From 91486b067f19ffc1477b95087b1017900b52dff1 Mon Sep 17 00:00:00 2001 From: ading2210 Date: Thu, 20 Jun 2024 22:37:05 -0700 Subject: [PATCH] fix chrome os unenrolled persistence --- bootloader/bin/bootstrap.sh | 19 +++++-------------- bootloader/opt/mount-encrypted | 5 +++++ 2 files changed, 10 insertions(+), 14 deletions(-) create mode 100755 bootloader/opt/mount-encrypted diff --git a/bootloader/bin/bootstrap.sh b/bootloader/bin/bootstrap.sh index 3a3a1ec..9fe19fd 100755 --- a/bootloader/bin/bootstrap.sh +++ b/bootloader/bin/bootstrap.sh @@ -94,7 +94,7 @@ move_mounts() { print_license() { cat << EOF -Shimboot v1.1.0 +Shimboot v1.1.1 ading2210/shimboot: Boot desktop Linux from a Chrome OS RMA shim. Copyright (C) 2023 ading2210 @@ -184,18 +184,6 @@ get_selection() { return 1 } -contains_word() { - local substr="$1" - local str="$2" - for word in $str; do - if [ "$word" = "$substr" ]; then - return 0 - fi - done - - return 1 -} - copy_progress() { local source="$1" local destination="$2" @@ -326,11 +314,14 @@ boot_chromeos() { echo "patching chrome os rootfs" cat /newroot/etc/ui_use_flags.txt | sed "/reven_branding/d" | sed "/os_install_service/d" > /newroot/tmp/ui_use_flags.txt mount -o bind /newroot/tmp/ui_use_flags.txt /newroot/etc/ui_use_flags.txt + cp /opt/mount-encrypted /newroot/tmp/mount-encrypted + cp /newroot/usr/sbin/mount-encrypted /newroot/tmp/mount-encrypted.real + mount -o bind /newroot/tmp/mount-encrypted /newroot/usr/sbin/mount-encrypted if [ "$use_crossystem" = "y" ]; then echo "patching crossystem" cp /opt/crossystem /newroot/tmp/crossystem - if [ "$invalid_hwid" ]; then + if [ "$invalid_hwid" = "y" ]; then sed -i 's/block_devmode/hwid/' /newroot/tmp/crossystem fi diff --git a/bootloader/opt/mount-encrypted b/bootloader/opt/mount-encrypted new file mode 100755 index 0000000..0e0b61e --- /dev/null +++ b/bootloader/opt/mount-encrypted @@ -0,0 +1,5 @@ +#!/bin/bash + +#this fixes chrome os persistence by adding the "--unsafe" flag to all invocations of mount-encrypted + +/tmp/mount-encrypted.real "$@" --unsafe 2>&1 | tee -a /tmp/mount-encrypted.log \ No newline at end of file