luc/zlevis
1
1
Fork 0
Code Issues Pull requests Releases 5 Wiki Activity

Replacement of zlevis-fetch #4

New issue
Closed
opened 2025-02-13 19:56:46 +01:00 by luc · 2 comments
luc commented 2025-02-13 19:56:46 +01:00
Owner
Copy link

The zlevis-fetch script uses the following line to find the "root"-pool, while it generally works, it may be an unnecessary step as the initramfs already knows the relevant root-pool.

Line 22 in 3344160
zfs list -Ho name,encryption,keystatus,encryptionroot,tpm:jwe | while IFS=$'\t' read -r ds enc keystatus encroot jwe; do

Additionally, zlevis-fetch will not work if for some reason there are multiple pools, but in the initramfs this would generally be not the case, right @nils?

The `zlevis-fetch` script uses the following line to find the "root"-pool, while it generally works, it may be an unnecessary step as the `initramfs` already knows the relevant root-pool. https://git.bijl.us/luc/zlevis/src/commit/3344160e528b06220f9f84cb5effb74f6b947221/src/zlevis-fetch#L22 Additionally, `zlevis-fetch` will not work if for some reason there are multiple pools, but in the `initramfs` this would generally be not the case, right @nils?
luc self-assigned this 2025-02-13 19:56:51 +01:00
luc added reference master 2025-02-13 19:57:34 +01:00
luc commented 2025-02-13 20:01:26 +01:00
Author
Owner
Copy link

This issue is of course related to issue #2.

This issue is of course related to issue #2.
luc commented 2025-02-19 21:40:46 +01:00
Author
Owner
Copy link

The zlevis-fetch script has been replaced by zlevis, particularly in the initramfs-init of mkinitfs this will result in

zlevis decrypt "$_root_pool" | zfs load-key -L prompt "$_root_pool" || eval zfs load-key "$_encryption_root"

in prepare_zfs_root(). Which by default uses the pool that has been deemed the root by the initramfs configuration, nullifying the earlier posed problem.

The `zlevis-fetch` script has been replaced by `zlevis`, particularly in the `initramfs-init` of `mkinitfs` this will result in ```shell zlevis decrypt "$_root_pool" | zfs load-key -L prompt "$_root_pool" || eval zfs load-key "$_encryption_root" ``` in `prepare_zfs_root()`. Which by default uses the pool that has been deemed the root by the initramfs configuration, nullifying the earlier posed problem.
luc closed this issue 2025-02-19 21:40:46 +01:00
Sign in to join this conversation.
master
Branches Tags
Clear current reference
master
Clear current reference
2.0
1.3
1.2
1.1
1.0
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
luc
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: luc/zlevis#4
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?