Support only fips=1 not fips

It looks like only the 'fips=1' is really supported and it is working
correctly. So instead of failing on 'fips' not clear way give user
information why we are failing.

diff --git a/modules.d/01fips/fips-boot.sh b/modules.d/01fips/fips-boot.sh
index 5d0bd0cb0750100cb0a9509646e13a0edccf41cb..1676a6e307232eec7ba0d5ed30603b09dc406a24 100755 (executable)
--- a/modules.d/01fips/fips-boot.sh
+++ b/modules.d/01fips/fips-boot.sh
@@ -2,6 +2,8 @@
 
 if ! fipsmode=$(getarg fips) || [ "$fipsmode" = "0" ]; then
     rm -f -- /etc/modprobe.d/fips.conf >/dev/null 2>&1
+elif [ -z "$fipsmode" ]; then
+    die "FIPS mode have to be enabled by 'fips=1' not just 'fips'"
 elif getarg boot= >/dev/null; then
     . /sbin/fips.sh
     if mount_boot; then

diff --git a/modules.d/01fips/fips-noboot.sh b/modules.d/01fips/fips-noboot.sh
index 868e641b330d7c081f89fea981f6c80700df1ba6..8d6037e5ca496fe156e9cb69a15b3f1ed5fc2071 100755 (executable)
--- a/modules.d/01fips/fips-noboot.sh
+++ b/modules.d/01fips/fips-noboot.sh
@@ -2,6 +2,8 @@
 
 if ! fipsmode=$(getarg fips) || [ "$fipsmode" = "0" ]; then
     rm -f -- /etc/modprobe.d/fips.conf >/dev/null 2>&1
+elif [ -z "$fipsmode" ]; then
+    die "FIPS mode have to be enabled by 'fips=1' not just 'fips'"
 elif ! [ -f /tmp/fipsdone ]; then
     . /sbin/fips.sh
     mount_boot