/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to initramfs-tools-script

  • Committer: Teddy Hogeborn
  • Date: 2018-04-01 22:08:50 UTC
  • Revision ID: teddy@recompile.se-20180401220850-11kc7596lknn4piy
Check for and report GPGME key import errors

* plugins.d/mandos-client.c (init_gpgme/import_key): After
  gpgme_op_import(), call gpgme_op_import_result() to see if it
  worked.  If not, print all available information.

Show diffs side-by-side

added added

removed removed

Lines of Context:
57
57
# Get DEVICE from /conf/initramfs.conf and other files
58
58
. /conf/initramfs.conf
59
59
for conf in /conf/conf.d/*; do
60
 
    [ -f ${conf} ] && . ${conf}
 
60
    [ -f "${conf}" ] && . "${conf}"
61
61
done
62
62
if [ -e /conf/param.conf ]; then
63
63
    . /conf/param.conf
113
113
test -x "$mandos"
114
114
 
115
115
# parse /conf/conf.d/cryptroot.  Format:
116
 
# target=sda2_crypt,source=/dev/sda2,key=none,keyscript=/foo/bar/baz
 
116
# target=sda2_crypt,source=/dev/sda2,rootdev,key=none,keyscript=/foo/bar/baz
 
117
# Is the root device specially marked?
 
118
changeall=yes
 
119
while read -r options; do
 
120
    case "$options" in
 
121
        rootdev,*|*,rootdev,*|*,rootdev)
 
122
            # If the root device is specially marked, don't change all
 
123
            # lines in crypttab by default.
 
124
            changeall=no
 
125
            ;;
 
126
    esac
 
127
done < /conf/conf.d/cryptroot
 
128
 
117
129
exec 3>/conf/conf.d/cryptroot.mandos
118
 
while read options; do
 
130
while read -r options; do
119
131
    newopts=""
 
132
    keyscript=""
 
133
    changethis="$changeall"
120
134
    # Split option line on commas
121
135
    old_ifs="$IFS"
122
136
    IFS="$IFS,"
128
142
                newopts="$newopts,$opt"
129
143
                ;;
130
144
            "") : ;;
 
145
            # Always use Mandos on the root device, if marked
 
146
            rootdev)
 
147
                changethis=yes
 
148
                newopts="$newopts,$opt"
 
149
                ;;
 
150
            # Don't use Mandos on resume device, if marked
 
151
            resumedev)
 
152
                changethis=no
 
153
                newopts="$newopts,$opt"
 
154
                ;;
131
155
            *)
132
156
                newopts="$newopts,$opt"
133
157
                ;;
136
160
    IFS="$old_ifs"
137
161
    unset old_ifs
138
162
    # If there was no keyscript option, add one.
139
 
    if [ -z "$keyscript" ]; then
 
163
    if [ "$changethis" = yes ] && [ -z "$keyscript" ]; then
140
164
        replace_cryptroot=yes
141
165
        newopts="$newopts,keyscript=$mandos"
142
166
    fi