Lines 179-247
Link Here
|
179 |
eend $? "Failed to setup the LVM" |
179 |
eend $? "Failed to setup the LVM" |
180 |
fi |
180 |
fi |
181 |
|
181 |
|
182 |
|
|
|
183 |
ebegin 'Setting up dm-crypt mappings' |
182 |
ebegin 'Setting up dm-crypt mappings' |
184 |
|
183 |
dm-crypt-start |
185 |
if [ -f /etc/conf.d/cryptfs ] |
184 |
ewend $? 'Failed to setup a mapping or swap device' |
186 |
then |
|
|
187 |
cryptfs_status=0 |
188 |
|
189 |
/bin/egrep '^(mount|swap)' /etc/conf.d/cryptfs | \ |
190 |
while read mountline |
191 |
do |
192 |
mount= |
193 |
swap= |
194 |
options= |
195 |
pre_mount= |
196 |
|
197 |
eval ${mountline} |
198 |
|
199 |
if [ -n "${mount}" ] |
200 |
then |
201 |
target=${mount} |
202 |
[ -z "${options}" ] && options='-c aes -h sha1' |
203 |
elif [ -n "${swap}" ] |
204 |
then |
205 |
target=${swap} |
206 |
[ -z "${options}" ] && options='-c aes -h sha1 -d /dev/urandom' |
207 |
else |
208 |
ewarn "Invalid line in /etc/conf.d/cryptomount: ${mountline}" |
209 |
fi |
210 |
|
211 |
! /bin/cryptsetup status ${target}|egrep '\<active:' > /dev/null |
212 |
configured=$? |
213 |
|
214 |
if [ ${configured} -eq 0 ] |
215 |
then |
216 |
einfo "dm-crypt map ${target}" |
217 |
if ! /bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console |
218 |
then |
219 |
ewarn "Failure configuring ${target}" |
220 |
cryptfs_status=1 |
221 |
else |
222 |
if [ -n "${swap}" ] |
223 |
then |
224 |
[ -z "${pre_mount}" ] && pre_mount='mkswap ${dev}' |
225 |
fi |
226 |
|
227 |
if [ -n "${pre_mount}" ] |
228 |
then |
229 |
dev="/dev/mapper/${target}" |
230 |
einfo " Running pre_mount commands on: ${target}" |
231 |
if ! eval "${pre_mount}" > /dev/null |
232 |
then |
233 |
ewarn "Failed to run pre_mount commands on: ${target}" |
234 |
cryptfs_status=1 |
235 |
fi |
236 |
fi |
237 |
fi |
238 |
else |
239 |
ewarn "dm-crypt mapping ${target} is already configured" |
240 |
cryptfs_status=1 |
241 |
fi |
242 |
done |
243 |
fi |
244 |
ewend ${cryptfs_status} 'Failed to setup a mapping or swap device.' |
245 |
|
185 |
|
246 |
if [ -f /fastboot -o -n "${CDBOOT}" ] |
186 |
if [ -f /fastboot -o -n "${CDBOOT}" ] |
247 |
then |
187 |
then |
Lines 273-276
Link Here
|
273 |
fi |
213 |
fi |
274 |
} |
214 |
} |
275 |
|
215 |
|
|
|
216 |
# Note: This function is exactly duplicated in localmount. If you change it |
217 |
# here, make sure to change it there also! |
218 |
dm-crypt-start() { |
219 |
local cryptfs_status=0 |
220 |
local mountline mount swap options pre_mount post_mount source |
221 |
shopt -s extglob # for +(...) and friends |
222 |
|
223 |
if [ -f /etc/conf.d/cryptfs ]; then |
224 |
while read mountline; do |
225 |
# skip comments and blank lines, ignoring leading w/s |
226 |
[[ ${mountline//[ ]/} == +(\#*|) ]] && continue |
227 |
|
228 |
# check for the start of a new mount/swap |
229 |
if [[ ${mountline} == +(mount=*|swap=*) ]]; then |
230 |
# If we have a mount queued up, then execute it |
231 |
dm-crypt-execute |
232 |
|
233 |
# Prepare for the next mount/swap by setting defaults |
234 |
unset mount swap options pre_mount post_mount source |
235 |
eval "${mountline}" |
236 |
if [[ -n ${mount} ]]; then |
237 |
options='-c aes -h sha1' |
238 |
elif [[ -n ${swap} ]]; then |
239 |
options='-c aes -h sha1 -d /dev/urandom' |
240 |
pre_mount='mkswap ${dev}' |
241 |
else |
242 |
# This should never happen... |
243 |
ewarn "Strange! /etc/conf.d/cryptfs: ${mountline}" |
244 |
fi |
245 |
|
246 |
# Check for an invalid setting |
247 |
elif [[ ${mountline} != +(options=*|pre_mount=*|post_mount=*|source=*) ]]; then |
248 |
ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}" |
249 |
continue |
250 |
elif [[ -z ${mount} && -z ${swap} ]]; then |
251 |
ewarn "Ignoring setting outside mount/swap section: ${mountline}" |
252 |
continue |
253 |
fi |
254 |
|
255 |
# Queue this setting for the next call to dmcrypt-execute |
256 |
eval "${mountline}" |
257 |
done < /etc/conf.d/cryptfs |
258 |
|
259 |
# If we have a mount queued up, then execute it |
260 |
dmcrypt-execute |
261 |
fi |
262 |
|
263 |
return ${cryptfs_status} |
264 |
} |
265 |
|
266 |
# Setup mappings for an individual mount/swap |
267 |
# |
268 |
# Note: This relies on variables localized in dm-crypt-start. This function |
269 |
# is quite different from the function by the same name in localmount... |
270 |
dm-crypt-execute() { |
271 |
local dev target |
272 |
|
273 |
if [[ -n ${mount} ]]; then |
274 |
target=${mount} |
275 |
elif [[ -n ${swap} ]]; then |
276 |
target=${swap} |
277 |
else |
278 |
return |
279 |
fi |
280 |
|
281 |
if /bin/cryptsetup status ${target} | egrep -q '\<active:'; then |
282 |
einfo "dm-crypt mapping ${target} is already configured" |
283 |
return |
284 |
fi |
285 |
|
286 |
ebegin "dm-crypt map ${target}" |
287 |
/bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console |
288 |
eend $? "failure running cryptsetup" |
289 |
if [[ $? != 0 ]]; then |
290 |
cryptfs_status=1 |
291 |
else |
292 |
if [[ -n ${pre_mount} ]]; then |
293 |
dev="/dev/mapper/${target}" |
294 |
ebegin " Running pre_mount commands for ${target}" |
295 |
eval "${pre_mount}" > /dev/null |
296 |
ewend $? || cryptfs_status=1 |
297 |
fi |
298 |
fi |
299 |
} |
300 |
|
276 |
# vim:ts=4 |
301 |
# vim:ts=4 |