rename: src/zlevis-module and src/zlevis-module-setup
This commit is contained in:
parent
978545f313
commit
69c83cf170
3 changed files with 50 additions and 20 deletions
35
src/zlevis-module
Executable file
35
src/zlevis-module
Executable file
|
|
@ -0,0 +1,35 @@
|
|||
#!/bin/sh
|
||||
|
||||
# Exit immediately if a command exits with a non-zero status
|
||||
set -e
|
||||
|
||||
# Summary of the script's functionality
|
||||
summary="The dracut module of zlevis"
|
||||
|
||||
# Display summary if requested
|
||||
if [ "$1" = "--summary" ]; then
|
||||
echo "$summary"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Load the ZFS kernel module
|
||||
modprobe zfs 2>/dev/null
|
||||
udevadm settle
|
||||
|
||||
# Search for encrypted pool's by means of the cmdline root atribute
|
||||
local _root_vol="${root}"
|
||||
local _root_pool="${_root_vol%%/*}"
|
||||
|
||||
# Import the root pool
|
||||
zpool import -N -d /dev $_root_pool
|
||||
|
||||
# If the pool is encrypted run `zlevis decrypt` to obtain the key stored in the TPM and load the key
|
||||
if [ $(zpool list -H -o feature@encryption $_root_pool) = "active" ]; then
|
||||
local _encryption_root=$(zfs get -H -o value encryptionroot $_root_vol)
|
||||
if [ "$_encryption_root" != "-" ]; then
|
||||
zlevis decrypt $_root_pool | zfs load-key -L prompt "$_root_pool" || echo "Failed to unlock $_root_pool with TPM"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Exit with the status of the last command
|
||||
exit $?
|
||||
Loading…
Add table
Add a link
Reference in a new issue