improve portability, code quality, fix bugs, etc...
This commit is contained in:
illiliti
37
hooks/luks/luks
Normal file
37
hooks/luks/luks
Normal file
@ -0,0 +1,37 @@
|
||||
# vim: set ft=sh:
|
||||
#
|
||||
# handle_luks()
|
||||
{
|
||||
print "configuring LUKS"
|
||||
|
||||
[ "$hostonly" = 1 ] &&
|
||||
for _module in \
|
||||
aes ecb xts lrw wp512 sha256 \
|
||||
sha512 twofish serpent dm-crypt
|
||||
do
|
||||
copy_module "$_module"
|
||||
done
|
||||
|
||||
copy_binary cryptsetup
|
||||
|
||||
# avoid possible issues with libgcc_s.so.1
|
||||
# see https://bugs.archlinux.org/task/56771
|
||||
[ -e /lib/libgcc_s.so.1 ] && copy_library /lib/libgcc_s.so.1
|
||||
|
||||
# word splitting is safe by design
|
||||
# shellcheck disable=2086
|
||||
IFS=,; set -- $luks_opts; unset IFS
|
||||
|
||||
set -C; for opt; do case "${opt%%=*}" in
|
||||
key | header)
|
||||
cp "${opt#*=}" "${tmpdir}/root/${opt%%=*}"
|
||||
chmod 400 "${tmpdir}/root/${opt%%=*}"
|
||||
|
||||
sed "s|${opt#*=}|/root/${opt%%=*}|" \
|
||||
"${tmpdir}/etc/tinyramfs/config" > "${tmpdir}/_"
|
||||
|
||||
cp "${tmpdir}/_" "${tmpdir}/etc/tinyramfs/config"
|
||||
chmod 600 "${tmpdir}/etc/tinyramfs/config"
|
||||
rm "${tmpdir}/_"
|
||||
esac || panic; done; set +C
|
||||
}
|
||||
31
hooks/luks/luks.init
Normal file
31
hooks/luks/luks.init
Normal file
@ -0,0 +1,31 @@
|
||||
# vim: set ft=sh:
|
||||
#
|
||||
# unlock_luks()
|
||||
{
|
||||
[ "$break" = luks ] && { print "break before unlock_luks()"; sh; }
|
||||
|
||||
mkdir -p /run/cryptsetup
|
||||
|
||||
IFS=,; set -- $luks_opts; unset IFS
|
||||
|
||||
for opt; do case "$opt" in
|
||||
discard=1) luks_discard="--allow-discards" ;;
|
||||
header=*) luks_header="--${opt}" ;;
|
||||
name=*) luks_name="${opt#*=}" ;;
|
||||
root=*) luks_root="${opt#*=}" ;;
|
||||
key=*) luks_key="-d ${opt#*=}" ;;
|
||||
esac; done
|
||||
|
||||
resolve_device "$luks_root"
|
||||
|
||||
set -- \
|
||||
"$luks_key" "$luks_header" "$luks_discard" \
|
||||
"$device" "${luks_name:-crypt-${device##*/}}"
|
||||
|
||||
# libdevice-mapper assumes that udev has dm rules
|
||||
# which is not true because we use our device-helper for dm stuff
|
||||
# this variable fixes possible(?) hang
|
||||
export DM_DISABLE_UDEV=1
|
||||
|
||||
cryptsetup open $@ || panic "failed to unlock LUKS"
|
||||
}
|
||||
44
hooks/lvm/lvm
Normal file
44
hooks/lvm/lvm
Normal file
@ -0,0 +1,44 @@
|
||||
# vim: set ft=sh:
|
||||
#
|
||||
# handle_lvm()
|
||||
{
|
||||
print "configuring LVM"
|
||||
|
||||
[ "$hostonly" = 1 ] &&
|
||||
for _module in \
|
||||
dm-log dm-cache dm-mirror \
|
||||
dm-snapshot dm-multipath dm-thin-pool
|
||||
do
|
||||
copy_module "$_module"
|
||||
done
|
||||
|
||||
copy_binary lvm
|
||||
|
||||
lvm_config="
|
||||
devices {
|
||||
write_cache_state = 0
|
||||
}
|
||||
backup {
|
||||
backup = 0
|
||||
archive = 0
|
||||
}
|
||||
global {
|
||||
use_lvmetad = 0
|
||||
}"
|
||||
|
||||
# word splitting is safe by design
|
||||
# shellcheck disable=2086
|
||||
IFS=,; set -- $lvm_opts; unset IFS
|
||||
|
||||
for opt; do case "$opt" in
|
||||
config=1) embed_lvm_config=
|
||||
esac; done
|
||||
|
||||
mkdir -p "${tmpdir}/etc/lvm"
|
||||
|
||||
lvm config \
|
||||
--config "$lvm_config" \
|
||||
${embed_lvm_config+--mergedconfig} \
|
||||
> "${tmpdir}/etc/lvm/lvm.conf"
|
||||
}
|
||||
|
||||
35
hooks/lvm/lvm.init
Normal file
35
hooks/lvm/lvm.init
Normal file
@ -0,0 +1,35 @@
|
||||
# vim: set ft=sh:
|
||||
#
|
||||
# trigger_lvm()
|
||||
{
|
||||
[ "$break" = lvm ] && { print "break before trigger_lvm()"; sh; }
|
||||
|
||||
mkdir -p /run/lvm /run/lock/lvm
|
||||
|
||||
IFS=,; set -- $lvm_opts; unset IFS
|
||||
|
||||
for opt; do case "$opt" in
|
||||
discard=1) lvm_discard="--config=devices{issue_discards=1}" ;;
|
||||
config=0) : > /etc/lvm/lvm.conf ;;
|
||||
group=*) lvm_group="${opt##*=}" ;;
|
||||
name=*) lvm_name="/${opt##*=}" ;;
|
||||
tag=*) lvm_tag="@${opt##*=}" ;;
|
||||
esac; done
|
||||
|
||||
set -- "--sysinit" "-qq" "-aay" "$lvm_discard"
|
||||
|
||||
# libdevice-mapper assumes that udev have dm rules
|
||||
# which is not true because we use our device-helper for dm stuff
|
||||
# this variable fixes possible(?) hang
|
||||
export DM_DISABLE_UDEV=1
|
||||
|
||||
if [ "$lvm_group" ] && [ "$lvm_name" ]; then
|
||||
lvm lvchange $@ "${lvm_group}${lvm_name}"
|
||||
elif [ "$lvm_group" ]; then
|
||||
lvm vgchange $@ "$lvm_group"
|
||||
elif [ "$lvm_tag" ]; then
|
||||
lvm lvchange $@ "$lvm_tag"
|
||||
else
|
||||
lvm vgchange $@
|
||||
fi || panic "failed to trigger LVM"
|
||||
}
|
||||
Reference in New Issue
Block a user