Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 832215 Details for
Bug 493690
sys-fs/cryptsetup: add support for detached LUKS header
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Updated patch for latest stable cryptsetup 2.4.3-r2
2.4.3-dmcrypt.rc.patch (text/plain), 4.04 KB, created by
Stephen Kirkby
on 2022-11-13 09:56:51 UTC
(
hide
)
Description:
Updated patch for latest stable cryptsetup 2.4.3-r2
Filename:
MIME Type:
Creator:
Stephen Kirkby
Created:
2022-11-13 09:56:51 UTC
Size:
4.04 KB
patch
obsolete
>--- /usr/portage/sys-fs/cryptsetup/files/2.4.3-dmcrypt.rc 2022-10-31 17:40:24.000000000 +0000 >+++ /etc/init.d/dmcrypt 2022-11-12 16:30:56.337988823 +0000 >@@ -58,7 +58,7 @@ > return > fi > >- if [ -n "${header}" ] ; then >+ if [ -n "${header}" ] && [ -z "${remdev}" ] ; then > header_opt="--header=${header}" > > i=0 >@@ -71,6 +71,41 @@ > ewarn "Waited ${i} times for header file ${header}. Aborting ${target}." > return > fi >+ # handle header on removable device >+ elif [ -n "${header}" ] && [ -n "${remdev}" ] ; then >+ # temp directory to mount removable device >+ local mntrem="${RC_SVCDIR}/dm-crypt-remdev-header.$$" >+ if [ ! -d "${mntrem}" ] ; then >+ if ! mkdir -p "${mntrem}" ; then >+ ewarn "${source} will not be decrypted ..." >+ einfo "Reason: Unable to create temporary mount point '${mntrem}'" >+ return >+ fi >+ fi >+ i=0 >+ einfo "Please insert removable device for ${target}" >+ while [ ${i} -lt ${dmcrypt_max_timeout} ] ; do >+ foo="" >+ if mount -n -o ro "${remdev}" "${mntrem}" 2>/dev/null >/dev/null ; then >+ # header exists? >+ if [ ! -e "${mntrem}${header}" ] ; then >+ umount -n "${mntrem}" >+ rmdir "${mntrem}" >+ einfo "Cannot find ${header} on removable media." >+ read_abort "Abort" ${dmcrypt_key_timeout} && return >+ else >+ header="${mntrem}${header}" >+ break >+ fi >+ else >+ [ -e "${remdev}" ] \ >+ && foo="mount failed" \ >+ || foo="mount source not found" >+ fi >+ : $((i += 1)) >+ read_abort "Stop waiting after $i attempts (${foo})" -t 1 && return >+ done >+ header_opt="--header ${header}" > else > header_opt="" > fi >@@ -96,6 +131,32 @@ > losetup ${source} ${loop_file} > fi > >+ read_abort() { >+ # some colors >+ local ans savetty resettty >+ [ -z "${NORMAL}" ] && eval $(eval_ecolors) >+ einfon " $1? (${WARN}yes${NORMAL}/${GOOD}No${NORMAL}) " >+ shift >+ # This is ugly as s**t. But POSIX doesn't provide `read -t`, so >+ # we end up having to implement our own crap with stty/etc... >+ savetty=$(stty -g) >+ resettty='stty ${savetty}; trap - EXIT HUP INT TERM' >+ trap 'eval "${resettty}"' EXIT HUP INT TERM >+ stty -icanon >+ stty min 0 time "$(( $2 * 10 ))" >+ ans=$(dd count=1 bs=1 2>/dev/null) || ans='' >+ eval "${resettty}" >+ if [ -z "${ans}" ] ; then >+ printf '\r' >+ else >+ echo >+ fi >+ case ${ans} in >+ [yY]) return 0;; >+ *) return 1;; >+ esac >+ } >+ > # cryptsetup: > # open <device> <name> # <device> is $source > # create <name> <device> # <name> is $target >@@ -118,32 +179,6 @@ > > # Handle keys > if [ -n "${key}" ] ; then >- read_abort() { >- # some colors >- local ans savetty resettty >- [ -z "${NORMAL}" ] && eval $(eval_ecolors) >- einfon " $1? (${WARN}yes${NORMAL}/${GOOD}No${NORMAL}) " >- shift >- # This is ugly as s**t. But POSIX doesn't provide `read -t`, so >- # we end up having to implement our own crap with stty/etc... >- savetty=$(stty -g) >- resettty='stty ${savetty}; trap - EXIT HUP INT TERM' >- trap 'eval "${resettty}"' EXIT HUP INT TERM >- stty -icanon >- stty min 0 time "$(( $2 * 10 ))" >- ans=$(dd count=1 bs=1 2>/dev/null) || ans='' >- eval "${resettty}" >- if [ -z "${ans}" ] ; then >- printf '\r' >- else >- echo >- fi >- case ${ans} in >- [yY]) return 0;; >- *) return 1;; >- esac >- } >- > # Notes: sed not used to avoid case where /usr partition is encrypted. > mode=${key##*:} && ( [ "${mode}" = "${key}" ] || [ -z "${mode}" ] ) && mode=reg > key=${key%:*} >@@ -266,7 +301,7 @@ > > start() { > local print_header=true cryptfs_status=0 >- local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev >+ local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev header > > local x > for x in $(cat /proc/cmdline) ; do
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=832215">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 493690
:
364964
|
365052
|
767170
|
767171
|
767898
|
775014
|
778130
|
832213
|
832215
|
861072
|
861073
|
876383
