Skip to content

Commit

Permalink
EncryptApfsVolume: pass disk passphrase on stdin
Browse files Browse the repository at this point in the history
  • Loading branch information
cole-h committed Dec 3, 2024
1 parent aa88f34 commit f07c5a0
Showing 1 changed file with 53 additions and 12 deletions.
65 changes: 53 additions & 12 deletions src/action/macos/encrypt_apfs_volume.rs
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ use std::{
path::{Path, PathBuf},
process::Stdio,
};
use tokio::process::Command;
use tokio::{io::AsyncWriteExt as _, process::Command};
use tracing::{span, Span};

use super::CreateApfsVolume;
Expand Down Expand Up @@ -235,17 +235,58 @@ impl Action for EncryptApfsVolume {
execute_command(&mut cmd).await.map_err(Self::error)?;

// Encrypt the mounted volume
execute_command(Command::new("/usr/sbin/diskutil").process_group(0).args([
"apfs",
"encryptVolume",
self.name.as_str(),
"-user",
"disk",
"-passphrase",
password.as_str(),
]))
.await
.map_err(Self::error)?;
{
let mut command = Command::new("/usr/sbin/diskutil");
command.process_group(0);
command.args([
"apfs",
"encryptVolume",
self.name.as_str(),
"-user",
"disk",
"-stdinpassphrase",
]);
command.stdin(Stdio::piped());
command.stdout(Stdio::piped());
command.stderr(Stdio::piped());
tracing::trace!(command = ?command.as_std(), "Executing");
let mut child = command
.spawn()
.map_err(|e| ActionErrorKind::command(&command, e))
.map_err(Self::error)?;
let mut stdin = child
.stdin
.take()
.expect("child should have had a stdin handle");
stdin
.write_all(password.as_bytes())
.await
.map_err(|e| ActionErrorKind::Write("/dev/stdin".into(), e))
.map_err(Self::error)?;
stdin
.write(b"\n")
.await
.map_err(|e| ActionErrorKind::Write("/dev/stdin".into(), e))
.map_err(Self::error)?;
let output = child
.wait_with_output()
.await
.map_err(|e| ActionErrorKind::command(&command, e))
.map_err(Self::error)?;
match output.status.success() {
true => {
tracing::trace!(
command = ?command.as_std(),
stderr = %String::from_utf8_lossy(&output.stderr),
stdout = %String::from_utf8_lossy(&output.stdout),
"Command success"
);
},
false => Err(Self::error(ActionErrorKind::command_output(
&command, output,
)))?,
}
}

execute_command(
Command::new("/usr/sbin/diskutil")
Expand Down

0 comments on commit f07c5a0

Please sign in to comment.