search

gebi / keyctl_keyscript

Password caching script for multiple luks volumes
58 stars 6 forks source link

Support for osk-sdl #5

Open root2185 opened 2 years ago

root2185 commented 2 years ago

Can you make the script work also when using osk-sdl to unlock LUKS? This is the script that I set in crypttab from the Mobian package:

#!/bin/sh

if [ -z "${CRYPTTAB_SOURCE}" ] || [ -z "${CRYPTTAB_NAME}" ]; then
    echo "This is a crypttab keyscript script, don't run directly." 1>&2
    exit 1
fi

export SDL_VIDEODRIVER=kmsdrm

plymouth hide-splash 2>/dev/null

exec /usr/bin/osk-sdl -k -d "${CRYPTTAB_SOURCE}" -n "${CRYPTTAB_NAME}" -c /etc/osk.conf

plymouth show-splash 2>/dev/null

Is possible to integrate it into the keyctl_keyscript one?

gebi commented 2 years ago

it seems possible to integrate it, but i'm not sure it's worth to include it directly.

to be honest i'm very sorry but i've currently no time to do the integration, but i'm always open to PRs.

you could add it as an additional backup method to ask for a pw. eg. see https://github.com/gebi/keyctl_keyscript/blob/master/decrypt_keyctl#L44

To make it possible to integrate your PR:

as the upstream project osk-sdl does not provide documentation in the repo on how to call it to get the values into the shell environment i can not help you with that, but i'm not sure how your example from above should work.

it would need a method like askpass is used, where the password is just returned, or directly written into the user keyslot would also work.

root2185 commented 2 years ago

it seems possible to integrate it, but i'm not sure it's worth to include it directly.

A new passphrase caching script for osk-sdl, can you do it if better documentation is provided?

as the upstream project osk-sdl does not provide documentation in the repo on how to call it to get the values into the shell environment i can not help you with that

Do you mean the passphrase? The man page has some info:

-k, --keyscript Enable keyscript mode. Password will be output to STDOUT for use with another program such as cryptsetup-initramfs.

root2185 commented 2 years ago

@gebi