From 3f3a9504b008558380bea81c4ea45c00e05ae239 Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Mon, 2 Jul 2018 11:48:50 +0000 Subject: [PATCH] - added support for keyscripts in crypttab --- crypttab-keyscript.patch | 58 ++++++++++++++++++++++++++++++++++++++++ dracut.spec | 4 ++- 2 files changed, 61 insertions(+), 1 deletion(-) create mode 100644 crypttab-keyscript.patch diff --git a/crypttab-keyscript.patch b/crypttab-keyscript.patch new file mode 100644 index 0000000..1438099 --- /dev/null +++ b/crypttab-keyscript.patch @@ -0,0 +1,58 @@ +diff -ur dracut-047.orig/modules.d/90crypt/cryptroot-ask.sh dracut-047/modules.d/90crypt/cryptroot-ask.sh +--- dracut-047.orig/modules.d/90crypt/cryptroot-ask.sh 2018-02-19 09:00:33.000000000 +0000 ++++ dracut-047/modules.d/90crypt/cryptroot-ask.sh 2018-07-02 11:37:44.222951181 +0000 +@@ -106,6 +106,9 @@ + header=*) + cryptsetupopts="${cryptsetupopts} --${1}" + ;; ++ keyscript=*) ++ keyscript=${1##keyscript=} ++ ;; + esac + shift + done +@@ -163,6 +166,14 @@ + done + fi + ++if [ ! -z "$keyscript" -a -x "$keyscript" ]; then ++ info "Executing keyscript $keyscript" ++ eval $keyscript ++ if [ $? -eq 0 ]; then ++ ask_passphrase=0 ++ fi ++fi ++ + if [ $ask_passphrase -ne 0 ]; then + luks_open="$(command -v cryptsetup) $cryptsetupopts luksOpen" + ask_for_password --ply-tries 5 \ +diff -ur dracut-047.orig/modules.d/90crypt/module-setup.sh dracut-047/modules.d/90crypt/module-setup.sh +--- dracut-047.orig/modules.d/90crypt/module-setup.sh 2018-02-19 09:00:33.000000000 +0000 ++++ dracut-047/modules.d/90crypt/module-setup.sh 2018-07-02 10:57:20.952095619 +0000 +@@ -96,10 +96,26 @@ + forceentry="yes" + break + ;; ++ keyscript=*) ++ keyscript=${1##keyscript=} ++ break ++ ;; + esac + shift + done + ++ if [ ! -z "${keyscript}" ]; then ++ if [ -x "${keyscript}" ]; then ++ if [ ! -d "${initdir}/etc/keyscripts" ]; then ++ mkdir "${initdir}/etc/keyscripts" 2>/dev/null ++ fi ++ inst_script "${keyscript}" /etc/keyscripts/${keyscript##*/} ++ _luksoptions=${_luksoptions/${keyscript%%=*}/\/etc\/keyscripts\/${keyscript##*/}} ++ else ++ dwarning "Missing keyscript referenced in crypttab: ${keyscript}" ++ fi ++ fi ++ + # include the entry regardless + if [ "${forceentry}" = "yes" ]; then + echo "$_mapper $_dev $_luksfile $_luksoptions" diff --git a/dracut.spec b/dracut.spec index b107639..7215b1b 100644 --- a/dracut.spec +++ b/dracut.spec @@ -2,7 +2,7 @@ Summary: Initramfs generator using udev Summary(pl.UTF-8): Generator initramfs wykorzystujący udev Name: dracut Version: 047 -Release: 4 +Release: 5 License: GPL v2+ Group: Base Source0: https://www.kernel.org/pub/linux/utils/boot/dracut/%{name}-%{version}.tar.xz @@ -19,6 +19,7 @@ Patch7: misc_fixes.patch Patch8: initrd-release.patch Patch9: no_systemd_udevd.patch Patch10: ext4.patch +Patch11: crypttab-keyscript.patch URL: https://dracut.wiki.kernel.org/ BuildRequires: asciidoc BuildRequires: dash @@ -203,6 +204,7 @@ Bashowe dopełnianie składni dla polecenia dracut. %patch8 -p1 %patch9 -p1 %patch10 -p1 +%patch11 -p1 %{__sed} -i -e 's,@lib@,%{_lib},g' modules.d/50plymouth/module-setup.sh %{__sed} -i -e 's,@lib@,%{_lib},g' modules.d/95resume/module-setup.sh -- 2.46.0