123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293 |
- #!/bin/bash -e
- # vim: set ts=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80:
- #
- # Copyright (c) 2020 Red Hat, Inc.
- # Author: Radovan Sroka <rsroka@redhat.com>
- # Author: Sergio Correia <scorreia@redhat.com>
- #
- # This program is free software: you can redistribute it and/or modify
- # it under the terms of the GNU General Public License as published by
- # the Free Software Foundation, either version 3 of the License, or
- # (at your option) any later version.
- #
- # This program is distributed in the hope that it will be useful,
- # but WITHOUT ANY WARRANTY; without even the implied warranty of
- # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- # GNU General Public License for more details.
- #
- # You should have received a copy of the GNU General Public License
- # along with this program. If not, see <http://www.gnu.org/licenses/>.
- #
- . clevis-luks-common-functions
- SUMMARY="Regenerate clevis binding"
- if [ "${1}" = "--summary" ]; then
- echo "${SUMMARY}"
- exit 0
- fi
- usage_and_exit () {
- exec >&2
- echo "Usage: clevis luks regen [-q] -d DEV -s SLOT"
- echo
- echo "${SUMMARY}"
- echo
- echo " -d DEV The LUKS device on which to perform rebinding"
- echo
- echo " -s SLT The LUKS slot to use"
- echo
- echo " -q Do not prompt for confirmation"
- echo
- exit "${1}"
- }
- QOPT=
- while getopts ":hqd:s:" o; do
- case "${o}" in
- d) DEV="${OPTARG}";;
- h) usage_and_exit 0;;
- s) SLT="${OPTARG}";;
- q) QOPT="-q";;
- *) usage_and_exit 1;;
- esac
- done
- if [ -z "${DEV}" ]; then
- echo "Did not specify a device!" >&2
- exit 1
- fi
- if [ -z "${SLT}" ]; then
- echo "Did not specify a slot!" >&2
- exit 1
- fi
- # Get pin and configuration.
- if ! pin_cfg="$(clevis luks list -d "${DEV}" -s "${SLT}")" \
- || [ -z "${pin_cfg}" ]; then
- return 1
- fi
- pin="$(echo "${pin_cfg}" | cut -d' ' -f2)"
- cfg="$(echo "${pin_cfg}" | cut -d' ' -f3 | sed -e "s/'//g")"
- if [ -z "${pin}" ] || [ -z "${cfg}" ]; then
- echo "Invalid pin or configuration" >&2
- exit 1
- fi
- echo "Regenerating binding (device ${DEV}, slot ${SLT}):"
- echo "Pin: ${pin}, Config: '${cfg}'"
- if [ -z "${QOPT}" ]; then
- read -r -p "Do you want to proceed? [ynYN] " ans
- [ "${ans}" != "y" ] && [ "${ans}" != "Y" ] && exit 0
- fi
- if ! clevis_luks_do_bind "${DEV}" "${SLT}" "" "${pin}" "${cfg}" \
- "-y" "overwrite"; then
- echo "Unable to regenerate binding in ${DEV}:${SLT}" >&2
- exit 1
- fi
- echo "Binding regenerated successfully" >&2
|