444269 – include keyfile of root partition in initramfs if offline updates are pending

Bug 444269 - include keyfile of root partition in initramfs if offline updates are pending

Summary: include keyfile of root partition in initramfs if offline updates are pending

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	Discover
Classification:	Applications
Component:	Updates (offline) (show other bugs)
Version:	unspecified
Platform:	Other Linux

Importance:	NOR wishlist
Target Milestone:	---
Assignee:	Dan Leinir Turthra Jensen

URL:
Keywords:

Depends on:
Blocks:

Reported:	2021-10-23 12:16 UTC by Tobias G.
Modified:	2023-11-10 03:45 UTC (History)
CC List:	3 users (show)

See Also:	436928
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Tobias G. 2021-10-23 12:16:53 UTC

SUMMARY
I'm using KDE Plasma on an encrypted root partition. When I activate offline updates, I have to enter the passphrase to install them and then to start my system normally.
Instead, a systemd service could store the keyfile of the root partition temporarily in the initramfs, install the update and remove the keyfile again after installing the updates. This way, I don't have to enter my password just to install the required updates.
This should be an optional feature though as it might be a security concern for some users.

Comment 1 Tobias G. 2021-10-23 12:22:37 UTC

with this should come that new options to the power actions of kickoff are added, respectively "update and shutdown" and "update and reboot". The keyfile should only be included if the user chooses one of those options. "update and shutdown" should then reboot the pc, install the updates and then poweroff, before the poweroff though the keyfile is removed again, so that the password has to be entered again at next boot.
This should be equivalent to "update and reboot".

If only shutdown or reboot are hit, the system should actually only be rebooted or shutdown without installing updates and without adding the keyfile to initramfs

Comment 2 postix 2023-10-11 10:34:17 UTC

> When I activate offline updates, I have to enter the passphrase to install them and then to start my system normally.
Would instead bug #436928 be sufficient for your needs?

> If only shutdown or reboot are hit, the system should actually only be rebooted or shutdown without installing updates 
This sounds like bug #435845.

Comment 3 Bug Janitor Service 2023-10-26 03:45:40 UTC

Dear Bug Submitter,

This bug has been in NEEDSINFO status with no change for at least
15 days. Please provide the requested information as soon as
possible and set the bug status as REPORTED. Due to regular bug
tracker maintenance, if the bug is still in NEEDSINFO status with
no change in 30 days the bug will be closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

If you have already provided the requested information, please
mark the bug as REPORTED so that the KDE team knows that the bug is
ready to be confirmed.

Thank you for helping us make KDE software even better for everyone!

Comment 4 Bug Janitor Service 2023-11-10 03:45:54 UTC

This bug has been in NEEDSINFO status with no change for at least
30 days. The bug is now closed as RESOLVED > WORKSFORME
due to lack of needed information.

For more information about our bug triaging procedures please read the
wiki located here:
https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging

Thank you for helping us make KDE software even better for everyone!