35 lines
No EOL
982 B
Bash
Executable file
35 lines
No EOL
982 B
Bash
Executable file
#!/bin/sh
|
|
|
|
# Exit immediately if a command exits with a non-zero status
|
|
set -e
|
|
|
|
# Summary of the script's functionality
|
|
summary="The dracut module of zlevis"
|
|
|
|
# Display summary if requested
|
|
if [ "$1" = "--summary" ]; then
|
|
echo "$summary"
|
|
exit 0
|
|
fi
|
|
|
|
# Load the ZFS kernel module
|
|
modprobe zfs 2>/dev/null
|
|
udevadm settle
|
|
|
|
# Search for encrypted pool's by means of the cmdline root atribute
|
|
local _root_vol="${root}"
|
|
local _root_pool="${_root_vol%%/*}"
|
|
|
|
# Import the root pool
|
|
zpool import -N -d /dev $_root_pool
|
|
|
|
# If the pool is encrypted run `zlevis decrypt` to obtain the key stored in the TPM and load the key
|
|
if [ $(zpool list -H -o feature@encryption $_root_pool) = "active" ]; then
|
|
local _encryption_root=$(zfs get -H -o value encryptionroot $_root_vol)
|
|
if [ "$_encryption_root" != "-" ]; then
|
|
zlevis decrypt $_root_pool | zfs load-key -L prompt "$_root_pool" || echo "Failed to unlock $_root_pool with TPM"
|
|
fi
|
|
fi
|
|
|
|
# Exit with the status of the last command
|
|
exit $? |