Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
View | Details | Raw Unified | Return to bug 411559 | Differences between
and this patch

Collapse All | Expand All

(-)a/defaults/initrd.scripts (-4 / +44 lines)
Lines 747-752 Link Here
747
# Open a LUKS device
747
# Open a LUKS device
748
# It is either the root or a swap, other devices are supported in the scripts provided with sys-fs/cryptsetup-luks
748
# It is either the root or a swap, other devices are supported in the scripts provided with sys-fs/cryptsetup-luks
749
# $1 - root/swap
749
# $1 - root/swap
750
# $1 - <[mapname:]device> pair, e.g., "usr:/dev/sda3" or "root:/dev/sda1"
750
openLUKS() {
751
openLUKS() {
751
	# please use 'tr' and this line, or remove it
752
	# please use 'tr' and this line, or remove it
752
	# eval local TYPE=`uppercase $1`
753
	# eval local TYPE=`uppercase $1`
Lines 757-769 Link Here
757
		root)
758
		root)
758
			local TYPE=ROOT
759
			local TYPE=ROOT
759
			[ -n "${REAL_ROOT}" ] && local LUKS_NAME="`echo "${REAL_ROOT}" | sed -e 's|.*/||'`"
760
			[ -n "${REAL_ROOT}" ] && local LUKS_NAME="`echo "${REAL_ROOT}" | sed -e 's|.*/||'`"
761
			[ -z "${REAL_ROOT}" ] || CRYPT_ROOT_OPEN='1'
762
			;;
763
		root:*)
764
			local TYPE=ROOT
765
			CRYPT_ROOT="${CRYPT_MAPS}"
766
			REAL_ROOT="${LUKS_NAME#*:}"
767
			[ -n "${REAL_ROOT}" ] && local LUKS_NAME="`echo "${REAL_ROOT}" | sed -e 's|.*/||'`"
768
			[ -z "${REAL_ROOT}" ] || CRYPT_ROOT_OPEN='1'
760
			;;
769
			;;
761
		swap)
770
		swap)
762
			local TYPE=SWAP
771
			local TYPE=SWAP
763
			;;
772
			;;
773
		*:*)
774
			local TYPE=MAPS
775
			;;
776
		*)
777
			bad_msg "List encrypted volumes as \`crypt_maps=<[mapname:]device>,...'" ${CRYPT_SILENT}
778
			run_shell
779
			;;
764
	esac
780
	esac
765
781
766
	eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="$LUKS_NAME" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"' LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' LUKS_TRIM='"${CRYPT_'${TYPE}'_TRIM}"'
782
	eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="${LUKS_NAME%:*}" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"' LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' LUKS_TRIM='"${CRYPT_'${TYPE}'_TRIM}"'
767
	local DEV_ERROR=0 KEY_ERROR=0 KEYDEV_ERROR=0
783
	local DEV_ERROR=0 KEY_ERROR=0 KEYDEV_ERROR=0
768
	local mntkey="/mnt/key/" cryptsetup_options=''
784
	local mntkey="/mnt/key/" cryptsetup_options=''
769
785
Lines 907-916 Link Here
907
923
908
				if [ ${crypt_filter_ret} -eq 0 ]
924
				if [ ${crypt_filter_ret} -eq 0 ]
909
				then
925
				then
910
					good_msg "LUKS device ${LUKS_DEVICE} opened" ${CRYPT_SILENT}
926
					good_msg "LUKS device ${LUKS_DEVICE} (\"${LUKS_NAME}\") opened" ${CRYPT_SILENT}
911
					break
927
					break
912
				else
928
				else
913
					bad_msg "Failed to open LUKS device ${LUKS_DEVICE}" ${CRYPT_SILENT}
929
					bad_msg "Failed to open LUKS device ${LUKS_DEVICE} (\"${LUKS_NAME}\")" ${CRYPT_SILENT}
914
					DEV_ERROR=1
930
					DEV_ERROR=1
915
					KEY_ERROR=1
931
					KEY_ERROR=1
916
					KEYDEV_ERROR=1
932
					KEYDEV_ERROR=1
Lines 922-927 Link Here
922
	rmdir -p ${mntkey} 2>/dev/null >/dev/null
938
	rmdir -p ${mntkey} 2>/dev/null >/dev/null
923
}
939
}
924
940
941
# volumes `crypt_maps' syntax: a comma separated list of <mapname:device> pairs,
942
# where <mapname> and <device> are from `cryptsetup luksOpen <device> <mapname>'
943
# if missing, <mapname> defaults to "root"; as in these examples:
944
# 1.1 crypt_root=/dev/sda1
945
# 1.1 crypt_maps=/dev/sda1
946
# 1.2 crypt_maps=root:/dev/sda1
947
# 2.1 crypt_maps=root:/dev/sda1,usr:/dev/sda3
948
# 3.1 crypt_maps=usr:/dev/sda3,/dev/sda1,big:/dev/sdb1,xxl:/dev/sdc1
949
iterLUKS() {
950
	local pair
951
	for pair in $*
952
	do
953
		CRYPT_MAPS="${pair#*:}"
954
		CRYPT_MAPS_KEY="${CRYPT_ROOT_KEYDEV:+/${pair%:*}key}"
955
		CRYPT_MAPS_KEYDEV="${CRYPT_ROOT_KEYDEV}"
956
957
		[ "${pair#*:}" != "${pair}" ] || openLUKS "root"
958
		[ "${pair%:*}" == "${pair}" ] || openLUKS "${pair}"
959
	done
960
}
961
925
startLUKS() {
962
startLUKS() {
926
963
927
	# if key is set but key device isn't, find it
964
	# if key is set but key device isn't, find it
Lines 930-936 Link Here
930
		&& sleep 6 && bootstrapKey "ROOT"
967
		&& sleep 6 && bootstrapKey "ROOT"
931
968
932
	if [ -n "${CRYPT_ROOT}" ]; then
969
	if [ -n "${CRYPT_ROOT}" ]; then
933
		openLUKS "root"
970
		CRYPT_ROOT_OPEN='0'
971
		[ "${CDROOT}" == '1' ] && openLUKS "root"
972
		[ "${CDROOT}" == '1' ] || iterLUKS "${MAPLIST}"
973
		[ "${CRYPT_ROOT_OPEN}" == '1' ] || openLUKS "root"
934
		if [ -n "${REAL_ROOT}" ]
974
		if [ -n "${REAL_ROOT}" ]
935
		then
975
		then
936
			# Rescan volumes
976
			# Rescan volumes
(-)a/defaults/linuxrc (+4 lines)
Lines 191-196 Link Here
191
		crypt_swap=*)
191
		crypt_swap=*)
192
			CRYPT_SWAP=${x#*=}
192
			CRYPT_SWAP=${x#*=}
193
		;;
193
		;;
194
		crypt_maps=*)
195
			MAPLIST=${x#*=}
196
			MAPLIST="$(echo ${MAPLIST} | sed -e 's/,/ /g')"
197
		;;
194
		root_key=*)
198
		root_key=*)
195
			CRYPT_ROOT_KEY=${x#*=}
199
			CRYPT_ROOT_KEY=${x#*=}
196
		;;
200
		;;

Return to bug 411559