← Back to branch summary

~ecryptfs/ecryptfs/trunk

« back to all changes in this revision

Viewing changes to src/utils/ecryptfs-setup-swap

  • Committer: Tyler Hicks
  • Date: 2016-07-06 22:31:21 UTC
  • mfrom: (881.1.3 fix-1597154)
  • Revision ID: tyhicks@canonical.com-20160706223121-pod47bnaf05t85e7
https://launchpad.net/bugs/1597154
src/utils/ecryptfs-setup-swap: Prevent unencrypted swap partitions from
being automatically enabled by systemd. This bug affected GPT partitioned
NVMe/MMC drives and resulted in the swap partition being used without
encryption. It also resulted in a usability issue in that users were
erroneously prompted to enter a pass-phrase to unlock their swap partition
at boot. (LP: #1597154)

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/utils/ecryptfs-setup-swap
166
166
        # If this is a GPT partition, mark it as no-auto mounting, to avoid
167
167
        # auto-activating it on boot
168
168
        if [ "$(blkid -p -s PART_ENTRY_SCHEME -o value "$swap")" = "gpt" ]; then
169
 
                drive="${swap%[0-9]*}"
170
 
                partno="${swap#$drive}"
 
169
                # Correctly handle NVMe/MMC drives, as well as any similar physical
 
170
                # block device that follow the "/dev/foo0p1" pattern (LP: #1597154)
 
171
                if echo "$swap" | grep -qE "^/dev/.+[0-9]+p[0-9]+$"; then
 
172
                        drive=$(echo "$swap" | sed "s:\(.\+[0-9]\)p[0-9]\+:\1:")
 
173
                else
 
174
                        drive=$(echo "$swap" | sed "s:\(.\+[^0-9]\)[0-9]\+:\1:")
 
175
                fi
 
176
                partno=$(echo "$swap" | sed "s:.\+[^0-9]\([0-9]\+\):\1:")
171
177
                if [ -b "$drive" ]; then
172
178
                        if printf "x\np\n" | fdisk "$drive" | grep -q "^$swap .* GUID:.*\b63\b"; then
173
179
                                echo "$swap is already marked as no-auto"