dracut: 90zfs: zfs-load-key: don't load unencrypted bootfs' keylocation
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz> Closes #11800 Closes #12108
This commit is contained in:
parent
cfc8dd1983
commit
c38bc221b2
|
@ -36,13 +36,12 @@ fi
|
||||||
if [ "$(zpool list -H -o feature@encryption "$(echo "${BOOTFS}" | awk -F/ '{print $1}')")" = 'active' ]; then
|
if [ "$(zpool list -H -o feature@encryption "$(echo "${BOOTFS}" | awk -F/ '{print $1}')")" = 'active' ]; then
|
||||||
# if the root dataset has encryption enabled
|
# if the root dataset has encryption enabled
|
||||||
ENCRYPTIONROOT="$(zfs get -H -o value encryptionroot "${BOOTFS}")"
|
ENCRYPTIONROOT="$(zfs get -H -o value encryptionroot "${BOOTFS}")"
|
||||||
# where the key is stored (in a file or loaded via prompt)
|
|
||||||
KEYLOCATION="$(zfs get -H -o value keylocation "${ENCRYPTIONROOT}")"
|
|
||||||
if ! [ "${ENCRYPTIONROOT}" = "-" ]; then
|
if ! [ "${ENCRYPTIONROOT}" = "-" ]; then
|
||||||
KEYSTATUS="$(zfs get -H -o value keystatus "${ENCRYPTIONROOT}")"
|
KEYSTATUS="$(zfs get -H -o value keystatus "${ENCRYPTIONROOT}")"
|
||||||
# continue only if the key needs to be loaded
|
# continue only if the key needs to be loaded
|
||||||
[ "$KEYSTATUS" = "unavailable" ] || exit 0
|
[ "$KEYSTATUS" = "unavailable" ] || exit 0
|
||||||
# if key is stored in a file, do not prompt
|
|
||||||
|
KEYLOCATION="$(zfs get -H -o value keylocation "${ENCRYPTIONROOT}")"
|
||||||
if ! [ "${KEYLOCATION}" = "prompt" ]; then
|
if ! [ "${KEYLOCATION}" = "prompt" ]; then
|
||||||
if ! [ "${KEYLOCATION#http}" = "${KEYLOCATION}" ]; then
|
if ! [ "${KEYLOCATION#http}" = "${KEYLOCATION}" ]; then
|
||||||
systemctl start network-online.target
|
systemctl start network-online.target
|
||||||
|
|
Loading…
Reference in New Issue