From d5fd030cc285730e1a1b9e0e78a1e1dc4daabfe0 Mon Sep 17 00:00:00 2001
From: Antonio Alvarez Feijoo <antonio.feijoo@suse.com>
Date: Wed, 24 Nov 2021 08:32:17 +0100
Subject: [PATCH] feat(crypt): check if fido2 module is needed in hostonly mode

In hostonly mode, include the fido2 module if any encrypted volumes
are configured to be decrypted using a FIDO2 security token.
---
 modules.d/90crypt/module-setup.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/modules.d/90crypt/module-setup.sh b/modules.d/90crypt/module-setup.sh
index 639d9cdddc..fce898f8fa 100755
--- a/modules.d/90crypt/module-setup.sh
+++ b/modules.d/90crypt/module-setup.sh
@@ -24,6 +24,9 @@ depends() {
         if grep -q "tpm2-device=" "$dracutsysrootdir"/etc/crypttab; then
             deps+=" tpm2-tss"
         fi
+        if grep -q -e "fido2-device=" -e "fido2-cid=" "$dracutsysrootdir"/etc/crypttab; then
+            deps+=" fido2"
+        fi
     fi
     echo "$deps"
     return 0