mirror of
https://github.com/pentoo/pentoo-overlay
synced 2026-01-17 05:35:26 +01:00
251 lines
6.9 KiB
Diff
251 lines
6.9 KiB
Diff
--- 1.1.3-dm-crypt-start.sh
|
|
+++ 1.1.3-dm-crypt-start.sh
|
|
@@ -20,7 +20,7 @@
|
|
dm_crypt_execute_dmcrypt() {
|
|
local dev ret mode foo
|
|
# some colors
|
|
- local red='\x1b[31;01m' green='\x1b[32;01m' off='\x1b[0;0m'
|
|
+ local red='\033[31;01m' green='\033[32;01m' off='\033[0;0m'
|
|
|
|
if [ -n "$target" ]; then
|
|
# let user set options, otherwise leave empty
|
|
@@ -46,10 +46,10 @@
|
|
return
|
|
fi
|
|
|
|
- if [[ -n ${loop_file} ]] ; then
|
|
+ if [ -n "${loop_file}" ] ; then
|
|
dev="/dev/mapper/${target}"
|
|
ebegin " Setting up loop device ${source}"
|
|
- /sbin/losetup ${source} ${loop_file}
|
|
+ /sbin/losetup "${source}" "${loop_file}"
|
|
fi
|
|
|
|
# cryptsetup:
|
|
@@ -71,26 +71,44 @@
|
|
|
|
# Handle keys
|
|
if [ -n "$key" ]; then
|
|
+ reset_stty() {
|
|
+ stty ${savestty}
|
|
+ trap - EXIT HUP INT TERM
|
|
+ }
|
|
read_abort() {
|
|
- local ans
|
|
- local prompt=" ${green}*${off} $1? (${red}yes${off}/${green}No${off}) "
|
|
+ local ans a b back
|
|
+ printf " ${green}*${off} %s? (${red}yes${off}/${green}No${off}) " "$1"
|
|
+ back=" * $1? (yes/No) "
|
|
shift
|
|
- echo -n -e "${prompt}"
|
|
- if ! read -n 1 $* ans ; then
|
|
- local back=${prompt//?/\\b}
|
|
- echo -n -e "${back}"
|
|
- else
|
|
- echo
|
|
+ savestty=`stty -g`
|
|
+ trap reset_stty EXIT HUP INT TERM
|
|
+ stty -icanon -echo
|
|
+ if [ "$1" = '-t' ] && [ "$2" -gt 0 ]; then
|
|
+ stty min 0 time "$(( $2 * 10 ))"
|
|
+ fi
|
|
+ ans=`dd count=1 bs=1 2>/dev/null` || ans=''
|
|
+ reset_stty
|
|
+ if [ -z "${ans}" ]; then
|
|
+ a=''
|
|
+ b=''
|
|
+ while [ -n "${back}" ]; do
|
|
+ a="${a}"'\b'
|
|
+ b="${b} "
|
|
+ back=${back%?}
|
|
+ done
|
|
+ printf "${a}${b}${a}"
|
|
+ return 1
|
|
fi
|
|
- case $ans in
|
|
- [yY]|[yY][eE][sS]) return 0;;
|
|
- *) return 1;;
|
|
+ case "${ans}" in
|
|
+ y*|Y*) printf "${red}YES${off}\n"; return 0;;
|
|
esac
|
|
+ printf "${green}No${off}\n"
|
|
+ return 1
|
|
}
|
|
|
|
# Notes: sed not used to avoid case where /usr partition is encrypted.
|
|
- mode=${key/*:/} && ( [ "$mode" == "$key" ] || [ -z "$mode" ] ) && mode=reg
|
|
- key=${key/:*/}
|
|
+ mode=${key##*:} && ( [ "$mode" = "$key" ] || [ -z "$mode" ] ) && mode=reg
|
|
+ key=${key%%:*}
|
|
case "$mode" in
|
|
gpg|reg)
|
|
# handle key on removable device
|
|
@@ -124,7 +142,7 @@
|
|
&& foo="mount failed" \
|
|
|| foo="mount source not found"
|
|
fi
|
|
- ((++i))
|
|
+ i=$(( $i + 1 ))
|
|
read_abort "Stop waiting after $i attempts (${foo})" -t 1 && return
|
|
done
|
|
else # keyfile ! on removable device
|
|
@@ -146,17 +164,19 @@
|
|
fi
|
|
ebegin "dm-crypt map ${target}"
|
|
einfo "cryptsetup will be called with : ${options} ${arg1} ${arg2} ${arg3}"
|
|
- if [ "$mode" == "gpg" ]; then
|
|
+ if [ "$mode" = "gpg" ]; then
|
|
: ${gpg_options:='-q -d'}
|
|
# gpg available ?
|
|
- if type -p gpg >/dev/null ; then
|
|
- for (( i = 0 ; i < 3 ; i++ ))
|
|
+ if command -v gpg >/dev/null 2>&1; then
|
|
+ local i=0
|
|
+ while [ $i -lt 3 ]
|
|
do
|
|
# paranoid, don't store key in a variable, pipe it so it stays very little in ram unprotected.
|
|
# save stdin stdout stderr "values"
|
|
gpg ${gpg_options} ${key} 2>/dev/null | cryptsetup ${options} ${arg1} ${arg2} ${arg3}
|
|
ret="$?"
|
|
[ "$ret" -eq 0 ] && break
|
|
+ i=$(( $i + 1 ))
|
|
done
|
|
eend "${ret}" "failure running cryptsetup"
|
|
else
|
|
@@ -166,7 +186,7 @@
|
|
einfo "If you have /usr on its own partition, try copying gpg to /bin ."
|
|
fi
|
|
else
|
|
- if [ "$mode" == "reg" ]; then
|
|
+ if [ "$mode" = "reg" ]; then
|
|
cryptsetup ${options} -d ${key} ${arg1} ${arg2} ${arg3}
|
|
ret="$?"
|
|
eend "${ret}" "failure running cryptsetup"
|
|
@@ -177,15 +197,15 @@
|
|
fi
|
|
fi
|
|
if [ -d "$mntrem" ]; then
|
|
- umount -n ${mntrem} 2>/dev/null >/dev/null
|
|
- rmdir ${mntrem} 2>/dev/null >/dev/null
|
|
+ umount -n "${mntrem}" 2>/dev/null >/dev/null
|
|
+ rmdir "${mntrem}" 2>/dev/null >/dev/null
|
|
fi
|
|
splash svc_input_end ${SVCNAME} >/dev/null 2>&1
|
|
|
|
- if [[ ${ret} != 0 ]] ; then
|
|
+ if [ "${ret}" -ne 0 ] ; then
|
|
cryptfs_status=1
|
|
else
|
|
- if [[ -n ${pre_mount} ]] ; then
|
|
+ if [ -n "${pre_mount}" ] ; then
|
|
dev="/dev/mapper/${target}"
|
|
ebegin " Running pre_mount commands for ${target}"
|
|
eval "${pre_mount}" > /dev/null
|
|
@@ -209,12 +229,12 @@
|
|
fi
|
|
|
|
mount_point=$(grep "/dev/mapper/${target}" /proc/mounts | cut -d' ' -f2)
|
|
- if [[ -z ${mount_point} ]] ; then
|
|
+ if [ -z "${mount_point}" ] ; then
|
|
ewarn "Failed to find mount point for ${target}, skipping"
|
|
cryptfs_status=1
|
|
fi
|
|
|
|
- if [[ -n ${post_mount} ]] ; then
|
|
+ if [ -n "${post_mount}" ] ; then
|
|
ebegin "Running post_mount commands for target ${target}"
|
|
eval "${post_mount}" >/dev/null
|
|
eend $? || cryptfs_status=1
|
|
@@ -235,9 +255,9 @@
|
|
parse_opt() {
|
|
case "$1" in
|
|
*\=*)
|
|
- local key_name="`echo "$1" | cut -f1 -d=`"
|
|
+ local key_name=${1%%=*}
|
|
local key_len=`strlen key_name`
|
|
- local value_start=$((key_len+2))
|
|
+ local value_start=$(( $key_len + 2 ))
|
|
echo "$1" | cut -c ${value_start}-
|
|
;;
|
|
esac
|
|
@@ -259,15 +279,19 @@
|
|
esac
|
|
done
|
|
|
|
-if [[ -f ${conf_file} ]] && [[ -x /sbin/cryptsetup ]] ; then
|
|
+if [ -f "${conf_file}" ] && [ -x /sbin/cryptsetup ] ; then
|
|
ebegin "Setting up dm-crypt mappings"
|
|
|
|
- while read -u 3 targetline ; do
|
|
+ while read targetline <&3 ; do
|
|
# skip comments and blank lines
|
|
[[ ${targetline}\# == \#* ]] && continue
|
|
|
|
# check for the start of a new target/swap
|
|
case ${targetline} in
|
|
+ ''|'#'*)
|
|
+ # skip comments and blank lines
|
|
+ continue
|
|
+ ;;
|
|
target=*|swap=*)
|
|
# If we have a target queued up, then execute it
|
|
${execute_hook}
|
|
@@ -277,7 +301,7 @@
|
|
;;
|
|
|
|
gpg_options=*|remdev=*|key=*|loop_file=*|options=*|pre_mount=*|post_mount=*|source=*)
|
|
- if [[ -z ${target} && -z ${swap} ]] ; then
|
|
+ if [ -z "${target}" ] && [ -z "${swap}" ] ; then
|
|
ewarn "Ignoring setting outside target/swap section: ${targetline}"
|
|
continue
|
|
fi
|
|
@@ -295,7 +319,7 @@
|
|
|
|
# Queue this setting for the next call to dm_crypt_execute_xxx
|
|
eval "${targetline}"
|
|
- done 3< ${conf_file}
|
|
+ done 3< "${conf_file}"
|
|
|
|
# If we have a target queued up, then execute it
|
|
${execute_hook}
|
|
--- 1.1.3-dm-crypt-stop.sh
|
|
+++ 1.1.3-dm-crypt-stop.sh
|
|
@@ -13,11 +13,11 @@
|
|
|
|
# Try to remove any dm-crypt mappings
|
|
csetup=/sbin/cryptsetup
|
|
-if [ -f ${conf_file} ] && [ -x "$csetup" ]
|
|
+if [ -f "${conf_file}" ] && [ -x "$csetup" ]
|
|
then
|
|
einfo "Removing dm-crypt mappings"
|
|
|
|
- /bin/egrep "^(target|swap)" ${conf_file} | \
|
|
+ /bin/egrep "^(target|swap)" "${conf_file}" | \
|
|
while read targetline
|
|
do
|
|
target=
|
|
@@ -33,17 +33,19 @@
|
|
eend $? "Failed to remove dm-crypt mapping for: ${target}"
|
|
done
|
|
|
|
- if [[ -n $(/bin/egrep -e "^(source=)./dev/loop*" ${conf_file}) ]] ; then
|
|
+ if /bin/egrep -q -e "^(source=)./dev/loop" "${conf_file}"; then
|
|
einfo "Taking down any dm-crypt loop devices"
|
|
- /bin/egrep -e "^(source)" ${conf_file} | while read sourceline
|
|
+ /bin/egrep -e "^(source)" "${conf_file}" | while read sourceline
|
|
do
|
|
source=
|
|
- eval ${sourceline}
|
|
- if [[ -n $(echo ${source} | grep /dev/loop) ]] ; then
|
|
+ eval "${sourceline}"
|
|
+ case "${source}" in
|
|
+ */dev/loop*)
|
|
ebegin " Taking down ${source}"
|
|
/sbin/losetup -d ${source}
|
|
eend $? " Failed to remove loop"
|
|
- fi
|
|
+ ;;
|
|
+ esac
|
|
done
|
|
fi
|
|
fi
|