diff options
| author | bart <bart@bartabox> | 2022-10-25 16:56:06 +0200 |
|---|---|---|
| committer | bart <bart@bartabox> | 2022-10-25 16:56:06 +0200 |
| commit | c5df3bd1430b8b3f66036374ba144763e5903821 (patch) | |
| tree | 45c377abe6e78d8145d905bf1956b718f78e8ecb | |
| download | pkgbuilds-c5df3bd1430b8b3f66036374ba144763e5903821.tar.gz pkgbuilds-c5df3bd1430b8b3f66036374ba144763e5903821.tar.xz pkgbuilds-c5df3bd1430b8b3f66036374ba144763e5903821.zip | |
Initial commit
| -rw-r--r-- | .SRCINFO | 12 | ||||
| -rw-r--r-- | .gitignore | 4 | ||||
| -rw-r--r-- | PKGBUILD | 12 | ||||
| -rw-r--r-- | pkcs11_install | 46 |
4 files changed, 74 insertions, 0 deletions
diff --git a/.SRCINFO b/.SRCINFO new file mode 100644 index 0000000..6b68e03 --- /dev/null +++ b/.SRCINFO @@ -0,0 +1,12 @@ +pkgbase = mkinitcpio-pkcs11 + pkgdesc = Install pkcs11 in early boot (systemd cryptsetyp.target) using pcscd.socket + pkgver = 0.1 + pkgrel = 1 + arch = any + depends = ccid + depends = opensc + depends = pcsclite + source = pkcs11_install + sha256sums = 12ab776de8c225ca7fff411ab1a5a5998936d624aa95777a191f8b38de104d43 + +pkgname = mkinitcpio-pkcs11 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..7446231 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +*.pkg.tar.xz +lighthouse/ +pkg/ +src/ diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 0000000..bb7f55e --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,12 @@ +pkgname=mkinitcpio-pkcs11 +pkgver=0.1 +pkgrel=1 +pkgdesc='Install pkcs11 in early boot (systemd cryptsetyp.target) using pcscd.socket' +depends=('ccid' 'opensc' 'pcsclite') +arch=('any') +source=('pkcs11_install') +sha256sums=('12ab776de8c225ca7fff411ab1a5a5998936d624aa95777a191f8b38de104d43') + +package() { + install -D -m644 "pkcs11_install" "$pkgdir/usr/bin/initcpio/pkcs11" +} diff --git a/pkcs11_install b/pkcs11_install new file mode 100644 index 0000000..d69385a --- /dev/null +++ b/pkcs11_install @@ -0,0 +1,46 @@ +#!/bin/bash + +build() { + + # CCID + add_file /etc/libccid_Info.plist + add_file /etc/reader.conf.d/libccidtwin + add_file /usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Info.plist + add_binary /usr/lib/pcsc/drivers/ifd-ccid.bundle/Contents/Linux/libccid.so + add_binary /usr/lib/pcsc/drivers/serial/libccidtwin.so + + # OPENSC + add_file /etc/opensc.conf + add_binary /usr/lib/libopensc.so.8 + add_binary /usr/lib/libopensc.so.8.0.0 + add_binary /usr/lib/opensc-pkcs11.so + add_binary /usr/lib/pkcs11/opensc-pkcs11.so + + # PCSCLITE + add_binary /usr/lib/libpcsclite.so + add_binary /usr/lib/libpcsclite.so.1 + add_binary /usr/lib/libpcsclite.so.1.0.0 + + + # PCSCD at boot before cryptsetup + add_systemd_unit pcscd.service + add_systemd_unit pcscd.socket + add_symlink /usr/lib/systemd/system/cryptsetup.target.wants/pcscd.socket ../pcscd.socket + + # MISC + add_binary /usr/bin/p11tool + # cat /etc/pkcs11/modules/opensc.module + # module: opensc-pkcs11.so + add_file /etc/pkcs11/modules/opensc.module + +} + +help() { + cat <<HELPEOF +Add and early start (ie before cryptsetup) the pcscd socket service. This +allow cryptsetup "pkcs11-uri=auto" to find yubikey piv based token. Required +package are: ccid opensc and pcsclite. Use with systemd and sd-encrypt hook. +HELPEOF +} + +# vim: set ft=sh ts=4 sw=4 et: |