Attachment #314301 for bug #411559

View | Details | Raw Unified | Return to bug 411559 | Differences between

and this patch

Lines 747-752 Link Here

(-)a/defaults/initrd.scripts (-3 / +42 lines)
747	# Open a LUKS device	747	# Open a LUKS device
748	# It is either the root or a swap, other devices are supported in the scripts provided with sys-fs/cryptsetup-luks	748	# It is either the root or a swap, other devices are supported in the scripts provided with sys-fs/cryptsetup-luks
749	# $1 - root/swap	749	# $1 - root/swap
		750	# $1 - <[mapname:]device> pair, e.g., "usr:/dev/sda3" or "root:/dev/sda1"
750	openLUKS() {	751	openLUKS() {
751	# please use 'tr' and this line, or remove it	752	# please use 'tr' and this line, or remove it
752	# eval local TYPE=`uppercase $1`	753	# eval local TYPE=`uppercase $1`
Lines 754-766 Link Here
754	case $1 in	755	case $1 in
755	root)	756	root)
756	local TYPE=ROOT	757	local TYPE=ROOT
		758	CRYPT_ROOT_OPEN='1'
		759	;;
		760	root:*)
		761	local TYPE=ROOT
		762	CRYPT_ROOT="${CRYPT_MAPS}"
		763	CRYPT_ROOT_OPEN='1'
757	;;	764	;;
758	swap)	765	swap)
759	local TYPE=SWAP	766	local TYPE=SWAP
760	;;	767	;;
		768	:)
		769	local TYPE=MAPS
		770	;;
		771	*)
		772	bad_msg "List encrypted volumes as \`crypt_maps=<[mapname:]device>,...'" ${CRYPT_SILENT}
		773	run_shell
		774	;;
761	esac	775	esac
762		776
763	eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="$1" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"' LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' LUKS_TRIM='"${CRYPT_'${TYPE}'_TRIM}"'	777	eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="$1" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"' LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' LUKS_TRIM='"${CRYPT_'${TYPE}'_TRIM}"'
		778	eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="${1%:*}" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"' LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"'
764	local DEV_ERROR=0 KEY_ERROR=0 KEYDEV_ERROR=0	779	local DEV_ERROR=0 KEY_ERROR=0 KEYDEV_ERROR=0
765	local mntkey="/mnt/key/" cryptsetup_options=''	780	local mntkey="/mnt/key/" cryptsetup_options=''
766		781
Lines 904-913 Link Here
904		919
905	if [ ${crypt_filter_ret} -eq 0 ]	920	if [ ${crypt_filter_ret} -eq 0 ]
906	then	921	then
907	good_msg "LUKS device ${LUKS_DEVICE} opened" ${CRYPT_SILENT}	922	good_msg "LUKS device ${LUKS_DEVICE} (\"${LUKS_NAME}\") opened" ${CRYPT_SILENT}
908	break	923	break
909	else	924	else
910	bad_msg "Failed to open LUKS device ${LUKS_DEVICE}" ${CRYPT_SILENT}	925	bad_msg "Failed to open LUKS device ${LUKS_DEVICE} (\"${LUKS_NAME}\")" ${CRYPT_SILENT}
911	DEV_ERROR=1	926	DEV_ERROR=1
912	KEY_ERROR=1	927	KEY_ERROR=1
913	KEYDEV_ERROR=1	928	KEYDEV_ERROR=1
Lines 919-924 Link Here
919	rmdir -p ${mntkey} 2>/dev/null >/dev/null	934	rmdir -p ${mntkey} 2>/dev/null >/dev/null
920	}	935	}
921		936
		937	# volumes `crypt_maps' syntax: a comma separated list of <mapname:device> pairs,
		938	# where <mapname> and <device> are from `cryptsetup luksOpen <device> <mapname>'
		939	# if missing, <mapname> defaults to "root"; as in these examples:
		940	# 1.1 crypt_root=/dev/sda1
		941	# 1.1 crypt_maps=/dev/sda1
		942	# 1.2 crypt_maps=root:/dev/sda1
		943	# 2.1 crypt_maps=root:/dev/sda1,usr:/dev/sda3
		944	# 3.1 crypt_maps=usr:/dev/sda3,/dev/sda1,big:/dev/sdb1,xxl:/dev/sdc1
		945	iterLUKS() {
		946	local pair
		947	for pair in $*
		948	do
		949	CRYPT_MAPS="${pair#*:}"
		950	CRYPT_MAPS_KEY="${CRYPT_ROOT_KEYDEV:+/${pair%:*}key}"
		951	CRYPT_MAPS_KEYDEV="${CRYPT_ROOT_KEYDEV}"
		952
		953	[ "${pair#*:}" != "${pair}" ] \|\| openLUKS "root"
		954	[ "${pair%:*}" == "${pair}" ] \|\| openLUKS "${pair}"
		955	done
		956	}
		957
922	startLUKS() {	958	startLUKS() {
923		959
924	# if key is set but key device isn't, find it	960	# if key is set but key device isn't, find it
Lines 927-933 Link Here
927	&& sleep 6 && bootstrapKey "ROOT"	963	&& sleep 6 && bootstrapKey "ROOT"
928		964
929	if [ -n "${CRYPT_ROOT}" ]; then	965	if [ -n "${CRYPT_ROOT}" ]; then
930	openLUKS "root"	966	CRYPT_ROOT_OPEN='0'
		967	[ "${CDROOT}" == '1' ] && openLUKS "root"
		968	[ "${CDROOT}" == '1' ] \|\| iterLUKS "${MAPLIST}"
		969	[ "${CRYPT_ROOT_OPEN}" == '1' ] \|\| openLUKS "root"
931	if [ -n "${REAL_ROOT}" ]	970	if [ -n "${REAL_ROOT}" ]
932	then	971	then
933	# Rescan volumes	972	# Rescan volumes

Lines 191-196 Link Here

(-)a/defaults/linuxrc (+4 lines)
191	crypt_swap=*)	191	crypt_swap=*)
192	CRYPT_SWAP=${x#*=}	192	CRYPT_SWAP=${x#*=}
193	;;	193	;;
		194	crypt_maps=*)
		195	MAPLIST=${x#*=}
		196	MAPLIST="$(echo ${MAPLIST} \| sed -e 's/,/ /g')"
		197	;;
194	root_key=*)	198	root_key=*)
195	CRYPT_ROOT_KEY=${x#*=}	199	CRYPT_ROOT_KEY=${x#*=}
196	;;	200	;;

Return to bug 411559