3 # This script only gets executed on systemd systems, see mount-zfs.sh for non-systemd systems
5 # import the libs now that we know the pool imported
6 [ -f /lib
/dracut-lib.sh
] && dracutlib
=/lib
/dracut-lib.sh
7 [ -f /usr
/lib
/dracut
/modules.d
/99base
/dracut-lib.sh
] && dracutlib
=/usr
/lib
/dracut
/modules.d
/99base
/dracut-lib.sh
10 # load the kernel command line vars
11 [ -z "$root" ] && root
=$
(getarg root
=)
12 # If root is not ZFS= or zfs: or rootfstype is not zfs then we are not supposed to handle it.
13 [ "${root##zfs:}" = "${root}" -a "${root##ZFS=}" = "${root}" -a "$rootfstype" != "zfs" ] && exit 0
15 # There is a race between the zpool import and the pre-mount hooks, so we wait for a pool to be imported
17 zpool list
-H |
grep -q -v '^$' && break
18 [[ $
(systemctl is-failed zfs-import-cache.service
) == 'failed' ]] && exit 1
19 [[ $
(systemctl is-failed zfs-import-scan.service
) == 'failed' ]] && exit 1
23 # run this after import as zfs-import-cache/scan service is confirmed good
24 if [[ "${root}" = "zfs:AUTO" ]] ; then
25 root
=$
(zpool list
-H -o bootfs |
awk '$1 != "-" {print; exit}')
31 # if pool encryption is active and the zfs command understands '-o encryption'
32 if [[ $
(zpool list
-H -o feature@encryption $
(echo "${root}" |
awk -F\
/ '{print $1}')) == 'active' ]]; then
33 # check if root dataset has encryption enabled
34 if $
(zfs list
-H -o encryption
"${root}" |
grep -q -v off
); then
35 # figure out where the root dataset has its key, the keylocation should not be none
37 if [[ $
(zfs list
-H -o keylocation
"${root}") == 'none' ]]; then
38 root
=$
(echo -n "${root}" |
awk 'BEGIN{FS=OFS="/"}{NF--; print}')
39 [[ "${root}" == '' ]] && exit 1
46 while [ $TRY_COUNT != 0 ]; do
47 zfs load-key
"$root" <<< $
(systemd-ask-password
"Encrypted ZFS password for ${root}: ")
48 [[ $?
== 0 ]] && break