aboutsummaryrefslogtreecommitdiff
path: root/rc.sysinit
diff options
context:
space:
mode:
authorTom Gundersen <teg@jklm.no>2012-03-17 10:38:14 (GMT)
committerTom Gundersen <teg@jklm.no>2012-03-17 10:38:14 (GMT)
commite57e4ebe4aee02b175f3d4d13a0fa1838769b3f2 (patch)
tree396d3150f92b18b6934a52ce9027866e82dc0ebd /rc.sysinit
parent4c6aba5ab3812523e65806c2876035b4498aad2e (diff)
downloadinitscripts-e57e4ebe4aee02b175f3d4d13a0fa1838769b3f2.tar.xz
crypto: move function from sysinit to functions
No functional change, just improve readability. Signed-off-by: Tom Gundersen <teg@jklm.no>
Diffstat (limited to 'rc.sysinit')
-rwxr-xr-xrc.sysinit77
1 files changed, 0 insertions, 77 deletions
diff --git a/rc.sysinit b/rc.sysinit
index 06b4bda..3528bb2 100755
--- a/rc.sysinit
+++ b/rc.sysinit
@@ -89,83 +89,6 @@ activate_vgs
# Set up non-root encrypted partition mappings
if [[ -f /etc/crypttab ]] && type -p cryptsetup >/dev/null; then
stat_busy "Unlocking encrypted volumes:"
- do_unlock() {
- # $1 = requested name
- # $2 = source device
- # $3 = password
- # $4 = options
- stat_append "${1}.."
- local open=create a=$1 b=$2 failed=0
- # Ordering of options is different if you are using LUKS vs. not.
- # Use ugly swizzling to deal with it.
- # isLuks only gives an exit code but no output to stdout or stderr.
- if cryptsetup isLuks "$2" 2>/dev/null; then
- open=luksOpen
- a=$2
- b=$1
- fi
- case $3 in
- SWAP)
- local _overwriteokay=0
- if [[ -b $2 && -r $2 ]]; then
- # This is DANGEROUS! If there is any known file system,
- # partition table, RAID or LVM volume on the device
- # we don't overwrite it.
- #
- # 'blkid' returns 2 if no valid signature has been found.
- # Only in this case we should allow overwriting the device.
- #
- # This sanity check _should_ be sufficient, but it might not.
- # This may cause dataloss if it is not used carefully.
- blkid -p "$2" &>/dev/null
- (( $? == 2 )) && _overwriteokay=1
- fi
- if (( _overwriteokay == 0 )); then
- false
- elif cryptsetup -d /dev/urandom $4 $open "$a" "$b" >/dev/null; then
- stat_append "creating swapspace.."
- mkswap -f -L $1 /dev/mapper/$1 >/dev/null
- fi;;
- ASK)
- printf "\nOpening '$1' volume:\n"
- cryptsetup $4 $open "$a" "$b" < /dev/console;;
- /dev*)
- local ckdev=${3%%:*}
- local cka=${3#*:}
- local ckb=${cka#*:}
- local cka=${cka%:*}
- local ckfile=/dev/ckfile
- local ckdir=/dev/ckdir
- case ${cka} in
- *[!0-9]*)
- # Use a file on the device
- # cka is not numeric: cka=filesystem, ckb=path
- mkdir ${ckdir}
- mount -r -t ${cka} ${ckdev} ${ckdir}
- dd if=${ckdir}/${ckb} of=${ckfile} >/dev/null 2>&1
- umount ${ckdir}
- rmdir ${ckdir};;
- *)
- # Read raw data from the block device
- # cka is numeric: cka=offset, ckb=length
- dd if=${ckdev} of=${ckfile} bs=1 skip=${cka} count=${ckb} >/dev/null 2>&1;;
- esac
- cryptsetup -d ${ckfile} $4 $open "$a" "$b" >/dev/null
- dd if=/dev/urandom of=${ckfile} bs=1 count=$(stat -c %s ${ckfile}) conv=notrunc >/dev/null 2>&1
- rm ${ckfile};;
- /*)
- cryptsetup -d "$3" $4 $open "$a" "$b" >/dev/null;;
- *)
- echo "$3" | cryptsetup $4 $open "$a" "$b" >/dev/null;;
- esac
- if (( $? )); then
- failed=1
- stat_append "failed "
- else
- stat_append "ok "
- fi
- return $failed
- }
crypto_unlocked=0
read_crypttab do_unlock && stat_done || stat_fail
# Maybe someone has LVM on an encrypted block device