FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User
Reload this Page Add support for encryption via autopart.

 
 
LinkBack Thread Tools
 
Old 12-14-2007, 07:05 PM
Jeremy Katz
 
Default Add support for encryption via autopart.
This allows autopart (of LVM) to set up encrypted PVs to be used and adds
the UI for enabling that in graphical mode.

It's a little bit hacky as we rely on the fact request.encryption is set
and has a passphrase for this to work
---
autopart.py | 11 +++++++++++
cryptodev.py | 2 ++
fsset.py | 2 +-
iw/autopart_type.py | 12 ++++++++++++
partitions.py | 3 +++
ui/autopart.glade | 19 +++++++++++++++++++
6 files changed, 48 insertions(+), 1 deletions(-)

diff --git a/autopart.py b/autopart.py
index 899de6f..ea33c35 100644
--- a/autopart.py
+++ b/autopart.py
@@ -21,6 +21,7 @@ import lvm
import logging
import rhpl
from anaconda_log import logger, logFile
+import cryptodev
import partedUtils
import partRequests
from constants import *
@@ -1411,6 +1412,14 @@ def doAutoPartition(anaconda):

if req.type == REQUEST_NEW and not req.drive:
req.drive = drives
+
+ # this is kind of a hack, but if we're doing autopart encryption
+ # and the request has a crypto dev, but no passphrase, then set
+ # the passphrase to the global one
+ if partitions.autoEncrypt and req.encryption is not None and
+ req.encryption.passphrase == "":
+ req.encryption.setPassphrase(partitions.autoEncryp tPass)
+
# if this is a multidrive request, we need to create one per drive
if req.type == REQUEST_NEW and req.multidrive:
if not req.drive:
@@ -1627,6 +1636,8 @@ def autoCreateLVMPartitionRequests(autoreq):
grow = 1,
format = 1,
multidrive = 1)
+
+ nr.encryption = cryptodev.LUKSDevice(passphrase="", format=1)
requests.append(nr)
nr = partRequests.VolumeGroupRequestSpec(fstype = None,
vgname = "lvm",
diff --git a/cryptodev.py b/cryptodev.py
index 0b6967b..2b9fb71 100644
--- a/cryptodev.py
+++ b/cryptodev.py
@@ -36,6 +36,8 @@ class LUKSDevice:

def getScheme(self):
"""Returns the name of the encryption scheme used by the device."""
+ if self.passphrase == "":
+ return None
return self.scheme

def setDevice(self, device):
diff --git a/fsset.py b/fsset.py
index 180922f..5e61ef5 100644
--- a/fsset.py
+++ b/fsset.py
@@ -2170,7 +2170,7 @@ class Device:
self.isSetup = 0
self.doLabel = 1
self.deviceOptions = ""
- if encryption:
+ if encryption and encryption.getScheme():
self.crypto = encryption
if device not in ("none", None):
self.crypto.setDevice(device)
diff --git a/iw/autopart_type.py b/iw/autopart_type.py
index 3e20977..0802dfb 100644
--- a/iw/autopart_type.py
+++ b/iw/autopart_type.py
@@ -49,6 +49,16 @@ class PartitionTypeWindow(InstallWindow):
self.dispatch.skipStep("bootloader", skip = 0)
else:
self.dispatch.skipStep("autopartitionexecute", skip = 0)
+
+ if self.xml.get_widget("encryptButton").get_active():
+ thepass = self.intf.getLuksPassphrase(self.partitions.autoEn cryptPass)
+ if not thepass:
+ raise gui.StayOnScreen
+ self.partitions.autoEncryptPass = thepass
+ self.partitions.autoEncrypt = True
+ else:
+ self.partitions.autoEncryptPass = ""
+ self.partitions.autoEncrypt = False

self.partitions.useAutopartitioning = 1
self.partitions.autoClearPartType = val
@@ -109,6 +119,7 @@ class PartitionTypeWindow(InstallWindow):
self.xml.get_widget("reviewButton").set_sensitive( False)
self.xml.get_widget("driveScroll").set_sensitive(F alse)
self.xml.get_widget("bootDriveCombo").set_sensitiv e(False)
+ self.xml.get_widget("encryptButton").set_sensitive (False)
else:
if self.prevrev == None:
self.xml.get_widget("reviewButton").set_active(sel f.review)
@@ -119,6 +130,7 @@ class PartitionTypeWindow(InstallWindow):
self.xml.get_widget("reviewButton").set_sensitive( True)
self.xml.get_widget("driveScroll").set_sensitive(T rue)
self.xml.get_widget("bootDriveCombo").set_sensitiv e(True)
+ self.xml.get_widget("encryptButton").set_sensitive (True)

def addIscsiDrive(self):
if not network.hasActiveNetDev():
diff --git a/partitions.py b/partitions.py
index fb77e1e..51a35b7 100644
--- a/partitions.py
+++ b/partitions.py
@@ -153,6 +153,9 @@ class Partitions:
drive or livecd installs. Partitions on this list may not be
formatted."""

+ self.autoEncrypt = False
+ self.autoEncryptPass = ""
+
# partition method to be used. not to be touched externally
self.useAutopartitioning = 1
self.useFdisk = 0
diff --git a/ui/autopart.glade b/ui/autopart.glade
index fb75259..1669227 100644
--- a/ui/autopart.glade
+++ b/ui/autopart.glade
@@ -80,6 +80,25 @@
</child>

<child>
+ <widget class="GtkCheckButton" id="encryptButton">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="label" translatable="yes">_Encrypt system</property>
+ <property name="use_underline">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="active">True</property>
+ <property name="inconsistent">False</property>
+ <property name="draw_indicator">True</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
<widget class="GtkLabel" id="selectLabel">
<property name="label" translatable="yes" context="yes">_Select the drive(s) to use for this installation.</property>
<property name="use_underline">True</property>
--
1.5.3.7

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
 

Thread Tools




All times are GMT. The time now is 08:56 PM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org

Contact Us - Linux Archive - Archive - Top -