use full device path

dracut/fido2luks.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 
-LUKS_UUIDS="$(getargs rd.fido2luks.uuid | tr ' ' '\n'| cut -d '-' -f 2-)"
+LUKS_DEVICES="$(getargs rd.fido2luks.devices | tr ' ' '\n'| cut -d '-' -f 2-)"
 CREDENTIAL_ID="$(getargs rd.fido2luks.credentialid)"
 SALT="$(getargs rd.fido2luks.salt)"
 
@@ -31,15 +31,19 @@ handle_authenticator () {
         export FIDO2LUKS_CREDENTIAL_ID="$CREDENTIAL_ID"
         export FIDO2LUKS_SALT="${SALT:-Ask}"
         export FIDO2LUKS_PASSWORD_HELPER="/usr/bin/systemd-ask-password --no-tty 'Disk 2fa password'"
-        for UUID in $LUKS_UUIDS ; do
+        for DEV in $LUKS_DEVICES ; do
-          export FIDO2LUKS_UUID="$UUID"
+          export FIDO2LUKS_DEVICE="$DEV"
-          export FIDO2LUKS_MAPPER_NAME="${MAPPER_NAME:-luks-$FIDO2LUKS_UUID}"
+          export FIDO2LUKS_MAPPER_NAME="${MAPPER_NAME:-luks-$DEV}"
           display_msg_timeout "Watch your authenicator"
           ERR="$(/bin/f2l open -e 2>&1)"
           if [ "$?" -eq 1 ]; then
             display_msg_timeout "Failed to unlock: $ERR"
-            sleep 15
+            sleep 5
+          else
+            exit 1
           fi
         done
         
 }
+
+handle_authenticator

src/config.rs

@@ -14,7 +14,7 @@ use std::process::Command;
 #[derive(Debug, Deserialize, Serialize)]
 pub struct EnvConfig {
     credential_id: String,
-    uuid: String,
+    device: String,
     salt: String,
     mapper_name: String,
     password_helper: String,
@@ -24,7 +24,7 @@ impl Into<Config> for EnvConfig {
     fn into(self) -> Config {
         Config {
             credential_id: self.credential_id,
-            device: format!("/dev/disk/by-uuid/{}", self.uuid).into(),
+            device: self.device.into(),
             mapper_name: self.mapper_name,
             password_helper: PasswordHelper::Script(self.password_helper),
             input_salt: if PathBuf::from(&self.salt).exists() {