diff options
| author | Scott Ullrich <sullrich@pfsense.org> | 2010-12-19 13:06:24 -0500 |
|---|---|---|
| committer | Scott Ullrich <sullrich@pfsense.org> | 2010-12-19 13:06:24 -0500 |
| commit | 28f9612c6c3f862e2ace66813866a02c951c3b6a (patch) | |
| tree | 3b1cb3fc91d8c967ae7579364b391b32aeec14ce /usr/local | |
| parent | 332bb9ab84e5b58929408869f3e963b830d75607 (diff) | |
| download | pfsense-28f9612c6c3f862e2ace66813866a02c951c3b6a.zip pfsense-28f9612c6c3f862e2ace66813866a02c951c3b6a.tar.gz | |
Throw an error if we have an encrypted / without a non-encrypted /boot
Diffstat (limited to 'usr/local')
| -rw-r--r-- | usr/local/www/installer/installer.php | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/usr/local/www/installer/installer.php b/usr/local/www/installer/installer.php index f169bfa..90dcef3 100644 --- a/usr/local/www/installer/installer.php +++ b/usr/local/www/installer/installer.php @@ -427,6 +427,8 @@ EOF; function verify_before_install() { global $g, $fstype; + $encyrpted_root = false; + $non_encyrpted_boot = false; head_html(); body_html(); page_table_start(); @@ -441,12 +443,22 @@ function verify_before_install() { $bootmanager = htmlspecialchars($_REQUEST['bootmanager']); $disks = array(); // Loop through posted items and create an array - for($x=0; $x<99; $x++) { + for($x=0; $x<99; $x++) { // XXX: Make this more optimal if(!$_REQUEST['fstype' . $x]) continue; $tmparray = array(); - if($_REQUEST['fstype'] <> "SWAP") { + if($_REQUEST['fstype' . $x] <> "SWAP") { $tmparray['mountpoint'] = $_REQUEST['mountpoint' . $x]; + // Check for encrypted slice / + if(stristr($_REQUEST['fstype' . $x], ".eli")) { + if($tmparray['mountpoint'] == "/") + $encyrpted_root = true; + } + // Check if we have a non-encrypted /boot + if($tmparray['mountpoint'] == "/boot") { + if(!stristr($_REQUEST['fstype' . $x], ".eli")) + $non_encyrpted_boot = true; + } if($tmparray['mountpoint'] == "/conf") { $tmparray['mountpoint'] = "/conf{$x}"; $error_txt .= "<center><font color='red'>/conf is not an allowed mount point and has been renamed to /conf{$x}.</font></center><br/>"; @@ -454,6 +466,9 @@ function verify_before_install() { } else { $tmparray['mountpoint'] = "none"; } + // If we have an encrypted /root and lack a non encyrpted /boot, throw an error/warning + if($encyrpted_root && $non_encyrpted_boot) + $error_txt .= "<center><font color='red'>A non-encrypted /boot slice is required when encrypting the / slice</font></center><br/>"; $tmparray['disk'] = $_REQUEST['disk' . $x]; $tmparray['fstype'] = $_REQUEST['fstype' . $x]; $tmparray['size'] = $_REQUEST['size' . $x]; |
