cryptroot-ask: unify /etc/crypttab and rd.luks.key

dracut feeds whatever it receives in password field of
crypttab(5) to `cryptsetup -d`, treating them as plain-text key file.

Meanwhile, dracut treats the key file from `rd.luks.key` differently,
by have some special rules to decrypt those key files that has extension of
`gpg` and `img`.

Let's begin to treat them the same.

This is a backward-incompatible change for those people
that uses plain-text key-file that has extension of `gpg` and `img`.
However, those setup is questionable to begin with.

diff --git a/modules.d/90crypt/cryptroot-ask.sh b/modules.d/90crypt/cryptroot-ask.sh
index 19d2bcb460c3bdfd66becb38d6f52a4c4c1ba0ec..1ea77ccc00aacfc06361c273475aec7a092df660 100755 (executable)
--- a/modules.d/90crypt/cryptroot-ask.sh
+++ b/modules.d/90crypt/cryptroot-ask.sh
@@ -137,7 +137,8 @@ unset allowdiscards
 ask_passphrase=1
 
 if [ -n "$luksfile" -a "$luksfile" != "none" -a -e "$luksfile" ]; then
-    if cryptsetup --key-file "$luksfile" $cryptsetupopts luksOpen "$device" "$luksname"; then
+    if readkey "$luksfile" / "$device" \
+        | cryptsetup -d - $cryptsetupopts luksOpen "$device" "$luksname"; then
         ask_passphrase=0
     fi
 elif [ "$is_keysource" -ne 0 ]; then