discover/grub2: Allow to separate the --id argument using a space char The GRUB menuentry command allows to separate the arguments for options using either a '=' or a ' '. The latter is the convention used when the menu entries are defined in the GRUB config file, but this is currently not supported by Petitboot. Add tests to cover both using '--id=foo' and '--id foo' as options. Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/grub2: Allow using title for default even if id was defined A default menu entry can be chosen using any of the following attributes: index, title or id (if the entry was defined with the --id option). But Petitboot doesn't honor this correctly and only compares the default with the menu entry title if the entry doesn't have an id defined. This is wrong since an index or title can be used even if an id was defined. This issue wasn't covered by the test that sets a default using a title because the menu entries didn't have an id defined. Add an id to them. Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
doc: Start writing some in-tree documentation Use sphinx-docs to start adding some proper in-tree documentation that will be easy to generate and display. Documentation exists in various places around the internet but there isn't a consolidated, up-to-date source. This starts to sketch out the framework for a good central source of documentation. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Various fixups and checks to make scan-build happy Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
utils/pb-console: Use -m to run shell in own process group Use -m to have the shell spawned by pb-console run it its own process group, allowing commands such as Ctrl-C (SIGINT) to behave as expected rather than killing the shell. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/ncurses: Add prompt for LUKS device password Implement device_add() in cui_client_ops and use this interface to recognise when the server notifies the client of an encrypted device. A "device header" will be created for this device and added to the menu with no associated boot options. The nc-auth prompt is extended to ask for a disk password when the device header for an encrypted device is selected. Assuming the password is correct pb-discover will remove the original device and notify the client about the newly opened device, which will be reflected in the menu. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover: Recognise and open LUKS encrypted partitions Handle devices encrypted with LUKS and call cryptsetup to open them if a client sends the associated password. If a new device has the "crypto_LUKS" filesystem type it is marked as a LUKS device and sent to clients but further discovery is not performed. Once a client sends the device's password cryptsetup is called to open it. The opened device will appear separately, so the source device is "forgotten" at this point and then the newly opened device is treated as a normal partition. On destruction the device is "closed" with cryptsetup so that discovery can start from the beginning. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
lib: Add AUTH_MSG_DECRYPT Extend the auth_message struct to support the AUTH_MSG_DECRYPT operation, allowing the existing authentications methods to be used for passing a disk password from the UI to pb-discover. In addition add DEVICE_TYPE_LUKS to identify encrypted disk devices. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
lib/process: Add option to pipe to process stdin If pipe_stdin exists, create a second pipe to write to the child process's STDIN. This allows Petitboot to pipe information to a process, for example piping a LUKS password to cryptsetup. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
utils/pb-console: Trap SIGTERM on boot On kexec all processes will be sent a SIGTERM and SIGKILL. By default there are messages on the console alerting the user to this, however in some implementations these messages are disabled. This can have the effect of the UI seemingly exiting to the shell on boot and hanging for a short while before the kexec actually jumps into the next kernel. Trap the SIGTERM sent to the pb-console parent process and print a short message to the screen instead of momentarily dropping to the shell and printing the usual help messages. While here also cleanup the shell help messages below which are now handled in the shell's .shrc file. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
version.sh: Include leading 'v' from git describe For some reason our version script removes the leading 'v' from the git tag. This confuses some other tools such as Buildroot and is different to most other projects, so include it again. Additionally now that we have tagged releases just use git describe rather than using a SHA and date to describe non-tag commits. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
lib/url: Include port in pb_url_to_string() And include a pxe-parser test which uses a port in the path prefix to exercise this. This could cause PXE discovery failures if parameters such as pathprefix included a port in the URL. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/devmapper: Retry dm-device remove if busy Buildroot's libdm is not built with --enable-udev_sync, so device-mapper actions are not able to sync or wait for udev events. (see 185676316, "discover/devmapper: Disable libdm udev sync support") This can cause an issue when tearing down a snapshot in devmapper_destroy_snapshot() which performs a DM_DEVICE_REMOVE task against the snapshot, origin, and base devices one after the other. In some cases if the interval between these actions is too short the action can fail as the preceding device hasn't disappeared yet and the device being removed is still busy. Since we don't yet have a way to tell exactly when the device is ready, pause for a short time and retry the action, letting devmapper_destroy_snapshot() continue and, for example, letting mount_device() fall back to the physical device. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/ncurses: Add option to clear IPMI boot mailbox If there is an IPMI boot mailbox configuration present display a message in the System Configuration screen and provide the option to clear the mailbox. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>