Lines 176-182
dm_crypt_execute() {
Link Here
|
176 |
if [ "${mode}" = "gpg" ] ; then |
176 |
if [ "${mode}" = "gpg" ] ; then |
177 |
: ${gpg_options:='-q -d'} |
177 |
: ${gpg_options:='-q -d'} |
178 |
# gpg available ? |
178 |
# gpg available ? |
179 |
if command -v gpg >/dev/null ; then |
179 |
if command -v gpg >/dev/null && command -v gpg-agent >/dev/null; then |
|
|
180 |
eval "$(gpg-agent --daemon)" |
180 |
i=0 |
181 |
i=0 |
181 |
while [ ${i} -lt ${dmcrypt_retries} ] ; do |
182 |
while [ ${i} -lt ${dmcrypt_retries} ] ; do |
182 |
# paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected. |
183 |
# paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected. |
Lines 189-194
dm_crypt_execute() {
Link Here
|
189 |
: $(( i += 1 )) |
190 |
: $(( i += 1 )) |
190 |
done |
191 |
done |
191 |
eend ${ret} "failure running cryptsetup" |
192 |
eend ${ret} "failure running cryptsetup" |
|
|
193 |
kill $(echo ${GPG_AGENT_INFO} | cut -d':' -f 2) >/dev/null 2>&1 |
192 |
else |
194 |
else |
193 |
ewarn "${source} will not be decrypted ..." |
195 |
ewarn "${source} will not be decrypted ..." |
194 |
einfo "Reason: cannot find gpg application." |
196 |
einfo "Reason: cannot find gpg application." |
Lines 240-245
start() {
Link Here
|
240 |
local header=true cryptfs_status=0 |
242 |
local header=true cryptfs_status=0 |
241 |
local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev |
243 |
local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev |
242 |
|
244 |
|
|
|
245 |
# Create workdir for GPG agent |
246 |
local userrundir=false |
247 |
[ -d /run/user ] && userdir=true |
248 |
mkdir -p /run/user/$(id -u) |
249 |
|
243 |
local x |
250 |
local x |
244 |
for x in $(cat /proc/cmdline) ; do |
251 |
for x in $(cat /proc/cmdline) ; do |
245 |
case "${x}" in |
252 |
case "${x}" in |
Lines 295-300
start() {
Link Here
|
295 |
dm_crypt_execute |
302 |
dm_crypt_execute |
296 |
|
303 |
|
297 |
ewend ${cryptfs_status} "Failed to setup dm-crypt devices" |
304 |
ewend ${cryptfs_status} "Failed to setup dm-crypt devices" |
|
|
305 |
|
306 |
# Destroy GPG agent workdir |
307 |
rm -rf /run/user/$(id -u) |
308 |
$test && rm -r /run/user |
298 |
} |
309 |
} |
299 |
|
310 |
|
300 |
stop() { |
311 |
stop() { |