[pkg-cryptsetup-devel] Bug#901795: cryptsetup-initramfs: please provide documented shell functions to validate/sanitize cryptroot entries in 3rd party hook files
Christoph Anton Mitterer
calestyo at scientia.net
Mon Sep 27 02:33:37 BST 2021
Seems to be doable with a simply oneliner:
--- a/lib/cryptsetup/functions 2021-09-27 03:30:31.928052985 +0200
+++ b/lib/cryptsetup/functions 2021-09-27 03:30:28.387976358 +0200
@@ -278,6 +278,7 @@
local keyscriptarg="$1" CRYPTTAB_TRIED="$2" keyscript;
export CRYPTTAB_NAME CRYPTTAB_SOURCE CRYPTTAB_OPTIONS
export CRYPTTAB_TRIED
+ export _CRYPTTAB_NAME _CRYPTTAB_SOURCE _CRYPTTAB_KEY _CRYPTTAB_OPTIONS
if [ -n "${CRYPTTAB_OPTION_keyscript+x}" ] && \
[ "$CRYPTTAB_OPTION_keyscript" != "/lib/cryptsetup/askpass" ]; then
But I'm not sure how you'd want to handle _CRYPTTAB_KEY. It seems to be
there at this point, but CRYPTTAB_KEY is set below in the conditional
from $keyscriptarg .
Cheers,
Chris.
More information about the pkg-cryptsetup-devel
mailing list