mirror of
https://github.com/linuxboot/heads.git
synced 2024-12-18 20:47:55 +00:00
remove initrd unpacking, since Qubes dracut /etc/cryptab can be fixed
This commit is contained in:
parent
ce766bdc58
commit
5195a74422
@ -70,27 +70,30 @@ unseal-key \
|
||||
# we know that the first 0x3400 bytes are the microcode
|
||||
INITRD_DIR=/tmp/initrd
|
||||
echo '+++ Unpacking initrd'
|
||||
mkdir -p $INITRD_DIR
|
||||
dd if="$INITRD" bs=256 count=52 | ( cd $INITRD_DIR ; cpio -i )
|
||||
dd if="$INITRD" bs=256 skip=52 | zcat | ( cd $INITRD_DIR ; cpio -i )
|
||||
|
||||
# Update the /etc/crypttab in the initrd and install our key
|
||||
for dev in /dev/$CONFIG_QUBES_VG/*; do
|
||||
uuid=`blkid $dev | cut -d\" -f2`
|
||||
echo luks-$uuid /dev/disk/by-uuid/$uuid /secret.key
|
||||
done > $INITRD_DIR/etc/crypttab
|
||||
mkdir -p $INITRD_DIR/etc
|
||||
#dd if="$INITRD" bs=256 count=52 | ( cd $INITRD_DIR ; cpio -i )
|
||||
#dd if="$INITRD" bs=256 skip=52 | zcat | ( cd $INITRD_DIR ; cpio -i )
|
||||
|
||||
mv /tmp/secret.key $INITRD_DIR/
|
||||
|
||||
## Update the /etc/crypttab in the initrd and install our key
|
||||
## This is no longer required, now that dom0 /etc/crypttab has
|
||||
## the /secret.key specified.
|
||||
#for dev in /dev/$CONFIG_QUBES_VG/*; do
|
||||
# uuid=`blkid $dev | cut -d\" -f2`
|
||||
# echo luks-$uuid /dev/disk/by-uuid/$uuid /secret.key
|
||||
#done > $INITRD_DIR/etc/crypttab
|
||||
|
||||
echo '+++ Repacking initrd'
|
||||
( cd $INITRD_DIR ; find . | cpio -H newc -o ) | gzip > /initrd.gz
|
||||
( cd $INITRD_DIR ; find . | cpio -H newc -o ) > /initrd.cpio
|
||||
cat "$INITRD" >> /initrd.cpio
|
||||
|
||||
# command line arguments are include in the signature on this script,
|
||||
echo '+++ Loading kernel and initrd'
|
||||
kexec \
|
||||
-l \
|
||||
--module "${KERNEL} root=/dev/mapper/luks-$ROOT_UUID ro rd.qubes.hide_all_usb" \
|
||||
--module /initrd.gz \
|
||||
--module /initrd.cpio \
|
||||
--command-line "no-real-mode reboot=no" \
|
||||
"${XEN}" \
|
||||
|| recovery "kexec load failed"
|
||||
|
@ -1,10 +1,10 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
|
||||
iQEUAwUAWOK7zw+UgFLd7L5oAQJ/vwf4yf9zRGeKC2pwDJcMoBww1A4E8LbxW8FF
|
||||
jdbojg8r5uvfuPeF0V7+BjnE5RItr1UiaClxryXpSwElSXNLoyQPdKbUaYr+w5R1
|
||||
jmwZpXxPkoCkUPpzsFl2JAvHe00d4isOU3rLOH6SJjN1VZDeOFGBkAeH5rr0kBpt
|
||||
A0WaMW1Qe9RIFDHbyx6sxWXTzMTwHxvskqd5oJojJRiRFlgsOhPY7FGCop0ajEAA
|
||||
PlYpupMtJQhJGpF4d/vF6nPTC2Trm5FSfK8lgrLwryxI4nSmPpPfXCfdscoid+2L
|
||||
bJuThLvSdV/0DE1rsNcxxMZmhrPK4AnKK6tvTXA/CK3nwEkNQhgn
|
||||
=OWVi
|
||||
iQEVAwUAWOQaag+UgFLd7L5oAQIYMQgA1W3mnxsd6Bln0ipvZtITN0cAoAdsnuG/
|
||||
Kt/2Usabu7lzdYNpBp9h+jmGDj1Jg+5wvKBXgYQXiPG0TuPNXqeih+X1NJbeXO3S
|
||||
BF6PXPEHkZlU7kDXUiPHVF9Hy2T6Kw45SQ5pEctATDYjO8SL/lVuxGRSXSiBdyW0
|
||||
PLEOHmVNh5C9LNtoGZmmRf8BkVpNc7LCZIkDWj29wNypaxBzv1AQmWBWTvWTSK3D
|
||||
CkFW10DbF3nJZNrPtTY4EOV2fynRsCZYN/O3ZyN5iZ9kAm8WXWcjqMBB7K/bE3dw
|
||||
KUb3E0pwyT+uAknT1pXPbcyx8hq6mvX0Fp+46UYovgx5KU+yQunItw==
|
||||
=0kHU
|
||||
-----END PGP SIGNATURE-----
|
||||
|
Loading…
Reference in New Issue
Block a user