Ask for disk crypto after root disk question

    Encrypt the root disk? (disk, no or '?' for details) [no]
    Which disk is the root disk? ('?' for details) [sdN]
becomes
    Which disk is the root disk? ('?' for details) [sd0]
    Encrypt the root disk? (yes, no or '?' for details) [no]

so that answering 'sd0' at this point during installation behaves the same
as before the new question:  specifying the root disk.

Users no longer deal with two (softraid chunk sd0, root disk sd1), but just
one disk as before, while sdN are dealt with transparently.

Code also gets simpler and should enable more improvements soon.

Feedback OK afresh1

diff --git a/distrib/miniroot/install.sub b/distrib/miniroot/install.sub
index d3d944b..e66d27f 100644 (file)
--- a/distrib/miniroot/install.sub
+++ b/distrib/miniroot/install.sub
@@ -1,5 +1,5 @@
 #!/bin/ksh
-#      $OpenBSD: install.sub,v 1.1244 2023/05/02 15:55:58 deraadt Exp $
+#      $OpenBSD: install.sub,v 1.1245 2023/05/20 19:10:25 kn Exp $
 #
 # Copyright (c) 1997-2015 Todd Miller, Theo de Raadt, Ken Westerback
 # Copyright (c) 2015, Robert Peichaer <rpe@openbsd.org>
@@ -346,8 +346,6 @@ get_dkdevs_root() {
                for _d in $_disks; do
                        is_rootdisk "$_d" || _disks=$(rmel "$_d" $_disks)
                done
-       else
-               _disks=$(rmel "$CRYPTOCHUNK" $_disks)
        fi
        echo $_disks
 }
@@ -2408,7 +2406,7 @@ is_rootdisk() {
 
 # Get global root information. ie. ROOTDISK, ROOTDEV and SWAPDEV.
 get_rootinfo() {
-       local _default=${CRYPTOVOLUME:-$(get_dkdevs_root)} _dkdev
+       local _default=$(get_dkdevs_root) _dkdev
        local _q="Which disk is the root disk? ('?' for details)"
 
        while :; do
@@ -2417,8 +2415,6 @@ get_rootinfo() {
                case $resp in
                "?")    diskinfo $(get_dkdevs);;
                '')     ;;
-               $CRYPTOCHUNK)
-                       echo "$resp is used for root disk encryption.";;
                *)      # Translate $resp to disk dev name in case it is a DUID.
                        # get_dkdev_name bounces back the disk dev name if not.
                        _dkdev=$(get_dkdev_name "$resp")
@@ -3079,7 +3075,7 @@ do_autoinstall() {
 
 encrypt_root() {
        local _chunk _tries=0
-       local _q="Encrypt the root disk? (disk, 'no' or '?' for details)"
+       local _q="Encrypt the root disk? (yes, no or '?' for details)"
 
        [[ $MDBOOTSR == y ]] || return
 
@@ -3091,21 +3087,22 @@ encrypt_root() {
        [[ -z $(get_softraid_volumes) ]] || return
 
        while :; do
-               echo "Available disks are: $(get_dkdevs | sed 's/^$/none/')."
                _ask "$_q" no || continue
                case $resp in
                '?')    cat <<'__EOT'
 Create a passphrase protected CRYPTO softraid volume to be used as root disk.
 __EOT
-                       diskinfo $(get_dkdevs);;
+                       ;;
                '')     ;;
                n|no)   return;;
-               *)      isin "$resp" $(get_dkdevs) && break
-                       echo 'No such disk.';;
+               y|yes)  break;;
+               *)      echo "'$resp' is not a valid choice."
+                       continue;;
                esac
        done
-       _chunk=$resp
-       log_answers "$_q" $_chunk
+       log_answers "$_q" "$resp"
+       _chunk=$ROOTDISK
+       echo "\nCconfiguring the crypto chunk $_chunk...\n"
 
        make_dev $_chunk
        md_prep_fdisk $_chunk softraid
@@ -3116,10 +3113,11 @@ __EOT
                ((++_tries < 3)) || exit
        done
 
-        CRYPTOCHUNK=$_chunk
        # No volumes existed before asking, but we just created one.
-       # Save it for later as sane root disk default.
-       CRYPTOVOLUME=$(get_softraid_volumes)
+       ROOTDISK=$(get_softraid_volumes)
+       ROOTDEV=${ROOTDISK}a
+       SWAPDEV=${ROOTDISK}b
+       echo "\nConfiguring the root disk $ROOTDISK...\n"
 }
 
 do_install() {
@@ -3175,11 +3173,11 @@ do_install() {
 
        echo
 
-       encrypt_root
-
        # Get information about ROOTDISK, etc.
        get_rootinfo
 
+       encrypt_root
+
        DISKS_DONE=
        FSENT=
 
@@ -3591,8 +3589,6 @@ INSTALL_METHOD=
 NIFS=0
 export PS1="$MODE# "
 PUB_KEY=/etc/signify/openbsd-${VERSION}-base.pub
-CRYPTOCHUNK=
-CRYPTOVOLUME=
 ROOTDEV=
 ROOTDISK=
 SETDIR="$VNAME/$ARCH"