rpms / clevis

Clone
Source Code
GIT

Blame SOURCES/luks-fix-handling-of-devices-in-clevis-luks-askpass-.patch

c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   efc82ee1bc3898cf0ee238be8de694000fe19ba7
  2.   SOURCES
  3.   luks-fix-handling-of-devices-in-clevis-luks-askpass-.patch
Blob History Raw
efc82e 
From 1f9e0d9533e970a79bb9a525b5e407bf80f6fc5b Mon Sep 17 00:00:00 2001
efc82e 
From: Sergio Correia <scorreia@redhat.com>
efc82e 
Date: Mon, 6 Jul 2020 08:53:58 -0300
efc82e 
Subject: [PATCH] luks: fix handling of devices in clevis-luks-askpass to
efc82e 
 handle
efc82e
efc82e 
---
efc82e 
 src/luks/systemd/clevis-luks-askpass | 23 ++++++++++++++++++++---
efc82e 
 1 file changed, 20 insertions(+), 3 deletions(-)
efc82e
efc82e 
diff --git a/src/luks/systemd/clevis-luks-askpass b/src/luks/systemd/clevis-luks-askpass
efc82e 
index feebb1a..5719ab6 100755
efc82e 
--- a/src/luks/systemd/clevis-luks-askpass
efc82e 
+++ b/src/luks/systemd/clevis-luks-askpass
efc82e 
@@ -23,6 +23,12 @@ UUID=cb6e8904-81ff-40da-a84a-07ab9ab5715e
efc82e
efc82e 
 shopt -s nullglob
efc82e
efc82e 
+clevis_is_luks_device_by_uuid_open() {
efc82e 
+    local LUKS_UUID="${1}"
efc82e 
+    [ -z "${LUKS_UUID}" ] && return 1
efc82e 
+    test -b /dev/disk/by-id/dm-uuid-*"${LUKS_UUID//-/}"*
efc82e 
+}
efc82e 
+
efc82e 
 path=/run/systemd/ask-password
efc82e 
 while getopts ":lpu:" o; do
efc82e 
     case "$o" in
efc82e 
@@ -49,9 +55,13 @@ while true; do
efc82e 
             esac
efc82e 
         done < "$question"
efc82e
efc82e 
-        [ -z "$d" -o -z "$s" ] && continue
efc82e 
-        [[ -n "${device_uuid}" ]] && [[ "${d}" != *"${device_uuid}"* ]] \
efc82e 
-            && continue
efc82e 
+        [ -b "${d}" ] || continue
efc82e 
+        [ -S "${s}" ] || continue
efc82e 
+
efc82e 
+        if [ -n "${device_uuid}" ]; then
efc82e 
+            uuid="$(cryptsetup luksUUID "${d}")"
efc82e 
+            [ "${uuid}" != "${device_uuid}" ] && todo=1 && continue
efc82e 
+        fi
efc82e
efc82e 
         if cryptsetup isLuks --type luks1 "$d"; then
efc82e 
             # If the device is not initialized, sliently skip it.
efc82e 
@@ -89,6 +99,13 @@ while true; do
efc82e 
         todo=$((todo + 1))
efc82e 
     done
efc82e
efc82e 
+    if [ -n "${device_uuid}" ]; then
efc82e 
+        [ ! -b /dev/disk/by-uuid/"${device_uuid}" ] && break
efc82e 
+        if clevis_is_luks_device_by_uuid_open "${device_uuid}"; then
efc82e 
+            break
efc82e 
+        fi
efc82e 
+    fi
efc82e 
+
efc82e 
     if [ $todo -eq 0 ] || [ "$loop" != "true" ]; then
efc82e 
         break;
efc82e 
     fi
efc82e 
--
efc82e 
2.18.4
efc82e

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation