naskpass initramfs script fixup

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>

1 files changed, 52 insertions, 0 deletions

diff --git a/scripts/naskpass_debian.inithook b/scripts/naskpass_debian.inithook
new file mode 100755
index 0000000..d45a142
--- /dev/null
+++ b/scripts/naskpass_debian.inithook
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+PREREQ="cryptroot"
+
+prereqs () {
+	echo "$PREREQ"
+}
+
+case "$1" in
+	prereqs)
+		prereqs
+		exit 0
+	;;
+esac
+
+
+. /usr/share/initramfs-tools/hook-functions
+
+# copy executables
+copy_exec /lib/cryptsetup/naskpass              /lib/cryptsetup
+copy_exec /lib/cryptsetup/naskshell             /bin
+copy_exec /lib/cryptsetup/naskpass_check        /lib/cryptsetup
+copy_exec /usr/sbin/sshd /sbin/sshd
+
+# OpenSSH config directory
+cp -R /etc/initramfs-tools/etc/ssh "${DESTDIR}/etc/"
+
+# /root is required for a successful SSH login
+if [ ! -r "${DESTDIR}/root" ]; then
+	mkdir -p "${DESTDIR}/root"
+	chown root:root "${DESTDIR}/root"
+	chmod 0700 "${DESTDIR}/root"
+fi
+
+# libnss and nsswitch are required for a successful SSH login
+copy_exec /usr/lib/$(dpkg-architecture -q DEB_HOST_MULTIARCH)/libnss_compat.so /usr/lib/$(dpkg-architecture -q DEB_HOST_MULTIARCH)/
+if [ -r "${DESTDIR}/etc/nsswitch.conf" ]; then
+echo "passwd:         compat" > "${DESTDIR}/etc/nsswitch.conf"
+echo "group:          compat" >>"${DESTDIR}/etc/nsswitch.conf"
+echo "shadow:         compat" >>"${DESTDIR}/etc/nsswitch.conf"
+fi
+
+# passwd, group, shadow entries to enable root with naskshell login
+[ -r "${DESTDIR}/etc/passwd" ] || echo 'root:x:0:0:root:/root:/bin/naskshell' >"${DESTDIR}/etc/passwd"
+[ -r "${DESTDIR}/etc/group" ] || echo 'root:x:0:' >"${DESTDIR}/etc/group"
+[ -r "${DESTDIR}/etc/shadow" ] || echo 'root:*:15446:0:99999:7:::' >"${DESTDIR}/etc/shadow"
+
+# terminfo is viable for ncurses programs
+mkdir -p ${DESTDIR}/lib/terminfo/l
+cp /lib/terminfo/l/linux ${DESTDIR}/lib/terminfo/l/
+
+exit 0