do
fulldevname=$(sys2dev "${sysblock}")
- if echo "${black_listed_devices}" | grep -qw "${fulldevname}" || \
+ if echo "${black_listed_devices}" | grep -qe "\<${fulldevname}\>" || \
[ -n "${white_listed_devices}" ] && \
- echo "${white_listed_devices}" | grep -vqw "${fulldevname}"
+ echo "${white_listed_devices}" | grep -qve "\<${fulldevname}\>"
then
# skip this device entirely
continue
do
devname=$(sys2dev "${dev}")
- if echo "${black_listed_devices}" | grep -qw "${devname}"
+ if echo "${black_listed_devices}" | grep -qe "\<${devname}\>"
then
# skip this subdevice
continue
fi
fi
- if [ 0 -lt "${offset}" ]
+ if [ -n "${offset}" ] && [ 0 -lt "${offset}" ]
then
options="${options} -o ${offset}"
fi
fi
}
+open_luks_device ()
+{
+ dev="${1}"
+ name="$(basename ${dev})"
+ opts="--key-file=-"
+ if [ -n "${PERSISTENT_READONLY}" ]
+ then
+ opts="${opts} --readonly"
+ fi
+
+ load_keymap
+
+ while true
+ do
+ /lib/cryptsetup/askpass "Enter passphrase for ${dev}: " | \
+ /sbin/cryptsetup -T 1 luksOpen ${dev} ${name} ${opts}
+
+ if [ 0 -eq ${?} ]
+ then
+ luks_device="/dev/mapper/${name}"
+ echo ${luks_device}
+ return 0
+ fi
+
+ echo >&6
+ echo -n "There was an error decrypting ${dev} ... Retry? [Y/n] " >&6
+ read answer
+
+ if [ "$(echo "${answer}" | cut -b1 | tr A-Z a-z)" = "n" ]
+ then
+ return 2
+ fi
+ done
+}
+
find_persistent_media ()
{
# Scans devices for overlays and snapshots, and returns a whitespace
luks_device=""
# Checking for a luks device
- if [ "${PERSISTENT_ENCRYPTION}" = "luks" ] && [ -e /sbin/cryptsetup ]
+ if echo ${PERSISTENT_ENCRYPTION} | grep -qe "\<luks\>" && \
+ /sbin/cryptsetup isLuks ${dev}
then
- if ! modprobe dm-crypt
+ if luks_device=$(open_luks_device "${dev}")
then
- log_warning_msg "Unable to load module dm-crypt"
- continue
- fi
-
- if [ ! -x /lib/cryptsetup/askpass ] || [ ! -x /sbin/cryptsetup ]
- then
- log_warning_msg "cryptsetup in unavailable"
- continue
- fi
-
- if ! /sbin/cryptsetup isLuks ${dev}
- then
- # skip device since we strictly want luks devices
+ dev="${luks_device}"
+ else
+ # skip $dev since we failed/chose not to open it
continue
fi
-
- load_keymap
-
- while true
- do
- /lib/cryptsetup/askpass "Enter passphrase for ${dev}: " | /sbin/cryptsetup -T 1 luksOpen ${dev} $(basename ${dev}) --key-file=-
-
- if [ 0 -eq ${?} ]
- then
- luks_device="/dev/mapper/$(basename ${dev})"
- dev="${luks_device}"
- break
- fi
-
- echo >&6
- echo -n "There was an error decrypting ${dev} ... Retry? [Y/n] " >&6
- read answer
-
- if [ "$(echo "${answer}" | cut -b1 | tr A-Z a-z)" = "n" ]
- then
- break
- fi
- done
+ elif echo ${PERSISTENT_ENCRYPTION} | grep -qve "\<none\>"
+ then
+ # skip $dev since we don't allow unencrypted storage
+ continue
fi
- if echo ${PERSISTENT_STORAGE} | grep -qw filesystem
+ if echo ${PERSISTENT_STORAGE} | grep -qe "\<filesystem\>"
then
for label in ${overlays} ${snapshots}
do
done
fi
- if echo ${PERSISTENT_STORAGE} | grep -qw file
+ if echo ${PERSISTENT_STORAGE} | grep -qe "\<file\>"
then
devfstype="$(get_fstype ${dev})"
overlay_on_dev=""
echo "${ret}"
}
+
+link_files ()
+{
+ # create source's directory structure in dest, and recursively
+ # create symlinks in dest to to all files in source. if mask
+ # is non-empty, remove mask from all source paths when
+ # creating links (will be necessary if we change root, which
+ # live-boot normally does (into $rootmnt)).
+
+ # remove multiple /:s and ensure ending on /
+ local src_dir="$(echo "${1}"/ | sed -e 's|/\+|/|g')"
+ local dest_dir="$(echo "${2}"/ | sed -e 's|/\+|/|g')"
+ local src_mask="${3}"
+
+ # This check can only trigger on the inital, non-recursive call since
+ # we create the destination before recursive calls
+ if [ ! -d "${dest_dir}" ];
+ then
+ log_warning_msg "Must link_files into a directory"
+ return
+ fi
+
+ find "${src_dir}" -mindepth 1 -maxdepth 1 | while read x; do
+ local src="${x}"
+ local dest="${dest_dir}$(basename "${x}")"
+ if [ -d "${src}" ];
+ then
+ if [ -z "$(ls -A "${src}")" ];
+ then
+ continue
+ fi
+ if [ ! -d "${dest}" ];
+ then
+ mkdir -p "${dest}"
+ prev="$(dirname "${dest}")"
+ chown $(stat -c %u:%g "${prev}") "${dest}"
+ chmod $(stat -c %a "${prev}") "${dest}"
+ fi
+ link_files "${src}" "${dest}" "${src_mask}"
+ else
+ if [ -n "${src_mask}" ];
+ then
+ src="$(echo ${src} | sed "s|^${src_mask}||")"
+ fi
+ rm -rf "${dest}" 2> /dev/null
+ ln -s "${src}" "${dest}"
+ fi
+ done
+}
+
+do_union () {
+ local unionmountpoint="${1}" # directory where the union is mounted
+ local unionrw="${2}" # branch where the union changes are stored
+ local unionro1="${3}" # first underlying read-only branch (optional)
+ local unionro2="${4}" # second underlying read-only branch (optional)
+
+ if [ "${UNIONTYPE}" = "aufs" ]
+ then
+ rw_opt="rw"
+ ro_opt="rr+wh"
+ noxino_opt="noxino"
+ elif [ "${UNIONTYPE}" = "unionfs-fuse" ]
+ then
+ rw_opt="RW"
+ ro_opt="RO"
+ else
+ rw_opt="rw"
+ ro_opt="ro"
+ fi
+
+ case "${UNIONTYPE}" in
+ unionfs-fuse)
+ unionmountopts="-o cow -o noinitgroups -o default_permissions -o allow_other -o use_ino -o suid"
+ unionmountopts="${unionmountopts} ${unionrw}=${rw_opt}"
+ if [ -n "${unionro1}" ]
+ then
+ unionmountopts="${unionmountopts}:${unionro1}=${ro_opt}"
+ fi
+ if [ -n "${unionro2}" ]
+ then
+ unionmountopts="${unionmountopts}:${unionro2}=${ro_opt}"
+ fi
+ ( sysctl -w fs.file-max=391524 ; ulimit -HSn 16384
+ unionfs-fuse ${unionmountopts} "${unionmountpoint}" ) && \
+ ( mkdir -p /run/sendsigs.omit.d
+ pidof unionfs-fuse >> /run/sendsigs.omit.d/unionfs-fuse || true )
+ ;;
+
+ overlayfs)
+ # XXX: can unionro2 be used? (overlayfs only handles two dirs, but perhaps they can be chained?)
+ # XXX: and can unionro1 be optional? i.e. can overlayfs skip lowerdir?
+ unionmountopts="-o noatime,lowerdir=${unionro1},upperdir=${unionrw}"
+ mount -t ${UNIONTYPE} ${unionmountopts} ${UNIONTYPE} "${unionmountpoint}"
+ ;;
+
+ *)
+ unionmountopts="-o noatime,${noxino_opt},dirs=${unionrw}=${rw_opt}"
+ if [ -n "${unionro1}" ]
+ then
+ unionmountopts="${unionmountopts}:${unionro1}=${ro_opt}"
+ fi
+ if [ -n "${unionro2}" ]
+ then
+ unionmountopts="${unionmountopts}:${unionro2}=${ro_opt}"
+ fi
+ mount -t ${UNIONTYPE} ${unionmountopts} ${UNIONTYPE} "${unionmountpoint}"
+ ;;
+ esac
+}
projects / live-boot-grml.git / blobdiff