1 |
commit: 3fa1bf680d90f5841d8830634ed13bbfd76271b7 |
2 |
Author: Marek Sapota <marek <AT> sapota <DOT> org> |
3 |
AuthorDate: Fri Nov 2 17:04:18 2012 +0000 |
4 |
Commit: Robin H. Johnson <robbat2 <AT> gentoo <DOT> org> |
5 |
CommitDate: Fri Nov 2 17:06:02 2012 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/genkernel.git;a=commit;h=3fa1bf68 |
7 |
|
8 |
Bug #378105: UUID/LABEL support for LUKS keydevs |
9 |
|
10 |
LUKS keydevs now support mount by UUID/LABEL. |
11 |
|
12 |
X-Gentoo-Bug: 378105 |
13 |
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=378105 |
14 |
Signed-off-by: Robin H. Johnson <robbat2 <AT> gentoo.org> |
15 |
|
16 |
--- |
17 |
defaults/initrd.scripts | 83 ++++++++++++++++++++++++++--------------------- |
18 |
1 files changed, 46 insertions(+), 37 deletions(-) |
19 |
|
20 |
diff --git a/defaults/initrd.scripts b/defaults/initrd.scripts |
21 |
index 53e1f97..7cb41b3 100755 |
22 |
--- a/defaults/initrd.scripts |
23 |
+++ b/defaults/initrd.scripts |
24 |
@@ -282,6 +282,36 @@ findnfsmount() { |
25 |
fi |
26 |
} |
27 |
|
28 |
+find_real_device() { |
29 |
+ local DEVICE="${1}" |
30 |
+ case "${DEVICE}" in |
31 |
+ UUID\=*|LABEL\=*) |
32 |
+ local REAL_DEVICE="" |
33 |
+ local retval=1 |
34 |
+ |
35 |
+ if [ "${retval}" -ne 0 ]; then |
36 |
+ REAL_DEVICE=`findfs "${DEVICE}" 2>/dev/null` |
37 |
+ retval=$? |
38 |
+ fi |
39 |
+ |
40 |
+ if [ "$retval" -ne 0 ]; then |
41 |
+ REAL_DEVICE=`busybox findfs "${DEVICE}" 2>/dev/null` |
42 |
+ retval=$? |
43 |
+ fi |
44 |
+ |
45 |
+ if [ "${retval}" -ne 0 ]; then |
46 |
+ REAL_DEVICE=`blkid -o device -l -t "${DEVICE}"` |
47 |
+ retval=$? |
48 |
+ fi |
49 |
+ |
50 |
+ if [ "${retval}" -eq 0 ] && [ -n "${REAL_DEVICE}" ]; then |
51 |
+ DEVICE="${REAL_DEVICE}" |
52 |
+ fi |
53 |
+ ;; |
54 |
+ esac |
55 |
+ echo -n "${DEVICE}" |
56 |
+} |
57 |
+ |
58 |
check_loop() { |
59 |
if [ "${LOOP}" = '' -o ! -e "${CDROOT_PATH}/${LOOP}" ] |
60 |
then |
61 |
@@ -811,32 +841,7 @@ openLUKS() { |
62 |
prompt_user "LUKS_KEYDEV" "${LUKS_NAME} key device" |
63 |
KEYDEV_ERROR=0 |
64 |
else |
65 |
- case "${LUKS_DEVICE}" in |
66 |
- UUID\=*|LABEL\=*) |
67 |
- local REAL_LUKS="" |
68 |
- local retval=1 |
69 |
- |
70 |
- if [ "${retval}" -ne 0 ]; then |
71 |
- REAL_LUKS=`findfs "${LUKS_DEVICE}" 2>/dev/null` |
72 |
- retval=$? |
73 |
- fi |
74 |
- |
75 |
- if [ "$retval" -ne 0 ]; then |
76 |
- REAL_LUKS=`busybox findfs "${LUKS_DEVICE}" 2>/dev/null` |
77 |
- retval=$? |
78 |
- fi |
79 |
- |
80 |
- if [ "${retval}" -ne 0 ]; then |
81 |
- REAL_LUKS=`blkid -o device -l -t "${LUKS_DEVICE}"` |
82 |
- retval=$? |
83 |
- fi |
84 |
- |
85 |
- if [ "${retval}" -eq 0 ] && [ -n "${REAL_LUKS}" ]; then |
86 |
- good_msg "Detected device ${REAL_LUKS}" |
87 |
- LUKS_DEVICE="${REAL_LUKS}" |
88 |
- fi |
89 |
- ;; |
90 |
- esac |
91 |
+ LUKS_DEVICE=$(find_real_device "${LUKS_DEVICE}") |
92 |
|
93 |
setup_md_device ${LUKS_DEVICE} |
94 |
cryptsetup isLuks ${LUKS_DEVICE} |
95 |
@@ -855,10 +860,12 @@ openLUKS() { |
96 |
|
97 |
if [ -n "${LUKS_KEY}" ] |
98 |
then |
99 |
+ local REAL_LUKS_KEYDEV="${LUKS_KEYDEV}" |
100 |
if [ ! -e "${mntkey}${LUKS_KEY}" ] |
101 |
then |
102 |
- if [ -b "${LUKS_KEYDEV}" ] |
103 |
- then good_msg "Using key device ${LUKS_KEYDEV}." ${CRYPT_SILENT} |
104 |
+ REAL_LUKS_KEYDEV=$(find_real_device "${LUKS_KEYDEV}") |
105 |
+ if [ -b "${REAL_LUKS_KEYDEV}" ] |
106 |
+ then good_msg "Using key device ${REAL_LUKS_KEYDEV}." ${CRYPT_SILENT} |
107 |
else |
108 |
good_msg "Please insert removable device ${LUKS_KEYDEV} for ${LUKS_NAME}" ${CRYPT_SILENT} |
109 |
# abort after 10 secs |
110 |
@@ -867,18 +874,20 @@ openLUKS() { |
111 |
do |
112 |
count=$((count-1)) |
113 |
sleep 1 |
114 |
- if [ -b "${LUKS_KEYDEV}" ] |
115 |
+ REAL_LUKS_KEYDEV=$(find_real_device "${LUKS_KEYDEV}") |
116 |
+ if [ -b "${REAL_LUKS_KEYDEV}" ] |
117 |
then |
118 |
- good_msg "Removable device ${LUKS_KEYDEV} detected." ${CRYPT_SILENT} |
119 |
+ good_msg "Removable device ${REAL_LUKS_KEYDEV} detected." ${CRYPT_SILENT} |
120 |
break |
121 |
fi |
122 |
done |
123 |
- if [ ! -b "${LUKS_KEYDEV}" ] |
124 |
+ if [ ! -b "${REAL_LUKS_KEYDEV}" ] |
125 |
then |
126 |
eval CRYPT_${TYPE}_KEY=${LUKS_KEY} |
127 |
bootstrapKey ${TYPE} |
128 |
eval LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' |
129 |
- if [ ! -b "${LUKS_KEYDEV}" ]; then |
130 |
+ REAL_LUKS_KEYDEV=$(find_real_device "${LUKS_KEYDEV}") |
131 |
+ if [ ! -b "${REAL_LUKS_KEYDEV}" ]; then |
132 |
KEYDEV_ERROR=1 |
133 |
bad_msg "Removable device ${LUKS_KEYDEV} not found." ${CRYPT_SILENT} |
134 |
continue |
135 |
@@ -890,27 +899,27 @@ openLUKS() { |
136 |
# At this point a device was recognized, now let's see if the key is there |
137 |
[ ! -d "$mntkey" ] && mkdir -p ${mntkey} 2>/dev/null >/dev/null |
138 |
|
139 |
- mount -n -o ro ${LUKS_KEYDEV} ${mntkey} >/dev/null 2>/dev/null |
140 |
+ mount -n -o ro ${REAL_LUKS_KEYDEV} ${mntkey} >/dev/null 2>/dev/null |
141 |
if [ "$?" != '0' ] |
142 |
then |
143 |
KEYDEV_ERROR=1 |
144 |
- bad_msg "Mounting of device ${LUKS_KEYDEV} failed." ${CRYPT_SILENT} |
145 |
+ bad_msg "Mounting of device ${REAL_LUKS_KEYDEV} failed." ${CRYPT_SILENT} |
146 |
continue |
147 |
else |
148 |
- good_msg "Removable device ${LUKS_KEYDEV} mounted." ${CRYPT_SILENT} |
149 |
+ good_msg "Removable device ${REAL_LUKS_KEYDEV} mounted." ${CRYPT_SILENT} |
150 |
sleep 2 |
151 |
# keyfile exists? |
152 |
if [ ! -e "${mntkey}${LUKS_KEY}" ]; then |
153 |
umount -n ${mntkey} 2>/dev/null >/dev/null |
154 |
KEY_ERROR=1 |
155 |
KEYDEV_ERROR=1 |
156 |
- bad_msg "Key {LUKS_KEY} on device ${LUKS_KEYDEV} not found." ${CRYPT_SILENT} |
157 |
+ bad_msg "Key {LUKS_KEY} on device ${REAL_LUKS_KEYDEV} not found." ${CRYPT_SILENT} |
158 |
continue |
159 |
fi |
160 |
fi |
161 |
fi |
162 |
# At this point a candidate key exists (either mounted before or not) |
163 |
- good_msg "${LUKS_KEY} on device ${LUKS_KEYDEV} found" ${CRYPT_SILENT} |
164 |
+ good_msg "${LUKS_KEY} on device ${REAL_LUKS_KEYDEV} found" ${CRYPT_SILENT} |
165 |
if [ "$(echo ${LUKS_KEY} | grep -o '.gpg$')" = ".gpg" ] && [ -e /sbin/gpg ] ; then |
166 |
[ -e /dev/tty ] && mv /dev/tty /dev/tty.org |
167 |
mknod /dev/tty c 5 1 |