Attachment #259747 for bug #255528

Line Link Here

(-)file_not_specified_in_diff (-42 / +68 lines)
0	-- 1.1.3-dm-crypt-start.sh	0	++ 1.1.3-dm-crypt-start.sh
Lines 20-26 Link Here
20	dm_crypt_execute_dmcrypt() {	20	dm_crypt_execute_dmcrypt() {
21	local dev ret mode foo	21	local dev ret mode foo
22	# some colors	22	# some colors
23	local red='\x1b[31;01m' green='\x1b[32;01m' off='\x1b[0;0m'	23	local red='\033[31;01m' green='\033[32;01m' off='\033[0;0m'
24		24
25	if [ -n "$target" ]; then	25	if [ -n "$target" ]; then
26	# let user set options, otherwise leave empty	26	# let user set options, otherwise leave empty
Lines 46-55 Link Here
46	return	46	return
47	fi	47	fi
48		48
49	if [[ -n ${loop_file} ]] ; then	49	if [ -n "${loop_file}" ] ; then
50	dev="/dev/mapper/${target}"	50	dev="/dev/mapper/${target}"
51	ebegin " Setting up loop device ${source}"	51	ebegin " Setting up loop device ${source}"
52	/sbin/losetup ${source} ${loop_file}	52	/sbin/losetup "${source}" "${loop_file}"
53	fi	53	fi
54		54
55	# cryptsetup:	55	# cryptsetup:
Lines 71-96 Link Here
71		71
72	# Handle keys	72	# Handle keys
73	if [ -n "$key" ]; then	73	if [ -n "$key" ]; then
		74	reset_stty() {
		75	stty ${savestty}
		76	trap - EXIT HUP INT TERM
		77	}
74	read_abort() {	78	read_abort() {
75	local ans	79	local ans a b back
76	local prompt=" ${green}*${off} $1? (${red}yes${off}/${green}No${off}) "	80	printf " ${green}*${off} %s? (${red}yes${off}/${green}No${off}) " "$1"
		81	back=" * $1? (yes/No) "
77	shift	82	shift
78	echo -n -e "${prompt}"	83	savestty=`stty -g`
79	if ! read -n 1 $* ans ; then	84	trap reset_stty EXIT HUP INT TERM
80	local back=${prompt//?/\\b}	85	stty -icanon -echo
81	echo -n -e "${back}"	86	if [ "$1" = '-t' ] && [ "$2" -gt 0 ]; then
82	else	87	stty min 0 time "$(( $2 * 10 ))"
83	echo	88	fi
		89	ans=`dd count=1 bs=1 2>/dev/null` \|\| ans=''
		90	reset_stty
		91	if [ -z "${ans}" ]; then
		92	a=''
		93	b=''
		94	while [ -n "${back}" ]; do
		95	a="${a}"'\b'
		96	b="${b} "
		97	back=${back%?}
		98	done
		99	printf "${a}${b}${a}"
		100	return 1
84	fi	101	fi
85	case $ans in	102	case "${ans}" in
86	[yY]\|[yY][eE][sS]) return 0;;	103	y\|Y) printf "${red}YES${off}\n"; return 0;;
87	*) return 1;;
88	esac	104	esac
		105	printf "${green}No${off}\n"
		106	return 1
89	}	107	}
90		108
91	# Notes: sed not used to avoid case where /usr partition is encrypted.	109	# Notes: sed not used to avoid case where /usr partition is encrypted.
92	mode=${key/*:/} && ( [ "$mode" == "$key" ] \|\| [ -z "$mode" ] ) && mode=reg	110	mode=${key##*:} && ( [ "$mode" = "$key" ] \|\| [ -z "$mode" ] ) && mode=reg
93	key=${key/:*/}	111	key=${key%%:*}
94	case "$mode" in	112	case "$mode" in
95	gpg\|reg)	113	gpg\|reg)
96	# handle key on removable device	114	# handle key on removable device
Lines 124-130 Link Here
124	&& foo="mount failed" \	142	&& foo="mount failed" \
125	\|\| foo="mount source not found"	143	\|\| foo="mount source not found"
126	fi	144	fi
127	((++i))	145	i=$(( $i + 1 ))
128	read_abort "Stop waiting after $i attempts (${foo})" -t 1 && return	146	read_abort "Stop waiting after $i attempts (${foo})" -t 1 && return
129	done	147	done
130	else # keyfile ! on removable device	148	else # keyfile ! on removable device
Lines 146-162 Link Here
146	fi	164	fi
147	ebegin "dm-crypt map ${target}"	165	ebegin "dm-crypt map ${target}"
148	einfo "cryptsetup will be called with : ${options} ${arg1} ${arg2} ${arg3}"	166	einfo "cryptsetup will be called with : ${options} ${arg1} ${arg2} ${arg3}"
149	if [ "$mode" == "gpg" ]; then	167	if [ "$mode" = "gpg" ]; then
150	: ${gpg_options:='-q -d'}	168	: ${gpg_options:='-q -d'}
151	# gpg available ?	169	# gpg available ?
152	if type -p gpg >/dev/null ; then	170	if command -v gpg >/dev/null 2>&1; then
153	for (( i = 0 ; i < 3 ; i++ ))	171	local i=0
		172	while [ $i -lt 3 ]
154	do	173	do
155	# paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected.	174	# paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected.
156	# save stdin stdout stderr "values"	175	# save stdin stdout stderr "values"
157	gpg ${gpg_options} ${key} 2>/dev/null \| cryptsetup ${options} ${arg1} ${arg2} ${arg3}	176	gpg ${gpg_options} ${key} 2>/dev/null \| cryptsetup ${options} ${arg1} ${arg2} ${arg3}
158	ret="$?"	177	ret="$?"
159	[ "$ret" -eq 0 ] && break	178	[ "$ret" -eq 0 ] && break
		179	i=$(( $i + 1 ))
160	done	180	done
161	eend "${ret}" "failure running cryptsetup"	181	eend "${ret}" "failure running cryptsetup"
162	else	182	else
Lines 166-172 Link Here
166	einfo "If you have /usr on its own partition, try copying gpg to /bin ."	186	einfo "If you have /usr on its own partition, try copying gpg to /bin ."
167	fi	187	fi
168	else	188	else
169	if [ "$mode" == "reg" ]; then	189	if [ "$mode" = "reg" ]; then
170	cryptsetup ${options} -d ${key} ${arg1} ${arg2} ${arg3}	190	cryptsetup ${options} -d ${key} ${arg1} ${arg2} ${arg3}
171	ret="$?"	191	ret="$?"
172	eend "${ret}" "failure running cryptsetup"	192	eend "${ret}" "failure running cryptsetup"
Lines 177-191 Link Here
177	fi	197	fi
178	fi	198	fi
179	if [ -d "$mntrem" ]; then	199	if [ -d "$mntrem" ]; then
180	umount -n ${mntrem} 2>/dev/null >/dev/null	200	umount -n "${mntrem}" 2>/dev/null >/dev/null
181	rmdir ${mntrem} 2>/dev/null >/dev/null	201	rmdir "${mntrem}" 2>/dev/null >/dev/null
182	fi	202	fi
183	splash svc_input_end ${SVCNAME} >/dev/null 2>&1	203	splash svc_input_end ${SVCNAME} >/dev/null 2>&1
184		204
185	if [[ ${ret} != 0 ]] ; then	205	if [ "${ret}" -ne 0 ] ; then
186	cryptfs_status=1	206	cryptfs_status=1
187	else	207	else
188	if [[ -n ${pre_mount} ]] ; then	208	if [ -n "${pre_mount}" ] ; then
189	dev="/dev/mapper/${target}"	209	dev="/dev/mapper/${target}"
190	ebegin " Running pre_mount commands for ${target}"	210	ebegin " Running pre_mount commands for ${target}"
191	eval "${pre_mount}" > /dev/null	211	eval "${pre_mount}" > /dev/null
Lines 209-220 Link Here
209	fi	229	fi
210		230
211	mount_point=$(grep "/dev/mapper/${target}" /proc/mounts \| cut -d' ' -f2)	231	mount_point=$(grep "/dev/mapper/${target}" /proc/mounts \| cut -d' ' -f2)
212	if [[ -z ${mount_point} ]] ; then	232	if [ -z "${mount_point}" ] ; then
213	ewarn "Failed to find mount point for ${target}, skipping"	233	ewarn "Failed to find mount point for ${target}, skipping"
214	cryptfs_status=1	234	cryptfs_status=1
215	fi	235	fi
216		236
217	if [[ -n ${post_mount} ]] ; then	237	if [ -n "${post_mount}" ] ; then
218	ebegin "Running post_mount commands for target ${target}"	238	ebegin "Running post_mount commands for target ${target}"
219	eval "${post_mount}" >/dev/null	239	eval "${post_mount}" >/dev/null
220	eend $? \|\| cryptfs_status=1	240	eend $? \|\| cryptfs_status=1
Lines 235-243 Link Here
235	parse_opt() {	255	parse_opt() {
236	case "$1" in	256	case "$1" in
237	\=)	257	\=)
238	local key_name="`echo "$1" \| cut -f1 -d=`"	258	local key_name=${1%%=*}
239	local key_len=`strlen key_name`	259	local key_len=`strlen key_name`
240	local value_start=$((key_len+2))	260	local value_start=$(( $key_len + 2 ))
241	echo "$1" \| cut -c ${value_start}-	261	echo "$1" \| cut -c ${value_start}-
242	;;	262	;;
243	esac	263	esac
Lines 259-273 Link Here
259	esac	279	esac
260	done	280	done
261		281
262	if [[ -f ${conf_file} ]] && [[ -x /sbin/cryptsetup ]] ; then	282	if [ -f "${conf_file}" ] && [ -x /sbin/cryptsetup ] ; then
263	ebegin "Setting up dm-crypt mappings"	283	ebegin "Setting up dm-crypt mappings"
264		284
265	while read -u 3 targetline ; do	285	while read targetline <&3 ; do
266	# skip comments and blank lines	286	# skip comments and blank lines
267	[[ ${targetline}\# == \#* ]] && continue	287	[[ ${targetline}\# == \#* ]] && continue
268		288
269	# check for the start of a new target/swap	289	# check for the start of a new target/swap
270	case ${targetline} in	290	case ${targetline} in
		291	''\|'#'*)
		292	# skip comments and blank lines
		293	continue
		294	;;
271	target=\|swap=)	295	target=\|swap=)
272	# If we have a target queued up, then execute it	296	# If we have a target queued up, then execute it
273	${execute_hook}	297	${execute_hook}
Lines 277-283 Link Here
277	;;	301	;;
278		302
279	gpg_options=\|remdev=\|key=\|loop_file=\|options=\|pre_mount=\|post_mount=\|source=)	303	gpg_options=\|remdev=\|key=\|loop_file=\|options=\|pre_mount=\|post_mount=\|source=)
280	if [[ -z ${target} && -z ${swap} ]] ; then	304	if [ -z "${target}" ] && [ -z "${swap}" ] ; then
281	ewarn "Ignoring setting outside target/swap section: ${targetline}"	305	ewarn "Ignoring setting outside target/swap section: ${targetline}"
282	continue	306	continue
283	fi	307	fi
Lines 295-301 Link Here
295		319
296	# Queue this setting for the next call to dm_crypt_execute_xxx	320	# Queue this setting for the next call to dm_crypt_execute_xxx
297	eval "${targetline}"	321	eval "${targetline}"
298	done 3< ${conf_file}	322	done 3< "${conf_file}"
299		323
300	# If we have a target queued up, then execute it	324	# If we have a target queued up, then execute it
301	${execute_hook}	325	${execute_hook}
302	-- 1.1.3-dm-crypt-stop.sh	326	++ 1.1.3-dm-crypt-stop.sh
Lines 13-23 Link Here
13		13
14	# Try to remove any dm-crypt mappings	14	# Try to remove any dm-crypt mappings
15	csetup=/sbin/cryptsetup	15	csetup=/sbin/cryptsetup
16	if [ -f ${conf_file} ] && [ -x "$csetup" ]	16	if [ -f "${conf_file}" ] && [ -x "$csetup" ]
17	then	17	then
18	einfo "Removing dm-crypt mappings"	18	einfo "Removing dm-crypt mappings"
19		19
20	/bin/egrep "^(target\|swap)" ${conf_file} \| \	20	/bin/egrep "^(target\|swap)" "${conf_file}" \| \
21	while read targetline	21	while read targetline
22	do	22	do
23	target=	23	target=
Lines 33-49 Link Here
33	eend $? "Failed to remove dm-crypt mapping for: ${target}"	33	eend $? "Failed to remove dm-crypt mapping for: ${target}"
34	done	34	done
35		35
36	if [[ -n $(/bin/egrep -e "^(source=)./dev/loop*" ${conf_file}) ]] ; then	36	if /bin/egrep -q -e "^(source=)./dev/loop" "${conf_file}"; then
37	einfo "Taking down any dm-crypt loop devices"	37	einfo "Taking down any dm-crypt loop devices"
38	/bin/egrep -e "^(source)" ${conf_file} \| while read sourceline	38	/bin/egrep -e "^(source)" "${conf_file}" \| while read sourceline
39	do	39	do
40	source=	40	source=
41	eval ${sourceline}	41	eval "${sourceline}"
42	if [[ -n $(echo ${source} \| grep /dev/loop) ]] ; then	42	case "${source}" in
		43	/dev/loop)
43	ebegin " Taking down ${source}"	44	ebegin " Taking down ${source}"
44	/sbin/losetup -d ${source}	45	/sbin/losetup -d ${source}
45	eend $? " Failed to remove loop"	46	eend $? " Failed to remove loop"
46	fi	47	;;
		48	esac
47	done	49	done
48	fi	50	fi
49	fi	51	fi

Return to bug 255528