diff options
Diffstat (limited to 'hscript/script.cc')
-rw-r--r-- | hscript/script.cc | 33 |
1 files changed, 32 insertions, 1 deletions
diff --git a/hscript/script.cc b/hscript/script.cc index ea083a8..cc819e4 100644 --- a/hscript/script.cc +++ b/hscript/script.cc @@ -123,6 +123,8 @@ struct Script::ScriptPrivate { std::vector< std::unique_ptr<LVMGroup> > lvm_vgs; /*! LVM logical volume keys */ std::vector< std::unique_ptr<LVMVolume> > lvm_lvs; + /*! LUKS creation keys */ + std::vector< std::unique_ptr<Encrypt> > luks; /*! Filesystem creation keys */ std::vector< std::unique_ptr<Filesystem> > fses; /*! Target system's mountpoints. */ @@ -211,6 +213,10 @@ struct Script::ScriptPrivate { std::unique_ptr<LVMVolume> lv(dynamic_cast<LVMVolume *>(obj)); this->lvm_lvs.push_back(std::move(lv)); return true; + } else if(key_name == "encrypt") { + std::unique_ptr<Encrypt> e(dynamic_cast<Encrypt *>(obj)); + this->luks.push_back(std::move(e)); + return true; } else if(key_name == "fs") { std::unique_ptr<Filesystem> fs(dynamic_cast<Filesystem *>(obj)); this->fses.push_back(std::move(fs)); @@ -706,7 +712,8 @@ bool add_default_repos(std::vector<std::unique_ptr<Keys::Repository>> &repos) { bool Script::validate() const { int failures = 0; std::set<std::string> seen_diskids, seen_labels, seen_parts, seen_pvs, - seen_vg_names, seen_vg_pvs, seen_lvs, seen_fses, seen_mounts; + seen_vg_names, seen_vg_pvs, seen_lvs, seen_fses, seen_mounts, + seen_luks; std::map<const std::string, int> seen_iface; #ifdef HAS_INSTALL_ENV error_code ec; @@ -1004,6 +1011,30 @@ bool Script::validate() const { " does not exist");\ } + /* REQ: Runner.Validate.encrypt */ + for(auto &crypt : this->internal->luks) { + if(!crypt->validate(this->opts)) { + failures++; + continue; + } + + /* REQ: Runner.Validate.encrypt.Unique */ + if(seen_luks.find(crypt->device()) != seen_luks.end()) { + failures++; + output_error("installfile:" + std::to_string(crypt->lineno()), + "encrypt: encryption is already scheduled for " + + crypt->device()); + } + seen_luks.insert(crypt->device()); + + /* REQ: Runner.Validate.encrypt.Block */ + if(opts.test(InstallEnvironment)) { +#ifdef HAS_INSTALL_ENV + CHECK_EXIST_PART_LV(crypt->device(), "encrypt", crypt->lineno()) +#endif /* HAS_INSTALL_ENV */ + } + } + /* REQ: Runner.Validate.fs */ for(auto &fs : this->internal->fses) { if(!fs->validate(this->opts)) { |