fix(crypt-gpg): execute --card-status on each try

If the gpg card is not inserted before the --card-status command is
executed then the public key is not linked with the card. Therefore,
the LUKS partition cannot be decrypted. To solve this, the
--card--status command is executed on each try.

diff --git a/modules.d/91crypt-gpg/crypt-gpg-lib.sh b/modules.d/91crypt-gpg/crypt-gpg-lib.sh
index 0613803a6af895f44369fb31c87b5962e10bffbe..88ce16e27c4f4f44a52a130cf4a4be06a0da9484 100755 (executable)
--- a/modules.d/91crypt-gpg/crypt-gpg-lib.sh
+++ b/modules.d/91crypt-gpg/crypt-gpg-lib.sh
@@ -51,7 +51,7 @@ gpg_decrypt() {
     fi
 
     ask_for_password \
-        --cmd "gpg $opts --decrypt $mntp/$keypath" \
+        --cmd "GNUPGHOME=$gpghome gpg --card-status --no-tty > /dev/null 2>&1; gpg $opts --decrypt $mntp/$keypath" \
         --prompt "${inputPrompt:-Password ($keypath on $keydev for $device)}" \
         --tries 3 --tty-echo-off