On 09/19/2016 04:48 AM, Guilhem Moulin wrote: > On Mon, 19 Sep 2016 at 00:51:45 -0500, Richard Laager wrote: >> On 09/18/2016 02:13 PM, Guilhem Moulin wrote:
> Fair enough it's not the first field, but by looking at the output I
> have the impression that the header is pretty much free form.
Fair point.
At an absolute minimum, the regex should be tightened up to require $1
to start with / rather than just contain it. Further options below...
> Alright, thanks! I think a more robust AWK or sed script is desired to
> strip out the header, though. Perhaps this AWK script
That awk script doesn't output anything for me.
How about this, which I used in the attached updated patch:
awk 'NR == 1, /^[\t ]*config:/ { next } { if ($1 ~ /^\//) { print $1 } }'
Or if you want to match the logic of GRUB2 (which I think is messier):
awk 'NR == 1, /^[\t ]*NAME[\t ]+STATE[\t ]+READ[\t ]+WRITE[\t ]+CKSUM/ { next }
{ if ($1 ~ /^\//) { print $1 } }'
>>> But I still think we can find a solution that's not FS-specific. For
>>> instance, to ensure that an arbitrary device is unlocked at initramfs
>>> stage, you can add ‘initramfs’ to the 4th column of its crypttab(5)
>>> entry. In your case, that should be enough to copy the key files of
>>> the underlying devices to the initramfs image.
Yes, that works. The "WARNING: could not determine root device" message
is still printed.
> Again, I'm not fond of your `zfs list` command because it's an
> FS-specific alternative for two FS-agnostic and de facto standard
> solutions, namely fstab(5) and kernel parameters.
I've attached another version of this patch. It first swaps from
/etc/fstab to /proc/self/mounts. Then adding ZFS support is trivial and
integrates in the same way as btrfs support.
--
Richard
diff -Nru cryptsetup-1.7.2/debian/changelog cryptsetup-1.7.2/debian/changelog
--- cryptsetup-1.7.2/debian/changelog 2016-07-01 03:57:14.000000000 -0500
+++ cryptsetup-1.7.2/debian/changelog 2016-09-19 06:19:26.000000000 -0500
@@ -1,3 +1,11 @@
+cryptsetup (2:1.7.2-0ubuntu2~rlaager2) yakkety; urgency=medium
+
+ * Modify the initramfs-tools hook to examine /proc/self/mounts instead of
+ /etc/fstab.
+ * Support ZFS in the cryptroot initramfs-tools hook.
+
+ -- Richard Laager <rlaa...@wiktel.com> Mon, 19 Sep 2016 06:18:23 -0500
+
cryptsetup (2:1.7.2-0ubuntu1) yakkety; urgency=medium
* New upstream release, merge from Debian unstable (LP: #1548137). Remaining
diff -Nru cryptsetup-1.7.2/debian/initramfs/cryptroot-hook
cryptsetup-1.7.2/debian/initramfs/cryptroot-hook
--- cryptsetup-1.7.2/debian/initramfs/cryptroot-hook 2016-04-29
01:18:05.000000000 -0500
+++ cryptsetup-1.7.2/debian/initramfs/cryptroot-hook 2016-09-19
06:18:20.000000000 -0500
@@ -20,11 +20,11 @@
local device mount type options dump pass
local wantmount="$1"
- if [ ! -r /etc/fstab ]; then
+ if [ ! -r /proc/self/mounts ]; then
return 1
fi
- grep -s '^[^#]' /etc/fstab | \
+ cat /proc/self/mounts | \
while read device mount type options dump pass; do
if [ "$mount" = "$wantmount" ]; then
local devices
@@ -32,6 +32,10 @@
for dev in $(btrfs filesystem show
$(canonical_device "$device" --no-simplify) 2>/dev/null | sed -r -e 's/.*devid
.+ path (.+)/\1/;tx;d;:x') ; do
devices="$devices $(canonical_device
"$dev")"
done
+ elif [ "$type" = "zfs" ]; then
+ for dev in $(zpool status -P "${device%%/*}" |
awk 'NR == 1, /^[\t ]*config:/ { next } { if ($1 ~ /^\//) { print $1 } }'); do
+ devices="$devices $(canonical_device
"$dev")"
+ done
else
devices=$(canonical_device "$device") || return 0
fi
@@ -653,7 +657,7 @@
if [ -r /etc/crypttab ]; then
rootdevs=$(get_fs_devices /)
if [ -z "$rootdevs" ]; then
- echo "cryptsetup: WARNING: could not determine root device from
/etc/fstab" >&2
+ echo "cryptsetup: WARNING: could not determine root device from
/proc/self/mounts" >&2
fi
usrdevs=$(get_fs_devices /usr)
resumedevs=$(get_resume_devices)
signature.asc
Description: OpenPGP digital signature
