Initial commit

unlock_cryptkey_via_ssh.sh

@@ -0,0 +1,56 @@
+#!/bin/sh
+
+PREREQ="dropbear"
+
+prereqs() {
+    echo "$PREREQ"
+}
+
+case "$1" in
+    prereqs)
+        prereqs
+        exit 0
+    ;;
+esac
+
+. "$CONFDIR/initramfs.conf"
+#. /usr/share/initramfs-tools/hook-functions
+
+if [ "$DROPBEAR" != "n" ] && [ -r "/etc/crypttab" ] ; then
+    # fix for dropbear in Ubuntu 12.04 x86_64
+    [ -d /lib/x86_64-linux-gnu ] && cp -p /lib/x86_64-linux-gnu/libnss_* "$DESTDIR/lib/"
+
+    mkdir -m 755 -p "$DESTDIR/lib/unlock"
+
+##### /bin/unlock
+cat > "${DESTDIR}/bin/unlock" <<EOF
+#!/bin/sh
+if PATH=/lib/unlock:/bin:/sbin /scripts/local-top/cryptroot ; then
+    for n in cryptroot "plymouth ask-for-pass" cryptsetup ; do
+        p=\$(ps w | grep "\$n" | awk '\$5 != "grep" {print \$1}')
+        [ -n "\$p" ] && kill \$p
+    done
+    exit 0
+fi
+exit 1
+EOF
+##### EOF /bin/unlock
+
+##### /lib/unlock/plymouth
+cat > "$DESTDIR/lib/unlock/plymouth" <<-EOF
+#!/bin/sh
+[ "\$1" == "--ping" ] && exit 1
+exec /bin/plymouth "\$@"
+EOF
+##### EOF /lib/unlock/plymouth
+
+    chmod 755 "$DESTDIR/bin/unlock"
+    chmod 755 "$DESTDIR/lib/unlock/plymouth"
+
+    # enable password login
+    [ -n "$SSHUSERPASS" ] &&
+    touch "$DESTDIR/etc/shadow" && chmod 640 "$DESTDIR/etc/shadow" &&
+    getent shadow "$SSHUSERPASS" | sed -n "s/^$SSHUSERPASS:/root:/p" /etc/shadow >> "$DESTDIR/etc/shadow"
+
+    sed -i'' 's|^\(root:.*\):[^:]*$|\1:/bin/sh|' "$DESTDIR/etc/passwd"
+fi