On Fri, Dec 22, 2023 at 02:58:06PM +0000, Chris Narkiewicz wrote:
> I'd like to kindly ask again if there is any interest in such feature to
> enable unattended installation with disk encryption.

There was some encouragement I received, but I assume that xmas and new year
were not a good time to seek for attention. :)

Here I am again, asking for feedback.

Index: install.sub
===================================================================
RCS file: /cvs/src/distrib/miniroot/install.sub,v
retrieving revision 1.1257
diff -u -p -u -p -r1.1257 install.sub
--- install.sub	24 Oct 2023 18:03:53 -0000	1.1257
+++ install.sub	13 Dec 2023 18:27:30 -0000
@@ -3099,6 +3099,13 @@ pick_keydisk() {
 	KEYDISK=$_disk$_label
 }
 
+get_disk_passphrase() {
+	ask_password 'Password for disk encryption?'
+	DISK_PASS="${_password}"
+	echo "${DISK_PASS}" > $DISK_PASS_FILE
+	chmod 0600 $DISK_PASS_FILE
+}
+
 encrypt_root() {
 	local _args _chunk=$ROOTDISK
 
@@ -3122,8 +3129,11 @@ encrypt_root() {
 			_args=-k$KEYDISK
 			break
 			;;
-		# Do nothing, bioctl(8) will handle the passphrase.
-		[pP]*)	break
+		# Ask for password and store it into a temporary file for bioctl
+		[pP]*)
+			get_disk_passphrase
+			_args=-p$DISK_PASS_FILE
+			break
 			;;
 		[nN]*)	return
 			;;
@@ -3606,6 +3616,7 @@ CGI_INFO=/tmp/i/cgiinfo
 CGI_METHOD=
 CGI_TIME=
 CGI_TZ=
+DISK_PASS_FILE=/tmp/i/disk_password
 export EDITOR=ed
 HTTP_DIR=
 HTTP_LIST=/tmp/i/httplist


Best regards,
Chris Narkiewicz

-- 
Phone:    +44 7502 415 180 (also Signal, WhatsApp)
Matrix:   @ezaquarii:etacassiopeiae.net
Mastodon: @ezaquarii@social.etacassiopeiae.net
GPG:      F86C 15AB 6FFE 6F81 43D7 4C1E 98BF 5BA2 F3BB 4D28