From: Jiri Konecny <jkonecny@redhat.com>
Date: Thu, 4 Apr 2019 13:31:18 +0000 (+0200)
Subject: Support only fips=1 not fips
X-Git-Tag: 050~112
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=0d609ae2740967586f37734089f733819a6c7a58;p=thirdparty%2Fdracut.git

Support only fips=1 not fips

It looks like only the 'fips=1' is really supported and it is working
correctly. So instead of failing on 'fips' not clear way give user
information why we are failing.
---

diff --git a/modules.d/01fips/fips-boot.sh b/modules.d/01fips/fips-boot.sh
index 5d0bd0cb0..1676a6e30 100755
--- a/modules.d/01fips/fips-boot.sh
+++ b/modules.d/01fips/fips-boot.sh
@@ -2,6 +2,8 @@
 
 if ! fipsmode=$(getarg fips) || [ "$fipsmode" = "0" ]; then
     rm -f -- /etc/modprobe.d/fips.conf >/dev/null 2>&1
+elif [ -z "$fipsmode" ]; then
+    die "FIPS mode have to be enabled by 'fips=1' not just 'fips'"
 elif getarg boot= >/dev/null; then
     . /sbin/fips.sh
     if mount_boot; then
diff --git a/modules.d/01fips/fips-noboot.sh b/modules.d/01fips/fips-noboot.sh
index 868e641b3..8d6037e5c 100755
--- a/modules.d/01fips/fips-noboot.sh
+++ b/modules.d/01fips/fips-noboot.sh
@@ -2,6 +2,8 @@
 
 if ! fipsmode=$(getarg fips) || [ "$fipsmode" = "0" ]; then
     rm -f -- /etc/modprobe.d/fips.conf >/dev/null 2>&1
+elif [ -z "$fipsmode" ]; then
+    die "FIPS mode have to be enabled by 'fips=1' not just 'fips'"
 elif ! [ -f /tmp/fipsdone ]; then
     . /sbin/fips.sh
     mount_boot