fix

2025-01-05 08:48:33 +01:00 · 2025-01-05 08:48:33 +01:00 · 78794c567e
commit 78794c567e
parent 633a0ef410
2 changed files with 28 additions and 5 deletions
--- a/src/install/security.rs
+++ b/src/install/security.rs
@ -16,21 +16,44 @@ pub fn setup_tpm_unlock(conf: &DriveConfig) {

    // Recovery Key
    let recovery_key = arch_chroot(
-        &["systemd-cryptenroll", "--recovery-key", &conf.root],
-        Some(&format!("{}\n", conf.encryption.as_ref().unwrap())),
+        &vec![
+            "systemd-run",
+            "--pipe",
+            "--collect",
+            "-p",
+            format!(
+                "SetCredential=cryptenroll.passphrase:{}",
+                conf.encryption.as_ref().unwrap()
+            )
+            .as_str(),
+            "systemd-cryptenroll",
+            "--recovery-key",
+            &conf.root,
+        ],
+        None,
        false,
    )
    .0;
+
    install_file("/mnt/root/recovery.key", &recovery_key, 0o400);

    arch_chroot(
-        &[
+        &vec![
+            "systemd-run",
+            "--pipe",
+            "--collect",
+            "-p",
+            format!(
+                "SetCredential=cryptenroll.passphrase:{}",
+                conf.encryption.as_ref().unwrap()
+            )
+            .as_str(),
            "systemd-cryptenroll",
            "--tpm2-device=auto",
            &conf.root,
            "--tpm2-pcrs=7",
        ],
-        Some(&format!("{}\n", conf.encryption.as_ref().unwrap())),
+        None,
        false,
    );
 }
--- a/src/pkg.rs
+++ b/src/pkg.rs
@ -3,7 +3,7 @@ use crate::{
    linux::{arch_chroot, run_command},
 };

-pub const DESKTOP_PKG: [&str; 3] = ["plasma", "sddm", "navos/navos"];
+pub const DESKTOP_PKG: [&str; 5] = ["plasma", "sddm", "konsole", "dolphin", "navos/navos"];

 pub const SERVER_PKG: [&str; 2] = ["tmux", "navos/navos"];