mirror of
https://github.com/tommytran732/Arch-Setup-Script
synced 2024-11-13 21:51:33 -05:00
Update install.sh
This commit is contained in:
parent
fc187c9e71
commit
be08f427f5
10
install.sh
10
install.sh
@ -186,14 +186,14 @@ EOF
|
|||||||
|
|
||||||
# Configuring /etc/mkinitcpio.conf
|
# Configuring /etc/mkinitcpio.conf
|
||||||
echo "Configuring /etc/mkinitcpio for ZSTD compression and LUKS hook."
|
echo "Configuring /etc/mkinitcpio for ZSTD compression and LUKS hook."
|
||||||
sed -i -e 's,#COMPRESSION="zstd",COMPRESSION="zstd",g' /mnt/etc/mkinitcpio.conf
|
sed -i 's,#COMPRESSION="zstd",COMPRESSION="zstd",g' /mnt/etc/mkinitcpio.conf
|
||||||
sed -i -e 's,modconf block filesystems keyboard,keyboard modconf block encrypt filesystems,g' /mnt/etc/mkinitcpio.conf
|
sed -i 's,modconf block filesystems keyboard,keyboard modconf block encrypt filesystems,g' /mnt/etc/mkinitcpio.conf
|
||||||
|
|
||||||
# Enabling LUKS in GRUB and setting the UUID of the LUKS container.
|
# Enabling LUKS in GRUB and setting the UUID of the LUKS container.
|
||||||
UUID=$(blkid $cryptroot | cut -f2 -d'"')
|
UUID=$(blkid $cryptroot | cut -f2 -d'"')
|
||||||
sed -i 's/#\(GRUB_ENABLE_CRYPTODISK=y\)/\1/' /mnt/etc/default/grub
|
sed -i 's/#\(GRUB_ENABLE_CRYPTODISK=y\)/\1/' /mnt/etc/default/grub
|
||||||
sed -i -e "s,quiet,quiet cryptdevice=UUID=$UUID:cryptroot root=$BTRFS,g" /mnt/etc/default/grub
|
sed -i "s,quiet,quiet cryptdevice=UUID=$UUID:cryptroot root=$BTRFS,g" /mnt/etc/default/grub
|
||||||
sed -i -e "s#root=/dev/mapper/cryptroot#root=/dev/mapper/cryptroot lsm=lockdown,yama,apparmor,bpf#g" /mnt/etc/default/grub
|
sed -i "s#root=/dev/mapper/cryptroot#root=/dev/mapper/cryptroot lsm=lockdown,yama,apparmor,bpf#g" /mnt/etc/default/grub
|
||||||
echo "" >> /mnt/etc/default/grub
|
echo "" >> /mnt/etc/default/grub
|
||||||
echo -e "# Booting with BTRFS subvolume\nGRUB_BTRFS_OVERRIDE_BOOT_PARTITION_DETECTION=true" >> /mnt/etc/default/grub
|
echo -e "# Booting with BTRFS subvolume\nGRUB_BTRFS_OVERRIDE_BOOT_PARTITION_DETECTION=true" >> /mnt/etc/default/grub
|
||||||
|
|
||||||
@ -202,7 +202,7 @@ dd bs=512 count=4 if=/dev/random of=/mnt/.root.key iflag=fullblock &>/dev/null
|
|||||||
chmod 000 /mnt/.root.key &>/dev/null
|
chmod 000 /mnt/.root.key &>/dev/null
|
||||||
cryptsetup -v luksAddKey /dev/disk/by-partlabel/cryptroot /mnt/.root.key
|
cryptsetup -v luksAddKey /dev/disk/by-partlabel/cryptroot /mnt/.root.key
|
||||||
#I also remove the quiet flag here, since not having any sort of output is a pain
|
#I also remove the quiet flag here, since not having any sort of output is a pain
|
||||||
sed -i -e "s,quiet,cryptdevice=UUID=$UUID:cryptroot root=$BTRFS cryptkey=rootfs:/.root.key,g" /mnt/etc/default/grub
|
sed -i "s,quiet,cryptdevice=UUID=$UUID:cryptroot root=$BTRFS cryptkey=rootfs:/.root.key,g" /mnt/etc/default/grub
|
||||||
sed -i 's#FILES=()#FILES=(/.root.key)#g' /mnt/etc/mkinitcpio.conf
|
sed -i 's#FILES=()#FILES=(/.root.key)#g' /mnt/etc/mkinitcpio.conf
|
||||||
|
|
||||||
# Security kernel settings.
|
# Security kernel settings.
|
||||||
|
Loading…
Reference in New Issue
Block a user