PyParted and a large rewrite of the underlying partitioning (#1604)

* Invert mypy files

* Add optional pre-commit hooks

* New profile structure

* Serialize profiles

* Use profile instead of classmethod

* Custom profile setup

* Separator between back

* Support profile import via url

* Move profiles module

* Refactor files

* Remove symlink

* Add user to docker group

* Update schema description

* Handle list services

* mypy fixes

* mypy fixes

* Rename profilesv2 to profiles

* flake8

* mypy again

* Support selecting DM

* Fix mypy

* Cleanup

* Update greeter setting

* Update schema

* Revert toml changes

* Poc external dependencies

* Dependency support

* New encryption menu

* flake8

* Mypy and flake8

* Unify lsblk command

* Update bootloader configuration

* Git hooks

* Fix import

* Pyparted

* Remove custom font setting

* flake8

* Remove default preview

* Manual partitioning menu

* Update structure

* Disk configuration

* Update filesystem

* luks2 encryption

* Everything works until installation

* Btrfsutil

* Btrfs handling

* Update btrfs

* Save encryption config

* Fix pipewire issue

* Update mypy version

* Update all pre-commit

* Update package versions

* Revert audio/pipewire

* Merge master PRs

* Add master changes

* Merge master changes

* Small renaming

* Pull master changes

* Reset disk enc after disk config change

* Generate locals

* Update naming

* Fix imports

* Fix broken sync

* Fix pre selection on table menu

* Profile menu

* Update profile

* Fix post_install

* Added python-pyparted to PKGBUILD, this requires [testing] to be enabled in order to run makepkg. Package still works via python -m build etc.

* Swaped around some setuptools logic in pyproject

Since we define `package-data` and `packages` there should be no need for:
```
[tool.setuptools.packages.find]
where = ["archinstall", "archinstall.*"]
```

* Removed pyproject collisions. Duplicate definitions.

* Made sure pyproject.toml includes languages

* Add example and update README

* Fix pyproject issues

* Generate locale

* Refactor imports

* Simplify imports

* Add profile description and package examples

* Align code

* Fix mypy

* Simplify imports

* Fix saving config

* Fix wrong luks merge

* Refactor installation

* Fix cdrom device loading

* Fix wrongly merged code

* Fix imports and greeter

* Don't terminate on partprobe error

* Use specific path on partprobe from luks

* Update archinstall/lib/disk/device_model.py

Co-authored-by: codefiles <11915375+codefiles@users.noreply.github.com>

* Update archinstall/lib/disk/device_model.py

Co-authored-by: codefiles <11915375+codefiles@users.noreply.github.com>

* Update github workflow to test archinstall installation

* Update sway merge

* Generate locales

* Update workflow

---------

Co-authored-by: Daniel Girtler <girtler.daniel@gmail.com>
Co-authored-by: Anton Hvornum <anton@hvornum.se>
Co-authored-by: Anton Hvornum <anton.feeds+github@gmail.com>
Co-authored-by: codefiles <11915375+codefiles@users.noreply.github.com>

1 files changed, 94 insertions, 0 deletions

diff --git a/archinstall/lib/disk/fido.py b/archinstall/lib/disk/fido.py
new file mode 100644
index 00000000..436be4d4
--- /dev/null
+++ b/archinstall/lib/disk/fido.py
@@ -0,0 +1,94 @@
+from __future__ import annotations
+
+import getpass
+import logging
+from typing import List
+
+from .device_model import PartitionModification, Fido2Device
+from ..general import SysCommand, SysCommandWorker, clear_vt100_escape_codes
+from ..output import log
+
+
+class Fido2:
+	_loaded: bool = False
+	_fido2_devices: List[Fido2Device] = []
+
+	@classmethod
+	def get_fido2_devices(cls, reload: bool = False) -> List[Fido2Device]:
+		"""
+		Uses systemd-cryptenroll to list the FIDO2 devices
+		connected that supports FIDO2.
+		Some devices might show up in udevadm as FIDO2 compliant
+		when they are in fact not.
+
+		The drawback of systemd-cryptenroll is that it uses human readable format.
+		That means we get this weird table like structure that is of no use.
+
+		So we'll look for `MANUFACTURER` and `PRODUCT`, we take their index
+		and we split each line based on those positions.
+
+		Output example:
+
+		PATH         MANUFACTURER PRODUCT
+		/dev/hidraw1 Yubico       YubiKey OTP+FIDO+CCID
+		"""
+
+		# to prevent continous reloading which will slow
+		# down moving the cursor in the menu
+		if not cls._loaded or reload:
+			ret = SysCommand(f"systemd-cryptenroll --fido2-device=list").decode('UTF-8')
+			if not ret:
+				log('Unable to retrieve fido2 devices', level=logging.ERROR)
+				return []
+
+			fido_devices = clear_vt100_escape_codes(ret)
+
+			manufacturer_pos = 0
+			product_pos = 0
+			devices = []
+
+			for line in fido_devices.split('\r\n'):
+				if '/dev' not in line:
+					manufacturer_pos = line.find('MANUFACTURER')
+					product_pos = line.find('PRODUCT')
+					continue
+
+				path = line[:manufacturer_pos].rstrip()
+				manufacturer = line[manufacturer_pos:product_pos].rstrip()
+				product = line[product_pos:]
+
+				devices.append(
+					Fido2Device(path, manufacturer, product)
+				)
+
+			cls._loaded = True
+			cls._fido2_devices = devices
+
+		return cls._fido2_devices
+
+	@classmethod
+	def fido2_enroll(
+		cls,
+		hsm_device: Fido2Device,
+		part_mod: PartitionModification,
+		password: str
+	):
+		worker = SysCommandWorker(f"systemd-cryptenroll --fido2-device={hsm_device.path} {part_mod.dev_path}", peek_output=True)
+		pw_inputted = False
+		pin_inputted = False
+
+		while worker.is_alive():
+			if pw_inputted is False:
+				if bytes(f"please enter current passphrase for disk {part_mod.dev_path}", 'UTF-8') in worker._trace_log.lower():
+					worker.write(bytes(password, 'UTF-8'))
+					pw_inputted = True
+			elif pin_inputted is False:
+				if bytes(f"please enter security token pin", 'UTF-8') in worker._trace_log.lower():
+					worker.write(bytes(getpass.getpass(" "), 'UTF-8'))
+					pin_inputted = True
+
+				log(
+					f"You might need to touch the FIDO2 device to unlock it if no prompt comes up after 3 seconds.",
+					level=logging.INFO,
+					fg="yellow"
+				)