Attachment #40114 for bug #43146




		eend $? "Failed to setup the LVM"
	fi


	ebegin 'Setting up dm-crypt mappings'
	dm-crypt-start
	ewend $? 'Failed to setup a mapping or swap device'
	then
		cryptfs_status=0

		/bin/egrep '^(mount|swap)' /etc/conf.d/cryptfs | \
		while read mountline
		do
			mount=
			swap=
			options=
			pre_mount=

			eval ${mountline}

			if [ -n "${mount}" ]
			then
				target=${mount}
				[ -z "${options}" ] && options='-c aes -h sha1'
			elif [ -n "${swap}" ]
			then
				target=${swap}
				[ -z "${options}" ] && options='-c aes -h sha1 -d /dev/urandom'
			else
				ewarn "Invalid line in /etc/conf.d/cryptomount: ${mountline}"
			fi

			! /bin/cryptsetup status ${target}|egrep '\<active:' > /dev/null
			configured=$?

			if [ ${configured} -eq 0 ]
			then
				einfo "dm-crypt map ${target}"
				if ! /bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
				then
					ewarn "Failure configuring ${target}"
					cryptfs_status=1
				else
					if [ -n "${swap}" ]
					then
						[ -z "${pre_mount}" ] && pre_mount='mkswap ${dev}'
					fi

					if [ -n "${pre_mount}" ]
					then
						dev="/dev/mapper/${target}"
						einfo "  Running pre_mount commands on: ${target}"
						if ! eval "${pre_mount}" > /dev/null
						then
							ewarn "Failed to run pre_mount commands on: ${target}"
							cryptfs_status=1
						fi
					fi
				fi
			else
				ewarn "dm-crypt mapping ${target} is already configured"
				cryptfs_status=1
			fi
		done
	fi
	ewend ${cryptfs_status} 'Failed to setup a mapping or swap device.'

	if [ -f /fastboot -o -n "${CDBOOT}" ]
	then

	fi
}

# Note: This function is exactly duplicated in localmount.  If you change it
# here, make sure to change it there also!
dm-crypt-start() {
	local cryptfs_status=0 
	local mountline mount swap options pre_mount post_mount source

	if [ -f /etc/conf.d/cryptfs ]; then
		while read mountline; do
			# skip comments and blank lines
			[[ ${mountline}\# == \#* ]] && continue

			# check for the start of a new mount/swap
			case ${mountline} in
				mount=*|swap=*)
					# If we have a mount queued up, then execute it
					dm-crypt-execute

					# Prepare for the next mount/swap by resetting variables
					unset mount swap options pre_mount post_mount source
					;;

				options=*|pre_mount=*|post_mount=*|source=*)
					if [[ -z ${mount} && -z ${swap} ]]; then
						ewarn "Ignoring setting outside mount/swap section: ${mountline}"
						continue
					fi
					;;

				*)
					ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}"
					;;
			esac

			# Queue this setting for the next call to dm-crypt-execute
			eval "${mountline}"
		done < /etc/conf.d/cryptfs

		# If we have a mount queued up, then execute it
		dm-crypt-execute
	fi

	return ${cryptfs_status}
}

# Setup mappings for an individual mount/swap
#
# Note: This relies on variables localized in dm-crypt-start.  This function
# is quite different from the function by the same name in localmount...
dm-crypt-execute() {
	local dev target

	if [[ -n ${mount} ]]; then
		target=${mount}
		: ${options:='-c aes -h sha1'}
	elif [[ -n ${swap} ]]; then
		target=${swap}
		: ${options:='-c aes -h sha1 -d /dev/urandom'}
		: ${pre_mount:='mkswap ${dev}'}
	else
		return
	fi

	if /bin/cryptsetup status ${target} | egrep -q '\<active:'; then
		einfo "dm-crypt mapping ${target} is already configured"
		return
	fi

	ebegin "dm-crypt map ${target}"
	/bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
	eend $? "failure running cryptsetup"
	if [[ $? != 0 ]]; then
		cryptfs_status=1
	else
		if [[ -n ${pre_mount} ]]; then
			dev="/dev/mapper/${target}"
			ebegin "  Running pre_mount commands for ${target}"
			eval "${pre_mount}" > /dev/null
			ewend $? || cryptfs_status=1
		fi
	fi
}

# vim:ts=4




	/sbin/swapon -a &>/dev/null
	eend 0

	ebegin 'Running post_mount commands for dm-crypt'
	dm-crypt-start
	ewend $? 'Failed to run a post_mount command'
}

# Note: This function is exactly duplicated in localmount.  If you change it
# here, make sure to change it there also!
dm-crypt-start() {
	local cryptfs_status=0 
	local mountline mount swap options pre_mount post_mount source

	if [ -f /etc/conf.d/cryptfs ]; then
		while read mountline; do
			# skip comments and blank lines
			[[ ${mountline}\# == \#* ]] && continue

			# check for the start of a new mount/swap
			case ${mountline} in
				mount=*|swap=*)
					# If we have a mount queued up, then execute it
					dm-crypt-execute

					# Prepare for the next mount/swap by resetting variables
					unset mount swap options pre_mount post_mount source
					;;

				options=*|pre_mount=*|post_mount=*|source=*)
					if [[ -z ${mount} && -z ${swap} ]]; then
						ewarn "Ignoring setting outside mount/swap section: ${mountline}"
						continue
						if ! eval "${post_mount}" > /dev/null
						then
							ewarn "Failed to run post_mount commands on: ${target}"
						fi
					fi
					;;

				*)
					ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}"
					;;
			esac

			# Queue this setting for the next call to dm-crypt-execute
			eval "${mountline}"
		done < /etc/conf.d/cryptfs

		# If we have a mount queued up, then execute it
		dm-crypt-execute
	fi

	return ${cryptfs_status}
}

# Run any post_mount commands for an individual mount
#
# Note: This relies on variables localized in dm-crypt-start.  This function
# is quite different from the function by the same name in checkfs...
dm-crypt-execute() {
	local mount_point target

	if [[ -n ${mount} && -n ${post_mount} ]]; then
		target=${mount}
	else
		return
	fi

	if ! /bin/cryptsetup status ${target} | egrep -q '\<active:'; then
		ewarn "Skipping unmapped target ${target}"
		cryptfs_status=1
		return
	fi

	mount_point=$(grep "/dev/mapper/${target}" /proc/mounts | cut -d' ' -f2)
	if [[ -z ${mount_point} ]]; then
		ewarn "Failed to find mount point for ${target}, skipping"
		cryptfs_status=1
	fi

	if [[ -n ${post_mount} ]]; then
		ebegin "Running post_mount commands for target ${target}"
		eval "${post_mount}" >/dev/null
		eend $? || cryptfs_status=1
	fi
}

# vim:ts=4

Return to bug 43146

Lines 179-247 Link Here

(-)init.d/checkfs (-62 / +84 lines)
179	eend $? "Failed to setup the LVM"	179	eend $? "Failed to setup the LVM"
180	fi	180	fi
181		181
182
183	ebegin 'Setting up dm-crypt mappings'	182	ebegin 'Setting up dm-crypt mappings'
184		183	dm-crypt-start
185	if [ -f /etc/conf.d/cryptfs ]	184	ewend $? 'Failed to setup a mapping or swap device'
186	then
187	cryptfs_status=0
188
189	/bin/egrep '^(mount\|swap)' /etc/conf.d/cryptfs \| \
190	while read mountline
191	do
192	mount=
193	swap=
194	options=
195	pre_mount=
196
197	eval ${mountline}
198
199	if [ -n "${mount}" ]
200	then
201	target=${mount}
202	[ -z "${options}" ] && options='-c aes -h sha1'
203	elif [ -n "${swap}" ]
204	then
205	target=${swap}
206	[ -z "${options}" ] && options='-c aes -h sha1 -d /dev/urandom'
207	else
208	ewarn "Invalid line in /etc/conf.d/cryptomount: ${mountline}"
209	fi
210
211	! /bin/cryptsetup status ${target}\|egrep '\<active:' > /dev/null
212	configured=$?
213
214	if [ ${configured} -eq 0 ]
215	then
216	einfo "dm-crypt map ${target}"
217	if ! /bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
218	then
219	ewarn "Failure configuring ${target}"
220	cryptfs_status=1
221	else
222	if [ -n "${swap}" ]
223	then
224	[ -z "${pre_mount}" ] && pre_mount='mkswap ${dev}'
225	fi
226
227	if [ -n "${pre_mount}" ]
228	then
229	dev="/dev/mapper/${target}"
230	einfo " Running pre_mount commands on: ${target}"
231	if ! eval "${pre_mount}" > /dev/null
232	then
233	ewarn "Failed to run pre_mount commands on: ${target}"
234	cryptfs_status=1
235	fi
236	fi
237	fi
238	else
239	ewarn "dm-crypt mapping ${target} is already configured"
240	cryptfs_status=1
241	fi
242	done
243	fi
244	ewend ${cryptfs_status} 'Failed to setup a mapping or swap device.'
245		185
246	if [ -f /fastboot -o -n "${CDBOOT}" ]	186	if [ -f /fastboot -o -n "${CDBOOT}" ]
247	then	187	then
Lines 273-276 Link Here
273	fi	213	fi
274	}	214	}
275		215
		216	# Note: This function is exactly duplicated in localmount. If you change it
		217	# here, make sure to change it there also!
		218	dm-crypt-start() {
		219	local cryptfs_status=0
		220	local mountline mount swap options pre_mount post_mount source
		221
		222	if [ -f /etc/conf.d/cryptfs ]; then
		223	while read mountline; do
		224	# skip comments and blank lines
		225	[[ ${mountline}\# == \#* ]] && continue
		226
		227	# check for the start of a new mount/swap
		228	case ${mountline} in
		229	mount=\|swap=)
		230	# If we have a mount queued up, then execute it
		231	dm-crypt-execute
		232
		233	# Prepare for the next mount/swap by resetting variables
		234	unset mount swap options pre_mount post_mount source
		235	;;
		236
		237	options=\|pre_mount=\|post_mount=\|source=)
		238	if [[ -z ${mount} && -z ${swap} ]]; then
		239	ewarn "Ignoring setting outside mount/swap section: ${mountline}"
		240	continue
		241	fi
		242	;;
		243
		244	*)
		245	ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}"
		246	;;
		247	esac
		248
		249	# Queue this setting for the next call to dm-crypt-execute
		250	eval "${mountline}"
		251	done < /etc/conf.d/cryptfs
		252
		253	# If we have a mount queued up, then execute it
		254	dm-crypt-execute
		255	fi
		256
		257	return ${cryptfs_status}
		258	}
		259
		260	# Setup mappings for an individual mount/swap
		261	#
		262	# Note: This relies on variables localized in dm-crypt-start. This function
		263	# is quite different from the function by the same name in localmount...
		264	dm-crypt-execute() {
		265	local dev target
		266
		267	if [[ -n ${mount} ]]; then
		268	target=${mount}
		269	: ${options:='-c aes -h sha1'}
		270	elif [[ -n ${swap} ]]; then
		271	target=${swap}
		272	: ${options:='-c aes -h sha1 -d /dev/urandom'}
		273	: ${pre_mount:='mkswap ${dev}'}
		274	else
		275	return
		276	fi
		277
		278	if /bin/cryptsetup status ${target} \| egrep -q '\<active:'; then
		279	einfo "dm-crypt mapping ${target} is already configured"
280	return
281	fi
282
283	ebegin "dm-crypt map ${target}"
284	/bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
285	eend $? "failure running cryptsetup"
286	if [[ $? != 0 ]]; then
287	cryptfs_status=1
288	else
289	if [[ -n ${pre_mount} ]]; then
290	dev="/dev/mapper/${target}"
291	ebegin " Running pre_mount commands for ${target}"
292	eval "${pre_mount}" > /dev/null
293	ewend $? \|\| cryptfs_status=1
294	fi
295	fi
296	}
297
276	# vim:ts=4	298	# vim:ts=4

Lines 42-89 Link Here

(-)init.d/localmount (-37 / +74 lines)
42	/sbin/swapon -a &>/dev/null	42	/sbin/swapon -a &>/dev/null
43	eend 0	43	eend 0
44		44
45	# Run any post_mount commands for cryptfs	45	ebegin 'Running post_mount commands for dm-crypt'
		46	dm-crypt-start
		47	ewend $? 'Failed to run a post_mount command'
		48	}
46		49
47	if [ -f /etc/conf.d/cryptfs ]	50	# Note: This function is exactly duplicated in localmount. If you change it
48	then	51	# here, make sure to change it there also!
49	ebegin "Running post_mount commands for cryptfs"	52	dm-crypt-start() {
50		53	local cryptfs_status=0
51	/bin/egrep "^mount" /etc/conf.d/cryptfs \| \	54	local mountline mount swap options pre_mount post_mount source
52	while read mountline	55
53	do	56	if [ -f /etc/conf.d/cryptfs ]; then
54	mount=	57	while read mountline; do
55	mount_point=	58	# skip comments and blank lines
56	post_mount=	59	[[ ${mountline}\# == \#* ]] && continue
57		60
58	eval ${mountline}	61	# check for the start of a new mount/swap
59		62	case ${mountline} in
60	target=${mount}	63	mount=\|swap=)
61		64	# If we have a mount queued up, then execute it
62	! /bin/cryptsetup status ${target}\|egrep '\<active:' > /dev/null	65	dm-crypt-execute
63	configured=$?	66
64		67	# Prepare for the next mount/swap by resetting variables
65	if [ ${configured} -eq 1 ]	68	unset mount swap options pre_mount post_mount source
66	then	69	;;
67	mount_point=`/bin/awk "/\/dev\/mapper\/${target}/ { print \\$2 }" /proc/mounts`	70
68	if [ -n "${mount_point}" ]	71	options=\|pre_mount=\|post_mount=\|source=)
69	then	72	if [[ -z ${mount} && -z ${swap} ]]; then
70	if [ -n "${post_mount}" ]	73	ewarn "Ignoring setting outside mount/swap section: ${mountline}"
71	then	74	continue
72	if ! eval "${post_mount}" > /dev/null
73	then
74	ewarn "Failed to run post_mount commands on: ${target}"
75	fi
76	fi	75	fi
77	else	76	;;
78	ewarn "Failed to find mount point to ${target}. Skipping"	77
79	fi	78	*)
80	else	79	ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}"
81	ewarn "Target ${target} wasn't mapped, skipping"	80	;;
82	fi	81	esac
		82
		83	# Queue this setting for the next call to dm-crypt-execute
		84	eval "${mountline}"
		85	done < /etc/conf.d/cryptfs
83		86
84	done	87	# If we have a mount queued up, then execute it
		88	dm-crypt-execute
85	fi	89	fi
		90
		91	return ${cryptfs_status}
86	}	92	}
87		93
		94	# Run any post_mount commands for an individual mount
		95	#
		96	# Note: This relies on variables localized in dm-crypt-start. This function
		97	# is quite different from the function by the same name in checkfs...
		98	dm-crypt-execute() {
		99	local mount_point target
		100
		101	if [[ -n ${mount} && -n ${post_mount} ]]; then
		102	target=${mount}
		103	else
		104	return
		105	fi
		106
		107	if ! /bin/cryptsetup status ${target} \| egrep -q '\<active:'; then
		108	ewarn "Skipping unmapped target ${target}"
		109	cryptfs_status=1
		110	return
		111	fi
		112
		113	mount_point=$(grep "/dev/mapper/${target}" /proc/mounts \| cut -d' ' -f2)
		114	if [[ -z ${mount_point} ]]; then
		115	ewarn "Failed to find mount point for ${target}, skipping"
		116	cryptfs_status=1
		117	fi
		118
		119	if [[ -n ${post_mount} ]]; then
		120	ebegin "Running post_mount commands for target ${target}"
		121	eval "${post_mount}" >/dev/null
		122	eend $? \|\| cryptfs_status=1
		123	fi
		124	}
88		125
89	# vim:ts=4	126	# vim:ts=4