diff --git a/SOURCES/0012-ignore-empty-and-comment-lines-in-crypttab.patch b/SOURCES/0012-ignore-empty-and-comment-lines-in-crypttab.patch new file mode 100644 index 0000000..7dcd5ac --- /dev/null +++ b/SOURCES/0012-ignore-empty-and-comment-lines-in-crypttab.patch @@ -0,0 +1,16 @@ +--- clevis-15.ori/src/luks/clevis-luks-common-functions 2023-01-11 11:11:03.050262054 +0100 ++++ clevis-15/src/luks/clevis-luks-common-functions 2023-01-11 11:19:16.004358405 +0100 +@@ -413,7 +413,12 @@ + clevis_devices= + + # Build list of devices to unlock. +- while read -r _ crypt_device _; do ++ while read -r _volname_ crypt_device _; do ++ # skip empty lines and lines which begin with the '#' char, per ++ # crypttab(5) ++ case $_volname_ in ++ ''|\#*) continue ;; ++ esac + if ! dev=$(clevis_map_device "${crypt_device}") \ + || [ -z "${dev}" ]; then + # Unable to get the device - maybe it's not available, e.g. a diff --git a/SPECS/clevis.spec b/SPECS/clevis.spec index c63c7b3..d90f09c 100644 --- a/SPECS/clevis.spec +++ b/SPECS/clevis.spec @@ -2,7 +2,7 @@ Name: clevis Version: 15 -Release: 11%{?dist} +Release: 12%{?dist} Summary: Automated decryption framework License: GPLv3+ @@ -20,6 +20,7 @@ Patch0008: 0008-tang-dump-url-on-error-communication.patch Patch0009: 0009-feat-rename-the-test-pin-to-null-pin.patch Patch0010: 0010-avoid-clevis-invalid-msg.patch Patch0011: 0011-Improve-boot-performance-by-removing-key-check.patch +Patch0012: 0012-ignore-empty-and-comment-lines-in-crypttab.patch BuildRequires: git BuildRequires: gcc @@ -200,6 +201,10 @@ systemctl preset %{name}-luks-askpass.path >/dev/null 2>&1 || : %attr(4755, root, root) %{_libexecdir}/%{name}-luks-udisks2 %changelog +* Wed Jan 11 2023 Sergio Arroutbi - 15-12 +- Ignore empty & comment lines in crypttab + Resolves: rhbz#2159440 + * Tue Aug 02 2022 Sergio Arroutbi - 15-11 - Start clevis-luks-askpass.path service according to global policy Resolves: rhbz#2107081