#!/bin/bash # called by dracut check() { if ! dracut_module_included "systemd" || ! dracut_module_included "crypt"; then derror "pcscd module requires systemd in the initramfs and crypt" return 1 fi require_binaries /usr/sbin/pcscd return 0 } # called by dracut install() { _install_pcscd _install_ccid _install_opensc _install_p11_kit } _install_pcscd() { inst_multiple /usr/sbin/pcscd inst_rules /lib/udev/rules.d/99-pcscd-hotplug.rules inst /lib/udev/pcscd.sh /etc/udev/pcscd.sh inst_multiple \ "$systemdsystemunitdir"/pcscd.service \ "$systemdsystemunitdir"/pcscd.socket # Allow the service and socket start when cryptsetup wants them to mkdir -p "${initdir}/$systemdsystemunitdir/pcscd.service.d" ( echo "[Unit]" echo "DefaultDependencies=no" echo "[Install]" echo "WantedBy=cryptsetup-pre.target" ) > "${initdir}/$systemdsystemunitdir/pcscd.service.d/dracut.conf" mkdir -p "${initdir}/$systemdsystemunitdir/pcscd.socket.d" ( echo "[Unit]" echo "DefaultDependencies=no" echo "[Install]" echo "WantedBy=cryptsetup-pre.target" ) > "${initdir}/$systemdsystemunitdir/pcscd.socket.d/dracut.conf" systemctl -q --root "$initdir" enable pcscd.socket inst_libdir_file libpcsclite.so } _install_ccid() { inst_multiple \ /usr/lib64/readers/usb/ifd-ccid.bundle/Contents/Linux/libccid.so \ /usr/lib64/readers/usb/ifd-ccid.bundle/Contents/Info.plist inst_rules /lib/udev/rules.d/92-pcsc-ccid.rules } _install_p11_kit() { inst_libdir_file p11-kit-proxy inst_multiple /usr/share/p11-kit/modules/p11-kit-trust.module \ /etc/pkcs11/pkcs11.conf.example } _install_opensc() { inst_libdir_file \ opensc-pkcs11.so \ onepin-opensc-pkcs11.so \ libopensc.so inst_multiple \ /usr/lib64/pkcs11/* inst_multiple \ /etc/opensc.conf \ /etc/pkcs11/modules/opensc.module } _debug() { # systemd-cryptenroll may be used to debug the unlocking. It relies on the same mechanism as systemd-cryptsetup # To view which tokens the systemd can use, run: # systemd-cryptenroll --pkcs11-token=list # To view which tokens pcsc can generally see - run # opensc-tool -l inst_multiple -o systemd-cryptenroll inst_multiple -o opensc-tool }