mirror of
https://gitlab.archlinux.org/tpowa/archboot.git
synced 2024-09-19 19:40:37 +02:00
'fixed arch_encrypt'
This commit is contained in:
parent
8e3ce882f3
commit
009dcf6c50
1 changed files with 16 additions and 9 deletions
|
@ -15,13 +15,7 @@ run_hook ()
|
||||||
ckeyfile="/crypto_keyfile.bin"
|
ckeyfile="/crypto_keyfile.bin"
|
||||||
if [ "x${cryptkey}" != "x" ]; then
|
if [ "x${cryptkey}" != "x" ]; then
|
||||||
set -- $(/bin/replace "${cryptkey}" ':'); ckdev=$1; ckarg1=$2; ckarg2=$3
|
set -- $(/bin/replace "${cryptkey}" ':'); ckdev=$1; ckarg1=$2; ckarg2=$3
|
||||||
try=10
|
if poll_device "${ckdev}" ${rootdelay}; then
|
||||||
echo "Waiting for ${ckdev} ..."
|
|
||||||
while [ ! -b ${ckdev} -a ${try} -gt 0 ]; do
|
|
||||||
sleep 1
|
|
||||||
try=$((${try}-1))
|
|
||||||
done
|
|
||||||
if [ -b ${ckdev} ]; then
|
|
||||||
case ${ckarg1} in
|
case ${ckarg1} in
|
||||||
*[!0-9]*)
|
*[!0-9]*)
|
||||||
# Use a file on the device
|
# Use a file on the device
|
||||||
|
@ -42,13 +36,22 @@ run_hook ()
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -n "${cryptdevice}" ]; then
|
if [ -n "${cryptdevice}" ]; then
|
||||||
|
DEPRECATED_CRYPT=0
|
||||||
set -- $(/bin/replace "${cryptdevice}" ':'); cryptdev="$1"; cryptname="$2";
|
set -- $(/bin/replace "${cryptdevice}" ':'); cryptdev="$1"; cryptname="$2";
|
||||||
else
|
else
|
||||||
|
DEPRECATED_CRYPT=1
|
||||||
cryptdev="${root}"
|
cryptdev="${root}"
|
||||||
cryptname="root"
|
cryptname="root"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
warn_deprecated() {
|
||||||
|
echo "The syntax 'root=${root}' where '${root}' is an encrypted volume is deprecated"
|
||||||
|
echo "Use 'cryptdevice=${root}:root root=/dev/mapper/root' instead."
|
||||||
|
}
|
||||||
|
|
||||||
|
if poll_device "${cryptdev}" ${rootdelay}; then
|
||||||
if /usr/sbin/cryptsetup isLuks ${cryptdev} >/dev/null 2>&1; then
|
if /usr/sbin/cryptsetup isLuks ${cryptdev} >/dev/null 2>&1; then
|
||||||
|
[ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
|
||||||
dopassphrase=1
|
dopassphrase=1
|
||||||
# If keyfile exists, try to use that
|
# If keyfile exists, try to use that
|
||||||
if [ -f ${ckeyfile} ]; then
|
if [ -f ${ckeyfile} ]; then
|
||||||
|
@ -69,7 +72,7 @@ run_hook ()
|
||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
if [ -e "/dev/mapper/${cryptname}" ]; then
|
if [ -e "/dev/mapper/${cryptname}" ]; then
|
||||||
if [ "${cryptname}" = "root" ]; then
|
if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
|
||||||
export root="/dev/mapper/root"
|
export root="/dev/mapper/root"
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
|
@ -77,6 +80,7 @@ run_hook ()
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
elif [ "x${crypto}" != "x" ]; then
|
elif [ "x${crypto}" != "x" ]; then
|
||||||
|
[ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
|
||||||
do_oldcrypto ()
|
do_oldcrypto ()
|
||||||
{
|
{
|
||||||
if [ $# -ne 5 ]; then
|
if [ $# -ne 5 ]; then
|
||||||
|
@ -109,13 +113,16 @@ run_hook ()
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
if [ -e "/dev/mapper/${cryptname}" ]; then
|
if [ -e "/dev/mapper/${cryptname}" ]; then
|
||||||
if [ "${cryptname}" = "root" ]; then
|
if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
|
||||||
export root="/dev/mapper/root"
|
export root="/dev/mapper/root"
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
err "Password succeeded, but ${cryptname} creation failed, aborting..."
|
err "Password succeeded, but ${cryptname} creation failed, aborting..."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
else
|
||||||
|
err "Failed to open encryption mapping: The device ${cryptdev} is not a LUKS volume and the crypto= paramater was not specified."
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
nuke ${ckeyfile}
|
nuke ${ckeyfile}
|
||||||
fi
|
fi
|
||||||
|
|
Loading…
Reference in a new issue