devMapper)) - + cmd := fmt.Sprintf("mkfs.ext4 -L %s %s", label, devMapper) + out, err := sh(cmd) if err != nil { return "", fmt.Errorf("err: %w, out: %s", err, out) } @@ -102,11 +104,11 @@ func luksify(label string) (string, error) { } func findPartition(label string) (string, *block.Partition, error) { - block, err := ghw.Block() + b, err := ghw.Block() if err == nil { - for _, disk := range block.Disks { + for _, disk := range b.Disks { for _, p := range disk.Partitions { - if p.Label == label { + if p.FilesystemLabel == label { return p.Name, p, nil } diff --git a/pkg/config/config.go b/pkg/config/config.go index 2c0f28e..4f93995 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -7,6 +7,7 @@ import ( "os" "strings" + "github.com/gofrs/uuid" "github.com/jaypipes/ghw/pkg/block" "github.com/kairos-io/kairos/pkg/config/collector" "github.com/pkg/errors" @@ -30,7 +31,7 @@ type Config struct { } func PartitionToString(p *block.Partition) string { - return fmt.Sprintf("%s:%s:%s", p.Label, p.Name, p.UUID) + return fmt.Sprintf("%s:%s:%s", p.FilesystemLabel, p.Name, p.UUID) } // Takes a partition info string (as returned by PartitionToString) and return @@ -118,3 +119,25 @@ func (c Config) LookupLabelForUUID(uuid string) string { return "" } + +// GetLabelForUUID returns the partition label for a known UUID +// UUIDS are generated on luksify method +// They are generated by setting the namespace to DNS and the name to the fs label, so they are always the same +func (c Config) GetLabelForUUID(uuidCheck string) (string, error) { + persistent := uuid.NewV5(uuid.NamespaceURL, "COS_PERSISTENT") + oem := uuid.NewV5(uuid.NamespaceURL, "COS_OEM") + fmt.Printf("Checking uuid: %s\n", uuidCheck) + parsedUUID, err := uuid.FromString(uuidCheck) + if err != nil { + return "", err + } + switch parsedUUID { + case persistent: + return "COS_PERSISTENT", nil + case oem: + return "COS_OEM", nil + default: + return "", errors.New("no partition found with that uuid") + + } +} diff --git a/pkg/lib/unlock.go b/pkg/lib/unlock.go index 1478559..39e78c7 100644 --- a/pkg/lib/unlock.go +++ b/pkg/lib/unlock.go @@ -2,12 +2,13 @@ package lib import ( "fmt" - "time" + "path/filepath" + "strings" "github.com/anatol/luks.go" - "github.com/hashicorp/go-multierror" "github.com/jaypipes/ghw" "github.com/jaypipes/ghw/pkg/block" + "github.com/kairos-io/kairos-sdk/utils" "github.com/kairos-io/kcrypt/pkg/bus" configpkg "github.com/kairos-io/kcrypt/pkg/config" "github.com/mudler/go-pluggable" @@ -32,13 +33,32 @@ func UnlockAll() error { for _, disk := range blk.Disks { for _, p := range disk.Partitions { if p.Type == "crypto_LUKS" { - p.Label = config.LookupLabelForUUID(p.UUID) - fmt.Printf("Unmounted Luks found at '%s' LABEL '%s' \n", p.Name, p.Label) - multiError := multierror.Append(err, UnlockDisk(p)) - if multiError.ErrorOrNil() != nil { - fmt.Printf("Unlocking failed: '%s'\n", err.Error()) + // Get the luks UUID directly from cryptsetup + volumeUUID, err := utils.SH(fmt.Sprintf("cryptsetup luksUUID %s", filepath.Join("/dev", p.Name))) + if err != nil { + return err } - time.Sleep(10 * time.Second) + volumeUUID = strings.TrimSpace(volumeUUID) + if volumeUUID == "" { + fmt.Printf("No uuid for %s, skipping\n", p.Name) + continue + } + p.Label, err = config.GetLabelForUUID(volumeUUID) + if err != nil { + return err + } + // Check if device is already mounted + // We mount it under /dev/mapper/DEVICE, so It's pretty easy to check + if !utils.Exists(filepath.Join("/dev", "mapper", p.Name)) { + fmt.Printf("Unmounted Luks found at '%s' LABEL '%s' \n", filepath.Join("/dev", p.Name), p.Label) + err = UnlockDisk(p) + if err != nil { + fmt.Printf("Unlocking failed: '%s'\n", err.Error()) + } + } else { + fmt.Printf("Device %s seems to be mounted at %s, skipping\n", filepath.Join("/dev", p.Name), filepath.Join("/dev", "mapper", p.Name)) + } + } } } @@ -52,7 +72,7 @@ func UnlockDisk(b *block.Partition) error { return fmt.Errorf("error retreiving password remotely: %w", err) } - return LuksUnlock(fmt.Sprintf("/dev/%s", b.Name), b.Name, pass) + return LuksUnlock(filepath.Join("/dev", b.Name), b.Name, pass) } // GetPassword gets the password for a block.Partition From 47e7f67e046fea3f7493ce574addbd16e744234b Mon Sep 17 00:00:00 2001 From: Itxaka Date: Fri, 5 May 2023 09:19:46 +0200 Subject: [PATCH 4/5] Fix label Signed-off-by: Itxaka --- pkg/lib/unlock.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pkg/lib/unlock.go b/pkg/lib/unlock.go index 39e78c7..6913c4c 100644 --- a/pkg/lib/unlock.go +++ b/pkg/lib/unlock.go @@ -35,6 +35,7 @@ func UnlockAll() error { if p.Type == "crypto_LUKS" { // Get the luks UUID directly from cryptsetup volumeUUID, err := utils.SH(fmt.Sprintf("cryptsetup luksUUID %s", filepath.Join("/dev", p.Name))) + fmt.Printf("Got luks UUID %s for partition %s\n", volumeUUID, p.Name) if err != nil { return err } @@ -43,14 +44,14 @@ func UnlockAll() error { fmt.Printf("No uuid for %s, skipping\n", p.Name) continue } - p.Label, err = config.GetLabelForUUID(volumeUUID) + p.FilesystemLabel, err = config.GetLabelForUUID(volumeUUID) if err != nil { return err } // Check if device is already mounted // We mount it under /dev/mapper/DEVICE, so It's pretty easy to check if !utils.Exists(filepath.Join("/dev", "mapper", p.Name)) { - fmt.Printf("Unmounted Luks found at '%s' LABEL '%s' \n", filepath.Join("/dev", p.Name), p.Label) + fmt.Printf("Unmounted Luks found at '%s' LABEL '%s' \n", filepath.Join("/dev", p.Name), p.FilesystemLabel) err = UnlockDisk(p) if err != nil { fmt.Printf("Unlocking failed: '%s'\n", err.Error()) From 59ed3da68dbeb8390e7127a0117b3062a42f4ff2 Mon Sep 17 00:00:00 2001 From: Mauro Morales Date: Tue, 13 Jun 2023 12:18:46 +0200 Subject: [PATCH 5/5] Update issue templates relates to https://github.com/kairos-io/kairos/issues/1483 --- .../file-issues-on-main-kairos-repo.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/file-issues-on-main-kairos-repo.md diff --git a/.github/ISSUE_TEMPLATE/file-issues-on-main-kairos-repo.md b/.github/ISSUE_TEMPLATE/file-issues-on-main-kairos-repo.md new file mode 100644 index 0000000..300f293 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/file-issues-on-main-kairos-repo.md @@ -0,0 +1,12 @@ +--- +name: File issues on main Kairos repo +about: Tell users to file their issues on the main Kairos repo +title: '' +labels: '' +assignees: '' + +--- + +:warning: All Kairos issues are tracked in our main repo, please file your issue there, thanks! :warning: + +https://github.com/kairos-io/kairos/issues