Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 118185 Details for
Bug 177100
sys-apps/baselayout-2 no longer loads dm-crypt volumes
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
/lib/rcscripts/addons/dm-crypt-start.sh
dm-crypt-start.sh (text/plain), 7.25 KB, created by
Mike Auty (RETIRED)
on 2007-05-04 22:43:51 UTC
(
hide
)
Description:
/lib/rcscripts/addons/dm-crypt-start.sh
Filename:
MIME Type:
Creator:
Mike Auty (RETIRED)
Created:
2007-05-04 22:43:51 UTC
Size:
7.25 KB
patch
obsolete
># /lib/rcscripts/addons/dm-crypt-start.sh > ># For backwards compatability with baselayout < 1.13.0 >dm_crypt_execute_checkfs() { > dm_crypt_execute_dmcrypt >} > >dm_crypt_execute_volumes() { > dmcrypt_execute_dmcrypt >} > ># Setup mappings for an individual target/swap ># Note: This relies on variables localized in the main body below. >dm_crypt_execute_dmcrypt() { > local dev ret mode > # some colors > local red='\x1b[31;01m' green='\x1b[32;01m' off='\x1b[0;0m' > > if [ -n "$target" ]; then > # let user set options, otherwise leave empty > : ${options:=' '} > elif [ -n "$swap" ]; then > target=${swap} > # swap contents do not need to be preserved between boots, luks not required. > # suspend2 users should have initramfs's init handling their swap partition either way. > : ${options:='-c aes -h sha1 -d /dev/urandom'} > : ${pre_mount:='mkswap ${dev}'} > else > return > fi > if [ -z "$source" ] && [ ! -e "$source" ]; then > ewarn "source \"${source}\" for ${target} missing, skipping..." > return > fi > > if [[ -n ${loop_file} ]] ; then > dev="/dev/mapper/${target}" > ebegin " Setting up loop device ${source}" > /sbin/losetup ${source} ${loop_file} > fi > > # cryptsetup: > # luksOpen <device> <name> # <device> is $source > # create <name> <device> # <name> is $target > local arg1="create" arg2="$target" arg3="$source" luks=0 > > cryptsetup isLuks ${source} 2>/dev/null && { arg1="luksOpen"; arg2="$source"; arg3="$target"; luks=1; } > > if /bin/cryptsetup status ${target} | egrep -q '\<active:' ; then > einfo "dm-crypt mapping ${target} is already configured" > return > fi > # Handle keys > if [ -n "$key" ]; then > # Notes: sed not used to avoid case where /usr partition is encrypted. > mode=${key/*:/} && ( [ "$mode" == "$key" ] || [ -z "$mode" ] ) && mode=reg > key=${key/:*/} > case "$mode" in > gpg|reg) > # handle key on removable device > if [ -n "$remdev" ]; then > # temp directory to mount removable device > local mntrem=/mnt/remdev > local c=0 ans > for (( i = 0 ; i < 10 ; i++ )) > do > [ ! -d "$mntrem" ] && mkdir -p ${mntrem} 2>/dev/null >/dev/null > if mount -n -o ro ${remdev} ${mntrem} 2>/dev/null >/dev/null ; then > sleep 2 > # keyfile exists? > if [ ! -e "${mntrem}${key}" ]; then > umount -n ${mntrem} 2>/dev/null >/dev/null > rmdir ${mntrem} 2>/dev/null >/dev/null > einfo "Cannot find ${key} on removable media." > echo -n -e " ${green}*${off} Abort?(${red}yes${off}/${green}no${off})" >/dev/console > read ans </dev/console > echo >/dev/console > [ "$ans" != "yes" ] && { i=0; c=0; } || return > else > key="${mntrem}${key}" > break > fi > else > [ "$c" -eq 0 ] && einfo "Please insert removable device for ${target}" > c=1 > sleep 2 > # let user abort > if [ "$i" -eq 9 ]; then > rmdir ${mntrem} 2>/dev/null >/dev/null > einfo "Removable device for ${target} not present." > echo -n -e " ${green}*${off} Abort?(${red}yes${off}/${green}no${off})" >/dev/console > read ans </dev/console > echo >/dev/console > [ "$ans" != "yes" ] && { i=0; c=0; } || return > fi > fi > done > else # keyfile ! on removable device > if [ ! -e "$key" ]; then > ewarn "${source} will not be decrypted ..." > einfo "Reason: keyfile ${key} does not exist." > return > fi > fi > ;; > *) > ewarn "${source} will not be decrypted ..." > einfo "Reason: mode ${mode} is invalid." > return > ;; > esac > else > mode=none > fi > splash svc_input_begin ${SVCNAME} >/dev/null 2>&1 > ebegin "dm-crypt map ${target}" > einfo "cryptsetup will be called with : ${options} ${arg1} ${arg2} ${arg3}" > if [ "$mode" == "gpg" ]; then > : ${gpg_options:='-q -d'} > # gpg available ? > if type -p gpg >/dev/null ; then > for (( i = 0 ; i < 3 ; i++ )) > do > # paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected. > # save stdin stdout stderr "values" > exec 3>&0 4>&1 6>&2 # ABS says fd 5 is reserved > exec &>/dev/console </dev/console > gpg ${gpg_options} ${key} 2>/dev/null | cryptsetup ${options} ${arg1} ${arg2} ${arg3} > ret="$?" > # restore values and close file descriptors > exec 0>&3 1>&4 2>&6 > exec 3>&- 4>&- 6>&- > [ "$ret" -eq 0 ] && break > done > eend "${ret}" "failure running cryptsetup" > else > ewarn "${source} will not be decrypted ..." > einfo "Reason: cannot find gpg application." > einfo "You have to install app-crypt/gnupg first." > einfo "If you have /usr on its own partition, try copying gpg to /bin ." > fi > else > if [ "$mode" == "reg" ]; then > cryptsetup ${options} -d ${key} ${arg1} ${arg2} ${arg3} >/dev/console </dev/console > ret="$?" > eend "${ret}" "failure running cryptsetup" > else > cryptsetup ${options} ${arg1} ${arg2} ${arg3} >/dev/console </dev/console > ret="$?" > eend "${ret}" "failure running cryptsetup" > fi > fi > if [ -d "$mntrem" ]; then > umount -n ${mntrem} 2>/dev/null >/dev/null > rmdir ${mntrem} 2>/dev/null >/dev/null > fi > splash svc_input_end ${SVCNAME} >/dev/null 2>&1 > > if [[ ${ret} != 0 ]] ; then > cryptfs_status=1 > else > if [[ -n ${pre_mount} ]] ; then > dev="/dev/mapper/${target}" > ebegin " Running pre_mount commands for ${target}" > eval "${pre_mount}" > /dev/null > ewend $? || cryptfs_status=1 > fi > fi >} > ># Run any post_mount commands for an individual mount ># ># Note: This relies on variables localized in the main body below. >dm_crypt_execute_localmount() { > local mount_point > > [ -z "$target" ] && [ -z "$post_mount" ] && return > > if ! /bin/cryptsetup status ${target} | egrep -q '\<active:' ; then > ewarn "Skipping unmapped target ${target}" > cryptfs_status=1 > return > fi > > mount_point=$(grep "/dev/mapper/${target}" /proc/mounts | cut -d' ' -f2) > if [[ -z ${mount_point} ]] ; then > ewarn "Failed to find mount point for ${target}, skipping" > cryptfs_status=1 > fi > > if [[ -n ${post_mount} ]] ; then > ebegin "Running post_mount commands for target ${target}" > eval "${post_mount}" >/dev/null > eend $? || cryptfs_status=1 > fi >} > >local cryptfs_status=0 >local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev > >if [[ -f /etc/conf.d/dmcrypt ]] && [[ -x /bin/cryptsetup ]] ; then > ebegin "Setting up dm-crypt mappings" > > # Fix for baselayout-1.12.10 (bug 174256) > [ -z ${SVCNAME} ] && SVCNAME="${myservice}" > > while read targetline ; do > # skip comments and blank lines > [[ ${targetline}\# == \#* ]] && continue > > # check for the start of a new target/swap > case ${targetline} in > target=*|swap=*) > # If we have a target queued up, then execute it > dm_crypt_execute_${SVCNAME} > > # Prepare for the next target/swap by resetting variables > unset gpg_options key loop_file target options pre_mount post_mount source swap remdev > ;; > > gpg_options=*|remdev=*|key=*|loop_file=*|options=*|pre_mount=*|post_mount=*|source=*) > if [[ -z ${target} && -z ${swap} ]] ; then > ewarn "Ignoring setting outside target/swap section: ${targetline}" > continue > fi > ;; > > *) > ewarn "Skipping invalid line in /etc/conf.d/dmcrypt: ${targetline}" > ;; > esac > > # Queue this setting for the next call to dm_crypt_execute_${SVCNAME} > eval "${targetline}" > done < /etc/conf.d/dmcrypt > > # If we have a target queued up, then execute it > dm_crypt_execute_${SVCNAME} > > ewend ${cryptfs_status} "Failed to setup dm-crypt devices" >fi > ># vim:ts=4
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=118185">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 177100
:
118184
| 118185 |
118186
|
118221
|
119463
