diff options
| author | Toni Uhlig <matzeton@googlemail.com> | 2019-03-07 14:40:49 +0100 |
|---|---|---|
| committer | Toni Uhlig <matzeton@googlemail.com> | 2019-03-07 14:40:49 +0100 |
| commit | 5d95abdee246b6dbb1643f13e916e91700f133aa (patch) | |
| tree | 0d37729f79430373a0af256bbb14e11b7c9fc69c | |
| parent | 9b1dbbd805fd0f11697a2c82dd8d2ab092f6e4f7 (diff) | |
debian initramfs-script supports shutdown on timeout/failure
Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
| -rwxr-xr-x | scripts/naskpass_debian.initscript | 29 |
1 files changed, 23 insertions, 6 deletions
diff --git a/scripts/naskpass_debian.initscript b/scripts/naskpass_debian.initscript index 4075184..f9d0d25 100755 --- a/scripts/naskpass_debian.initscript +++ b/scripts/naskpass_debian.initscript @@ -31,7 +31,7 @@ post_naskpass() # stop sshd kill $(pidof sshd) # shutdown/clean all up'd network interfaces - for interface in $(ifconfig | grep -oE '^[a-zA-Z0-9]+\s+'); do + for interface in $(ifconfig | grep -oE '^[a-zA-Z0-9]+'); do echo "disable ${interface}" ifconfig ${interface} 0.0.0.0 ifconfig ${interface} down @@ -334,6 +334,11 @@ setup_mapping() if ! crypttarget="$crypttarget" cryptsource="$cryptsource" \ $cryptkeyscript -c"$cryptopen"; then message "cryptsetup ($crypttarget): cryptsetup failed, bad password or options?" + for val in $(seq 3); do + echo -en "\rWait ${val}/3 seconds.." + sleep 1 + done + echo continue fi fi @@ -389,13 +394,19 @@ setup_mapping() break done - failsleep=60 # make configurable later? - if [ "$cryptrootdev" = "yes" ] && [ $crypttries -gt 0 ] && [ $count -ge $crypttries ]; then message "cryptsetup ($crypttarget): maximum number of tries exceeded" - message "cryptsetup: going to sleep for $failsleep seconds..." - sleep $failsleep - exit 1 + if [ ${NASKPASS_SHUTDOWN} -ne 0 ]; then + echo 1 >/proc/sys/kernel/sysrq + for val in $(seq 5); do + echo -en "\rShutdown in ${val}/5 seconds.." + sleep 1 + done + echo + echo o >/proc/sysrq-trigger + sleep 5 + fi + return 1 fi udev_settle @@ -406,6 +417,8 @@ setup_mapping() # Begin real processing # +export NASKPASS_SHUTDOWN=0 + # Do we have any kernel boot arguments? cmdline_cryptopts='' unset cmdline_root @@ -430,6 +443,9 @@ for opt in $(cat /proc/cmdline); do *) # lilo major/minor number (See #398957). Ignore esac ;; + naskshutdown) + export NASKPASS_SHUTDOWN=1 + ;; nonaskpass) message "naskpass: disabled with nonaskpass..." exit 0 @@ -456,4 +472,5 @@ if [ -r /conf/conf.d/cryptroot ]; then fi post_naskpass + exit 0 |