34
34
static const char *arg_dest = "/tmp";
35
35
static bool arg_enabled = true;
36
36
static bool arg_read_crypttab = true;
37
static char **arg_proc_cmdline_disks = NULL;
39
38
static bool has_option(const char *haystack, const char *needle) {
40
39
const char *f = haystack;
71
70
const char *password,
72
71
const char *options) {
74
char *p = NULL, *n = NULL, *d = NULL, *u = NULL, *from = NULL, *to = NULL, *e = NULL;
73
_cleanup_free_ char *p = NULL, *n = NULL, *d = NULL, *u = NULL, *from = NULL, *to = NULL, *e = NULL;
74
_cleanup_fclose_ FILE *f = NULL;
77
75
bool noauto, nofail;
83
81
nofail = has_option(options, "nofail");
85
83
n = unit_name_from_path_instance("systemd-cryptsetup", name, ".service");
91
87
p = strjoin(arg_dest, "/", n, NULL);
97
91
u = fstab_node_to_udev_node(device);
103
95
d = unit_name_from_path(u, ".device");
109
99
f = fopen(p, "wxe");
112
101
log_error("Failed to create unit file %s: %m", p);
117
106
"# Automatically generated by systemd-cryptsetup-generator\n\n"
119
"Description=Cryptography Setup for %%I\n"
108
"Description=Cryptography Setup for %I\n"
120
109
"Documentation=man:systemd-cryptsetup@.service(8) man:crypttab(5)\n"
121
110
"SourcePath=/etc/crypttab\n"
122
111
"Conflicts=umount.target\n"
123
112
"DefaultDependencies=no\n"
124
"BindsTo=%s dev-mapper-%%i.device\n"
125
"After=systemd-readahead-collect.service systemd-readahead-replay.service %s\n"
126
"Before=umount.target\n",
113
"BindsTo=dev-mapper-%i.device\n"
114
"After=systemd-readahead-collect.service systemd-readahead-replay.service\n",
131
119
"Before=cryptsetup.target\n");
133
if (password && (streq(password, "/dev/urandom") ||
134
streq(password, "/dev/random") ||
135
streq(password, "/dev/hw_random")))
136
fputs("After=systemd-random-seed-load.service\n", f);
122
if (streq(password, "/dev/urandom") ||
123
streq(password, "/dev/random") ||
124
streq(password, "/dev/hw_random"))
125
fputs("After=systemd-random-seed-load.service\n", f);
126
else if (!streq(password, "-") &&
127
!streq(password, "none"))
129
"RequiresMountsFor=%s\n",
133
if (is_device_path(u))
137
"Before=umount.target\n",
138
fputs("Before=local-fs.target\n", f);
141
"RequiresMountsFor=%s\n",
164
167
log_error("Failed to write file %s: %m", p);
168
if (asprintf(&from, "../%s", n) < 0) {
171
if (asprintf(&from, "../%s", n) < 0)
175
176
to = strjoin(arg_dest, "/", d, ".wants/", n, NULL);
181
180
mkdir_parents_label(to, 0755);
182
181
if (symlink(from, to) < 0) {
183
182
log_error("Failed to create symlink '%s' to '%s': %m", from, to);
191
188
to = strjoin(arg_dest, "/cryptsetup.target.requires/", n, NULL);
193
190
to = strjoin(arg_dest, "/cryptsetup.target.wants/", n, NULL);
199
194
mkdir_parents_label(to, 0755);
200
195
if (symlink(from, to) < 0) {
201
196
log_error("Failed to create symlink '%s' to '%s': %m", from, to);
210
201
e = unit_name_escape(name);
211
206
to = strjoin(arg_dest, "/dev-mapper-", e, ".device.requires/", n, NULL);
217
210
mkdir_parents_label(to, 0755);
218
211
if (symlink(from, to) < 0) {
219
212
log_error("Failed to create symlink '%s' to '%s': %m", from, to);
216
if (!noauto && !nofail) {
219
p = strjoin(arg_dest, "/dev-mapper-", e, ".device.d/50-job-timeout-sec-0.conf", NULL);
223
mkdir_parents_label(p, 0755);
225
r = write_string_file(p,
226
"# Automatically generated by systemd-cryptsetup-generator\n\n"
228
"JobTimeoutSec=0\n"); /* the binary handles timeouts anyway */
241
static int parse_proc_cmdline(void) {
242
char *line, *w, *state;
236
static int parse_proc_cmdline(char ***arg_proc_cmdline_disks, char **arg_proc_cmdline_keyfile) {
237
_cleanup_free_ char *line = NULL;
238
char *w = NULL, *state = NULL;
255
251
FOREACH_WORD_QUOTED(w, l, line, state) {
252
_cleanup_free_ char *word = NULL;
258
254
word = strndup(w, l);
264
258
if (startswith(word, "luks=")) {
265
259
r = parse_boolean(word + 5);
298
292
} else if (startswith(word, "luks.uuid=")) {
301
t = strv_append(arg_proc_cmdline_disks, word + 10);
306
strv_free(arg_proc_cmdline_disks);
307
arg_proc_cmdline_disks = t;
293
if (strv_extend(arg_proc_cmdline_disks, word + 10) < 0)
309
296
} else if (startswith(word, "rd.luks.uuid=")) {
311
298
if (in_initrd()) {
314
t = strv_append(arg_proc_cmdline_disks, word + 13);
319
strv_free(arg_proc_cmdline_disks);
320
arg_proc_cmdline_disks = t;
299
if (strv_extend(arg_proc_cmdline_disks, word + 13) < 0)
303
} else if (startswith(word, "luks.key=")) {
304
*arg_proc_cmdline_keyfile = strdup(word + 9);
305
if (! arg_proc_cmdline_keyfile)
308
} else if (startswith(word, "rd.luks.key=")) {
311
if (*arg_proc_cmdline_keyfile)
312
free(*arg_proc_cmdline_keyfile);
313
*arg_proc_cmdline_keyfile = strdup(word + 12);
314
if (!arg_proc_cmdline_keyfile)
323
318
} else if (startswith(word, "luks.") ||
326
321
log_warning("Unknown kernel switch %s. Ignoring.", word);
332
strv_uniq(arg_proc_cmdline_disks);
325
strv_uniq(*arg_proc_cmdline_disks);
341
330
int main(int argc, char *argv[]) {
331
_cleanup_fclose_ FILE *f = NULL;
343
333
int r = EXIT_SUCCESS;
346
char **arg_proc_cmdline_disks_done = NULL;
335
_cleanup_strv_free_ char **arg_proc_cmdline_disks_done = NULL;
336
_cleanup_strv_free_ char **arg_proc_cmdline_disks = NULL;
337
_cleanup_free_ char *arg_proc_cmdline_keyfile = NULL;
348
339
if (argc > 1 && argc != 4) {
349
340
log_error("This program takes three or no arguments.");
377
366
r = EXIT_FAILURE;
378
367
log_error("Failed to open /etc/crypttab: %m");
385
370
char line[LINE_MAX], *l;
386
char *name = NULL, *device = NULL, *password = NULL, *options = NULL;
371
_cleanup_free_ char *name = NULL, *device = NULL, *password = NULL, *options = NULL;
389
374
if (!fgets(line, sizeof(line), f))
408
393
for /etc/crypttab and only generate units for those.
410
395
STRV_FOREACH(i, arg_proc_cmdline_disks) {
411
char *proc_device, *proc_name;
396
_cleanup_free_ char *proc_device = NULL, *proc_name = NULL;
412
397
const char *p = *i;
414
399
if (startswith(p, "luks-"))
417
402
proc_name = strappend("luks-", p);
418
403
proc_device = strappend("UUID=", p);
420
if (!proc_name || !proc_device) {
405
if (!proc_name || !proc_device)
427
408
if (streq(proc_device, device) || streq(proc_name, name)) {
430
409
if (create_disk(name, device, password, options) < 0)
431
410
r = EXIT_FAILURE;
433
t = strv_append(arg_proc_cmdline_disks_done, p);
438
strv_free(arg_proc_cmdline_disks_done);
439
arg_proc_cmdline_disks_done = t;
412
if (strv_extend(&arg_proc_cmdline_disks_done, p) < 0)
446
417
if (create_disk(name, device, password, options) < 0)
447
418
r = EXIT_FAILURE;
473
438
name = strappend("luks-", p);
474
439
device = strappend("UUID=", p);
476
if (!name || !device) {
484
if (create_disk(name, device, NULL, "timeout=0") < 0)
441
if (!name || !device)
444
if (create_disk(name, device, arg_proc_cmdline_keyfile, "timeout=0") < 0)
495
strv_free(arg_proc_cmdline_disks);
496
strv_free(arg_proc_cmdline_disks_done);