Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
View | Details | Raw Unified | Return to bug 411559 | Differences between
and this patch

Collapse All | Expand All

(-)a/defaults/initrd.scripts (-3 / +42 lines)
Lines 720-725 Link Here
720
# Open a LUKS device
720
# Open a LUKS device
721
# It is either the root or a swap, other devices are supported in the scripts provided with sys-fs/cryptsetup-luks
721
# It is either the root or a swap, other devices are supported in the scripts provided with sys-fs/cryptsetup-luks
722
# $1 - root/swap
722
# $1 - root/swap
723
# $1 - <[mapname:]device> pair, e.g., "usr:/dev/sda3" or "root:/dev/sda1"
723
openLUKS() {
724
openLUKS() {
724
	# please use 'tr' and this line, or remove it
725
	# please use 'tr' and this line, or remove it
725
	# eval local TYPE=`uppercase $1`
726
	# eval local TYPE=`uppercase $1`
Lines 727-739 Link Here
727
	case $1 in
728
	case $1 in
728
		root)
729
		root)
729
			local TYPE=ROOT
730
			local TYPE=ROOT
731
			CRYPT_ROOT_OPEN='1'
732
			;;
733
		root:*)
734
			local TYPE=ROOT
735
			CRYPT_ROOT="${CRYPT_MAPS}"
736
			CRYPT_ROOT_OPEN='1'
730
			;;
737
			;;
731
		swap)
738
		swap)
732
			local TYPE=SWAP
739
			local TYPE=SWAP
733
			;;
740
			;;
741
		*:*)
742
			local TYPE=MAPS
743
			;;
744
		*)
745
			bad_msg "List encrypted volumes as \`crypt_maps=<[mapname:]device>,...'" ${CRYPT_SILENT}
746
			run_shell
747
			;;
734
	esac
748
	esac
735
749
736
	eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="$1" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"' LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' LUKS_TRIM='"${CRYPT_'${TYPE}'_TRIM}"'
750
	eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="$1" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"' LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' LUKS_TRIM='"${CRYPT_'${TYPE}'_TRIM}"'
751
	eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="${1%:*}" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"' LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"'
737
	local DEV_ERROR=0 KEY_ERROR=0 KEYDEV_ERROR=0
752
	local DEV_ERROR=0 KEY_ERROR=0 KEYDEV_ERROR=0
738
	local mntkey="/mnt/key/" cryptsetup_options=''
753
	local mntkey="/mnt/key/" cryptsetup_options=''
739
754
Lines 877-886 Link Here
877
892
878
				if [ ${crypt_filter_ret} -eq 0 ]
893
				if [ ${crypt_filter_ret} -eq 0 ]
879
				then
894
				then
880
					good_msg "LUKS device ${LUKS_DEVICE} opened" ${CRYPT_SILENT}
895
					good_msg "LUKS device ${LUKS_DEVICE} (\"${LUKS_NAME}\") opened" ${CRYPT_SILENT}
881
					break
896
					break
882
				else
897
				else
883
					bad_msg "Failed to open LUKS device ${LUKS_DEVICE}" ${CRYPT_SILENT}
898
					bad_msg "Failed to open LUKS device ${LUKS_DEVICE} (\"${LUKS_NAME}\")" ${CRYPT_SILENT}
884
					DEV_ERROR=1
899
					DEV_ERROR=1
885
					KEY_ERROR=1
900
					KEY_ERROR=1
886
					KEYDEV_ERROR=1
901
					KEYDEV_ERROR=1
Lines 892-897 Link Here
892
	rmdir -p ${mntkey} 2>/dev/null >/dev/null
907
	rmdir -p ${mntkey} 2>/dev/null >/dev/null
893
}
908
}
894
909
910
# volumes `crypt_maps' syntax: a comma separated list of <mapname:device> pairs,
911
# where <mapname> and <device> are from `cryptsetup luksOpen <device> <mapname>'
912
# if missing, <mapname> defaults to "root"; as in these examples:
913
# 1.1 crypt_root=/dev/sda1
914
# 1.1 crypt_maps=/dev/sda1
915
# 1.2 crypt_maps=root:/dev/sda1
916
# 2.1 crypt_maps=root:/dev/sda1,usr:/dev/sda3
917
# 3.1 crypt_maps=usr:/dev/sda3,/dev/sda1,big:/dev/sdb1,xxl:/dev/sdc1
918
iterLUKS() {
919
	local pair
920
	for pair in $*
921
	do
922
		CRYPT_MAPS="${pair#*:}"
923
		CRYPT_MAPS_KEY="${CRYPT_ROOT_KEYDEV:+/${pair%:*}key}"
924
		CRYPT_MAPS_KEYDEV="${CRYPT_ROOT_KEYDEV}"
925
926
		[ "${pair#*:}" != "${pair}" ] || openLUKS "root"
927
		[ "${pair%:*}" == "${pair}" ] || openLUKS "${pair}"
928
	done
929
}
930
895
startLUKS() {
931
startLUKS() {
896
932
897
	# if key is set but key device isn't, find it
933
	# if key is set but key device isn't, find it
Lines 900-906 Link Here
900
		&& sleep 6 && bootstrapKey "ROOT"
936
		&& sleep 6 && bootstrapKey "ROOT"
901
937
902
	if [ -n "${CRYPT_ROOT}" ]; then
938
	if [ -n "${CRYPT_ROOT}" ]; then
903
		openLUKS "root"
939
		CRYPT_ROOT_OPEN='0'
940
		[ "${CDROOT}" == '1' ] && openLUKS "root"
941
		[ "${CDROOT}" == '1' ] || iterLUKS "${MAPLIST}"
942
		[ "${CRYPT_ROOT_OPEN}" == '1' ] || openLUKS "root"
904
		if [ -n "${REAL_ROOT}" ]
943
		if [ -n "${REAL_ROOT}" ]
905
		then
944
		then
906
			# Rescan volumes
945
			# Rescan volumes
(-)a/defaults/linuxrc (+4 lines)
Lines 191-196 Link Here
191
		crypt_swap=*)
191
		crypt_swap=*)
192
			CRYPT_SWAP=${x#*=}
192
			CRYPT_SWAP=${x#*=}
193
		;;
193
		;;
194
		crypt_maps=*)
195
			MAPLIST=${x#*=}
196
			MAPLIST="$(echo ${MAPLIST} | sed -e 's/,/ /g')"
197
		;;
194
		root_key=*)
198
		root_key=*)
195
			CRYPT_ROOT_KEY=${x#*=}
199
			CRYPT_ROOT_KEY=${x#*=}
196
		;;
200
		;;

Return to bug 411559