Merge branch 'findrootcrypt' into 'master'

Improve support for booting a linux system installed on the disk

See merge request fdupoux/sysresccd-src!49

ChangeLog

@@ -4,7 +4,7 @@ SystemRescueCd ChangeLog
 -------------------------------------------------------------------------------
 6.1.4 (YYYY-MM-DD):
 -------------------------------------------------------------------------------
-* Added an option in the boot menu to start from a Linux OS installed on the disk
+* Added an entry in the boot menu to start from a Linux OS installed on the disk
 
 -------------------------------------------------------------------------------
 6.1.3 (2020-04-18):

airootfs/etc/initcpio/hooks/findroot

@@ -1,15 +1,45 @@
 run_hook() {
     grep -q 'findroot' /proc/cmdline || return
 
+    # Initialisation
     local newroot="/new_root"
     local rootdev=""
+    local rootcount=0
+    local menuchoices=""
+    modprobe -a -q dm-crypt >/dev/null 2>&1
     echo "Searching for block devices ..."
+    sleep 2
+
+    # Prepare access to luks encrypted block devices
+    local cryptdev="$(blkid -t TYPE='crypto_LUKS' -o device)"
+    for curdev in ${cryptdev}
+    do
+        if cryptsetup isLuks ${curdev} >/dev/null 2>&1
+        then
+            echo "A passphrase is required to access device ${curdev}:"
+            local cryptname="${curdev##*/}"
+            local cryptargs=""
+            while ! eval cryptsetup open --type luks ${curdev} ${cryptname} ${cryptargs}
+            do
+                sleep 2;
+            done
+            if [ ! -e "/dev/mapper/${cryptname}" ]
+            then
+                err "Password succeeded but ${cryptname} creation failed, aborting..."
+                launch_interactive_shell --exec
+            fi
+            echo "Have successfully prepared access to encrypted device ${curdev}"
+        fi
+    done
+
+    # Show list of accessible block devices
     echo "====================================================================="
-    /usr/bin/lsblk --list --paths  --output=name,fssize,fstype,label,uuid
+    lsblk --list --paths --output=name,size,fstype,label
     echo "====================================================================="
     sleep 5
 
-    local devlist=$(/usr/bin/lsblk --list --noheadings --paths  --output=name)
+    # Attempt to find a filesystem which contains /sbin/init
+    local devlist=$(lsblk --list --noheadings --paths --output=name)
     for curdev in ${devlist}
     do
         echo "Checking for ${init} on device ${curdev} ..."
@@ -18,26 +48,41 @@ run_hook() {
             if test -x ${newroot}/${init}
             then
                 echo "Found ${init} on device ${curdev}"
-                rootdev="${curdev}"
-                break
+                rootcount=$((rootcount + 1))
+                menuchoices="${menuchoices} ${curdev} ${curdev}"
             fi
             umount ${newroot}
         fi
     done
-    if [ -z ${rootdev} ]
+
+    # Fail if no root filesystem has been found
+    if [ ${rootcount} -eq 0 ]
     then
         err "Failed to find ${init} on any block device, cannot continue"
         launch_interactive_shell --exec
     fi
-    echo "Remounting device ${rootdev} in read-write mode ..."
-    if ! mount -o remount,rw ${rootdev} ${newroot}
+
+    # Get the user to select the device from which to start
+    rootdev=$(whiptail --nocancel --title "Boot Linux OS from the disk" \
+                       --fb --menu "From which device do you want to boot ?" \
+                       --noitem 15 60 4 ${menuchoices} 3>&1 1>&2 2>&3)
+
+    # Make sure the choice is a valid block device
+    if ! lsblk --nodeps ${rootdev} >/dev/null 2>/dev/null
     then
-        err "Failed to remount ${rootdev} in read-only mode"
+        err "Choice ${rootdev} is not a valid block device"
+        launch_interactive_shell --exec
+    fi
+
+    read -p "Press enter to boot from ${rootdev}"
+
+    echo "Mounting device ${rootdev} ..."
+    if ! mount ${rootdev} ${newroot}
+    then
+        err "Failed to mount ${rootdev} in read-write mode"
         launch_interactive_shell --exec
     fi
 
-    echo "About to boot from ${rootdev} ..."
-    sleep 15
     rdlogger_stop
     exec env -i "TERM=$TERM" /usr/bin/switch_root ${newroot} ${init} "$@"
 }

airootfs/etc/initcpio/install/findroot

@@ -1,7 +1,17 @@
 #!/bin/bash
 
 build() {
-    add_binary "/usr/bin/lsblk" "/usr/bin/lsblk"
+    add_module "dm-crypt"
+    add_module "dm-integrity"
+    add_all_modules "/crypto/"
+
+    add_binary "lsblk"
+    add_binary "whiptail"
+    add_binary "cryptsetup"
+    add_binary "dmsetup"
+
+    # cryptsetup calls pthread_create(), which dlopen()s libgcc_s.so.1
+    add_binary "/usr/lib/libgcc_s.so.1"
 
     add_runscript
 }

syslinux/sysresccd_sys.cfg

@@ -31,7 +31,7 @@ LABEL sysresccd_findroot
 TEXT HELP
 Boot from a Linux operating system installed on the disk
 ENDTEXT
-MENU LABEL Automatically detect any installed Linux system on disk and start it
+MENU LABEL Boot from a Linux operating system installed on the disk
 LINUX boot/%ISO_ARCH%/vmlinuz
 INITRD boot/intel_ucode.img,boot/amd_ucode.img,boot/%ISO_ARCH%/sysresccd.img
 APPEND archisobasedir=%INSTALL_DIR% archisolabel=%ARCHISO_LABEL% findroot