summary refs log tree commit diff
path: root/gnu/installer
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/installer')
-rw-r--r--gnu/installer/newt/partition.scm8
-rw-r--r--gnu/installer/newt/services.scm6
-rw-r--r--gnu/installer/parted.scm20
-rw-r--r--gnu/installer/tests.scm4
-rw-r--r--gnu/installer/user.scm18
-rw-r--r--gnu/installer/utils.scm19
6 files changed, 48 insertions, 27 deletions
diff --git a/gnu/installer/newt/partition.scm b/gnu/installer/newt/partition.scm
index e7a97810ac..2adb4922b4 100644
--- a/gnu/installer/newt/partition.scm
+++ b/gnu/installer/newt/partition.scm
@@ -188,7 +188,7 @@ encryption of partition ~a (label: ~a).") file-name crypt-label)
                    (if (string=? password confirmation)
                        (user-partition
                         (inherit user-part)
-                        (crypt-password password))
+                        (crypt-password (make-secret password)))
                        (begin
                          (run-error-page
                           (G_ "Password mismatch, please try again.")
@@ -795,13 +795,13 @@ by pressing the Exit button.~%~%")))
          (user-partitions (run-page eligible-devices))
          (user-partitions-with-pass (prompt-luks-passwords
                                      user-partitions))
-         (form (draw-formatting-page user-partitions)))
+         (form (draw-formatting-page user-partitions-with-pass)))
     ;; Make sure the disks are not in use before proceeding to formatting.
     (free-parted eligible-devices)
     (format-user-partitions user-partitions-with-pass)
     (installer-log-line "formatted ~a user partitions"
             (length user-partitions-with-pass))
-    (installer-log-line "user-partitions: ~a" user-partitions)
+    (installer-log-line "user-partitions: ~a" user-partitions-with-pass)
 
     (destroy-form-and-pop form)
-    user-partitions))
+    user-partitions-with-pass))
diff --git a/gnu/installer/newt/services.scm b/gnu/installer/newt/services.scm
index 9951ad2212..b22024602c 100644
--- a/gnu/installer/newt/services.scm
+++ b/gnu/installer/newt/services.scm
@@ -99,10 +99,8 @@ non-graphical system.")
       #:item->text (compose G_ system-service-name)
       #:checkbox-tree-height 5
       #:exit-button-callback-procedure
-      (lambda ()
-        (raise
-          (condition
-            (&installer-step-abort)))))))
+      (lambda _
+        (abort-to-prompt 'installer-step 'abort)))))
 
 (define (run-network-management-page)
   "Run a page to select among several network management methods."
diff --git a/gnu/installer/parted.scm b/gnu/installer/parted.scm
index 84fdbe24fb..fcc936a391 100644
--- a/gnu/installer/parted.scm
+++ b/gnu/installer/parted.scm
@@ -148,7 +148,7 @@
                         (default #f))
   (crypt-label          user-partition-crypt-label
                         (default #f))
-  (crypt-password       user-partition-crypt-password
+  (crypt-password       user-partition-crypt-password ; <secret>
                         (default #f))
   (fs-type              user-partition-fs-type
                         (default 'ext4))
@@ -1183,7 +1183,7 @@ USER-PARTITION if it is encrypted, or the plain file-name otherwise."
   "Format and open the encrypted partition pointed by USER-PARTITION."
   (let* ((file-name (user-partition-file-name user-partition))
          (label (user-partition-crypt-label user-partition))
-         (password (user-partition-crypt-password user-partition)))
+         (password (secret-content (user-partition-crypt-password user-partition))))
     (call-with-luks-key-file
      password
      (lambda (key-file)
@@ -1194,6 +1194,20 @@ USER-PARTITION if it is encrypted, or the plain file-name otherwise."
        ((run-command-in-installer) "cryptsetup" "open" "--type" "luks"
         "--key-file" key-file file-name label)))))
 
+(define (luks-ensure-open user-partition)
+  "Ensure partition pointed by USER-PARTITION is opened."
+  (unless (file-exists? (user-partition-upper-file-name user-partition))
+    (let* ((file-name (user-partition-file-name user-partition))
+           (label (user-partition-crypt-label user-partition))
+           (password (secret-content (user-partition-crypt-password user-partition))))
+      (call-with-luks-key-file
+       password
+       (lambda (key-file)
+         (installer-log-line "opening LUKS entry ~s at ~s"
+                             label file-name)
+         ((run-command-in-installer) "cryptsetup" "open" "--type" "luks"
+          "--key-file" key-file file-name label))))))
+
 (define (luks-close user-partition)
   "Close the encrypted partition pointed by USER-PARTITION."
   (let ((label (user-partition-crypt-label user-partition)))
@@ -1278,6 +1292,8 @@ respective mount-points."
                         (user-fs-type->mount-type fs-type))
                        (file-name
                         (user-partition-upper-file-name user-partition)))
+                  (when crypt-label
+                    (luks-ensure-open user-partition))
                   (mkdir-p target)
                   (installer-log-line "mounting ~s on ~s" file-name target)
                   (mount file-name target mount-type)))
diff --git a/gnu/installer/tests.scm b/gnu/installer/tests.scm
index 3c049a1c85..8785cd9a9f 100644
--- a/gnu/installer/tests.scm
+++ b/gnu/installer/tests.scm
@@ -280,6 +280,10 @@ instrumented for further testing."
        exp)))
 
   (let ((content (call-with-input-file file read-expressions)))
+    ;; XXX: Remove the file before re-writing it, to be sure there are no
+    ;; leftovers.  We shouldn't have to do that as CALL-WITH-OUTPUT-FILE uses
+    ;; the O_TRUNC flag by default.
+    (delete-file file)
     (call-with-output-file file
       (lambda (port)
         (format port "\
diff --git a/gnu/installer/user.scm b/gnu/installer/user.scm
index 224040530c..2866e4520f 100644
--- a/gnu/installer/user.scm
+++ b/gnu/installer/user.scm
@@ -17,17 +17,13 @@
 ;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
 
 (define-module (gnu installer user)
+  #:use-module (gnu installer utils)
   #:use-module (guix records)
   #:use-module (guix read-print)
   #:use-module (srfi srfi-1)
   #:use-module (srfi srfi-9)
   #:use-module (srfi srfi-9 gnu)
-  #:export (<secret>
-            secret?
-            make-secret
-            secret-content
-
-            <user>
+  #:export (<user>
             user
             make-user
             user-name
@@ -38,16 +34,6 @@
 
             users->configuration))
 
-(define-record-type <secret>
-  (make-secret content)
-  secret?
-  (content secret-content))
-
-(set-record-type-printer!
- <secret>
- (lambda (secret port)
-   (format port "<secret>")))
-
 (define-record-type* <user>
   user make-user
   user?
diff --git a/gnu/installer/utils.scm b/gnu/installer/utils.scm
index fb62fb8896..5fd2e2d425 100644
--- a/gnu/installer/utils.scm
+++ b/gnu/installer/utils.scm
@@ -23,6 +23,8 @@
   #:use-module (guix build utils)
   #:use-module (guix i18n)
   #:use-module (srfi srfi-1)
+  #:use-module (srfi srfi-9)
+  #:use-module (srfi srfi-9 gnu)
   #:use-module (srfi srfi-19)
   #:use-module (srfi srfi-34)
   #:use-module (srfi srfi-35)
@@ -33,7 +35,12 @@
   #:use-module (ice-9 regex)
   #:use-module (ice-9 format)
   #:use-module (ice-9 textual-ports)
-  #:export (read-lines
+  #:export (<secret>
+            secret?
+            make-secret
+            secret-content
+
+            read-lines
             read-all
             nearest-exact-integer
             read-percentage
@@ -58,6 +65,16 @@
 
             with-silent-shepherd))
 
+(define-record-type <secret>
+  (make-secret content)
+  secret?
+  (content secret-content))
+
+(set-record-type-printer!
+ <secret>
+ (lambda (secret port)
+   (format port "<secret>")))
+
 (define* (read-lines #:optional (port (current-input-port)))
   "Read lines from PORT and return them as a list."
   (let loop ((line (read-line port))
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-12-05 03:02:35 +0000