# vim: set ft=sh: # TODO this one needs some work to work with lots of different # encryption schemes run_hook () { mkdevice () { /bin/mknod "/dev/mapper/control" c ${1} ${2}; } /bin/modprobe -a -q dm-crypt >/dev/null 2>&1 if [ -e "/sys/class/misc/device-mapper" ]; then read dev_t < /sys/class/misc/device-mapper/dev OLDIFS=$IFS; IFS=: mkdevice $dev_t IFS=$OLDIFS if /bin/cryptsetup isLuks ${root} >/dev/null 2>&1; then echo "" echo "A password is required to access the root filesystem:" #loop until we get a real password while ! /bin/cryptsetup luksOpen ${root} root; do sleep 2; done if [ -e "/dev/mapper/root" ]; then export root="/dev/mapper/root" else err "Password succeeded, but root creation failed, aborting..." exit 1 fi elif [ "x${crypto}" != "x" ]; then do_oldcrypto () { if [ $# -ne 5 ]; then err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip" err "Non-LUKS decryption not attempted..." else exe="/bin/cryptsetup create root ${root}" [ "x${1}" != "x" ] && exe="$exe --hash \"${1}\"" [ "x${2}" != "x" ] && exe="$exe --cipher \"${2}\"" [ "x${3}" != "x" ] && exe="$exe --key-size \"${3}\"" [ "x${4}" != "x" ] && exe="$exe --offset \"${4}\"" [ "x${5}" != "x" ] && exe="$exe --skip \"${5}\"" echo "" echo "A password is required to access the root filesystem:" eval "${exe}" fi } msg "Non-LUKS encrypted device found..." OLDIFS=$IFS; IFS=: do_oldcrypt ${crypto} IFS=$OLDIFS if [ $? -ne 0 ]; then err "Non-LUKS device decryption failed. verify format: " err " crypto=hash:cipher:keysize:offset:skip" exit 1 else if [ -e "/dev/mapper/root" ]; then export root="/dev/mapper/root" else err "Password succeeded, but root creation failed, aborting..." exit 1 fi fi fi fi }