[arch-commits] Commit in cryptsetup/repos (12 files)

Dave Reisner dreisner at archlinux.org
Fri May 25 23:50:40 UTC 2012


    Date: Friday, May 25, 2012 @ 19:50:39
  Author: dreisner
Revision: 159622

archrelease: copy trunk to testing-i686, testing-x86_64

Added:
  cryptsetup/repos/testing-i686/PKGBUILD
    (from rev 159621, cryptsetup/trunk/PKGBUILD)
  cryptsetup/repos/testing-i686/encrypt_hook
    (from rev 159621, cryptsetup/trunk/encrypt_hook)
  cryptsetup/repos/testing-i686/encrypt_install
    (from rev 159621, cryptsetup/trunk/encrypt_install)
  cryptsetup/repos/testing-x86_64/PKGBUILD
    (from rev 159621, cryptsetup/trunk/PKGBUILD)
  cryptsetup/repos/testing-x86_64/encrypt_hook
    (from rev 159621, cryptsetup/trunk/encrypt_hook)
  cryptsetup/repos/testing-x86_64/encrypt_install
    (from rev 159621, cryptsetup/trunk/encrypt_install)
Deleted:
  cryptsetup/repos/testing-i686/PKGBUILD
  cryptsetup/repos/testing-i686/encrypt_hook
  cryptsetup/repos/testing-i686/encrypt_install
  cryptsetup/repos/testing-x86_64/PKGBUILD
  cryptsetup/repos/testing-x86_64/encrypt_hook
  cryptsetup/repos/testing-x86_64/encrypt_install

--------------------------------+
 testing-i686/PKGBUILD          |   70 ++++-----
 testing-i686/encrypt_hook      |  276 +++++++++++++++++++--------------------
 testing-i686/encrypt_install   |   88 ++++++------
 testing-x86_64/PKGBUILD        |   70 ++++-----
 testing-x86_64/encrypt_hook    |  276 +++++++++++++++++++--------------------
 testing-x86_64/encrypt_install |   88 ++++++------
 6 files changed, 434 insertions(+), 434 deletions(-)

Deleted: testing-i686/PKGBUILD
===================================================================
--- testing-i686/PKGBUILD	2012-05-25 23:50:20 UTC (rev 159621)
+++ testing-i686/PKGBUILD	2012-05-25 23:50:39 UTC (rev 159622)
@@ -1,35 +0,0 @@
-# $Id$
-# Maintainer: Thomas Bächler <thomas at archlinux.org>
-pkgname=cryptsetup
-pkgver=1.4.2
-pkgrel=1
-pkgdesc="Userspace setup tool for transparent encryption of block devices using dm-crypt"
-arch=(i686 x86_64)
-license=('GPL')
-url="http://code.google.com/p/cryptsetup/"
-groups=('base')
-depends=('device-mapper>=2.02.85-2' 'libgcrypt' 'popt')
-conflicts=('mkinitcpio<0.7')
-options=('!libtool' '!emptydirs')
-source=(http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2
-        http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2.asc
-        encrypt_hook
-        encrypt_install)
-sha256sums=('1fe80d7b19d24b3f65d2e446decfed859e2c4d17fdf7c19289d82dc7cd60dfe7'
-            '4e6dbece8d1baad861479aca70d0cf30887420da9b5eab45d65d064c656893ed'
-            'e0cbcabb81233b4d465833dca0faf1e762dc3cb6611597a25fe24e5d7209f316'
-            'cfe465bdad3d958bb2332a05e04f2e1e884422a5714dfd1a0a3b9b74bf7dc6ae')
-
-build() {
-  cd "${srcdir}"/$pkgname-${pkgver}
-  ./configure --prefix=/usr --disable-static
-  make
-}
-
-package() {
-  cd "${srcdir}"/$pkgname-${pkgver}
-  make DESTDIR="${pkgdir}" install
-  # install hook
-  install -D -m644 "${srcdir}"/encrypt_hook "${pkgdir}"/usr/lib/initcpio/hooks/encrypt
-  install -D -m644 "${srcdir}"/encrypt_install "${pkgdir}"/usr/lib/initcpio/install/encrypt
-}

Copied: cryptsetup/repos/testing-i686/PKGBUILD (from rev 159621, cryptsetup/trunk/PKGBUILD)
===================================================================
--- testing-i686/PKGBUILD	                        (rev 0)
+++ testing-i686/PKGBUILD	2012-05-25 23:50:39 UTC (rev 159622)
@@ -0,0 +1,35 @@
+# $Id$
+# Maintainer: Thomas Bächler <thomas at archlinux.org>
+pkgname=cryptsetup
+pkgver=1.4.2
+pkgrel=2
+pkgdesc="Userspace setup tool for transparent encryption of block devices using dm-crypt"
+arch=(i686 x86_64)
+license=('GPL')
+url="http://code.google.com/p/cryptsetup/"
+groups=('base')
+depends=('device-mapper>=2.02.85-2' 'libgcrypt' 'popt')
+conflicts=('mkinitcpio<0.7')
+options=('!libtool' '!emptydirs')
+source=(http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2
+        http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2.asc
+        encrypt_hook
+        encrypt_install)
+sha256sums=('1fe80d7b19d24b3f65d2e446decfed859e2c4d17fdf7c19289d82dc7cd60dfe7'
+            '4e6dbece8d1baad861479aca70d0cf30887420da9b5eab45d65d064c656893ed'
+            'e0cbcabb81233b4d465833dca0faf1e762dc3cb6611597a25fe24e5d7209f316'
+            'cfe465bdad3d958bb2332a05e04f2e1e884422a5714dfd1a0a3b9b74bf7dc6ae')
+
+build() {
+  cd "${srcdir}"/$pkgname-${pkgver}
+  ./configure --prefix=/usr --disable-static
+  make
+}
+
+package() {
+  cd "${srcdir}"/$pkgname-${pkgver}
+  make DESTDIR="${pkgdir}" install
+  # install hook
+  install -D -m644 "${srcdir}"/encrypt_hook "${pkgdir}"/usr/lib/initcpio/hooks/encrypt
+  install -D -m644 "${srcdir}"/encrypt_install "${pkgdir}"/usr/lib/initcpio/install/encrypt
+}

Deleted: testing-i686/encrypt_hook
===================================================================
--- testing-i686/encrypt_hook	2012-05-25 23:50:20 UTC (rev 159621)
+++ testing-i686/encrypt_hook	2012-05-25 23:50:39 UTC (rev 159622)
@@ -1,138 +0,0 @@
-#!/usr/bin/ash
-
-run_hook() {
-    modprobe -a -q dm-crypt >/dev/null 2>&1
-    [ "${quiet}" = "y" ] && CSQUIET=">/dev/null"
-
-    # Get keyfile if specified
-    ckeyfile="/crypto_keyfile.bin"
-    if [ -n "$cryptkey" ]; then
-        IFS=: read ckdev ckarg1 ckarg2 <<EOF
-$cryptkey
-EOF
-
-        if resolved=$(resolve_device "${ckdev}" ${rootdelay}); then
-            case ${ckarg1} in
-                *[!0-9]*)
-                    # Use a file on the device
-                    # ckarg1 is not numeric: ckarg1=filesystem, ckarg2=path
-                    mkdir /ckey
-                    mount -r -t "$ckarg1" "$resolved" /ckey
-                    dd if="/ckey/$ckarg2" of="$ckeyfile" >/dev/null 2>&1
-                    umount /ckey
-                    ;;
-                *)
-                    # Read raw data from the block device
-                    # ckarg1 is numeric: ckarg1=offset, ckarg2=length
-                    dd if="$resolved" of="$ckeyfile" bs=1 skip="$ckarg1" count="$ckarg2" >/dev/null 2>&1
-                    ;;
-            esac
-        fi
-        [ ! -f ${ckeyfile} ] && echo "Keyfile could not be opened. Reverting to passphrase."
-    fi
-
-    if [ -n "${cryptdevice}" ]; then
-        DEPRECATED_CRYPT=0
-        IFS=: read cryptdev cryptname cryptoptions <<EOF
-$cryptdevice
-EOF
-    else
-        DEPRECATED_CRYPT=1
-        cryptdev="${root}"
-        cryptname="root"
-    fi
-
-    warn_deprecated() {
-        echo "The syntax 'root=${root}' where '${root}' is an encrypted volume is deprecated"
-        echo "Use 'cryptdevice=${root}:root root=/dev/mapper/root' instead."
-    }
-
-    for cryptopt in ${cryptoptions//,/ }; do
-        case ${cryptopt} in
-            allow-discards)
-                echo "Enabling TRIM/discard support."
-                cryptargs="${cryptargs} --allow-discards"
-                ;;
-            *)
-                echo "Encryption option '${cryptopt}' not known, ignoring." >&2
-                ;;
-        esac
-    done
-
-    if resolved=$(resolve_device "${cryptdev}" ${rootdelay}); then
-        if cryptsetup isLuks ${resolved} >/dev/null 2>&1; then
-            [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
-            dopassphrase=1
-            # If keyfile exists, try to use that
-            if [ -f ${ckeyfile} ]; then
-                if eval cryptsetup --key-file ${ckeyfile} luksOpen ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; then
-                    dopassphrase=0
-                else
-                    echo "Invalid keyfile. Reverting to passphrase."
-                fi
-            fi
-            # Ask for a passphrase
-            if [ ${dopassphrase} -gt 0 ]; then
-                echo ""
-                echo "A password is required to access the ${cryptname} volume:"
-
-                #loop until we get a real password
-                while ! eval cryptsetup luksOpen ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; do
-                    sleep 2;
-                done
-            fi
-            if [ -e "/dev/mapper/${cryptname}" ]; then
-                if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
-                    export root="/dev/mapper/root"
-                fi
-            else
-                err "Password succeeded, but ${cryptname} creation failed, aborting..."
-                exit 1
-            fi
-        elif [ -n "${crypto}" ]; then
-            [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
-            msg "Non-LUKS encrypted device found..."
-            if echo "$crypto" | awk -F: '{ exit(NF == 5) }'; then
-                err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip"
-                err "Non-LUKS decryption not attempted..."
-                return 1
-            fi
-            exe="cryptsetup create $cryptname $resolved $cryptargs"
-            IFS=: read c_hash c_cipher c_keysize c_offset c_skip <<EOF
-$crypto
-EOF
-            [ -n "$c_hash" ]    && exe="$exe --hash '$c_hash'"
-            [ -n "$c_cipher" ]  && exe="$exe --cipher '$c_cipher'"
-            [ -n "$c_keysize" ] && exe="$exe --key-size '$c_keysize'"
-            [ -n "$c_offset" ]  && exe="$exe --offset '$c_offset'"
-            [ -n "$c_skip" ]    && exe="$exe --skip '$c_skip'"
-            if [ -f "$ckeyfile" ]; then
-                exe="$exe --key-file $ckeyfile"
-            else
-                exe="$exe --verify-passphrase"
-                echo ""
-                echo "A password is required to access the ${cryptname} volume:"
-            fi
-            eval "$exe $CSQUIET"
-
-            if [ $? -ne 0 ]; then
-                err "Non-LUKS device decryption failed. verify format: "
-                err "      crypto=hash:cipher:keysize:offset:skip"
-                exit 1
-            fi
-            if [ -e "/dev/mapper/${cryptname}" ]; then
-                if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
-                    export root="/dev/mapper/root"
-                fi
-            else
-                err "Password succeeded, but ${cryptname} creation failed, aborting..."
-                exit 1
-            fi
-        else
-            err "Failed to open encryption mapping: The device ${cryptdev} is not a LUKS volume and the crypto= paramater was not specified."
-        fi
-    fi
-    rm -f ${ckeyfile}
-}
-
-# vim: set ft=sh ts=4 sw=4 et:

Copied: cryptsetup/repos/testing-i686/encrypt_hook (from rev 159621, cryptsetup/trunk/encrypt_hook)
===================================================================
--- testing-i686/encrypt_hook	                        (rev 0)
+++ testing-i686/encrypt_hook	2012-05-25 23:50:39 UTC (rev 159622)
@@ -0,0 +1,138 @@
+#!/usr/bin/ash
+
+run_hook() {
+    modprobe -a -q dm-crypt >/dev/null 2>&1
+    [ "${quiet}" = "y" ] && CSQUIET=">/dev/null"
+
+    # Get keyfile if specified
+    ckeyfile="/crypto_keyfile.bin"
+    if [ -n "$cryptkey" ]; then
+        IFS=: read ckdev ckarg1 ckarg2 <<EOF
+$cryptkey
+EOF
+
+        if resolved=$(resolve_device "${ckdev}" ${rootdelay}); then
+            case ${ckarg1} in
+                *[!0-9]*)
+                    # Use a file on the device
+                    # ckarg1 is not numeric: ckarg1=filesystem, ckarg2=path
+                    mkdir /ckey
+                    mount -r -t "$ckarg1" "$resolved" /ckey
+                    dd if="/ckey/$ckarg2" of="$ckeyfile" >/dev/null 2>&1
+                    umount /ckey
+                    ;;
+                *)
+                    # Read raw data from the block device
+                    # ckarg1 is numeric: ckarg1=offset, ckarg2=length
+                    dd if="$resolved" of="$ckeyfile" bs=1 skip="$ckarg1" count="$ckarg2" >/dev/null 2>&1
+                    ;;
+            esac
+        fi
+        [ ! -f ${ckeyfile} ] && echo "Keyfile could not be opened. Reverting to passphrase."
+    fi
+
+    if [ -n "${cryptdevice}" ]; then
+        DEPRECATED_CRYPT=0
+        IFS=: read cryptdev cryptname cryptoptions <<EOF
+$cryptdevice
+EOF
+    else
+        DEPRECATED_CRYPT=1
+        cryptdev="${root}"
+        cryptname="root"
+    fi
+
+    warn_deprecated() {
+        echo "The syntax 'root=${root}' where '${root}' is an encrypted volume is deprecated"
+        echo "Use 'cryptdevice=${root}:root root=/dev/mapper/root' instead."
+    }
+
+    for cryptopt in ${cryptoptions//,/ }; do
+        case ${cryptopt} in
+            allow-discards)
+                echo "Enabling TRIM/discard support."
+                cryptargs="${cryptargs} --allow-discards"
+                ;;
+            *)
+                echo "Encryption option '${cryptopt}' not known, ignoring." >&2
+                ;;
+        esac
+    done
+
+    if resolved=$(resolve_device "${cryptdev}" ${rootdelay}); then
+        if cryptsetup isLuks ${resolved} >/dev/null 2>&1; then
+            [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
+            dopassphrase=1
+            # If keyfile exists, try to use that
+            if [ -f ${ckeyfile} ]; then
+                if eval cryptsetup --key-file ${ckeyfile} luksOpen ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; then
+                    dopassphrase=0
+                else
+                    echo "Invalid keyfile. Reverting to passphrase."
+                fi
+            fi
+            # Ask for a passphrase
+            if [ ${dopassphrase} -gt 0 ]; then
+                echo ""
+                echo "A password is required to access the ${cryptname} volume:"
+
+                #loop until we get a real password
+                while ! eval cryptsetup luksOpen ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; do
+                    sleep 2;
+                done
+            fi
+            if [ -e "/dev/mapper/${cryptname}" ]; then
+                if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
+                    export root="/dev/mapper/root"
+                fi
+            else
+                err "Password succeeded, but ${cryptname} creation failed, aborting..."
+                exit 1
+            fi
+        elif [ -n "${crypto}" ]; then
+            [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
+            msg "Non-LUKS encrypted device found..."
+            if echo "$crypto" | awk -F: '{ exit(NF == 5) }'; then
+                err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip"
+                err "Non-LUKS decryption not attempted..."
+                return 1
+            fi
+            exe="cryptsetup create $cryptname $resolved $cryptargs"
+            IFS=: read c_hash c_cipher c_keysize c_offset c_skip <<EOF
+$crypto
+EOF
+            [ -n "$c_hash" ]    && exe="$exe --hash '$c_hash'"
+            [ -n "$c_cipher" ]  && exe="$exe --cipher '$c_cipher'"
+            [ -n "$c_keysize" ] && exe="$exe --key-size '$c_keysize'"
+            [ -n "$c_offset" ]  && exe="$exe --offset '$c_offset'"
+            [ -n "$c_skip" ]    && exe="$exe --skip '$c_skip'"
+            if [ -f "$ckeyfile" ]; then
+                exe="$exe --key-file $ckeyfile"
+            else
+                exe="$exe --verify-passphrase"
+                echo ""
+                echo "A password is required to access the ${cryptname} volume:"
+            fi
+            eval "$exe $CSQUIET"
+
+            if [ $? -ne 0 ]; then
+                err "Non-LUKS device decryption failed. verify format: "
+                err "      crypto=hash:cipher:keysize:offset:skip"
+                exit 1
+            fi
+            if [ -e "/dev/mapper/${cryptname}" ]; then
+                if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
+                    export root="/dev/mapper/root"
+                fi
+            else
+                err "Password succeeded, but ${cryptname} creation failed, aborting..."
+                exit 1
+            fi
+        else
+            err "Failed to open encryption mapping: The device ${cryptdev} is not a LUKS volume and the crypto= paramater was not specified."
+        fi
+    fi
+    rm -f ${ckeyfile}
+}
+
+# vim: set ft=sh ts=4 sw=4 et:

Deleted: testing-i686/encrypt_install
===================================================================
--- testing-i686/encrypt_install	2012-05-25 23:50:20 UTC (rev 159621)
+++ testing-i686/encrypt_install	2012-05-25 23:50:39 UTC (rev 159622)
@@ -1,44 +0,0 @@
-#!/bin/bash
-
-build() {
-    local mod
-
-    add_module dm-crypt
-    if [[ $CRYPTO_MODULES ]]; then
-        for mod in $CRYPTO_MODULES; do
-            add_module "$mod"
-        done
-    else
-        add_all_modules '/crypto/'
-    fi
-
-    add_binary "cryptsetup"
-    add_binary "dmsetup"
-    add_file "/usr/lib/udev/rules.d/10-dm.rules"
-    add_file "/usr/lib/udev/rules.d/13-dm-disk.rules"
-    add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
-    add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
-
-    add_runscript
-}
-
-help() {
-    cat <<HELPEOF
-This hook allows for an encrypted root device. Users should specify the device
-to be unlocked using 'cryptdevice=device:dmname' on the kernel command line,
-where 'device' is the path to the raw device, and 'dmname' is the name given to
-the device after unlocking, and will be available as /dev/mapper/dmname.
-
-For unlocking via keyfile, 'cryptkey=device:fstype:path' should be specified on
-the kernel cmdline, where 'device' represents the raw block device where the key
-exists, 'fstype' is the filesystem type of 'device' (or auto), and 'path' is
-the absolute path of the keyfile within the device.
-
-Without specifying a keyfile, you will be prompted for the password at runtime.
-This means you must have a keyboard available to input it, and you may need
-the keymap hook as well to ensure that the keyboard is using the layout you
-expect.
-HELPEOF
-}
-
-# vim: set ft=sh ts=4 sw=4 et:

Copied: cryptsetup/repos/testing-i686/encrypt_install (from rev 159621, cryptsetup/trunk/encrypt_install)
===================================================================
--- testing-i686/encrypt_install	                        (rev 0)
+++ testing-i686/encrypt_install	2012-05-25 23:50:39 UTC (rev 159622)
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+build() {
+    local mod
+
+    add_module dm-crypt
+    if [[ $CRYPTO_MODULES ]]; then
+        for mod in $CRYPTO_MODULES; do
+            add_module "$mod"
+        done
+    else
+        add_all_modules '/crypto/'
+    fi
+
+    add_binary "cryptsetup"
+    add_binary "dmsetup"
+    add_file "/usr/lib/udev/rules.d/10-dm.rules"
+    add_file "/usr/lib/udev/rules.d/13-dm-disk.rules"
+    add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
+    add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
+
+    add_runscript
+}
+
+help() {
+    cat <<HELPEOF
+This hook allows for an encrypted root device. Users should specify the device
+to be unlocked using 'cryptdevice=device:dmname' on the kernel command line,
+where 'device' is the path to the raw device, and 'dmname' is the name given to
+the device after unlocking, and will be available as /dev/mapper/dmname.
+
+For unlocking via keyfile, 'cryptkey=device:fstype:path' should be specified on
+the kernel cmdline, where 'device' represents the raw block device where the key
+exists, 'fstype' is the filesystem type of 'device' (or auto), and 'path' is
+the absolute path of the keyfile within the device.
+
+Without specifying a keyfile, you will be prompted for the password at runtime.
+This means you must have a keyboard available to input it, and you may need
+the keymap hook as well to ensure that the keyboard is using the layout you
+expect.
+HELPEOF
+}
+
+# vim: set ft=sh ts=4 sw=4 et:

Deleted: testing-x86_64/PKGBUILD
===================================================================
--- testing-x86_64/PKGBUILD	2012-05-25 23:50:20 UTC (rev 159621)
+++ testing-x86_64/PKGBUILD	2012-05-25 23:50:39 UTC (rev 159622)
@@ -1,35 +0,0 @@
-# $Id$
-# Maintainer: Thomas Bächler <thomas at archlinux.org>
-pkgname=cryptsetup
-pkgver=1.4.2
-pkgrel=1
-pkgdesc="Userspace setup tool for transparent encryption of block devices using dm-crypt"
-arch=(i686 x86_64)
-license=('GPL')
-url="http://code.google.com/p/cryptsetup/"
-groups=('base')
-depends=('device-mapper>=2.02.85-2' 'libgcrypt' 'popt')
-conflicts=('mkinitcpio<0.7')
-options=('!libtool' '!emptydirs')
-source=(http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2
-        http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2.asc
-        encrypt_hook
-        encrypt_install)
-sha256sums=('1fe80d7b19d24b3f65d2e446decfed859e2c4d17fdf7c19289d82dc7cd60dfe7'
-            '4e6dbece8d1baad861479aca70d0cf30887420da9b5eab45d65d064c656893ed'
-            'e0cbcabb81233b4d465833dca0faf1e762dc3cb6611597a25fe24e5d7209f316'
-            'cfe465bdad3d958bb2332a05e04f2e1e884422a5714dfd1a0a3b9b74bf7dc6ae')
-
-build() {
-  cd "${srcdir}"/$pkgname-${pkgver}
-  ./configure --prefix=/usr --disable-static
-  make
-}
-
-package() {
-  cd "${srcdir}"/$pkgname-${pkgver}
-  make DESTDIR="${pkgdir}" install
-  # install hook
-  install -D -m644 "${srcdir}"/encrypt_hook "${pkgdir}"/usr/lib/initcpio/hooks/encrypt
-  install -D -m644 "${srcdir}"/encrypt_install "${pkgdir}"/usr/lib/initcpio/install/encrypt
-}

Copied: cryptsetup/repos/testing-x86_64/PKGBUILD (from rev 159621, cryptsetup/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD	                        (rev 0)
+++ testing-x86_64/PKGBUILD	2012-05-25 23:50:39 UTC (rev 159622)
@@ -0,0 +1,35 @@
+# $Id$
+# Maintainer: Thomas Bächler <thomas at archlinux.org>
+pkgname=cryptsetup
+pkgver=1.4.2
+pkgrel=2
+pkgdesc="Userspace setup tool for transparent encryption of block devices using dm-crypt"
+arch=(i686 x86_64)
+license=('GPL')
+url="http://code.google.com/p/cryptsetup/"
+groups=('base')
+depends=('device-mapper>=2.02.85-2' 'libgcrypt' 'popt')
+conflicts=('mkinitcpio<0.7')
+options=('!libtool' '!emptydirs')
+source=(http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2
+        http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2.asc
+        encrypt_hook
+        encrypt_install)
+sha256sums=('1fe80d7b19d24b3f65d2e446decfed859e2c4d17fdf7c19289d82dc7cd60dfe7'
+            '4e6dbece8d1baad861479aca70d0cf30887420da9b5eab45d65d064c656893ed'
+            'e0cbcabb81233b4d465833dca0faf1e762dc3cb6611597a25fe24e5d7209f316'
+            'cfe465bdad3d958bb2332a05e04f2e1e884422a5714dfd1a0a3b9b74bf7dc6ae')
+
+build() {
+  cd "${srcdir}"/$pkgname-${pkgver}
+  ./configure --prefix=/usr --disable-static
+  make
+}
+
+package() {
+  cd "${srcdir}"/$pkgname-${pkgver}
+  make DESTDIR="${pkgdir}" install
+  # install hook
+  install -D -m644 "${srcdir}"/encrypt_hook "${pkgdir}"/usr/lib/initcpio/hooks/encrypt
+  install -D -m644 "${srcdir}"/encrypt_install "${pkgdir}"/usr/lib/initcpio/install/encrypt
+}

Deleted: testing-x86_64/encrypt_hook
===================================================================
--- testing-x86_64/encrypt_hook	2012-05-25 23:50:20 UTC (rev 159621)
+++ testing-x86_64/encrypt_hook	2012-05-25 23:50:39 UTC (rev 159622)
@@ -1,138 +0,0 @@
-#!/usr/bin/ash
-
-run_hook() {
-    modprobe -a -q dm-crypt >/dev/null 2>&1
-    [ "${quiet}" = "y" ] && CSQUIET=">/dev/null"
-
-    # Get keyfile if specified
-    ckeyfile="/crypto_keyfile.bin"
-    if [ -n "$cryptkey" ]; then
-        IFS=: read ckdev ckarg1 ckarg2 <<EOF
-$cryptkey
-EOF
-
-        if resolved=$(resolve_device "${ckdev}" ${rootdelay}); then
-            case ${ckarg1} in
-                *[!0-9]*)
-                    # Use a file on the device
-                    # ckarg1 is not numeric: ckarg1=filesystem, ckarg2=path
-                    mkdir /ckey
-                    mount -r -t "$ckarg1" "$resolved" /ckey
-                    dd if="/ckey/$ckarg2" of="$ckeyfile" >/dev/null 2>&1
-                    umount /ckey
-                    ;;
-                *)
-                    # Read raw data from the block device
-                    # ckarg1 is numeric: ckarg1=offset, ckarg2=length
-                    dd if="$resolved" of="$ckeyfile" bs=1 skip="$ckarg1" count="$ckarg2" >/dev/null 2>&1
-                    ;;
-            esac
-        fi
-        [ ! -f ${ckeyfile} ] && echo "Keyfile could not be opened. Reverting to passphrase."
-    fi
-
-    if [ -n "${cryptdevice}" ]; then
-        DEPRECATED_CRYPT=0
-        IFS=: read cryptdev cryptname cryptoptions <<EOF
-$cryptdevice
-EOF
-    else
-        DEPRECATED_CRYPT=1
-        cryptdev="${root}"
-        cryptname="root"
-    fi
-
-    warn_deprecated() {
-        echo "The syntax 'root=${root}' where '${root}' is an encrypted volume is deprecated"
-        echo "Use 'cryptdevice=${root}:root root=/dev/mapper/root' instead."
-    }
-
-    for cryptopt in ${cryptoptions//,/ }; do
-        case ${cryptopt} in
-            allow-discards)
-                echo "Enabling TRIM/discard support."
-                cryptargs="${cryptargs} --allow-discards"
-                ;;
-            *)
-                echo "Encryption option '${cryptopt}' not known, ignoring." >&2
-                ;;
-        esac
-    done
-
-    if resolved=$(resolve_device "${cryptdev}" ${rootdelay}); then
-        if cryptsetup isLuks ${resolved} >/dev/null 2>&1; then
-            [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
-            dopassphrase=1
-            # If keyfile exists, try to use that
-            if [ -f ${ckeyfile} ]; then
-                if eval cryptsetup --key-file ${ckeyfile} luksOpen ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; then
-                    dopassphrase=0
-                else
-                    echo "Invalid keyfile. Reverting to passphrase."
-                fi
-            fi
-            # Ask for a passphrase
-            if [ ${dopassphrase} -gt 0 ]; then
-                echo ""
-                echo "A password is required to access the ${cryptname} volume:"
-
-                #loop until we get a real password
-                while ! eval cryptsetup luksOpen ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; do
-                    sleep 2;
-                done
-            fi
-            if [ -e "/dev/mapper/${cryptname}" ]; then
-                if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
-                    export root="/dev/mapper/root"
-                fi
-            else
-                err "Password succeeded, but ${cryptname} creation failed, aborting..."
-                exit 1
-            fi
-        elif [ -n "${crypto}" ]; then
-            [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
-            msg "Non-LUKS encrypted device found..."
-            if echo "$crypto" | awk -F: '{ exit(NF == 5) }'; then
-                err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip"
-                err "Non-LUKS decryption not attempted..."
-                return 1
-            fi
-            exe="cryptsetup create $cryptname $resolved $cryptargs"
-            IFS=: read c_hash c_cipher c_keysize c_offset c_skip <<EOF
-$crypto
-EOF
-            [ -n "$c_hash" ]    && exe="$exe --hash '$c_hash'"
-            [ -n "$c_cipher" ]  && exe="$exe --cipher '$c_cipher'"
-            [ -n "$c_keysize" ] && exe="$exe --key-size '$c_keysize'"
-            [ -n "$c_offset" ]  && exe="$exe --offset '$c_offset'"
-            [ -n "$c_skip" ]    && exe="$exe --skip '$c_skip'"
-            if [ -f "$ckeyfile" ]; then
-                exe="$exe --key-file $ckeyfile"
-            else
-                exe="$exe --verify-passphrase"
-                echo ""
-                echo "A password is required to access the ${cryptname} volume:"
-            fi
-            eval "$exe $CSQUIET"
-
-            if [ $? -ne 0 ]; then
-                err "Non-LUKS device decryption failed. verify format: "
-                err "      crypto=hash:cipher:keysize:offset:skip"
-                exit 1
-            fi
-            if [ -e "/dev/mapper/${cryptname}" ]; then
-                if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
-                    export root="/dev/mapper/root"
-                fi
-            else
-                err "Password succeeded, but ${cryptname} creation failed, aborting..."
-                exit 1
-            fi
-        else
-            err "Failed to open encryption mapping: The device ${cryptdev} is not a LUKS volume and the crypto= paramater was not specified."
-        fi
-    fi
-    rm -f ${ckeyfile}
-}
-
-# vim: set ft=sh ts=4 sw=4 et:

Copied: cryptsetup/repos/testing-x86_64/encrypt_hook (from rev 159621, cryptsetup/trunk/encrypt_hook)
===================================================================
--- testing-x86_64/encrypt_hook	                        (rev 0)
+++ testing-x86_64/encrypt_hook	2012-05-25 23:50:39 UTC (rev 159622)
@@ -0,0 +1,138 @@
+#!/usr/bin/ash
+
+run_hook() {
+    modprobe -a -q dm-crypt >/dev/null 2>&1
+    [ "${quiet}" = "y" ] && CSQUIET=">/dev/null"
+
+    # Get keyfile if specified
+    ckeyfile="/crypto_keyfile.bin"
+    if [ -n "$cryptkey" ]; then
+        IFS=: read ckdev ckarg1 ckarg2 <<EOF
+$cryptkey
+EOF
+
+        if resolved=$(resolve_device "${ckdev}" ${rootdelay}); then
+            case ${ckarg1} in
+                *[!0-9]*)
+                    # Use a file on the device
+                    # ckarg1 is not numeric: ckarg1=filesystem, ckarg2=path
+                    mkdir /ckey
+                    mount -r -t "$ckarg1" "$resolved" /ckey
+                    dd if="/ckey/$ckarg2" of="$ckeyfile" >/dev/null 2>&1
+                    umount /ckey
+                    ;;
+                *)
+                    # Read raw data from the block device
+                    # ckarg1 is numeric: ckarg1=offset, ckarg2=length
+                    dd if="$resolved" of="$ckeyfile" bs=1 skip="$ckarg1" count="$ckarg2" >/dev/null 2>&1
+                    ;;
+            esac
+        fi
+        [ ! -f ${ckeyfile} ] && echo "Keyfile could not be opened. Reverting to passphrase."
+    fi
+
+    if [ -n "${cryptdevice}" ]; then
+        DEPRECATED_CRYPT=0
+        IFS=: read cryptdev cryptname cryptoptions <<EOF
+$cryptdevice
+EOF
+    else
+        DEPRECATED_CRYPT=1
+        cryptdev="${root}"
+        cryptname="root"
+    fi
+
+    warn_deprecated() {
+        echo "The syntax 'root=${root}' where '${root}' is an encrypted volume is deprecated"
+        echo "Use 'cryptdevice=${root}:root root=/dev/mapper/root' instead."
+    }
+
+    for cryptopt in ${cryptoptions//,/ }; do
+        case ${cryptopt} in
+            allow-discards)
+                echo "Enabling TRIM/discard support."
+                cryptargs="${cryptargs} --allow-discards"
+                ;;
+            *)
+                echo "Encryption option '${cryptopt}' not known, ignoring." >&2
+                ;;
+        esac
+    done
+
+    if resolved=$(resolve_device "${cryptdev}" ${rootdelay}); then
+        if cryptsetup isLuks ${resolved} >/dev/null 2>&1; then
+            [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
+            dopassphrase=1
+            # If keyfile exists, try to use that
+            if [ -f ${ckeyfile} ]; then
+                if eval cryptsetup --key-file ${ckeyfile} luksOpen ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; then
+                    dopassphrase=0
+                else
+                    echo "Invalid keyfile. Reverting to passphrase."
+                fi
+            fi
+            # Ask for a passphrase
+            if [ ${dopassphrase} -gt 0 ]; then
+                echo ""
+                echo "A password is required to access the ${cryptname} volume:"
+
+                #loop until we get a real password
+                while ! eval cryptsetup luksOpen ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; do
+                    sleep 2;
+                done
+            fi
+            if [ -e "/dev/mapper/${cryptname}" ]; then
+                if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
+                    export root="/dev/mapper/root"
+                fi
+            else
+                err "Password succeeded, but ${cryptname} creation failed, aborting..."
+                exit 1
+            fi
+        elif [ -n "${crypto}" ]; then
+            [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
+            msg "Non-LUKS encrypted device found..."
+            if echo "$crypto" | awk -F: '{ exit(NF == 5) }'; then
+                err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip"
+                err "Non-LUKS decryption not attempted..."
+                return 1
+            fi
+            exe="cryptsetup create $cryptname $resolved $cryptargs"
+            IFS=: read c_hash c_cipher c_keysize c_offset c_skip <<EOF
+$crypto
+EOF
+            [ -n "$c_hash" ]    && exe="$exe --hash '$c_hash'"
+            [ -n "$c_cipher" ]  && exe="$exe --cipher '$c_cipher'"
+            [ -n "$c_keysize" ] && exe="$exe --key-size '$c_keysize'"
+            [ -n "$c_offset" ]  && exe="$exe --offset '$c_offset'"
+            [ -n "$c_skip" ]    && exe="$exe --skip '$c_skip'"
+            if [ -f "$ckeyfile" ]; then
+                exe="$exe --key-file $ckeyfile"
+            else
+                exe="$exe --verify-passphrase"
+                echo ""
+                echo "A password is required to access the ${cryptname} volume:"
+            fi
+            eval "$exe $CSQUIET"
+
+            if [ $? -ne 0 ]; then
+                err "Non-LUKS device decryption failed. verify format: "
+                err "      crypto=hash:cipher:keysize:offset:skip"
+                exit 1
+            fi
+            if [ -e "/dev/mapper/${cryptname}" ]; then
+                if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
+                    export root="/dev/mapper/root"
+                fi
+            else
+                err "Password succeeded, but ${cryptname} creation failed, aborting..."
+                exit 1
+            fi
+        else
+            err "Failed to open encryption mapping: The device ${cryptdev} is not a LUKS volume and the crypto= paramater was not specified."
+        fi
+    fi
+    rm -f ${ckeyfile}
+}
+
+# vim: set ft=sh ts=4 sw=4 et:

Deleted: testing-x86_64/encrypt_install
===================================================================
--- testing-x86_64/encrypt_install	2012-05-25 23:50:20 UTC (rev 159621)
+++ testing-x86_64/encrypt_install	2012-05-25 23:50:39 UTC (rev 159622)
@@ -1,44 +0,0 @@
-#!/bin/bash
-
-build() {
-    local mod
-
-    add_module dm-crypt
-    if [[ $CRYPTO_MODULES ]]; then
-        for mod in $CRYPTO_MODULES; do
-            add_module "$mod"
-        done
-    else
-        add_all_modules '/crypto/'
-    fi
-
-    add_binary "cryptsetup"
-    add_binary "dmsetup"
-    add_file "/usr/lib/udev/rules.d/10-dm.rules"
-    add_file "/usr/lib/udev/rules.d/13-dm-disk.rules"
-    add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
-    add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
-
-    add_runscript
-}
-
-help() {
-    cat <<HELPEOF
-This hook allows for an encrypted root device. Users should specify the device
-to be unlocked using 'cryptdevice=device:dmname' on the kernel command line,
-where 'device' is the path to the raw device, and 'dmname' is the name given to
-the device after unlocking, and will be available as /dev/mapper/dmname.
-
-For unlocking via keyfile, 'cryptkey=device:fstype:path' should be specified on
-the kernel cmdline, where 'device' represents the raw block device where the key
-exists, 'fstype' is the filesystem type of 'device' (or auto), and 'path' is
-the absolute path of the keyfile within the device.
-
-Without specifying a keyfile, you will be prompted for the password at runtime.
-This means you must have a keyboard available to input it, and you may need
-the keymap hook as well to ensure that the keyboard is using the layout you
-expect.
-HELPEOF
-}
-
-# vim: set ft=sh ts=4 sw=4 et:

Copied: cryptsetup/repos/testing-x86_64/encrypt_install (from rev 159621, cryptsetup/trunk/encrypt_install)
===================================================================
--- testing-x86_64/encrypt_install	                        (rev 0)
+++ testing-x86_64/encrypt_install	2012-05-25 23:50:39 UTC (rev 159622)
@@ -0,0 +1,44 @@
+#!/bin/bash
+
+build() {
+    local mod
+
+    add_module dm-crypt
+    if [[ $CRYPTO_MODULES ]]; then
+        for mod in $CRYPTO_MODULES; do
+            add_module "$mod"
+        done
+    else
+        add_all_modules '/crypto/'
+    fi
+
+    add_binary "cryptsetup"
+    add_binary "dmsetup"
+    add_file "/usr/lib/udev/rules.d/10-dm.rules"
+    add_file "/usr/lib/udev/rules.d/13-dm-disk.rules"
+    add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
+    add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
+
+    add_runscript
+}
+
+help() {
+    cat <<HELPEOF
+This hook allows for an encrypted root device. Users should specify the device
+to be unlocked using 'cryptdevice=device:dmname' on the kernel command line,
+where 'device' is the path to the raw device, and 'dmname' is the name given to
+the device after unlocking, and will be available as /dev/mapper/dmname.
+
+For unlocking via keyfile, 'cryptkey=device:fstype:path' should be specified on
+the kernel cmdline, where 'device' represents the raw block device where the key
+exists, 'fstype' is the filesystem type of 'device' (or auto), and 'path' is
+the absolute path of the keyfile within the device.
+
+Without specifying a keyfile, you will be prompted for the password at runtime.
+This means you must have a keyboard available to input it, and you may need
+the keymap hook as well to ensure that the keyboard is using the layout you
+expect.
+HELPEOF
+}
+
+# vim: set ft=sh ts=4 sw=4 et:




More information about the arch-commits mailing list