crypttab-keyscript.patch

   1 diff -urpa dracut-056.orig/modules.d/90crypt/cryptroot-ask.sh dracut-056/modules.d/90crypt/cryptroot-ask.sh
   2 --- dracut-056.orig/modules.d/90crypt/cryptroot-ask.sh  2022-02-18 12:32:53.000000000 +0100
   3 +++ dracut-056/modules.d/90crypt/cryptroot-ask.sh       2022-08-28 19:27:11.079536407 +0200
   4 @@ -112,6 +112,9 @@ while [ $# -gt 0 ]; do
   5          header=*)
   6              cryptsetupopts="${cryptsetupopts} --${1}"
   7              ;;
   8 +        keyscript=*)
   9 +            keyscript=${1##keyscript=}
  10 +            ;;
  11      esac
  12      shift
  13  done
  14 @@ -174,6 +177,15 @@ else
  15      done
  16  fi
  17
  18 +if [ ! -z "$keyscript" -a -x "$keyscript" ]; then
  19 +    info "Executing keyscript $keyscript"
  20 +    eval $keyscript "$luksfile" | cryptsetup -d - $cryptsetupopts luksOpen "$device" "$luksname"
  21 +    cryptsetup status "$luksname" > /dev/null 2>&1
  22 +    if [ $? -eq 0 ]; then
  23 +        ask_passphrase=0
  24 +    fi
  25 +fi
  26 +
  27  if [ $ask_passphrase -ne 0 ]; then
  28      luks_open="$(command -v cryptsetup) $cryptsetupopts luksOpen"
  29      _timeout=$(getargs "rd.luks.timeout")
  30 diff -urpa dracut-056.orig/modules.d/90crypt/module-setup.sh dracut-056/modules.d/90crypt/module-setup.sh
  31 --- dracut-056.orig/modules.d/90crypt/module-setup.sh   2022-02-18 12:32:53.000000000 +0100
  32 +++ dracut-056/modules.d/90crypt/module-setup.sh        2022-08-28 19:27:11.079536407 +0200
  33 @@ -136,10 +136,26 @@ install() {
  34                          forceentry="yes"
  35                          break
  36                          ;;
  37 +                    keyscript=*)
  38 +                        keyscript=${1##keyscript=}
  39 +                        break
  40 +                        ;;
  41                  esac
  42                  shift
  43              done
  44
  45 +            if [ ! -z "${keyscript}" ]; then
  46 +                if [ -x "${keyscript}" ]; then
  47 +                    if [ ! -d "${initdir}/etc/keyscripts" ]; then
  48 +                        mkdir "${initdir}/etc/keyscripts" 2>/dev/null
  49 +                    fi
  50 +                    inst_script "${keyscript}" /etc/keyscripts/${keyscript##*/}
  51 +                    _luksoptions=${_luksoptions/${keyscript%%=*}/\/etc\/keyscripts\/${keyscript##*/}}
  52 +                else
  53 +                    dwarning "Missing keyscript referenced in crypttab: ${keyscript}"
  54 +                fi
  55 +            fi
  56 +
  57              # include the entry regardless
  58              if [ "${forceentry}" = "yes" ]; then
  59                  echo "$_mapper $_dev $_luksfile $_luksoptions"