diff options
| author | David Lehman <dlehman@redhat.com> | 2008-03-26 13:46:16 -0500 |
|---|---|---|
| committer | David Lehman <dlehman@redhat.com> | 2008-03-28 11:14:39 -0500 |
| commit | 959d2a65fba2410e365c018fcfebf1eea9463bd3 (patch) | |
| tree | 634a9a736110620d31628322c76c33d9a93e6f0b /iw | |
| parent | 37ac28ff3109f307311d595172714588501ee33b (diff) | |
| download | anaconda-959d2a65fba2410e365c018fcfebf1eea9463bd3.tar.gz anaconda-959d2a65fba2410e365c018fcfebf1eea9463bd3.tar.xz anaconda-959d2a65fba2410e365c018fcfebf1eea9463bd3.zip | |
Partitioning UI for handling of preexisting encrypted devices.
Basic rules are the same for partitions, LVs, RAID devices:
- Existing LUKS headers can only be removed if the device is being formatted.
- You can create a new filesystem on the device and retain the preexisting
LUKS header.
- You can add a LUKS header to a non-encrypted preexisting device only if
creating a new filesystem on the device.
- We prompt for passphrase only for non-preexisting LUKS headers, meaning
those that existed when we read the disk layout initially. We do not support
adding or changing passphrases for preexisting encrypted devices.
Diffstat (limited to 'iw')
| -rw-r--r-- | iw/lvm_dialog_gui.py | 8 | ||||
| -rw-r--r-- | iw/partition_dialog_gui.py | 32 | ||||
| -rw-r--r-- | iw/partition_ui_helpers_gui.py | 7 | ||||
| -rw-r--r-- | iw/raid_dialog_gui.py | 23 |
4 files changed, 40 insertions, 30 deletions
diff --git a/iw/lvm_dialog_gui.py b/iw/lvm_dialog_gui.py index 8bbb4a506..84e83a92d 100644 --- a/iw/lvm_dialog_gui.py +++ b/iw/lvm_dialog_gui.py @@ -615,6 +615,7 @@ class VolumeGroupEditor: # create potential request request = copy.copy(logrequest) + request.encryption = copy.deepcopy(logrequest.encryption) pesize = int(self.peCombo.get_active_value()) size = lvm.clampLVSizeRequest(size, pesize, roundup=1) @@ -659,11 +660,14 @@ class VolumeGroupEditor: else: passphrase = "" - passphrase = self.intf.getLuksPassphrase(passphrase) + if not request.encryption or request.encryption.format: + passphrase = self.intf.getLuksPassphrase(passphrase) - if passphrase: + if passphrase and not request.encryption: request.encryption = LUKSDevice(passphrase=passphrase, format=1) + elif passphrase and request.encryption.format: + request.encryption.setPassphrase(passphrase) else: request.encryption = None diff --git a/iw/partition_dialog_gui.py b/iw/partition_dialog_gui.py index a38448ed2..7e1c8e118 100644 --- a/iw/partition_dialog_gui.py +++ b/iw/partition_dialog_gui.py @@ -141,13 +141,15 @@ class PartitionEditor: passphrase = request.encryption.passphrase else: passphrase = "" - passphrase = self.intf.getLuksPassphrase(passphrase) + + if not request.encryption or request.encryption.format: + passphrase = self.intf.getLuksPassphrase(passphrase) + if passphrase and not request.encryption: request.encryption = LUKSDevice(passphrase=passphrase, format=1) - elif passphrase: + elif passphrase and request.encryption.format: request.encryption.setPassphrase(passphrase) - request.encryption.format = 1 else: request.encryption = None @@ -212,6 +214,7 @@ class PartitionEditor: else: # preexisting partition, just set mount point and format flag request = copy.copy(self.origrequest) + request.encryption = copy.deepcopy(self.origrequest.encryption) if self.fsoptionsDict.has_key("formatcb"): request.format = self.fsoptionsDict["formatcb"].get_active() @@ -243,23 +246,21 @@ class PartitionEditor: else: request.mountpoint = None - if self.fsoptionsDict.has_key("lukscb"): - lukscb = self.fsoptionsDict["lukscb"] - else: - lukscb = None - - if request.format and lukscb and lukscb.get_active(): + lukscb = self.fsoptionsDict.get("lukscb") + if lukscb and lukscb.get_active(): if request.encryption: passphrase = request.encryption.passphrase else: passphrase = "" - passphrase = self.intf.getLuksPassphrase(passphrase) + + if not request.encryption or request.encryption.format: + passphrase = self.intf.getLuksPassphrase(passphrase) + if passphrase and not request.encryption: request.encryption = LUKSDevice(passphrase=passphrase, format=1) - elif passphrase: + elif passphrase and request.encryption.format: request.encryption.setPassphrase(passphrase) - request.encryption.format = 1 else: request.encryption = None @@ -331,8 +332,6 @@ class PartitionEditor: lbl = createAlignedLabel(_("File System _Type:")) maintable.attach(lbl, 0, 1, row, row + 1) - self.lukscb = gtk.CheckButton(_("_Encrypt")) - self.lukscb.set_data("formatstate", 1) self.newfstypeCombo = createFSTypeMenu(self.origrequest.fstype, fstypechangeCB, self.mountCombo, @@ -485,14 +484,15 @@ class PartitionEditor: # checkbutton for encryption using dm-crypt/LUKS if self.origrequest.type == REQUEST_NEW: + self.lukscb = gtk.CheckButton(_("_Encrypt")) + self.lukscb.set_data("formatstate", 1) + if self.origrequest.encryption: self.lukscb.set_active(1) else: self.lukscb.set_active(0) maintable.attach(self.lukscb, 0, 2, row, row + 1) row = row + 1 - else: - self.lukscb = None # put main table into dialog self.dialog.vbox.pack_start(maintable) diff --git a/iw/partition_ui_helpers_gui.py b/iw/partition_ui_helpers_gui.py index 210c93902..bc5960469 100644 --- a/iw/partition_ui_helpers_gui.py +++ b/iw/partition_ui_helpers_gui.py @@ -240,7 +240,8 @@ def formatOptionCB(widget, data): if lukscb is not None: lukscb.set_data("formatstate", widget.get_active()) if not widget.get_active(): - lukscb.set_active(0) + # set "Encrypt" checkbutton to match partition's initial state + lukscb.set_active(lukscb.get_data("encrypted")) lukscb.set_sensitive(0) else: lukscb.set_sensitive(1) @@ -354,9 +355,9 @@ def createPreExistFSOptionSection(origrequest, maintable, row, mountCombo, formatcb.connect("toggled", formatOptionResizeCB, resizesb) - if origrequest.encryption and formatcb.get_active(): - # probably never happen + if origrequest.encryption: lukscb.set_active(1) + lukscb.set_data("encrypted", 1) lukscb.set_sensitive(formatcb.get_active()) lukscb.set_data("formatstate", formatcb.get_active()) diff --git a/iw/raid_dialog_gui.py b/iw/raid_dialog_gui.py index a30624ed7..d62e368fd 100644 --- a/iw/raid_dialog_gui.py +++ b/iw/raid_dialog_gui.py @@ -146,6 +146,7 @@ class RaidEditor: # read out UI into a partition specification request = copy.copy(self.origrequest) + request.encryption = copy.deepcopy(self.origrequest.encryption) # doesn't make sense for RAID device if not self.origrequest.getPreExisting(): @@ -193,13 +194,15 @@ class RaidEditor: passphrase = request.encryption.passphrase else: passphrase = "" - passphrase = self.intf.getLuksPassphrase(passphrase) + + if not request.encryption or request.encryption.format: + passphrase = self.intf.getLuksPassphrase(passphrase) + if passphrase and not request.encryption: request.encryption = LUKSDevice(passphrase=passphrase, format=1) - elif passphrase: - request.encryption.setPassphrase(passphrase) - request.encryption.format = 1 + elif passphrase and request.encryption.format: + request.setPassphrase(passphrase) else: request.encryption = None else: @@ -228,18 +231,20 @@ class RaidEditor: request.mountpoint = None lukscb = self.fsoptionsDict.get("lukscb") - if request.format and lukscb and lukscb.get_active(): + if lukscb and lukscb.get_active(): if request.encryption: passphrase = request.encryption.passphrase else: passphrase = "" - passphrase = self.intf.getLuksPassphrase(passphrase) + + if not request.encryption or request.encryption.format: + passphrase = self.intf.getLuksPassphrase(passphrase) + if passphrase and not request.encryption: request.encryption = LUKSDevice(passphrase=passphrase, format=1) - elif passphrase: - request.encryption.setPassphrase(passphrase) - request.encryption.format = 1 + elif passphrase and request.encryption.format: + request.setPassphrase(passphrase) else: request.encryption = None |