--- 1.1.3-dm-crypt-start.sh
+++ 1.1.3-dm-crypt-start.sh
@@ -1,7 +1,7 @@
 # /lib/rcscripts/addons/dm-crypt-start.sh
 
 # For backwards compatability with baselayout < 1.13.0 #174256
-if [[ -z ${SVCNAME} ]] ; then
+if [ -z "${SVCNAME}" ] ; then
 	case ${myservice} in
 		""|checkfs|localmount) SVCNAME=dmcrypt ;;
 		*) SVCNAME=${myservice} ;;
@@ -21,7 +21,7 @@
 dm_crypt_execute_dmcrypt() {
 	local dev ret mode foo
 	# some colors
-	local red='\x1b[31;01m' green='\x1b[32;01m' off='\x1b[0;0m'
+	local red='\033[31;01m' green='\033[32;01m' off='\033[0;0m'
 
 	if [ -n "$target" ]; then
 		# let user set options, otherwise leave empty
@@ -47,10 +47,10 @@
 		return
 	fi
 
-	if [[ -n ${loop_file} ]] ; then
+	if [ -n "${loop_file}" ] ; then
 		dev="/dev/mapper/${target}"
 		ebegin "  Setting up loop device ${source}"
-		/sbin/losetup ${source} ${loop_file}
+		/sbin/losetup "${source}" "${loop_file}"
 	fi
 
 	# cryptsetup:
@@ -72,26 +72,44 @@
 
 	# Handle keys
 	if [ -n "$key" ]; then
+		reset_stty() {
+			stty ${savestty}
+			trap - EXIT HUP INT TERM
+		}
 		read_abort() {
-			local ans
-			local prompt=" ${green}*${off}  $1? (${red}yes${off}/${green}No${off}) "
+			local ans a b back
+			printf " ${green}*${off}  %s? (${red}yes${off}/${green}No${off}) " "$1"
+			back=" *  $1? (yes/No) "
 			shift
-			echo -n -e "${prompt}"
-			if ! read -n 1 $* ans ; then
-				local back=${prompt//?/\\b}
-				echo -n -e "${back}"
-			else
-				echo
+			savestty=`stty -g`
+			trap reset_stty EXIT HUP INT TERM
+			stty -icanon -echo
+			if [ "$1" = '-t' ] && [ "$2" -gt 0 ]; then
+				stty min 0 time "$(( $2 * 10 ))"
+			fi
+			ans=`dd count=1 bs=1 2>/dev/null` || ans=''
+			reset_stty
+			if [ -z "${ans}" ]; then
+				a=''
+				b=''
+				while [ -n "${back}" ]; do
+					a="${a}"'\b'
+					b="${b} "
+					back=${back%?}
+				done
+				printf "${a}${b}${a}"
+				return 1
 			fi
-			case $ans in
-				[yY]|[yY][eE][sS]) return 0;;
-				*) return 1;;
+			case "${ans}" in
+				y*|Y*) printf "${red}YES${off}\n"; return 0;;
 			esac
+			printf "${green}No${off}\n"
+			return 1
 		}
 
 		# Notes: sed not used to avoid case where /usr partition is encrypted.
-		mode=${key/*:/} && ( [ "$mode" == "$key" ] || [ -z "$mode" ] ) && mode=reg
-		key=${key/:*/}
+		mode=${key##*:} && ( [ "$mode" = "$key" ] || [ -z "$mode" ] ) && mode=reg
+		key=${key%%:*}
 		case "$mode" in
 		gpg|reg)
 			# handle key on removable device
@@ -125,7 +143,7 @@
 							&& foo="mount failed" \
 							|| foo="mount source not found"
 					fi
-					((++i))
+					i=$(( $i + 1 ))
 					read_abort "Stop waiting after $i attempts (${foo})" -t 1 && return
 				done
 			else    # keyfile ! on removable device
@@ -147,17 +165,19 @@
 	fi
 	ebegin "dm-crypt map ${target}"
 	einfo "cryptsetup will be called with : ${options} ${arg1} ${arg2} ${arg3}"
-	if [ "$mode" == "gpg" ]; then
+	if [ "$mode" = "gpg" ]; then
 		: ${gpg_options:='-q -d'}
 		# gpg available ?
-		if type -p gpg >/dev/null ; then
-			for (( i = 0 ; i < 3 ; i++ ))
+		if command -v gpg >/dev/null 2>&1; then
+			local i=0
+			while [ $i -lt 3 ]
 			do
 				# paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected.
 				# save stdin stdout stderr "values"
 				gpg ${gpg_options} ${key} 2>/dev/null | cryptsetup ${options} ${arg1} ${arg2} ${arg3}
 				ret="$?"
 				[ "$ret" -eq 0 ] && break
+				i=$(( $i + 1 ))
 			done
 			eend "${ret}" "failure running cryptsetup"
 		else
@@ -167,7 +187,7 @@
 			einfo "If you have /usr on its own partition, try copying gpg to /bin ."
 		fi
 	else
-		if [ "$mode" == "reg" ]; then
+		if [ "$mode" = "reg" ]; then
 			cryptsetup ${options} -d ${key} ${arg1} ${arg2} ${arg3}
 			ret="$?"
 			eend "${ret}" "failure running cryptsetup"
@@ -178,15 +198,15 @@
 		fi
 	fi
 	if [ -d "$mntrem" ]; then
-		umount -n ${mntrem} 2>/dev/null >/dev/null
-		rmdir ${mntrem} 2>/dev/null >/dev/null
+		umount -n "${mntrem}" 2>/dev/null >/dev/null
+		rmdir "${mntrem}" 2>/dev/null >/dev/null
 	fi
 	splash svc_input_end ${SVCNAME} >/dev/null 2>&1
 
-	if [[ ${ret} != 0 ]] ; then
+	if [ "${ret}" -ne 0 ] ; then
 		cryptfs_status=1
 	else
-		if [[ -n ${pre_mount} ]] ; then
+		if [ -n "${pre_mount}" ] ; then
 			dev="/dev/mapper/${target}"
 			ebegin "  Running pre_mount commands for ${target}"
 			eval "${pre_mount}" > /dev/null
@@ -210,12 +230,12 @@
 	fi
 
 	mount_point=$(grep "/dev/mapper/${target}" /proc/mounts | cut -d' ' -f2)
-	if [[ -z ${mount_point} ]] ; then
+	if [ -z "${mount_point}" ] ; then
 		ewarn "Failed to find mount point for ${target}, skipping"
 		cryptfs_status=1
 	fi
 
-	if [[ -n ${post_mount} ]] ; then
+	if [ -n "${post_mount}" ] ; then
 		ebegin "Running post_mount commands for target ${target}"
 		eval "${post_mount}" >/dev/null
 		eend $? || cryptfs_status=1
@@ -236,9 +256,9 @@
 parse_opt() {
 	case "$1" in
 		*\=*)
-			local key_name="`echo "$1" | cut -f1 -d=`"
+			local key_name=${1%%=*}
 			local key_len=`strlen key_name`
-			local value_start=$((key_len+2))
+			local value_start=$(( $key_len + 2 ))
 			echo "$1" | cut -c ${value_start}-
 		;;
 	esac
@@ -260,15 +280,17 @@
 	esac
 done
 
-if [[ -f /etc/conf.d/${SVCNAME} ]] && [[ -x /sbin/cryptsetup ]] ; then
+if [ -f "/etc/conf.d/${SVCNAME}" ] && [ -x /sbin/cryptsetup ] ; then
 	ebegin "Setting up dm-crypt mappings"
 
-	while read -u 3 targetline ; do
-		# skip comments and blank lines
-		[[ ${targetline}\# == \#* ]] && continue
+	while read targetline <&3 ; do
 
 		# check for the start of a new target/swap
 		case ${targetline} in
+			''|'#'*)
+				# skip comments and blank lines
+				continue
+				;;
 			target=*|swap=*)
 				# If we have a target queued up, then execute it
 				dm_crypt_execute_${SVCNAME%.*}
@@ -278,7 +300,7 @@
 				;;
 
 			gpg_options=*|remdev=*|key=*|loop_file=*|options=*|pre_mount=*|post_mount=*|source=*)
-				if [[ -z ${target} && -z ${swap} ]] ; then
+				if [ -z "${target}" ] && [ -z "${swap}" ] ; then
 					ewarn "Ignoring setting outside target/swap section: ${targetline}"
 					continue
 				fi
@@ -296,7 +318,7 @@
 
 		# Queue this setting for the next call to dm_crypt_execute_${SVCNAME%.*}
 		eval "${targetline}"
-	done 3< /etc/conf.d/${SVCNAME}
+	done 3< "/etc/conf.d/${SVCNAME}"
 
 	# If we have a target queued up, then execute it
 	dm_crypt_execute_${SVCNAME%.*}
--- 1.1.3-dm-crypt-stop.sh
+++ 1.1.3-dm-crypt-stop.sh
@@ -1,15 +1,15 @@
 # /lib/rcscripts/addons/dm-crypt-stop.sh
 
 # Fix for baselayout-1.12.10 (bug 174256)
-: ${SVCNAME:=${myservice}}
+: ${SVCNAME:="${myservice}"}
 
 # Try to remove any dm-crypt mappings
 csetup=/sbin/cryptsetup
-if [ -f /etc/conf.d/${SVCNAME} ] && [ -x "$csetup" ]
+if [ -f "/etc/conf.d/${SVCNAME}" ] && [ -x "$csetup" ]
 then
 	einfo "Removing dm-crypt mappings"
 
-	/bin/egrep "^(target|swap)" /etc/conf.d/${SVCNAME} | \
+	/bin/egrep "^(target|swap)" "/etc/conf.d/${SVCNAME}" | \
 	while read targetline
 	do
 		target=
@@ -25,17 +25,19 @@
 		eend $? "Failed to remove dm-crypt mapping for: ${target}"
 	done
 
-	if [[ -n $(/bin/egrep -e "^(source=)./dev/loop*" /etc/conf.d/${SVCNAME}) ]] ; then
+	if /bin/egrep -q -e "^(source=)./dev/loop*" "/etc/conf.d/${SVCNAME}"; then
 		einfo "Taking down any dm-crypt loop devices"
-		/bin/egrep -e "^(source)" /etc/conf.d/${SVCNAME} | while read sourceline
+		/bin/egrep -e "^(source)" "/etc/conf.d/${SVCNAME}" | while read sourceline
 		do
 			source=
-			eval ${sourceline}
-			if [[ -n $(echo ${source} | grep /dev/loop) ]] ; then
+			eval "${sourceline}"
+			case "${source}" in
+			*/dev/loop*)
 				ebegin "   Taking down ${source}"
 				/sbin/losetup -d ${source}
 				eend $? "  Failed to remove loop"
-			fi
+			;;
+			esac
 		done
 	fi
 fi