diff options
| author |  Christian Hesse <mail@eworm.de> | 2016-01-16 02:13:22 +0100 |
|---|---|---|
| committer | Christian Hesse <mail@eworm.de> | 2016-01-16 02:26:21 +0100 |
| commit | 40a0f31f1838d4774ebd960640bfb230dc562ea1 (patch) | |
| tree | d2997424c305efd41a210432f1fad8aa9f6d88ee /systemd/ykfde-2f | |
| parent | f4c501575f6c6119acc8177406612bdfafab3cb3 (diff) | |
| download | mkinitcpio-ykfde-40a0f31f1838d4774ebd960640bfb230dc562ea1.tar.gz mkinitcpio-ykfde-40a0f31f1838d4774ebd960640bfb230dc562ea1.tar.zst | |
We have support for second factor. Yeah!
Diffstat (limited to 'systemd/ykfde-2f')
| -rw-r--r-- | systemd/ykfde-2f | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/systemd/ykfde-2f b/systemd/ykfde-2f new file mode 100644 index 0000000..3aac298 --- /dev/null +++ b/systemd/ykfde-2f @@ -0,0 +1,20 @@ +#!/bin/sh + +# (C) 2016 by Christian Hesse <mail@eworm.de> +# +# This software may be used and distributed according to the terms +# of the GNU General Public License, incorporated herein by reference. + +YKFDEFACTOR="$(systemd-ask-password --no-tty 'Please enter second factor for Yubikey full disk encryption!')" +YKFDESERIAL="$(keyctl 'add' 'user' 'ykfde-2f' "${YKFDEFACTOR}" '@u')" +keyctl 'timeout' "${YKFDESERIAL}" '150' + +if [ -s '/run/ykfde.pid' ]; then + kill -USR1 $(cat '/run/ykfde.pid') + # ykfde started from udev needs a moment to set up the key + # in store. It is out of systemd control, so wait a moment + # here. + sleep 0.2 +fi + +true |