From 1de7ef4ccdff5d11ebf164bc072cdb10c0e22134 Mon Sep 17 00:00:00 2001 From: dede Date: Tue, 5 Aug 2025 23:58:11 +0200 Subject: [PATCH] update for some altered defaults and some installs and package names --- scripts/arch/01-init.sh | 6 ++++-- scripts/arch/03-ykfde.sh | 9 +++++---- scripts/arch/04-prepare-volumes.sh | 16 ++++++++-------- scripts/arch/05-chroot.sh | 4 ++-- scripts/arch/05-install.sh | 4 ++-- 5 files changed, 21 insertions(+), 18 deletions(-) diff --git a/scripts/arch/01-init.sh b/scripts/arch/01-init.sh index d7becd9..475d44f 100755 --- a/scripts/arch/01-init.sh +++ b/scripts/arch/01-init.sh @@ -3,7 +3,7 @@ set -e SCRIPT_NAME=`basename "$0"` echo "=========== ${SCRIPT_NAME} ===========" -pacman -Sy yubikey-manager yubikey-personalization pcsc-tools libu2f-host make json-c cryptsetup +pacman -Sy yubikey-manager yubikey-personalization pcsc-tools libfido2 make json-c cryptsetup systemctl start pcscd.service @@ -11,6 +11,8 @@ ykman list lsblk +fdisk -l + echo "" echo "=====================" -echo "Proceed with chapter 02: Prepare disks" \ No newline at end of file +echo "Proceed with chapter 02: Prepare disks" diff --git a/scripts/arch/03-ykfde.sh b/scripts/arch/03-ykfde.sh index e3f06f0..2016ba0 100755 --- a/scripts/arch/03-ykfde.sh +++ b/scripts/arch/03-ykfde.sh @@ -4,10 +4,11 @@ set -e SCRIPT_NAME=`basename "$0"` echo "=========== ${SCRIPT_NAME} ===========" -curl -L https://github.com/agherzan/yubikey-full-disk-encryption/archive/master.zip | bsdtar -xvf - -C . -cd yubikey-full-disk-encryption-master -make install +# curl -L https://github.com/agherzan/yubikey-full-disk-encryption/archive/master.zip | bsdtar -xvf - -C . +# cd yubikey-full-disk-encryption-master +# make install +pacman -Sy yubikey-full-disk-encryption echo "" echo "=====================" -echo "Proceed with chapter 03: Prepare 2nd slot" \ No newline at end of file +echo "Proceed with chapter 03: Prepare 2nd slot" diff --git a/scripts/arch/04-prepare-volumes.sh b/scripts/arch/04-prepare-volumes.sh index f2a8ec9..9dc3f59 100755 --- a/scripts/arch/04-prepare-volumes.sh +++ b/scripts/arch/04-prepare-volumes.sh @@ -5,18 +5,18 @@ SCRIPT_NAME=`basename "$0"` echo "=========== ${SCRIPT_NAME} ===========" pvcreate /dev/mapper/cryptlvm -vgcreate MyVolGroup /dev/mapper/cryptlvm +vgcreate vg0 /dev/mapper/cryptlvm -lvcreate -L 20G MyVolGroup -n root -lvcreate -l 100%FREE MyVolGroup -n home +lvcreate -L 60G vg0 -n root +lvcreate -L 200G vg0 -n home -mkfs.ext4 /dev/MyVolGroup/root -mkfs.ext4 /dev/MyVolGroup/home +mkfs.ext4 -L root /dev/vg0/root +mkfs.ext4 -L home /dev/vg0/home -mount /dev/MyVolGroup/root /mnt +mount /dev/vg0/root /mnt mkdir /mnt/home -mount /dev/MyVolGroup/home /mnt/home +mount /dev/vg0/home /mnt/home echo "" echo "=====================" -echo "Proceed with chapter 04: Encrypted boot partition" \ No newline at end of file +echo "Proceed with chapter 04: Encrypted boot partition" diff --git a/scripts/arch/05-chroot.sh b/scripts/arch/05-chroot.sh index 3c858fb..8332d6e 100755 --- a/scripts/arch/05-chroot.sh +++ b/scripts/arch/05-chroot.sh @@ -4,7 +4,7 @@ set -e SCRIPT_NAME=`basename "$0"` echo "=========== ${SCRIPT_NAME} ===========" -pacman -Sy yubikey-manager yubikey-personalization pcsc-tools libu2f-host make json-c cryptsetup +pacman -Sy yubikey-manager yubikey-personalization pcsc-tools libfido2 make json-c cryptsetup mkdir -p /run/lvm mount --bind /hostrun/lvm /run/lvm @@ -21,4 +21,4 @@ cat /etc/ykfde.conf echo "" echo "=====================" -echo "Proceed with chapter 05: mkinitcpio" \ No newline at end of file +echo "Proceed with chapter 05: mkinitcpio" diff --git a/scripts/arch/05-install.sh b/scripts/arch/05-install.sh index c3c2b02..10eb8dd 100755 --- a/scripts/arch/05-install.sh +++ b/scripts/arch/05-install.sh @@ -4,7 +4,7 @@ set -e SCRIPT_NAME=`basename "$0"` echo "=========== ${SCRIPT_NAME} ===========" -pacstrap /mnt base yubikey-manager yubikey-personalization pcsc-tools libu2f-host acpid dbus grub-efi-x86_64 efibootmgr lvm2 +pacstrap /mnt base yubikey-manager yubikey-personalization pcsc-tools libfido2 acpid dbus grub-efi-x86_64 efibootmgr lvm2 git htop duf genfstab -U -p /mnt >> /mnt/etc/fstab @@ -12,4 +12,4 @@ cat /mnt/etc/fstab echo "" echo "=====================" -echo "Proceed with chapter 05: YubiKey Full Disk Encryption" \ No newline at end of file +echo "Proceed with chapter 05: YubiKey Full Disk Encryption"