README.md

@@ -1,3 +1,3 @@
-# zlevis-dracut
+# Zlevis-Dracut
 
-A dracut module that builds in automatic decryption of a `ZFS` root pool in the `initramfs` with `zlevis`.
+A dracut module to allow zlevis to unlock an encrypted ZFS pool during boot up time.

meson.build

@@ -1,14 +1,14 @@
 # Project definition
-project('zlevis-dracut', license: 'GPL3')
+project('zlevis-dracut', version: '0.3')
 
-# Define dracut module dir
+# Files which need to be moved
+src_files = [
+  'module-setup.sh',
+  'zlevis.sh'
+]
+
+# Move them to an appropriate dracut module dir
 modules_dir = '/usr/lib/dracut/modules.d/85zlevis/'
 
-# Define bins list
+# Install the files
-bins = []
+install_data(src_files, install_dir: modules_dir)
-
-# Define subdir with bins
-subdir('src')
-
-# Install bins in module dir
-install_data(bins, install_dir: modules_dir)

module-setup.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+depends() {
+  echo udev-rules zfs
+  return 0
+}
+
+install() {
+  # Install the appropriate binaries and libraries
+  inst_multiple /usr/bin /usr/bin/zlevis* /usr/bin/jose /usr/bin/tpm2* /usr/bin/mktemp
+  inst_multiple /usr/lib /usr/lib/libtss2-tcti*
+
+  # Run the zlevis decryption hook before the 90zfs hook
+  inst_hook pre-mount 85 "${moddir}/zlevis.sh"
+  inst_simple "${moddir}/zlevis.sh" "/sbin/zlevis.sh"
+}

src/meson.build

@@ -1,11 +0,0 @@
-# Find scripts
-module = find_program('zlevis-module')
-module-setup = find_program('zlevis-module-setup')
-
-# Test the scripts
-test('zlevis-module', module, args: '--summary')
-test('zlevis-module-setup', module-setup, args: '--summary')
-
-# Add paths of scripts to bins
-bins += join_paths(meson.current_source_dir(), 'zlevis-module')
-bins += join_paths(meson.current_source_dir(), 'zlevis-module-setup')

src/zlevis-module-setup

@@ -1,32 +0,0 @@
-#!/bin/bash
-
-# Exit immediately if a command exits with a non-zero status
-set -e
-
-# Summary of the script's functionality
-summary="The setup of the dracut module of zlevis"
-
-# Display summary if requested
-if [ "$1" = "--summary" ]; then
-    echo "$summary"
-    exit 0
-fi
-
-# Depend on udev-rules and zfs
-depends() {
-  echo udev-rules zfs
-  return 0
-}
-
-install() {
-  # Install the appropriate binaries and libraries
-  inst_multiple /usr/bin /usr/bin/zlevis /usr/bin/zlevis-decrypt /usr/bin/jose /usr/bin/tpm2*
-  inst_multiple /usr/lib /usr/lib/libtss2-tcti*
-
-  # Run the zlevis decryption hook before the 90zfs hook
-  inst_hook pre-mount 85 "${moddir}/zlevis-module"
-  inst_simple "${moddir}/zlevis-module" "/sbin/zlevis-module"
-}
-
-# Exit with the status of the last command
-exit $?

zlevis.sh

@@ -1,35 +1,21 @@
 #!/bin/sh
 
-# Exit immediately if a command exits with a non-zero status
+# First make sure the zfs kmod is loaded
-set -e
-
-# Summary of the script's functionality
-summary="The dracut module of zlevis"
-
-# Display summary if requested
-if [ "$1" = "--summary" ]; then
-    echo "$summary"
-    exit 0
-fi
-
-# Load the ZFS kernel module
 modprobe zfs 2>/dev/null
 udevadm settle
 
-# Search for encrypted pool's by means of the cmdline root atribute
+# Inspired by Alpine Linux's mkinitfs script - search for encrypted pool's by means of the cmdline root atribute
 local _root_vol="${root}"
 local _root_pool="${_root_vol%%/*}"
 
 # Import the root pool
 zpool import -N -d /dev $_root_pool
 
-# If the pool is encrypted run `zlevis decrypt` to obtain the key stored in the TPM and load the key
+# If the pool is encrypted run `zlevis decrypt` to obtain the key stored in the tpm2 and load it
 if [ $(zpool list -H -o feature@encryption $_root_pool) = "active" ]; then
 	local _encryption_root=$(zfs get -H -o value encryptionroot $_root_vol)
 	if [ "$_encryption_root" != "-" ]; then
-		zlevis decrypt $_root_pool | zfs load-key -L prompt "$_root_pool" || echo "Failed to unlock $_root_pool with TPM"
+		zlevis decrypt $_root_pool | zfs load-key -L prompt "$_root_pool" || echo "zlevis failed to unlock $_root_pool"
 	fi
 fi
 
-# Exit with the status of the last command
-exit $?