[arch-commits] CVS update of arch/build/base/cryptsetup (encrypt_hook)

Thomas Baechler thomas at archlinux.org
Sun Apr 29 05:09:16 EDT 2007


    Date: Sunday, April 29, 2007 @ 05:09:16
  Author: thomas
    Path: /home/cvs-arch/arch/build/base/cryptsetup

Modified: encrypt_hook (1.2 -> 1.3)

changed encrypt hook to close #6806, not tested yet


--------------+
 encrypt_hook |   35 +++++++++++++++++++++++------------
 1 file changed, 23 insertions(+), 12 deletions(-)


Index: arch/build/base/cryptsetup/encrypt_hook
diff -u arch/build/base/cryptsetup/encrypt_hook:1.2 arch/build/base/cryptsetup/encrypt_hook:1.3
--- arch/build/base/cryptsetup/encrypt_hook:1.2	Sat Dec 16 19:40:51 2006
+++ arch/build/base/cryptsetup/encrypt_hook	Sun Apr 29 05:09:15 2007
@@ -41,11 +41,18 @@
             [ ! -f ${ckeyfile} ] && echo "Keyfile could not be opened. Reverting to passphrase."
         fi
 
-        if /bin/cryptsetup isLuks ${root} >/dev/null 2>&1; then
+        if [ -n "${cryptdevice}" ]; then
+            set -- $(/bin/replace "${cryptdevice}" ':'); cryptdev="$1"; cryptname="$2";
+        else
+            cryptdev="${root}"
+            cryptname="root"
+        fi
+
+        if /bin/cryptsetup isLuks ${cryptdev} >/dev/null 2>&1; then
             dopassphrase=1
             # If keyfile exists, try to use that
             if [ -f ${ckeyfile} ]; then
-                if eval /bin/cryptsetup --key-file ${ckeyfile} luksOpen ${root} root ${CSQUIET}; then
+                if eval /bin/cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; then
                     dopassphrase=0
                 else
                     echo "Invalid keyfile. Reverting to passphrase."
@@ -54,17 +61,19 @@
             # Ask for a passphrase
             if [ ${dopassphrase} -gt 0 ]; then
                 echo ""
-                echo "A password is required to access the root filesystem:"
+                echo "A password is required to access the ${cryptname} volume:"
 
                 #loop until we get a real password
-                while ! eval /bin/cryptsetup luksOpen ${root} root ${CSQUIET}; do
+                while ! eval /bin/cryptsetup luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; do
                     sleep 2;
                 done
             fi
-            if [ -e "/dev/mapper/root" ]; then
-                export root="/dev/mapper/root"
+            if [ -e "/dev/mapper/${cryptname}" ]; then
+                if [ "${cryptname}" = "root" ]; then
+                    export root="/dev/mapper/root"
+                fi
             else
-                err "Password succeeded, but root creation failed, aborting..."
+                err "Password succeeded, but ${cryptname} creation failed, aborting..."
                 exit 1
             fi
         elif [ "x${crypto}" != "x" ]; then
@@ -75,7 +84,7 @@
                     err "Non-LUKS decryption not attempted..."
                     return 1
                 fi
-                exe="/bin/cryptsetup create root ${root}"
+                exe="/bin/cryptsetup create ${cryptname} ${cryptdev}"
                 [ "x$(eval echo ${1})" != "x" ] && exe="${exe} --hash \"$(eval echo ${1})\""
                 [ "x$(eval echo ${2})" != "x" ] && exe="${exe} --cipher \"$(eval echo ${2})\""
                 [ "x$(eval echo ${3})" != "x" ] && exe="${exe} --key-size \"$(eval echo ${3})\""
@@ -86,7 +95,7 @@
                 else
                     exe="${exe} --verify-passphrase"
                     echo ""
-                    echo "A password is required to access the root filesystem:"
+                    echo "A password is required to access the ${cryptname} volume:"
                 fi
                 eval "${exe} ${CSQUIET}"
             }
@@ -99,10 +108,12 @@
                 err "      crypto=hash:cipher:keysize:offset:skip"
                 exit 1
             fi
-            if [ -e "/dev/mapper/root" ]; then
-                export root="/dev/mapper/root"
+            if [ -e "/dev/mapper/${cryptname}" ]; then
+                if [ "${cryptname}" = "root" ]; then
+                    export root="/dev/mapper/root"
+                fi
             else
-                err "Password succeeded, but root creation failed, aborting..."
+                err "Password succeeded, but ${cryptname} creation failed, aborting..."
                 exit 1
             fi
         fi




More information about the arch-commits mailing list