Send patches - preferably formatted by git format-patch - to patches at archlinux32 dot org.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnton Hvornum <anton@hvornum.se>2021-11-11 09:59:42 +0000
committerGitHub <noreply@github.com>2021-11-11 09:59:42 +0000
commite3e62039f9c4cbbb6f604c838cd3cd8032150565 (patch)
tree0917691dc792c9eb5773ab6ed63b8a3de52e4f49
parent273b7aaa994170f65055c7db178a548544b5bb76 (diff)
parentad09c8cfa29e891ed23c084a26993ae92dcf1265 (diff)
Merged PR #707 - Fixes password leakage to terminal
Created a new JSON serializer called `UNSAFE_JSON` that will serialize everything, including sensitive information. And `JSON` which is the default up to this point now safely ignores any sensitive information in dictionaries marked with `!`, for instance `{"!password" : "mypassword"}` will be omitted from any output.
-rw-r--r--archinstall/lib/disk/filesystem.py10
-rw-r--r--archinstall/lib/general.py6
-rw-r--r--archinstall/lib/installer.py4
-rw-r--r--archinstall/lib/user_interaction.py2
-rw-r--r--examples/guided.py13
5 files changed, 20 insertions, 15 deletions
diff --git a/archinstall/lib/disk/filesystem.py b/archinstall/lib/disk/filesystem.py
index 0be1ec8b..84b11c05 100644
--- a/archinstall/lib/disk/filesystem.py
+++ b/archinstall/lib/disk/filesystem.py
@@ -94,15 +94,17 @@ class Filesystem:
if partition.get('filesystem', {}).get('format', False):
if partition.get('encrypted', False):
- if not partition.get('password'):
+ if not partition.get('!password') and not storage['arguments'].get('!encryption-password'):
if storage['arguments'] == 'silent':
raise ValueError(f"Missing encryption password for {partition['device_instance']}")
else:
from ..user_interaction import get_password
- partition['password'] = get_password(f"Enter a encryption password for {partition['device_instance']}")
+ partition['!password'] = get_password(f"Enter a encryption password for {partition['device_instance']}")
+ elif not partition.get('!password') and storage['arguments'].get('!encryption-password'):
+ partition['!password'] = storage['arguments']['!encryption-password']
- partition['device_instance'].encrypt(password=partition['password'])
- with luks2(partition['device_instance'], storage.get('ENC_IDENTIFIER', 'ai') + 'loop', partition['password']) as unlocked_device:
+ partition['device_instance'].encrypt(password=partition['!password'])
+ with luks2(partition['device_instance'], storage.get('ENC_IDENTIFIER', 'ai') + 'loop', partition['!password']) as unlocked_device:
if not partition.get('format'):
if storage['arguments'] == 'silent':
raise ValueError(f"Missing fs-type to format on newly created encrypted partition {partition['device_instance']}")
diff --git a/archinstall/lib/general.py b/archinstall/lib/general.py
index 5ab2181c..21683425 100644
--- a/archinstall/lib/general.py
+++ b/archinstall/lib/general.py
@@ -121,11 +121,11 @@ class JsonEncoder:
for key, val in list(obj.items()):
if isinstance(val, dict):
# This, is a EXTREMELY ugly hack.. but it's the only quick way I can think of to trigger a encoding of sub-dictionaries.
- val = json.loads(json.dumps(val, cls=JSON))
+ val = json.loads(json.dumps(val, cls=UNSAFE_JSON))
else:
- val = JsonEncoder._encode(val)
+ val = JsonEncoder._unsafe_encode(val)
- copy[JsonEncoder._encode(key)] = val
+ copy[JsonEncoder._unsafe_encode(key)] = val
return copy
else:
return JsonEncoder._encode(obj)
diff --git a/archinstall/lib/installer.py b/archinstall/lib/installer.py
index 1318cb16..3b8f9612 100644
--- a/archinstall/lib/installer.py
+++ b/archinstall/lib/installer.py
@@ -176,7 +176,9 @@ class Installer:
for mountpoint in sorted(mountpoints.keys()):
if mountpoints[mountpoint]['encrypted']:
loopdev = storage.get('ENC_IDENTIFIER', 'ai') + 'loop'
- password = mountpoints[mountpoint]['password']
+ if not (password := mountpoints[mountpoint].get('!password', None)):
+ raise RequirementError(f"Missing mountpoint {mountpoint} encryption password in layout: {mountpoints[mountpoint]}")
+
with luks2(mountpoints[mountpoint]['device_instance'], loopdev, password, auto_unmount=False) as unlocked_device:
unlocked_device.mount(f"{self.target}{mountpoint}")
diff --git a/archinstall/lib/user_interaction.py b/archinstall/lib/user_interaction.py
index e62d8c6c..c8b3fd91 100644
--- a/archinstall/lib/user_interaction.py
+++ b/archinstall/lib/user_interaction.py
@@ -195,7 +195,7 @@ def generic_multi_select(options, text="Select one or more of the options above
def select_encrypted_partitions(block_devices :dict, password :str) -> dict:
root = find_partition_by_mountpoint(block_devices, '/')
root['encrypted'] = True
- root['password'] = password
+ root['!password'] = password
return block_devices
diff --git a/examples/guided.py b/examples/guided.py
index 73bf7712..f009d938 100644
--- a/examples/guided.py
+++ b/examples/guided.py
@@ -243,15 +243,16 @@ def perform_filesystem_operations():
fs.load_layout(archinstall.storage['disk_layouts'][drive.path])
def perform_installation(mountpoint):
- user_credentials = json.dumps({
+ user_credentials = {
"!users" : archinstall.arguments['!users'],
- "!superusers" : archinstall.arguments['!users'],
- "!root-password" : archinstall.arguments['!users'],
- "!encryption-password" : archinstall.arguments['!encryption-password'],
- }, indent=4, sort_keys=True, cls=archinstall.UNSAFE_JSON)
+ "!superusers" : archinstall.arguments['!superusers'],
+ "!root-password" : archinstall.arguments['!root-password'],
+ }
+ if archinstall.arguments.get('!encryption-password'):
+ user_credentials["!encryption-password"] = archinstall.arguments.get('!encryption-password')
with open("/var/log/archinstall/user_credentials.json", "w") as config_file:
- config_file.write(user_credentials)
+ config_file.write(json.dumps(user_credentials, indent=4, sort_keys=True, cls=archinstall.UNSAFE_JSON))
"""
Performs the installation steps on a block device.