agherzan / yubikey-full-disk-encryption

Use YubiKey to unlock a LUKS partition
Apache License 2.0
821 stars 51 forks source link

Fix asking for passphrase twice if splash isn't enabled. #62

Closed aeryxium closed 4 years ago

aeryxium commented 4 years ago

I'm using systemd-boot and the latest Arch and have 2 bootloader entries. One launches a graphical session by using the systemd.unit=graphical.target kernel parameter and includes kernel parameters for quieter booting with splash and plymouth. The other launches a consol session by using the systemd.unit=multi-user.target and omits the splash parameter.

When using the entry for console booting, plymouth graphical display doesn't load but messages are still passed from ykfde to plymouth, as a result I'm prompted for my passphrase twice: first by ykfde then by plymouth. Unlike the filed issue with getting 2 prompts when using GRUB followed by an error that the container is already decrypted, I only enter my passphrase once and everything works. I believe there should still be only one prompt though. Outdated information for older versions of plymouth implied a kernel parameter plymouth.enable=0 to disable it, which I was hoping would've stopped plymouthd and caused ykfde to not prompt through the plymouth text mode when the ping fails, but it seems to no longer work and I find no reference to it in the plymouth source.

This PR solution is just changing the check for plymouth to include ensuring the splash kernel parameter has been passed. It's been tested with systemd-boot on Arch and it works fine for me: suppressing the plymouth text prompt when the splash kernel parameter isn't passed, and enabling it when it has.

Vincent43 commented 4 years ago

Outdated information for older versions of plymouth implied a kernel parameter plymouth.enable=0 to disable it, which I was hoping would've stopped plymouthd and caused ykfde to not prompt through the plymouth text mode when the ping fails, but it seems to no longer work and I find no reference to it in the plymouth source.

It seems plymouth still relies on plymouth.enable=0 itself and I didn't found any related changes there. Maybe it needs systemd in initramfs though, are you sure it worked in the past?

aeryxium commented 4 years ago

I am using a busybox init, so perhaps.

I have no idea if the plymouth.enable=0 ever worked to disable it, I've only been using it for a few days and it has no effect for me. I just found references online for it. I checked my hooks for it and saw no mention of it, so I figured it was unused. As you say, perhaps it needs a systemd-based initramfs.

aeryxium commented 4 years ago

Shellcheck warns about double-quoting to protect against spaces but it's a boolean parameter. That seems unnecessary but I can add them if you prefer.

Vincent43 commented 4 years ago

@aeryxium please add quotes, thx