--- dmcrypt.orig 2013-12-08 20:13:43.460978300 +0400 +++ dmcrypt 2013-12-08 22:33:49.655744149 +0400 @@ -57,9 +57,21 @@ # cryptsetup: # luksOpen # is $source # create # is $target - local arg1="create" arg2="${target}" arg3="${source}" luks=0 + local arg1="create" arg2="${target}" arg3="${source}" luks=0 arg_header="" - cryptsetup isLuks ${source} 2>/dev/null && { arg1="luksOpen"; arg2="${source}"; arg3="${target}"; luks=1; } + # luks_header force luks mode + if [ -n "${luks_header}" ] ; then + if [ ! -e "${luks_header}" ] ; then + ewarn "${source} will not be decrypted ..." + einfo "Reason: header file ${luks_header} does not exist." + return + fi + arg1="luksOpen"; arg2="${source}"; arg3="${target}"; + arg_header="--header ${luks_header}"; luks=1; + else + cryptsetup isLuks ${source} 2>/dev/null \ + && { arg1="luksOpen"; arg2="${source}"; arg3="${target}"; luks=1; } + fi # Older versions reported: # ${target} is active: @@ -155,7 +167,7 @@ else mode=none fi - ebegin " ${target} using: ${options} ${arg1} ${arg2} ${arg3}" + ebegin " ${target} using: ${options} ${arg1} ${arg2} ${arg3} ${arg_header}" if [ "${mode}" = "gpg" ] ; then : ${gpg_options:='-q -d'} # gpg available ? @@ -163,7 +175,8 @@ for i in 0 1 2 ; do # paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected. # save stdin stdout stderr "values" - gpg ${gpg_options} ${key} 2>/dev/null | cryptsetup ${options} ${arg1} ${arg2} ${arg3} + gpg ${gpg_options} ${key} 2>/dev/null \ + | cryptsetup ${options} ${arg1} ${arg2} ${arg3} ${arg_header} ret=$? [ ${ret} -eq 0 ] && break done @@ -176,11 +189,11 @@ fi else if [ "${mode}" = "reg" ] ; then - cryptsetup ${options} -d ${key} ${arg1} ${arg2} ${arg3} + cryptsetup ${options} -d ${key} ${arg1} ${arg2} ${arg3} ${arg_header} ret=$? eend ${ret} "failure running cryptsetup" else - cryptsetup ${options} ${arg1} ${arg2} ${arg3} + cryptsetup ${options} ${arg1} ${arg2} ${arg3} ${arg_header} ret=$? eend ${ret} "failure running cryptsetup" fi @@ -280,7 +293,7 @@ unset gpg_options key loop_file target options pre_mount post_mount source swap remdev ;; - gpg_options=*|remdev=*|key=*|loop_file=*|options=*|pre_mount=*|post_mount=*|source=*) + gpg_options=*|remdev=*|key=*|loop_file=*|options=*|pre_mount=*|post_mount=*|source=*|luks_header=*) if [ -z "${target}${swap}" ] ; then ewarn "Ignoring setting outside target/swap section: ${targetline}" continue