Bug#465901: cryptroot remote unlocking on boot feature
Package: initramfs-tools
Version: 0.91e
Severity: wishlist
Tags: patch
this patch is part of three patches (initramfs-tools, cryptsetup,
dropbear) which enable mkinitramfs to create initramfss that provide the
ability to log in and unlock a cryptroot during the boot process from
remote via ssh.
calling configure_networking from /scripts/functions might appear more
than once, so just try if it hasn't been done/wasn't successful yet.
check that by testing for existence of /tmp/net-$DEVICE.conf which is
created by ipconfig.
in mkinitramfs CONFDIR is exported, as this is necessary for hooks (see
related dropbear patch) to find the config without relying on something
hardcoded that's otherwise (mkinitramfs) dynamic.
diff -rNc initramfs-tools.orig/mkinitramfs initramfs-tools/mkinitramfs
*** initramfs-tools.orig/mkinitramfs 2007-12-25 17:03:57.000000000 +0100
--- initramfs-tools/mkinitramfs 2008-02-14 14:01:07.000000000 +0100
***************
*** 168,173 ****
--- 168,174 ----
# Export environment for hook scripts.
#
+ export CONFDIR
export MODULESDIR
export version
export CONFDIR
diff -rNc initramfs-tools.orig/scripts/functions initramfs-tools/scripts/functions
*** initramfs-tools.orig/scripts/functions 2007-12-25 17:03:57.000000000 +0100
--- initramfs-tools/scripts/functions 2008-02-14 13:58:53.000000000 +0100
***************
*** 273,307 ****
configure_networking()
{
! # support ip options see linux sources Documentation/nfsroot.txt
! case ${IPOPTS} in
! none|off)
! # Do nothing
! ;;
! ""|on|any)
! # Bring up device
! ipconfig ${DEVICE}
! ;;
! dhcp|bootp|rarp|both)
! ipconfig -c ${IPOPTS} -d ${DEVICE}
! ;;
! *)
! ipconfig -d $IPOPTS
! # grab device entry from ip option
! NEW_DEVICE=${IPOPTS#*:*:*:*:*:*}
! if [ "${NEW_DEVICE}" != "${IPOPTS}" ]; then
! NEW_DEVICE=${NEW_DEVICE%:*}
! else
! # wrong parse, possibly only a partial string
! NEW_DEVICE=
! fi
! if [ -n "${NEW_DEVICE}" ]; then
! DEVICE="${NEW_DEVICE}"
! fi
! ;;
! esac
! # source relevant ipconfig output
! . /tmp/net-${DEVICE}.conf
}
--- 273,310 ----
configure_networking()
{
! if [ ! -e /tmp/net-${DEVICE}.conf ]; then
! # support ip options see linux sources Documentation/nfsroot.txt
! case ${IPOPTS} in
! none|off)
! # Do nothing
! ;;
! ""|on|any)
! # Bring up device
! ipconfig ${DEVICE}
! ;;
! dhcp|bootp|rarp|both)
! ipconfig -c ${IPOPTS} -d ${DEVICE}
! ;;
! *)
! ipconfig -d $IPOPTS
! # grab device entry from ip option
! NEW_DEVICE=${IPOPTS#*:*:*:*:*:*}
! if [ "${NEW_DEVICE}" != "${IPOPTS}" ]; then
! NEW_DEVICE=${NEW_DEVICE%:*}
! else
! # wrong parse, possibly only a partial string
! NEW_DEVICE=
! fi
! if [ -n "${NEW_DEVICE}" ]; then
! DEVICE="${NEW_DEVICE}"
! fi
! ;;
! esac
!
! # source relevant ipconfig output
! . /tmp/net-${DEVICE}.conf
! fi
}
Reply to: