Read /usr/lib/tzpfms/$backend from /libexec/tzpfms-zfs-load-key@ to support fzifdso-style plugins

2025-04-07 09:20:00 +03:00 · 2024-02-27 13:50:00 +01:00 · 2024-02-27 13:50:00 +01:00 · ba81298aaa
commit ba81298aaa
parent 69a1bcc2ce
4 changed files with 9 additions and 7 deletions
--- a/6
+++ b/6
@ -88,7 +88,7 @@ htmlpages : $(patsubst man/%.pp,$(OUTDIR)man/%.html,$(MANPAGE_SOURCES)) $(OUTDIR
 locales : $(patsubst po/%.po,$(OUTDIR)locale/%/LC_MESSAGES/tzpfms.mo,$(LOCALES))
 i-t : $(OUTDIR)initramfs-tools/usr/share/initramfs-tools/hooks/tzpfms $(OUTDIR)initramfs-tools/usr/share/tzpfms/initramfs-tools-zfs-patch.sh
 dracut : $(patsubst initrd/dracut/%,$(OUTDIR)dracut/usr/lib/dracut/modules.d/91tzpfms/%,$(sort $(wildcard initrd/dracut/*.sh)))
-init.d-systemd : $(OUTDIR)systemd/$(SYSTEMD_SYSTEM_UNITDIR)/zfs-load-key@.service.d/tzpfms.conf $(OUTDIR)systemd/usr/libexec/tzpfms-zfs-load-key@
+init.d-systemd : $(OUTDIR)systemd/$(SYSTEMD_SYSTEM_UNITDIR)/zfs-load-key@.service.d/tzpfms.conf $(OUTDIR)systemd/usr/libexec/tzpfms-zfs-load-key@ $(foreach l,$(subst init.d/systemd/usr-lib-tzpfms/,,$(wildcard init.d/systemd/usr-lib-tzpfms/*)),$(OUTDIR)systemd/usr/lib/tzpfms/$(l))


 $(BLDDIR)tzpfms.pot: src/*.[ch]pp src/bin/*.[ch]pp
@ -120,6 +120,10 @@ $(OUTDIR)systemd/usr/libexec/tzpfms-zfs-load-key@ : init.d/systemd/libexec-tzpfm
 	@mkdir -p $(dir $@)
 	ln -f $< $@ || cp $< $@

+$(OUTDIR)systemd/usr/lib/tzpfms/% : init.d/systemd/usr-lib-tzpfms/%
+	@mkdir -p $(dir $@)
+	ln -f $< $@ || cp $< $@
+
 # The d-v-o-s string starts at "BSD" (hence the "BSD General Commands Manual" default); we're not BSD, so hide it
 # Can't put it at the very top, since man(1) only loads mdoc *after* the first mdoc macro (.Dd in our case)
 $(OUTDIR)man/% : man/%.pp $(MANPAGE_HEADERS)
--- a/init.d/systemd/libexec-tzpfms-zfs-load-key@.sh
+++ b/init.d/systemd/libexec-tzpfms-zfs-load-key@.sh
@ -12,12 +12,8 @@ zfs-tpm-list -H "$DSET" | while read -r _ backend keystatus coherent; do
 		exit 1
 	}

-	case "$backend" in
-		TPM1.X) unlock='zfs-tpm1x-load-key'; deps='trousers.service' ;;
-		TPM2)   unlock='zfs-tpm2-load-key';  deps=                   ;;
-		*)      unlock=;                     deps=                   ;;
-	esac
-
+	unlock=; deps=
+	read -r unlock deps 2>/dev/null < "/usr/lib/tzpfms/$backend"
 	command -v "$unlock" >/dev/null || {
 		printf "%s\n" "${0##*/}[$$]: $DSET: unknown tzpfms back-end $backend." >&2
 		exit # fall through, maybe there's another handler
--- a/init.d/systemd/usr-lib-tzpfms/TPM1.X
+++ b/init.d/systemd/usr-lib-tzpfms/TPM1.X
@ -0,0 +1 @@
+zfs-tpm1x-load-key trousers.service
--- a/init.d/systemd/usr-lib-tzpfms/TPM2
+++ b/init.d/systemd/usr-lib-tzpfms/TPM2
@ -0,0 +1 @@
+zfs-tpm2-load-key