Attachment #308505 for bug #411559

View | Details | Raw Unified | Return to bug 411559 | Differences between

and this patch

Lines 730-735 Link Here

(-)a/defaults/initrd.scripts (-3 / +42 lines)
730	# Open a LUKS device	730	# Open a LUKS device
731	# It is either the root or a swap, other devices are supported in the scripts provided with sys-fs/cryptsetup-luks	731	# It is either the root or a swap, other devices are supported in the scripts provided with sys-fs/cryptsetup-luks
732	# $1 - root/swap	732	# $1 - root/swap
		733	# $1 - <[mapname:]device> pair, e.g., "usr:/dev/sda3" or "root:/dev/sda1"
733	openLUKS() {	734	openLUKS() {
734	# please use 'tr' and this line, or remove it	735	# please use 'tr' and this line, or remove it
735	# eval local TYPE=`uppercase $1`	736	# eval local TYPE=`uppercase $1`
Lines 737-749 openLUKS() { Link Here
737	case $1 in	738	case $1 in
738	root)	739	root)
739	local TYPE=ROOT	740	local TYPE=ROOT
		741	CRYPT_ROOT_OPEN='1'
		742	;;
		743	root:*)
		744	local TYPE=ROOT
		745	CRYPT_ROOT="${CRYPT_MAPS}"
		746	CRYPT_ROOT_OPEN='1'
740	;;	747	;;
741	swap)	748	swap)
742	local TYPE=SWAP	749	local TYPE=SWAP
743	;;	750	;;
		751	:)
		752	local TYPE=MAPS
		753	;;
		754	*)
		755	bad_msg "List encrypted volumes as \`crypt_maps=<[mapname:]device>,...'" ${CRYPT_SILENT}
		756	run_shell
		757	;;
744	esac	758	esac
745		759
746	eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="$1" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"' LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' LUKS_TRIM='"${CRYPT_'${TYPE}'_TRIM}"'	760	eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="$1" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"' LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' LUKS_TRIM='"${CRYPT_'${TYPE}'_TRIM}"'
		761	eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="${1%:*}" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"' LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"'
747	local DEV_ERROR=0 KEY_ERROR=0 KEYDEV_ERROR=0	762	local DEV_ERROR=0 KEY_ERROR=0 KEYDEV_ERROR=0
748	local mntkey="/mnt/key/" cryptsetup_options=''	763	local mntkey="/mnt/key/" cryptsetup_options=''
749		764
Lines 887-896 openLUKS() { Link Here
887		902
888	if [ ${crypt_filter_ret} -eq 0 ]	903	if [ ${crypt_filter_ret} -eq 0 ]
889	then	904	then
890	good_msg "LUKS device ${LUKS_DEVICE} opened" ${CRYPT_SILENT}	905	good_msg "LUKS device ${LUKS_DEVICE} (\"${LUKS_NAME}\") opened" ${CRYPT_SILENT}
891	break	906	break
892	else	907	else
893	bad_msg "Failed to open LUKS device ${LUKS_DEVICE}" ${CRYPT_SILENT}	908	bad_msg "Failed to open LUKS device ${LUKS_DEVICE} (\"${LUKS_NAME}\")" ${CRYPT_SILENT}
894	DEV_ERROR=1	909	DEV_ERROR=1
895	KEY_ERROR=1	910	KEY_ERROR=1
896	KEYDEV_ERROR=1	911	KEYDEV_ERROR=1
Lines 902-907 Link Here
902	rmdir -p ${mntkey} 2>/dev/null >/dev/null	917	rmdir -p ${mntkey} 2>/dev/null >/dev/null
903	}	918	}
904		919
		920	# volumes `crypt_maps' syntax: a comma separated list of <mapname:device> pairs,
		921	# where <mapname> and <device> are from `cryptsetup luksOpen <device> <mapname>'
		922	# if missing, <mapname> defaults to "root"; as in these examples:
		923	# 1.1 crypt_root=/dev/sda1
		924	# 1.1 crypt_maps=/dev/sda1
		925	# 1.2 crypt_maps=root:/dev/sda1
		926	# 2.1 crypt_maps=root:/dev/sda1,usr:/dev/sda3
		927	# 3.1 crypt_maps=usr:/dev/sda3,/dev/sda1,big:/dev/sdb1,xxl:/dev/sdc1
		928	iterLUKS() {
		929	local pair
		930	for pair in $*
		931	do
		932	CRYPT_MAPS="${pair#*:}"
		933	CRYPT_MAPS_KEY="${CRYPT_ROOT_KEYDEV:+/${pair%:*}key}"
		934	CRYPT_MAPS_KEYDEV="${CRYPT_ROOT_KEYDEV}"
		935
		936	[ "${pair#*:}" != "${pair}" ] \|\| openLUKS "root"
		937	[ "${pair%:*}" == "${pair}" ] \|\| openLUKS "${pair}"
		938	done
		939	}
		940
905	startLUKS() {	941	startLUKS() {
906		942
907	# if key is set but key device isn't, find it	943	# if key is set but key device isn't, find it
Lines 910-916 Link Here
910	&& sleep 6 && bootstrapKey "ROOT"	946	&& sleep 6 && bootstrapKey "ROOT"
911		947
912	if [ -n "${CRYPT_ROOT}" ]; then	948	if [ -n "${CRYPT_ROOT}" ]; then
913	openLUKS "root"	949	CRYPT_ROOT_OPEN='0'
		950	[ "${CDROOT}" == '1' ] && openLUKS "root"
		951	[ "${CDROOT}" == '1' ] \|\| iterLUKS "${MAPLIST}"
		952	[ "${CRYPT_ROOT_OPEN}" == '1' ] \|\| openLUKS "root"
914	if [ -n "${REAL_ROOT}" ]	953	if [ -n "${REAL_ROOT}" ]
915	then	954	then
916	# Rescan volumes	955	# Rescan volumes

Lines 196-201 Link Here

(-)a/defaults/linuxrc (+4 lines)
196	crypt_swap=*)	196	crypt_swap=*)
197	CRYPT_SWAP=${x#*=}	197	CRYPT_SWAP=${x#*=}
198	;;	198	;;
		199	crypt_maps=*)
		200	MAPLIST=${x#*=}
		201	MAPLIST="$(echo ${MAPLIST} \| sed -e 's/,/ /g')"
		202	;;
199	root_key=*)	203	root_key=*)
200	CRYPT_ROOT_KEY=${x#*=}	204	CRYPT_ROOT_KEY=${x#*=}
201	;;	205	;;

Return to bug 411559