Overview

File sedutil-pba.pl of Package sedutil

#!/usr/bin/perl
# 
# PreBoot Authentication Image Creator for
# Unlocking Self Encrypting Drive
#

use strict;
use warnings;

use File::Path qw(make_path remove_tree);
use File::Temp qw(tempdir);
use File::Copy qw(copy);

die "no sedutil module for dracut, stopped" unless (`dracut --list-modules 2>/dev/null` =~ /\bsedutil\b/);

my $kver = `uname -r`;
chomp $kver;
my $scratch = tempdir('mkpba-XXXXX') or die "$!, stopped";
my $bdir = "boot";
my $gdir = "$bdir/grub";
my $initrd = "initrd-$kver";
my $kern = "vmlinuz-$kver";
my $cfg = "grub.cfg";
my $iso = "linuxpba-$kver.iso";
my $rescue = "sedutil-rescue-$kver.iso";
my $keep = 0;

make_path("$scratch/$bdir", "$scratch/$gdir", {verbose => 1}) == 2
  or die "$!, stopped";

system ("dracut", "--force", "-m", "sedutil base", "$scratch/$bdir/$initrd") == 0
  or die "stopped";

copy("/$bdir/$kern", "$scratch/$bdir")
  or die "$!, stopped";

open(CFG, ">", "$scratch/$gdir/$cfg")
  or die "$!, stopped";

print CFG <<"END";
set gfxpayload=keep

ext=""
if [ x\$grub_platform = xefi ]; then
  ext=efi
fi

echo 'Loading Linux $kver ...'
linux\$ext /$bdir/$kern libata.allow_tpm=1 quiet rd.hostonly=0 linuxpba
echo 'Loading sedutilpba-$kver.img ...'
initrd\$ext /$bdir/$initrd
echo 'Boot ...'
boot
END

close(CFG);

system ("grub2-script-check", "--verbose", "$scratch/$gdir/$cfg") == 0
  or die "stopped";

system ("grub2-mkrescue", "-o", $iso, $scratch) == 0
  or die "stopped";

system ("dracut", "--force", "-m", "sedutil base", "--include", "./$iso", "/$iso", "$scratch/$bdir/$initrd") == 0
  or die "stopped";

open(CFG, ">", "$scratch/$gdir/$cfg")
  or die "$!, stopped";

print CFG <<"END";
set gfxpayload=keep

ext=""
if [ x\$grub_platform = xefi ]; then
  ext=efi
fi

echo 'Loading Linux $kver ...'
linux\$ext /$bdir/$kern libata.allow_tpm=1 quiet rd.hostonly=0 rd.break=cmdline
echo 'Loading sedutilpba-$kver.img ...'
initrd\$ext /$bdir/$initrd
echo 'Boot ...'
boot
END

close(CFG);

system ("grub2-script-check", "--verbose", "$scratch/$gdir/$cfg") == 0
  or die "stopped";

system ("grub2-mkrescue", "-o", $rescue, $scratch) == 0
  or die "stopped";

remove_tree($scratch, {verbose => 1}) unless ($keep);
openSUSE Build Service is sponsored by
Places