[arch-commits] Commit in cryptsetup/trunk (PKGBUILD encrypt_hook encrypt_install)
Date: Friday, May 25, 2012 @ 19:48:44 Author: dreisner Revision: 159619 upgpkg: cryptsetup 1.4.2-1 - update install hook for mkinitcpio 0.9.0 (FS#29992) - add support for UUID cryptkey and cryptdevice (FS#24700) Modified: cryptsetup/trunk/PKGBUILD cryptsetup/trunk/encrypt_hook cryptsetup/trunk/encrypt_install -+ PKGBUILD|4 ++-- encrypt_hook| 17 + encrypt_install | 17 +++-- 3 files changed, 22 insertions(+), 16 deletions(-) Modified: PKGBUILD === --- PKGBUILD2012-05-25 23:31:16 UTC (rev 159618) +++ PKGBUILD2012-05-25 23:48:44 UTC (rev 159619) @@ -17,8 +17,8 @@ encrypt_install) sha256sums=('1fe80d7b19d24b3f65d2e446decfed859e2c4d17fdf7c19289d82dc7cd60dfe7' '4e6dbece8d1baad861479aca70d0cf30887420da9b5eab45d65d064c656893ed' -'e4c00e2da274bf4cab3f72a0de779790a11a946d36b83144e74d3791e230b262' -'cba1dc38ff6cc4d3740d0badfb2b151bb03d19e8e9fa497569ac2fb6f4196e0e') +'e0cbcabb81233b4d465833dca0faf1e762dc3cb6611597a25fe24e5d7209f316' +'cfe465bdad3d958bb2332a05e04f2e1e884422a5714dfd1a0a3b9b74bf7dc6ae') build() { cd ${srcdir}/$pkgname-${pkgver} Modified: encrypt_hook === --- encrypt_hook2012-05-25 23:31:16 UTC (rev 159618) +++ encrypt_hook2012-05-25 23:48:44 UTC (rev 159619) @@ -10,20 +10,21 @@ IFS=: read ckdev ckarg1 ckarg2 EOF $cryptkey EOF -if poll_device ${ckdev} ${rootdelay}; then + +if resolved=$(resolve_device ${ckdev} ${rootdelay}); then case ${ckarg1} in *[!0-9]*) # Use a file on the device # ckarg1 is not numeric: ckarg1=filesystem, ckarg2=path mkdir /ckey -mount -r -t $ckarg1 $ckdev /ckey +mount -r -t $ckarg1 $resolved /ckey dd if=/ckey/$ckarg2 of=$ckeyfile /dev/null 21 umount /ckey ;; *) # Read raw data from the block device # ckarg1 is numeric: ckarg1=offset, ckarg2=length -dd if=$ckdev of=$ckeyfile bs=1 skip=$ckarg1 count=$ckarg2 /dev/null 21 +dd if=$resolved of=$ckeyfile bs=1 skip=$ckarg1 count=$ckarg2 /dev/null 21 ;; esac fi @@ -58,13 +59,13 @@ esac done -if poll_device ${cryptdev} ${rootdelay}; then -if cryptsetup isLuks ${cryptdev} /dev/null 21; then +if resolved=$(resolve_device ${cryptdev} ${rootdelay}); then +if cryptsetup isLuks ${resolved} /dev/null 21; then [ ${DEPRECATED_CRYPT} -eq 1 ] warn_deprecated dopassphrase=1 # If keyfile exists, try to use that if [ -f ${ckeyfile} ]; then -if eval cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${cryptargs} ${CSQUIET}; then +if eval cryptsetup --key-file ${ckeyfile} luksOpen ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; then dopassphrase=0 else echo Invalid keyfile. Reverting to passphrase. @@ -76,7 +77,7 @@ echo A password is required to access the ${cryptname} volume: #loop until we get a real password -while ! eval cryptsetup luksOpen ${cryptdev} ${cryptname} ${cryptargs} ${CSQUIET}; do +while ! eval cryptsetup luksOpen ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; do sleep 2; done fi @@ -96,7 +97,7 @@ err Non-LUKS decryption not attempted... return 1 fi -exe=cryptsetup create $cryptname $cryptdev $cryptargs +exe=cryptsetup create $cryptname $resolved $cryptargs IFS=: read c_hash c_cipher c_keysize c_offset c_skip EOF $crypto EOF Modified: encrypt_install === --- encrypt_install 2012-05-25 23:31:16 UTC (rev 159618) +++ encrypt_install 2012-05-25 23:48:44 UTC (rev 159619) @@ -1,13 +1,16 @@ #!/bin/bash build() { -if [ -z ${CRYPTO_MODULES} ]; then -MODULES= dm-crypt $(all_modules /crypto/) +local mod + +add_module dm-crypt +if [[ $CRYPTO_MODULES ]]; then +for mod in $CRYPTO_MODULES; do +add_module $mod +done else -MODULES= dm-crypt $CRYPTO_MODULES +add_all_modules '/crypto/' fi -FILES= -SCRIPT=encrypt add_binary cryptsetup add_binary dmsetup @@ -15,10 +18,12 @@ add_file /usr/lib/udev/rules.d/13-dm-disk.rules add_file /usr/lib/udev/rules.d/95-dm-notify.rules add_file
[arch-commits] Commit in cryptsetup/trunk (PKGBUILD encrypt_hook encrypt_install)
Date: Sunday, May 13, 2012 @ 09:45:33 Author: thomas Revision: 158937 upgpkg: cryptsetup 1.4.2-1 - upstream update - move cryptsetup to /usr - fix typo in the mkinitcpio hook help Modified: cryptsetup/trunk/PKGBUILD cryptsetup/trunk/encrypt_hook cryptsetup/trunk/encrypt_install -+ PKGBUILD| 15 --- encrypt_hook| 10 +- encrypt_install |2 +- 3 files changed, 14 insertions(+), 13 deletions(-) Modified: PKGBUILD === --- PKGBUILD2012-05-13 13:26:46 UTC (rev 158936) +++ PKGBUILD2012-05-13 13:45:33 UTC (rev 158937) @@ -1,8 +1,8 @@ # $Id$ # Maintainer: Thomas Bächler tho...@archlinux.org pkgname=cryptsetup -pkgver=1.4.1 -pkgrel=3 +pkgver=1.4.2 +pkgrel=1 pkgdesc=Userspace setup tool for transparent encryption of block devices using dm-crypt arch=(i686 x86_64) license=('GPL') @@ -15,13 +15,14 @@ http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2.asc encrypt_hook encrypt_install) -sha256sums=('82b143328c2b427ef2b89fb76c701d311c95b54093c21bbf22342f7b393bddcb' -'71c6506d4b6d0b22b9b6c2a68e604959e4c072af04680ed6acc0126c97bdbc88' -'811bbea1337106ad811731c746d73ee81039bad00aef52398e3a377ad0766757' -'ddbbdcb8eff93a3a7622ec633e90d5c0d68e3afbeaf942dc2309adab345047d4') +sha256sums=('1fe80d7b19d24b3f65d2e446decfed859e2c4d17fdf7c19289d82dc7cd60dfe7' +'4e6dbece8d1baad861479aca70d0cf30887420da9b5eab45d65d064c656893ed' +'e4c00e2da274bf4cab3f72a0de779790a11a946d36b83144e74d3791e230b262' +'cba1dc38ff6cc4d3740d0badfb2b151bb03d19e8e9fa497569ac2fb6f4196e0e') + build() { cd ${srcdir}/$pkgname-${pkgver} - ./configure --prefix=/usr --disable-static --sbindir=/sbin + ./configure --prefix=/usr --disable-static make } Modified: encrypt_hook === --- encrypt_hook2012-05-13 13:26:46 UTC (rev 158936) +++ encrypt_hook2012-05-13 13:45:33 UTC (rev 158937) @@ -1,7 +1,7 @@ #!/usr/bin/ash run_hook() { -/sbin/modprobe -a -q dm-crypt /dev/null 21 +modprobe -a -q dm-crypt /dev/null 21 [ ${quiet} = y ] CSQUIET=/dev/null # Get keyfile if specified @@ -59,12 +59,12 @@ done if poll_device ${cryptdev} ${rootdelay}; then -if /sbin/cryptsetup isLuks ${cryptdev} /dev/null 21; then +if cryptsetup isLuks ${cryptdev} /dev/null 21; then [ ${DEPRECATED_CRYPT} -eq 1 ] warn_deprecated dopassphrase=1 # If keyfile exists, try to use that if [ -f ${ckeyfile} ]; then -if eval /sbin/cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${cryptargs} ${CSQUIET}; then +if eval cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${cryptargs} ${CSQUIET}; then dopassphrase=0 else echo Invalid keyfile. Reverting to passphrase. @@ -76,7 +76,7 @@ echo A password is required to access the ${cryptname} volume: #loop until we get a real password -while ! eval /sbin/cryptsetup luksOpen ${cryptdev} ${cryptname} ${cryptargs} ${CSQUIET}; do +while ! eval cryptsetup luksOpen ${cryptdev} ${cryptname} ${cryptargs} ${CSQUIET}; do sleep 2; done fi @@ -96,7 +96,7 @@ err Non-LUKS decryption not attempted... return 1 fi -exe=/sbin/cryptsetup create $cryptname $cryptdev $cryptargs +exe=cryptsetup create $cryptname $cryptdev $cryptargs IFS=: read c_hash c_cipher c_keysize c_offset c_skip EOF $crypto EOF Modified: encrypt_install === --- encrypt_install 2012-05-13 13:26:46 UTC (rev 158936) +++ encrypt_install 2012-05-13 13:45:33 UTC (rev 158937) @@ -22,7 +22,7 @@ This hook allows for an encrypted root device. Users should specify the device to be unlocked using 'cryptdevice=device:dmname' on the kernel command line, where 'device' is the path to the raw device, and 'dmname' is the name given to -the device after unlocking, and will be available as /dev/mapper/lvname. +the device after unlocking, and will be available as /dev/mapper/dmname. For unlocking via keyfile, 'cryptkey=device:fstype:path' should be specified on the kernel cmdline, where 'device' represents the raw block device where the key
[arch-commits] Commit in cryptsetup/trunk (PKGBUILD encrypt_hook encrypt_install)
Date: Thursday, June 30, 2011 @ 13:57:50 Author: thomas Revision: 129976 cryptsetup: Adjust mkinitcpio hook for mkinitcpio 0.7 Modified: cryptsetup/trunk/PKGBUILD cryptsetup/trunk/encrypt_hook cryptsetup/trunk/encrypt_install -+ PKGBUILD|8 encrypt_hook|3 ++- encrypt_install |3 +-- 3 files changed, 7 insertions(+), 7 deletions(-) Modified: PKGBUILD === --- PKGBUILD2011-06-30 17:54:05 UTC (rev 129975) +++ PKGBUILD2011-06-30 17:57:50 UTC (rev 129976) @@ -2,21 +2,21 @@ # Maintainer: Thomas Bächler tho...@archlinux.org pkgname=cryptsetup pkgver=1.3.1 -pkgrel=1 +pkgrel=2 pkgdesc=Userspace setup tool for transparent encryption of block devices using the Linux 2.6 cryptoapi arch=(i686 x86_64) license=('GPL') url=http://code.google.com/p/cryptsetup/; groups=('base') depends=('device-mapper=2.02.85-2' 'libgcrypt' 'popt') -conflicts=('mkinitcpio0.5.99') +conflicts=('mkinitcpio0.7') options=('!libtool' '!emptydirs') source=(http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2 encrypt_hook encrypt_install) sha256sums=('7ceb18a0c91fa1546077b41b93463dd2ec9d7f83e6fd93757fb84cc608206a6a' -'64601eae6fbf3e3afceccec5877557aa208a82497c33cc94ad0a686b4022b5dc' -'07918fc349b3a7c4a73e8ad1cc3d97a2a79ebc7655090ab9ebb00b1e092c85aa') +'b8269d358363eb8d67d1ffa1469068e454a89154636283bcc3edc6486b7fff4e' +'d4380195351b70abf8fcb3cd19461879c55a7a07e4915d1f0365b295b112a573') build() { cd $srcdir/$pkgname-${pkgver} Modified: encrypt_hook === --- encrypt_hook2011-06-30 17:54:05 UTC (rev 129975) +++ encrypt_hook2011-06-30 17:57:50 UTC (rev 129976) @@ -6,7 +6,8 @@ /sbin/modprobe -a -q dm-crypt /dev/null 21 if [ -e /sys/class/misc/device-mapper ]; then if [ ! -e /dev/mapper/control ]; then -/bin/mknod /dev/mapper/control c $(cat /sys/class/misc/device-mapper/dev | sed 's|:| |') +mkdir /dev/mapper +mknod /dev/mapper/control c $(cat /sys/class/misc/device-mapper/dev | sed 's|:| |') fi [ ${quiet} = y ] CSQUIET=/dev/null Modified: encrypt_install === --- encrypt_install 2011-06-30 17:54:05 UTC (rev 129975) +++ encrypt_install 2011-06-30 17:57:50 UTC (rev 129976) @@ -1,6 +1,6 @@ # vim: set ft=sh: -install () +build() { if [ -z ${CRYPTO_MODULES} ]; then MODULES= dm-crypt $(all_modules /crypto/) @@ -9,7 +9,6 @@ fi FILES= SCRIPT=encrypt -add_dir /dev/mapper [ -f /sbin/cryptsetup ] add_binary /sbin/cryptsetup /sbin/cryptsetup [ -f /usr/sbin/cryptsetup ] add_binary /usr/sbin/cryptsetup /sbin/cryptsetup add_binary /sbin/dmsetup
[arch-commits] Commit in cryptsetup/trunk (PKGBUILD encrypt_hook encrypt_install)
Date: Friday, February 5, 2010 @ 17:53:48 Author: thomas Revision: 67245 Prepare for mkinitcpio 0.6 Modified: cryptsetup/trunk/PKGBUILD cryptsetup/trunk/encrypt_hook cryptsetup/trunk/encrypt_install -+ PKGBUILD| 12 - encrypt_hook| 70 +++--- encrypt_install | 10 +-- 3 files changed, 49 insertions(+), 43 deletions(-) Modified: PKGBUILD === --- PKGBUILD2010-02-05 22:51:54 UTC (rev 67244) +++ PKGBUILD2010-02-05 22:53:48 UTC (rev 67245) @@ -2,24 +2,24 @@ # Maintainer: Thomas Bächler tho...@archlinux.org pkgname=cryptsetup pkgver=1.1.0 -pkgrel=1 +pkgrel=2 pkgdesc=Userspace setup tool for transparent encryption of block devices using the Linux 2.6 cryptoapi arch=(i686 x86_64) license=('GPL') url=http://code.google.com/p/cryptsetup/; groups=('base') depends=('device-mapper' 'libgcrypt' 'popt' 'e2fsprogs') -conflicts=('mkinitcpio0.5.24.99') +conflicts=('mkinitcpio0.5.99') options=('!libtool' '!emptydirs') source=(http://cryptsetup.googlecode.com/files/${pkgname}-${pkgver}.tar.bz2 encrypt_hook encrypt_install) sha256sums=('b343fa6bf3c48b633e68da25e44aebd6a32a3dc21c10604acd6faa04e41f58f3' -'b2a8ee13156b7962b48186c97080421336fd3b9641a7711b89bcc49ab73dc62a' -'fa76c48065e26109592431867f468721c360d481dcb0bdc0adc49e750171faa2') +'64601eae6fbf3e3afceccec5877557aa208a82497c33cc94ad0a686b4022b5dc' +'8e4920bb4b5ce96508aa0c42b9b07326b70daf630519f1aa1d8082bca709c12a') md5sums=('8177f1833f4d6aaacc5812046d2010b6' - '6bdb1b83539453d403335aed1a579a5c' - '24b76e9cb938bc3c8dcff396cbab28c7') + '1b25c0aca2cfd0306dd70de1888cb5b8' + '69af34d82690ce8204ce2d249c24be7a') build() { cd $srcdir/$pkgname-${pkgver} Modified: encrypt_hook === --- encrypt_hook2010-02-05 22:51:54 UTC (rev 67244) +++ encrypt_hook2010-02-05 22:53:48 UTC (rev 67245) @@ -5,16 +5,17 @@ { /sbin/modprobe -a -q dm-crypt /dev/null 21 if [ -e /sys/class/misc/device-mapper ]; then -if [ ! -c /dev/mapper/control ]; then -read dev_t /sys/class/misc/device-mapper/dev -/bin/mknod /dev/mapper/control c $(/bin/replace ${dev_t} ':') +if [ ! -e /dev/mapper/control ]; then +/bin/mknod /dev/mapper/control c $(cat /sys/class/misc/device-mapper/dev | sed 's|:| |') fi [ ${quiet} = y ] CSQUIET=/dev/null # Get keyfile if specified ckeyfile=/crypto_keyfile.bin if [ x${cryptkey} != x ]; then -set -- $(/bin/replace ${cryptkey} ':'); ckdev=$1; ckarg1=$2; ckarg2=$3 +ckdev=$(echo ${cryptkey} | cut -d: -f1) +ckarg1=$(echo ${cryptkey} | cut -d: -f2) +ckarg2=$(echo ${cryptkey} | cut -d: -f3) if poll_device ${ckdev} ${rootdelay}; then case ${ckarg1} in *[!0-9]*) @@ -37,7 +38,8 @@ if [ -n ${cryptdevice} ]; then DEPRECATED_CRYPT=0 -set -- $(/bin/replace ${cryptdevice} ':'); cryptdev=$1; cryptname=$2; +cryptdev=$(echo ${cryptdevice} | cut -d: -f1) +cryptname=$(echo ${cryptdevice} | cut -d: -f2) else DEPRECATED_CRYPT=1 cryptdev=${root} @@ -50,12 +52,12 @@ } if poll_device ${cryptdev} ${rootdelay}; then -if /bin/cryptsetup isLuks ${cryptdev} /dev/null 21; then +if /sbin/cryptsetup isLuks ${cryptdev} /dev/null 21; then [ ${DEPRECATED_CRYPT} -eq 1 ] warn_deprecated dopassphrase=1 # If keyfile exists, try to use that if [ -f ${ckeyfile} ]; then -if eval /bin/cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; then +if eval /sbin/cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; then dopassphrase=0 else echo Invalid keyfile. Reverting to passphrase. @@ -67,7 +69,7 @@ echo A password is required to access the ${cryptname} volume: #loop until we get a real password -while ! eval /bin/cryptsetup luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; do +while ! eval /sbin/cryptsetup luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; do sleep 2; done fi @@ -79,33 +81,33 @@ err Password succeeded, but ${cryptname} creation failed, aborting... exit 1 fi -elif [ x${crypto} != x ]; then +elif [ -n ${crypto} ]; then [