From 46bcc2f52aec3656654de5666dc032a08bd790a7 Mon Sep 17 00:00:00 2001
From: shimunn <shimun@shimun.net>
Date: Thu, 19 Sep 2019 22:53:17 +0200
Subject: [PATCH] wait for device to be connected

---
 dracut/96luks-2fa/fido2-connected.service | 10 ++++++++++
 dracut/96luks-2fa/luks-2fa-generator.sh   |  2 +-
 dracut/96luks-2fa/module-setup.sh         |  3 +++
 3 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 dracut/96luks-2fa/fido2-connected.service

diff --git a/dracut/96luks-2fa/fido2-connected.service b/dracut/96luks-2fa/fido2-connected.service
new file mode 100644
index 0000000..771bca6
--- /dev/null
+++ b/dracut/96luks-2fa/fido2-connected.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Wait for a FIDO2 device to be connected
+
+[Service]
+Type=oneshot
+Environment=CON_MSG="Please connect your authenicator"
+ExecStartPre=/usr/bin/plymouth display-message --text "${CON_MSG}"
+ExecStart=/bin/bash -c 'while ! fido2luks connected; do sleep 1; done'
+ExecStopPost=/usr/bin/plymouth hide-message --text "${CON_MSG}"
+
diff --git a/dracut/96luks-2fa/luks-2fa-generator.sh b/dracut/96luks-2fa/luks-2fa-generator.sh
index 99fe9fe..442362d 100755
--- a/dracut/96luks-2fa/luks-2fa-generator.sh
+++ b/dracut/96luks-2fa/luks-2fa-generator.sh
@@ -23,7 +23,7 @@ generate_service () {
                 printf -- "[Unit]"
                 printf -- "\nDescription=%s" "2fa for luks"
                 printf -- "\nBindsTo=%s" "$target_dev"
-                printf -- "\nAfter=%s cryptsetup-pre.target systemd-journald.socket" "$target_dev" #TODO: create service to wait or authenicator
+                printf -- "\nAfter=%s cryptsetup-pre.target fido2-connected.service systemd-journald.socket" "$target_dev" #TODO: create service to wait or authenicator
                 printf -- "\nBefore=%s umount.target luks-2fa.target" "$crypto_target_service"
                 printf -- "\nConflicts=umount.target"
                 printf -- "\nDefaultDependencies=no"
diff --git a/dracut/96luks-2fa/module-setup.sh b/dracut/96luks-2fa/module-setup.sh
index a0a4333..7423cb5 100755
--- a/dracut/96luks-2fa/module-setup.sh
+++ b/dracut/96luks-2fa/module-setup.sh
@@ -24,7 +24,10 @@ install () {
 
         inst "$moddir/luks-2fa.target" "/etc/systemd/system/luks-2fa.target"
         mkdir -p "$initdir/etc/systemd/system/luks-2fa.target.wants"
+        
+        inst "$moddir/fido2-connected.service" "/etc/systemd/system/fido2-connected.service"
 
         mkdir -p "$initdir/etc/systemd/system/sysinit.target.wants"
         ln -sf "/etc/systemd/system/luks-2fa.target" "$initdir/etc/systemd/system/sysinit.target.wants/"
+        ln -sf "/etc/systemd/system/fido2-connected.service" "$initdir/etc/systemd/system/sysinit.target.wants/"
 }