@ -37,9 +37,9 @@ modules_load() {
modules_scan() {
modules_scan() {
local MODS
local MODS
[ -d /etc/modules/${1} ] || touch /etc/modules/${1}
[ -d " /etc/modules/${1}" ] || touch /etc/modules/${1}
[ -f /etc/modules/${1} ] && MODS=`cat /etc/modules/${1}`
[ -f " /etc/modules/${1}" ] && MODS=`cat /etc/modules/${1}`
for x in ${MODS}
for x in ${MODS}
do
do
MLOAD=`echo ${MLIST} | sed -e "s/.*${x}.*/${x}/"`
MLOAD=`echo ${MLIST} | sed -e "s/.*${x}.*/${x}/"`
@ -63,82 +63,96 @@ modules_scan() {
done
done
}
}
findcdmount() {
uppercase(){
# needs tr on busybox
echo $1 | tr 'a-z' 'A-Z'
}
findmediamount() {
# $1 = mount dir name / media name
# $2 = recognition file
# $3 = variable to have the device path
# $4 = directory before /mnt, like NEW_ROOT
# args remaining are possible devices
local media=$1 recon=$2 vrbl=$3
local mntdir="${4}/mnt/${media}"
shift 4
good_msg "Looking for the ${media}" ${CRYPT_SILENT}
if [ "$#" -gt "0" ]
if [ "$#" -gt "0" ]
then
then
[ ! -d "${mntdir}" ] && mkdir -p ${mntdir} 2>/dev/null >/dev/null
for x in $*
for x in $*
do
do
# Check for a block device to mount
# Check for a block device to mount
if [ -b "${x}" ]
if [ -b "${x}" ]
then
then
good_msg "Attempting to mount media:- ${x}"
good_msg "Attempting to mount media:- ${x}" ${CRYPT_SILENT}
if [ -z "${CDROOT_DEV}" ]
then
if [ -n "${CDROOT_DEV}" -a \( ${media}="cdrom" \) ]; then
mount -r -t auto ${x} ${NEW_ROOT}/mnt/cdrom \
mount -r -t auto ${x} ${NEW_ROOT}/mnt/cdrom >/dev/null 2>&1
> /dev/null 2>&1
else
else
mount -r -t iso9660 ${x} ${NEW_ROOT}/mnt/cdrom \
mount -r -t auto ${x} ${mntdir} >/dev/null 2>&1
> /dev/null 2>&1
fi
fi
if [ "$?" = '0' ]
if [ "$?" = '0' ]
then
then
# Check for a LiveCD
# Check for the media
if [ -f ${NEW_ROOT}/mnt/cdrom/${SUBDIR}/livecd ]
if [ -f "${mntdir}/${recon}" ]
then
then
REAL_ROOT="${x}"
#set REAL_ROOT, CRYPT_ROOT_KEYDEV or whatever ${vrbl} is
eval ${vrbl}'='"${x}"
good_msg "Media found on ${x}" ${CRYPT_SILENT}
break
break
else
else
umount ${NEW_ROOT}/mnt/cdrom
umount ${mntdir}
fi
fi
fi
fi
fi
fi
done
done
if [ "${REAL_ROOT}" != '' ]
then
good_msg "Media found on ${x}"
fi
fi
fi
eval local result='$'${vrbl}
[ -n "${result}" ] || bad_msg "Media not found" ${CRYPT_SILENT}
}
}
findkeymount() {
devicelist(){
if [ "$#" -gt "0" ]
# Locate the cdrom device with our media on it.
then
# CDROM DEVICES
for x in $*
local DEVICES="/dev/cdroms/* /dev/ide/cd/* /dev/sr*"
do
# USB Keychain/Storage
# Check for a block device to mount
DEVICES="$DEVICES /dev/sd*"
if [ -b "${x}" ]
# IDE devices
then
DEVICES="$DEVICES /dev/hd*"
if [ ${crypt_silent} = '' ]
# USB using the USB Block Driver
then
DEVICES="$DEVICES /dev/ubd* /dev/ubd/*"
good_msg "Attempting to mount key media:- ${x}"
# iSeries devices
fi
DEVICES="$DEVICES /dev/iseries/vcd*"
echo ${DEVICES}
}
mount -r -t auto ${x} ${NEW_ROOT}/mnt/keydev \
bootstrapCD() {
> /dev/null 2>&1
if [ "$?" = '0' ]
local DEVICES=`devicelist`
then
# The device was specified on the command line. Shold we even be doing a
# Check for the key
# scan at this point? I think not.
if [ -e ${NEW_ROOT}/mnt/keydev/${LUKS_ROOT_KEY} ]
[ -n "${CDROOT_DEV}" ] && DEVICES="$DEVICES ${CDROOT_DEV}"
then
LUKS_ROOT_KEYDEV="${x}"
findmediamount "cdrom" "${SUBDIR}/livecd" "REAL_ROOT" "${NEW_ROOT}" ${DEVICES}
umount ${NEW_ROOT}/mnt/keydev
break
else
umount ${NEW_ROOT}/mnt/keydev
fi
fi
fi
done
if [ "${LUKS_ROOT_KEYDEV}" != '' ]
then
if [ ${crypt_silent} = '' ]
then
good_msg "Key media found on ${x}"
fi
fi
fi
}
}
bootstrapKey() {
# $1 = ROOT/SWAP
local KEYDEVS=`devicelist`
eval local keyloc='"${CRYPT_'${1}'_KEY}"'
findmediamount "key" "${keyloc}" "CRYPT_${1}_KEYDEV" "" ${KEYDEVS}
}
cache_cd_contents() {
cache_cd_contents() {
# Check loop file exists and cache to ramdisk if DO_cache is enabled
# Check loop file exists and cache to ramdisk if DO_cache is enabled
@ -328,23 +342,73 @@ test_success() {
fi
fi
}
}
# msg functions arguments
# $1 string
# $2 hide flag
good_msg() {
good_msg() {
msg_string=$1
msg_string=$1
msg_string="${msg_string:-...}"
msg_string="${msg_string:-...}"
echo -e "${GOOD}>>${NORMAL}${BOLD} ${msg_string} ${NORMAL}"
[ "$2" != 1 ] && echo -e "${GOOD}>>${NORMAL}${BOLD} ${msg_string} ${NORMAL}"
}
}
bad_msg() {
bad_msg() {
msg_string=$1
msg_string=$1
msg_string="${msg_string:-...}"
msg_string="${msg_string:-...}"
splash 'verbose' > /dev/null &
if [ "$2" != 1 ]
echo -e "${BAD}!!${NORMAL}${BOLD} ${msg_string} ${NORMAL}"
then
splash 'verbose' > /dev/null &
echo -e "${BAD}!!${NORMAL}${BOLD} ${msg_string} ${NORMAL}"
fi
}
}
warn_msg() {
warn_msg() {
msg_string=$1
msg_string=$1
msg_string="${msg_string:-...}"
msg_string="${msg_string:-...}"
echo -e "${WARN}**${NORMAL}${BOLD} ${msg_string} ${NORMAL}"
[ "$2" != 1 ] && echo -e "${WARN}**${NORMAL}${BOLD} ${msg_string} ${NORMAL}"
}
crypt_filter() {
if [ ${CRYPT_SILENT} -eq 1 ]
then
eval $1 >/dev/null 2>/dev/null
else
eval $1
fi
}
whereis(){
# $1 = variable whose value is the path (examples: "REAL_ROOT", "LUKS_KEYDEV")
# $2 = label
# $3 = optional explanations for failure
eval local oldvalue='$'${1}
[ \( $# != 2 \) -a \( $# != 3 \) ] && \
bad_msg "Bad invocation of function whereis, please file a bug \
report with this message" && exit 1
[ -n "${3}" ] && local explnt=" or : ${3}" || local explnt="."
bad_msg "Could not find the ${2} in ${oldvalue}${explnt}"
echo ' Please specify another value or: press Enter for the same, type "shell" for a shell, or "q" to skip...'
echo -n "${2}(${oldvalue}) :: "
read ${1}
case `eval echo '$'${1}` in
'q')
eval ${1}'='${oldvalue}
warn_msg "Skipping step, this will likely cause a boot failure."
break
;;
'shell')
eval ${1}'='${oldvalue}
echo "To leave and try again just press <Ctrl>+D"
run_shell
;;
'')
eval ${1}'='${oldvalue}
;;
esac
}
}
bind_mount_dev() {
bind_mount_dev() {
@ -354,14 +418,14 @@ bind_mount_dev() {
start_dev_mgr() {
start_dev_mgr() {
# Check udev is available...
# Check udev is available...
if [ "${KV_2_6_OR_GREATER}" -a ! "${USE_UDEV_NORMAL}" -eq '0' ]
if [ "${KV_2_6_OR_GREATER}" -a "${USE_UDEV_NORMAL}" != '0' ]
then
then
USE_UDEV_NORMAL=1
USE_UDEV_NORMAL=1
else
else
USE_UDEV_NORMAL=0
USE_UDEV_NORMAL=0
fi
fi
if [ "${USE_UDEV_NORMAL}" -eq '1' ]
if [ "${USE_UDEV_NORMAL}" = '1' ]
then
then
cd /sys
cd /sys
[ "${DO_slowusb}" ] && sleep 10
[ "${DO_slowusb}" ] && sleep 10
@ -378,42 +442,6 @@ start_dev_mgr() {
fi
fi
}
}
bootstrapCD() {
# Locate the cdrom device with our media on it.
# CDROM DEVICES
DEVICES="/dev/cdroms/* /dev/ide/cd/* /dev/sr*"
# USB Keychain/Storage
DEVICES="$DEVICES /dev/sd*"
# IDE devices
DEVICES="$DEVICES /dev/hd*"
# USB using the USB Block Driver
DEVICES="$DEVICES /dev/ubd* /dev/ubd/*"
# iSeries devices
DEVICES="$DEVICES /dev/iseries/vcd*"
# The device was specified on the command line. Shold we even be doing a
# scan at this point? I think not.
[ -n "${CDROOT_DEV}" ] && DEVICES="$DEVICES ${CDROOT_DEV}"
findcdmount $DEVICES
}
bootstrapKey() {
# Locate the device with our key on it.
# USB Keychain/Storage
KEYDEVS="/dev/sd*"
# CDROM DEVICES
KEYDEVS="${KEYDEVS} /dev/cdroms/* /dev/ide/cd/* /dev/sr*"
# IDE devices
KEYDEVS="${KEYDEVS} /dev/hd*"
# USB using the USB Block Driver
KEYDEVS="${KEYDEVS} /dev/ubd* /dev/ubd/*"
# iSeries devices
KEYDEVS="${KEYDEVs} /dev/iseries/vcd*"
findkeymount ${KEYDEVS}
}
cmdline_hwopts() {
cmdline_hwopts() {
# Scan CMDLINE for any "doscsi" or "noscsi"-type arguments
# Scan CMDLINE for any "doscsi" or "noscsi"-type arguments
@ -510,7 +538,7 @@ setup_keymap() {
chooseKeymap
chooseKeymap
[ "${DEVBIND}" -eq '1' ] && umount /dev
[ "${DEVBIND}" = '1' ] && umount /dev
if [ -e /etc/sysconfig/keyboard -a "${CDROOT}" -eq '1' ]
if [ -e /etc/sysconfig/keyboard -a "${CDROOT}" -eq '1' ]
then
then
@ -611,7 +639,7 @@ startVolumes() {
/sbin/mdadm --assemble
/sbin/mdadm --assemble
fi
fi
if [ "${USE_DMRAID_NORMAL}" -eq '1' ]
if [ "${USE_DMRAID_NORMAL}" = '1' ]
then
then
if [ -e '/sbin/dmraid' ]
if [ -e '/sbin/dmraid' ]
then
then
@ -625,7 +653,7 @@ startVolumes() {
fi
fi
fi
fi
if [ "${USE_LVM_NORMAL}" -eq '1' ]
if [ "${USE_LVM_NORMAL}" = '1' ]
then
then
if [ -e '/bin/vgscan' -a -e '/bin/vgchange' ]
if [ -e '/bin/vgscan' -a -e '/bin/vgchange' ]
then
then
@ -641,7 +669,7 @@ startVolumes() {
/bin/vgchange -ay --ignorelockingfailure 2>/dev/null
/bin/vgchange -ay --ignorelockingfailure 2>/dev/null
# Disable EVMS since lvm is activated and they dont work together.
# Disable EVMS since lvm is activated and they dont work together.
if [ "${USE_EVMS_NORMAL}" -eq '1' ]
if [ "${USE_EVMS_NORMAL}" = '1' ]
then
then
bad_msg "Disabling EVMS Support because LVM started"
bad_msg "Disabling EVMS Support because LVM started"
bad_msg "Do not add dolvm to the cmdline if this is not what you want"
bad_msg "Do not add dolvm to the cmdline if this is not what you want"
@ -653,7 +681,7 @@ startVolumes() {
fi
fi
fi
fi
if [ "${USE_EVMS_NORMAL}" -eq '1' ]
if [ "${USE_EVMS_NORMAL}" = '1' ]
then
then
if [ -e '/sbin/evms_activate' ]
if [ -e '/sbin/evms_activate' ]
then
then
@ -664,60 +692,142 @@ startVolumes() {
}
}
# Open a LUKS device
# Open a LUKS device
# $1 LUKS device
# It is either the root or a swap, other devices are supported in the scripts provided with sys-fs/cryptsetup-luks
# $2 LUKS name
# $1 - root/swap
openLUKS() {
openLUKS() {
LUKS_DEVICE="$1"
# please use 'tr' and this line, or remove it
LUKS_NAME="$2"
# eval local TYPE=`uppercase $1`
if [ -e /sbin/cryptsetup ]
then
case $1 in
while [ 1 ]
root)
do
local TYPE=ROOT
if [ "${LUKS_DEVICE}" = '' ]
;;
then
swap)
# LUKS device could not be opened. Prompt user for device.
local TYPE=SWAP
bad_msg "The LUKS ${LUKS_NAME} block device is not detected."
;;
echo " Please specify a ${LUKS_NAME} LUKS device to open, "q" to skip, or "shell" for a shell..."
esac
echo -n "LUKS ${LUKS_NAME}() :: "
read LUKS_DEVICE
continue
elif [ "${LUKS_DEVICE}" = 'shell' ]
then
run_shell
LUKS_DEVICE=''
eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="$1" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"' LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"'
continue
local DEV_ERROR=0 KEY_ERROR=0 KEYDEV_ERROR=0
elif [ "${LUKS_DEVICE}" = 'q' ]
local mntkey="/mnt/key/" cryptsetup_options=''
[ ! -e /sbin/cryptsetup ] && bad_msg "The initrd does not support LUKS" && exit 1
while [ 1 ]
do
# if crypt_silent=1 and some error occurs, enter shell quietly
if [ \( ${CRYPT_SILENT} -eq 1 \) -a \( \( \( ${DEV_ERROR} -eq 1 \) -o \( ${KEY_ERROR} -eq 1 \) \) -o \( ${KEYDEV_ERROR} -eq 1 \) \) ]
then
run_shell
elif [ ${DEV_ERROR} -eq 1 ]
then
whereis "LUKS_DEVICE" "${LUKS_NAME}"
DEV_ERROR=0
elif [ ${KEY_ERROR} -eq 1 ]
then
whereis "LUKS_KEY" "${LUKS_NAME} key"
KEY_ERROR=0
elif [ ${KEYDEV_ERROR} -eq 1 ]
then
whereis "LUKS_KEYDEV" "${LUKS_NAME} key device"
KEYDEV_ERROR=0
else
setup_md_device ${LUKS_DEVICE}
cryptsetup isLuks ${LUKS_DEVICE}
if [ ! "$?" -eq '0' ]
then
then
break
bad_msg "The LUKS device ${LUKS_DEVICE} does not contain a LUKS header" ${CRYPT_SILENT}
DEV_ERROR=1
continue
else
else
setup_md_device ${LUKS_DEVICE}
# Handle keys
if cryptsetup isLuks ${LUKS_DEVICE}
if [ -n "${LUKS_KEY}" ]
then
then
good_msg "Opening LUKS device ${LUKS_DEVICE}"
if [ ! -e "${mntkey}${LUKS_KEY}" ]
cryptsetup luksOpen ${LUKS_DEVICE} ${LUKS_NAME}
if [ ! "$?" -eq '0' ]
then
then
bad_msg "Failed open LUKS device ${LUKS_DEVICE}"
if [ -b "${LUKS_KEYDEV}" ]
else
then good_msg "Using key device ${LUKS_KEYDEV}." ${CRYPT_SILENT}
break
else
good_msg "Please insert removable device ${LUKS_KEYDEV} for ${LUKS_NAME}" ${CRYPT_SILENT}
# abort after 10 secs
local count=10
while [ ${count} -gt 0 ]
do
count=$((count-1))
sleep 1
if [ -b "${LUKS_KEYDEV}" ]
then
good_msg "Removable device ${LUKS_KEYDEV} detected." ${CRYPT_SILENT}
break
fi
done
if [ ! -b "${LUKS_KEYDEV}" ]
then
eval CRYPT_${TYPE}_KEY=${LUKS_KEY}
bootstrapKey ${TYPE}
eval LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"'
if [ ! -b "${LUKS_KEYDEV}" ]; then
KEYDEV_ERROR=1
bad_msg "Removable device ${LUKS_KEYDEV} not found." ${CRYPT_SILENT}
continue
fi
# continue otherwise will mount keydev which is mounted by bootstrap
continue
fi
fi
# At this point a device was recognized, now let's see if the key is there
[ ! -d "$mntkey" ] && mkdir -p ${mntkey} 2>/dev/null >/dev/null
mount -n -o ro ${LUKS_KEYDEV} ${mntkey} >/dev/null 2>/dev/null
if [ "$?" != '0' ]
then
KEYDEV_ERROR=1
bad_msg "Mounting of device ${LUKS_KEYDEV} failed." ${CRYPT_SILENT}
continue
else
good_msg "Removable device ${LUKS_KEYDEV} mounted." ${CRYPT_SILENT}
sleep 2
# keyfile exists?
if [ ! -e "${mntkey}${LUKS_KEY}" ]; then
umount -n ${mntkey} 2>/dev/null >/dev/null
KEY_ERROR=1
KEYDEV_ERROR=1
bad_msg "Key {LUKS_KEY} on device ${LUKS_KEYDEV} not found." ${CRYPT_SILENT}
continue
fi
fi
fi
fi
# At this point a candidate key exists (either mounted before or not)
good_msg "${LUKS_KEY} on device ${LUKS_KEYDEV} found" ${CRYPT_SILENT}
cryptsetup_options="-d ${mntkey}${LUKS_KEY}"
fi
# At this point, keyfile or not, we're ready!
crypt_filter "cryptsetup ${cryptsetup_options} luksOpen ${LUKS_DEVICE} ${LUKS_NAME}"
if [ $? -eq 0 ]
then
good_msg "LUKS device ${LUKS_DEVICE} opened" ${CRYPT_SILENT}
break
else
else
bad_msg "The LUKS device ${LUKS_DEVICE} does not contain a LUKS header"
bad_msg "Failed to open LUKS device ${LUKS_DEVICE}" ${CRYPT_SILENT}
DEV_ERROR=1
KEY_ERROR=1
KEYDEV_ERROR=1
fi
fi
fi
fi
LUKS_DEVICE=''
fi
done
done
else
umount ${mntkey} 2>/dev/null >/dev/null
bad_msg "The initrd does not support LUKS"
rmdir -p ${mntkey} 2>/dev/null >/dev/null
fi
}
}
startLUKS() {
startLUKS() {
if [ -n "${LUKS_ROOT}" ]
then
# if key is set but key device isn't, find it
openLUKS "${LUKS_ROOT}" "root"
[ -n "${CRYPT_ROOT_KEY}" ] && [ -z "${CRYPT_ROOT_KEYDEV}" ] \
&& sleep 6 && bootstrapKey "ROOT"
if [ -n "${CRYPT_ROOT}" ]; then
openLUKS "root"
if [ -n "${REAL_ROOT}" ]
if [ -n "${REAL_ROOT}" ]
then
then
# Rescan volumes
# Rescan volumes
@ -726,10 +836,18 @@ startLUKS() {
REAL_ROOT="/dev/mapper/root"
REAL_ROOT="/dev/mapper/root"
fi
fi
fi
fi
if [ -n "${LUKS_SWAP}" ]
then
# same for swap, but no need to sleep if root was unencrypted
openLUKS "${LUKS_SWAP}" "swap"
[ -n "${CRYPT_SWAP_KEY}" ] && [ -z "${CRYPT_SWAP_KEYDEV}" ] \
break
&& { [ -z "${CRYPT_ROOT}" ] && sleep 6; bootstrapKey "SWAP"; }
if [ -n "${CRYPT_SWAP}" ]; then
openLUKS "swap"
if [ -z "${REAL_RESUME}" ]
then
# Resume from swap as default
REAL_RESUME="/dev/mapper/swap"
fi
fi
fi
}
}
@ -756,7 +874,7 @@ verbose_kmsg() {
cdupdate() {
cdupdate() {
if [ "${CDROOT}" -eq '1' ]
if [ "${CDROOT}" = '1' ]
then
then
if [ -x /${NEW_ROOT}/mnt/cdrom/cdupdate.sh ]
if [ -x /${NEW_ROOT}/mnt/cdrom/cdupdate.sh ]
then
then
@ -802,7 +920,7 @@ rundebugshell() {
}
}
setup_unionfs() {
setup_unionfs() {
if [ "${USE_UNIONFS_NORMAL}" -eq '1' ]
if [ "${USE_UNIONFS_NORMAL}" = '1' ]
then
then
# Directory used for rw changes in union mount filesystem
# Directory used for rw changes in union mount filesystem
UNION=/union
UNION=/union
@ -857,6 +975,13 @@ setup_unionfs() {
fi
fi
}
}
swsusp_resume() {
### determine swap resume partition
local device=$(ls -l "${REAL_RESUME}" | sed 's/\ */ /g' | cut -d \ -f 6-7 | sed 's/,\ */:/')
[ -f /sys/power/resume ] && echo "${device}" > /sys/power/resume
return 0
}
tuxonice_resume() {
tuxonice_resume() {
[ -d /proc/suspend2 -o -d /sys/power/suspend2 -o -d /sys/power/tuxonice ] || return
[ -d /proc/suspend2 -o -d /sys/power/suspend2 -o -d /sys/power/tuxonice ] || return