diff options
| author | David Lehman <dlehman@redhat.com> | 2009-03-03 20:12:59 -0600 |
|---|---|---|
| committer | David Lehman <dlehman@redhat.com> | 2009-03-03 20:12:59 -0600 |
| commit | c3e1cf577ec3caf2dca1c536ec0b1e8e25edb222 (patch) | |
| tree | 5b8cbd3cff96cb678647efa6a8de091308ada894 | |
| parent | df6752a52a26f0ffdf0a0d4ad14653f1660cec45 (diff) | |
| download | anaconda-c3e1cf577ec3caf2dca1c536ec0b1e8e25edb222.tar.gz anaconda-c3e1cf577ec3caf2dca1c536ec0b1e8e25edb222.tar.xz anaconda-c3e1cf577ec3caf2dca1c536ec0b1e8e25edb222.zip | |
Add passphrase entry machinery for encrypted devices.
| -rw-r--r-- | storage/__init__.py | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/storage/__init__.py b/storage/__init__.py index 575ecd16f..11e29d562 100644 --- a/storage/__init__.py +++ b/storage/__init__.py @@ -74,6 +74,41 @@ def storageComplete(anaconda): sys.exit(0) return DISPATCH_FORWARD + devs = anaconda.id.storage.devicetree.getDevicesByType("luks/dm-crypt") + existing_luks = False + new_luks = False + for dev in devs: + if dev.exists: + existing_luks = True + break + if (anaconda.id.storage.encryptedAutoPart or new_luks) and \ + not anaconda.id.storage.encryptionPassphrase: + while True: + (passphrase, retrofit) = anaconda.intf.getLuksPassphrase(preexist=existing_luks) + if passphrase: + anaconda.id.storage.encryptionPassphrase = passphrase + anaconda.id.storage.retrofitPassphrase = retrofit + for dev in anaconda.id.storage.devices: + if dev.format.type == "luks" and not dev.format.exists: + dev.format.passphrase = passphrase + break + else: + rc = anaconda.intf.messageWindow(_("Encrypt device?"), + _("You specified block device encryption " + "should be enabled, but you have not " + "supplied a passphrase. If you do not " + "go back and provide a passphrase, " + "block device encryption will be " + "disabled."), + type="custom", + custom_buttons=[_("Back"), _("Continue")], + default=0) + if rc == 1: + log.info("user elected to not encrypt any devices.") + undoEncryption(anaconda.id.storage) + anaconda.id.storage.encryptedAutoPart = False + break + if anaconda.isKickstart: return @@ -89,6 +124,17 @@ def storageComplete(anaconda): if rc == 0: return DISPATCH_BACK +def undoEncryption(storage): + for device in storage.devicetree.getDevicesByType("luks/dm-crypt"): + if device.exists: + continue + + slave = device.slave + format = device.format + storage.devicetree.registerAction(ActionDestroyFormat(device)) + storage.devicetree.registerAction(ActionDestroyDevice(device)) + storage.devicetree.registerAction(ActionDestroyFormat(slave)) + storage.devicetree.registerAction(ActionCreateFormat(slave, format)) class Storage(object): def __init__(self, anaconda): |