Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package tik for openSUSE:Factory checked in
at 2024-06-17 19:29:37
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/tik (Old)
and /work/SRC/openSUSE:Factory/.tik.new.19518 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tik"
Mon Jun 17 19:29:37 2024 rev:12 rq:1181341 version:1.1.8
Changes:
--------
--- /work/SRC/openSUSE:Factory/tik/tik.changes 2024-06-14 19:07:42.835763987
+0200
+++ /work/SRC/openSUSE:Factory/.tik.new.19518/tik.changes 2024-06-17
19:29:56.351229656 +0200
@@ -1,0 +2,54 @@
+Mon Jun 17 15:39:11 UTC 2024 - rbr...@suse.com
+
+- Update to version 1.1.8:
+ * Error message UEFI instead of EFI
+ * Refined error message. Tested with UEFI system with inverted check.
+ * initial implementation. Not tested yet.
+ * Moved log message so it won't display multiple times.
+ * Edited log message to reflect upower output
+ * Fixed code indenting
+ * Get rid of unneeded global variable and moved it locally.
+ * Changed all tab indents to 4 spaces because it started to look strange on
gitlab
+ * Converted code to use upower instead of straight bash.
+ * Bug in the previous Pull request would cause an infinite loop because the
BAT* wildcard would follow symlinks recursively. This change would fix that bug
using grep -r which would skip recursive symlinks.
+ * Revert "Added condition to check batteries for charging state"
+
+-------------------------------------------------------------------
+Sat Jun 15 19:20:01 UTC 2024 - rbr...@suse.com
+
+- Update to version 1.1.7:
+ * crypt: tidy up unmounts
+
+-------------------------------------------------------------------
+Sat Jun 15 17:34:32 UTC 2024 - rbr...@suse.com
+
+- Update to version 1.1.6:
+ * crypt: resize partitions before encrypting them. minor bugfixes
+
+-------------------------------------------------------------------
+Sat Jun 15 16:30:54 UTC 2024 - rbr...@suse.com
+
+- Update to version 1.1.5:
+ * crypt: mount /var
+
+-------------------------------------------------------------------
+Sat Jun 15 16:09:01 UTC 2024 - rbr...@suse.com
+
+- Update to version 1.1.4:
+ * crypt: fix btrfs repair after resize
+
+-------------------------------------------------------------------
+Sat Jun 15 15:45:51 UTC 2024 - rbr...@suse.com
+
+- Update to version 1.1.3:
+ * crypt: bugfixes and workflow tuneups
+
+-------------------------------------------------------------------
+Sat Jun 15 15:01:08 UTC 2024 - rbr...@suse.com
+
+- Update to version 1.1.2:
+ * encrypt: prototype crypt module, force encrypts using a recovery key only,
not for production use
+ * mig: Backup openvpn config
+ * Cleanup bluetooth backup
+
+-------------------------------------------------------------------
Old:
----
tik-1.1.1.obscpio
New:
----
tik-1.1.8.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ tik.spec ++++++
--- /var/tmp/diff_new_pack.Y91Mdf/_old 2024-06-17 19:29:56.995253226 +0200
+++ /var/tmp/diff_new_pack.Y91Mdf/_new 2024-06-17 19:29:56.999253373 +0200
@@ -17,7 +17,7 @@
Name: tik
-Version: 1.1.1
+Version: 1.1.8
Release: 0
Summary: Transactional Installation Kit
License: MIT
@@ -62,6 +62,14 @@
%description module-mig
Migration module for tik. Detects existing btrfs /home subvolumes and offers
to backup/restore it using the tik USB stick.
+%package module-encrypt
+Summary: Encryption module for tik
+Requires: qrencode
+Requires: tik
+
+%description module-encrypt
+Encryption module for tik. Encrypts btrfs rootfs using various different
supported credentials and recovery-keys.
+
%prep
%autosetup
@@ -83,6 +91,8 @@
install -D -m 644 usr/lib/tik/modules/pre/20-mig
%{buildroot}%{_prefix}/lib/tik/modules/pre
install -D -m 644 usr/lib/tik/modules/post/20-mig
%{buildroot}%{_prefix}/lib/tik/modules/post
+install -D -m 644 usr/lib/tik/modules/post/10-encrypt
%{buildroot}%{_prefix}/lib/tik/modules/post
+
%files
%license LICENSE
%doc README.md
@@ -110,3 +120,6 @@
%{_prefix}/lib/tik/modules/pre/20-mig
%{_prefix}/lib/tik/modules/post/20-mig
+%files module-encrypt
+%{_prefix}/lib/tik/modules/post/10-encrypt
+
++++++ _service ++++++
--- /var/tmp/diff_new_pack.Y91Mdf/_old 2024-06-17 19:29:57.027254398 +0200
+++ /var/tmp/diff_new_pack.Y91Mdf/_new 2024-06-17 19:29:57.031254544 +0200
@@ -3,7 +3,7 @@
<service name="obs_scm" mode="manual">
<param name="url">https://github.com/sysrich/tik.git</param>
<param name="scm">git</param>
- <param name="revision">v1.1.1</param>
+ <param name="revision">v1.1.8</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="versionrewrite-pattern">v(.*)</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.Y91Mdf/_old 2024-06-17 19:29:57.051255276 +0200
+++ /var/tmp/diff_new_pack.Y91Mdf/_new 2024-06-17 19:29:57.055255422 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/sysrich/tik.git</param>
- <param
name="changesrevision">b3871bab8dd1be5086715c8fd6a1c4d921fd9b5c</param></service></servicedata>
+ <param
name="changesrevision">965e7b0ed36f5347975cd01051ad7ea11457339d</param></service></servicedata>
(No newline at EOF)
++++++ tik-1.1.1.obscpio -> tik-1.1.8.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/tik-1.1.1/usr/lib/tik/modules/post/10-encrypt
new/tik-1.1.8/usr/lib/tik/modules/post/10-encrypt
--- old/tik-1.1.1/usr/lib/tik/modules/post/10-encrypt 1970-01-01
01:00:00.000000000 +0100
+++ new/tik-1.1.8/usr/lib/tik/modules/post/10-encrypt 2024-06-17
17:26:18.000000000 +0200
@@ -0,0 +1,65 @@
+# SPDX-License-Identifier: MIT
+# SPDX-FileCopyrightText: Copyright 2024 SUSE LLC
+# SPDX-FileCopyrightText: Copyright 2024 Richard Brown
+
+generate_recoveryKey() {
+ modhex=('c' 'b' 'd' 'e' 'f' 'g' 'h' 'i' 'j' 'k' 'l' 'n' 'r' 't' 'u' 'v')
+ mapfile -t raw_key < <(hexdump -v --format '1/1 "%u\n"' -n 32
/dev/random)
+ [ "${#raw_key[@]}" = 32 ]
+ key=""
+ for ((i=0;i<"${#raw_key[@]}";++i)); do
+ [ "$i" -gt 0 ] && [ "$((i%4))" -eq 0 ] && key="$key-"
+ c="${raw_key[i]}"
+ key="$key${modhex[$((c>>4))]}${modhex[$((c&15))]}"
+ done
+}
+
+display_recoveryKey() {
+ log "Displaying Recovery Key"
+ zenity --width=500 --height=500 --no-wrap --warning --title="Encryption
Recovery Key" --text="A secret recovery key has been generated for your Aeon
installation:\n\n <b><big>$key</big></b>\n\nPlease save this secret recovery
key at a secure location\nIt may be used to regain access to your system if the
other credentials have been lost or forgotten\nThe recovery key can be used in
place of a password whenever authentication is requested\n\nYou may optionally
scan the recovery key off screen:\n<span face='monospace'>$(qrencode $key -t
UTF8i)</span>"
+ log "Recovery Key Dialogue Dismissed"
+}
+
+encrypt_disk() {
+ probe_partitions $TIK_INSTALL_DEVICE "btrfs" "/usr/lib/os-release"
+ if [ -z "${probedpart}" ]; then
+ error "ENCRYPTION FAILED: New Installation NOT FOUND"
+ fi
+ prun /usr/bin/mkdir ${mig_dir}/mnt
+ prun /usr/bin/mount -o compress=zstd:1 ${probedpart} ${mig_dir}/mnt
+ prun /usr/bin/systemd-repart --pretty 0 --root ${mig_dir}/mnt
--dry-run=0 ${probedpart}
+ prun /usr/bin/mount -o compress=zstd:1,subvol=/@/var ${probedpart}
${mig_dir}/mnt/var
+ prun /lib/systemd/systemd-growfs ${mig_dir}/mnt/var
+ prun /usr/bin/umount ${mig_dir}/mnt/var
+ prun /usr/sbin/btrfs filesystem resize -32m /mnt
+ prun /usr/bin/umount ${mig_dir}/mnt
+ prun /usr/sbin/cryptsetup reencrypt --force-password --encrypt
--reduce-device-size 32m ${probedpart} cr_root <<<"$key"
+ echo '{"type":"systemd-recovery","keyslots":["0"]}' | prun
/usr/sbin/cryptsetup token import "${probedpart}"
+ prun /usr/sbin/btrfs rescue fix-device-size /dev/mapper/cr_root
+ prun /usr/bin/mount -o compress=zstd:1 /dev/mapper/cr_root
${mig_dir}/mnt
+ prun /usr/bin/mount -o compress=zstd:1,subvol=/@/var
/dev/mapper/cr_root ${mig_dir}/mnt/var
+ etcmountcmd=$(cat ${mig_dir}/mnt/etc/fstab | grep "overlay /etc" | sed
's/\/sysroot\//${mig_dir}\/mnt\//g' | sed 's/\/work-etc.*/\/work-etc
${mig_dir}\/mnt\/etc\//' | sed 's/overlay \/etc overlay/\/usr\/bin\/mount -t
overlay overlay -o/')
+ eval prun "$etcmountcmd"
+ echo "cr_root ${probedpart} none x-initrd.attach" | prun tee
${mig_dir}/mnt/etc/crypttab
+ probe_partitions $TIK_INSTALL_DEVICE "vfat" "/EFI/systemd/shim.efi"
+ prun /usr/bin/mount ${probedpart} ${mig_dir}/mnt/boot/efi
+ prun /usr/bin/mount -o compress=zstd:1,subvol=/@/.snapshots
/dev/mapper/cr_root ${mig_dir}/mnt/.snapshots
+ prun /usr/bin/mount -t tmpfs -o size=10m tmpfs "${mig_dir}/mnt/run"
+ prun /usr/bin/mount -t tmpfs -o size=10m tmpfs "${mig_dir}/mnt/tmp"
+ for i in proc dev sys; do
+ prun /usr/bin/mount --bind "/$i" "${mig_dir}/mnt/$i"
+ done
+ prun /usr/bin/chroot ${mig_dir}/mnt <<EOT
+sdbootutil mkinitrd
+umount /etc
+EOT
+ for i in proc dev sys run tmp 'boot/efi' etc var '.snapshots'; do
+ prun /usr/bin/umount "${mig_dir}/mnt/$i"
+ done
+ prun /usr/bin/umount ${mig_dir}/mnt
+ prun /usr/bin/rmdir ${mig_dir}/mnt
+}
+
+generate_recoveryKey
+display_recoveryKey
+encrypt_disk
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/tik-1.1.1/usr/lib/tik/modules/post/20-mig
new/tik-1.1.8/usr/lib/tik/modules/post/20-mig
--- old/tik-1.1.1/usr/lib/tik/modules/post/20-mig 2024-06-14
13:46:02.000000000 +0200
+++ new/tik-1.1.8/usr/lib/tik/modules/post/20-mig 2024-06-17
17:26:18.000000000 +0200
@@ -43,6 +43,7 @@
prun-opt /usr/bin/cp -a ${mig_dir}/users/*
${mig_dir}/mnt/var/lib/AccountsService/users
prun-opt /usr/bin/cp -a ${mig_dir}/icons/*
${mig_dir}/mnt/var/lib/AccountsService/icons
prun-opt /usr/bin/cp -a ${mig_dir}/bluetooth/*
${mig_dir}/mnt/var/lib/bluetooth
+ prun-opt /usr/bin/cp -a ${mig_dir}/openvpn/* ${mig_dir}/mnt/etc/openvpn
prun /usr/bin/umount ${mig_dir}/mnt/etc
prun /usr/bin/umount ${mig_dir}/mnt/var
prun /usr/bin/umount ${mig_dir}/mnt
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/tik-1.1.1/usr/lib/tik/modules/pre/10-welcome
new/tik-1.1.8/usr/lib/tik/modules/pre/10-welcome
--- old/tik-1.1.1/usr/lib/tik/modules/pre/10-welcome 2024-06-14
13:46:02.000000000 +0200
+++ new/tik-1.1.8/usr/lib/tik/modules/pre/10-welcome 2024-06-17
17:26:18.000000000 +0200
@@ -4,33 +4,46 @@
# SPDX-FileCopyrightText: Copyright 2024 Raymond Yip
proceedInstall() {
- d --info --ok-label="Install Now" --no-wrap --width=300 --height=300
--icon=distributor-logo-Aeon-symbolic --title="" --text="<big>Welcome to
${TIK_OS_NAME}</big>\n\nPlease press <b>Install Now</b> to continue"
+ d --info --ok-label="Install Now" --no-wrap --width=300 --height=300
--icon=distributor-logo-Aeon-symbolic --title="" --text="<big>Welcome to
${TIK_OS_NAME}</big>\n\nPlease press <b>Install Now</b> to continue"
}
-warningMSG() {
- d --warning --no-wrap --title="AC Power Required" --text="Please
connect the AC power adapter to your machine to continue"
+displayACWarningMsg() {
+ d --warning --no-wrap --title="AC Power Recommended" --text="Runnning on
battery power detected\n\nIt is recommended to connect the system to AC power
during the install"
}
checkLaptop() {
- chassis=`cat /sys/class/dmi/id/chassis_type`
- #Test for respectively Handheld, Notebook, Laptop, and Portable
- if [ $chassis = "11" ] || [ $chassis = "10" ] || [ $chassis = "9" ] ||
[ $chassis = "8" ]; then
- #Tested machine is confirmed mobile
- #Check for AC power connection
- #Check file exists first
- if [ -f "/sys/class/power_supply/AC/online" ]; then
- #File exists
- #While the AC power cable is still disconnected
- while (grep -Fxq "0"
"/sys/class/power_supply/AC/online"); do
- log "AC power disconnected"
- #Display warning message
- warningMSG
- done
- fi
+ chassis=`cat /sys/class/dmi/id/chassis_type`
+ #Test for respectively Handheld, Notebook, Laptop, and Portable
+ #if chassis variable matches 8 9 10 or 11 function continues else it
proceeds to test AC power and Battery
+ [[ "$chassis" =~ ^(8|9|10|11)$ ]] || return
+ #Tested machine is confirmed mobile
+ givePowerRecommendation=false
+ #Only check for AC and Battery power connections with upower
+ updevices=`/usr/bin/upower -e|grep -E 'AC|BAT'`
+ for pdev in $updevices; do
+ #Get detailed info for each AC and BAT device in upower
+ upinfo=`/usr/bin/upower -i $pdev|grep -E 'online|state'`
+ #Check for discharging state or AC power offline which is equal to
no state
+ if [[ "$upinfo" =~ (discharging|no) ]]; then
+ #Give power recommendation only once, so set this to true
+ givePowerRecommendation=true
+ fi
+ done
+ if [ "$givePowerRecommendation" = true ]; then
+ log "AC Power disconnected and Battery is not charging"
+ displayACWarningMsg
+ fi
+}
+
+verify_efi() {
+ # Verify that the system was booted with EFI, exit with error if not
+ if [ ! -d /sys/firmware/efi ]; then
+ # System was not booted with EFI
+ local error_msg="openSUSE Aeon requires UEFI mode, which is not
found on your system.\nPlease check your BIOS settings to see if UEFI can be
enabled."
+ error "${error_msg}"
fi
}
proceedInstall
+verify_efi
checkLaptop
-
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/tik-1.1.1/usr/lib/tik/modules/pre/20-mig
new/tik-1.1.8/usr/lib/tik/modules/pre/20-mig
--- old/tik-1.1.1/usr/lib/tik/modules/pre/20-mig 2024-06-14
13:46:02.000000000 +0200
+++ new/tik-1.1.8/usr/lib/tik/modules/pre/20-mig 2024-06-17
17:26:18.000000000 +0200
@@ -65,6 +65,10 @@
prun-opt /usr/bin/rm ${mig_dir}/localtime
prun-opt /usr/bin/rm ${mig_dir}/subgid
prun-opt /usr/bin/rm ${mig_dir}/subuid
+ prun-opt /usr/bin/rm ${mig_dir}/bluetooth/*
+ prun-opt /usr/bin/rmdir ${mig_dir}/bluetooth
+ prun-opt /usr/bin/rm ${mig_dir}/openvpn/*
+ prun-opt /usr/bin/rmdir ${mig_dir}/openvpn
prun-opt /usr/bin/rmdir ${mig_dir}/mnt
fi
fi
@@ -183,6 +187,7 @@
prun-opt /usr/bin/chmod 744 ${mig_dir}/users
prun-opt /usr/bin/cp -a ${mig_dir}/mnt/var/lib/AccountsService/icons
${mig_dir}/icons
prun-opt /usr/bin/cp -a ${mig_dir}/mnt/var/lib/bluetooth
${mig_dir}/bluetooth
+ prun-opt /usr/bin/cp -a ${mig_dir}/mnt/etc/openvpn ${mig_dir}/openvpn
prun-opt /usr/bin/umount ${mig_dir}/mnt/etc
prun /usr/bin/umount ${mig_dir}/mnt/var
prun /usr/bin/umount ${mig_dir}/mnt
++++++ tik.obsinfo ++++++
--- /var/tmp/diff_new_pack.Y91Mdf/_old 2024-06-17 19:29:57.171259668 +0200
+++ /var/tmp/diff_new_pack.Y91Mdf/_new 2024-06-17 19:29:57.175259814 +0200
@@ -1,5 +1,5 @@
name: tik
-version: 1.1.1
-mtime: 1718365562
-commit: b3871bab8dd1be5086715c8fd6a1c4d921fd9b5c
+version: 1.1.8
+mtime: 1718637978
+commit: 965e7b0ed36f5347975cd01051ad7ea11457339d
