* [gentoo-commits] gentoo-x86 commit in sys-fs/cryptsetup/files: 1.1.3-dm-crypt-start.sh 1.1.3-dm-crypt-stop.sh
@ 2010-09-30 1:35 Mike Frysinger (vapier)
0 siblings, 0 replies; 2+ messages in thread
From: Mike Frysinger (vapier) @ 2010-09-30 1:35 UTC (permalink / raw
To: gentoo-commits
vapier 10/09/30 01:35:24
Added: 1.1.3-dm-crypt-start.sh 1.1.3-dm-crypt-stop.sh
Log:
Update by Wolfram to let the init.d scripts be multiplexed #338876.
(Portage version: 2.2_rc86/cvs/Linux x86_64)
Revision Changes Path
1.1 sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh?rev=1.1&content-type=text/plain
Index: 1.1.3-dm-crypt-start.sh
===================================================================
# /lib/rcscripts/addons/dm-crypt-start.sh
# For backwards compatability with baselayout < 1.13.0
: ${SVCNAME:=${myservice}} #174256
dm_crypt_execute_checkfs() {
dm_crypt_execute_dmcrypt
}
dm_crypt_execute_volumes() {
dm_crypt_execute_dmcrypt
}
# Setup mappings for an individual target/swap
# Note: This relies on variables localized in the main body below.
dm_crypt_execute_dmcrypt() {
local dev ret mode foo
# some colors
local red='\x1b[31;01m' green='\x1b[32;01m' off='\x1b[0;0m'
if [ -n "$target" ]; then
# let user set options, otherwise leave empty
: ${options:=' '}
elif [ -n "$swap" ]; then
einfo "Checking swap is not LUKS"
cryptsetup isLuks ${source} 2>/dev/null
foo="$?"
if [ "${foo}" -eq 0 ]; then
ewarn "The swap you have defined is a LUKS partition. Aborting crypt-swap setup."
return
fi
target=${swap}
# swap contents do not need to be preserved between boots, luks not required.
# suspend2 users should have initramfs's init handling their swap partition either way.
: ${options:='-c aes -h sha1 -d /dev/urandom'}
: ${pre_mount:='mkswap ${dev}'}
else
return
fi
if [ -z "$source" ] && [ ! -e "$source" ]; then
ewarn "source \"${source}\" for ${target} missing, skipping..."
return
fi
if [[ -n ${loop_file} ]] ; then
dev="/dev/mapper/${target}"
ebegin " Setting up loop device ${source}"
/sbin/losetup ${source} ${loop_file}
fi
# cryptsetup:
# luksOpen <device> <name> # <device> is $source
# create <name> <device> # <name> is $target
local arg1="create" arg2="$target" arg3="$source" luks=0
cryptsetup isLuks ${source} 2>/dev/null && { arg1="luksOpen"; arg2="$source"; arg3="$target"; luks=1; }
if /sbin/cryptsetup status ${target} | egrep -q '\<active:' ; then
einfo "dm-crypt mapping ${target} is already configured"
return
fi
splash svc_input_begin ${SVCNAME} >/dev/null 2>&1
# Handle keys
if [ -n "$key" ]; then
read_abort() {
local ans
local prompt=" ${green}*${off} $1? (${red}yes${off}/${green}No${off}) "
shift
echo -n -e "${prompt}"
if ! read -n 1 $* ans ; then
local back=${prompt//?/\\b}
echo -n -e "${back}"
else
echo
fi
case $ans in
[yY]|[yY][eE][sS]) return 0;;
*) return 1;;
esac
}
# Notes: sed not used to avoid case where /usr partition is encrypted.
mode=${key/*:/} && ( [ "$mode" == "$key" ] || [ -z "$mode" ] ) && mode=reg
key=${key/:*/}
case "$mode" in
gpg|reg)
# handle key on removable device
if [ -n "$remdev" ]; then
# temp directory to mount removable device
local mntrem="${RC_SVCDIR}/dm-crypt-remdev.$$"
if [ ! -d "${mntrem}" ] ; then
if ! mkdir -p "${mntrem}" ; then
ewarn "${source} will not be decrypted ..."
einfo "Reason: Unable to create temporary mount point '${mntrem}'"
return
fi
fi
i=0
einfo "Please insert removable device for ${target}"
while [ ${i} -lt ${dmcrypt_max_timeout:-120} ] ; do
foo=""
if mount -n -o ro "${remdev}" "${mntrem}" 2>/dev/null >/dev/null ; then
# keyfile exists?
if [ ! -e "${mntrem}${key}" ]; then
umount -n "${mntrem}"
rmdir "${mntrem}"
einfo "Cannot find ${key} on removable media."
read_abort "Abort" ${read_timeout:--t 1} && return
else
key="${mntrem}${key}"
break
fi
else
[ -e "${remdev}" ] \
&& foo="mount failed" \
|| foo="mount source not found"
fi
((++i))
read_abort "Stop waiting after $i attempts (${foo})" -t 1 && return
done
else # keyfile ! on removable device
if [ ! -e "$key" ]; then
ewarn "${source} will not be decrypted ..."
einfo "Reason: keyfile ${key} does not exist."
return
fi
fi
;;
*)
ewarn "${source} will not be decrypted ..."
einfo "Reason: mode ${mode} is invalid."
return
;;
esac
else
mode=none
fi
ebegin "dm-crypt map ${target}"
einfo "cryptsetup will be called with : ${options} ${arg1} ${arg2} ${arg3}"
if [ "$mode" == "gpg" ]; then
: ${gpg_options:='-q -d'}
# gpg available ?
if type -p gpg >/dev/null ; then
for (( i = 0 ; i < 3 ; i++ ))
do
# paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected.
# save stdin stdout stderr "values"
gpg ${gpg_options} ${key} 2>/dev/null | cryptsetup ${options} ${arg1} ${arg2} ${arg3}
ret="$?"
[ "$ret" -eq 0 ] && break
done
eend "${ret}" "failure running cryptsetup"
else
ewarn "${source} will not be decrypted ..."
einfo "Reason: cannot find gpg application."
einfo "You have to install app-crypt/gnupg first."
einfo "If you have /usr on its own partition, try copying gpg to /bin ."
fi
else
if [ "$mode" == "reg" ]; then
cryptsetup ${options} -d ${key} ${arg1} ${arg2} ${arg3}
ret="$?"
eend "${ret}" "failure running cryptsetup"
else
cryptsetup ${options} ${arg1} ${arg2} ${arg3}
ret="$?"
eend "${ret}" "failure running cryptsetup"
fi
fi
if [ -d "$mntrem" ]; then
umount -n ${mntrem} 2>/dev/null >/dev/null
rmdir ${mntrem} 2>/dev/null >/dev/null
fi
splash svc_input_end ${SVCNAME} >/dev/null 2>&1
if [[ ${ret} != 0 ]] ; then
cryptfs_status=1
else
if [[ -n ${pre_mount} ]] ; then
dev="/dev/mapper/${target}"
ebegin " Running pre_mount commands for ${target}"
eval "${pre_mount}" > /dev/null
ewend $? || cryptfs_status=1
fi
fi
}
# Run any post_mount commands for an individual mount
#
# Note: This relies on variables localized in the main body below.
dm_crypt_execute_localmount() {
local mount_point
[ -z "$target" ] && [ -z "$post_mount" ] && return
if ! /sbin/cryptsetup status ${target} | egrep -q '\<active:' ; then
ewarn "Skipping unmapped target ${target}"
cryptfs_status=1
return
fi
mount_point=$(grep "/dev/mapper/${target}" /proc/mounts | cut -d' ' -f2)
if [[ -z ${mount_point} ]] ; then
ewarn "Failed to find mount point for ${target}, skipping"
cryptfs_status=1
fi
if [[ -n ${post_mount} ]] ; then
ebegin "Running post_mount commands for target ${target}"
eval "${post_mount}" >/dev/null
eend $? || cryptfs_status=1
fi
}
# Determine string lengths
strlen() {
if [ -z "$1" ]
then
echo "usage: strlen <variable_name>"
die
fi
eval echo "\${#${1}}"
}
# Lookup optional bootparams
parse_opt() {
case "$1" in
*\=*)
local key_name="`echo "$1" | cut -f1 -d=`"
local key_len=`strlen key_name`
local value_start=$((key_len+2))
echo "$1" | cut -c ${value_start}-
;;
esac
}
local cryptfs_status=0
local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev
CMDLINE="`cat /proc/cmdline`"
for x in ${CMDLINE}
do
case "${x}" in
key_timeout\=*)
KEY_TIMEOUT=`parse_opt "${x}"`
if [ ${KEY_TIMEOUT} -gt 0 ]; then
read_timeout="-t ${KEY_TIMEOUT}"
fi
;;
esac
done
if [[ -f /etc/conf.d/${SVCNAME} ]] && [[ -x /sbin/cryptsetup ]] ; then
ebegin "Setting up dm-crypt mappings"
while read -u 3 targetline ; do
# skip comments and blank lines
[[ ${targetline}\# == \#* ]] && continue
# check for the start of a new target/swap
case ${targetline} in
target=*|swap=*)
# If we have a target queued up, then execute it
dm_crypt_execute_${SVCNAME%.*}
# Prepare for the next target/swap by resetting variables
unset gpg_options key loop_file target options pre_mount post_mount source swap remdev
;;
gpg_options=*|remdev=*|key=*|loop_file=*|options=*|pre_mount=*|post_mount=*|source=*)
if [[ -z ${target} && -z ${swap} ]] ; then
ewarn "Ignoring setting outside target/swap section: ${targetline}"
continue
fi
;;
*)
ewarn "Skipping invalid line in /etc/conf.d/${SVCNAME}: ${targetline}"
;;
esac
# Queue this setting for the next call to dm_crypt_execute_${SVCNAME%.*}
eval "${targetline}"
done 3< /etc/conf.d/${SVCNAME}
# If we have a target queued up, then execute it
dm_crypt_execute_${SVCNAME%.*}
ewend ${cryptfs_status} "Failed to setup dm-crypt devices"
fi
# vim:ts=4
1.1 sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh?rev=1.1&content-type=text/plain
Index: 1.1.3-dm-crypt-stop.sh
===================================================================
# /lib/rcscripts/addons/dm-crypt-stop.sh
# Fix for baselayout-1.12.10 (bug 174256)
: ${SVCNAME:=${myservice}}
# Try to remove any dm-crypt mappings
csetup=/sbin/cryptsetup
if [ -f /etc/conf.d/${SVCNAME} ] && [ -x "$csetup" ]
then
einfo "Removing dm-crypt mappings"
/bin/egrep "^(target|swap)" /etc/conf.d/${SVCNAME} | \
while read targetline
do
target=
swap=
eval ${targetline}
[ -n "${swap}" ] && target=${swap}
[ -z "${target}" ] && ewarn "Invalid line in /etc/conf.d/${SVCNAME}: ${targetline}"
ebegin "Removing dm-crypt mapping for: ${target}"
${csetup} remove ${target}
eend $? "Failed to remove dm-crypt mapping for: ${target}"
done
if [[ -n $(/bin/egrep -e "^(source=)./dev/loop*" /etc/conf.d/${SVCNAME}) ]] ; then
einfo "Taking down any dm-crypt loop devices"
/bin/egrep -e "^(source)" /etc/conf.d/${SVCNAME} | while read sourceline
do
source=
eval ${sourceline}
if [[ -n $(echo ${source} | grep /dev/loop) ]] ; then
ebegin " Taking down ${source}"
/sbin/losetup -d ${source}
eend $? " Failed to remove loop"
fi
done
fi
fi
# vim:ts=4
^ permalink raw reply [flat|nested] 2+ messages in thread
* [gentoo-commits] gentoo-x86 commit in sys-fs/cryptsetup/files: 1.1.3-dm-crypt-start.sh 1.1.3-dm-crypt-stop.sh
@ 2011-01-12 23:36 Mike Frysinger (vapier)
0 siblings, 0 replies; 2+ messages in thread
From: Mike Frysinger (vapier) @ 2011-01-12 23:36 UTC (permalink / raw
To: gentoo-commits
vapier 11/01/12 23:36:42
Modified: 1.1.3-dm-crypt-start.sh 1.1.3-dm-crypt-stop.sh
Log:
Push out updated addon to fix baselayout-2 support #350399 by Martin Kolleck.
(Portage version: 2.2.0_alpha13/cvs/Linux x86_64, RepoMan options: --force)
Revision Changes Path
1.5 sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh?rev=1.5&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh?rev=1.5&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh?r1=1.4&r2=1.5
Index: 1.1.3-dm-crypt-start.sh
===================================================================
RCS file: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- 1.1.3-dm-crypt-start.sh 8 Jan 2011 01:03:23 -0000 1.4
+++ 1.1.3-dm-crypt-start.sh 12 Jan 2011 23:36:42 -0000 1.5
@@ -1,20 +1,19 @@
# /lib/rcscripts/addons/dm-crypt-start.sh
-# For backwards compatability with baselayout < 1.13.0 #174256
-if [[ -z ${SVCNAME} ]] ; then
- case ${myservice} in
- ""|checkfs|localmount) SVCNAME=dmcrypt ;;
- *) SVCNAME=${myservice} ;;
- esac
-fi
+# For backwards compatibility with baselayout < 1.13.0 #174256
+: ${SVCNAME:=${myservice}}
-dm_crypt_execute_checkfs() {
- dm_crypt_execute_dmcrypt
-}
-
-dm_crypt_execute_volumes() {
- dm_crypt_execute_dmcrypt
-}
+# We might be hooked into init.d scripts (ala baselayout-1), or we might
+# be a standalone dmcrypt script. We support multiple dmcrypt instances,
+# but they must start with "dmcrypt." to be detected that way. It keeps
+# our lives much simpler with this multiplexed arrangement.
+execute_hook="dm_crypt_execute_dmcrypt"
+conf_file="dmcrypt"
+case ${SVCNAME} in
+ localmount) execute_hook="dm_crypt_execute_localmount" ;;
+ dmcrypt.*) conf_file="${SVCNAME}" ;;
+esac
+conf_file="/etc/conf.d/${conf_file}"
# Setup mappings for an individual target/swap
# Note: This relies on variables localized in the main body below.
@@ -260,7 +259,7 @@
esac
done
-if [[ -f /etc/conf.d/${SVCNAME} ]] && [[ -x /sbin/cryptsetup ]] ; then
+if [[ -f ${conf_file} ]] && [[ -x /sbin/cryptsetup ]] ; then
ebegin "Setting up dm-crypt mappings"
while read -u 3 targetline ; do
@@ -271,7 +270,7 @@
case ${targetline} in
target=*|swap=*)
# If we have a target queued up, then execute it
- dm_crypt_execute_${SVCNAME%.*}
+ ${execute_hook}
# Prepare for the next target/swap by resetting variables
unset gpg_options key loop_file target options pre_mount post_mount source swap remdev
@@ -290,16 +289,16 @@
;;
*)
- ewarn "Skipping invalid line in /etc/conf.d/${SVCNAME}: ${targetline}"
+ ewarn "Skipping invalid line in ${conf_file}: ${targetline}"
;;
esac
- # Queue this setting for the next call to dm_crypt_execute_${SVCNAME%.*}
+ # Queue this setting for the next call to dm_crypt_execute_xxx
eval "${targetline}"
- done 3< /etc/conf.d/${SVCNAME}
+ done 3< ${conf_file}
# If we have a target queued up, then execute it
- dm_crypt_execute_${SVCNAME%.*}
+ ${execute_hook}
ewend ${cryptfs_status} "Failed to setup dm-crypt devices"
fi
1.2 sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh?rev=1.2&view=markup
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh?rev=1.2&content-type=text/plain
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh?r1=1.1&r2=1.2
Index: 1.1.3-dm-crypt-stop.sh
===================================================================
RCS file: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- 1.1.3-dm-crypt-stop.sh 30 Sep 2010 01:35:24 -0000 1.1
+++ 1.1.3-dm-crypt-stop.sh 12 Jan 2011 23:36:42 -0000 1.2
@@ -1,15 +1,23 @@
# /lib/rcscripts/addons/dm-crypt-stop.sh
-# Fix for baselayout-1.12.10 (bug 174256)
+# For backwards compatibility with baselayout < 1.13.0 #174256
: ${SVCNAME:=${myservice}}
+# See notes in dm-crypt-start.sh
+execute_hook="dm_crypt_execute_dmcrypt"
+conf_file="dmcrypt"
+case ${SVCNAME} in
+ dmcrypt.*) conf_file="${SVCNAME}" ;;
+esac
+conf_file="/etc/conf.d/${conf_file}"
+
# Try to remove any dm-crypt mappings
csetup=/sbin/cryptsetup
-if [ -f /etc/conf.d/${SVCNAME} ] && [ -x "$csetup" ]
+if [ -f ${conf_file} ] && [ -x "$csetup" ]
then
einfo "Removing dm-crypt mappings"
- /bin/egrep "^(target|swap)" /etc/conf.d/${SVCNAME} | \
+ /bin/egrep "^(target|swap)" ${conf_file} | \
while read targetline
do
target=
@@ -18,16 +26,16 @@
eval ${targetline}
[ -n "${swap}" ] && target=${swap}
- [ -z "${target}" ] && ewarn "Invalid line in /etc/conf.d/${SVCNAME}: ${targetline}"
+ [ -z "${target}" ] && ewarn "Invalid line in ${conf_file}: ${targetline}"
ebegin "Removing dm-crypt mapping for: ${target}"
${csetup} remove ${target}
eend $? "Failed to remove dm-crypt mapping for: ${target}"
done
- if [[ -n $(/bin/egrep -e "^(source=)./dev/loop*" /etc/conf.d/${SVCNAME}) ]] ; then
+ if [[ -n $(/bin/egrep -e "^(source=)./dev/loop*" ${conf_file}) ]] ; then
einfo "Taking down any dm-crypt loop devices"
- /bin/egrep -e "^(source)" /etc/conf.d/${SVCNAME} | while read sourceline
+ /bin/egrep -e "^(source)" ${conf_file} | while read sourceline
do
source=
eval ${sourceline}
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-01-12 23:36 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-01-12 23:36 [gentoo-commits] gentoo-x86 commit in sys-fs/cryptsetup/files: 1.1.3-dm-crypt-start.sh 1.1.3-dm-crypt-stop.sh Mike Frysinger (vapier)
-- strict thread matches above, loose matches on Subject: below --
2010-09-30 1:35 Mike Frysinger (vapier)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox