lib/system: Add cryptsetup utility Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
lib/crypt: Add helpers for operating on /etc/shadow Provides helper functions for reading, writing, and checking against /etc/shadow. The main use case if for authenticating clients against the "system" password, which is set as the root password. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover: Add platform-arm64 Signed-off-by: Ge Song <ge.song@hxt-semitech.com> [Split from a larger patch and cleaned up] Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
lib/system: Add dmidecode as system app For use by the arm64 get_sysinfo. Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
configure: Add conditional platform builds Add configure --enable-platform-XXX options to allow specifying which platform support to build. --enable-platform-auto, the default, will use the host triplet to guess which platforms to build. --enable-platform-all will build all platforms. Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
configure: Rename ENABLE_PS3 to PLATFORM_PS3 To prepare for other configure platform names. Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
configure: Remove unused ENABLE_DEBUG We setup debug builds in the configure script with DEFAULT_CFLAGS and DEFAULT_CPPFLAGS. Remove the unused ENABLE_DEBUG AM conditional. Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
configure: Add check for UI build Emit configure warning if no UI program is to be built. Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
lib/system: Add udhcpc6 Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
lib/security: hard_lockdown flag to stop runtime disable of signed boot Currently if signed-boot is enabled in configure the presence of the LOCKDOWN_FILE is used as a runtime determination to perform the actual verification. In some environments this may be acceptable or even the intended operation but in other environments could be a security hole since the removal of the file will then cause boot task verification. Add a 'hard_lockdown' enable flag to generate a HARD_LOCKDOWN preprocessor definition to force the system to always do a signed boot verification for each boot task, which in the case of a missing file the boot will fail. Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover: Rescan SCSI devices on reinit Explicitly rescan SCSI devices on reinit rather than just remounting them in case a device did not init properly on boot. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
configure: Add signed-boot openssl configuration support Change the with-signed-boot option to take the following values: no - disable signed boot (as before) gpgme - configure for gpgme, fail if not found openssl - configure for openssl, fail if not found yes - look first for gpgme then openssl using first found, fail on none this should behave as before if gpgme has been installed fail on any other invalid options add in the ax_check_openssl.m4 macro to facilitate openssl probing Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
configure: only test for msgfmt if NLS enabled in environments where --disable-nls is specified msgfmt is unnecessary and therefore may not be available Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
configure: Add test for msgfmt Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Minor fixes for make distcheck Include the CCAN endian.h header in build sources and change the --with-twin-foo options to default off - most users are not building with libtwin so avoid having configure fail for them. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
configure: Update AC_PACKAGE_BUGREPORT Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
configure: Add check for lex, yacc Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
configure.ac: Fix unmatched brackets Signed-off-by: Cyril Bur <cyrilbur@gmail.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/ncurses: Spawn shell in exit handler In cui_on_exit()_ instead of exiting the program spawn a sh instance. This allows the user to drop to the shell and return without losing any custom boot options, for example. SIGINT still calls cui_abort() to properly exit Petitboot. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Add pb-plugin and pb-exec to pb_system_apps Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>