From 0d250492b5ce1f01040898da7eba7db5df4f07be Mon Sep 17 00:00:00 2001 From: Christian Hesse Date: Fri, 26 Feb 2016 23:31:31 +0100 Subject: drop shell script and implement with systemd units --- mkinitcpio/ykfde | 12 ++++-------- systemd/ykfde-2f | 18 ------------------ systemd/ykfde-2f.service | 2 +- systemd/ykfde-notify.service | 18 ++++++++++++++++++ 4 files changed, 23 insertions(+), 27 deletions(-) delete mode 100644 systemd/ykfde-2f create mode 100644 systemd/ykfde-notify.service diff --git a/mkinitcpio/ykfde b/mkinitcpio/ykfde index 5a407f5..4932dfd 100644 --- a/mkinitcpio/ykfde +++ b/mkinitcpio/ykfde @@ -11,15 +11,11 @@ build() { add_systemd_unit cryptsetup-pre.target add_systemd_unit ykfde-2f.service add_symlink /usr/lib/systemd/system/sysinit.target.wants/ykfde-2f.service ../ykfde-2f.service - add_file /usr/lib/systemd/scripts/ykfde-2f + add_systemd_unit ykfde-notify.service + add_symlink /usr/lib/systemd/system/sysinit.target.wants/ykfde-notify.service ../ykfde-notify.service add_binary systemd-ask-password - - # shell and commands - local applet - add_binary /usr/lib/initcpio/busybox /usr/bin/busybox - for applet in cat kill sh sleep; do - add_symlink "/usr/bin/${applet}" busybox - done + add_binary pkill + add_binary sleep fi } diff --git a/systemd/ykfde-2f b/systemd/ykfde-2f deleted file mode 100644 index c34bde8..0000000 --- a/systemd/ykfde-2f +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/sh - -# (C) 2016 by Christian Hesse -# -# This software may be used and distributed according to the terms -# of the GNU General Public License, incorporated herein by reference. - -systemd-ask-password --no-tty --keyname='ykfde-2f' 'Please enter second factor for Yubikey full disk encryption!' >/dev/null - -if [ -s '/run/ykfde.pid' ]; then - kill -USR1 $(cat '/run/ykfde.pid') - # ykfde started from udev needs a moment to set up the key - # in store. It is out of systemd control, so wait a moment - # here. - sleep 0.2 -fi - -true diff --git a/systemd/ykfde-2f.service b/systemd/ykfde-2f.service index cfdab43..f514c7d 100644 --- a/systemd/ykfde-2f.service +++ b/systemd/ykfde-2f.service @@ -14,4 +14,4 @@ ConditionPathExists=/etc/ykfde.d/ Type=oneshot RemainAfterExit=yes TimeoutSec=0 -ExecStart=/usr/lib/systemd/scripts/ykfde-2f +ExecStart=/usr/bin/systemd-ask-password --no-tty --keyname='ykfde-2f' 'Please enter second factor for Yubikey full disk encryption!' diff --git a/systemd/ykfde-notify.service b/systemd/ykfde-notify.service new file mode 100644 index 0000000..e77f634 --- /dev/null +++ b/systemd/ykfde-notify.service @@ -0,0 +1,18 @@ +# (C) 2016 by Christian Hesse +# +# This software may be used and distributed according to the terms +# of the GNU General Public License, incorporated herein by reference. + +[Unit] +Description=Notify ykfde about key +DefaultDependencies=no +Before=cryptsetup-pre.target +Wants=cryptsetup-pre.target +Requires=ykfde-2f.service +ConditionPathExists=/run/ykfde.pid + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/pkill -USR1 --pidfile /run/ykfde.pid +ExecStart=/usr/bin/sleep 0.2 -- cgit v1.2.3-70-g09d2