Skip to content

Commit

Permalink
Fix Plymouth passphrase prompt in initramfs script
Browse files Browse the repository at this point in the history
Entering the ZFS encryption passphrase under Plymouth wasn't working
because in the ZFS initrd script, Plymouth was calling zfs via
"--command", which wasn't passing through the filesystem argument to
zfs load-key properly (it was passing through the single quotes around
the filesystem name intended to handle spaces literally,
which zfs load-key couldn't understand).

Reviewed-by: Richard Laager <[email protected]>
Reviewed-by: Garrett Fields <[email protected]>
Signed-off-by: Richard Allen <[email protected]>
Issue #9193
Closes #9202
  • Loading branch information
belperite authored and behlendorf committed Aug 27, 2019
1 parent e7a2fa7 commit f335b8f
Showing 1 changed file with 8 additions and 8 deletions.
16 changes: 8 additions & 8 deletions contrib/initramfs/scripts/zfs.in
Original file line number Diff line number Diff line change
Expand Up @@ -411,29 +411,29 @@ decrypt_fs()

# Determine dataset that holds key for root dataset
ENCRYPTIONROOT=$(${ZFS} get -H -o value encryptionroot "${fs}")
DECRYPT_CMD="${ZFS} load-key '${ENCRYPTIONROOT}'"

# If root dataset is encrypted...
if ! [ "${ENCRYPTIONROOT}" = "-" ]; then

TRY_COUNT=3
# Prompt with plymouth, if active
if [ -e /bin/plymouth ] && /bin/plymouth --ping 2>/dev/null; then
plymouth ask-for-password --prompt "Encrypted ZFS password for ${ENCRYPTIONROOT}" \
--number-of-tries="3" \
--command="${DECRYPT_CMD}"
while [ $TRY_COUNT -gt 0 ]; do
plymouth ask-for-password --prompt "Encrypted ZFS password for ${ENCRYPTIONROOT}" | \
$ZFS load-key "${ENCRYPTIONROOT}" && break
TRY_COUNT=$((TRY_COUNT - 1))
done

# Prompt with systemd, if active
elif [ -e /run/systemd/system ]; then
TRY_COUNT=3
while [ $TRY_COUNT -gt 0 ]; do
systemd-ask-password "Encrypted ZFS password for ${ENCRYPTIONROOT}" --no-tty | \
${DECRYPT_CMD} && break
$ZFS load-key "${ENCRYPTIONROOT}" && break
TRY_COUNT=$((TRY_COUNT - 1))
done

# Prompt with ZFS tty, otherwise
else
eval "${DECRYPT_CMD}"
$ZFS load-key "${ENCRYPTIONROOT}"
fi
fi
fi
Expand Down

0 comments on commit f335b8f

Please sign in to comment.