diff options
Diffstat (limited to 'functions')
-rw-r--r-- | functions | 162 |
1 files changed, 110 insertions, 52 deletions
@@ -348,7 +348,7 @@ kill_all() { udevd_modprobe() { # $1 = where we are being called from. # This is used to determine which hooks to run. - status "Starting UDev Daemon" /lib/udev/udevd --daemon + status "Starting UDev Daemon" /usr/lib/udev/udevd --daemon run_hook "$1_udevlaunched" @@ -372,23 +372,89 @@ udevd_modprobe() { activate_vgs() { [[ $USELVM = [yY][eE][sS] && -x $(type -P lvm) && -d /sys/block ]] || return 0 - # Kernel 2.6.x, LVM2 groups stat_busy "Activating LVM2 groups" - modprobe -q dm-mod 2>/dev/null vgchange --sysinit -a y >/dev/null (( $? == 0 )) && stat_done || stat_fail } -# Arch cryptsetup packages traditionally contained the binaries -# /usr/sbin/cryptsetup -# /sbin/cryptsetup.static -# By default, initscripts used the /sbin/cryptsetup.static. -# Newer packages will only have /sbin/cryptsetup and no static binary -# This ensures maximal compatibility with the old and new layout -for CS in /sbin/cryptsetup /usr/sbin/cryptsetup \ - /sbin/cryptsetup.static ''; do - [[ -x $CS ]] && break -done +do_unlock() { + # $1 = requested name + # $2 = source device + # $3 = password + # $4 = options + stat_append "${1}.." + local open=create a=$1 b=$2 failed=0 + # Ordering of options is different if you are using LUKS vs. not. + # Use ugly swizzling to deal with it. + # isLuks only gives an exit code but no output to stdout or stderr. + if cryptsetup isLuks "$2" 2>/dev/null; then + open=luksOpen + a=$2 + b=$1 + fi + case $3 in + SWAP) + local _overwriteokay=0 + if [[ -b $2 && -r $2 ]]; then + # This is DANGEROUS! If there is any known file system, + # partition table, RAID or LVM volume on the device + # we don't overwrite it. + # + # 'blkid' returns 2 if no valid signature has been found. + # Only in this case we should allow overwriting the device. + # + # This sanity check _should_ be sufficient, but it might not. + # This may cause dataloss if it is not used carefully. + blkid -p "$2" &>/dev/null + (( $? == 2 )) && _overwriteokay=1 + fi + if (( _overwriteokay == 0 )); then + false + elif cryptsetup -d /dev/urandom $4 $open "$a" "$b" >/dev/null; then + stat_append "creating swapspace.." + mkswap -f -L $1 /dev/mapper/$1 >/dev/null + fi;; + ASK) + printf "\nOpening '$1' volume:\n" + cryptsetup $4 $open "$a" "$b" < /dev/console;; + /dev*) + local ckdev=${3%%:*} + local cka=${3#*:} + local ckb=${cka#*:} + local cka=${cka%:*} + local ckfile=/dev/ckfile + local ckdir=/dev/ckdir + case ${cka} in + *[!0-9]*) + # Use a file on the device + # cka is not numeric: cka=filesystem, ckb=path + mkdir ${ckdir} + mount -r -t ${cka} ${ckdev} ${ckdir} + dd if=${ckdir}/${ckb} of=${ckfile} >/dev/null 2>&1 + umount ${ckdir} + rmdir ${ckdir};; + *) + # Read raw data from the block device + # cka is numeric: cka=offset, ckb=length + dd if=${ckdev} of=${ckfile} bs=1 skip=${cka} count=${ckb} >/dev/null 2>&1;; + esac + cryptsetup -d ${ckfile} $4 $open "$a" "$b" >/dev/null + dd if=/dev/urandom of=${ckfile} bs=1 count=$(stat -c %s ${ckfile}) conv=notrunc >/dev/null 2>&1 + rm ${ckfile};; + /*) + cryptsetup -d "$3" $4 $open "$a" "$b" >/dev/null;; + *) + printf "${C_FAIL}crypttab contains a literal encryption key. This will stop working in the future.${C_OTHER}\n" + echo "$3" | cryptsetup $4 $open "$a" "$b" >/dev/null;; + esac + if (( $? )); then + failed=1 + stat_append "failed " + else + stat_append "ok " + fi + return $failed +} read_crypttab() { # $1 = function to call with the split out line from the crypttab @@ -417,13 +483,8 @@ set_timezone() { if [[ -L /etc/localtime && /etc/localtime -ef $zonefile ]]; then return 0 - fi - - # respect the user's decision to symlink or copy - if [[ -L /etc/localtime ]]; then - ln -sf "/usr/share/zoneinfo/$tz" /etc/localtime else - cp --remove-destination "/usr/share/zoneinfo/$tz" /etc/localtime + ln -sf "/usr/share/zoneinfo/$tz" /etc/localtime fi } @@ -433,11 +494,17 @@ NETFS="nfs,nfs4,smbfs,cifs,codafs,ncpfs,shfs,fuse,fuseblk,glusterfs,davfs,fuse.g # Check local filesystems fsck_all() { + [[ -f /forcefsck ]] || in_array forcefsck $(< /proc/cmdline) && FORCEFSCK="-f" + + if [[ ! -n $FORCEFSCK ]] && { [[ -f /fastboot ]] || in_array fastboot $(< /proc/cmdline); }; then + return 0 + fi + if [[ -e /run/initramfs/root-fsck ]]; then IGNORE_MOUNTED="-M" fi - fsck -A -T -C${FSCK_FD} -a -t no${NETFS//,/,no},noopts=_netdev ${FORCEFSCK} ${IGNORE_MOUNTED} + fsck -A -T -C${FSCK_FD} -a -t no${NETFS//,/,no},noopts=_netdev ${IGNORE_MOUNTED} -- ${FORCEFSCK} } # Single-user login and/or automatic reboot after fsck (if needed) @@ -482,30 +549,31 @@ mount_all() { umount_all() { # $1: restrict to fstype - local mounts - - while read -r target fstype options; do - - # match only targetted fstypes - if [[ $1 && $1 != "$fstype" ]]; then - continue - fi + findmnt -mrunRo TARGET,FSTYPE,OPTIONS / | { + while read -r target fstype options; do + # match only targetted fstypes + if [[ $1 && $1 != "$fstype" ]]; then + continue + fi + + # don't unmount API filesystems + if [[ $target = /@(proc|sys|run|dev|dev/pts) ]]; then + continue + fi + + # avoid networked devices + IFS=, read -ra opts <<< "$options" + if in_array _netdev "${opts[@]}"; then + continue + fi + + mounts=("$target" "${mounts[@]}") + done - # don't unmount API filesystems - if [[ $target = /@(proc|sys|run|dev|dev/pts) ]]; then - continue + if (( ${#mounts[*]} )); then + umount -r "${mounts[@]}" fi - - # avoid networked devices - IFS=, read -ra opts <<< "$options" - if in_array _netdev "${opts[@]}"; then - continue - fi - - mounts=("$target" "${mounts[@]}") - done < <(findmnt -mrunRo TARGET,FSTYPE,OPTIONS /) - - umount -r "${mounts[@]}" + } } @@ -654,15 +722,5 @@ for f in /etc/rc.d/functions.d/*; do [[ -e $f ]] && . "$f" done -# Exit current shell if user is not root -need_root() { - (( EUID )) && printf 'You need to be root.\n' && exit 1 -} - -# Quit script if it's not running by root -# This can be disabled in scripts sourcing functions by setting NEED_ROOT=0 -# A local call to need_root can be done to ensure part of script need root privilege -(( ${NEED_ROOT:-0} == 1 )) && need_root - # End of file # vim: set ts=2 sw=2 noet: |