shimun/fido2luks
1
0
Fork 0
Code Issues Pull Requests 3 Releases Wiki Activity
fido2luks/dracut/fido2luks.sh
shimunn 579851315a
Some checks failed
continuous-integration/drone/push Build is failing
Details
integrate with dracut-crypt
2019-09-18 19:34:49 +02:00

58 lines
1.5 KiB
Bash
Raw Blame History

#!/bin/sh
LUKS_DEVICES="$(getargs rd.fido2luks.devices | tr ' ' '\n')"
CREDENTIAL_ID="$(getargs rd.fido2luks.credentialid)"
SALT="$(getargs rd.fido2luks.salt)"
MESSAGE_TIMEOUT=5
display_msg_timeout () {
local MSG="$1"
(plymouth display-message --text="$MSG";sleep $MESSAGE_TIMEOUT;plymouth hide-message --text="$MSG") &
}
display_msg () {
local MSG="$1"
plymouth display-message --text="$MSG" &
}
hide_msg () {
local MSG="$1"
plymouth hide-message --text="$MSG" &
}
handle_authenticator() {
while ! /bin/f2l connected; do
display_msg_timeout "Please connect your authenicator"
sleep 1
done
export FIDO2LUKS_CREDENTIAL_ID="$CREDENTIAL_ID"
export FIDO2LUKS_SALT="${SALT:-Ask}"
export FIDO2LUKS_PASSWORD_HELPER="/usr/bin/systemd-ask-password --no-tty 'Disk 2fa password'"
for DEV in $LUKS_DEVICES ; do
export FIDO2LUKS_DEVICE="$DEV"
export FIDO2LUKS_MAPPER_NAME="${MAPPER_NAME:-luks-$DEV}"
TRIES="0"
while true; do
ERR="$(/bin/f2l open -e 2>&1)"
if [ "$?" -eq 1 ]; then
display_msg_timeout "Failed to unlock: $ERR"
TRIES="$[$TRIES+1]"
if [ "$TRIES" -gt 5 ]; then
exit 1
fi
sleep 5
else
exit 0
fi
done
done
}
if [ ! -z "$LUKS_DEVICES" ]; then
handle_authenticator
fi
Reference in New Issue View Git Blame Copy Permalink