diff options
| author | Archzfs Buildbot | 2021-05-12 23:15:42 +0000 |
|---|---|---|
| committer | Archzfs Buildbot | 2021-05-12 23:15:42 +0000 |
| commit | 51ec48a99727120bcd67c4d4f3040e64015340c2 (patch) | |
| tree | 996208a16bc8cedbb6ba9db3e209b9084356af44 | |
| parent | 1536997cf48cb62aa9c2be3f7aab6fe0599de6ab (diff) | |
| download | aur-51ec48a99727120bcd67c4d4f3040e64015340c2.tar.gz | |
Semi-automated update for zfs 2.1.0-rc5
| -rw-r--r-- | .SRCINFO | 10 | ||||
| -rw-r--r-- | PKGBUILD | 8 | ||||
| -rw-r--r-- | zfs-utils.initcpio.hook | 46 | ||||
| -rw-r--r-- | zfs-utils.initcpio.zfsencryptssh.install | 2 |
4 files changed, 43 insertions, 23 deletions
@@ -1,6 +1,6 @@ pkgbase = zfs-utils-rc pkgdesc = Kernel module support files for the Zettabyte File System. - pkgver = 2.0.0_rc7 + pkgver = 2.1.0_rc5 pkgrel = 1 url = http://zfsonlinux.org/ install = zfs-utils.install @@ -20,14 +20,14 @@ pkgbase = zfs-utils-rc backup = etc/default/zfs backup = etc/modules-load.d/zfs.conf backup = etc/sudoers.d/zfs - source = https://github.com/zfsonlinux/zfs/releases/download/zfs-2.0.0-rc7/zfs-2.0.0-rc7.tar.gz + source = https://github.com/zfsonlinux/zfs/releases/download/zfs-2.1.0-rc5/zfs-2.1.0-rc5.tar.gz source = zfs-utils.initcpio.install source = zfs-utils.initcpio.hook source = zfs-utils.initcpio.zfsencryptssh.install - sha256sums = 640fde2b678040c9511172bf3b7ffc444d8e8daa1d738f4687f1ad92d6d01e7b + sha256sums = d6488d89e8d76386d8946732e5117ce2f06544a1775b6b90c12208e9771684aa sha256sums = 29a8a6d76fff01b71ef1990526785405d9c9410bdea417b08b56107210d00b10 - sha256sums = 449a6db4abd3f166562bb67a63950af053e9ec07eabbfcdff827c5ed0113a2d6 - sha256sums = 29080a84e5d7e36e63c4412b98646043724621245b36e5288f5fed6914da5b68 + sha256sums = ad3e7244aca20fce005860c5118d46a77a0b4f5644d73e9648ea3ba5ff87c4c3 + sha256sums = 93e6ac4e16f6b38b2fa397a63327bcf7001111e3a58eb5fb97c888098c932a51 pkgname = zfs-utils-rc @@ -7,7 +7,7 @@ # pkgname="zfs-utils-rc" -pkgver=2.0.0_rc7 +pkgver=2.1.0_rc5 pkgrel=1 pkgdesc="Kernel module support files for the Zettabyte File System." makedepends=("python" "python-setuptools" "python-cffi") @@ -18,10 +18,10 @@ source=("https://github.com/zfsonlinux/zfs/releases/download/zfs-${pkgver/_/-}/z "zfs-utils.initcpio.install" "zfs-utils.initcpio.hook" "zfs-utils.initcpio.zfsencryptssh.install") -sha256sums=("640fde2b678040c9511172bf3b7ffc444d8e8daa1d738f4687f1ad92d6d01e7b" +sha256sums=("d6488d89e8d76386d8946732e5117ce2f06544a1775b6b90c12208e9771684aa" "29a8a6d76fff01b71ef1990526785405d9c9410bdea417b08b56107210d00b10" - "449a6db4abd3f166562bb67a63950af053e9ec07eabbfcdff827c5ed0113a2d6" - "29080a84e5d7e36e63c4412b98646043724621245b36e5288f5fed6914da5b68") + "ad3e7244aca20fce005860c5118d46a77a0b4f5644d73e9648ea3ba5ff87c4c3" + "93e6ac4e16f6b38b2fa397a63327bcf7001111e3a58eb5fb97c888098c932a51") license=("CDDL") groups=("archzfs-linux-rc") provides=("zfs-utils" "spl-utils") diff --git a/zfs-utils.initcpio.hook b/zfs-utils.initcpio.hook index c3c62150aff1..1ecffda53fa8 100644 --- a/zfs-utils.initcpio.hook +++ b/zfs-utils.initcpio.hook @@ -29,24 +29,44 @@ zfs_get_bootfs () { zfs_decrypt_fs() { dataset=$1 - # check if 'zfs load-key' is available - zfs 2>&1 | grep load-key > /dev/null || return 0 + # Make sure dataset is encrypted; get fails if ZFS does not support encryption + encryption="$(zfs get -H -o value encryption "${dataset}" 2>/dev/null)" || return 0 + [ "${encryption}" != "off" ] || return 0 - # check if dataset is encrypted - [ "$(zfs get -H -o value encryption "${dataset}")" != "off" ] || return 0 + # Make sure the dataset is locked + keystatus="$(zfs get -H -o value keystatus "${dataset}")" || return 0 + [ "${keystatus}" != "available" ] || return 0 - # check if key is already loaded - [ "$(zfs get -H -o value keystatus "${dataset}")" != "available" ] || return 0 + # Make sure the encryptionroot is sensible + encryptionroot="$(zfs get -H -o value encryptionroot "${dataset}")" || return 0 + [ "${encryptionroot}" != "-" ] || return 0 - # get the encryption root - encryptionroot=$(zfs get -H -o value encryptionroot "${dataset}") - - # export encription root to be used by other hooks (SSH) + # Export encryption root to be used by other hooks (SSH) echo "${encryptionroot}" > /.encryptionroot - # loop until we get the correct password or key is unlocked by another vector (SSH for instance) - while [ "$(zfs get -H -o value keystatus "${encryptionroot}")" != "available" ] && - ! eval zfs load-key "${encryptionroot}"; do + # If key location is a file, determine if it can by overridden by prompt + prompt_override="" + if keylocation="$(zfs get -H -o value keylocation "${dataset}")"; then + if [ "${keylocation}" != "prompt" ]; then + if keyformat="$(zfs get -H -o value keyformat "${dataset}")"; then + [ "${keyformat}" = "passphrase" ] && prompt_override="yes" + fi + fi + fi + + # Loop until key is loaded here or by another vector (SSH, for instance) + while [ "$(zfs get -H -o value keystatus "${encryptionroot}")" != "available" ]; do + # Try the default loading mechanism + zfs load-key "${encryptionroot}" && break + + # Load failed, try a prompt if the failure was not a prompt + if [ -n "${prompt_override}" ]; then + echo "Unable to load key ${keylocation}; please type the passphrase" + echo "To retry the file, interrupt now or repeatedly input a wrong passphrase" + zfs load-key -L prompt "${encryptionroot}" && break + fi + + # Throttle retry attempts sleep 2 done diff --git a/zfs-utils.initcpio.zfsencryptssh.install b/zfs-utils.initcpio.zfsencryptssh.install index e0ef04beabfe..f724eeec5663 100644 --- a/zfs-utils.initcpio.zfsencryptssh.install +++ b/zfs-utils.initcpio.zfsencryptssh.install @@ -1,7 +1,7 @@ #!/bin/bash make_etc_passwd() { - echo 'root:x:0:0:root:/root:/bin/zfsdecrypt_shell' > "${BUILDROOT}"/etc/passwd + echo 'root:x:0:0:root:/root:/bin/zfsdecrypt_shell' >> "${BUILDROOT}"/etc/passwd echo '/bin/zfsdecrypt_shell' > "${BUILDROOT}"/etc/shells } |