confirm_gpg_card: prompt for retry on detection failure

Initial card detection can sometimes fail, so prompt the user to remove/reinsert their GPG card before retrying. Since errexit is likely set, disable it prior to calling --card-status so we can handle the error ourself, then re-set if necessary when done. Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2024-12-18 20:47:55 +00:00 · 2019-07-09 16:46:14 -05:00 · 2019-07-09 16:46:14 -05:00 · c33209add1
commit c33209add1
parent 5ff3849c16
1 changed files with 22 additions and 2 deletions
--- a/initrd/etc/functions
+++ b/initrd/etc/functions
@ -136,8 +136,28 @@ confirm_gpg_card()
 	# setup the USB so we can reach the GPG card
 	enable_usb

-	gpg --card-status \
-	|| die "gpg card read failed"
+	echo -e "\nVerifying presence of GPG card...\n"
+	# ensure we don't exit without retrying
+	errexit=$(set -o | grep errexit | awk '{print $2}')
+	set +e
+	gpg --card-status > /dev/null
+	if [ $? -ne 0 ]; then
+	  # prompt for reinsertion and try a second time
+	  read -n1 -r -p \
+	      "Can't access GPG key; remove and reinsert, then press Enter to retry. " \
+	      ignored
+	  # restore prev errexit state
+	  if [ "$errexit" = "on" ]; then
+	    set -e
+	  fi
+	  # retry card status
+	  gpg --card-status > /dev/null \
+	  	|| die "gpg card read failed"
+	fi
+	# restore prev errexit state
+	if [ "$errexit" = "on" ]; then
+	  set -e
+	fi
 }