Attachment #40037 for bug #43146




		eend $? "Failed to setup the LVM"
	fi


	ebegin 'Setting up dm-crypt mappings'
	dm-crypt-start
	ewend $? 'Failed to setup a mapping or swap device'
	then
		cryptfs_status=0

		/bin/egrep '^(mount|swap)' /etc/conf.d/cryptfs | \
		while read mountline
		do
			mount=
			swap=
			options=
			pre_mount=

			eval ${mountline}

			if [ -n "${mount}" ]
			then
				target=${mount}
				[ -z "${options}" ] && options='-c aes -h sha1'
			elif [ -n "${swap}" ]
			then
				target=${swap}
				[ -z "${options}" ] && options='-c aes -h sha1 -d /dev/urandom'
			else
				ewarn "Invalid line in /etc/conf.d/cryptomount: ${mountline}"
			fi

			! /bin/cryptsetup status ${target}|egrep '\<active:' > /dev/null
			configured=$?

			if [ ${configured} -eq 0 ]
			then
				einfo "dm-crypt map ${target}"
				if ! /bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
				then
					ewarn "Failure configuring ${target}"
					cryptfs_status=1
				else
					if [ -n "${swap}" ]
					then
						[ -z "${pre_mount}" ] && pre_mount='mkswap ${dev}'
					fi

					if [ -n "${pre_mount}" ]
					then
						dev="/dev/mapper/${target}"
						einfo "  Running pre_mount commands on: ${target}"
						if ! eval "${pre_mount}" > /dev/null
						then
							ewarn "Failed to run pre_mount commands on: ${target}"
							cryptfs_status=1
						fi
					fi
				fi
			else
				ewarn "dm-crypt mapping ${target} is already configured"
				cryptfs_status=1
			fi
		done
	fi
	ewend ${cryptfs_status} 'Failed to setup a mapping or swap device.'

	if [ -f /fastboot -o -n "${CDBOOT}" ]
	then

	fi
}

# Note: This function is exactly duplicated in localmount.  If you change it
# here, make sure to change it there also!
dm-crypt-start() {
	local cryptfs_status=0 
	local mountline mount swap options pre_mount post_mount source
	shopt -s extglob	# for +(...) and friends

	if [ -f /etc/conf.d/cryptfs ]; then
		while read mountline; do
			# skip comments and blank lines, ignoring leading w/s
			[[ ${mountline//[ 	]/} == +(\#*|) ]] && continue

			# check for the start of a new mount/swap
			if [[ ${mountline} == +(mount=*|swap=*) ]]; then
				# If we have a mount queued up, then execute it
				dm-crypt-execute

				# Prepare for the next mount/swap by setting defaults
				unset mount swap options pre_mount post_mount source
				eval "${mountline}"

			# Check for an invalid setting
			elif [[ ${mountline} != +(options=*|pre_mount=*|post_mount=*|source=*) ]]; then
				ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}"
				continue
			elif [[ -z ${mount} && -z ${swap} ]]; then
				ewarn "Ignoring setting outside mount/swap section: ${mountline}"
				continue
			fi

			# Queue this setting for the next call to dmcrypt-execute
			eval "${mountline}"
		done < /etc/conf.d/cryptfs

		# If we have a mount queued up, then execute it
		dmcrypt-execute
	fi

	return ${cryptfs_status}
}

# Setup mappings for an individual mount/swap
#
# Note: This relies on variables localized in dm-crypt-start.  This function
# is quite different from the function by the same name in localmount...
dm-crypt-execute() {
	local dev target

	if [[ -n ${mount} ]]; then
		target=${mount}
		: ${options:='-c aes -h sha1'}
	elif [[ -n ${swap} ]]; then
		target=${swap}
		: ${options:='-c aes -h sha1 -d /dev/urandom'}
		: ${pre_mount:='mkswap ${dev}'}
	else
		return
	fi

	if /bin/cryptsetup status ${target} | egrep -q '\<active:'; then
		einfo "dm-crypt mapping ${target} is already configured"
		return
	fi

	ebegin "dm-crypt map ${target}"
	/bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
	eend $? "failure running cryptsetup"
	if [[ $? != 0 ]]; then
		cryptfs_status=1
	else
		if [[ -n ${pre_mount} ]]; then
			dev="/dev/mapper/${target}"
			ebegin "  Running pre_mount commands for ${target}"
			eval "${pre_mount}" > /dev/null
			ewend $? || cryptfs_status=1
		fi
	fi
}

# vim:ts=4




	/sbin/swapon -a &>/dev/null
	eend 0

	ebegin 'Running post_mount commands for dm-crypt'
	dm-crypt-start
	ewend $? 'Failed to run a post_mount command'
}

# Note: This function is exactly duplicated in localmount.  If you change it
# here, make sure to change it there also!
dm-crypt-start() {
	local cryptfs_status=0 
	local mountline mount swap options pre_mount post_mount source
	shopt -s extglob	# for +(...) and friends

	if [ -f /etc/conf.d/cryptfs ]; then
		while read mountline; do
			# skip comments and blank lines, ignoring leading w/s
			[[ ${mountline//[ 	]/} == +(\#*|) ]] && continue

			# check for the start of a new mount/swap
			if [[ ${mountline} == +(mount=*|swap=*) ]]; then
				# If we have a mount queued up, then execute it
				dm-crypt-execute

				# Prepare for the next mount/swap by setting defaults
				unset mount swap options pre_mount post_mount source
				eval "${mountline}"

			# Check for an invalid setting
			elif [[ ${mountline} != +(options=*|pre_mount=*|post_mount=*|source=*) ]]; then
				ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}"
				continue
			elif [[ -z ${mount} && -z ${swap} ]]; then
				ewarn "Ignoring setting outside mount/swap section: ${mountline}"
				continue
						fi
					fi
				else
					ewarn "Failed to find mount point to ${target}. Skipping"
				fi
			else
				ewarn "Target ${target} wasn't mapped, skipping"
			fi

			# Queue this setting for the next call to dmcrypt-execute
			eval "${mountline}"
		done < /etc/conf.d/cryptfs

		# If we have a mount queued up, then execute it
		dmcrypt-execute
	fi

	return ${cryptfs_status}
}

# Run any post_mount commands for an individual mount
#
# Note: This relies on variables localized in dm-crypt-start.  This function
# is quite different from the function by the same name in checkfs...
dm-crypt-execute() {
	local mount_point target

	if [[ -n ${mount} && -n ${post_mount} ]]; then
		target=${mount}
	else
		return
	fi

	if ! /bin/cryptsetup status ${target} | egrep -q '\<active:'; then
		ewarn "Skipping unmapped target ${target}"
		cryptfs_status=1
		return
	fi

	mount_point=$(grep "/dev/mapper/${target}" /proc/mounts | cut -d' ' -f2)
	if [[ -z ${mount_point} ]]; then
		ewarn "Failed to find mount point for ${target}, skipping"
		cryptfs_status=1
	fi

	if [[ -n ${post_mount} ]]; then
		ebegin "Running post_mount commands for target ${target}"
		eval "${post_mount}" >/dev/null
		eend $? || cryptfs_status=1
	fi
}

# vim:ts=4

Return to bug 43146

Lines 179-247 Link Here

(-)init.d/checkfs (-62 / +81 lines)
179	eend $? "Failed to setup the LVM"	179	eend $? "Failed to setup the LVM"
180	fi	180	fi
181		181
182
183	ebegin 'Setting up dm-crypt mappings'	182	ebegin 'Setting up dm-crypt mappings'
184		183	dm-crypt-start
185	if [ -f /etc/conf.d/cryptfs ]	184	ewend $? 'Failed to setup a mapping or swap device'
186	then
187	cryptfs_status=0
188
189	/bin/egrep '^(mount\|swap)' /etc/conf.d/cryptfs \| \
190	while read mountline
191	do
192	mount=
193	swap=
194	options=
195	pre_mount=
196
197	eval ${mountline}
198
199	if [ -n "${mount}" ]
200	then
201	target=${mount}
202	[ -z "${options}" ] && options='-c aes -h sha1'
203	elif [ -n "${swap}" ]
204	then
205	target=${swap}
206	[ -z "${options}" ] && options='-c aes -h sha1 -d /dev/urandom'
207	else
208	ewarn "Invalid line in /etc/conf.d/cryptomount: ${mountline}"
209	fi
210
211	! /bin/cryptsetup status ${target}\|egrep '\<active:' > /dev/null
212	configured=$?
213
214	if [ ${configured} -eq 0 ]
215	then
216	einfo "dm-crypt map ${target}"
217	if ! /bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
218	then
219	ewarn "Failure configuring ${target}"
220	cryptfs_status=1
221	else
222	if [ -n "${swap}" ]
223	then
224	[ -z "${pre_mount}" ] && pre_mount='mkswap ${dev}'
225	fi
226
227	if [ -n "${pre_mount}" ]
228	then
229	dev="/dev/mapper/${target}"
230	einfo " Running pre_mount commands on: ${target}"
231	if ! eval "${pre_mount}" > /dev/null
232	then
233	ewarn "Failed to run pre_mount commands on: ${target}"
234	cryptfs_status=1
235	fi
236	fi
237	fi
238	else
239	ewarn "dm-crypt mapping ${target} is already configured"
240	cryptfs_status=1
241	fi
242	done
243	fi
244	ewend ${cryptfs_status} 'Failed to setup a mapping or swap device.'
245		185
246	if [ -f /fastboot -o -n "${CDBOOT}" ]	186	if [ -f /fastboot -o -n "${CDBOOT}" ]
247	then	187	then
Lines 273-276 Link Here
273	fi	213	fi
274	}	214	}
275		215
		216	# Note: This function is exactly duplicated in localmount. If you change it
		217	# here, make sure to change it there also!
		218	dm-crypt-start() {
		219	local cryptfs_status=0
		220	local mountline mount swap options pre_mount post_mount source
		221	shopt -s extglob # for +(...) and friends
		222
		223	if [ -f /etc/conf.d/cryptfs ]; then
		224	while read mountline; do
		225	# skip comments and blank lines, ignoring leading w/s
		226	[[ ${mountline//[ ]/} == +(\#*\|) ]] && continue
		227
		228	# check for the start of a new mount/swap
		229	if [[ ${mountline} == +(mount=\|swap=) ]]; then
		230	# If we have a mount queued up, then execute it
		231	dm-crypt-execute
		232
		233	# Prepare for the next mount/swap by setting defaults
		234	unset mount swap options pre_mount post_mount source
		235	eval "${mountline}"
		236
		237	# Check for an invalid setting
		238	elif [[ ${mountline} != +(options=\|pre_mount=\|post_mount=\|source=) ]]; then
		239	ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}"
		240	continue
		241	elif [[ -z ${mount} && -z ${swap} ]]; then
		242	ewarn "Ignoring setting outside mount/swap section: ${mountline}"
		243	continue
		244	fi
		245
		246	# Queue this setting for the next call to dmcrypt-execute
		247	eval "${mountline}"
		248	done < /etc/conf.d/cryptfs
		249
		250	# If we have a mount queued up, then execute it
		251	dmcrypt-execute
		252	fi
		253
		254	return ${cryptfs_status}
		255	}
		256
		257	# Setup mappings for an individual mount/swap
		258	#
		259	# Note: This relies on variables localized in dm-crypt-start. This function
		260	# is quite different from the function by the same name in localmount...
		261	dm-crypt-execute() {
		262	local dev target
		263
		264	if [[ -n ${mount} ]]; then
		265	target=${mount}
		266	: ${options:='-c aes -h sha1'}
		267	elif [[ -n ${swap} ]]; then
		268	target=${swap}
		269	: ${options:='-c aes -h sha1 -d /dev/urandom'}
		270	: ${pre_mount:='mkswap ${dev}'}
		271	else
		272	return
		273	fi
		274
		275	if /bin/cryptsetup status ${target} \| egrep -q '\<active:'; then
		276	einfo "dm-crypt mapping ${target} is already configured"
		277	return
		278	fi
		279
280	ebegin "dm-crypt map ${target}"
281	/bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
282	eend $? "failure running cryptsetup"
283	if [[ $? != 0 ]]; then
284	cryptfs_status=1
285	else
286	if [[ -n ${pre_mount} ]]; then
287	dev="/dev/mapper/${target}"
288	ebegin " Running pre_mount commands for ${target}"
289	eval "${pre_mount}" > /dev/null
290	ewend $? \|\| cryptfs_status=1
291	fi
292	fi
293	}
294
276	# vim:ts=4	295	# vim:ts=4

Lines 42-89 Link Here

(-)init.d/localmount (-37 / +71 lines)
42	/sbin/swapon -a &>/dev/null	42	/sbin/swapon -a &>/dev/null
43	eend 0	43	eend 0
44		44
45	# Run any post_mount commands for cryptfs	45	ebegin 'Running post_mount commands for dm-crypt'
		46	dm-crypt-start
		47	ewend $? 'Failed to run a post_mount command'
		48	}
46		49
47	if [ -f /etc/conf.d/cryptfs ]	50	# Note: This function is exactly duplicated in localmount. If you change it
48	then	51	# here, make sure to change it there also!
49	ebegin "Running post_mount commands for cryptfs"	52	dm-crypt-start() {
50		53	local cryptfs_status=0
51	/bin/egrep "^mount" /etc/conf.d/cryptfs \| \	54	local mountline mount swap options pre_mount post_mount source
52	while read mountline	55	shopt -s extglob # for +(...) and friends
53	do	56
54	mount=	57	if [ -f /etc/conf.d/cryptfs ]; then
55	mount_point=	58	while read mountline; do
56	post_mount=	59	# skip comments and blank lines, ignoring leading w/s
57		60	[[ ${mountline//[ ]/} == +(\#*\|) ]] && continue
58	eval ${mountline}	61
59		62	# check for the start of a new mount/swap
60	target=${mount}	63	if [[ ${mountline} == +(mount=\|swap=) ]]; then
61		64	# If we have a mount queued up, then execute it
62	! /bin/cryptsetup status ${target}\|egrep '\<active:' > /dev/null	65	dm-crypt-execute
63	configured=$?	66
64		67	# Prepare for the next mount/swap by setting defaults
65	if [ ${configured} -eq 1 ]	68	unset mount swap options pre_mount post_mount source
66	then	69	eval "${mountline}"
67	mount_point=`/bin/awk "/\/dev\/mapper\/${target}/ { print \\$2 }" /proc/mounts`	70
68	if [ -n "${mount_point}" ]	71	# Check for an invalid setting
69	then	72	elif [[ ${mountline} != +(options=\|pre_mount=\|post_mount=\|source=) ]]; then
70	if [ -n "${post_mount}" ]	73	ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}"
71	then	74	continue
72	if ! eval "${post_mount}" > /dev/null	75	elif [[ -z ${mount} && -z ${swap} ]]; then
73	then	76	ewarn "Ignoring setting outside mount/swap section: ${mountline}"
74	ewarn "Failed to run post_mount commands on: ${target}"	77	continue
75	fi
76	fi
77	else
78	ewarn "Failed to find mount point to ${target}. Skipping"
79	fi
80	else
81	ewarn "Target ${target} wasn't mapped, skipping"
82	fi	78	fi
83		79
84	done	80	# Queue this setting for the next call to dmcrypt-execute
		81	eval "${mountline}"
		82	done < /etc/conf.d/cryptfs
		83
		84	# If we have a mount queued up, then execute it
		85	dmcrypt-execute
85	fi	86	fi
		87
		88	return ${cryptfs_status}
86	}	89	}
87		90
		91	# Run any post_mount commands for an individual mount
		92	#
		93	# Note: This relies on variables localized in dm-crypt-start. This function
		94	# is quite different from the function by the same name in checkfs...
		95	dm-crypt-execute() {
		96	local mount_point target
		97
		98	if [[ -n ${mount} && -n ${post_mount} ]]; then
		99	target=${mount}
		100	else
		101	return
		102	fi
		103
		104	if ! /bin/cryptsetup status ${target} \| egrep -q '\<active:'; then
		105	ewarn "Skipping unmapped target ${target}"
		106	cryptfs_status=1
		107	return
		108	fi
		109
		110	mount_point=$(grep "/dev/mapper/${target}" /proc/mounts \| cut -d' ' -f2)
		111	if [[ -z ${mount_point} ]]; then
		112	ewarn "Failed to find mount point for ${target}, skipping"
		113	cryptfs_status=1
		114	fi
		115
		116	if [[ -n ${post_mount} ]]; then
		117	ebegin "Running post_mount commands for target ${target}"
		118	eval "${post_mount}" >/dev/null
		119	eend $? \|\| cryptfs_status=1
		120	fi
		121	}
88		122
89	# vim:ts=4	123	# vim:ts=4