Revisions of tik
buildservice-autocommit
accepted
request 1190654
from
Richard Brown (RBrownSUSE)
(revision 101)
baserev update by copy to link target
Richard Brown (RBrownSUSE)
committed
(revision 100)
- Update to version 1.2.3: * encrypt: recoverykey is now always slot #2
Richard Brown (RBrownSUSE)
committed
(revision 99)
- Update to version 1.2.2: * encrypt: create passphrase before recoverykey to keep key slot alignment with Default Mode
Richard Brown (RBrownSUSE)
committed
(revision 98)
* mig: Actually check if /@/home mount fails (boo#1227714) * encrypt: Fix boo#1228416 by doing enrolment in correct order
Richard Brown (RBrownSUSE)
committed
(revision 97)
- Update to version 1.2.1: * mig: Actually check if /@/home mount fails (boo1227714) * encrypt: update predictions earlier also * encrypt: Do TPM enrolment earlier * encrypt: bindmnt tmp * encrypt: call sdbootutil with env * encrypt: dont remove crypt_dir * encrypt:Attempt to fix boo#1228416
buildservice-autocommit
accepted
request 1189392
from
Richard Brown (RBrownSUSE)
(revision 96)
baserev update by copy to link target
Richard Brown (RBrownSUSE)
committed
(revision 95)
Richard Brown (RBrownSUSE)
committed
(revision 94)
* Introduce systemd-repart modes, including image and self installation * Introduce encryption module
Richard Brown (RBrownSUSE)
committed
(revision 93)
- Update to version 1.2: * encrypt: actually add key for fallback mode * encrypt: show progress of final key storage * encrypt: temporarily set hostonly_cmdline=no overriding the setting from 01-dist.conf * encrypt: show different messages for Default and Fallback mode core: wipe key-file after modules mig: support and assume encrypt module * encrypt: use a key-file consistantly for smoother enrolment regardless of mode * encrypt: rework default mode to work with key-file images * encrypt: rename finalise_system to configure_encryption * use tee instead of cat for files * encrypt: enrol PCRs on firstboot * fixup * core: reread_partitiontable after deploying the image * core: reread_partitiontable after deploying the image * encrypt: restore crypttab, needed by sdbootutil * encrypt: drop cryptab, use cmdline for all luks config. use aeon_root as luks device mapper name * encrypt: add root=UUID= to cmdline, needed to update predictions * encrypt: mkinitrd with hostname_cmdline=no * encrypt: remove excess debug output, expect PCR's to be updated on firstboot * encrypt: also bind mount cgroupfs * encrypt: debug possible sdbootutil confusion regarding which bootloader is which * encrypt: remove root= defnition, dont edit cmdline * encrypt: tune root= definition * encrypt: More debugging * encrypt: Fix rootUUID call * repart: pause between retries to give the kernel a chance to clean up any weird loop device issues * encrypt: yet another attempt to fix dracut * encrypt: hostonly_cmdline=no for dracut * encrypt: introduce pre/15-encrypt to check TPM and notify users * encrypt: only make mountpoint if its needed * encrypt: post/10-encrypt to post/15-encrypt * encrypt: remove resolved debug output, add new PCR policy and justification * encrypt: More verbose logging, progress, and more robust sdbootutil calls * dump_image_repart_image: retry a few times to cover systemd-repart not always detecting the root partition first time * encrypt: crypttab noauto for / as it's mounted earlier already * encrypt: restore recovery key use * core: run reboot/shutdown with elevated privs * encrypt: debug crypttab editing * tik: reboot and shutdown quicker * repart_image: Dont bother checking the image, if it works, it works * encrypt: only use UUID of crypt container, ignore children * encrypt: more debugging broken initrd generation * dump_repart*: avoid piping from privileged commands and losing error conditions as a result * encrypt: redirect debug output to logs * dump_image_repart: pause after dissection * encrypt: tune up progress bars, and add some nasty debug checks * encrypt: remove spurious dd call * encrypt: monitor progress via pipe * encrypt: remove progress for now, subshell causes issues * encrypt: Show meaningful progress * encrypt: setup crypttab using UUID * encrypt: set_boot_target during encryption finalisation, don't run again after * core: set efibootorder before modules, EFI vars are correct for encryption * probe_partitions: correct variable used for mounting part to probe * encrypt: mount/unmount securityfs and efivars so PCR generation works * set_boot_target: probe for ESP rather than have fixed partition number * encrypt: improve logging, correct cryptab for tpm2 * dump_image: improve logging of various dump_image_ functions * encrypt: correct crypto_LUKS typo * probepartitions: tune up behaviour to better support file-less probing * encrypt: rework to benefit from new systemd-repart core * probe_partitions: only mount if we're trying to find a file * Check for tpm 2.0 | Make systemd-repart flow more robust * tik: dump_image_repart: use images instead of bundles * tik: dump_image: support systemd-repart bundles and self installation in addition to dd * tik: get_img: support detecting systemd-repart bundles and falling back to systemd-repart self-deploying
buildservice-autocommit
accepted
request 1185112
from
Richard Brown (RBrownSUSE)
(revision 92)
baserev update by copy to link target
Richard Brown (RBrownSUSE)
committed
(revision 91)
- Update to version 1.1.10: * mig: Handle failure of mounting /@/home subvolume [boo#1227339] * Update readme for upcoming v1.2 features * Make probe_partitions a core tik-function
buildservice-autocommit
accepted
request 1181742
from
Richard Brown (RBrownSUSE)
(revision 90)
baserev update by copy to link target
Richard Brown (RBrownSUSE)
committed
(revision 89)
- Update to version 1.1.9: * Fix indentations * Add support for migrating fprint fingerprints
buildservice-autocommit
accepted
request 1181341
from
Richard Brown (RBrownSUSE)
(revision 88)
baserev update by copy to link target
Richard Brown (RBrownSUSE)
committed
(revision 87)
- Update to version 1.1.8: * Error message UEFI instead of EFI * Refined error message. Tested with UEFI system with inverted check. * initial implementation. Not tested yet. * Moved log message so it won't display multiple times. * Edited log message to reflect upower output * Fixed code indenting * Get rid of unneeded global variable and moved it locally. * Changed all tab indents to 4 spaces because it started to look strange on gitlab * Converted code to use upower instead of straight bash. * Bug in the previous Pull request would cause an infinite loop because the BAT* wildcard would follow symlinks recursively. This change would fix that bug using grep -r which would skip recursive symlinks. * Revert "Added condition to check batteries for charging state"
Richard Brown (RBrownSUSE)
committed
(revision 86)
- Update to version 1.1.7: * crypt: tidy up unmounts
Richard Brown (RBrownSUSE)
committed
(revision 85)
- Update to version 1.1.6: * crypt: resize partitions before encrypting them. minor bugfixes
Richard Brown (RBrownSUSE)
committed
(revision 84)
- Update to version 1.1.5: * crypt: mount /var
Richard Brown (RBrownSUSE)
committed
(revision 83)
- Update to version 1.1.4: * crypt: fix btrfs repair after resize
Richard Brown (RBrownSUSE)
committed
(revision 82)
- Update to version 1.1.3: * crypt: bugfixes and workflow tuneups
Displaying revisions 1 - 20 of 101