Skip to content

Commit

Permalink
dracut: 90zfs: zfs-load-key: wait for key to appear for up to 10 seconds
Browse files Browse the repository at this point in the history 
Also reduce password retries to 3 to match i-t

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Closes openzfs#12065
Closes openzfs#12108
  • Loading branch information
@nabijaczleweli @tonyhutter
nabijaczleweli authored and tonyhutter committed Feb 17, 2022
1 parent 9cbc2ed commit f9baf96
Showing 1 changed file with 26 additions and 10 deletions.
36 changes: 26 additions & 10 deletions contrib/dracut/90zfs/zfs-load-key.sh.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,16 +42,32 @@ if [ "$(zpool list -H -o feature@encryption "${BOOTFS%%/*}")" = 'active' ]; then
[ "$KEYSTATUS" = "unavailable" ] || exit 0

KEYLOCATION="$(zfs get -H -o value keylocation "${ENCRYPTIONROOT}")"
if ! [ "${KEYLOCATION}" = "prompt" ]; then
if ! [ "${KEYLOCATION#http}" = "${KEYLOCATION}" ]; then
case "${KEYLOCATION%%://*}" in
prompt)
for _ in 1 2 3; do
systemd-ask-password "Encrypted ZFS password for ${BOOTFS}" --no-tty | zfs load-key "${ENCRYPTIONROOT}" && break
done
;;
http*)
systemctl start network-online.target
fi
zfs load-key "${ENCRYPTIONROOT}"
else
# decrypt them
for _ in 1 2 3 4 5; do
systemd-ask-password "Encrypted ZFS password for ${BOOTFS}" --no-tty | zfs load-key "${ENCRYPTIONROOT}" && break
done
fi
zfs load-key "${ENCRYPTIONROOT}"
;;
file)
KEYFILE="${KEYLOCATION#file://}"
[ -r "${KEYFILE}" ] || udevadm settle
[ -r "${KEYFILE}" ] || {
info "Waiting for key ${KEYFILE} for ${ENCRYPTIONROOT}..."
for _ in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20; do
sleep 0.5s
[ -r "${KEYFILE}" ] && break
done
}
[ -r "${KEYFILE}" ] || warn "Key ${KEYFILE} for ${ENCRYPTIONROOT} hasn't appeared. Trying anyway."
zfs load-key "${ENCRYPTIONROOT}"
;;
*)
zfs load-key "${ENCRYPTIONROOT}"
;;
esac
fi
fi

0 comments on commit f9baf96

Please sign in to comment.