From 274c592f5d5cb27bd6bfa973b2d4ed8443bc118c Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Sun, 12 Mar 2023 10:19:37 -0500
Subject: [PATCH] Add factory reset feature

The `factory-reset` command provides a way to completely wipe the data
partition, thus erasing any local configuration and state.  The command
itself simply enables a special systemd service unit that is activated
during the shutdown process.  This unit runs a script, after all
filesystems, except rootfs, have been unmmounted.  It then erases the
signature of the filesystem on the data partition, so it will appear
blank the next time the system boots.  This will trigger the
`init-storage` process, to create a new filesystem on the partition.
---
 overlay/usr/bin/factory-reset                 | 27 +++++++++++++++++++
 .../lib/systemd/system/factory-reset.service  | 13 +++++++++
 overlay/usr/libexec/factory-reset             | 13 +++++++++
 .../selinux-aimee-os/files/aimee-os.fc        |  3 ++-
 .../selinux-aimee-os/files/aimee-os.te        | 18 +++++++++++++
 5 files changed, 73 insertions(+), 1 deletion(-)
 create mode 100755 overlay/usr/bin/factory-reset
 create mode 100644 overlay/usr/lib/systemd/system/factory-reset.service
 create mode 100755 overlay/usr/libexec/factory-reset

diff --git a/overlay/usr/bin/factory-reset b/overlay/usr/bin/factory-reset
new file mode 100755
index 0000000..c4cc513
--- /dev/null
+++ b/overlay/usr/bin/factory-reset
@@ -0,0 +1,27 @@
+#!/bin/sh
+# vim: set sw=4 ts=4 sts=4 et :
+
+. /lib/gentoo/functions.sh
+
+confirm() {
+    unset _confirm
+    printf '%s [y/N] ' "${1-Do you want to continue?}"
+    read _confirm
+    case "${_confirm}" in
+    [Yy]|[Yy][Ee][Ss])
+        return 0
+        ;;
+    *)
+        return 1
+        ;;
+    esac
+}
+
+printf "${WARN}"
+printf 'This operation will COMPLETELY ERASE all data and information '
+printf 'stored on this system!\n'
+printf "${NORMAL}"
+confirm || exit 9
+ewarn 'The system will now reboot and wipe all data.'
+systemctl enable --runtime factory-reset.service
+systemctl reboot
diff --git a/overlay/usr/lib/systemd/system/factory-reset.service b/overlay/usr/lib/systemd/system/factory-reset.service
new file mode 100644
index 0000000..c4eb1e9
--- /dev/null
+++ b/overlay/usr/lib/systemd/system/factory-reset.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Perform a factory reset
+DefaultDependencies=no
+After=umount.target
+Before=systemd-reboot.service
+
+[Service]
+Type=oneshot
+ExecStart=/usr/libexec/factory-reset
+StandardOutput=kmsg+console
+
+[Install]
+WantedBy=final.target
diff --git a/overlay/usr/libexec/factory-reset b/overlay/usr/libexec/factory-reset
new file mode 100755
index 0000000..0144043
--- /dev/null
+++ b/overlay/usr/libexec/factory-reset
@@ -0,0 +1,13 @@
+#!/bin/sh
+# vim: set sw=4 ts=4 sts=4 et :
+
+DATAPART=PARTLABEL=dch-data
+
+seq 1 30
+
+dev=$(findfs "${DATAPART}")
+if [ -z "${dev}" ]; then
+    printf 'Could not find data partition (%s)\n' "${DATAPART}" >&2
+    exit 1
+fi
+wipefs -fa "${dev}"
diff --git a/portage/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.fc b/portage/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.fc
index 5c032b2..85a4fab 100644
--- a/portage/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.fc
+++ b/portage/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.fc
@@ -1,5 +1,6 @@
-/usr/libexec/init-storage	--	gen_context(system_u:object_r:aimee_storinit_exec_t,s0)
 /usr/bin/system-update		--	gen_context(system_u:object_r:aimee_sysupdate_exec_t,s0)
+/usr/libexec/factory-reset	--	gen_context(system_u:object_r:aimee_factory_reset_exec_t,s0)
+/usr/libexec/init-storage	--	gen_context(system_u:object_r:aimee_storinit_exec_t,s0)
 
 /var/run/storinit(/.*)?			gen_context(system_u:object_r:aimee_storinit_runtime_t,s0)
 
diff --git a/portage/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te b/portage/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te
index 70f18af..7ccf9d1 100644
--- a/portage/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te
+++ b/portage/repos/aimee-os/sec-policy/selinux-aimee-os/files/aimee-os.te
@@ -19,6 +19,10 @@ userdom_user_application_domain(aimee_sysupdate_t, aimee_sysupdate_exec_t)
 type aimee_sysupdate_tmp_t;
 files_tmp_file(aimee_sysupdate_tmp_t)
 
+type aimee_factory_reset_t;
+type aimee_factory_reset_exec_t;
+init_daemon_domain(aimee_factory_reset_t, aimee_factory_reset_exec_t)
+
 ########################################
 #
 # init-storage local policy
@@ -140,6 +144,20 @@ gen_require(`
 ')
 aimee_os_run_system_update(sysadm_t, sysadm_r)
 
+# factory-reset local policy
+#
+
+allow aimee_factory_reset_t self:capability { sys_admin };
+allow aimee_factory_reset_t self:fifo_file rw_fifo_file_perms;
+
+corecmd_exec_bin(aimee_factory_reset_t)
+dev_read_sysfs(aimee_factory_reset_t)
+kernel_read_system_state(aimee_factory_reset_t)
+fstools_exec(aimee_factory_reset_t)
+fstools_manage_runtime_files(aimee_factory_reset_t)
+miscfiles_read_localization(aimee_factory_reset_t)
+storage_raw_rw_fixed_disk(aimee_factory_reset_t)
+
 ########################################
 #
 # Additional policy rules for Aimee OS-specific behavior