diff options
| author | RaindropsSys <contact@minteck.org> | 2023-06-18 13:01:49 +0200 |
|---|---|---|
| committer | RaindropsSys <contact@minteck.org> | 2023-06-18 13:01:49 +0200 |
| commit | 4480e889a967e571e89eb312b7ead883b827ed28 (patch) | |
| tree | 7da95d791b6c56e514edef7cccc75f6c88929d7c | |
| parent | 391ed3d1afa0334390df24af3f1ab13cf7066a84 (diff) | |
| download | kirinos-4480e889a967e571e89eb312b7ead883b827ed28.tar.gz kirinos-4480e889a967e571e89eb312b7ead883b827ed28.tar.bz2 kirinos-4480e889a967e571e89eb312b7ead883b827ed28.zip | |
Updated 3 files and added 11 files (automated)
| -rw-r--r-- | ROADMAP.md | 4 | ||||
| -rw-r--r-- | core/login/back.svg | 1 | ||||
| -rw-r--r-- | core/login/decrypt.sh | 9 | ||||
| -rw-r--r-- | core/login/index.html | 260 | ||||
| -rw-r--r-- | core/login/restart.svg | 1 | ||||
| -rw-r--r-- | core/login/shutdown.svg | 1 | ||||
| -rw-r--r-- | core/login/sleep.svg | 1 | ||||
| -rw-r--r-- | core/login/unwrap.js | 1 | ||||
| -rw-r--r-- | core/startup/encryption.sh | 1 | ||||
| -rw-r--r-- | core/startup/index.html | 7 | ||||
| -rw-r--r-- | defaultuser.svg | 19 | ||||
| -rw-r--r-- | setup.sh | 23 | ||||
| -rw-r--r-- | setup/cryptsetup.js | 1 | ||||
| -rw-r--r-- | setup/unwraptest.js | 1 |
14 files changed, 326 insertions, 4 deletions
@@ -1,7 +1,7 @@ # mangoOS 1.0 Roadmap -* [ ] Startup screen **- Raindrops** -* [ ] Login screen **- Raindrops** +* [x] <s>Startup screen **- Raindrops**</s> +* [x] <s>Login screen **- Raindrops**</s> * [ ] Desktop * [ ] Window manager * [ ] Application menu diff --git a/core/login/back.svg b/core/login/back.svg new file mode 100644 index 0000000..5811847 --- /dev/null +++ b/core/login/back.svg @@ -0,0 +1 @@ +<svg xmlns="http://www.w3.org/2000/svg" height="48" viewBox="0 -960 960 960" width="48"><path d="M480-160 160-480l320-320 42 42-248 248h526v60H274l248 248-42 42Z"/></svg>
\ No newline at end of file diff --git a/core/login/decrypt.sh b/core/login/decrypt.sh new file mode 100644 index 0000000..b18f84e --- /dev/null +++ b/core/login/decrypt.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +ID=$1 +PASSWORD=$2 + +B64=$(echo "$PASSWORD" | base64 -w0) +KEY=$(cat /mango/users/$ID/key) +PASSPHRASE=$(node unwrap.js $ID $B64) +mount -t ecryptfs /mango/users/$ID/lock /mango/users/$ID/home -o verbosity=0,key=passphrase:passphrase_passwd=$PASSPHRASE,ecryptfs_sig=$KEY,ecryptfs_fnek_sig=$KEY,ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_unlink_sigs
\ No newline at end of file diff --git a/core/login/index.html b/core/login/index.html new file mode 100644 index 0000000..3d647d1 --- /dev/null +++ b/core/login/index.html @@ -0,0 +1,260 @@ +<!DOCTYPE html> +<html lang="en"> +<head> + <meta charset="UTF-8"> + <title>mangoos</title> + <style> + * { + font-family: "Inter", sans-serif; + user-select: none; + -webkit-user-drag: none; + outline: none; + } + + html, body { + background-color: cornflowerblue; + color: black; + margin: 0; + } + + ::-webkit-scrollbar { + width: 7px; + } + + ::-webkit-scrollbar-track { + background: transparent; + } + + ::-webkit-scrollbar-thumb { + background: rgba(0, 0, 0, .25); + border-radius: 999px; + } + + ::-webkit-scrollbar-thumb:hover { + background: rgba(0, 0, 0, .35); + } + + ::-webkit-scrollbar-thumb:active { + background: rgba(0, 0, 0, .5); + } + + .user-card-avatar { + display: block; + margin-left: auto; + margin-right: auto; + width: 64px; + height: 64px; + border-radius: 999px; + } + + #login-card-avatar { + width: 64px; + height: 64px; + border-radius: 999px; + } + + .login-card { + display: grid; + grid-template-columns: max-content max-content; + width: 256px; + grid-gap: 10px; + margin-left: auto; + margin-right: auto; + } + + .user-card-name { + display: block; + width: max-content; + margin-left: auto; + margin-right: auto; + } + + #users { + display: grid; + grid-template-columns: repeat(5, 1fr); + margin: 20px 50px 0; + } + + .user-card:hover, .login-action:hover { + background: rgba(0, 0, 0, .05); + } + + .user-card { + padding: 10px; + border-radius: 10px; + } + + .user-card:active, .login-action:active { + background: rgba(0, 0, 0, .075); + } + + .login-action { + border-radius: 5px; + width: 32px; + height: 32px; + display: inline-flex; + align-items: center; + justify-content: center; + } + + #login-card-password { + width: 182px; + border: 0; + height: 24px; + padding: 5px 20px; + border-radius: 999px; + background: rgba(0, 0, 0, .025); + } + </style> +</head> +<body style="opacity: 0; pointer-events: none;"> + <div style="display: flex; align-items: center; justify-content: center; position: fixed; inset: 0;"> + <div style="background: rgba(255, 255, 255, .75); backdrop-filter: blur(10px); padding: 50px; width: 512px; height: 256px; border-radius: 10px;"> + <div style="background: rgba(0, 0, 0, .1); margin: -50px -50px 0; border-top-left-radius: 10px; border-top-right-radius: 10px; border-bottom: 1px solid rgba(0, 0, 0, .1); height: 80px;"> + <div style="display: inline-flex; align-items: center;margin: 0 10px; height: 100%; width: max-content;"> + <img src="../../logo.svg" style="width: 64px;"> + <h2 style="margin-left: 5px;" id="clock">--:--</h2> + <script> + document.getElementById("clock").innerText = (new Intl.DateTimeFormat('en-IE', { + hour: 'numeric', + minute: '2-digit' + })).format(new Date()); + </script> + </div> + <div style="float: right; display: flex; align-items: center; height: 100%; margin: 0 25px;" id="power-actions"> + <a class="login-action" onclick="shutdown();"> + <img src="shutdown.svg" style="width: 24px;"> + </a> + <a class="login-action" onclick="restart();"> + <img src="restart.svg" style="width: 24px;"> + </a> + <a class="login-action" onclick="sleep();"> + <img src="sleep.svg" style="width: 24px;"> + </a> + </div> + </div> + <div style="height: calc(100% + 19px); margin: 0 -50px -50px;overflow-y: scroll;"> + <div id="users"></div> + <div id="login" style="display: none; padding: 10px; height: calc(100% - 20px);"> + <a id="login-back" class="login-action" onclick="cancelLogin();"> + <img src="back.svg" style="width: 24px;"> + </a> + + <div class="login-card" style="height: calc(100% - 64px);"> + <div style="display: flex; align-items: center;"> + <img src="" alt="" id="login-card-avatar"> + </div> + <div style="display: flex; align-items: center;"> + <div> + <h3 id="login-card-name" style="margin: 0 0 5px;"></h3> + <input type="password" id="login-card-password" placeholder="Enter password"> + <img src="../startup/loader.svg" style="height: 30px; display: none;" id="login-card-loader"> + </div> + </div> + </div> + </div> + </div> + </div> + </div> + + <script> + for (let user of require('fs').readdirSync("/mango/users")) { + document.getElementById("users").innerHTML += `<a onclick="loginAs('${user}')"> + <div class="user-card"> + <img src="${require('fs').existsSync("/mango/users/" + user + "/avatar") ? "file:///mango/users/" + user + "/avatar" : "../../defaultuser.svg"}" alt="" class="user-card-avatar"> + <span class="user-card-name">${require('fs').existsSync("/mango/users/" + user + "/name") ? require('fs').readFileSync("/mango/users/" + user + "/name").toString().trim() : user}</span> + </div> + </a>`; + } + + function sleep() { + require('child_process').execSync("suspend"); + } + + function shutdown() { + document.body.style.opacity = "0"; + document.body.style.pointerEvents = "none"; + require('child_process').execSync("poweroff"); + } + + function restart() { + document.body.style.opacity = "0"; + document.body.style.pointerEvents = "none"; + require('child_process').execSync("reboot"); + } + + window.onload = () => { + document.body.style.opacity = ""; + document.body.style.pointerEvents = ""; + } + + window.currentUser = null; + + function loginAs(id) { + window.currentUser = id; + + document.getElementById("login-card-avatar").src = require('fs').existsSync("/mango/users/" + id + "/avatar") ? "file:///mango/users/" + id + "/avatar" : "../../defaultuser.svg"; + document.getElementById("login-card-name").innerText = require('fs').existsSync("/mango/users/" + id + "/name") ? require('fs').readFileSync("/mango/users/" + id + "/name").toString().trim() : id; + document.getElementById("login-card-password").innerText = ""; + + document.getElementById("users").style.display = "none"; + document.getElementById("login").style.display = ""; + document.getElementById("login-card-password").focus(); + } + + document.getElementById("login-card-password").onkeydown = (e) => { + if (e.code === "Enter" && document.getElementById("login-card-password").value.length > 0 && document.getElementById("login-card-password").value.length < 64) { + confirmLogin(); + } + } + + function confirmLogin() { + document.getElementById("login-back").style.opacity = "0"; + document.getElementById("login-back").style.pointerEvents = "none"; + document.getElementById("login-card-password").style.display = "none"; + document.getElementById("login-card-loader").style.display = ""; + document.getElementById("power-actions").style.opacity = ".5"; + document.getElementById("power-actions").style.pointerEvents = "none"; + document.body.style.cursor = "none"; + + let p = require('child_process').execFile("./decrypt.sh", [ window.currentUser, document.getElementById("login-card-password").value.replaceAll('"', "\\\"") ], { stdio: "pipe", shell: true, cwd: "/mango/core/login" }); + + p.stdout.on('data', (data) => { + console.info(data.toString()); + }); + + p.stderr.on('data', (data) => { + console.error(data.toString()); + }); + + p.on('close', (code, signal) => { + console.log(code, signal); + + if (code === 0) { + try { require('child_process').execSync("rm -rf /mango/session"); } catch (e) {} + require('child_process').execSync("ln -s /mango/users/" + currentUser + "/home /mango/session"); + + document.body.style.opacity = "0"; + document.body.style.pointerEvents = "none"; + location.href = "../desktop/index.html"; + } else { + document.getElementById("login-back").style.opacity = "1"; + document.getElementById("login-back").style.pointerEvents = ""; + document.getElementById("login-card-password").style.display = ""; + document.getElementById("login-card-password").value = ""; + document.getElementById("login-card-loader").style.display = "none"; + document.getElementById("power-actions").style.opacity = "1"; + document.getElementById("power-actions").style.pointerEvents = ""; + document.getElementById("login-card-password").focus(); + } + }) + } + + function cancelLogin() { + window.currentUser = null; + document.getElementById("users").style.display = ""; + document.getElementById("login").style.display = "none"; + } + </script> +</body> +</html>
\ No newline at end of file diff --git a/core/login/restart.svg b/core/login/restart.svg new file mode 100644 index 0000000..f82b97f --- /dev/null +++ b/core/login/restart.svg @@ -0,0 +1 @@ +<svg xmlns="http://www.w3.org/2000/svg" height="48" viewBox="0 -960 960 960" width="48"><path d="M451-122q-123-10-207-101t-84-216q0-77 35.5-145T295-695l43 43q-56 33-87 90.5T220-439q0 100 66 173t165 84v60Zm60 0v-60q100-12 165-84.5T741-439q0-109-75.5-184.5T481-699h-20l60 60-43 43-133-133 133-133 43 43-60 60h20q134 0 227 93.5T801-439q0 125-83.5 216T511-122Z"/></svg>
\ No newline at end of file diff --git a/core/login/shutdown.svg b/core/login/shutdown.svg new file mode 100644 index 0000000..e12cf33 --- /dev/null +++ b/core/login/shutdown.svg @@ -0,0 +1 @@ +<svg xmlns="http://www.w3.org/2000/svg" height="48" viewBox="0 -960 960 960" width="48"><path d="M450-438v-406h60v406h-60Zm30 320q-74 0-139.5-28.5T226-224q-49-49-77.5-114.5T120-478q0-80 34-149.5T250-751l42 42q-53 43-82.5 102.5T180-478.022Q180-353 267.5-265.5 355-178 480-178q125.357 0 212.679-87.5Q780-353 780-478.022 780-547 750.5-607.5 721-668 670-709l43-42q60 51 93.5 122T840-478q0 74-28.5 139.5t-77 114.5q-48.5 49-114 77.5T480-118Z"/></svg>
\ No newline at end of file diff --git a/core/login/sleep.svg b/core/login/sleep.svg new file mode 100644 index 0000000..b8f052b --- /dev/null +++ b/core/login/sleep.svg @@ -0,0 +1 @@ +<svg xmlns="http://www.w3.org/2000/svg" height="48" viewBox="0 -960 960 960" width="48"><path d="M480.235-380Q522-380 551-409.235q29-29.236 29-71Q580-522 550.765-551q-29.236-29-71-29Q438-580 409-550.765q-29 29.236-29 71Q380-438 409.235-409q29.236 29 71 29Zm.031 300q-82.734 0-155.5-31.5t-127.266-86q-54.5-54.5-86-127.341Q80-397.681 80-480.5q0-82.819 31.5-155.659Q143-709 197.5-763t127.341-85.5Q397.681-880 480.5-880q82.819 0 155.659 31.5Q709-817 763-763t85.5 127Q880-563 880-480.266q0 82.734-31.5 155.5T763-197.684q-54 54.316-127 86Q563-80 480.266-80Zm.234-60Q622-140 721-239.5t99-241Q820-622 721.188-721 622.375-820 480-820q-141 0-240.5 98.812Q140-622.375 140-480q0 141 99.5 240.5t241 99.5Zm-.5-340Z"/></svg>
\ No newline at end of file diff --git a/core/login/unwrap.js b/core/login/unwrap.js new file mode 100644 index 0000000..50ac419 --- /dev/null +++ b/core/login/unwrap.js @@ -0,0 +1 @@ +console.log(require('child_process').execSync('echo "' + Buffer.from(process.argv[3], "base64").toString().trim().replaceAll('"', "\\\"") + '" | ecryptfs-unwrap-passphrase /mango/users/' + process.argv[2] + '/crypt/wrapped-passphrase').toString().trim().split("\n")[1]);
\ No newline at end of file diff --git a/core/startup/encryption.sh b/core/startup/encryption.sh new file mode 100644 index 0000000..cc1f786 --- /dev/null +++ b/core/startup/encryption.sh @@ -0,0 +1 @@ +#!/bin/bash
\ No newline at end of file diff --git a/core/startup/index.html b/core/startup/index.html index edd1c63..50f65ac 100644 --- a/core/startup/index.html +++ b/core/startup/index.html @@ -10,6 +10,7 @@ user-select: none; user-focus: none; cursor: none; + outline: none; } html, body { @@ -82,6 +83,10 @@ { title: "Starting UNIX policy manager...", command: "systemctl start polkit.service" + }, + { + title: "Configuring encryption...", + command: "modprobe ecryptfs && /mango/core/startup/encryption.sh" } ]; @@ -121,6 +126,8 @@ } document.getElementById("loading-message").innerText = "Initialising login screen..."; + document.body.style.opacity = "0"; + document.body.style.pointerEvents = "none"; location.href = "../login/index.html"; }, 3000); </script> diff --git a/defaultuser.svg b/defaultuser.svg new file mode 100644 index 0000000..b7baaad --- /dev/null +++ b/defaultuser.svg @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="utf-8"?> +<!-- Generator: Adobe Illustrator 27.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) --> +<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" + viewBox="0 0 48 48" style="enable-background:new 0 0 48 48;" xml:space="preserve"> +<style type="text/css"> + .st0{fill:#E6E6E6;} +</style> +<rect class="st0" width="48" height="48"/> +<path d="M13,33.6c1.8-1.2,3.6-2.2,5.3-2.9c1.8-0.7,3.6-1,5.7-1s3.9,0.3,5.7,1c1.8,0.7,3.5,1.6,5.3,2.9c1.2-1.5,2.1-3.1,2.7-4.6 + c0.5-1.6,0.8-3.2,0.8-4.9c0-4.1-1.4-7.5-4.1-10.3S28.1,9.5,24,9.5s-7.5,1.4-10.3,4.1S9.6,19.9,9.6,24c0,1.7,0.3,3.4,0.8,4.9 + C10.9,30.5,11.8,32,13,33.6z M24,25.3c-1.6,0-3-0.6-4.1-1.7s-1.7-2.5-1.7-4.1s0.6-3,1.7-4.1c1.1-1.1,2.5-1.7,4.1-1.7s3,0.6,4.1,1.7 + c1.1,1.1,1.7,2.5,1.7,4.1s-0.6,3-1.7,4.1C27,24.7,25.6,25.3,24,25.3z M24,41c-2.3,0-4.5-0.4-6.6-1.3c-2.1-0.9-3.9-2.1-5.4-3.7 + s-2.8-3.3-3.7-5.4S7,26.3,7,24s0.4-4.5,1.3-6.6s2.1-3.9,3.7-5.4s3.3-2.8,5.4-3.7S21.7,7,24,7s4.5,0.4,6.6,1.3s3.9,2.1,5.4,3.7 + c1.5,1.5,2.8,3.3,3.7,5.4c0.9,2.1,1.3,4.3,1.3,6.6s-0.4,4.5-1.3,6.6c-0.9,2.1-2.1,3.9-3.7,5.4c-1.5,1.5-3.3,2.8-5.4,3.7 + C28.6,40.6,26.4,41,24,41z M24,38.5c1.6,0,3.1-0.2,4.6-0.7s3-1.2,4.4-2.4c-1.4-1-2.9-1.8-4.4-2.3c-1.5-0.5-3-0.8-4.5-0.8 + c-1.5,0-3,0.3-4.5,0.8c-1.5,0.5-3,1.3-4.4,2.3c1.4,1.1,2.9,1.9,4.4,2.4C20.9,38.2,22.4,38.5,24,38.5z M24,22.7c1,0,1.7-0.3,2.4-0.9 + c0.6-0.6,0.9-1.4,0.9-2.4c0-1-0.3-1.7-0.9-2.4c-0.6-0.6-1.4-0.9-2.4-0.9s-1.7,0.3-2.4,0.9c-0.6,0.6-0.9,1.4-0.9,2.4 + c0,1,0.3,1.7,0.9,2.4C22.3,22.4,23,22.7,24,22.7z"/> +</svg> @@ -1,6 +1,6 @@ #!/bin/bash cd /mango -apt install -y network-manager xserver-xorg x11-xserver-utils xinit libnss3 libatk1.0-0 libatk-bridge2.0-0 libcups2 libgtk-3-0 libasound2 fonts-inter +apt install -y network-manager xserver-xorg x11-xserver-utils xinit libnss3 libatk1.0-0 libatk-bridge2.0-0 libcups2 libgtk-3-0 libasound2 fonts-inter ecryptfs-utils nodejs xxd apt autoremove -y chmod -R +x * cp ./setup/modm\@.service /etc/systemd/system/modm\@.service @@ -22,4 +22,23 @@ systemctl disable systemd-udevd.service systemctl disable networking.service systemctl disable NetworkManager.service systemctl disable wpa_supplicant.service -systemctl disable polkit.service
\ No newline at end of file +systemctl disable polkit.service +mkdir -p /mango/users/0/crypt +mkdir -p /mango/users/0/lock +mkdir -p /mango/users/0/home +echo "Owner" > /mango/users/0/name +rm /root/.ecryptfs +rm /.ecryptfs +ln -s /mango/users/0/crypt /root/.ecryptfs +ln -s /mango/users/0/crypt /.ecryptfs +( stty -echo; printf "Passphrase: " 1>&2; PASSWORD="password"; stty echo; echo 1>&2; head -c 24 /dev/random | xxd -p; echo "$PASSWORD"; ) | ecryptfs-wrap-passphrase /mango/users/0/crypt/wrapped-passphrase +KEY=$(node setup/cryptsetup.js) +echo "/mango/users/0/lock /mango/users/0/home ecryptfs" > /mango/users/0/crypt/secret.conf +echo $KEY > /mango/users/0/key +echo $KEY > /mango/users/0/crypt/secret.sig +echo $KEY >> /mango/users/0/crypt/secret.sig +PASSPHRASE=$(node setup/unwraptest.js) +mount -t ecryptfs /mango/users/0/lock /mango/users/0/home -o verbosity=0,key=passphrase:passphrase_passwd=$PASSPHRASE,ecryptfs_sig=$KEY,ecryptfs_fnek_sig=$KEY,ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_unlink_sigs +mkdir -p /mango/users/0/home/data /mango/users/0/home/data/Music /mango/users/0/home/data/Downloads /mango/users/0/home/data/Documents /mango/users/0/home/data/Pictures +umount /mango/users/0/home +mkdir /mango/session
\ No newline at end of file diff --git a/setup/cryptsetup.js b/setup/cryptsetup.js new file mode 100644 index 0000000..7c15e59 --- /dev/null +++ b/setup/cryptsetup.js @@ -0,0 +1 @@ +console.log(require('child_process').execSync("( stty -echo; printf \"Passphrase: \" 1>&2; PASSWORD=\"password\"; stty echo; echo \"$PASSWORD\"; ) | ecryptfs-insert-wrapped-passphrase-into-keyring /mango/users/0/crypt/wrapped-passphrase -").toString().trim().split("[")[1].split("]")[0]);
\ No newline at end of file diff --git a/setup/unwraptest.js b/setup/unwraptest.js new file mode 100644 index 0000000..c60f886 --- /dev/null +++ b/setup/unwraptest.js @@ -0,0 +1 @@ +console.log(require('child_process').execSync('echo "password" | ecryptfs-unwrap-passphrase /mango/users/0/crypt/wrapped-passphrase').toString().trim().split("\n")[1]);
\ No newline at end of file |
