Browse Source

Include more programs in the generated initrd/initramfs

Christoph Biedl 6 months ago
parent
commit
8f5f6f94c7

+ 1 - 0
debian/patches/series

@@ -4,4 +4,5 @@ upstream.use-asciidoctor-to-build-manpages.patch
 upstream.embed-tpm-modules-in-initramfs.patch
 
 # patches for Debian
+upstream.embed-more-programs-in-initram.patch
 debian.set-unprivileged-user.patch

+ 29 - 0
debian/patches/upstream.embed-more-programs-in-initram.patch

@@ -0,0 +1,29 @@
+Subject: Embed more programs in the initramfs/initrd
+Author: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
+Date:  2020-05-21
+Bug: https://github.com/latchset/clevis/issues/195
+
+--- a/src/initramfs-tools/hooks/clevis.in
++++ b/src/initramfs-tools/hooks/clevis.in
+@@ -59,6 +59,9 @@
+ copy_exec @bindir@/clevis-decrypt-tang || die 1 "@bindir@/clevis-decrypt-tang not found"
+ copy_exec @bindir@/clevis-decrypt-sss || die 1 "@bindir@/clevis-decrypt-sss not found"
+ copy_exec @bindir@/clevis-decrypt || die 1 "@bindir@/clevis-decrypt not found"
++copy_exec @bindir@/clevis-luks-common-functions || die 1 "/usr/bin/clevis-luks-common-functions not found"
++copy_exec @bindir@/clevis-luks-list || die 1 "/usr/bin/clevis-luks-list not found"
++copy_exec @bindir@/clevis-luks-unlock || die 1 "/usr/bin/clevis-luks-unlock not found"
+ if [ -x @bindir@/clevis-decrypt-tpm2 ]; then
+     copy_exec @bindir@/clevis-decrypt-tpm2 || die 1 "@bindir@/clevis-decrypt-tpm2 not found"
+     tpm2_creatprimary_bin=$(find_binary "tpm2_createprimary")
+--- a/src/luks/systemd/dracut/clevis/module-setup.sh.in
++++ b/src/luks/systemd/dracut/clevis/module-setup.sh.in
+@@ -31,6 +31,9 @@
+ 	/etc/services \
+         @libexecdir@/clevis-luks-askpass \
+         clevis-decrypt \
++        clevis-luks-common-functions \
++        clevis-luks-list \
++        clevis-luks-unlock \
+         cryptsetup \
+         luksmeta \
+         clevis \