diff options
Diffstat (limited to 'hooks/encrypt')
-rw-r--r-- | hooks/encrypt | 68 |
1 files changed, 56 insertions, 12 deletions
diff --git a/hooks/encrypt b/hooks/encrypt index 8b4c80b..bf7bc9f 100644 --- a/hooks/encrypt +++ b/hooks/encrypt @@ -1,17 +1,61 @@ # vim: set ft=sh: +# TODO this one needs some work to work with lots of different +# encryption schemes run_hook () { - echo "" - echo "A password is required to access the root filesystem:" - echo -n "password: " - if /bin/cryptsetup.static isLuks ${root} >/dev/null 2>&1; then - /bin/cryptsetup.static luksOpen ${root} root - else - /bin/cryptsetup create root ${root} - fi + mkdevice () { /bin/mknod "/dev/mapper/control" c ${1} ${2}; } + if [ -e "/sys/class/misc/device-mapper" ]; then + /bin/modprobe -a -q dm-crypt >/dev/null 2>&1 + read dev_t < /sys/class/misc/device-mapper/dev + OLDIFS=$IFS; IFS=: + mkdevice $dev_t + IFS=$OLDIFS - if [ $? != 0 ]; then - echo "ERROR: Password Verification Failed" - exit 1 - fi + if /bin/cryptsetup isLuks ${root} >/dev/null 2>&1; then + echo "" + echo "A password is required to access the root filesystem:" + echo -n "password: " + /bin/cryptsetup luksOpen ${root} root + if [ $? -ne 0 ]; then + err "Password verification failed, aborting..." + exit 1 + else + if [ -e "/dev/mapper/root" ]; then + export root="/dev/mapper/root" + else + err "Password succeeded, but root creation failed, aborting..." + exit 1 + fi + fi + else + do_oldcrypto () + { + exe="/bin/cryptsetup create root ${root}" + [ "x${1}" != "x" ] && exe="$exe --hash \"${1}\"" + [ "x${2}" != "x" ] && exe="$exe --cipher \"${2}\"" + [ "x${3}" != "x" ] && exe="$exe --key-size \"${3}\"" + [ "x${4}" != "x" ] && exe="$exe --offset \"${4}\"" + [ "x${5}" != "x" ] && exe="$exe --skip \"${5}\"" + echo "" + echo "A password is required to access the root filesystem:" + echo -n "password: " + eval "${exe}" + } + msg "Non-LUKS encrypted device found..." + if [ "x${crypto}" != "x" ]; then + do_oldcrypt ${crypto} + if [ $? -ne 0 ]; then + err "Password verification failed, aborting..." + err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip" + exit 1 + else + if [ -e "/dev/mapper/root" ]; then + export root="/dev/mapper/root" + else + err "Password succeeded, but root creation failed, aborting..." + exit 1 + fi + fi + fi + fi } |