Remove dracut plugin that is obsolete and will not work with current reencrypt code.

misc/dracut_90reencrypt/README

@@ -1,40 +0,0 @@
-Example of simple dracut module for reencryption of system
-LUKS drive on-the-fly.
-
-Install in /usr/[share|lib]/dracut/modules.d/90reencrypt, then
-build special initramfs "with dracut -a reencrypt -o crypt".
-Reencrypt module doesn't work (has a conflict) with crypt module as
-of now. After successful reencryption reboot using original initramfs.
-
-Dracut then recognize argument rd.luks.reencrypt=name:size,
-e.g. rd.luks.reencrypt=sda2:52G means only 52G of device
-will be reencrypted (default is whole device).
-(Name is kernel name of device.)
-
-If there's more than single active keyslot in the target luks device
-you're required to select one keyslot explicitly for reencryption via
-rd.luks.reencrypt_keyslot=<keyslot_number> option. Bear in mind that
-if you use this option, all other keyslots will get deactivated in the
-process.
-
-Another argument, rd.luks.reencrypt_key=/dev/sda:/path/to/keyfile
-can be used to read password for specific keyslot from device containing
-filesystem with a keyfile (file with a password). If you omit reencrypt_key
-argument, reencryption would work only in case a LUKS container has
-exactly one keyslot activated.
-
-Arguments rd.luks.reencrypt_keyslot and rd.luks.reencrypt_key are not
-mandatory.
-
-Note that reencryption context is stored in ramdisk, any
-fail can mean complete lost of data!
-
-Copyright (C) 2012 Milan Broz <gmazyland@gmail.com>
-
-This copyrighted material is made available to anyone wishing to use,
-modify, copy, or redistribute it subject to the terms and conditions
-of the GNU General Public License v.2.
-
-You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software Foundation,
-Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

misc/dracut_90reencrypt/check.old

@@ -1,5 +0,0 @@
-#!/bin/bash
-
-which cryptsetup-reencrypt >/dev/null 2>&1 || exit 1
-
-exit 0

misc/dracut_90reencrypt/install.old

@@ -1,6 +0,0 @@
-#!/bin/bash
-
-inst cryptsetup-reencrypt
-
-inst_hook cmdline 30 "$moddir/parse-reencrypt.sh"
-inst "$moddir"/reencrypt.sh /sbin/reencrypt

misc/dracut_90reencrypt/module-setup.sh

@@ -1,32 +0,0 @@
-#!/bin/bash
-
-check() {
-    [ -x /sbin/cryptsetup-reencrypt ] || return 1
-    return 255
-}
-
-depends() {
-    echo dm rootfs-block
-}
-
-installkernel() {
-    # requires hostonly='' override so that loop module is pulled in initramfs
-    # even if not loaded in actual kernel. dracut bug?
-    hostonly='' instmods dm_crypt =crypto loop
-}
-
-install() {
-    if dracut_module_included crypt; then
-        derror "'reencrypt' can't be installed together with 'crypt'."
-        derror "Add '-o crypt' option to install reencrypt module."
-        return 1
-    fi
-
-    dracut_install cryptsetup-reencrypt
-
-    # moddir variable is assigned in dracut general shell lib
-    # shellcheck disable=SC2154
-    inst_hook cmdline 30 "$moddir/parse-reencrypt.sh"
-    inst_simple "$moddir"/reencrypt.sh /sbin/reencrypt
-    inst_simple "$moddir"/reencrypt-verbose.sh /sbin/cryptsetup-reencrypt-verbose
-}

misc/dracut_90reencrypt/parse-reencrypt.sh

@@ -1,38 +0,0 @@
-#!/bin/sh
-
-REENC=$(getargs rd.luks.reencrypt=)
-# shellcheck disable=SC2086
-REENC_DEV=$(echo $REENC | sed 's/:.*//')
-# shellcheck disable=SC2086
-REENC_SIZE=$(echo $REENC | sed -n 's/.*://p')
-
-REENC_KEY=$(getargs rd.luks.reencrypt_key=)
-if [ -z "$REENC_KEY" ] ; then
-    REENC_KEY=none
-fi
-
-REENC_SLOT=$(getargs rd.luks.reencrypt_keyslot=)
-if [ -z "$REENC_SLOT" ] ; then
-    REENC_SLOT=any
-fi
-
-# shellcheck disable=SC2086
-# shellcheck disable=SC1004
-# shellcheck disable=SC2016
-if [ -n "$REENC_DEV" ] ; then
-{
-   printf 'SUBSYSTEM!="block", GOTO="reenc_end"\n'
-   printf 'ACTION!="add|change", GOTO="reenc_end"\n'
-   printf 'KERNEL=="%s", ' $REENC_DEV
-   printf 'ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="/sbin/initqueue \
-           --unique --onetime --settled --name crypt-reencrypt-%%k \
-           /sbin/reencrypt $env{DEVNAME} %s"\n' "$REENC_KEY $REENC_SLOT $REENC_SIZE"
-
-   printf 'ENV{ID_FS_UUID}=="*%s*", ' $REENC_DEV
-   printf 'ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="/sbin/initqueue \
-           --unique --onetime --settled --name crypt-reencrypt-%%k \
-           /sbin/reencrypt $env{DEVNAME} %s"\n' "$REENC_KEY $REENC_SLOT $REENC_SIZE"
-   printf 'LABEL="reenc_end"\n'
-} > /etc/udev/rules.d/69-reencryption.rules
-   initqueue --unique --finished --name crypt-reencrypt-finished-${REENC_DEV} [ -e /tmp/reencrypted ]
-fi

misc/dracut_90reencrypt/reencrypt-verbose.sh

@@ -1,6 +0,0 @@
-#!/bin/sh
-
-# Route stdout to stderr in initrd. Otherwise output is invisible
-# unless we run in debug mode.
-# shellcheck disable=SC2068
-/sbin/cryptsetup-reencrypt $@ 1>&2

misc/dracut_90reencrypt/reencrypt.sh

@@ -1,84 +0,0 @@
-#!/bin/sh
-#
-# $1=$device [$2=keyfile|none [$3=keyslot|any [$4=size]]]
-#
-
-[ -d /sys/module/dm_crypt ] || modprobe dm_crypt
-
-[ -d /sys/module/loop ] || modprobe loop
-
-[ -f /tmp/reencrypted ] && exit 0
-
-. /lib/dracut-lib.sh
-
-# if device name is /dev/dm-X, convert to /dev/mapper/name
-if [ "${1##/dev/dm-}" != "$1" ]; then
-    device="/dev/mapper/$(dmsetup info -c --noheadings -o name "$1")"
-else
-    device="$1"
-fi
-
-PARAMS="$device -T 1 --use-fsync --progress-frequency 5 -B 32"
-if [ "$3" != "any" ]; then
-    PARAMS="$PARAMS -S $3"
-fi
-
-if [ -n "$4" ]; then
-    PARAMS="$PARAMS --device-size $4"
-fi
-
-reenc_readkey() {
-    keypath="${1#*:}"
-    keydev="${1%%:*}"
-
-    mntp="/tmp/reencrypted-mount-tmp"
-    mkdir "$mntp"
-    mount -r "$keydev" "$mntp" && cat "$mntp/$keypath"
-    umount "$mntp"
-    rm -r "$mntp"
-}
-
-# shellcheck disable=SC2086
-# shellcheck disable=SC2164
-reenc_run() {
-    cwd=$(pwd)
-    _prompt="LUKS password for REENCRYPTING $device"
-    cd /tmp
-    udevadm settle
-    if [ "$1" = "none" ] ; then
-	if [ "$2" != "any" ]; then
-		_prompt="$_prompt, using keyslot $2"
-	fi
-        /bin/plymouth ask-for-password \
-        --prompt "$_prompt" \
-        --command="/sbin/cryptsetup-reencrypt-verbose $PARAMS"
-    else
-        info "REENCRYPT using key $1"
-        reenc_readkey "$1" | /sbin/cryptsetup-reencrypt-verbose -d - $PARAMS
-    fi
-    _ret=$?
-    cd $cwd
-}
-
-info "REENCRYPT $device requested"
-# flock against other interactive activities
-# shellcheck disable=SC2086
-{ flock -s 9;
-    reenc_run $2 $3
-} 9>/.console_lock
-
-if [ $_ret -eq 0 ]; then
-    # do not ask again
-    # shellcheck disable=SC2188
-    >> /tmp/reencrypted
-    warn "Reencryption of device $device has finished successfully. Use previous"
-    warn "initramfs image (without reencrypt module) to boot the system. When"
-    warn "you leave the emergency shell, the system will reboot."
-
-    emergency_shell -n "(reboot)"
-    [ -x /usr/bin/systemctl ] && /usr/bin/systemctl reboot
-    [ -x /sbin/shutdown ] && /sbin/shutdown -r now
-fi
-
-# panic the kernel otherwise
-exit 1