| 123456789101112131415161718192021222324252627282930313233343536373839404142 |
- Subject: Install cryptsetup and tpm2_pcrlist in the initramfs
- Origin: v11-2-g3465859 <https://github.com/latchset/clevis/commit/v11-2-g3465859>
- Upstream-Author: Javier Martinez Canillas <javierm@redhat.com>
- Date: Wed Nov 7 15:12:17 2018 +0100
- Bug-Debian: https://bugs.debian.org/bug=969361
- The cryptsetup and tpm2_pcrlist are missing in the initramfs, this makes
- automatic LUKS unlocking fail with the following errors:
- dracut-initqueue[382]: /usr/libexec/clevis-luks-askpass: line 52: cryptsetup: command not found
- dracut-initqueue[382]: /usr/bin/clevis-decrypt-tpm2: line 40: tpm2_pcrlist: command not found
- Suggested-by: Federico Chiacchiaretta <federico.chia@gmail.com>
- Fixes: #74
- --- a/src/luks/systemd/dracut/module-setup.sh.in
- +++ b/src/luks/systemd/dracut/module-setup.sh.in
- @@ -40,6 +40,7 @@
- clevis-decrypt-sss \
- @libexecdir@/clevis-luks-askpass \
- clevis-decrypt \
- + cryptsetup \
- luksmeta \
- clevis \
- mktemp \
- @@ -49,6 +50,7 @@
-
- for cmd in clevis-decrypt-tpm2 \
- tpm2_createprimary \
- + tpm2_pcrlist \
- tpm2_unseal \
- tpm2_load; do
-
- @@ -60,6 +62,7 @@
- if (($ret == 0)); then
- inst_multiple clevis-decrypt-tpm2 \
- tpm2_createprimary \
- + tpm2_pcrlist \
- tpm2_unseal \
- tpm2_load
- fi
|
