From 5710be8871546f51481f3919f344df6ee099ef65 Mon Sep 17 00:00:00 2001 From: minoplhy Date: Mon, 4 Nov 2024 00:39:03 +0700 Subject: [PATCH] alpine-initramfs-dropbear: fix struck nlplug-findfs, dropbear process alive after boot stage --- alpine-initramfs-dropbear/README.md | 2 +- .../dropbear/unlock_disk | 4 +- alpine-initramfs-dropbear/initramfs-dropbear | 38 +++++-------------- 3 files changed, 12 insertions(+), 32 deletions(-) diff --git a/alpine-initramfs-dropbear/README.md b/alpine-initramfs-dropbear/README.md index 42ddcd2..f9a81e3 100644 --- a/alpine-initramfs-dropbear/README.md +++ b/alpine-initramfs-dropbear/README.md @@ -13,7 +13,7 @@ significant changes: * Add dropbear -* Add dropbear session timer, if timeout/cancel normal decryption prompt would appear. +* After unlocked, kill all remainings dropbear and nlplug-findfs process, so no struck process reached the system. Please install `dropbear` before continuing diff --git a/alpine-initramfs-dropbear/dropbear/unlock_disk b/alpine-initramfs-dropbear/dropbear/unlock_disk index bf2db55..aeba199 100644 --- a/alpine-initramfs-dropbear/dropbear/unlock_disk +++ b/alpine-initramfs-dropbear/dropbear/unlock_disk @@ -24,6 +24,6 @@ while [ ! -b /dev/mapper/${KOPT_cryptdm} ]; do sleep 2 done -# make a new file to kill the timer -echo "" > /tmp/timer_kill +# Kill all struck nlplug-findfs jobs and dropbear +killall -9 nlplug-findfs killall -9 dropbear \ No newline at end of file diff --git a/alpine-initramfs-dropbear/initramfs-dropbear b/alpine-initramfs-dropbear/initramfs-dropbear index cd0448c..a3d8751 100644 --- a/alpine-initramfs-dropbear/initramfs-dropbear +++ b/alpine-initramfs-dropbear/initramfs-dropbear @@ -336,33 +336,6 @@ setup_dropbear() { cp /etc/dropbear/authorized_keys /root/.ssh/authorized_keys dropbear -R -E -s -j -k -p $port - - # [ -b /dev/mapper/${KOPT_cryptdm} ] - #|| return 1 -} - -# A simple timer that do nothing but prevent any process to run -setup_dropbear_timer() { - timer=200 - while [ $timer -gt 0 ]; do - printf "\r%d Press 'c' to cancel or 'p' to add 30 seconds " "$timer" - - if read -t 1 -r timer_control; then - case $timer_control in - "c") return 0 ;; - "p") timer=$((timer + 30)) ;; - esac - fi - - # Check for /tmp/timer_kill to terminate this counter - if [ -f /tmp/timer_kill ]; then - return 0 - fi - - sleep 1 - timer=$((timer - 1)) - done - printf "\n" } setup_wireguard() { @@ -624,8 +597,6 @@ if [ -n "$KOPT_dropbear" ]; then if [ -n "$KOPT_cryptroot" ]; then configure_ip setup_dropbear - setup_dropbear_timer - #|| echo "Failed to setup dropbear" fi fi @@ -695,6 +666,10 @@ if [ -n "$KOPT_root" ]; then ${KOPT_uevent_buf_size:+-U $KOPT_uevent_buf_size} \ $KOPT_root + # Kill all struck nlplug-findfs jobs and dropbear + killall -9 nlplug-findfs + killall -9 dropbear + if [ "$SINGLEMODE" = "yes" ]; then echo "Entering single mode. Type 'exit' to continue booting." sh @@ -765,6 +740,7 @@ if [ -n "$KOPT_root" ]; then $MOCK mount -o move $DIR $sysroot/$DIR fi done + $MOCK sync exec switch_root $switch_root_opts $sysroot $chart_init "$KOPT_init" $KOPT_init_args echo "initramfs emergency recovery shell launched" @@ -783,6 +759,10 @@ $MOCK nlplug-findfs $cryptopts -p /sbin/mdev ${KOPT_debug_init:+-d} \ ${KOPT_usbdelay:+-t $(( $KOPT_usbdelay * 1000 ))} \ ${KOPT_uevent_buf_size:+-U $KOPT_uevent_buf_size} \ $repoopts -a "$ROOT"/tmp/apkovls + + # Kill all struck nlplug-findfs jobs and dropbear + killall -9 nlplug-findfs + killall -9 dropbear eend $? # Setup network interfaces