mirrors
/
archlinux-initrd-ssh-cryptsetup
mirror of https://github.com/suiryc/archlinux-initrd-ssh-cryptsetup.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Use SHA256 checksums instead of MD5 

v0.9-2
0.9-2
Julien Coloos 2021-11-12 18:03:46 +01:00
parent c3cafcf6cd
commit 3449995d4a
5 changed files with 327 additions and 304 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
ChangeLog
View File

@ -1,3 +1,16 @@
2021-11-12 Julien Coloos <julien.coloos [at] gmail [dot] com>
* v0.10-1
Option to use login shell instead of cryptsetup script
Re-enable Wake-on-LAN on network device
2021-11-12 Julien Coloos <julien.coloos [at] gmail [dot] com>
* v0.9-2
Use SHA256 checksums instead of MD5
2021-10-24 Julien Coloos <julien.coloos [at] gmail [dot] com> 2021-10-24 Julien Coloos <julien.coloos [at] gmail [dot] com>
* v0.9-1 * v0.9-1

8
PKGBUILD
View File

@ -1,17 +1,17 @@
# Maintainer: Julien Coloos <julien.coloos [at] gmail [dot] com> # Maintainer: Julien Coloos <julien.coloos [at] gmail [dot] com>
pkgname=initrd-ssh-cryptsetup pkgname=initrd-ssh-cryptsetup
pkgver=0.9 pkgver=0.10
pkgrel=1 pkgrel=1
pkgdesc="Allows for LUKS-encrypted devices to be unlocked remotely over SSH" pkgdesc="Allows for LUKS-encrypted devices to be unlocked remotely over SSH"
arch=('any') arch=('any')
url="https://github.com/suiryc/archlinux-$pkgname" url="https://github.com/suiryc/archlinux-$pkgname"
license=('GPL3') license=('GPL3')
depends=('dropbear' 'cryptsetup' 'mkinitcpio-nfs-utils' 'iproute2') depends=('dropbear' 'cryptsetup' 'mkinitcpio-nfs-utils' 'iproute2' 'ethtool')
install=$pkgname.install install=$pkgname.install
changelog='ChangeLog' changelog='ChangeLog'
source=("http://julien.coloos.free.fr/archlinux/$pkgname-$pkgver.tar.xz" "$pkgname.install") source=("http://julien.coloos.free.fr/archlinux/$pkgname-$pkgver.tar.xz" "$pkgname.install")
md5sums=('c94a905ca91f7afe2c0f771bd5182cb2' sha256sums=('c3fa91fc8ba2228b3492d3709231918c8015cc3da49f516c3eacea5c0217536c'
'ac60109d80e7bb2af0d66e69aaf178a6') 'b84978b3c2ef32208c2b104ee2d3ce8aaec26da0bd4e9e1c83942f373bbf6285')
package() { package() {
install -Dm644 "$srcdir/src/install/ssh-cryptsetup" "$pkgdir/usr/lib/initcpio/install/ssh-cryptsetup" install -Dm644 "$srcdir/src/install/ssh-cryptsetup" "$pkgdir/usr/lib/initcpio/install/ssh-cryptsetup"

3
README.md
View File

@ -64,5 +64,6 @@ For example:
3. Update ChangeLog 3. Update ChangeLog
4. Update `PKGBUILD` 4. Update `PKGBUILD`
* bump `pkgver` if `src` was modified, or `pkgrel` if building files were modified * bump `pkgver` if `src` was modified, or `pkgrel` if building files were modified
* refresh `md5sums` if necessary (based on `md5sum initrd-ssh-cryptsetup-*.tar.xz initrd-ssh-cryptsetup.install` output) * refresh `sha256sums` with `updpkgsums` if necessary
- or manually, based on `sha256sum initrd-ssh-cryptsetup-*.tar.xz initrd-ssh-cryptsetup.install` output
5. Delete generated archive file if any 5. Delete generated archive file if any

19
src/hooks/ssh-cryptsetup
View File

@ -8,12 +8,14 @@ sshcs_env_load() {
local debug_default=0 local debug_default=0
local timeout_ipconfig_default=10 local timeout_ipconfig_default=10
local timeout_poweroff_min=120 local timeout_poweroff_min=120
local use_shell_default=0
[ -e "${sshcs_env}" ] && . "${sshcs_env}" [ -e "${sshcs_env}" ] && . "${sshcs_env}"
[ -z "${sshcs_opt_debug}" ] && sshcs_opt_debug=${debug_default} [ -z "${sshcs_opt_debug}" ] && sshcs_opt_debug=${debug_default}
[ -z "${sshcs_opt_timeout_ipconfig}" ] && sshcs_opt_timeout_ipconfig=${timeout_ipconfig_default} [ -z "${sshcs_opt_timeout_ipconfig}" ] && sshcs_opt_timeout_ipconfig=${timeout_ipconfig_default}
[ -n "${sshcs_opt_listen}" ] && sshcs_opt_listen="-p ${sshcs_opt_listen}" [ -n "${sshcs_opt_listen}" ] && sshcs_opt_listen="-p ${sshcs_opt_listen}"
[ -z "${sshcs_opt_timeout_poweroff}" ] && sshcs_opt_timeout_poweroff=${timeout_poweroff_min} [ -z "${sshcs_opt_timeout_poweroff}" ] && sshcs_opt_timeout_poweroff=${timeout_poweroff_min}
[ -z "${sshcs_opt_use_shell}" ] && sshcs_opt_use_shell=${use_shell_default}
[ ${sshcs_opt_timeout_poweroff} -ge 0 ] && [ ${sshcs_opt_timeout_poweroff} -lt ${timeout_poweroff_min} ] && sshcs_opt_timeout_poweroff=${timeout_poweroff_min} [ ${sshcs_opt_timeout_poweroff} -ge 0 ] && [ ${sshcs_opt_timeout_poweroff} -lt ${timeout_poweroff_min} ] && sshcs_opt_timeout_poweroff=${timeout_poweroff_min}
} }
@ -134,11 +136,15 @@ sshcs_dropbear_unlock() {
fi fi
# /etc/passwd file for the root user # /etc/passwd file for the root user
echo "root:x:0:0:root:/root:${dropbear_login_shell}" > "/etc/passwd" if [ ${sshcs_opt_use_shell} -eq 0 ]; then
echo "${dropbear_login_shell}" > "/etc/shells" echo "root:x:0:0:root:/root:${dropbear_cryptsetup_shell}" > "/etc/passwd"
echo "${dropbear_cryptsetup_shell}" > "/etc/shells"
else
echo "root:x:0:0:root:/root:/usr/bin/ash" > "/etc/passwd"
fi
# root login script # root login script
cat <<EOF > "${dropbear_login_shell}" cat <<EOF > "${dropbear_cryptsetup_shell}"
#!/usr/bin/ash #!/usr/bin/ash
. "/init_functions" . "/init_functions"
@ -160,7 +166,7 @@ else
fi fi
echo "" echo ""
EOF EOF
chmod a+x "${dropbear_login_shell}" chmod a+x "${dropbear_cryptsetup_shell}"
[ ! -d "/var/log" ] && mkdir -p "/var/log" [ ! -d "/var/log" ] && mkdir -p "/var/log"
touch "/var/log/lastlog" touch "/var/log/lastlog"
@ -177,7 +183,7 @@ EOF
kill $(cat "${path_dropbear_pid}") kill $(cat "${path_dropbear_pid}")
rm -f "${path_dropbear_pid}" rm -f "${path_dropbear_pid}"
fi fi
rm -f "${sshcs_cryptsetup_script}" "${dropbear_login_shell}" "/etc/passwd" "/etc/shells" "/var/log/lastlog" rm -f "${sshcs_cryptsetup_script}" "${dropbear_cryptsetup_shell}" "/etc/passwd" "/etc/shells" "/var/log/lastlog"
# cleanup /dev/pts if necessary # cleanup /dev/pts if necessary
if [ ${dev_pts_mounted} -ne 0 ]; then if [ ${dev_pts_mounted} -ne 0 ]; then
@ -257,7 +263,7 @@ run_hook() {
local etc_crypttab="/etc/crypttab" local etc_crypttab="/etc/crypttab"
local sshcs_env="/etc/initcpio/sshcs_env" local sshcs_env="/etc/initcpio/sshcs_env"
local path_dropbear_pid="/.dropbear.pid" local path_dropbear_pid="/.dropbear.pid"
local dropbear_login_shell="/.cryptsetup_shell.sh" local dropbear_cryptsetup_shell="/.cryptsetup_shell.sh"
local sshcs_cryptsetup_script="/.cryptsetup_script.sh" local sshcs_cryptsetup_script="/.cryptsetup_script.sh"
local net_env="/.net_env.sh" local net_env="/.net_env.sh"
local line iparg net_address net_device ipconfig_out net_netmask net_gateway net_dns0 net_dns1 local line iparg net_address net_device ipconfig_out net_netmask net_gateway net_dns0 net_dns1
@ -309,3 +315,4 @@ run_hook() {
# stop the network before going on in boot sequence # stop the network before going on in boot sequence
sshcs_net_done sshcs_net_done
} }

4
src/install/ssh-cryptsetup
View File

@ -72,7 +72,8 @@ build() {
add_binary "dmsetup" add_binary "dmsetup"
add_binary "dropbear" add_binary "dropbear"
add_binary "ip" add_binary "ip"
add_binary "/usr/lib/initcpio/ipconfig" "/sbin/ipconfig" add_binary "/usr/lib/initcpio/ipconfig" "/bin/ipconfig"
add_binary "ethtool"
# Our hook files # Our hook files
[ -e "${sshcs_env}" ] && add_file "${sshcs_env}" [ -e "${sshcs_env}" ] && add_file "${sshcs_env}"
@ -127,3 +128,4 @@ if present or generated if missing. Fingerprints are displayed upon building
the initramfs image. the initramfs image.
EOF EOF
} }