local LUKSNAME="$1"
# copy from /etc/rc.d/init.d/cryptsetup
- local dst src key opt mode owner failsafe
+ local dst src key opt mode owner failsafe token libdir cryptdir
while read dst src key opt; do
[ "$dst" != "$LUKSNAME" ] && continue
keyfile=/etc/.$dst.key
inst $key $keyfile
fi
+ for libdir in $(get_libdir /usr/LIBDIR); do
+ if [ -d $libdir/cryptsetup ]; then
+ cryptdir=$libdir/cryptsetup
+ break
+ fi
+ done
+ if ! is_no "$USE_LUKS_TOKEN" && [ -n "$cryptdir" ]; then
+ for token in $(/sbin/cryptsetup luksDump $src | sed -n -e '/^Tokens:/,/^[^[:space:]]/ { /^[[:space:]]*[[:digit:]]*:/ { s/^[[:space:]]*[[:digit:]]*:[[:space:]]*// p } }'); do
+ verbose "Found cryptsetup token: $token"
+ case "$token" in
+ systemd-fido2)
+ inst_d $cryptdir
+ inst_exec $cryptdir/libcryptsetup-token-$token.so $cryptdir
+ inst_exec $libdir/libfido2.so.1 $libdir
+ ;;
+ systemd-tpm2)
+ inst_d $cryptdir
+ inst_exec $cryptdir/libcryptsetup-token-$token.so $cryptdir
+ inst_exec $libdir/libtss2-esys.so.0 $libdir/libtss2-rc.so.0 $libdir/libtss2-mu.so.0 $libdir
+ ;;
+ *)
+ inst_d $cryptdir
+ inst_exec $cryptdir/libcryptsetup-token-$token.so $cryptdir
+ ;;
+ esac
+ done
+ fi
crypttab_opt=""
old_IFS="$IFS"