TPM Disk Unlock Key setup: use unpack_initrd.sh, replace none with /secret.key. Still no joy

This commit is contained in:
Thierry Laurion 2023-09-01 16:28:53 -04:00
parent 4a7e23b4c6
commit a2a30020c0
No known key found for this signature in database
GPG Key ID: E7B4A71658E36A93

View File

@ -300,13 +300,13 @@ if [ "$save_key" = "y" ]; then
# Get crypttab files paths from initrd # Get crypttab files paths from initrd
echo "+++ Checking current selected default boot's $current_default_initrd for existing crypttab files..." echo "+++ Checking current selected default boot's $current_default_initrd for existing crypttab files..."
# First either decompress or use the original if it's not compressed # First either decompress or use the original if it's not compressed
initrd_decompressed="/tmp/initrd_extract/initrd_decompressed.cpio" initrd_decompressed="/tmp/initrd_extract"
zcat <"$current_default_initrd" >"$initrd_decompressed" 2>/dev/null || initrd_decompressed="$current_default_initrd" echo "+++ Extracting current selected default boot's $current_default_initrd to find crypttab files..."
crypttab_files=$(cpio --list --quiet <"$initrd_decompressed" | grep crypttab 2>/dev/null) || true unpack_initramfs.sh "$current_default_initrd" "$initrd_decompressed" >/dev/null 2>&1 || true
crypttab_files=$(find "$initrd_decompressed" | grep crypttab 2>/dev/null) || true
if [ ! -z "$crypttab_files" ]; then if [ ! -z "$crypttab_files" ]; then
echo "+++ Extracting current selected default boot's $current_default_initrd for found crypttab files analysis..." DEBUG "Found crypttab files in $current_default_initrd"
cpio -id --quiet $crypttab_files <$initrd_decompressed 2>/dev/null
rm -f $bootdir/kexec_initrd_crypttab_overrides.txt || true rm -f $bootdir/kexec_initrd_crypttab_overrides.txt || true
#Parsing each crypttab file found #Parsing each crypttab file found