mirror of
https://github.com/linka-cloud/d2vm.git
synced 2024-11-21 23:36:25 +00:00
luks: fix ubuntu <22.04 support
Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>
This commit is contained in:
parent
bfa5f0df1d
commit
f75b0c7313
@ -505,7 +505,10 @@ func (b *builder) installKernel(ctx context.Context) error {
|
||||
case ReleaseCentOS:
|
||||
cfg = fmt.Sprintf(sysconfig, b.rootUUID, fmt.Sprintf("%s rd.luks.name=UUID=%s rd.luks.uuid=%s rd.luks.crypttab=0", b.cmdLineExtra, b.rootUUID, b.cryptUUID))
|
||||
default:
|
||||
cfg = fmt.Sprintf(sysconfig, b.rootUUID, fmt.Sprintf("%s root=/dev/mapper/root cryptopts=target=root,source=UUID=%s", b.cmdLineExtra, b.cryptUUID))
|
||||
// for some versions of debian, the cryptopts parameter MUST contain all the following: target,srouce,key,opts...
|
||||
// see https://salsa.debian.org/cryptsetup-team/cryptsetup/-/blob/debian/buster/debian/functions
|
||||
// and https://cryptsetup-team.pages.debian.net/cryptsetup/README.initramfs.html
|
||||
cfg = fmt.Sprintf(sysconfig, b.rootUUID, fmt.Sprintf("%s root=/dev/mapper/root cryptopts=target=root,source=UUID=%s,key=none,luks", b.cmdLineExtra, b.cryptUUID))
|
||||
cfg = strings.Replace(cfg, "root=UUID="+b.rootUUID, "", 1)
|
||||
}
|
||||
} else {
|
||||
|
@ -45,7 +45,8 @@ type img struct {
|
||||
|
||||
var images = []img{
|
||||
{name: "alpine:3.17", luks: "Enter passphrase for /dev/sda2:"},
|
||||
{name: "ubuntu:20.04", luks: "Please unlock disk root:"},
|
||||
{name: "ubuntu:18.04", luks: "Please unlock disk root:"},
|
||||
{name: "ubuntu:22.04", luks: "Please unlock disk root:"},
|
||||
{name: "debian:11", luks: "Please unlock disk root:"},
|
||||
{name: "centos:8", luks: "Please enter passphrase for disk"},
|
||||
}
|
||||
@ -68,7 +69,7 @@ func TestConvert(t *testing.T) {
|
||||
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
// t.Parallel()
|
||||
|
||||
dir := filepath.Join("/tmp", "d2vm-e2e", tt.name)
|
||||
require.NoError(os.MkdirAll(dir, os.ModePerm))
|
||||
|
||||
@ -78,7 +79,6 @@ func TestConvert(t *testing.T) {
|
||||
ctx, cancel := context.WithCancel(context.Background())
|
||||
defer cancel()
|
||||
|
||||
// t.Parallel()
|
||||
require := require2.New(t)
|
||||
|
||||
out := filepath.Join(dir, strings.NewReplacer(":", "-", ".", "-").Replace(img.name)+".qcow2")
|
||||
@ -86,7 +86,7 @@ func TestConvert(t *testing.T) {
|
||||
if _, err := os.Stat(out); err == nil {
|
||||
require.NoError(os.Remove(out))
|
||||
}
|
||||
|
||||
|
||||
require.NoError(docker.RunD2VM(ctx, d2vm.Image, d2vm.Version, dir, dir, "convert", append([]string{"-p", "root", "-o", "/out/" + filepath.Base(out), "-v", "--keep-cache", img.name}, tt.args...)...))
|
||||
|
||||
inr, inw := io.Pipe()
|
||||
|
@ -6,9 +6,6 @@ RUN apk update --no-cache && \
|
||||
apk add \
|
||||
util-linux \
|
||||
linux-virt \
|
||||
{{- if .Luks }}
|
||||
cryptsetup \
|
||||
{{- end }}
|
||||
{{- if ge .Release.VersionID "3.17" }}
|
||||
busybox-openrc \
|
||||
busybox-mdev-openrc \
|
||||
@ -34,7 +31,8 @@ iface eth0 inet dhcp\n\
|
||||
{{ end }}
|
||||
|
||||
{{- if .Luks }}
|
||||
RUN source /etc/mkinitfs/mkinitfs.conf && \
|
||||
RUN apk add --no-cache cryptsetup && \
|
||||
source /etc/mkinitfs/mkinitfs.conf && \
|
||||
echo "features=\"${features} cryptsetup\"" > /etc/mkinitfs/mkinitfs.conf && \
|
||||
mkinitfs $(ls /lib/modules)
|
||||
{{- end }}
|
||||
|
@ -12,17 +12,19 @@ RUN yum install -y \
|
||||
systemd \
|
||||
NetworkManager \
|
||||
e2fsprogs \
|
||||
{{- if .Luks }}
|
||||
cryptsetup \
|
||||
{{- end }}
|
||||
sudo && \
|
||||
systemctl enable NetworkManager && \
|
||||
systemctl unmask systemd-remount-fs.service && \
|
||||
systemctl unmask getty.target
|
||||
|
||||
RUN dracut --no-hostonly --regenerate-all --force {{ if .Luks }}--install="/usr/sbin/cryptsetup"{{ end }}&& \
|
||||
systemctl unmask getty.target && \
|
||||
cd /boot && \
|
||||
ln -s $(find . -name 'vmlinuz-*') vmlinuz && \
|
||||
ln -s $(find . -name 'initramfs-*.img') initrd.img
|
||||
|
||||
{{ if .Luks }}
|
||||
RUN yum install -y cryptsetup && \
|
||||
dracut --no-hostonly --regenerate-all --force --install="/usr/sbin/cryptsetup" && \
|
||||
{{ else }}
|
||||
RUN dracut --no-hostonly --regenerate-all --force
|
||||
{{ end }}
|
||||
|
||||
{{ if .Password }}RUN echo "root:{{ .Password }}" | chpasswd {{ end }}
|
||||
|
@ -4,9 +4,6 @@ USER root
|
||||
|
||||
RUN apt-get -y update && \
|
||||
DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends \
|
||||
{{- if .Luks }}
|
||||
cryptsetup-initramfs \
|
||||
{{- end }}
|
||||
linux-image-amd64
|
||||
|
||||
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
|
||||
@ -47,5 +44,6 @@ iface eth0 inet dhcp\n\
|
||||
|
||||
|
||||
{{- if .Luks }}
|
||||
RUN update-initramfs -u -v
|
||||
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends cryptsetup-initramfs && \
|
||||
update-initramfs -u -v
|
||||
{{- end }}
|
||||
|
@ -6,9 +6,6 @@ RUN apt-get update -y && \
|
||||
DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends \
|
||||
linux-image-virtual \
|
||||
initramfs-tools \
|
||||
{{- if .Luks }}
|
||||
cryptsetup-initramfs \
|
||||
{{- end }}
|
||||
systemd-sysv \
|
||||
systemd \
|
||||
dbus \
|
||||
@ -45,5 +42,6 @@ iface eth0 inet dhcp\n\
|
||||
{{ end }}
|
||||
|
||||
{{- if .Luks }}
|
||||
RUN update-initramfs -u -v
|
||||
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends cryptsetup-initramfs && \
|
||||
update-initramfs -u -v
|
||||
{{- end }}
|
||||
|
Loading…
Reference in New Issue
Block a user