|
Lines 176-182
dm_crypt_execute() {
Link Here
|
| 176 |
if [ "${mode}" = "gpg" ] ; then |
176 |
if [ "${mode}" = "gpg" ] ; then |
| 177 |
: ${gpg_options:='-q -d'} |
177 |
: ${gpg_options:='-q -d'} |
| 178 |
# gpg available ? |
178 |
# gpg available ? |
| 179 |
if command -v gpg >/dev/null ; then |
179 |
if command -v gpg >/dev/null && command -v gpg-agent >/dev/null; then |
|
|
180 |
eval "$(gpg-agent --daemon)" |
| 180 |
i=0 |
181 |
i=0 |
| 181 |
while [ ${i} -lt ${dmcrypt_retries} ] ; do |
182 |
while [ ${i} -lt ${dmcrypt_retries} ] ; do |
| 182 |
# paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected. |
183 |
# paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected. |
|
Lines 189-194
dm_crypt_execute() {
Link Here
|
| 189 |
: $(( i += 1 )) |
190 |
: $(( i += 1 )) |
| 190 |
done |
191 |
done |
| 191 |
eend ${ret} "failure running cryptsetup" |
192 |
eend ${ret} "failure running cryptsetup" |
|
|
193 |
kill $(echo ${GPG_AGENT_INFO} | cut -d':' -f 2) >/dev/null 2>&1 |
| 192 |
else |
194 |
else |
| 193 |
ewarn "${source} will not be decrypted ..." |
195 |
ewarn "${source} will not be decrypted ..." |
| 194 |
einfo "Reason: cannot find gpg application." |
196 |
einfo "Reason: cannot find gpg application." |
|
Lines 240-245
start() {
Link Here
|
| 240 |
local header=true cryptfs_status=0 |
242 |
local header=true cryptfs_status=0 |
| 241 |
local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev |
243 |
local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev |
| 242 |
|
244 |
|
|
|
245 |
# Create workdir for GPG agent |
| 246 |
local userrundir=false |
| 247 |
[ -d /run/user ] && userdir=true |
| 248 |
mkdir -p /run/user/$(id -u) |
| 249 |
|
| 243 |
local x |
250 |
local x |
| 244 |
for x in $(cat /proc/cmdline) ; do |
251 |
for x in $(cat /proc/cmdline) ; do |
| 245 |
case "${x}" in |
252 |
case "${x}" in |
|
Lines 295-300
start() {
Link Here
|
| 295 |
dm_crypt_execute |
302 |
dm_crypt_execute |
| 296 |
|
303 |
|
| 297 |
ewend ${cryptfs_status} "Failed to setup dm-crypt devices" |
304 |
ewend ${cryptfs_status} "Failed to setup dm-crypt devices" |
|
|
305 |
|
| 306 |
# Destroy GPG agent workdir |
| 307 |
rm -rf /run/user/$(id -u) |
| 308 |
$test && rm -r /run/user |
| 298 |
} |
309 |
} |
| 299 |
|
310 |
|
| 300 |
stop() { |
311 |
stop() { |
