You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
First off - maybe there is a much easier way to do what I'm doing, but I can't see it.
I'm using dracut to build a NON hostonly initrd. This initrd is part of a signed UKI that I distribute, so to make it portable, I'm using labels on the crypt block device. (and in fstab)
Since I can't specify the label as a kernel option, I have to resort to using crypttab, but that only works for hostonly.
The hack I'm using to get around this at the moment is the following in 90crypt/module-setup.sh:
(remove hostonly check and add label match)
if [[ -f $dracutsysrootdir/etc/crypttab ]]; then
# filter /etc/crypttab for the devices we need
while read -r _mapper _dev _luksfile _luksoptions || [ -n "$_mapper" ]; do
[[ $_mapper == \#* ]] && continue
[[ $_dev ]] || continue
[[ $_dev == PARTUUID=* ]] &&
_dev="/dev/disk/by-partuuid/${_dev#PARTUUID=}"
[[ $_dev == UUID=* ]] &&
_dev="/dev/disk/by-uuid/${_dev#UUID=}"
[[ $_dev == ID=* ]] &&
_dev="/dev/disk/by-id/${_dev#ID=}"
[[ $_dev == LABEL=* ]] &&
_dev="/dev/disk/by-label/${_dev#LABEL=}"
echo "$_dev $(blkid "$_dev" -s UUID -o value)" >>"${initdir}/etc/block_uuid.map"
I also have to add a udev rule as /usr/lib/udev/rules.d/60-persistent-storage-dm.rules does not add the disk by label for some reason.
This all works, but it's super hack and I would much prefer to be able to just pass a label as a kernel option, as I don't know what the uuid will be at build time.
Thanks
The text was updated successfully, but these errors were encountered:
Describe the enhancement
Add option for
rd.luks.label=<label>
First off - maybe there is a much easier way to do what I'm doing, but I can't see it.
I'm using dracut to build a NON hostonly initrd. This initrd is part of a signed UKI that I distribute, so to make it portable, I'm using labels on the crypt block device. (and in fstab)
Since I can't specify the label as a kernel option, I have to resort to using crypttab, but that only works for hostonly.
The hack I'm using to get around this at the moment is the following in
90crypt/module-setup.sh
:(remove hostonly check and add label match)
I also have to add a udev rule as
/usr/lib/udev/rules.d/60-persistent-storage-dm.rules
does not add the disk by label for some reason.Here is missing cryto for disk by label:
Here is
/etc/udev/rules.d/99-add-label.rules
, my added udev rule:and finally, here is the crypttab:
This all works, but it's super hack and I would much prefer to be able to just pass a label as a kernel option, as I don't know what the uuid will be at build time.
Thanks
The text was updated successfully, but these errors were encountered: