Package: dropbear-initramfs Version: 2020.81-3 Severity: normal X-Debbugs-Cc: deb...@rocketjump.eu
Hi, steps to reproduce: 1) install dropbear-initramfs 2) edit /etc/dropbear-initramfs/config 3) Set DROPBEAR_OPTIONS=-s -j -k -I 180 -c /usr/bin/cryptroot-unlock 4) update-initramfs -k all -u On reboot dropbear will be started from initramfs, ignoring all those settings: # ps auxw [...] 300 root /sbin/dropbear -Fs [...] It seems that in step 3) the quotes are needed around the values, like this: DROPBEAR_OPTIONS="-s -j -k -I 180 -c /usr/bin/cryptroot-unlock" A low-effort fix would be to change the shipped config to # DROPBEAR_OPTIONS="" to indicate that they're required. Ideally the initramfs hook should either fail when unquoted, or accept the full parameter list without quotes. Your call. Leaving the severity to normal as it still allows booting with manual intervention, but breaks scripts unlocking such systems and takes some time to debug (servers tend to reboot really slowly). Thanks in advance! Greetings, Lee -- System Information: Debian Release: 11.2 APT prefers stable-updates APT policy: (990, 'stable-updates'), (990, 'stable-security'), (990, 'stable'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 5.15.11 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_USER, TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages dropbear-initramfs depends on: ii busybox 1:1.30.1-6+b3 pn dropbear-bin <none> ii initramfs-tools 0.140 ii udev 247.3-6 Versions of packages dropbear-initramfs recommends: ii cryptsetup-initramfs 2:2.3.5-1 dropbear-initramfs suggests no packages.
