Re: dracut in fedora 28 and luks encrypted drive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



05.07.2018 22:29, Ratliff, John пишет:
> I have my lvm partition luks encrypted. I'd like to be able to put a
> USB stick in the laptop and let that unlock the drive without a
> password, but if the USB stick isn't present, I want it to prompt for
> the password.
> 
> In arch linux, I can make a hook into the initramfs where I can run
> some bash code to make this work. In Ubuntu/Debian, there is a
> keyscript line in /etc/crypttab that lets me do something similar.
> 
> In Fedora, it uses systemd. And systemd seems to have its own unlock
> for the disk. Is there a way to hook into this using dracut in Fedora
> 28? For the moment, I simply removed all the systemd modules from
> dracut and added the old crypt module. That works, but I don't know
> what the systemd modules were doing or if it was a bad idea to do that.
> 
> Thanks for any suggestions.
> 

No, systemd does not support this complex logic. It is actually
impossible to implement with internal systemd tools because decision
whether to use keyfile or interactive passphrase query happens very
early, when it is simply unknown whether keyfile exists.

systemd internal tools do not support keyscript either.

It may be possible to disable systemd tools only and use custom
script/units instead.
--
To unsubscribe from this list: send the line "unsubscribe initramfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux Kernel]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux