Systemd mount generator: don't fail keyload from file if already loaded
Previously the generated keyload units for encryption roots with keylocation=file://* didn't contain the code to detect if the key was already loaded and would be marked failed in such situations. Move the code to check whether the key is already loaded from keylocation=prompt handling to general key loading code. Reviewed-by: Richard Laager <rlaager@wiktel.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: InsanePrawn <insane.prawny@gmail.com> Closes #10103
This commit is contained in:
parent
b19477898c
commit
4bc401b30f
|
@ -151,13 +151,9 @@ process_line() {
|
|||
else
|
||||
keymountdep="RequiresMountsFor='${p_keyloc#file://}'"
|
||||
fi
|
||||
keyloadcmd="@sbindir@/zfs load-key '${dataset}'"
|
||||
keyloadscript="@sbindir@/zfs load-key \"${dataset}\""
|
||||
elif [ "${p_keyloc}" = "prompt" ] ; then
|
||||
keyloadcmd="\
|
||||
/bin/sh -c '\
|
||||
set -eu;\
|
||||
keystatus=\"\$\$(@sbindir@/zfs get -H -o value keystatus \"${dataset}\")\";\
|
||||
[ \"\$\$keystatus\" = \"unavailable\" ] || exit 0;\
|
||||
keyloadscript="\
|
||||
count=0;\
|
||||
while [ \$\$count -lt 3 ];do\
|
||||
systemd-ask-password --id=\"zfs:${dataset}\"\
|
||||
|
@ -165,11 +161,19 @@ while [ \$\$count -lt 3 ];do\
|
|||
@sbindir@/zfs load-key \"${dataset}\" && exit 0;\
|
||||
count=\$\$((count + 1));\
|
||||
done;\
|
||||
exit 1'"
|
||||
exit 1"
|
||||
else
|
||||
printf 'zfs-mount-generator: (%s) invalid keylocation\n' \
|
||||
"${dataset}" >/dev/kmsg
|
||||
fi
|
||||
keyloadcmd="\
|
||||
/bin/sh -c '\
|
||||
set -eu;\
|
||||
keystatus=\"\$\$(@sbindir@/zfs get -H -o value keystatus \"${dataset}\")\";\
|
||||
[ \"\$\$keystatus\" = \"unavailable\" ] || exit 0;\
|
||||
${keyloadscript}'"
|
||||
|
||||
|
||||
|
||||
# Generate the key-load .service unit
|
||||
#
|
||||
|
|
Loading…
Reference in New Issue