[gentoo-commits] gentoo-x86 commit in sys-fs/cryptsetup/files: 1.1.3-dm-crypt-start.sh 1.1.3-dm-crypt-stop.sh - gentoo-commits

From:	"Mike Frysinger (vapier)" <vapier@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-x86 commit in sys-fs/cryptsetup/files: 1.1.3-dm-crypt-start.sh 1.1.3-dm-crypt-stop.sh
Date:	Thu, 30 Sep 2010 01:35:33
Message-Id:	`20100930013524.26BAD20051@flycatcher.gentoo.org`

1

vapier      10/09/30 01:35:24

2

3

  Added:                1.1.3-dm-crypt-start.sh 1.1.3-dm-crypt-stop.sh

4

  Log:

5

  Update by Wolfram to let the init.d scripts be multiplexed #338876.

6

7

  (Portage version: 2.2_rc86/cvs/Linux x86_64)

8

9

Revision  Changes    Path

10

1.1                  sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh

11

12

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh?rev=1.1&view=markup

13

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh?rev=1.1&content-type=text/plain

14

15

Index: 1.1.3-dm-crypt-start.sh

16

===================================================================

17

# /lib/rcscripts/addons/dm-crypt-start.sh

18

19

# For backwards compatability with baselayout < 1.13.0

20

: ${SVCNAME:=${myservice}} #174256

21

dm_crypt_execute_checkfs() {

22

	dm_crypt_execute_dmcrypt

23

}

24

25

dm_crypt_execute_volumes() {

26

	dm_crypt_execute_dmcrypt

27

}

28

29

# Setup mappings for an individual target/swap

30

# Note: This relies on variables localized in the main body below.

31

dm_crypt_execute_dmcrypt() {

32

	local dev ret mode foo

33

	# some colors

34

	local red='\x1b[31;01m' green='\x1b[32;01m' off='\x1b[0;0m'

35

36

	if [ -n "$target" ]; then

37

		# let user set options, otherwise leave empty

38

		: ${options:=' '}

39

	elif [ -n "$swap" ]; then

40

		einfo "Checking swap is not LUKS"

41

		cryptsetup isLuks ${source} 2>/dev/null

42

		foo="$?"

43

		if [ "${foo}" -eq 0 ]; then

44

		ewarn "The swap you have defined is a LUKS partition. Aborting crypt-swap setup."

45

		return

46

fi

47

		target=${swap}

48

		# swap contents do not need to be preserved between boots, luks not required.

49

		# suspend2 users should have initramfs's init handling their swap partition either way.

50

		: ${options:='-c aes -h sha1 -d /dev/urandom'}

51

		: ${pre_mount:='mkswap ${dev}'}

52

	else

53

		return

54

fi

55

	if [ -z "$source" ] && [ ! -e "$source" ]; then

56

		ewarn "source \"${source}\" for ${target} missing, skipping..."

57

		return

58

fi

59

60

	if [[ -n ${loop_file} ]] ; then

61

		dev="/dev/mapper/${target}"

62

		ebegin "  Setting up loop device ${source}"

63

		/sbin/losetup ${source} ${loop_file}

64

fi

65

66

	# cryptsetup:

67

	# luksOpen <device> <name>      # <device> is $source

68

	# create   <name>   <device>    # <name>   is $target

69

	local arg1="create" arg2="$target" arg3="$source" luks=0

70

71

	cryptsetup isLuks ${source} 2>/dev/null && { arg1="luksOpen"; arg2="$source"; arg3="$target"; luks=1; }

72

73

	if /sbin/cryptsetup status ${target} | egrep -q '\<active:' ; then

74

		einfo "dm-crypt mapping ${target} is already configured"

75

		return

76

fi

77

	splash svc_input_begin ${SVCNAME} >/dev/null 2>&1

78

79

	# Handle keys

80

	if [ -n "$key" ]; then

81

		read_abort() {

82

			local ans

83

			local prompt=" ${green}*${off}  $1? (${red}yes${off}/${green}No${off}) "

84

			shift

85

			echo -n -e "${prompt}"

86

			if ! read -n 1 $* ans ; then

87

				local back=${prompt//?/\\b}

88

				echo -n -e "${back}"

89

			else

90

				echo

91

fi

92

			case $ans in

93

				[yY]|[yY][eE][sS]) return 0;;

94

				*) return 1;;

95

			esac

96

}

97

98

		# Notes: sed not used to avoid case where /usr partition is encrypted.

99

		mode=${key/*:/} && ( [ "$mode" == "$key" ] || [ -z "$mode" ] ) && mode=reg

100

		key=${key/:*/}

101

		case "$mode" in

102

		gpg|reg)

103

			# handle key on removable device

104

			if [ -n "$remdev" ]; then

105

				# temp directory to mount removable device

106

				local mntrem="${RC_SVCDIR}/dm-crypt-remdev.$$"

107

				if [ ! -d "${mntrem}" ] ; then

108

					if ! mkdir -p "${mntrem}" ; then

109

						ewarn "${source} will not be decrypted ..."

110

						einfo "Reason: Unable to create temporary mount point '${mntrem}'"

111

						return

112

fi

113

fi

114

i=0

115

				einfo "Please insert removable device for ${target}"

116

				while [ ${i} -lt ${dmcrypt_max_timeout:-120} ] ; do

117

					foo=""

118

					if mount -n -o ro "${remdev}" "${mntrem}" 2>/dev/null >/dev/null ; then

119

						# keyfile exists?

120

						if [ ! -e "${mntrem}${key}" ]; then

121

							umount -n "${mntrem}"

122

							rmdir "${mntrem}"

123

							einfo "Cannot find ${key} on removable media."

124

							read_abort "Abort" ${read_timeout:--t 1} && return

125

						else

126

							key="${mntrem}${key}"

127

							break

128

fi

129

					else

130

						[ -e "${remdev}" ] \

131

							&& foo="mount failed" \

132

							|| foo="mount source not found"

133

fi

134

					((++i))

135

					read_abort "Stop waiting after $i attempts (${foo})" -t 1 && return

136

				done

137

			else    # keyfile ! on removable device

138

				if [ ! -e "$key" ]; then

139

					ewarn "${source} will not be decrypted ..."

140

					einfo "Reason: keyfile ${key} does not exist."

141

					return

142

fi

143

fi

144

;;

145

*)

146

			ewarn "${source} will not be decrypted ..."

147

			einfo "Reason: mode ${mode} is invalid."

148

			return

149

;;

150

		esac

151

	else

152

		mode=none

153

fi

154

	ebegin "dm-crypt map ${target}"

155

	einfo "cryptsetup will be called with : ${options} ${arg1} ${arg2} ${arg3}"

156

	if [ "$mode" == "gpg" ]; then

157

		: ${gpg_options:='-q -d'}

158

		# gpg available ?

159

		if type -p gpg >/dev/null ; then

160

			for (( i = 0 ; i < 3 ; i++ ))

161

do

162

				# paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected.

163

				# save stdin stdout stderr "values"

164

				gpg ${gpg_options} ${key} 2>/dev/null | cryptsetup ${options} ${arg1} ${arg2} ${arg3}

165

				ret="$?"

166

				[ "$ret" -eq 0 ] && break

167

			done

168

			eend "${ret}" "failure running cryptsetup"

169

		else

170

			ewarn "${source} will not be decrypted ..."

171

			einfo "Reason: cannot find gpg application."

172

			einfo "You have to install app-crypt/gnupg first."

173

			einfo "If you have /usr on its own partition, try copying gpg to /bin ."

174

fi

175

	else

176

		if [ "$mode" == "reg" ]; then

177

			cryptsetup ${options} -d ${key} ${arg1} ${arg2} ${arg3}

178

			ret="$?"

179

			eend "${ret}" "failure running cryptsetup"

180

		else

181

			cryptsetup ${options} ${arg1} ${arg2} ${arg3}

182

			ret="$?"

183

			eend "${ret}" "failure running cryptsetup"

184

fi

185

fi

186

	if [ -d "$mntrem" ]; then

187

		umount -n ${mntrem} 2>/dev/null >/dev/null

188

		rmdir ${mntrem} 2>/dev/null >/dev/null

189

fi

190

	splash svc_input_end ${SVCNAME} >/dev/null 2>&1

191

192

	if [[ ${ret} != 0 ]] ; then

193

		cryptfs_status=1

194

	else

195

		if [[ -n ${pre_mount} ]] ; then

196

			dev="/dev/mapper/${target}"

197

			ebegin "  Running pre_mount commands for ${target}"

198

			eval "${pre_mount}" > /dev/null

199

			ewend $? || cryptfs_status=1

200

fi

201

fi

202

}

203

204

# Run any post_mount commands for an individual mount

205

#

206

# Note: This relies on variables localized in the main body below.

207

dm_crypt_execute_localmount() {

208

	local mount_point

209

210

	[ -z "$target" ] && [ -z "$post_mount" ] && return

211

212

	if ! /sbin/cryptsetup status ${target} | egrep -q '\<active:' ; then

213

		ewarn "Skipping unmapped target ${target}"

214

		cryptfs_status=1

215

		return

216

fi

217

218

	mount_point=$(grep "/dev/mapper/${target}" /proc/mounts | cut -d' ' -f2)

219

	if [[ -z ${mount_point} ]] ; then

220

		ewarn "Failed to find mount point for ${target}, skipping"

221

		cryptfs_status=1

222

fi

223

224

	if [[ -n ${post_mount} ]] ; then

225

		ebegin "Running post_mount commands for target ${target}"

226

		eval "${post_mount}" >/dev/null

227

		eend $? || cryptfs_status=1

228

fi

229

}

230

231

# Determine string lengths

232

strlen() {

233

	if [ -z "$1" ]

234

		then

235

			echo "usage: strlen <variable_name>"

236

die

237

fi

238

	eval echo "\${#${1}}"

239

}

240

241

# Lookup optional bootparams

242

parse_opt() {

243

	case "$1" in

244

		*\=*)

245

			local key_name="`echo "$1" | cut -f1 -d=`"

246

			local key_len=`strlen key_name`

247

			local value_start=$((key_len+2))

248

			echo "$1" | cut -c ${value_start}-

249

;;

250

	esac

251

}

252

253

local cryptfs_status=0

254

local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev

255

256

CMDLINE="`cat /proc/cmdline`"

257

for x in ${CMDLINE}

258

do

259

	case "${x}" in

260

		key_timeout\=*)

261

			KEY_TIMEOUT=`parse_opt "${x}"`

262

			if [ ${KEY_TIMEOUT} -gt 0 ]; then

263

				read_timeout="-t ${KEY_TIMEOUT}"

264

fi

265

;;

266

	esac

267

done

268

269

if [[ -f /etc/conf.d/${SVCNAME} ]] && [[ -x /sbin/cryptsetup ]] ; then

270

	ebegin "Setting up dm-crypt mappings"

271

272

	while read -u 3 targetline ; do

273

		# skip comments and blank lines

274

		[[ ${targetline}\# == \#* ]] && continue

275

276

		# check for the start of a new target/swap

277

		case ${targetline} in

278

			target=*|swap=*)

279

				# If we have a target queued up, then execute it

280

				dm_crypt_execute_${SVCNAME%.*}

281

282

				# Prepare for the next target/swap by resetting variables

283

				unset gpg_options key loop_file target options pre_mount post_mount source swap remdev

284

;;

285

286

			gpg_options=*|remdev=*|key=*|loop_file=*|options=*|pre_mount=*|post_mount=*|source=*)

287

				if [[ -z ${target} && -z ${swap} ]] ; then

288

					ewarn "Ignoring setting outside target/swap section: ${targetline}"

289

					continue

290

fi

291

;;

292

293

*)

294

				ewarn "Skipping invalid line in /etc/conf.d/${SVCNAME}: ${targetline}"

295

;;

296

		esac

297

298

		# Queue this setting for the next call to dm_crypt_execute_${SVCNAME%.*}

299

		eval "${targetline}"

300

	done 3< /etc/conf.d/${SVCNAME}

301

302

	# If we have a target queued up, then execute it

303

	dm_crypt_execute_${SVCNAME%.*}

304

305

	ewend ${cryptfs_status} "Failed to setup dm-crypt devices"

306

fi

307

308

# vim:ts=4

1.1                  sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh

313

314

file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh?rev=1.1&view=markup

315

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh?rev=1.1&content-type=text/plain

316

317

Index: 1.1.3-dm-crypt-stop.sh

318

===================================================================

319

# /lib/rcscripts/addons/dm-crypt-stop.sh

320

321

# Fix for baselayout-1.12.10 (bug 174256)

322

: ${SVCNAME:=${myservice}}

323

324

# Try to remove any dm-crypt mappings

325

csetup=/sbin/cryptsetup

326

if [ -f /etc/conf.d/${SVCNAME} ] && [ -x "$csetup" ]

327

then

328

	einfo "Removing dm-crypt mappings"

329

330

	/bin/egrep "^(target|swap)" /etc/conf.d/${SVCNAME} | \

331

	while read targetline

332

do

333

		target=

334

		swap=

335

336

		eval ${targetline}

337

338

		[ -n "${swap}" ] && target=${swap}

339

		[ -z "${target}" ] && ewarn "Invalid line in /etc/conf.d/${SVCNAME}: ${targetline}"

340

341

		ebegin "Removing dm-crypt mapping for: ${target}"

342

		${csetup} remove ${target}

343

		eend $? "Failed to remove dm-crypt mapping for: ${target}"

344

	done

345

346

	if [[ -n $(/bin/egrep -e "^(source=)./dev/loop*" /etc/conf.d/${SVCNAME}) ]] ; then

347

		einfo "Taking down any dm-crypt loop devices"

348

		/bin/egrep -e "^(source)" /etc/conf.d/${SVCNAME} | while read sourceline

349

do

350

			source=

351

			eval ${sourceline}

352

			if [[ -n $(echo ${source} | grep /dev/loop) ]] ; then

353

				ebegin "   Taking down ${source}"

354

				/sbin/losetup -d ${source}

355

				eend $? "  Failed to remove loop"

356

fi

357

		done

358

fi

359

fi

360

361

# vim:ts=4

1	vapier 10/09/30 01:35:24
2
3	Added: 1.1.3-dm-crypt-start.sh 1.1.3-dm-crypt-stop.sh
4	Log:
5	Update by Wolfram to let the init.d scripts be multiplexed #338876.
6
7	(Portage version: 2.2_rc86/cvs/Linux x86_64)
8
9	Revision Changes Path
10	1.1 sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh
11
12	file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh?rev=1.1&view=markup
13	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-start.sh?rev=1.1&content-type=text/plain
14
15	Index: 1.1.3-dm-crypt-start.sh
16	===================================================================
17	# /lib/rcscripts/addons/dm-crypt-start.sh
18
19	# For backwards compatability with baselayout < 1.13.0
20	: ${SVCNAME:=${myservice}} #174256
21	dm_crypt_execute_checkfs() {
22	dm_crypt_execute_dmcrypt
23	}
24
25	dm_crypt_execute_volumes() {
26	dm_crypt_execute_dmcrypt
27	}
28
29	# Setup mappings for an individual target/swap
30	# Note: This relies on variables localized in the main body below.
31	dm_crypt_execute_dmcrypt() {
32	local dev ret mode foo
33	# some colors
34	local red='\x1b[31;01m' green='\x1b[32;01m' off='\x1b[0;0m'
35
36	if [ -n "$target" ]; then
37	# let user set options, otherwise leave empty
38	: ${options:=' '}
39	elif [ -n "$swap" ]; then
40	einfo "Checking swap is not LUKS"
41	cryptsetup isLuks ${source} 2>/dev/null
42	foo="$?"
43	if [ "${foo}" -eq 0 ]; then
44	ewarn "The swap you have defined is a LUKS partition. Aborting crypt-swap setup."
45	return
46	fi
47	target=${swap}
48	# swap contents do not need to be preserved between boots, luks not required.
49	# suspend2 users should have initramfs's init handling their swap partition either way.
50	: ${options:='-c aes -h sha1 -d /dev/urandom'}
51	: ${pre_mount:='mkswap ${dev}'}
52	else
53	return
54	fi
55	if [ -z "$source" ] && [ ! -e "$source" ]; then
56	ewarn "source \"${source}\" for ${target} missing, skipping..."
57	return
58	fi
59
60	if [[ -n ${loop_file} ]] ; then
61	dev="/dev/mapper/${target}"
62	ebegin " Setting up loop device ${source}"
63	/sbin/losetup ${source} ${loop_file}
64	fi
65
66	# cryptsetup:
67	# luksOpen <device> <name> # <device> is $source
68	# create <name> <device> # <name> is $target
69	local arg1="create" arg2="$target" arg3="$source" luks=0
70
71	cryptsetup isLuks ${source} 2>/dev/null && { arg1="luksOpen"; arg2="$source"; arg3="$target"; luks=1; }
72
73	if /sbin/cryptsetup status ${target} \| egrep -q '\<active:' ; then
74	einfo "dm-crypt mapping ${target} is already configured"
75	return
76	fi
77	splash svc_input_begin ${SVCNAME} >/dev/null 2>&1
78
79	# Handle keys
80	if [ -n "$key" ]; then
81	read_abort() {
82	local ans
83	local prompt=" ${green}*${off} $1? (${red}yes${off}/${green}No${off}) "
84	shift
85	echo -n -e "${prompt}"
86	if ! read -n 1 $* ans ; then
87	local back=${prompt//?/\\b}
88	echo -n -e "${back}"
89	else
90	echo
91	fi
92	case $ans in
93	[yY]\|[yY][eE][sS]) return 0;;
94	*) return 1;;
95	esac
96	}
97
98	# Notes: sed not used to avoid case where /usr partition is encrypted.
99	mode=${key/*:/} && ( [ "$mode" == "$key" ] \|\| [ -z "$mode" ] ) && mode=reg
100	key=${key/:*/}
101	case "$mode" in
102	gpg\|reg)
103	# handle key on removable device
104	if [ -n "$remdev" ]; then
105	# temp directory to mount removable device
106	local mntrem="${RC_SVCDIR}/dm-crypt-remdev.$$"
107	if [ ! -d "${mntrem}" ] ; then
108	if ! mkdir -p "${mntrem}" ; then
109	ewarn "${source} will not be decrypted ..."
110	einfo "Reason: Unable to create temporary mount point '${mntrem}'"
111	return
112	fi
113	fi
114	i=0
115	einfo "Please insert removable device for ${target}"
116	while [ ${i} -lt ${dmcrypt_max_timeout:-120} ] ; do
117	foo=""
118	if mount -n -o ro "${remdev}" "${mntrem}" 2>/dev/null >/dev/null ; then
119	# keyfile exists?
120	if [ ! -e "${mntrem}${key}" ]; then
121	umount -n "${mntrem}"
122	rmdir "${mntrem}"
123	einfo "Cannot find ${key} on removable media."
124	read_abort "Abort" ${read_timeout:--t 1} && return
125	else
126	key="${mntrem}${key}"
127	break
128	fi
129	else
130	[ -e "${remdev}" ] \
131	&& foo="mount failed" \
132	\|\| foo="mount source not found"
133	fi
134	((++i))
135	read_abort "Stop waiting after $i attempts (${foo})" -t 1 && return
136	done
137	else # keyfile ! on removable device
138	if [ ! -e "$key" ]; then
139	ewarn "${source} will not be decrypted ..."
140	einfo "Reason: keyfile ${key} does not exist."
141	return
142	fi
143	fi
144	;;
145	*)
146	ewarn "${source} will not be decrypted ..."
147	einfo "Reason: mode ${mode} is invalid."
148	return
149	;;
150	esac
151	else
152	mode=none
153	fi
154	ebegin "dm-crypt map ${target}"
155	einfo "cryptsetup will be called with : ${options} ${arg1} ${arg2} ${arg3}"
156	if [ "$mode" == "gpg" ]; then
157	: ${gpg_options:='-q -d'}
158	# gpg available ?
159	if type -p gpg >/dev/null ; then
160	for (( i = 0 ; i < 3 ; i++ ))
161	do
162	# paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected.
163	# save stdin stdout stderr "values"
164	gpg ${gpg_options} ${key} 2>/dev/null \| cryptsetup ${options} ${arg1} ${arg2} ${arg3}
165	ret="$?"
166	[ "$ret" -eq 0 ] && break
167	done
168	eend "${ret}" "failure running cryptsetup"
169	else
170	ewarn "${source} will not be decrypted ..."
171	einfo "Reason: cannot find gpg application."
172	einfo "You have to install app-crypt/gnupg first."
173	einfo "If you have /usr on its own partition, try copying gpg to /bin ."
174	fi
175	else
176	if [ "$mode" == "reg" ]; then
177	cryptsetup ${options} -d ${key} ${arg1} ${arg2} ${arg3}
178	ret="$?"
179	eend "${ret}" "failure running cryptsetup"
180	else
181	cryptsetup ${options} ${arg1} ${arg2} ${arg3}
182	ret="$?"
183	eend "${ret}" "failure running cryptsetup"
184	fi
185	fi
186	if [ -d "$mntrem" ]; then
187	umount -n ${mntrem} 2>/dev/null >/dev/null
188	rmdir ${mntrem} 2>/dev/null >/dev/null
189	fi
190	splash svc_input_end ${SVCNAME} >/dev/null 2>&1
191
192	if [[ ${ret} != 0 ]] ; then
193	cryptfs_status=1
194	else
195	if [[ -n ${pre_mount} ]] ; then
196	dev="/dev/mapper/${target}"
197	ebegin " Running pre_mount commands for ${target}"
198	eval "${pre_mount}" > /dev/null
199	ewend $? \|\| cryptfs_status=1
200	fi
201	fi
202	}
203
204	# Run any post_mount commands for an individual mount
205	#
206	# Note: This relies on variables localized in the main body below.
207	dm_crypt_execute_localmount() {
208	local mount_point
209
210	[ -z "$target" ] && [ -z "$post_mount" ] && return
211
212	if ! /sbin/cryptsetup status ${target} \| egrep -q '\<active:' ; then
213	ewarn "Skipping unmapped target ${target}"
214	cryptfs_status=1
215	return
216	fi
217
218	mount_point=$(grep "/dev/mapper/${target}" /proc/mounts \| cut -d' ' -f2)
219	if [[ -z ${mount_point} ]] ; then
220	ewarn "Failed to find mount point for ${target}, skipping"
221	cryptfs_status=1
222	fi
223
224	if [[ -n ${post_mount} ]] ; then
225	ebegin "Running post_mount commands for target ${target}"
226	eval "${post_mount}" >/dev/null
227	eend $? \|\| cryptfs_status=1
228	fi
229	}
230
231	# Determine string lengths
232	strlen() {
233	if [ -z "$1" ]
234	then
235	echo "usage: strlen <variable_name>"
236	die
237	fi
238	eval echo "\${#${1}}"
239	}
240
241	# Lookup optional bootparams
242	parse_opt() {
243	case "$1" in
244	\=)
245	local key_name="`echo "$1" \| cut -f1 -d=`"
246	local key_len=`strlen key_name`
247	local value_start=$((key_len+2))
248	echo "$1" \| cut -c ${value_start}-
249	;;
250	esac
251	}
252
253	local cryptfs_status=0
254	local gpg_options key loop_file target targetline options pre_mount post_mount source swap remdev
255
256	CMDLINE="`cat /proc/cmdline`"
257	for x in ${CMDLINE}
258	do
259	case "${x}" in
260	key_timeout\=*)
261	KEY_TIMEOUT=`parse_opt "${x}"`
262	if [ ${KEY_TIMEOUT} -gt 0 ]; then
263	read_timeout="-t ${KEY_TIMEOUT}"
264	fi
265	;;
266	esac
267	done
268
269	if [[ -f /etc/conf.d/${SVCNAME} ]] && [[ -x /sbin/cryptsetup ]] ; then
270	ebegin "Setting up dm-crypt mappings"
271
272	while read -u 3 targetline ; do
273	# skip comments and blank lines
274	[[ ${targetline}\# == \#* ]] && continue
275
276	# check for the start of a new target/swap
277	case ${targetline} in
278	target=\|swap=)
279	# If we have a target queued up, then execute it
280	dm_crypt_execute_${SVCNAME%.*}
281
282	# Prepare for the next target/swap by resetting variables
283	unset gpg_options key loop_file target options pre_mount post_mount source swap remdev
284	;;
285
286	gpg_options=\|remdev=\|key=\|loop_file=\|options=\|pre_mount=\|post_mount=\|source=)
287	if [[ -z ${target} && -z ${swap} ]] ; then
288	ewarn "Ignoring setting outside target/swap section: ${targetline}"
289	continue
290	fi
291	;;
292
293	*)
294	ewarn "Skipping invalid line in /etc/conf.d/${SVCNAME}: ${targetline}"
295	;;
296	esac
297
298	# Queue this setting for the next call to dm_crypt_execute_${SVCNAME%.*}
299	eval "${targetline}"
300	done 3< /etc/conf.d/${SVCNAME}
301
302	# If we have a target queued up, then execute it
303	dm_crypt_execute_${SVCNAME%.*}
304
305	ewend ${cryptfs_status} "Failed to setup dm-crypt devices"
306	fi
307
308	# vim:ts=4
309
310
311
312	1.1 sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh
313
314	file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh?rev=1.1&view=markup
315	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sys-fs/cryptsetup/files/1.1.3-dm-crypt-stop.sh?rev=1.1&content-type=text/plain
316
317	Index: 1.1.3-dm-crypt-stop.sh
318	===================================================================
319	# /lib/rcscripts/addons/dm-crypt-stop.sh
320
321	# Fix for baselayout-1.12.10 (bug 174256)
322	: ${SVCNAME:=${myservice}}
323
324	# Try to remove any dm-crypt mappings
325	csetup=/sbin/cryptsetup
326	if [ -f /etc/conf.d/${SVCNAME} ] && [ -x "$csetup" ]
327	then
328	einfo "Removing dm-crypt mappings"
329
330	/bin/egrep "^(target\|swap)" /etc/conf.d/${SVCNAME} \| \
331	while read targetline
332	do
333	target=
334	swap=
335
336	eval ${targetline}
337
338	[ -n "${swap}" ] && target=${swap}
339	[ -z "${target}" ] && ewarn "Invalid line in /etc/conf.d/${SVCNAME}: ${targetline}"
340
341	ebegin "Removing dm-crypt mapping for: ${target}"
342	${csetup} remove ${target}
343	eend $? "Failed to remove dm-crypt mapping for: ${target}"
344	done
345
346	if [[ -n $(/bin/egrep -e "^(source=)./dev/loop*" /etc/conf.d/${SVCNAME}) ]] ; then
347	einfo "Taking down any dm-crypt loop devices"
348	/bin/egrep -e "^(source)" /etc/conf.d/${SVCNAME} \| while read sourceline
349	do
350	source=
351	eval ${sourceline}
352	if [[ -n $(echo ${source} \| grep /dev/loop) ]] ; then
353	ebegin " Taking down ${source}"
354	/sbin/losetup -d ${source}
355	eend $? " Failed to remove loop"
356	fi
357	done
358	fi
359	fi
360
361	# vim:ts=4

Gentoo Archives: gentoo-commits