From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eigenstate.org ([206.124.132.107]) by ewsd; Tue Nov 12 15:57:33 EST 2019 Received: from eigenstate.org (localhost [127.0.0.1]) by eigenstate.org (OpenSMTPD) with ESMTP id 95b9a35b; Tue, 12 Nov 2019 12:57:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=eigenstate.org; h= message-id:to:subject:date:from:in-reply-to:mime-version :content-type:content-transfer-encoding; s=mail; bh=eNdtWFYeDxCP XzBmlRTQ9Qjiruk=; b=McB6n1RNp4K29BTsu8MH4mhJnShVivmz+0uEv6KjkNBN rWGSAp5hnFO12Owir1uBqepATEG8oVGMvYTvAJ3B5Vqm27qoFhR8UgRl8cm/nFlk Rn8tvKh2OMtBk0Nw+A5giRRbZGQbamKtw8v4ZDxe+LR7WDDafti431+zLbSLaG0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=eigenstate.org; h=message-id :to:subject:date:from:in-reply-to:mime-version:content-type :content-transfer-encoding; q=dns; s=mail; b=fkXwW6lstKLUlQHWuCb PkBDLy9S6RCpXmmZeJMr5UfCfmtBEysG1uS8IStPAL/lJzTTWrBHvCn4uTWA3huM PyN9mO0btkXUmSL810Papr7oGeOXXEpSWKRxjSpJPEdaX09ZTUeZF44Q9sZMrIkR HVNQ6WSRuqb3By0gKRs91nmo= Received: from abbatoir.hsd1.ca.comcast.net (c-76-21-119-139.hsd1.ca.comcast.net [76.21.119.139]) by eigenstate.org (OpenSMTPD) with ESMTPSA id 2be86399 (TLSv1.2:ECDHE-RSA-AES256-SHA:256:NO); Tue, 12 Nov 2019 12:57:32 -0800 (PST) Message-ID: To: petter9@bissa.eu, 9front@9front.org Subject: Re: [9front] Booting with encrypted partitions Date: Tue, 12 Nov 2019 12:57:32 -0800 From: ori@eigenstate.org In-Reply-To: 037e9f1f-1fbd-c22d-c808-67fb4b33312e@bissa.eu MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: webscale mobile base app markup > Hi, > > Got a bit tired of dropping to the shell and punching in the disk > decryption command on every boot.  This one: > > disk/cryptsetup -i /dev/sdE0/fsworm /dev/sdE0/fscache /dev/sdE0/other > Also, one typo and the entire command must be retyped :/ If you attach patches inline, it's easier to review, and they'll still be viewable years from now. > So i made a change to the boot process to do that for me. Don't know if > something like this exist but it was anyway educational for me doing > this (noob) and i just thought i would share in case anyone is interested. > > The change to the boot script, > http://okturing.com/src/7221/body > diff -r 8f9f3ee2eacf sys/src/9/boot/bootrc > --- a/sys/src/9/boot/bootrc Mon Nov 11 13:35:47 2019 -0800 > +++ b/sys/src/9/boot/bootrc Tue Nov 12 13:10:09 2019 +0100 > @@ -65,6 +65,11 @@ > mt=() > > fn main{ > + if(! ~ $decryptfs 0) { This line isn't quite right -- you're checking if the content of '$decryptfs' is 0, rather than whether the list has 0 elements. You need the '#' operator: if(! ~ $#decryptfs 0) Other than that, it like it will work to me. I'll let someone else more familiar with the boot process (cinap, probably?) comment if there's a cleaner solution that doesn't add a new knob. Ideally, I think we'd want: nobootprompt=crypt!local!/dev/sdE0/fscache but I don't see a great way to get the args for disk/cryptsetup out of that spec.