From 8b0589ba621ff33622dc1144f29d1c808569ecb2 Mon Sep 17 00:00:00 2001 From: Richard Hansen Date: Sun, 26 Apr 2020 13:17:13 -0400 Subject: [PATCH] Run cryptroot-unlock if present. Addresses rhansen/unlock-cryptroot#2. --- unlock-cryptroot | 35 +++++++++++++++++++++++------------ 1 file changed, 23 insertions(+), 12 deletions(-) diff --git a/unlock-cryptroot b/unlock-cryptroot index c9d14c8..477663d 100755 --- a/unlock-cryptroot +++ b/unlock-cryptroot @@ -95,7 +95,10 @@ host=$1; shift [ -n "${id+set}" ] || id=${idbase}${host%%.*} [ -n "${config+set}" ] || ! [ -e "${configdefault}" ] || config=${configdefault} -script=$(cat <<\END_OF_SCRIPT +# Script to run inside the initramfs for Ubuntu 16.04 (Xenial) and +# older. Newer versions of Ubuntu have a /bin/cryptroot-unlock script +# already in the initramfs. +legacy_script=$(cat <<\END_OF_SCRIPT #!/bin/sh PATH=/sbin:${PATH} @@ -222,24 +225,32 @@ run_ssh_cmd() { while IFS= read -r line; do log "${line}" done <<\EOF -After you are logged in: - 1. use 'ps -l' to get cryptsetup's command-line arguments - 2. run: +After you are logged in, run cryptroot-unlock. If cryptroot-unlock is not +available (Ubuntu 16.04 (Xenial) and older), do the following: + 1. Use 'ps -l' to get cryptsetup's command-line arguments + 2. Run: /lib/cryptsetup/askpass "Enter passphrase: " \ | /sbin/cryptsetup - 3. kill 'plymouth ask-for-password' or 'askpass' as appropriate - 4. log out + 3. Kill 'plymouth ask-for-password' or 'askpass' as appropriate + 4. Log out EOF run_ssh root@"${host}" exit $? } -log "sending script to ${host}..." -run_ssh_cmd 'cat >tmp.sh && chmod +x tmp.sh' \ - <tmp.sh && chmod +x tmp.sh' \ + <