summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xsrc/initrd/grok-block18
1 files changed, 15 insertions, 3 deletions
diff --git a/src/initrd/grok-block b/src/initrd/grok-block
index f44ed19..efe46d8 100755
--- a/src/initrd/grok-block
+++ b/src/initrd/grok-block
@@ -87,11 +87,24 @@ retry_mount()
87 done 87 done
88} 88}
89 89
90Gpg2()
91{
92 gpg2 --lock-never --no-permission-warning --no-auto-check-trustdb --no-options "$@"
93}
94
90gpg_verify() 95gpg_verify()
91{ 96{
97 [ -e "$1" ] || return
92 bootwait samizdat-gpg 98 bootwait samizdat-gpg
93 export GNUPGHOME=/gpg/gnupghome 99 export GNUPGHOME=/gpg/gnupghome
94 gpg2 --lock-never --no-permission-warning --no-auto-check-trustdb --no-options --verify "$1" 100 Gpg2 --verify "$1"
101}
102
103gpg_can_decrypt()
104{
105 [ -e "$1" ] || return
106 bootwait samizdat-gpg
107 Gpg2 --decrypt "$1" | Gpg2 --decrypt "$1" >/dev/null
95} 108}
96 109
97is_lvm() 110is_lvm()
@@ -186,8 +199,7 @@ grok_block()
186 # TODO: And what if we create partitions and then reboot the machine mid-install? 199 # TODO: And what if we create partitions and then reboot the machine mid-install?
187 200
188 elif [ "$ID_PART_ENTRY_NAME" = samizdat-plaintext ]; then 201 elif [ "$ID_PART_ENTRY_NAME" = samizdat-plaintext ]; then
189 # TODO: First ensure we can decrypt the key 202 if gpg_verify "$mountpoint"/disk.key && gpg_can_decrypt "$mountpoint"/disk.key; then
190 if [ -e "$mountpoint"/disk.key ]; then
191 addmenu_choose_native_root "$(parent_device "$DEVNAME")" 203 addmenu_choose_native_root "$(parent_device "$DEVNAME")"
192 fi 204 fi
193 umount "$mountpoint" 205 umount "$mountpoint"