Attachment #40036 for bug #43146




		eend $? "Failed to setup the LVM"
	fi


	ebegin 'Setting up dm-crypt mappings'
	dm-crypt-start
	ewend $? 'Failed to setup a mapping or swap device'
	then
		cryptfs_status=0

		/bin/egrep '^(mount|swap)' /etc/conf.d/cryptfs | \
		while read mountline
		do
			mount=
			swap=
			options=
			pre_mount=

			eval ${mountline}

			if [ -n "${mount}" ]
			then
				target=${mount}
				[ -z "${options}" ] && options='-c aes -h sha1'
			elif [ -n "${swap}" ]
			then
				target=${swap}
				[ -z "${options}" ] && options='-c aes -h sha1 -d /dev/urandom'
			else
				ewarn "Invalid line in /etc/conf.d/cryptomount: ${mountline}"
			fi

			! /bin/cryptsetup status ${target}|egrep '\<active:' > /dev/null
			configured=$?

			if [ ${configured} -eq 0 ]
			then
				einfo "dm-crypt map ${target}"
				if ! /bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
				then
					ewarn "Failure configuring ${target}"
					cryptfs_status=1
				else
					if [ -n "${swap}" ]
					then
						[ -z "${pre_mount}" ] && pre_mount='mkswap ${dev}'
					fi

					if [ -n "${pre_mount}" ]
					then
						dev="/dev/mapper/${target}"
						einfo "  Running pre_mount commands on: ${target}"
						if ! eval "${pre_mount}" > /dev/null
						then
							ewarn "Failed to run pre_mount commands on: ${target}"
							cryptfs_status=1
						fi
					fi
				fi
			else
				ewarn "dm-crypt mapping ${target} is already configured"
				cryptfs_status=1
			fi
		done
	fi
	ewend ${cryptfs_status} 'Failed to setup a mapping or swap device.'

	if [ -f /fastboot -o -n "${CDBOOT}" ]
	then

	fi
}

# Note: This function is exactly duplicated in localmount.  If you change it
# here, make sure to change it there also!
dm-crypt-start() {
	local cryptfs_status=0 
	local mountline mount swap options pre_mount post_mount source
	shopt -s extglob	# for +(...) and friends

	if [ -f /etc/conf.d/cryptfs ]; then
		while read mountline; do
			# skip comments and blank lines, ignoring leading w/s
			[[ ${mountline//[ 	]/} == +(\#*|) ]] && continue

			# check for the start of a new mount/swap
			if [[ ${mountline} == +(mount=*|swap=*) ]]; then
				# If we have a mount queued up, then execute it
				dm-crypt-execute

				# Prepare for the next mount/swap by setting defaults
				unset mount swap options pre_mount post_mount source
				eval "${mountline}"
				if [[ -n ${mount} ]]; then
					options='-c aes -h sha1'
				elif [[ -n ${swap} ]]; then
					options='-c aes -h sha1 -d /dev/urandom'
					pre_mount='mkswap ${dev}'
				else
					# This should never happen...
					ewarn "Strange! /etc/conf.d/cryptfs: ${mountline}"
				fi

			# Check for an invalid setting
			elif [[ ${mountline} != +(options=*|pre_mount=*|post_mount=*|source=*) ]]; then
				ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}"
				continue
			elif [[ -z ${mount} && -z ${swap} ]]; then
				ewarn "Ignoring setting outside mount/swap section: ${mountline}"
				continue
			fi

			# Queue this setting for the next call to dmcrypt-execute
			eval "${mountline}"
		done < /etc/conf.d/cryptfs

		# If we have a mount queued up, then execute it
		dmcrypt-execute
	fi

	return ${cryptfs_status}
}

# Setup mappings for an individual mount/swap
#
# Note: This relies on variables localized in dm-crypt-start.  This function
# is quite different from the function by the same name in localmount...
dm-crypt-execute() {
	local dev target

	if [[ -n ${mount} ]]; then
		target=${mount}
	elif [[ -n ${swap} ]]; then
		target=${swap}
	else
		return
	fi

	if /bin/cryptsetup status ${target} | egrep -q '\<active:'; then
		einfo "dm-crypt mapping ${target} is already configured"
		return
	fi

	ebegin "dm-crypt map ${target}"
	/bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
	eend $? "failure running cryptsetup"
	if [[ $? != 0 ]]; then
		cryptfs_status=1
	else
		if [[ -n ${pre_mount} ]]; then
			dev="/dev/mapper/${target}"
			ebegin "  Running pre_mount commands for ${target}"
			eval "${pre_mount}" > /dev/null
			ewend $? || cryptfs_status=1
		fi
	fi
}

# vim:ts=4




	/sbin/swapon -a &>/dev/null
	eend 0

	ebegin 'Running post_mount commands for dm-crypt'
	dm-crypt-start
	ewend $? 'Failed to run a post_mount command'
}

# Note: This function is exactly duplicated in localmount.  If you change it
# here, make sure to change it there also!
dm-crypt-start() {
	local cryptfs_status=0 
	local mountline mount swap options pre_mount post_mount source
	shopt -s extglob	# for +(...) and friends

	if [ -f /etc/conf.d/cryptfs ]; then
		while read mountline; do
			# skip comments and blank lines, ignoring leading w/s
			[[ ${mountline//[ 	]/} == +(\#*|) ]] && continue

			# check for the start of a new mount/swap
			if [[ ${mountline} == +(mount=*|swap=*) ]]; then
				# If we have a mount queued up, then execute it
				dm-crypt-execute

				# Prepare for the next mount/swap by setting defaults
				unset mount swap options pre_mount post_mount source
				eval "${mountline}"
				if [[ -n ${mount} ]]; then
					options='-c aes -h sha1'
				elif [[ -n ${swap} ]]; then
					options='-c aes -h sha1 -d /dev/urandom'
					pre_mount='mkswap ${dev}'
						if ! eval "${post_mount}" > /dev/null
						then
							ewarn "Failed to run post_mount commands on: ${target}"
						fi
					fi
				else
					# This should never happen...
					ewarn "Strange! /etc/conf.d/cryptfs: ${mountline}"
				fi

			# Check for an invalid setting
			elif [[ ${mountline} != +(options=*|pre_mount=*|post_mount=*|source=*) ]]; then
				ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}"
				continue
			elif [[ -z ${mount} && -z ${swap} ]]; then
				ewarn "Ignoring setting outside mount/swap section: ${mountline}"
				continue
			fi

			# Queue this setting for the next call to dmcrypt-execute
			eval "${mountline}"
		done < /etc/conf.d/cryptfs

		# If we have a mount queued up, then execute it
		dmcrypt-execute
	fi

	return ${cryptfs_status}
}

# Run any post_mount commands for an individual mount
#
# Note: This relies on variables localized in dm-crypt-start.  This function
# is quite different from the function by the same name in checkfs...
dm-crypt-execute() {
	local mount_point target

	if [[ -n ${mount} && -n ${post_mount} ]]; then
		target=${mount}
	else
		return
	fi

	if ! /bin/cryptsetup status ${target} | egrep -q '\<active:'; then
		ewarn "Skipping unmapped target ${target}"
		cryptfs_status=1
		return
	fi

	mount_point=$(grep "/dev/mapper/${target}" /proc/mounts | cut -d' ' -f2)
	if [[ -z ${mount_point} ]]; then
		ewarn "Failed to find mount point for ${target}, skipping"
		cryptfs_status=1
	fi

	if [[ -n ${post_mount} ]]; then
		ebegin "Running post_mount commands for target ${target}"
		eval "${post_mount}" >/dev/null
		eend $? || cryptfs_status=1
	fi
}

# vim:ts=4

Return to bug 43146

Lines 179-247 Link Here

(-)init.d/checkfs (-62 / +87 lines)
179	eend $? "Failed to setup the LVM"	179	eend $? "Failed to setup the LVM"
180	fi	180	fi
181		181
182
183	ebegin 'Setting up dm-crypt mappings'	182	ebegin 'Setting up dm-crypt mappings'
184		183	dm-crypt-start
185	if [ -f /etc/conf.d/cryptfs ]	184	ewend $? 'Failed to setup a mapping or swap device'
186	then
187	cryptfs_status=0
188
189	/bin/egrep '^(mount\|swap)' /etc/conf.d/cryptfs \| \
190	while read mountline
191	do
192	mount=
193	swap=
194	options=
195	pre_mount=
196
197	eval ${mountline}
198
199	if [ -n "${mount}" ]
200	then
201	target=${mount}
202	[ -z "${options}" ] && options='-c aes -h sha1'
203	elif [ -n "${swap}" ]
204	then
205	target=${swap}
206	[ -z "${options}" ] && options='-c aes -h sha1 -d /dev/urandom'
207	else
208	ewarn "Invalid line in /etc/conf.d/cryptomount: ${mountline}"
209	fi
210
211	! /bin/cryptsetup status ${target}\|egrep '\<active:' > /dev/null
212	configured=$?
213
214	if [ ${configured} -eq 0 ]
215	then
216	einfo "dm-crypt map ${target}"
217	if ! /bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
218	then
219	ewarn "Failure configuring ${target}"
220	cryptfs_status=1
221	else
222	if [ -n "${swap}" ]
223	then
224	[ -z "${pre_mount}" ] && pre_mount='mkswap ${dev}'
225	fi
226
227	if [ -n "${pre_mount}" ]
228	then
229	dev="/dev/mapper/${target}"
230	einfo " Running pre_mount commands on: ${target}"
231	if ! eval "${pre_mount}" > /dev/null
232	then
233	ewarn "Failed to run pre_mount commands on: ${target}"
234	cryptfs_status=1
235	fi
236	fi
237	fi
238	else
239	ewarn "dm-crypt mapping ${target} is already configured"
240	cryptfs_status=1
241	fi
242	done
243	fi
244	ewend ${cryptfs_status} 'Failed to setup a mapping or swap device.'
245		185
246	if [ -f /fastboot -o -n "${CDBOOT}" ]	186	if [ -f /fastboot -o -n "${CDBOOT}" ]
247	then	187	then
Lines 273-276 Link Here
273	fi	213	fi
274	}	214	}
275		215
		216	# Note: This function is exactly duplicated in localmount. If you change it
		217	# here, make sure to change it there also!
		218	dm-crypt-start() {
		219	local cryptfs_status=0
		220	local mountline mount swap options pre_mount post_mount source
		221	shopt -s extglob # for +(...) and friends
		222
		223	if [ -f /etc/conf.d/cryptfs ]; then
		224	while read mountline; do
		225	# skip comments and blank lines, ignoring leading w/s
		226	[[ ${mountline//[ ]/} == +(\#*\|) ]] && continue
		227
		228	# check for the start of a new mount/swap
		229	if [[ ${mountline} == +(mount=\|swap=) ]]; then
		230	# If we have a mount queued up, then execute it
		231	dm-crypt-execute
		232
		233	# Prepare for the next mount/swap by setting defaults
		234	unset mount swap options pre_mount post_mount source
		235	eval "${mountline}"
		236	if [[ -n ${mount} ]]; then
		237	options='-c aes -h sha1'
		238	elif [[ -n ${swap} ]]; then
		239	options='-c aes -h sha1 -d /dev/urandom'
		240	pre_mount='mkswap ${dev}'
		241	else
		242	# This should never happen...
		243	ewarn "Strange! /etc/conf.d/cryptfs: ${mountline}"
		244	fi
		245
		246	# Check for an invalid setting
		247	elif [[ ${mountline} != +(options=\|pre_mount=\|post_mount=\|source=) ]]; then
		248	ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}"
		249	continue
		250	elif [[ -z ${mount} && -z ${swap} ]]; then
		251	ewarn "Ignoring setting outside mount/swap section: ${mountline}"
		252	continue
		253	fi
		254
		255	# Queue this setting for the next call to dmcrypt-execute
		256	eval "${mountline}"
		257	done < /etc/conf.d/cryptfs
		258
		259	# If we have a mount queued up, then execute it
		260	dmcrypt-execute
		261	fi
		262
		263	return ${cryptfs_status}
		264	}
		265
		266	# Setup mappings for an individual mount/swap
		267	#
		268	# Note: This relies on variables localized in dm-crypt-start. This function
		269	# is quite different from the function by the same name in localmount...
		270	dm-crypt-execute() {
		271	local dev target
		272
		273	if [[ -n ${mount} ]]; then
		274	target=${mount}
		275	elif [[ -n ${swap} ]]; then
		276	target=${swap}
		277	else
		278	return
		279	fi
280
281	if /bin/cryptsetup status ${target} \| egrep -q '\<active:'; then
282	einfo "dm-crypt mapping ${target} is already configured"
283	return
284	fi
285
286	ebegin "dm-crypt map ${target}"
287	/bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
288	eend $? "failure running cryptsetup"
289	if [[ $? != 0 ]]; then
290	cryptfs_status=1
291	else
292	if [[ -n ${pre_mount} ]]; then
293	dev="/dev/mapper/${target}"
294	ebegin " Running pre_mount commands for ${target}"
295	eval "${pre_mount}" > /dev/null
296	ewend $? \|\| cryptfs_status=1
297	fi
298	fi
299	}
300
276	# vim:ts=4	301	# vim:ts=4

Lines 42-89 Link Here

(-)init.d/localmount (-35 / +78 lines)
42	/sbin/swapon -a &>/dev/null	42	/sbin/swapon -a &>/dev/null
43	eend 0	43	eend 0
44		44
45	# Run any post_mount commands for cryptfs	45	ebegin 'Running post_mount commands for dm-crypt'
		46	dm-crypt-start
		47	ewend $? 'Failed to run a post_mount command'
		48	}
46		49
47	if [ -f /etc/conf.d/cryptfs ]	50	# Note: This function is exactly duplicated in localmount. If you change it
48	then	51	# here, make sure to change it there also!
49	ebegin "Running post_mount commands for cryptfs"	52	dm-crypt-start() {
50		53	local cryptfs_status=0
51	/bin/egrep "^mount" /etc/conf.d/cryptfs \| \	54	local mountline mount swap options pre_mount post_mount source
52	while read mountline	55	shopt -s extglob # for +(...) and friends
53	do	56
54	mount=	57	if [ -f /etc/conf.d/cryptfs ]; then
55	mount_point=	58	while read mountline; do
56	post_mount=	59	# skip comments and blank lines, ignoring leading w/s
57		60	[[ ${mountline//[ ]/} == +(\#*\|) ]] && continue
58	eval ${mountline}	61
59		62	# check for the start of a new mount/swap
60	target=${mount}	63	if [[ ${mountline} == +(mount=\|swap=) ]]; then
61		64	# If we have a mount queued up, then execute it
62	! /bin/cryptsetup status ${target}\|egrep '\<active:' > /dev/null	65	dm-crypt-execute
63	configured=$?	66
64		67	# Prepare for the next mount/swap by setting defaults
65	if [ ${configured} -eq 1 ]	68	unset mount swap options pre_mount post_mount source
66	then	69	eval "${mountline}"
67	mount_point=`/bin/awk "/\/dev\/mapper\/${target}/ { print \\$2 }" /proc/mounts`	70	if [[ -n ${mount} ]]; then
68	if [ -n "${mount_point}" ]	71	options='-c aes -h sha1'
69	then	72	elif [[ -n ${swap} ]]; then
70	if [ -n "${post_mount}" ]	73	options='-c aes -h sha1 -d /dev/urandom'
71	then	74	pre_mount='mkswap ${dev}'
72	if ! eval "${post_mount}" > /dev/null
73	then
74	ewarn "Failed to run post_mount commands on: ${target}"
75	fi
76	fi
77	else	75	else
78	ewarn "Failed to find mount point to ${target}. Skipping"	76	# This should never happen...
		77	ewarn "Strange! /etc/conf.d/cryptfs: ${mountline}"
79	fi	78	fi
80	else	79
81	ewarn "Target ${target} wasn't mapped, skipping"	80	# Check for an invalid setting
		81	elif [[ ${mountline} != +(options=\|pre_mount=\|post_mount=\|source=) ]]; then
		82	ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}"
		83	continue
		84	elif [[ -z ${mount} && -z ${swap} ]]; then
		85	ewarn "Ignoring setting outside mount/swap section: ${mountline}"
		86	continue
82	fi	87	fi
83		88
84	done	89	# Queue this setting for the next call to dmcrypt-execute
		90	eval "${mountline}"
		91	done < /etc/conf.d/cryptfs
		92
		93	# If we have a mount queued up, then execute it
		94	dmcrypt-execute
85	fi	95	fi
		96
		97	return ${cryptfs_status}
86	}	98	}
87		99
		100	# Run any post_mount commands for an individual mount
		101	#
		102	# Note: This relies on variables localized in dm-crypt-start. This function
		103	# is quite different from the function by the same name in checkfs...
		104	dm-crypt-execute() {
		105	local mount_point target
		106
		107	if [[ -n ${mount} && -n ${post_mount} ]]; then
		108	target=${mount}
		109	else
		110	return
		111	fi
		112
		113	if ! /bin/cryptsetup status ${target} \| egrep -q '\<active:'; then
		114	ewarn "Skipping unmapped target ${target}"
		115	cryptfs_status=1
		116	return
		117	fi
		118
		119	mount_point=$(grep "/dev/mapper/${target}" /proc/mounts \| cut -d' ' -f2)
		120	if [[ -z ${mount_point} ]]; then
		121	ewarn "Failed to find mount point for ${target}, skipping"
		122	cryptfs_status=1
		123	fi
		124
		125	if [[ -n ${post_mount} ]]; then
		126	ebegin "Running post_mount commands for target ${target}"
		127	eval "${post_mount}" >/dev/null
		128	eend $? \|\| cryptfs_status=1
		129	fi
		130	}
88		131
89	# vim:ts=4	132	# vim:ts=4