sedutil/sedutil-pba.pl

#!/usr/bin/perl
# 
# PreBoot Authentication Image Creator for
# Unlocking Self Encrypting Drive
#

use strict;
use warnings;

use File::Path qw(make_path remove_tree);
use File::Temp qw(tempdir);
use File::Copy qw(copy);

die "no sedutil module for dracut, stopped" unless (`dracut --list-modules 2>/dev/null` =~ /\bsedutil\b/);

my $kver = `uname -r`;
chomp $kver;
my $scratch = tempdir('mkpba-XXXXX') or die "$!, stopped";
my $bdir = "boot";
my $gdir = "$bdir/grub";
my $initrd = "initrd-$kver";
my $kern = "vmlinuz-$kver";
my $cfg = "grub.cfg";
my $iso = "linuxpba-$kver.iso";
my $rescue = "sedutil-rescue-$kver.iso";
my $keep = 0;

make_path("$scratch/$bdir", "$scratch/$gdir", {verbose => 1}) == 2
  or die "$!, stopped";

system ("dracut", "--force", "-m", "sedutil base", "$scratch/$bdir/$initrd") == 0
  or die "stopped";

copy("/$bdir/$kern", "$scratch/$bdir")
  or die "$!, stopped";

open(CFG, ">", "$scratch/$gdir/$cfg")
  or die "$!, stopped";

print CFG <<"END";
set gfxpayload=keep

ext=""
if [ x\$grub_platform = xefi ]; then
  ext=efi
fi

echo 'Loading Linux $kver ...'
linux\$ext /$bdir/$kern libata.allow_tpm=1 quiet rd.hostonly=0 linuxpba
echo 'Loading sedutilpba-$kver.img ...'
initrd\$ext /$bdir/$initrd
echo 'Boot ...'
boot
END

close(CFG);

system ("grub2-script-check", "--verbose", "$scratch/$gdir/$cfg") == 0
  or die "stopped";

system ("grub2-mkrescue", "-o", $iso, $scratch) == 0
  or die "stopped";

system ("dracut", "--force", "-m", "sedutil base", "--include", "./$iso", "/$iso", "$scratch/$bdir/$initrd") == 0
  or die "stopped";

open(CFG, ">", "$scratch/$gdir/$cfg")
  or die "$!, stopped";

print CFG <<"END";
set gfxpayload=keep

ext=""
if [ x\$grub_platform = xefi ]; then
  ext=efi
fi

echo 'Loading Linux $kver ...'
linux\$ext /$bdir/$kern libata.allow_tpm=1 quiet rd.hostonly=0 rd.break=cmdline
echo 'Loading sedutilpba-$kver.img ...'
initrd\$ext /$bdir/$initrd
echo 'Boot ...'
boot
END

close(CFG);

system ("grub2-script-check", "--verbose", "$scratch/$gdir/$cfg") == 0
  or die "stopped";

system ("grub2-mkrescue", "-o", $rescue, $scratch) == 0
  or die "stopped";

remove_tree($scratch, {verbose => 1}) unless ($keep);
Accepting request 636836 from home:michael-chang:sedutil-pkg I want to maintain sedutil in Factory and would like to use Base:System as the devel/feeder project. OBS-URL: https://build.opensuse.org/request/show/636836 OBS-URL: https://build.opensuse.org/package/show/Base:System/sedutil?expand=0&rev=1 2018-09-21 11:22:57 +02:00			`#!/usr/bin/perl`
			`#`
			`# PreBoot Authentication Image Creator for`
			`# Unlocking Self Encrypting Drive`
			`#`

			`use strict;`
			`use warnings;`

			`use File::Path qw(make_path remove_tree);`
			`use File::Temp qw(tempdir);`
			`use File::Copy qw(copy);`

			die "no sedutil module for dracut, stopped" unless (`dracut --list-modules 2>/dev/null` =~ /\bsedutil\b/);

			my $kver = `uname -r`;
			`chomp $kver;`
			`my $scratch = tempdir('mkpba-XXXXX') or die "$!, stopped";`
			`my $bdir = "boot";`
			`my $gdir = "$bdir/grub";`
			`my $initrd = "initrd-$kver";`
			`my $kern = "vmlinuz-$kver";`
			`my $cfg = "grub.cfg";`
			`my $iso = "linuxpba-$kver.iso";`
			`my $rescue = "sedutil-rescue-$kver.iso";`
			`my $keep = 0;`

			`make_path("$scratch/$bdir", "$scratch/$gdir", {verbose => 1}) == 2`
			`or die "$!, stopped";`

			`system ("dracut", "--force", "-m", "sedutil base", "$scratch/$bdir/$initrd") == 0`
			`or die "stopped";`

			`copy("/$bdir/$kern", "$scratch/$bdir")`
			`or die "$!, stopped";`

			`open(CFG, ">", "$scratch/$gdir/$cfg")`
			`or die "$!, stopped";`

			`print CFG <<"END";`
			`set gfxpayload=keep`

			`ext=""`
			`if [ x\$grub_platform = xefi ]; then`
			`ext=efi`
			`fi`

			`echo 'Loading Linux $kver ...'`
			`linux\$ext /$bdir/$kern libata.allow_tpm=1 quiet rd.hostonly=0 linuxpba`
			`echo 'Loading sedutilpba-$kver.img ...'`
			`initrd\$ext /$bdir/$initrd`
			`echo 'Boot ...'`
			`boot`
			`END`

			`close(CFG);`

			`system ("grub2-script-check", "--verbose", "$scratch/$gdir/$cfg") == 0`
			`or die "stopped";`

			`system ("grub2-mkrescue", "-o", $iso, $scratch) == 0`
			`or die "stopped";`

			`system ("dracut", "--force", "-m", "sedutil base", "--include", "./$iso", "/$iso", "$scratch/$bdir/$initrd") == 0`
			`or die "stopped";`

			`open(CFG, ">", "$scratch/$gdir/$cfg")`
			`or die "$!, stopped";`

			`print CFG <<"END";`
			`set gfxpayload=keep`

			`ext=""`
			`if [ x\$grub_platform = xefi ]; then`
			`ext=efi`
			`fi`

			`echo 'Loading Linux $kver ...'`
			`linux\$ext /$bdir/$kern libata.allow_tpm=1 quiet rd.hostonly=0 rd.break=cmdline`
			`echo 'Loading sedutilpba-$kver.img ...'`
			`initrd\$ext /$bdir/$initrd`
			`echo 'Boot ...'`
			`boot`
			`END`

			`close(CFG);`

			`system ("grub2-script-check", "--verbose", "$scratch/$gdir/$cfg") == 0`
			`or die "stopped";`

			`system ("grub2-mkrescue", "-o", $rescue, $scratch) == 0`
			`or die "stopped";`

			`remove_tree($scratch, {verbose => 1}) unless ($keep);`