mirror_zfs/contrib/initramfs/zfsunlock

#!/bin/sh

set -eu
if [ ! -e /run/zfs_fs_name ]; then
	echo "Wait for the root pool to be imported or press Ctrl-C to exit."
fi
while [ ! -e /run/zfs_fs_name ]; do
	if [ -e /run/zfs_unlock_complete ]; then
		exit 0
	fi
	sleep 1
done
echo
echo "Unlocking encrypted ZFS filesystems..."
echo "Enter the password or press Ctrl-C to exit."
echo
zfs_fs_name=""
if [ ! -e /run/zfs_unlock_complete_notify ]; then
	mkfifo /run/zfs_unlock_complete_notify
fi
while [ ! -e /run/zfs_unlock_complete ]; do
	zfs_fs_name=$(cat /run/zfs_fs_name)
	zfs_console_askpwd_cmd=$(cat /run/zfs_console_askpwd_cmd)
	systemd-ask-password "Encrypted ZFS password for ${zfs_fs_name}:" | \
		/sbin/zfs load-key "$zfs_fs_name" || true
	if [ "$(/sbin/zfs get -H -ovalue keystatus "$zfs_fs_name" 2> /dev/null)" = "available" ]; then
		echo "Password for $zfs_fs_name accepted."
		zfs_console_askpwd_pid=$(ps | awk '!'"/awk/ && /$zfs_console_askpwd_cmd/ { print \$1; exit }")
		if [ -n "$zfs_console_askpwd_pid" ]; then
			kill "$zfs_console_askpwd_pid"
		fi
		# Wait for another filesystem to unlock.
		while [ "$(cat /run/zfs_fs_name)" = "$zfs_fs_name" ] && [ ! -e /run/zfs_unlock_complete ]; do
			sleep 1
		done
	else
		echo "Wrong password.  Try again."
	fi
done
echo "Unlocking complete.  Resuming boot sequence..."
echo "Please reconnect in a while."
echo "ok" > /run/zfs_unlock_complete_notify
Unlock encrypted root partition over SSH This commit add a new feature for Debian-based distributions to unlock encrypted root partition over SSH. This feature is very handy on headless NAS or VPS cloud servers. To use this feature, you will need to install the dropbear-initramfs package. Reviewed-By: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-By: Tom Caputi <tcaputi@datto.com> Signed-off-by: Andrey Prokopenko <job@terem.fr> Signed-off-by: Richard Laager <rlaager@wiktel.com> Closes #10027 2020-05-03 08:43:42 +03:00			`#!/bin/sh`

			`set -eu`
			`if [ ! -e /run/zfs_fs_name ]; then`
			`echo "Wait for the root pool to be imported or press Ctrl-C to exit."`
			`fi`
			`while [ ! -e /run/zfs_fs_name ]; do`
			`if [ -e /run/zfs_unlock_complete ]; then`
			`exit 0`
			`fi`
Silence 'make checkbashisms' Commit d2bce6d03 added the 'make checkbashisms' target but did not resolve all of the bashisms in the scripts. This commit doesn't resolve them all either but it does fix up a few, and it excludes the others so 'make checkstyle' no longer prints warnings. It's a small step in the right direction. * Dracut is Linux specific and itself depends on bash. Therefore all dracut support scripts can be bash specific, update their shebang accordingly. * zed-functions.sh, zfs-import, zfs-mount, zfs-zed, smart paxcheck.sh, make_gitrev.sh - these scripts were excuded from the check until they can be updated and properly tested. * zfsunlock - only whole values for sleep are allowed. * vdev_id - removed unneeded locals; use && instead of -a. * dkms.mkconf, dkms.postbuil - use \|\| instead of -o. Reviewed-by: InsanePrawn <insane.prawny@gmail.com> Reviewed-by: Gabriel A. Devenyi <gdevenyi@gmail.com> Reviewed-by: Ryan Moeller <ryan@iXsystems.com> Reviewed-by: George Melikov <mail@gmelikov.ru> Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov> Closes #10755 2020-08-20 23:45:47 +03:00			`sleep 1`
Unlock encrypted root partition over SSH This commit add a new feature for Debian-based distributions to unlock encrypted root partition over SSH. This feature is very handy on headless NAS or VPS cloud servers. To use this feature, you will need to install the dropbear-initramfs package. Reviewed-By: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-By: Tom Caputi <tcaputi@datto.com> Signed-off-by: Andrey Prokopenko <job@terem.fr> Signed-off-by: Richard Laager <rlaager@wiktel.com> Closes #10027 2020-05-03 08:43:42 +03:00			`done`
			`echo`
			`echo "Unlocking encrypted ZFS filesystems..."`
			`echo "Enter the password or press Ctrl-C to exit."`
			`echo`
			`zfs_fs_name=""`
			`if [ ! -e /run/zfs_unlock_complete_notify ]; then`
			`mkfifo /run/zfs_unlock_complete_notify`
			`fi`
			`while [ ! -e /run/zfs_unlock_complete ]; do`
			`zfs_fs_name=$(cat /run/zfs_fs_name)`
			`zfs_console_askpwd_cmd=$(cat /run/zfs_console_askpwd_cmd)`
			`systemd-ask-password "Encrypted ZFS password for ${zfs_fs_name}:" \| \`
			`/sbin/zfs load-key "$zfs_fs_name" \|\| true`
			`if [ "$(/sbin/zfs get -H -ovalue keystatus "$zfs_fs_name" 2> /dev/null)" = "available" ]; then`
			`echo "Password for $zfs_fs_name accepted."`
Change zfsunlock for better busybox compatibility It turns out that there are two versions of Busybox, at least on Ubuntu 18.04. If you have the busybox-static package installed, you get a busybox that supports `ps a` and `head`. If you only have busybox-initramfs, you don't. Either way, you have `awk`. This change should also make this compatible with GNU ps, if you somehow end up with that in the initramfs environment. Reviewed-by: Tom Caputi <tcaputi@datto.com> Reviewed-by: Andrey Prokopenko <job@terem.fr> Signed-off-by: Richard Laager <rlaager@wiktel.com> Closes #10307 2020-05-10 22:26:08 +03:00			`zfs_console_askpwd_pid=$(ps \| awk '!'"/awk/ && /$zfs_console_askpwd_cmd/ { print \$1; exit }")`
Unlock encrypted root partition over SSH This commit add a new feature for Debian-based distributions to unlock encrypted root partition over SSH. This feature is very handy on headless NAS or VPS cloud servers. To use this feature, you will need to install the dropbear-initramfs package. Reviewed-By: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-By: Tom Caputi <tcaputi@datto.com> Signed-off-by: Andrey Prokopenko <job@terem.fr> Signed-off-by: Richard Laager <rlaager@wiktel.com> Closes #10027 2020-05-03 08:43:42 +03:00			`if [ -n "$zfs_console_askpwd_pid" ]; then`
			`kill "$zfs_console_askpwd_pid"`
			`fi`
			`# Wait for another filesystem to unlock.`
			`while [ "$(cat /run/zfs_fs_name)" = "$zfs_fs_name" ] && [ ! -e /run/zfs_unlock_complete ]; do`
Silence 'make checkbashisms' Commit d2bce6d03 added the 'make checkbashisms' target but did not resolve all of the bashisms in the scripts. This commit doesn't resolve them all either but it does fix up a few, and it excludes the others so 'make checkstyle' no longer prints warnings. It's a small step in the right direction. * Dracut is Linux specific and itself depends on bash. Therefore all dracut support scripts can be bash specific, update their shebang accordingly. * zed-functions.sh, zfs-import, zfs-mount, zfs-zed, smart paxcheck.sh, make_gitrev.sh - these scripts were excuded from the check until they can be updated and properly tested. * zfsunlock - only whole values for sleep are allowed. * vdev_id - removed unneeded locals; use && instead of -a. * dkms.mkconf, dkms.postbuil - use \|\| instead of -o. Reviewed-by: InsanePrawn <insane.prawny@gmail.com> Reviewed-by: Gabriel A. Devenyi <gdevenyi@gmail.com> Reviewed-by: Ryan Moeller <ryan@iXsystems.com> Reviewed-by: George Melikov <mail@gmelikov.ru> Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov> Closes #10755 2020-08-20 23:45:47 +03:00			`sleep 1`
Unlock encrypted root partition over SSH This commit add a new feature for Debian-based distributions to unlock encrypted root partition over SSH. This feature is very handy on headless NAS or VPS cloud servers. To use this feature, you will need to install the dropbear-initramfs package. Reviewed-By: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-By: Tom Caputi <tcaputi@datto.com> Signed-off-by: Andrey Prokopenko <job@terem.fr> Signed-off-by: Richard Laager <rlaager@wiktel.com> Closes #10027 2020-05-03 08:43:42 +03:00			`done`
			`else`
			`echo "Wrong password. Try again."`
			`fi`
			`done`
			`echo "Unlocking complete. Resuming boot sequence..."`
			`echo "Please reconnect in a while."`
			`echo "ok" > /run/zfs_unlock_complete_notify`