[arch-commits] CVS update of arch/build/base/cryptsetup (encrypt_hook)
Thomas Baechler
thomas at archlinux.org
Sun Apr 29 09:09:16 UTC 2007
Date: Sunday, April 29, 2007 @ 05:09:16
Author: thomas
Path: /home/cvs-arch/arch/build/base/cryptsetup
Modified: encrypt_hook (1.2 -> 1.3)
changed encrypt hook to close #6806, not tested yet
--------------+
encrypt_hook | 35 +++++++++++++++++++++++------------
1 file changed, 23 insertions(+), 12 deletions(-)
Index: arch/build/base/cryptsetup/encrypt_hook
diff -u arch/build/base/cryptsetup/encrypt_hook:1.2 arch/build/base/cryptsetup/encrypt_hook:1.3
--- arch/build/base/cryptsetup/encrypt_hook:1.2 Sat Dec 16 19:40:51 2006
+++ arch/build/base/cryptsetup/encrypt_hook Sun Apr 29 05:09:15 2007
@@ -41,11 +41,18 @@
[ ! -f ${ckeyfile} ] && echo "Keyfile could not be opened. Reverting to passphrase."
fi
- if /bin/cryptsetup isLuks ${root} >/dev/null 2>&1; then
+ if [ -n "${cryptdevice}" ]; then
+ set -- $(/bin/replace "${cryptdevice}" ':'); cryptdev="$1"; cryptname="$2";
+ else
+ cryptdev="${root}"
+ cryptname="root"
+ fi
+
+ if /bin/cryptsetup isLuks ${cryptdev} >/dev/null 2>&1; then
dopassphrase=1
# If keyfile exists, try to use that
if [ -f ${ckeyfile} ]; then
- if eval /bin/cryptsetup --key-file ${ckeyfile} luksOpen ${root} root ${CSQUIET}; then
+ if eval /bin/cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; then
dopassphrase=0
else
echo "Invalid keyfile. Reverting to passphrase."
@@ -54,17 +61,19 @@
# Ask for a passphrase
if [ ${dopassphrase} -gt 0 ]; then
echo ""
- echo "A password is required to access the root filesystem:"
+ echo "A password is required to access the ${cryptname} volume:"
#loop until we get a real password
- while ! eval /bin/cryptsetup luksOpen ${root} root ${CSQUIET}; do
+ while ! eval /bin/cryptsetup luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; do
sleep 2;
done
fi
- if [ -e "/dev/mapper/root" ]; then
- export root="/dev/mapper/root"
+ if [ -e "/dev/mapper/${cryptname}" ]; then
+ if [ "${cryptname}" = "root" ]; then
+ export root="/dev/mapper/root"
+ fi
else
- err "Password succeeded, but root creation failed, aborting..."
+ err "Password succeeded, but ${cryptname} creation failed, aborting..."
exit 1
fi
elif [ "x${crypto}" != "x" ]; then
@@ -75,7 +84,7 @@
err "Non-LUKS decryption not attempted..."
return 1
fi
- exe="/bin/cryptsetup create root ${root}"
+ exe="/bin/cryptsetup create ${cryptname} ${cryptdev}"
[ "x$(eval echo ${1})" != "x" ] && exe="${exe} --hash \"$(eval echo ${1})\""
[ "x$(eval echo ${2})" != "x" ] && exe="${exe} --cipher \"$(eval echo ${2})\""
[ "x$(eval echo ${3})" != "x" ] && exe="${exe} --key-size \"$(eval echo ${3})\""
@@ -86,7 +95,7 @@
else
exe="${exe} --verify-passphrase"
echo ""
- echo "A password is required to access the root filesystem:"
+ echo "A password is required to access the ${cryptname} volume:"
fi
eval "${exe} ${CSQUIET}"
}
@@ -99,10 +108,12 @@
err " crypto=hash:cipher:keysize:offset:skip"
exit 1
fi
- if [ -e "/dev/mapper/root" ]; then
- export root="/dev/mapper/root"
+ if [ -e "/dev/mapper/${cryptname}" ]; then
+ if [ "${cryptname}" = "root" ]; then
+ export root="/dev/mapper/root"
+ fi
else
- err "Password succeeded, but root creation failed, aborting..."
+ err "Password succeeded, but ${cryptname} creation failed, aborting..."
exit 1
fi
fi
More information about the arch-commits
mailing list