blob: 4d3af57e764042c163d1be534e0a7d7801c12564 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
#!/bin/sh
source /etc/ykfde.conf
# Looks like Yubikey is reset after challenge response, triggering
# yet another add event. Ignore if the file exists.
[ -s /crypto_keyfile.bin ] && exit 0
# write the response to keyfile
ykchalresp -${YKFDE_SLOT:-2} "$(cat /ykfde-challenge)" 2>/dev/null | tr -d '\n' > /crypto_keyfile.bin
# if the systemd unit was faster try to answer password agent
for REQUEST in $(ls -1 /run/systemd/ask-password/ask.* || \
inotifywait --quiet --format %w%f --event MOVED_TO --timeout 2 /run/systemd/ask-password/); do
grep -q '^Message=Please enter passphrase for disk' ${REQUEST} || exit 1
/usr/lib/systemd/systemd-reply-password 1 $(grep '^Socket=' ${REQUEST} | cut -d= -f2) < /crypto_keyfile.bin
done
|