blob: c8a5d4cc737166a949b9724fa5a82896abdc08c4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
#!/usr/bin/bash
build() {
add_binary '/usr/lib/cryptsetup/libcryptsetup-token-systemd-pkcs11.so'
for FILE in /usr/lib/libp11-kit.so* /usr/lib/libpcsclite.so* /usr/lib/libpcsclite_real.so*; do
if [[ -L "${FILE}" ]]; then
add_symlink "${FILE}"
else
add_binary "${FILE}"
fi
done
printf 'module: librtpkcs11ecp.so\n' | add_file - '/usr/share/p11-kit/modules/rutoken.module' 644
add_binary '/usr/lib/pkcs11/librtpkcs11ecp.so'
add_systemd_unit 'pcscd.service'
printf '%s\n' \
'[Unit]' \
'DefaultDependencies=no' \
'[Service]' \
'ExecStart=' \
'ExecStart=/usr/bin/pcscd --foreground --disable-polkit' \
| add_systemd_drop_in 'pcscd.service' 'mkinitcpio'
add_systemd_unit 'pcscd.socket'
printf '[Unit]\nDefaultDependencies=no\n' | add_systemd_drop_in 'pcscd.socket' 'mkinitcpio'
# pcscd.socket -> cryptsetup-pre.target -> systemd-cryptsetup@.service -> cryptsetup.target
add_systemd_unit 'cryptsetup-pre.target'
add_symlink '/usr/lib/systemd/system/cryptsetup-pre.target.wants/pcscd.socket' '/usr/lib/systemd/system/pcscd.socket'
add_symlink '/usr/lib/systemd/system/cryptsetup.target.wants/cryptsetup-pre.target' '/usr/lib/systemd/system/cryptsetup-pre.target'
add_file '/usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist'
add_binary '/usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Linux/libccid.so'
}
help() {
cat <<HELPEOF
This hook allows systemd to unlock LUKS2 volumes with the RuToken PKCS#11 module.
HELPEOF
}
|