Attachment #36464 for bug #43146

Line 0 Link Here

(-)rc-scripts-1.5.1.orig/etc/conf.d/cryptfs (+9 lines)
	1	# Swap partitions. These should come first so that no keys make their way into unencrypted swap
	2	# If no options are given, they will default to: -c aes -h sha1 -d /dev/urandom
	3	# If no makefs is given then mkswap will be assumed
	4	swap=crypt-swap source='/dev/main/swap'
	5
	6	# Mounts
	7	# If no options are given, they will default to: -c aes -h sha1
	8	# No mkfs is run unless you specify a makefs option
	9	mount=crypt-tmp options='-d /dev/urandom' source='/dev/main/tmp' pre_mount='/sbin/mkreiserfs -f -f ${dev}' post_mount='chown root:root ${mount_point}; chmod 1777 ${mount_point}'




		eend $? "Failed to setup the LVM"
	fi


	ebegin 'Setting up dm-crypt mappings'
    
	if [ -f /etc/conf.d/cryptfs ]
	then
		cryptfs_status=0

		/bin/egrep '^(mount|swap)' /etc/conf.d/cryptfs | \
		while read mountline
		do
			mount=
			swap=
			options=
			pre_mount=

			eval ${mountline}
 
			if [ -n "${mount}" ]
			then
				target=${mount}
				[ -z "${options}" ] && options='-c aes -h sha1'
			elif [ -n "${swap}" ]
			then
				target=${swap}
				[ -z "${options}" ] && options='-c aes -h sha1 -d /dev/urandom'
			else
				ewarn "Invalid line in /etc/conf.d/cryptomount: ${mountline}"
			fi

			! /bin/cryptsetup status ${target}|egrep '\<active:' > /dev/null
			configured=$?
 
			if [ ${configured} -eq 0 ]
			then
				einfo "dm-crypt map ${target}"
				if ! /bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
				then
					ewarn "Failure configuring ${target}"
					cryptfs_status=1
				else
					if [ -n "${swap}" ]
					then
						[ -z "${pre_mount}" ] && pre_mount='mkswap ${dev}'
					fi

					if [ -n "${pre_mount}" ]
					then
						dev="/dev/mapper/${target}"
						einfo "  Running pre_mount commands on: ${target}"
						if ! eval "${pre_mount}" > /dev/null
						then
							ewarn "Failed to run pre_mount commands on: ${target}"
							cryptfs_status=1
						fi
					fi
				fi
			else
				ewarn "dm-crypt mapping ${target} is already configured"
				cryptfs_status=1
			fi
		done 
	fi
	ewend ${cryptfs_status} 'Failed to setup a mapping or swap device.'

	if [ -f /fastboot -o -n "${CDBOOT}" ]
	then
		rm -f /fastboot




done
eend 0

# Try to remove any dm-crypt mappings

if [ -f /etc/conf.d/cryptfs ]
then
    ebegin "Removing dm-crypt mappings"

	/bin/egrep "^(mount|swap)" /etc/conf.d/cryptfs | \
	while read mountline
	do
		mount=
		swap=
		target=

		eval ${mountline}

		if [ -n "${mount}" ]
		then
			target=${mount}
		elif [ -n "${swap}" ]
		then
			target=${swap}
		else
			ewarn "Invalid line in /etc/conf.d/cryptfs: ${mountline}"
		fi

		einfo "Removing dm-crypt mapping for: ${target}"
		if ! /bin/cryptsetup remove ${target}
		then
			ewarn "Failed to remove dm-crypt mapping for: ${target}"
		fi
	done
fi

# Stop LVM
if [ -x /sbin/vgchange ] && [ -f /etc/lvmtab -o -d /etc/lvm ] && \
   [ -d /proc/lvm  -o "`grep device-mapper /proc/misc 2>/dev/null`" ]




	ebegin "Activating (possibly) more swap"
	/sbin/swapon -a &>/dev/null
	eend 0

	# Run any post_mount commands for cryptfs

	if [ -f /etc/conf.d/cryptfs ]
	then
		ebegin "Running post_mount commands for cryptfs"

		/bin/egrep "^mount" /etc/conf.d/cryptfs | \
		while read mountline
		do
			mount=
			mount_point=
			post_mount=

			eval ${mountline}
 
			target=${mount}

			! /bin/cryptsetup status ${target}|egrep '\<active:' > /dev/null
			configured=$?

			if [ ${configured} -eq 1 ]
			then
				mount_point=`/bin/awk "/\/dev\/mapper\/${target}/ { print \\$2 }" /proc/mounts`
				if [ -n "${mount_point}" ]
				then
					if [ -n "${post_mount}" ]
					then
						if ! eval "${post_mount}" > /dev/null
						then
							ewarn "Failed to run post_mount commands on: ${target}"
						fi
					fi
				else
					ewarn "Failed to find mount point to ${target}. Skipping"
				fi
			else
				ewarn "Target ${target} wasn't mapped, skipping"
			fi

		done
	fi
}



Return to bug 43146

Lines 179-184 Link Here

(-)rc-scripts-1.5.1.orig/init.d/checkfs (+64 lines)
179	eend $? "Failed to setup the LVM"	179	eend $? "Failed to setup the LVM"
180	fi	180	fi
181		181
		182
		183	ebegin 'Setting up dm-crypt mappings'
		184
		185	if [ -f /etc/conf.d/cryptfs ]
		186	then
		187	cryptfs_status=0
		188
		189	/bin/egrep '^(mount\|swap)' /etc/conf.d/cryptfs \| \
		190	while read mountline
		191	do
		192	mount=
		193	swap=
		194	options=
		195	pre_mount=
		196
		197	eval ${mountline}
		198
		199	if [ -n "${mount}" ]
		200	then
		201	target=${mount}
		202	[ -z "${options}" ] && options='-c aes -h sha1'
		203	elif [ -n "${swap}" ]
		204	then
		205	target=${swap}
		206	[ -z "${options}" ] && options='-c aes -h sha1 -d /dev/urandom'
		207	else
		208	ewarn "Invalid line in /etc/conf.d/cryptomount: ${mountline}"
		209	fi
		210
		211	! /bin/cryptsetup status ${target}\|egrep '\<active:' > /dev/null
		212	configured=$?
		213
		214	if [ ${configured} -eq 0 ]
		215	then
		216	einfo "dm-crypt map ${target}"
		217	if ! /bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
		218	then
		219	ewarn "Failure configuring ${target}"
		220	cryptfs_status=1
		221	else
		222	if [ -n "${swap}" ]
		223	then
		224	[ -z "${pre_mount}" ] && pre_mount='mkswap ${dev}'
		225	fi
		226
		227	if [ -n "${pre_mount}" ]
		228	then
		229	dev="/dev/mapper/${target}"
		230	einfo " Running pre_mount commands on: ${target}"
		231	if ! eval "${pre_mount}" > /dev/null
		232	then
		233	ewarn "Failed to run pre_mount commands on: ${target}"
		234	cryptfs_status=1
		235	fi
		236	fi
		237	fi
		238	else
		239	ewarn "dm-crypt mapping ${target} is already configured"
		240	cryptfs_status=1
		241	fi
		242	done
		243	fi
		244	ewend ${cryptfs_status} 'Failed to setup a mapping or swap device.'
		245
182	if [ -f /fastboot -o -n "${CDBOOT}" ]	246	if [ -f /fastboot -o -n "${CDBOOT}" ]
183	then	247	then
184	rm -f /fastboot	248	rm -f /fastboot

Lines 123-128 Link Here

(-)rc-scripts-1.5.1.orig/init.d/halt.sh (+33 lines)
123	done	123	done
124	eend 0	124	eend 0
125		125
		126	# Try to remove any dm-crypt mappings
		127
		128	if [ -f /etc/conf.d/cryptfs ]
		129	then
		130	ebegin "Removing dm-crypt mappings"
		131
		132	/bin/egrep "^(mount\|swap)" /etc/conf.d/cryptfs \| \
		133	while read mountline
		134	do
		135	mount=
		136	swap=
		137	target=
		138
		139	eval ${mountline}
		140
		141	if [ -n "${mount}" ]
		142	then
		143	target=${mount}
		144	elif [ -n "${swap}" ]
		145	then
		146	target=${swap}
		147	else
		148	ewarn "Invalid line in /etc/conf.d/cryptfs: ${mountline}"
		149	fi
		150
		151	einfo "Removing dm-crypt mapping for: ${target}"
		152	if ! /bin/cryptsetup remove ${target}
		153	then
		154	ewarn "Failed to remove dm-crypt mapping for: ${target}"
		155	fi
		156	done
		157	fi
		158
126	# Stop LVM	159	# Stop LVM
127	if [ -x /sbin/vgchange ] && [ -f /etc/lvmtab -o -d /etc/lvm ] && \	160	if [ -x /sbin/vgchange ] && [ -f /etc/lvmtab -o -d /etc/lvm ] && \
128	[ -d /proc/lvm -o "`grep device-mapper /proc/misc 2>/dev/null`" ]	161	[ -d /proc/lvm -o "`grep device-mapper /proc/misc 2>/dev/null`" ]

Lines 41-46 Link Here

(-)rc-scripts-1.5.1.orig/init.d/localmount (+42 lines)
41	ebegin "Activating (possibly) more swap"	41	ebegin "Activating (possibly) more swap"
42	/sbin/swapon -a &>/dev/null	42	/sbin/swapon -a &>/dev/null
43	eend 0	43	eend 0
		44
		45	# Run any post_mount commands for cryptfs
		46
		47	if [ -f /etc/conf.d/cryptfs ]
		48	then
		49	ebegin "Running post_mount commands for cryptfs"
		50
		51	/bin/egrep "^mount" /etc/conf.d/cryptfs \| \
		52	while read mountline
		53	do
		54	mount=
		55	mount_point=
		56	post_mount=
		57
		58	eval ${mountline}
		59
		60	target=${mount}
		61
		62	! /bin/cryptsetup status ${target}\|egrep '\<active:' > /dev/null
		63	configured=$?
		64
		65	if [ ${configured} -eq 1 ]
		66	then
		67	mount_point=`/bin/awk "/\/dev\/mapper\/${target}/ { print \\$2 }" /proc/mounts`
		68	if [ -n "${mount_point}" ]
		69	then
		70	if [ -n "${post_mount}" ]
		71	then
		72	if ! eval "${post_mount}" > /dev/null
		73	then
		74	ewarn "Failed to run post_mount commands on: ${target}"
		75	fi
		76	fi
		77	else
		78	ewarn "Failed to find mount point to ${target}. Skipping"
		79	fi
		80	else
		81	ewarn "Target ${target} wasn't mapped, skipping"
		82	fi
		83
		84	done
		85	fi
44	}	86	}
45		87
46		88