ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2025-01-18 02:39:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add graphical init menu that uses whiptail

Browse Source 
This is a modified version of the generic-init script that uses whiptail
to generate a graphical menu. I changed two of the options so that the
user can refresh the menu to get an updated TOTP code if needed.
This commit is contained in:
Kyle Rankin 2018-02-20 15:35:37 -08:00
parent 1459e701e3
commit 140064bbf8
No known key found for this signature in database
GPG Key ID: 555577116BFA74B9
1 changed files with 83 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
initrd/bin/gui-init Executable file
View File

@ -0,0 +1,83 @@
#!/bin/sh
# Boot from a local disk installation
. /etc/functions
. /etc/config
mount_boot()
{
# Mount local disk if it is not already mounted
if ! grep -q /boot /proc/mounts ; then
mount -o ro /boot \
|| recovery "Unable to mount /boot"
fi
}
# Confirm we have a good TOTP unseal and ask the user for next choice
while true; do
last_half=X
unset totp_confirm
# update the TOTP code every thirty seconds
date=`date "+%Y-%m-%d %H:%M:%S"`
seconds=`date "+%s"`
half=`expr \( $seconds % 60 \) / 30`
if [ "$CONFIG_TPM" = n ]; then
TOTP="NO TPM"
elif [ "$half" != "$last_half" ]; then
last_half=$half;
TOTP=`unseal-totp` \
|| recovery "TOTP code generation failed"
fi
whiptail --clear --title 'Heads Boot Menu' \
--menu "$date\nTOTP code: $TOTP" 20 60 8 \
'y' ' Default boot' \
'n' ' TOTP does not match' \
'r' ' Refresh TOTP code' \
'm' ' Boot menu'\
'u' ' USB boot' \
'x' ' Exit to recovery shell' \
2>/tmp/whiptail
totp_confirm=$(cat /tmp/whiptail)
if [ "$totp_confirm" = "x" ]; then
recovery "User requested recovery shell"
fi
if [ "$totp_confirm" = "r" ]; then
continue
fi
if [ "$totp_confirm" = "n" ]; then
echo ""
echo "To correct clock drift: 'date -s HH:MM:SS'"
echo "and save it to the RTC: 'hwclock -w'"
echo "then reboot and try again"
echo ""
recovery "TOTP mismatch"
fi
if [ "$totp_confirm" = "u" ]; then
exec /bin/usb-init
continue
fi
if [ "$totp_confirm" = "m" ]; then
# Try to select a kernel from the menu
mount_boot
kexec-select-boot -m -b /boot -c "grub.cfg"
continue
fi
if [ "$totp_confirm" = "y" -o -n "$totp_confirm" ]; then
# Try to boot the default
mount_boot
kexec-select-boot -b /boot -c "grub.cfg" \
|| recovery "Failed default boot"
fi
done
recovery "Something failed during boot"