diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2022-01-28 15:37:34 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2022-01-28 15:37:34 -0300 |
| commit | 5d8c13e99c6112f445659bda803f0d86c1e642bb (patch) | |
| tree | 055d7a1061329f572708f17292f2d47264343aae | |
| parent | 91491219056d4cffe0373ccedfd6b1ccce4f0809 (diff) | |
| download | hydra-5d8c13e99c6112f445659bda803f0d86c1e642bb.tar.gz hydra-5d8c13e99c6112f445659bda803f0d86c1e642bb.tar.bz2 | |
Fix: provision: cryptsetup fixes
| -rwxr-xr-x | share/hydractl/provision | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/share/hydractl/provision b/share/hydractl/provision index bd9303b..54c92e9 100755 --- a/share/hydractl/provision +++ b/share/hydractl/provision @@ -55,7 +55,12 @@ function hydra_cryptsetup { #hydra_sudo_run cryptsetup --cipher aes-xts-plain64:sha256 --key-size 512 --hash sha512 --iter-time 5000 --use-random -y -q luksFormat $1 # Run cryptsetup mostly with defaults - hydra_sudo_run cryptsetup --use-random -y -q luksFormat $1 + #hydra_sudo_run cryptsetup --use-random -y -q luksFormat $1 + + # GRUB2 from bullseye (or even older) does not support LUKS2, which seems + # the default type for luksFormat since bullseye at least + # See https://cryptsetup-team.pages.debian.net/cryptsetup/encrypted-boot.html + hydra_sudo_run cryptsetup --use-random -y -q luksFormat --type luks1 $1 fi } @@ -638,8 +643,12 @@ aes sha256 EOF - if [ -e "$WORK/etc/cryptsetup-initramfs/conf-hook" ]; then - hydra_sudo_run sed -i -e 's/#CRYPTSETUP=/CRYPTSETUP=y/' $WORK/etc/cryptsetup-initramfs/conf-hook + #if [ -e "$WORK/etc/cryptsetup-initramfs/conf-hook" ]; then + # hydra_sudo_run sed -i -e 's/#CRYPTSETUP=/CRYPTSETUP=y/' $WORK/etc/cryptsetup-initramfs/conf-hook + #fi + + if [ -d "$WORK/etc/initramfs-tools/hooks.d" ]; then + echo "CRYPTSETUP=y" > $WORK/etc/initramfs-tools/hooks.d/cryptsetup.conf fi hydra_sudo_run chroot $WORK update-initramfs -u |