SHA256
1
0
forked from pool/cryptsetup
OBS User unknown 2008-07-24 21:06:32 +00:00 committed by Git OBS Bridge
parent 4e19fa1180
commit 1a9a5717ee
5 changed files with 126 additions and 2 deletions

View File

@ -0,0 +1,13 @@
Index: cryptsetup-1.0.5_SVNr46/lib/libdevmapper.c
===================================================================
--- cryptsetup-1.0.5_SVNr46.orig/lib/libdevmapper.c 2007-10-24 22:47:53.000000000 +0200
+++ cryptsetup-1.0.5_SVNr46/lib/libdevmapper.c 2008-07-23 11:42:29.000000000 +0200
@@ -18,7 +18,7 @@
#define CRYPT_TARGET "crypt"
-#define UDEVSETTLE "/sbin/udevsettle"
+#define UDEVSETTLE "/sbin/udevadm settle"
static void run_udevsettle(void)
{

View File

@ -1,3 +1,13 @@
-------------------------------------------------------------------
Wed Jul 23 15:44:31 CEST 2008 - hare@suse.de
- Include mkinitrd scriptlets.
-------------------------------------------------------------------
Wed Jul 23 13:05:20 CEST 2008 - mkoenig@suse.de
- use /sbin/udevadm settle instead of /sbin/udevsettle [bnc#404875]
-------------------------------------------------------------------
Tue May 6 12:36:49 CEST 2008 - mkoenig@suse.de

View File

@ -22,14 +22,17 @@ License: BSD 3-Clause; GPL v2 or later
Group: System/Base
AutoReqProv: on
Version: 1.0.5_SVNr46
Release: 16
Release: 28
Summary: Set Up dm-crypt Based Encrypted Block Devices
Source: cryptsetup-%{version}.tar.bz2
Source1: hashalot-%haver.tar.bz2
# http://www.suse.de/~lnussel/boot.crypto.git
Source2: boot.crypto-%{bcver}.tar.bz2
Source3: mkinitrd-setup.sh
Source4: mkinitrd-boot.sh
# use this to create the tarball from svn
Source99: cryptsetup-mktar
Patch1: cryptsetup-1.0.5-udevadm.patch
Patch10: hashalot-fixes.diff
Patch11: hashalot-libgcrypt.diff
Patch12: hashalot-ctrl-d.diff
@ -81,6 +84,7 @@ Authors:
%prep
%setup -q -b 1 -b 2
%patch1 -p1
pushd ../hashalot-%haver
%patch10 -p1
%patch11 -p1
@ -122,7 +126,10 @@ make install DESTDIR=$RPM_BUILD_ROOT
popd
# remove unwanted symlinks
rm -f $RPM_BUILD_ROOT/sbin/{rmd160,sha256,sha384,sha512}
#
# mkinitrd scriptlets
install -d $RPM_BUILD_ROOT/lib/mkinitrd/scripts
install -m 755 %{SOURCE3} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/setup-luks.sh
install -m 755 %{SOURCE4} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/boot-luks.sh
#
# boot.crypto
make -C ../boot.crypto-* install DESTDIR=$RPM_BUILD_ROOT
@ -157,6 +164,10 @@ rm -rf $RPM_BUILD_ROOT
%ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/cryptotab
/etc/init.d/boot.crypto
/etc/init.d/boot.crypto-early
%dir /lib/mkinitrd
%dir /lib/mkinitrd/scripts
/lib/mkinitrd/scripts/setup-luks.sh
/lib/mkinitrd/scripts/boot-luks.sh
/sbin/cryptsetup
/sbin/hashalot
%_mandir/man1/hashalot.1.gz
@ -173,6 +184,10 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/libcryptsetup.so
%changelog
* Wed Jul 23 2008 hare@suse.de
- Include mkinitrd scriptlets.
* Wed Jul 23 2008 mkoenig@suse.de
- use /sbin/udevadm settle instead of /sbin/udevsettle [bnc#404875]
* Tue May 06 2008 mkoenig@suse.de
- load loop module in boot.crypto-early as it might be needed.
It is previously initially loaded by boot.localfs.

30
mkinitrd-boot.sh Normal file
View File

@ -0,0 +1,30 @@
#!/bin/bash
#%stage: crypto
#%programs: /sbin/cryptsetup
#%udevmodules: dm-crypt $cryptmodules
#%if: "$root_luks" -o "$luks"
#
##### LUKS (comfortable disk encryption)
##
## This activates a LUKS encrypted partition.
##
## Command line parameters
## -----------------------
##
## luks a list of luks devices (e.g. xxx)
## luks_xxx the luks device (e.g. /dev/sda)
##
case $luks_lang in
en*)
/* We only support english keyboard layout */
;;
*)
echo "Only english keyboard layout supported."
echo "Please ensure that the password is typed correctly."
;;
esac
for curluks in $luks; do
/sbin/cryptsetup luksOpen $(eval echo \$luks_${curluks}) $curluks
done

56
mkinitrd-setup.sh Normal file
View File

@ -0,0 +1,56 @@
#!/bin/bash
#
#%stage: crypto
#
if [ -x /sbin/cryptsetup -a -x /sbin/dmsetup ] ; then
luks_blockdev=
# bd holds the device we see the decrypted LUKS partition as
for bd in $blockdev ; do
luks_name=
update_blockdev $bd
luks_blockmajor=$blockmajor
luks_blockminor=$blockminor
# luksbd holds the device, LUKS is running on
for luksbd in $(dm_resolvedeps $bd); do # should only be one for luks
[ $? -eq 0 ] || return 1
update_blockdev $luksbd
if /sbin/cryptsetup isLuks $luksbd 2>/dev/null; then
root_luks=1
tmp_root_dm=1 # luks needs dm
luks_name="$(dmsetup -c info -o name --noheadings -j $luks_blockmajor -m $luks_blockminor)"
eval luks_${luks_name}=$(beautify_blockdev ${luksbd})
save_var luks_${luks_name}
luks="$luks $luks_name"
luks_blockdev="$luks_blockdev $luksbd"
fi
done
if [ ! "$luks_name" ]; then # no luks found
luks_blockdev="$luks_blockdev $bd"
fi
done
blockdev="$luks_blockdev"
fi
if [ "$root_luks" ]; then
case $LANG in
en*)
/* We only support english keyboard layout currently */
;;
*)
echo "Only english keyboard layout supported."
echo "Please ensure that the password is typed correctly."
luks_lang=$LANG
;;
esac
for m in $(cat /proc/crypto | grep module | sed 's/^module .*: \(.*\)$/\1/'); do
cryptmodules="$cryptmodules $m"
done
fi
save_var root_luks # do we have luks?
save_var luks # which names do the luks devices have?
save_var cryptmodules # required kernel modules for crypto setup
save_var luks_lang # original language settings