source-git / systemd

Clone
Source Code
GIT

cd07c4 cryptsetup-generator: introduce basic keydev support

2 files Authored by Michal Sekletar 4 years ago, Committed by Packit Service 4 years ago,
raw patch tree parent
2 files changed. 115 lines added. 4 lines removed.
man/systemd-cryptsetup-generator.xml
file modified
+14 -0
src/cryptsetup/cryptsetup-generator.c
file modified
+101 -4 
    cryptsetup-generator: introduce basic keydev support
    
    Dracut has a support for unlocking encrypted drives with keyfile stored
    on the external drive. This support is included in the generated initrd
    only if systemd module is not included.
    
    When systemd is used in initrd then attachment of encrypted drives is
    handled by systemd-cryptsetup tools. Our generator has support for
    keyfile, however, it didn't support keyfile on the external block
    device (keydev).
    
    This commit introduces basic keydev support. Keydev can be specified per
    luks.uuid on the kernel command line. Keydev is automatically mounted
    during boot and we look for keyfile in the keydev
    mountpoint (i.e. keyfile path is prefixed with the keydev mount point
    path). After crypt device is attached we automatically unmount
    where keyfile resides.
    
    Example:
            rd.luks.key=70bc876b-f627-4038-9049-3080d79d2165=/key:LABEL=KEYDEV
    
    (cherry-picked from commit 70f5f48eb891b12e969577b464de61e15a2593da)
    
    Resolves: #1656869
    
    patch_name: 0048-cryptsetup-generator-introduce-basic-keydev-support.patch
    present_in_specfile: true
    location_in_specfile: 48
    squash_commits: true
file modified
+14 -0
file modified
+101 -4

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation