From 1a9a5717eeb595cc3615cbd42371cc6c11145afec35d6832f7db15bfd767d887 Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Thu, 24 Jul 2008 21:06:32 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cryptsetup?expand=0&rev=13 --- cryptsetup-1.0.5-udevadm.patch | 13 ++++++++ cryptsetup.changes | 10 ++++++ cryptsetup.spec | 19 ++++++++++-- mkinitrd-boot.sh | 30 ++++++++++++++++++ mkinitrd-setup.sh | 56 ++++++++++++++++++++++++++++++++++ 5 files changed, 126 insertions(+), 2 deletions(-) create mode 100644 cryptsetup-1.0.5-udevadm.patch create mode 100644 mkinitrd-boot.sh create mode 100644 mkinitrd-setup.sh diff --git a/cryptsetup-1.0.5-udevadm.patch b/cryptsetup-1.0.5-udevadm.patch new file mode 100644 index 0000000..12c55c1 --- /dev/null +++ b/cryptsetup-1.0.5-udevadm.patch @@ -0,0 +1,13 @@ +Index: cryptsetup-1.0.5_SVNr46/lib/libdevmapper.c +=================================================================== +--- cryptsetup-1.0.5_SVNr46.orig/lib/libdevmapper.c 2007-10-24 22:47:53.000000000 +0200 ++++ cryptsetup-1.0.5_SVNr46/lib/libdevmapper.c 2008-07-23 11:42:29.000000000 +0200 +@@ -18,7 +18,7 @@ + + #define CRYPT_TARGET "crypt" + +-#define UDEVSETTLE "/sbin/udevsettle" ++#define UDEVSETTLE "/sbin/udevadm settle" + + static void run_udevsettle(void) + { diff --git a/cryptsetup.changes b/cryptsetup.changes index 75ccbd9..8977055 100644 --- a/cryptsetup.changes +++ b/cryptsetup.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Wed Jul 23 15:44:31 CEST 2008 - hare@suse.de + +- Include mkinitrd scriptlets. + +------------------------------------------------------------------- +Wed Jul 23 13:05:20 CEST 2008 - mkoenig@suse.de + +- use /sbin/udevadm settle instead of /sbin/udevsettle [bnc#404875] + ------------------------------------------------------------------- Tue May 6 12:36:49 CEST 2008 - mkoenig@suse.de diff --git a/cryptsetup.spec b/cryptsetup.spec index 279a40f..8e5e073 100644 --- a/cryptsetup.spec +++ b/cryptsetup.spec @@ -22,14 +22,17 @@ License: BSD 3-Clause; GPL v2 or later Group: System/Base AutoReqProv: on Version: 1.0.5_SVNr46 -Release: 16 +Release: 28 Summary: Set Up dm-crypt Based Encrypted Block Devices Source: cryptsetup-%{version}.tar.bz2 Source1: hashalot-%haver.tar.bz2 # http://www.suse.de/~lnussel/boot.crypto.git Source2: boot.crypto-%{bcver}.tar.bz2 +Source3: mkinitrd-setup.sh +Source4: mkinitrd-boot.sh # use this to create the tarball from svn Source99: cryptsetup-mktar +Patch1: cryptsetup-1.0.5-udevadm.patch Patch10: hashalot-fixes.diff Patch11: hashalot-libgcrypt.diff Patch12: hashalot-ctrl-d.diff @@ -81,6 +84,7 @@ Authors: %prep %setup -q -b 1 -b 2 +%patch1 -p1 pushd ../hashalot-%haver %patch10 -p1 %patch11 -p1 @@ -122,7 +126,10 @@ make install DESTDIR=$RPM_BUILD_ROOT popd # remove unwanted symlinks rm -f $RPM_BUILD_ROOT/sbin/{rmd160,sha256,sha384,sha512} -# +# mkinitrd scriptlets +install -d $RPM_BUILD_ROOT/lib/mkinitrd/scripts +install -m 755 %{SOURCE3} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/setup-luks.sh +install -m 755 %{SOURCE4} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/boot-luks.sh # # boot.crypto make -C ../boot.crypto-* install DESTDIR=$RPM_BUILD_ROOT @@ -157,6 +164,10 @@ rm -rf $RPM_BUILD_ROOT %ghost %verify(not md5 size mtime) %config(noreplace,missingok) /etc/cryptotab /etc/init.d/boot.crypto /etc/init.d/boot.crypto-early +%dir /lib/mkinitrd +%dir /lib/mkinitrd/scripts +/lib/mkinitrd/scripts/setup-luks.sh +/lib/mkinitrd/scripts/boot-luks.sh /sbin/cryptsetup /sbin/hashalot %_mandir/man1/hashalot.1.gz @@ -173,6 +184,10 @@ rm -rf $RPM_BUILD_ROOT %{_libdir}/libcryptsetup.so %changelog +* Wed Jul 23 2008 hare@suse.de +- Include mkinitrd scriptlets. +* Wed Jul 23 2008 mkoenig@suse.de +- use /sbin/udevadm settle instead of /sbin/udevsettle [bnc#404875] * Tue May 06 2008 mkoenig@suse.de - load loop module in boot.crypto-early as it might be needed. It is previously initially loaded by boot.localfs. diff --git a/mkinitrd-boot.sh b/mkinitrd-boot.sh new file mode 100644 index 0000000..d2e063e --- /dev/null +++ b/mkinitrd-boot.sh @@ -0,0 +1,30 @@ +#!/bin/bash +#%stage: crypto +#%programs: /sbin/cryptsetup +#%udevmodules: dm-crypt $cryptmodules +#%if: "$root_luks" -o "$luks" +# +##### LUKS (comfortable disk encryption) +## +## This activates a LUKS encrypted partition. +## +## Command line parameters +## ----------------------- +## +## luks a list of luks devices (e.g. xxx) +## luks_xxx the luks device (e.g. /dev/sda) +## + +case $luks_lang in + en*) + /* We only support english keyboard layout */ + ;; + *) + echo "Only english keyboard layout supported." + echo "Please ensure that the password is typed correctly." + ;; +esac + +for curluks in $luks; do + /sbin/cryptsetup luksOpen $(eval echo \$luks_${curluks}) $curluks +done diff --git a/mkinitrd-setup.sh b/mkinitrd-setup.sh new file mode 100644 index 0000000..a1d346c --- /dev/null +++ b/mkinitrd-setup.sh @@ -0,0 +1,56 @@ +#!/bin/bash +# +#%stage: crypto +# + +if [ -x /sbin/cryptsetup -a -x /sbin/dmsetup ] ; then + luks_blockdev= + # bd holds the device we see the decrypted LUKS partition as + for bd in $blockdev ; do + luks_name= + update_blockdev $bd + luks_blockmajor=$blockmajor + luks_blockminor=$blockminor + # luksbd holds the device, LUKS is running on + for luksbd in $(dm_resolvedeps $bd); do # should only be one for luks + [ $? -eq 0 ] || return 1 + update_blockdev $luksbd + if /sbin/cryptsetup isLuks $luksbd 2>/dev/null; then + root_luks=1 + tmp_root_dm=1 # luks needs dm + + luks_name="$(dmsetup -c info -o name --noheadings -j $luks_blockmajor -m $luks_blockminor)" + eval luks_${luks_name}=$(beautify_blockdev ${luksbd}) + save_var luks_${luks_name} + + luks="$luks $luks_name" + luks_blockdev="$luks_blockdev $luksbd" + fi + done + if [ ! "$luks_name" ]; then # no luks found + luks_blockdev="$luks_blockdev $bd" + fi + done + blockdev="$luks_blockdev" +fi + +if [ "$root_luks" ]; then + case $LANG in + en*) + /* We only support english keyboard layout currently */ + ;; + *) + echo "Only english keyboard layout supported." + echo "Please ensure that the password is typed correctly." + luks_lang=$LANG + ;; + esac + for m in $(cat /proc/crypto | grep module | sed 's/^module .*: \(.*\)$/\1/'); do + cryptmodules="$cryptmodules $m" + done +fi + +save_var root_luks # do we have luks? +save_var luks # which names do the luks devices have? +save_var cryptmodules # required kernel modules for crypto setup +save_var luks_lang # original language settings