diff options
| author | Harald Hoyer <harald@redhat.com> | 2011-04-06 11:32:24 +0200 |
|---|---|---|
| committer | Harald Hoyer <harald@redhat.com> | 2011-04-08 10:27:32 +0200 |
| commit | 02c1bd6bb63dc548cf4fae9e0999a92798284072 (patch) | |
| tree | 42c3b92fdde8f8090d6b310b92dbb78907b4489c /modules.d/01fips | |
| parent | 1cd1da13dabb7e20bf8a24801bf985ce165a141e (diff) | |
| download | dracut-02c1bd6bb63dc548cf4fae9e0999a92798284072.tar.gz dracut-02c1bd6bb63dc548cf4fae9e0999a92798284072.tar.bz2 dracut-02c1bd6bb63dc548cf4fae9e0999a92798284072.zip | |
fips: add "rd.fips.skipkernel" boot option
Diffstat (limited to 'modules.d/01fips')
| -rwxr-xr-x | modules.d/01fips/fips.sh | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh index 857c3559..f9bdfdf8 100755 --- a/modules.d/01fips/fips.sh +++ b/modules.d/01fips/fips.sh @@ -1,9 +1,9 @@ #!/bin/sh # -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- # ex: ts=8 sw=4 sts=4 et filetype=sh -do_fips() + +do_fipskernel() { - FIPSMODULES=$(cat /etc/fipsmodules) boot=$(getarg boot=) KERNEL=$(uname -r) case "$boot" in @@ -48,7 +48,15 @@ do_fips() info "Umounting /boot" umount /boot +} +do_fips() +{ + FIPSMODULES=$(cat /etc/fipsmodules) + + if ! getarg rd.fips.skipkernel >/dev/null; then + do_fipskernel + fi info "Loading and integrity checking all crypto modules" for module in $FIPSMODULES; do if [ "$module" != "tcrypt" ]; then |