Lines 179-247
Link Here
|
179 |
eend $? "Failed to setup the LVM" |
179 |
eend $? "Failed to setup the LVM" |
180 |
fi |
180 |
fi |
181 |
|
181 |
|
182 |
|
|
|
183 |
ebegin 'Setting up dm-crypt mappings' |
182 |
ebegin 'Setting up dm-crypt mappings' |
184 |
|
183 |
dm-crypt-start |
185 |
if [ -f /etc/conf.d/cryptfs ] |
184 |
ewend $? 'Failed to setup a mapping or swap device' |
186 |
then |
|
|
187 |
cryptfs_status=0 |
188 |
|
189 |
/bin/egrep '^(mount|swap)' /etc/conf.d/cryptfs | \ |
190 |
while read mountline |
191 |
do |
192 |
mount= |
193 |
swap= |
194 |
options= |
195 |
pre_mount= |
196 |
|
197 |
eval ${mountline} |
198 |
|
199 |
if [ -n "${mount}" ] |
200 |
then |
201 |
target=${mount} |
202 |
[ -z "${options}" ] && options='-c aes -h sha1' |
203 |
elif [ -n "${swap}" ] |
204 |
then |
205 |
target=${swap} |
206 |
[ -z "${options}" ] && options='-c aes -h sha1 -d /dev/urandom' |
207 |
else |
208 |
ewarn "Invalid line in /etc/conf.d/cryptomount: ${mountline}" |
209 |
fi |
210 |
|
211 |
! /bin/cryptsetup status ${target}|egrep '\<active:' > /dev/null |
212 |
configured=$? |
213 |
|
214 |
if [ ${configured} -eq 0 ] |
215 |
then |
216 |
einfo "dm-crypt map ${target}" |
217 |
if ! /bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console |
218 |
then |
219 |
ewarn "Failure configuring ${target}" |
220 |
cryptfs_status=1 |
221 |
else |
222 |
if [ -n "${swap}" ] |
223 |
then |
224 |
[ -z "${pre_mount}" ] && pre_mount='mkswap ${dev}' |
225 |
fi |
226 |
|
227 |
if [ -n "${pre_mount}" ] |
228 |
then |
229 |
dev="/dev/mapper/${target}" |
230 |
einfo " Running pre_mount commands on: ${target}" |
231 |
if ! eval "${pre_mount}" > /dev/null |
232 |
then |
233 |
ewarn "Failed to run pre_mount commands on: ${target}" |
234 |
cryptfs_status=1 |
235 |
fi |
236 |
fi |
237 |
fi |
238 |
else |
239 |
ewarn "dm-crypt mapping ${target} is already configured" |
240 |
cryptfs_status=1 |
241 |
fi |
242 |
done |
243 |
fi |
244 |
ewend ${cryptfs_status} 'Failed to setup a mapping or swap device.' |
245 |
|
185 |
|
246 |
if [ -f /fastboot -o -n "${CDBOOT}" ] |
186 |
if [ -f /fastboot -o -n "${CDBOOT}" ] |
247 |
then |
187 |
then |
Lines 273-276
Link Here
|
273 |
fi |
213 |
fi |
274 |
} |
214 |
} |
275 |
|
215 |
|
|
|
216 |
# Note: This function is exactly duplicated in localmount. If you change it |
217 |
# here, make sure to change it there also! |
218 |
dm-crypt-start() { |
219 |
local cryptfs_status=0 |
220 |
local mountline mount swap options pre_mount post_mount source |
221 |
shopt -s extglob # for +(...) and friends |
222 |
|
223 |
if [ -f /etc/conf.d/cryptfs ]; then |
224 |
while read mountline; do |
225 |
# skip comments and blank lines, ignoring leading w/s |
226 |
[[ ${mountline//[ ]/} == +(\#*|) ]] && continue |
227 |
|
228 |
# check for the start of a new mount/swap |
229 |
if [[ ${mountline} == +(mount=*|swap=*) ]]; then |
230 |
# If we have a mount queued up, then execute it |
231 |
dm-crypt-execute |
232 |
|
233 |
# Prepare for the next mount/swap by setting defaults |
234 |
unset mount swap options pre_mount post_mount source |
235 |
eval "${mountline}" |
236 |
|
237 |
# Check for an invalid setting |
238 |
elif [[ ${mountline} != +(options=*|pre_mount=*|post_mount=*|source=*) ]]; then |
239 |
ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}" |
240 |
continue |
241 |
elif [[ -z ${mount} && -z ${swap} ]]; then |
242 |
ewarn "Ignoring setting outside mount/swap section: ${mountline}" |
243 |
continue |
244 |
fi |
245 |
|
246 |
# Queue this setting for the next call to dmcrypt-execute |
247 |
eval "${mountline}" |
248 |
done < /etc/conf.d/cryptfs |
249 |
|
250 |
# If we have a mount queued up, then execute it |
251 |
dmcrypt-execute |
252 |
fi |
253 |
|
254 |
return ${cryptfs_status} |
255 |
} |
256 |
|
257 |
# Setup mappings for an individual mount/swap |
258 |
# |
259 |
# Note: This relies on variables localized in dm-crypt-start. This function |
260 |
# is quite different from the function by the same name in localmount... |
261 |
dm-crypt-execute() { |
262 |
local dev target |
263 |
|
264 |
if [[ -n ${mount} ]]; then |
265 |
target=${mount} |
266 |
: ${options:='-c aes -h sha1'} |
267 |
elif [[ -n ${swap} ]]; then |
268 |
target=${swap} |
269 |
: ${options:='-c aes -h sha1 -d /dev/urandom'} |
270 |
: ${pre_mount:='mkswap ${dev}'} |
271 |
else |
272 |
return |
273 |
fi |
274 |
|
275 |
if /bin/cryptsetup status ${target} | egrep -q '\<active:'; then |
276 |
einfo "dm-crypt mapping ${target} is already configured" |
277 |
return |
278 |
fi |
279 |
|
280 |
ebegin "dm-crypt map ${target}" |
281 |
/bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console |
282 |
eend $? "failure running cryptsetup" |
283 |
if [[ $? != 0 ]]; then |
284 |
cryptfs_status=1 |
285 |
else |
286 |
if [[ -n ${pre_mount} ]]; then |
287 |
dev="/dev/mapper/${target}" |
288 |
ebegin " Running pre_mount commands for ${target}" |
289 |
eval "${pre_mount}" > /dev/null |
290 |
ewend $? || cryptfs_status=1 |
291 |
fi |
292 |
fi |
293 |
} |
294 |
|
276 |
# vim:ts=4 |
295 |
# vim:ts=4 |