Permission denied – if I try use /key. 2015-09-10 21:58 GMT+01:00 Bryan Gardiner <b...@khumba.net>:
> On Thu, Sep 10, 2015 at 09:22:13PM +0100, Tomasz Czyż wrote: > > I have a problem with this method as you cannot copy the file outside > > extras tree. > > > > I used: > > > > ''cp /my.key $out/key" - the final file is in /nix/store/XXXXX/here > > (hard to access, if hash will change this stuff stop work. > > > > "cp /my.key $out/../../key" or "cp /my.key /key" doesn't work, > > permission error, so I cannot put key in the root of initrd. > > I don't have encrypted boot going myself... I'm passing on a reply I > got off-list from Leroy (bcc'ed, thanks, hope you don't mind), whose > config works using boot.initrd.extraUtilsCommands: > > On Wed, Sep 09, 2015 at 07:40:21PM +1200, Leroy Hopson wrote: > > Hi Bryan, > > > > I have a similar setup. I'm using `boot.initrd.extraUtilsCommands` as > > Evygeny suggested. > > > > Here is a link to the relevant section of my configuration: > > > https://github.com/lihop/nixos/blob/7b1b0a7fd4396713573c35368791e32843feb957/devices/desktop.nix#L59-L72 > > > > Regards, > > Leroy > > He's putting the keyfile in the initrd's /bin, then I suspect that > $PATH is only "/bin" in his keyFile = ...; arguments. If that's the > case, then with your first cp command above, your keyfile should > simply be at "/key" in your initrd, no need to know the hash. > > Cheers, > Bryan > > _______________________________________________ > nix-dev mailing list > nix-dev@lists.science.uu.nl > http://lists.science.uu.nl/mailman/listinfo/nix-dev > > -- Tomasz Czyż
_______________________________________________ nix-dev mailing list nix-dev@lists.science.uu.nl http://lists.science.uu.nl/mailman/listinfo/nix-dev