summaryrefslogtreecommitdiff
path: root/testing/cryptsetup
diff options
context:
space:
mode:
authorroot <root@rshg054.dnsready.net>2012-05-27 00:05:57 +0000
committerroot <root@rshg054.dnsready.net>2012-05-27 00:05:57 +0000
commit1f45ad8e3f17397e2f44e68ef9a0d860091eea9e (patch)
treec739dcbb4950142bbb793715bfd19fb2d6cc80ef /testing/cryptsetup
parenta5721a07196cf00c26ea1bfb651aab756d202ccb (diff)
Sun May 27 00:05:56 UTC 2012
Diffstat (limited to 'testing/cryptsetup')
-rw-r--r--testing/cryptsetup/PKGBUILD8
-rw-r--r--testing/cryptsetup/encrypt_hook17
-rw-r--r--testing/cryptsetup/encrypt_install17
3 files changed, 24 insertions, 18 deletions
diff --git a/testing/cryptsetup/PKGBUILD b/testing/cryptsetup/PKGBUILD
index e2292ebc6..4f2269db3 100644
--- a/testing/cryptsetup/PKGBUILD
+++ b/testing/cryptsetup/PKGBUILD
@@ -1,8 +1,8 @@
-# $Id: PKGBUILD 158938 2012-05-13 13:45:53Z thomas $
+# $Id: PKGBUILD 159622 2012-05-25 23:50:39Z dreisner $
# Maintainer: Thomas Bächler <thomas@archlinux.org>
pkgname=cryptsetup
pkgver=1.4.2
-pkgrel=1
+pkgrel=2
pkgdesc="Userspace setup tool for transparent encryption of block devices using dm-crypt"
arch=(i686 x86_64)
license=('GPL')
@@ -17,8 +17,8 @@ source=(http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2
encrypt_install)
sha256sums=('1fe80d7b19d24b3f65d2e446decfed859e2c4d17fdf7c19289d82dc7cd60dfe7'
'4e6dbece8d1baad861479aca70d0cf30887420da9b5eab45d65d064c656893ed'
- 'e4c00e2da274bf4cab3f72a0de779790a11a946d36b83144e74d3791e230b262'
- 'cba1dc38ff6cc4d3740d0badfb2b151bb03d19e8e9fa497569ac2fb6f4196e0e')
+ 'e0cbcabb81233b4d465833dca0faf1e762dc3cb6611597a25fe24e5d7209f316'
+ 'cfe465bdad3d958bb2332a05e04f2e1e884422a5714dfd1a0a3b9b74bf7dc6ae')
build() {
cd "${srcdir}"/$pkgname-${pkgver}
diff --git a/testing/cryptsetup/encrypt_hook b/testing/cryptsetup/encrypt_hook
index 0f35782c6..372b7ba57 100644
--- a/testing/cryptsetup/encrypt_hook
+++ b/testing/cryptsetup/encrypt_hook
@@ -10,20 +10,21 @@ run_hook() {
IFS=: read ckdev ckarg1 ckarg2 <<EOF
$cryptkey
EOF
- if poll_device "${ckdev}" ${rootdelay}; then
+
+ if resolved=$(resolve_device "${ckdev}" ${rootdelay}); then
case ${ckarg1} in
*[!0-9]*)
# Use a file on the device
# ckarg1 is not numeric: ckarg1=filesystem, ckarg2=path
mkdir /ckey
- mount -r -t "$ckarg1" "$ckdev" /ckey
+ mount -r -t "$ckarg1" "$resolved" /ckey
dd if="/ckey/$ckarg2" of="$ckeyfile" >/dev/null 2>&1
umount /ckey
;;
*)
# Read raw data from the block device
# ckarg1 is numeric: ckarg1=offset, ckarg2=length
- dd if="$ckdev" of="$ckeyfile" bs=1 skip="$ckarg1" count="$ckarg2" >/dev/null 2>&1
+ dd if="$resolved" of="$ckeyfile" bs=1 skip="$ckarg1" count="$ckarg2" >/dev/null 2>&1
;;
esac
fi
@@ -58,13 +59,13 @@ EOF
esac
done
- if poll_device "${cryptdev}" ${rootdelay}; then
- if cryptsetup isLuks ${cryptdev} >/dev/null 2>&1; then
+ if resolved=$(resolve_device "${cryptdev}" ${rootdelay}); then
+ if cryptsetup isLuks ${resolved} >/dev/null 2>&1; then
[ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
dopassphrase=1
# If keyfile exists, try to use that
if [ -f ${ckeyfile} ]; then
- if eval cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${cryptargs} ${CSQUIET}; then
+ if eval cryptsetup --key-file ${ckeyfile} luksOpen ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; then
dopassphrase=0
else
echo "Invalid keyfile. Reverting to passphrase."
@@ -76,7 +77,7 @@ EOF
echo "A password is required to access the ${cryptname} volume:"
#loop until we get a real password
- while ! eval cryptsetup luksOpen ${cryptdev} ${cryptname} ${cryptargs} ${CSQUIET}; do
+ while ! eval cryptsetup luksOpen ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; do
sleep 2;
done
fi
@@ -96,7 +97,7 @@ EOF
err "Non-LUKS decryption not attempted..."
return 1
fi
- exe="cryptsetup create $cryptname $cryptdev $cryptargs"
+ exe="cryptsetup create $cryptname $resolved $cryptargs"
IFS=: read c_hash c_cipher c_keysize c_offset c_skip <<EOF
$crypto
EOF
diff --git a/testing/cryptsetup/encrypt_install b/testing/cryptsetup/encrypt_install
index 79d2f3e4b..38e5ddc57 100644
--- a/testing/cryptsetup/encrypt_install
+++ b/testing/cryptsetup/encrypt_install
@@ -1,13 +1,16 @@
#!/bin/bash
build() {
- if [ -z "${CRYPTO_MODULES}" ]; then
- MODULES=" dm-crypt $(all_modules "/crypto/")"
+ local mod
+
+ add_module dm-crypt
+ if [[ $CRYPTO_MODULES ]]; then
+ for mod in $CRYPTO_MODULES; do
+ add_module "$mod"
+ done
else
- MODULES=" dm-crypt $CRYPTO_MODULES"
+ add_all_modules '/crypto/'
fi
- FILES=""
- SCRIPT="encrypt"
add_binary "cryptsetup"
add_binary "dmsetup"
@@ -15,10 +18,12 @@ build() {
add_file "/usr/lib/udev/rules.d/13-dm-disk.rules"
add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
+
+ add_runscript
}
help() {
- cat <<HELPEOF
+ cat <<HELPEOF
This hook allows for an encrypted root device. Users should specify the device
to be unlocked using 'cryptdevice=device:dmname' on the kernel command line,
where 'device' is the path to the raw device, and 'dmname' is the name given to