12345678910111213141516171819202122232425262728293031323334353637383940414243 |
- Description: Use socat in clevis-luks-askpass
- Author: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
- Date: 2018-10-30
- Forwarded: not-needed
- Upstream assumes the nc program is ncat as provided by nmap. Since
- nmap is a fairly huge package and does not ship a separate ncat
- package (#881639), use socat instead for the time being.
- Thanks Anthony R Fletcher <arif@mail.nih.gov> for figuring out
- and testing.
- --- a/src/luks/systemd/dracut/module-setup.sh.in
- +++ b/src/luks/systemd/dracut/module-setup.sh.in
- @@ -46,7 +46,7 @@
- mktemp \
- curl \
- jose \
- - nc
- + socat
-
- for cmd in clevis-decrypt-tpm2 \
- tpm2_createprimary \
- --- a/src/luks/systemd/clevis-luks-askpass
- +++ b/src/luks/systemd/clevis-luks-askpass
- @@ -59,7 +59,7 @@
- metadata=true
-
- if pt="`luksmeta load -d $d -s $slot -u $UUID | clevis decrypt`"; then
- - echo -n "+$pt" | nc -U -u --send-only "$s"
- + echo -n "+$pt" | socat -U "UNIX:$s" -
- unlocked=true
- break
- fi
- @@ -72,7 +72,7 @@
- metadata=true
-
- if pt=`echo -n "$jwe" | clevis decrypt`; then
- - echo -n "+$pt" | nc -U -u --send-only "$s"
- + echo -n "+$pt" | socat -U "UNIX:$s" -
- unlocked=true
- break
- fi
|