#!/bin/sh # Simple partitioning shell script. # Copyright © 2013 Guilhem Moulin # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . set -ue . /lib/fripost-partman/base.sh # Wipe the disk device=/dev/sda fripost_wipe $device db_get fripost/encrypt encrypt=$RET # Create a disk label /sbin/parted -s $device mklabel gpt log "Created disklabel GPT for device $device" # Create a EFI partition if needed; otherwise, create a partition needed # to put GRUB on GPT disklabels. if [ -d /proc/efi -o -d /sys/firmware/efi ]; then part_efi=$( fripost_mkpart $device efi 256M +boot ) else fripost_mkpart $device bios_grub 8M +bios_grub fi db_set grub-installer/bootdev $device db_fset grub-installer/bootdev seen true # Create boot and system partitions part_boot=$( fripost_mkpart $device boot 64M ) part_system=$( fripost_mkpart $device system 100% ) /sbin/parted -s $device align-check opt ${part_system#$device} \ || fatal "$part_system is not aligned" if [ $encrypt = true ]; then # Encrypt the system partition. We choose the key length and digest # depending on the architecture we're on; we use AES128 and SHA-256 # on 32-bits platforms, and AES256 and SHA-512 on 64-bits platforms. arch=$(uname -m) if [ "$arch" = x86_64 ]; then keysize=256 hash=sha512 elif [ "$arch" = i386 -o "$arch" = i686 ]; then keysize=128 hash=sha256 fi # Note: XTS requires the key size to be doubled. fripost_encrypt $part_system system_crypt \ --cipher aes-xts-plain64 --key-size $(( $keysize * 2 )) --hash $hash \ --iter-time 5000 --use-random part_system=/dev/mapper/system_crypt fi # Ensure LVM2 is installed in the target chroot; create logical volumes # for /, swap and /home. apt-install lvm2 || true vg=$(hostname) pvcreate -ff -y $part_system vgcreate $vg $part_system lvcreate -L 5G -n root $vg lvcreate -L 1G -n swap $vg lvcreate -l 100%FREE -n home $vg vgchange -ay $vg # Format the partitions fripost_mkfs ext2 $part_boot -E resize=512M -m1 -b 4096 fripost_mkfs ext4 /dev/$vg/root -b 4096 fripost_mkfs ext4 /dev/$vg/home -b 4096 mkswap /dev/$vg/swap # Stuff the fstab and mount the devices in the target fripost_fstab $part_boot /boot ext2 noatime fripost_fstab /dev/$vg/root / ext4 noatime,errors=remount-ro fripost_fstab /dev/$vg/swap none swap sw fripost_fstab /dev/$vg/home /home ext4 noatime fripost_mount_partitions # TODO: EFI: format, add to fstab, how to populate?