SVN: geninitrd/trunk/mod-luks.sh
jajcus
jajcus at pld-linux.org
Mon Dec 5 20:22:11 CET 2011
Author: jajcus
Date: Mon Dec 5 20:22:11 2011
New Revision: 12442
Modified:
geninitrd/trunk/mod-luks.sh
Log:
- do not try to extract encrypted device name from an active LUKS device – the
information is already available in /etc/crypttab
Modified: geninitrd/trunk/mod-luks.sh
==============================================================================
--- geninitrd/trunk/mod-luks.sh (original)
+++ geninitrd/trunk/mod-luks.sh Mon Dec 5 20:22:11 2011
@@ -9,7 +9,7 @@
have_luks=no
# device to use for name for cryptsetup luks
-LUKSDEV=""
+LUKSNAME=""
# setup geninitrd module
# @access public
@@ -72,22 +72,9 @@
# @access public
find_modules_luks() {
local devpath="$1"
- local dev vars major minor
+ local dev=""
- local name=${devpath#/dev/mapper/}
- LUKSDEV=$(/sbin/cryptsetup status $name 2>/dev/null | awk '/device:/{print $2}')
- if [ -z "$LUKSDEV" ]; then
- # could be initialized by old cryptsetup, we need some magic
- vars=$(dmsetup deps $name 2> /dev/null | awk '/dependencies.*(.*)/ { left=index($0, "("); right=index($0, ")"); split(substr($0, left + 1, right - left - 1), A, " *, *") ; print "major=" A[1] "; minor=" A[2] }')
- eval "$vars"
- if [ -n "$major" -a -n "$minor" ] ; then
- LUKSDEV=$(awk "\$1 == $major && \$2 == $minor { print \"/dev/\" \$4 }" /proc/partitions)
- fi
-
- fi
- if [ -z "$LUKSDEV" ]; then
- die "Can't find underlying device names for crypted device $devpath."
- fi
+ LUKSNAME=${devpath#/dev/mapper/}
find_module "dm-crypt"
@@ -95,10 +82,14 @@
find_module "aes"
find_module "cbc"
- have_luks=yes
-
# recurse
- find_modules_for_devpath $LUKSDEV
+ dev=$(awk '$1 == "'"$LUKSNAME"'" { print $2 }' /etc/crypttab)
+ if [ -n "$dev" ] ; then
+ find_modules_for_devpath $dev
+ have_luks=yes
+ else
+ die "Cannot find '$LUKSNAME' in /etc/crypttab"
+ fi
}
@@ -117,8 +108,8 @@
initrd_gen_devices
# TODO: 'udevadm settle' is called by lukssetup, is udev optional?
- debug "luks: process /etc/crypttab $LUKSDEV"
- luks_crypttab $LUKSDEV
+ debug "luks: process /etc/crypttab $LUKSNAME"
+ luks_crypttab $LUKSNAME
}
@@ -129,14 +120,13 @@
# produce cryptsetup from $name from /etc/crypttab
luks_crypttab() {
- local LUKSDEV="$1"
+ local LUKSNAME="$1"
# copy from /etc/rc.d/init.d/cryptsetup
local dst src key opt mode owner
while read dst src key opt; do
- [ -z "$dst" -o "${dst#\#}" != "$dst" ] && continue
- [ "$src" != "$LUKSDEV" ] && [ "$(readlink -f $src)" != "$LUKSDEV" ] && continue
+ [ "$dst" != "$LUKSNAME" ] && continue
if [ -n "$key" -a "x$key" != "xnone" ]; then
if test -e "$key" ; then
More information about the pld-cvs-commit
mailing list