~siretart/cryptsetup/debian

« back to all changes in this revision

Viewing changes to debian/initramfs/cryptroot-script

  • Committer: Reinhard Tartler
  • Date: 2008-06-13 19:35:34 UTC
  • Revision ID: siretart@tauware.de-20080613193534-oeqhbxi7r0q4lk51
import cryptsetup_1.0.6-2.dsc

Show diffs side-by-side

added added

removed removed

Lines of Context:
25
25
#
26
26
# Helper functions
27
27
#
 
28
message()
 
29
{
 
30
        if [ -p /dev/.initramfs/usplash_outfifo ] && [ -x /sbin/usplash_write ]; then
 
31
                usplash_write "TEXT-URGENT $@"
 
32
        else
 
33
                echo "$@" >&2
 
34
        fi
 
35
        return 0
 
36
}
 
37
 
 
38
udev_settle()
 
39
{
 
40
        # Wait for udev to be ready, see https://launchpad.net/bugs/85640
 
41
        if [ -x /sbin/udevadm ]; then
 
42
                /sbin/udevadm settle --timeout=30
 
43
        elif [ -x /sbin/udevsettle ]; then
 
44
                /sbin/udevsettle --timeout=30
 
45
        fi
 
46
        return 0
 
47
}
 
48
 
28
49
parse_options()
29
50
{
30
51
        local cryptopts
91
112
        done
92
113
 
93
114
        if [ -z "$cryptsource" ]; then
94
 
                echo "cryptsetup: source parameter missing"
 
115
                message "cryptsetup: source parameter missing"
95
116
                return 1
96
117
        fi
97
118
        return 0
153
174
 
154
175
        parse_options "$opts" || return 1
155
176
 
 
177
        if [ -n "$cryptkeyscript" ] && [ ! -x "$cryptkeyscript" ]; then
 
178
                message "cryptsetup: error - script \"$cryptkeyscript\" missing"
 
179
                return 1
 
180
        fi
 
181
 
156
182
        # The same target can be specified multiple times
157
183
        # e.g. root and resume lvs-on-lvm-on-crypto
158
184
        if [ -e "/dev/mapper/$crypttarget" ]; then
160
186
        fi
161
187
 
162
188
        modprobe -q dm_crypt
163
 
        echo "Setting up cryptographic volume $crypttarget (based on $cryptsource)"
164
189
 
165
190
        # Make sure the cryptsource device is available
166
191
        if [ ! -e $cryptsource ]; then
167
192
                activate_vg $cryptsource
168
193
                activate_evms $cryptsource
169
194
        fi
170
 
        # Wait for udev to be ready, see https://launchpad.net/bugs/85640
171
 
        if [ -x /sbin/udevadm ]; then
172
 
                /sbin/udevadm settle --timeout=30
173
 
        elif [ -x /sbin/udevsettle ]; then
174
 
                /sbin/udevsettle --timeout=30
175
 
        fi
 
195
 
 
196
        udev_settle
176
197
 
177
198
        if [ ! -e $cryptsource ]; then
178
 
                echo "cryptsetup: Source device $cryptsource not found"
 
199
                message "cryptsetup: source device $cryptsource not found"
179
200
                return 1
180
201
        fi
181
202
 
188
209
        cryptremove="/sbin/cryptsetup remove $crypttarget"
189
210
        NEWROOT="/dev/mapper/$crypttarget"
190
211
 
191
 
        # Try to get a satisfactory password three times
 
212
        # Try to get a satisfactory password $crypttries times
192
213
        count=0
193
214
        while [ $crypttries -le 0 ] || [ $count -lt $crypttries ]; do
194
215
                count=$(( $count + 1 ))
195
216
 
196
 
                if [ -n "$cryptkeyscript" ]; then
197
 
                        if [ ! -x "$cryptkeyscript" ]; then
198
 
                                echo "cryptsetup: error - $cryptkeyscript missing"
199
 
                                return 1
200
 
                        fi
201
 
                        crypttarget="$crypttarget" cryptsource="$cryptsource" \
202
 
                        $cryptkeyscript $cryptkey < /dev/console 2> /dev/console | \
203
 
                        $cryptcreate --key-file=- > /dev/console 2>&1
204
 
                elif [ -p /dev/.initramfs/usplash_outfifo ] && [ -x /sbin/usplash_write ]; then
205
 
                        usplash_write "INPUTQUIET Enter password for $crypttarget: "
206
 
                        PASS="$(cat /dev/.initramfs/usplash_outfifo)"
207
 
                        echo -n "$PASS" | $cryptcreate > /dev/null 2>&1
208
 
                else
209
 
                        $cryptcreate < /dev/console > /dev/console 2>&1
210
 
                fi
211
 
 
212
 
                if [ $? -ne 0 ]; then
213
 
                        echo "cryptsetup: cryptsetup failed, bad password or options?"
 
217
                if [ $count -gt 1 ]; then
214
218
                        sleep 3
 
219
                fi
 
220
 
 
221
                if [ $crypttries -gt 0 ] && [ $count -gt $crypttries ]; then
 
222
                        message "cryptsetup: maximum number of tries exceeded for $crypttarget"
 
223
                        return 1
 
224
                fi
 
225
 
 
226
                if [ -z "$cryptkeyscript" ]; then
 
227
                        cryptkeyscript="/lib/cryptsetup/askpass"
 
228
                        cryptkey="Enter passphrase for $crypttarget ($cryptsource): "
 
229
                fi
 
230
 
 
231
 
 
232
                if ! crypttarget="$crypttarget" cryptsource="$cryptsource" \
 
233
                     $cryptkeyscript "$cryptkey" | $cryptcreate --key-file=- ; then
 
234
                        message "cryptsetup: cryptsetup failed, bad password or options?"
215
235
                        continue
216
 
                elif [ ! -e "$NEWROOT" ]; then
217
 
                        echo "cryptsetup: unknown error setting up device mapping"
 
236
                fi
 
237
 
 
238
                if [ ! -e "$NEWROOT" ]; then
 
239
                        message "cryptsetup: unknown error setting up device mapping"
218
240
                        return 1
219
 
                elif [ -p /dev/.initramfs/usplash_outfifo ] && [ -x /sbin/usplash_write ]; then
220
 
                        # clean the text, to give feedback that it worked
221
 
                        usplash_write "TEXT-URGENT "
222
241
                fi
223
242
 
224
243
                FSTYPE=''
227
246
                # See if we need to setup lvm on the crypto device
228
247
                if [ "$FSTYPE" = "lvm" ] || [ "$FSTYPE" = "lvm2" ]; then
229
248
                        if [ -z "$cryptlvm" ]; then
230
 
                                echo "cryptsetup: lvm fs found but no lvm configured"
 
249
                                message "cryptsetup: lvm fs found but no lvm configured"
231
250
                                return 1
232
251
                        elif ! activate_vg "/dev/mapper/$cryptlvm"; then
233
 
                                echo "cryptsetup: failed to setup lvm device"
 
252
                                message "cryptsetup: failed to setup lvm device"
234
253
                                return 1
235
254
                        fi
236
255
 
239
258
                fi
240
259
 
241
260
                if [ -z "$FSTYPE" ] || [ "$FSTYPE" = "unknown" ]; then
242
 
                        echo "cryptsetup: unknown fstype, bad password or options?"
 
261
                        message "cryptsetup: unknown fstype, bad password or options?"
243
262
                        $cryptremove
244
 
                        sleep 3
245
263
                        continue
246
264
                fi
247
265
 
 
266
                message "cryptsetup: $crypttarget setup successfully"
248
267
                break
249
268
        done
250
269
 
251
 
        if [ $count -lt 3 ]; then
252
 
                # Wait for udev to be ready, see https://launchpad.net/bugs/85640
253
 
                if [ -x /sbin/udevsettle ]; then
254
 
                        /sbin/udevsettle --timeout=30
255
 
                fi
256
 
                return 0
257
 
        else
258
 
                echo "cryptsetup: maximum number of tries exceeded"
259
 
                return 1
260
 
        fi
 
270
        udev_settle
 
271
        return 0
261
272
}
262
273
 
263
274
#
281
292
 
282
293
# Do we have any settings from the /conf/conf.d/cryptroot file?
283
294
if [ -r /conf/conf.d/cryptroot ]; then
284
 
        while read mapping; do
 
295
        while read mapping <&3; do
285
296
                setup_mapping "$mapping"
286
 
        done < /conf/conf.d/cryptroot
 
297
        done 3< /conf/conf.d/cryptroot
287
298
fi
288
299
 
289
300
exit 0