Since we sort the boot options prior to selecting the new default entry,
we need to use the index of the entry in the list prior to being sorted,
vs always setting it as 1. This fixes setting/booting of the default
OS target where the list entries are changed when calling sort.
Test: perform OEM factory reset with Fedora 32 installed, verify
default boot succeeds followng reset.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
The same grub parsing logic used in kexec-select-boot should
be used here as well, so copy it over.
Test: oem-factory-reset succeeds with Fedora 32 installed.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Since the custom password is used to set the GPG admin
password as well as the TPM and GPG user passwords, an
8-character minimum is required. Inform the user of this,
and validate custom password length upon entry.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Normally we resort to default passwords for OEM reset, however we have a
use case where it would be convenient to set a custom password instead.
This patch adds a simple prompt (that defaults to the defaults if you
hit Enter) that enables someone using the OEM reset to enter a single
password that will replace the defaults (TPM, GPG Admin, GPG User).
Add oem-factory-reset script which performs an unattended
reset and configuration of the device's TPM, GPG security token,
and boot device / boot selection.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
