mirror of
https://github.com/linka-cloud/d2vm.git
synced 2024-11-22 15:56:24 +00:00
luks: fix ubuntu <22.04 support
Signed-off-by: Adphi <philippe.adrien.nousse@gmail.com>
This commit is contained in:
Adphi
parent
bfa5f0df1d
commit
f75b0c7313
@ -505,7 +505,10 @@ func (b *builder) installKernel(ctx context.Context) error {
|
|||||||
case ReleaseCentOS:
|
case ReleaseCentOS:
|
||||||
cfg = fmt.Sprintf(sysconfig, b.rootUUID, fmt.Sprintf("%s rd.luks.name=UUID=%s rd.luks.uuid=%s rd.luks.crypttab=0", b.cmdLineExtra, b.rootUUID, b.cryptUUID))
|
cfg = fmt.Sprintf(sysconfig, b.rootUUID, fmt.Sprintf("%s rd.luks.name=UUID=%s rd.luks.uuid=%s rd.luks.crypttab=0", b.cmdLineExtra, b.rootUUID, b.cryptUUID))
|
||||||
default:
|
default:
|
||||||
cfg = fmt.Sprintf(sysconfig, b.rootUUID, fmt.Sprintf("%s root=/dev/mapper/root cryptopts=target=root,source=UUID=%s", b.cmdLineExtra, b.cryptUUID))
|
// for some versions of debian, the cryptopts parameter MUST contain all the following: target,srouce,key,opts...
|
||||||
|
// see https://salsa.debian.org/cryptsetup-team/cryptsetup/-/blob/debian/buster/debian/functions
|
||||||
|
// and https://cryptsetup-team.pages.debian.net/cryptsetup/README.initramfs.html
|
||||||
|
cfg = fmt.Sprintf(sysconfig, b.rootUUID, fmt.Sprintf("%s root=/dev/mapper/root cryptopts=target=root,source=UUID=%s,key=none,luks", b.cmdLineExtra, b.cryptUUID))
|
||||||
cfg = strings.Replace(cfg, "root=UUID="+b.rootUUID, "", 1)
|
cfg = strings.Replace(cfg, "root=UUID="+b.rootUUID, "", 1)
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
@ -45,7 +45,8 @@ type img struct {
|
|||||||
|
|
||||||
var images = []img{
|
var images = []img{
|
||||||
{name: "alpine:3.17", luks: "Enter passphrase for /dev/sda2:"},
|
{name: "alpine:3.17", luks: "Enter passphrase for /dev/sda2:"},
|
||||||
{name: "ubuntu:20.04", luks: "Please unlock disk root:"},
|
{name: "ubuntu:18.04", luks: "Please unlock disk root:"},
|
||||||
|
{name: "ubuntu:22.04", luks: "Please unlock disk root:"},
|
||||||
{name: "debian:11", luks: "Please unlock disk root:"},
|
{name: "debian:11", luks: "Please unlock disk root:"},
|
||||||
{name: "centos:8", luks: "Please enter passphrase for disk"},
|
{name: "centos:8", luks: "Please enter passphrase for disk"},
|
||||||
}
|
}
|
||||||
@ -68,7 +69,7 @@ func TestConvert(t *testing.T) {
|
|||||||
|
|
||||||
for _, tt := range tests {
|
for _, tt := range tests {
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
// t.Parallel()
|
|
||||||
dir := filepath.Join("/tmp", "d2vm-e2e", tt.name)
|
dir := filepath.Join("/tmp", "d2vm-e2e", tt.name)
|
||||||
require.NoError(os.MkdirAll(dir, os.ModePerm))
|
require.NoError(os.MkdirAll(dir, os.ModePerm))
|
||||||
|
|
||||||
@ -78,7 +79,6 @@ func TestConvert(t *testing.T) {
|
|||||||
ctx, cancel := context.WithCancel(context.Background())
|
ctx, cancel := context.WithCancel(context.Background())
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
// t.Parallel()
|
|
||||||
require := require2.New(t)
|
require := require2.New(t)
|
||||||
|
|
||||||
out := filepath.Join(dir, strings.NewReplacer(":", "-", ".", "-").Replace(img.name)+".qcow2")
|
out := filepath.Join(dir, strings.NewReplacer(":", "-", ".", "-").Replace(img.name)+".qcow2")
|
||||||
|
|||||||
@ -6,9 +6,6 @@ RUN apk update --no-cache && \
|
|||||||
apk add \
|
apk add \
|
||||||
util-linux \
|
util-linux \
|
||||||
linux-virt \
|
linux-virt \
|
||||||
{{- if .Luks }}
|
|
||||||
cryptsetup \
|
|
||||||
{{- end }}
|
|
||||||
{{- if ge .Release.VersionID "3.17" }}
|
{{- if ge .Release.VersionID "3.17" }}
|
||||||
busybox-openrc \
|
busybox-openrc \
|
||||||
busybox-mdev-openrc \
|
busybox-mdev-openrc \
|
||||||
@ -34,7 +31,8 @@ iface eth0 inet dhcp\n\
|
|||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
{{- if .Luks }}
|
{{- if .Luks }}
|
||||||
RUN source /etc/mkinitfs/mkinitfs.conf && \
|
RUN apk add --no-cache cryptsetup && \
|
||||||
|
source /etc/mkinitfs/mkinitfs.conf && \
|
||||||
echo "features=\"${features} cryptsetup\"" > /etc/mkinitfs/mkinitfs.conf && \
|
echo "features=\"${features} cryptsetup\"" > /etc/mkinitfs/mkinitfs.conf && \
|
||||||
mkinitfs $(ls /lib/modules)
|
mkinitfs $(ls /lib/modules)
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
@ -12,17 +12,19 @@ RUN yum install -y \
|
|||||||
systemd \
|
systemd \
|
||||||
NetworkManager \
|
NetworkManager \
|
||||||
e2fsprogs \
|
e2fsprogs \
|
||||||
{{- if .Luks }}
|
|
||||||
cryptsetup \
|
|
||||||
{{- end }}
|
|
||||||
sudo && \
|
sudo && \
|
||||||
systemctl enable NetworkManager && \
|
systemctl enable NetworkManager && \
|
||||||
systemctl unmask systemd-remount-fs.service && \
|
systemctl unmask systemd-remount-fs.service && \
|
||||||
systemctl unmask getty.target
|
systemctl unmask getty.target && \
|
||||||
|
|
||||||
RUN dracut --no-hostonly --regenerate-all --force {{ if .Luks }}--install="/usr/sbin/cryptsetup"{{ end }}&& \
|
|
||||||
cd /boot && \
|
cd /boot && \
|
||||||
ln -s $(find . -name 'vmlinuz-*') vmlinuz && \
|
ln -s $(find . -name 'vmlinuz-*') vmlinuz && \
|
||||||
ln -s $(find . -name 'initramfs-*.img') initrd.img
|
ln -s $(find . -name 'initramfs-*.img') initrd.img
|
||||||
|
|
||||||
|
{{ if .Luks }}
|
||||||
|
RUN yum install -y cryptsetup && \
|
||||||
|
dracut --no-hostonly --regenerate-all --force --install="/usr/sbin/cryptsetup" && \
|
||||||
|
{{ else }}
|
||||||
|
RUN dracut --no-hostonly --regenerate-all --force
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
{{ if .Password }}RUN echo "root:{{ .Password }}" | chpasswd {{ end }}
|
{{ if .Password }}RUN echo "root:{{ .Password }}" | chpasswd {{ end }}
|
||||||
|
|||||||
@ -4,9 +4,6 @@ USER root
|
|||||||
|
|
||||||
RUN apt-get -y update && \
|
RUN apt-get -y update && \
|
||||||
DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends \
|
DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends \
|
||||||
{{- if .Luks }}
|
|
||||||
cryptsetup-initramfs \
|
|
||||||
{{- end }}
|
|
||||||
linux-image-amd64
|
linux-image-amd64
|
||||||
|
|
||||||
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
|
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
|
||||||
@ -47,5 +44,6 @@ iface eth0 inet dhcp\n\
|
|||||||
|
|
||||||
|
|
||||||
{{- if .Luks }}
|
{{- if .Luks }}
|
||||||
RUN update-initramfs -u -v
|
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends cryptsetup-initramfs && \
|
||||||
|
update-initramfs -u -v
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
@ -6,9 +6,6 @@ RUN apt-get update -y && \
|
|||||||
DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends \
|
DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends \
|
||||||
linux-image-virtual \
|
linux-image-virtual \
|
||||||
initramfs-tools \
|
initramfs-tools \
|
||||||
{{- if .Luks }}
|
|
||||||
cryptsetup-initramfs \
|
|
||||||
{{- end }}
|
|
||||||
systemd-sysv \
|
systemd-sysv \
|
||||||
systemd \
|
systemd \
|
||||||
dbus \
|
dbus \
|
||||||
@ -45,5 +42,6 @@ iface eth0 inet dhcp\n\
|
|||||||
{{ end }}
|
{{ end }}
|
||||||
|
|
||||||
{{- if .Luks }}
|
{{- if .Luks }}
|
||||||
RUN update-initramfs -u -v
|
RUN DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends cryptsetup-initramfs && \
|
||||||
|
update-initramfs -u -v
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user