mirrors/armbian_build
1
0
Fork 0
mirror of https://github.com/armbian/build.git synced 2025-08-14 15:16:58 +02:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Fix a bunch of small cryptroot image builds issues (#2195)

Browse Source 
* Dockerfile update

Add package to fill-in missing ssh-keygen dependency

(required by lib/distributions.sh when CRYPTROOT_ENABLE is true)

* lib/chroot-buildpackages.sh: Fix mistakes with shellcheck linting

This breaks the apt command line, resulting in the following error:

> E: Invalid operation

* lib/configuration.sh: cryptroot >= 2.1 uses memory intensive key derivation

fix that by reverting to the < 2.1 default algorithm (pbkdf2)
This commit is contained in:
Florian Vallee 2020-09-09 15:15:52 +02:00 committed by GitHub
parent 97c8c26bb4
commit 49fb6550dd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config/templates/Dockerfile
View File

@ -68,6 +68,7 @@ RUN apt-get update \
ncurses-term \ ncurses-term \
nfs-kernel-server \ nfs-kernel-server \
ntpdate \ ntpdate \
openssh-client \
p7zip-full \ p7zip-full \
parted \ parted \
patchutils \ patchutils \

4
lib/chroot-buildpackages.sh
View File

@ -336,7 +336,7 @@ chroot_installpackages()
cat <<-EOF > "${SDCARD}"/tmp/install.sh cat <<-EOF > "${SDCARD}"/tmp/install.sh
#!/bin/bash #!/bin/bash
[[ "$remote_only" != yes ]] && apt-key add /tmp/buildpkg.key [[ "$remote_only" != yes ]] && apt-key add /tmp/buildpkg.key
apt-get "${apt_extra}" -q update apt-get ${apt_extra} -q update
# uncomment to debug # uncomment to debug
# /bin/bash # /bin/bash
# TODO: check if package exists in case new config was added # TODO: check if package exists in case new config was added
@ -345,7 +345,7 @@ chroot_installpackages()
# if grep -qE "apt.armbian.com|localhost" <(apt-cache madison \$p); then # if grep -qE "apt.armbian.com|localhost" <(apt-cache madison \$p); then
# if apt-get -s -qq install \$p; then # if apt-get -s -qq install \$p; then
#fi #fi
apt-get -q "${apt_extra}" --show-progress -o DPKG::Progress-Fancy=1 install -y ${install_list} apt-get -q ${apt_extra} --show-progress -o DPKG::Progress-Fancy=1 install -y ${install_list}
apt-get clean apt-get clean
[[ "${remote_only}" != yes ]] && apt-key del "925644A6" [[ "${remote_only}" != yes ]] && apt-key del "925644A6"
rm /etc/apt/sources.list.d/armbian-temp.list 2>/dev/null rm /etc/apt/sources.list.d/armbian-temp.list 2>/dev/null

5
lib/configuration.sh
View File

@ -83,6 +83,11 @@ CAN_BUILD_STRETCH=yes
ATF_COMPILE=yes ATF_COMPILE=yes
[[ -z $CRYPTROOT_SSH_UNLOCK ]] && CRYPTROOT_SSH_UNLOCK=yes [[ -z $CRYPTROOT_SSH_UNLOCK ]] && CRYPTROOT_SSH_UNLOCK=yes
[[ -z $CRYPTROOT_SSH_UNLOCK_PORT ]] && CRYPTROOT_SSH_UNLOCK_PORT=2022 [[ -z $CRYPTROOT_SSH_UNLOCK_PORT ]] && CRYPTROOT_SSH_UNLOCK_PORT=2022
# Default to pdkdf2, this used to be the default with cryptroot <= 2.0, however
# cryptroot 2.1 changed that to Argon2i. Argon2i is a memory intensive
# algorithm which doesn't play well with SBCs (need 1GiB RAM by default !)
# https://gitlab.com/cryptsetup/cryptsetup/-/issues/372
[[ -z $CRYPTROOT_PARAMETERS ]] && CRYPTROOT_PARAMETERS="--pbkdf pbkdf2"
[[ -z $WIREGUARD ]] && WIREGUARD="yes" [[ -z $WIREGUARD ]] && WIREGUARD="yes"
[[ -z $EXTRAWIFI ]] && EXTRAWIFI="yes" [[ -z $EXTRAWIFI ]] && EXTRAWIFI="yes"
[[ -z $AUFS ]] && AUFS="yes" [[ -z $AUFS ]] && AUFS="yes"