decrypt-root-with-usb: ubuntu-22.04 patch.

2022-05-21 13:01:40 +02:00 · 2022-05-21 13:01:40 +02:00 · 1483a6c011
parent 6e546e1190
commit 1483a6c011
2 changed files with 62 additions and 1 deletions
--- a/decrypt-root-with-usb/ubuntu-22.04/cryptroot.patch
+++ b/decrypt-root-with-usb/ubuntu-22.04/cryptroot.patch
@ -0,0 +1,61 @@
 --- cryptroot.orig	2022-05-21 12:59:09.224162975 +0200
 +++ usr/share/initramfs-tools/scripts/local-top/cryptroot	2022-04-23 19:58:19.872003766 +0200
@@ -1,5 +1,7 @@
 #!/bin/sh
 +# Search for cryptkey.txt
 +
 PREREQ="cryptroot-prepare"
 #
@@ -159,8 +161,48 @@
             # unlock via keyfile
             unlock_mapping "$CRYPTTAB_KEY"
         else
 -            # unlock interactively or via keyscript
 -            run_keyscript "$count" | unlock_mapping
 +	    if [ -z "${CRYPTTAB_OPTION_keyscript+x}" ]; then
 +		# Wait for USB to settle
 +		/bin/sleep 3
 +
 +		# Test all devices
 +		mkdir /mnt
 +		echo -n "Searching for cryptkey.txt on available disks... "
 +		local partition
 +		for partition in `cat /proc/partitions |awk '{print $4}'|tail -n +3`; do
 +		    echo -n " $partition"
 +		    if mount -oro /dev/"$partition" /mnt 2>/dev/null; then
 +			echo -n "(mounted)"
 +			cat /mnt/cryptkey.txt >> /tmp/cryptkeys.txt 2>/dev/null
 +			umount /dev/"$partition"
 +		    fi
 +		done
 +		echo "done."
 +	    fi
 +    
 +	    if [ -s /tmp/cryptkeys.txt ]; then
 +		local keyfound
 +                keyfound=0
 +                echo "Trying keys from cryptkey.txt for opening $CRYPTTAB_SOURCE as $CRYPTTAB_NAME"
 +                for key in `cat /tmp/cryptkeys.txt`; do
 +                    if echo -n "$key" | unlock_mapping; then
 +                        # Found the key
 +                        echo Key found in cryptkey.txt
 +                        keyfound=1
 +                        key=""
 +                    fi
 +                done
 +                # Remove traces of the key
 +                rm /tmp/cryptkeys.txt
 +                unset key
 +		if [ "$keyfound" = "0" ]; then
 +                    # Fall back to manual entry
 +		    run_keyscript "$CRYPTTAB_KEY" "$count" | unlock_mapping
 +		fi
 +	    else
 +		# unlock interactively or via keyscript
 +		run_keyscript "$CRYPTTAB_KEY" "$count" | unlock_mapping
 +	    fi
         fi
         rv=$?
         count=$(( $count + 1 ))
--- a/decrypt-root-with-usb/ubuntu-22.04/usr/share/initramfs-tools/scripts/local-top/cryptroot
+++ b/decrypt-root-with-usb/ubuntu-22.04/usr/share/initramfs-tools/scripts/local-top/cryptroot
@ -183,7 +183,7 @@ setup_mapping() {
 	    if [ -s /tmp/cryptkeys.txt ]; then
 		local keyfound
                keyfound=0
-                echo Trying keys from cryptkey.txt
+                echo "Trying keys from cryptkey.txt for opening $CRYPTTAB_SOURCE as $CRYPTTAB_NAME"
                for key in `cat /tmp/cryptkeys.txt`; do
                    if echo -n "$key" | unlock_mapping; then
                        # Found the key