SVN: geninitrd/trunk/mod-luks.sh

jajcus jajcus at pld-linux.org
Mon Dec 5 20:22:11 CET 2011 

Author: jajcus
Date: Mon Dec  5 20:22:11 2011
New Revision: 12442

Modified:
   geninitrd/trunk/mod-luks.sh
Log:
- do not try to extract encrypted device name from an active LUKS device – the
  information is already available in /etc/crypttab


Modified: geninitrd/trunk/mod-luks.sh
==============================================================================
--- geninitrd/trunk/mod-luks.sh	(original)
+++ geninitrd/trunk/mod-luks.sh	Mon Dec  5 20:22:11 2011
@@ -9,7 +9,7 @@
 have_luks=no
 
 # device to use for name for cryptsetup luks
-LUKSDEV=""
+LUKSNAME=""
 
 # setup geninitrd module
 # @access	public
@@ -72,22 +72,9 @@
 # @access	public
 find_modules_luks() {
 	local devpath="$1"
-	local dev vars major minor
+	local dev=""
 
-	local name=${devpath#/dev/mapper/}
-	LUKSDEV=$(/sbin/cryptsetup status $name 2>/dev/null | awk '/device:/{print $2}')
-	if [ -z "$LUKSDEV" ]; then
-		# could be initialized by old cryptsetup, we need some magic
-		vars=$(dmsetup deps $name 2> /dev/null | awk '/dependencies.*(.*)/ { left=index($0, "("); right=index($0, ")"); split(substr($0, left + 1, right - left - 1), A, " *, *") ; print "major=" A[1] "; minor=" A[2] }')
-		eval "$vars"
-		if [ -n "$major" -a -n "$minor" ] ; then
-			LUKSDEV=$(awk "\$1 == $major && \$2 == $minor { print \"/dev/\" \$4 }" /proc/partitions)
-		fi
-
-	fi
-	if [ -z "$LUKSDEV" ]; then
-		die "Can't find underlying device names for crypted device $devpath."
-	fi
+	LUKSNAME=${devpath#/dev/mapper/}
 
 	find_module "dm-crypt"
 
@@ -95,10 +82,14 @@
 	find_module "aes"
 	find_module "cbc"
 
-	have_luks=yes
-
 	# recurse
-	find_modules_for_devpath $LUKSDEV
+	dev=$(awk '$1 == "'"$LUKSNAME"'" { print $2 }' /etc/crypttab)
+	if [ -n "$dev" ] ; then	
+		find_modules_for_devpath $dev
+		have_luks=yes
+	else
+		die "Cannot find '$LUKSNAME' in /etc/crypttab"
+	fi
 }
 
 
@@ -117,8 +108,8 @@
 	initrd_gen_devices
 	# TODO: 'udevadm settle' is called by lukssetup, is udev optional?
 
-	debug "luks: process /etc/crypttab $LUKSDEV"
-	luks_crypttab $LUKSDEV
+	debug "luks: process /etc/crypttab $LUKSNAME"
+	luks_crypttab $LUKSNAME
 }
 
 
@@ -129,14 +120,13 @@
 
 # produce cryptsetup from $name from /etc/crypttab
 luks_crypttab() {
-	local LUKSDEV="$1"
+	local LUKSNAME="$1"
 
 	# copy from /etc/rc.d/init.d/cryptsetup
 	local dst src key opt mode owner
 
 	while read dst src key opt; do
-		[ -z "$dst" -o "${dst#\#}" != "$dst" ] && continue
-		[ "$src" != "$LUKSDEV" ] && [ "$(readlink -f $src)" != "$LUKSDEV" ] && continue
+		[ "$dst" != "$LUKSNAME" ] && continue
 
 		if [ -n "$key" -a "x$key" != "xnone" ]; then
 			if test -e "$key" ; then

More information about the pld-cvs-commit mailing list