X-Git-Url: http://git.grml.org/?a=blobdiff_plain;f=scripts%2Flive-helpers;h=31093563f1404c83b7b397ef1aa2292d1aba8054;hb=f12da76bfe6fa2d134788541d7c74512a3ebb17a;hp=33d2ee7307a9ef281549e03555407799687c8986;hpb=a7e59be8118df46c9f43ba05561990ce3e62a81d;p=live-boot-grml.git

diff --git a/scripts/live-helpers b/scripts/live-helpers
index 33d2ee7..3109356 100644
--- a/scripts/live-helpers
+++ b/scripts/live-helpers
@@ -46,9 +46,9 @@ storage_devices()
 	do
 		fulldevname=$(sys2dev "${sysblock}")
 
-		if echo "${black_listed_devices}" | grep -qw "${fulldevname}" || \
+		if echo "${black_listed_devices}" | grep -qe "\<${fulldevname}\>" || \
 			[ -n "${white_listed_devices}" ] && \
-			echo "${white_listed_devices}" | grep -vqw "${fulldevname}"
+			echo "${white_listed_devices}" | grep -qve "\<${fulldevname}\>"
 		then
 			# skip this device entirely
 			continue
@@ -58,7 +58,7 @@ storage_devices()
 		do
 			devname=$(sys2dev "${dev}")
 
-			if echo "${black_listed_devices}" | grep -qw "${devname}"
+			if echo "${black_listed_devices}" | grep -qe "\<${devname}\>"
 			then
 				# skip this subdevice
 				continue
@@ -311,6 +311,41 @@ try_mount ()
 	fi
 }
 
+open_luks_device ()
+{
+	dev="${1}"
+	name="$(basename ${dev})"
+	opts="--key-file=-"
+	if [ -n "${PERSISTENT_READONLY}" ]
+	then
+		opts="${opts} --readonly"
+	fi
+
+	load_keymap
+
+	while true
+	do
+		/lib/cryptsetup/askpass "Enter passphrase for ${dev}: " | \
+			/sbin/cryptsetup -T 1 luksOpen ${dev} ${name} ${opts}
+
+		if [ 0 -eq ${?} ]
+		then
+			luks_device="/dev/mapper/${name}"
+			echo ${luks_device}
+			return 0
+		fi
+
+		echo >&6
+		echo -n "There was an error decrypting ${dev} ... Retry? [Y/n] " >&6
+		read answer
+
+		if [ "$(echo "${answer}" | cut -b1 | tr A-Z a-z)" = "n" ]
+		then
+			return 2
+		fi
+	done
+}
+
 find_persistent_media ()
 {
 	# Scans devices for overlays and snapshots, and returns a whitespace
@@ -344,39 +379,23 @@ find_persistent_media ()
 		luks_device=""
 
 		# Checking for a luks device
-		if [ "${PERSISTENT_ENCRYPTION}" = "luks" ]
+		if echo ${PERSISTENT_ENCRYPTION} | grep -qe "\<luks\>" && \
+		   /sbin/cryptsetup isLuks ${dev}
 		then
-			if ! /sbin/cryptsetup isLuks ${dev}
+			if luks_device=$(open_luks_device "${dev}")
 			then
-				# skip device since we strictly want luks devices
+				dev="${luks_device}"
+			else
+				# skip $dev since we failed/chose not to open it
 				continue
 			fi
-
-			load_keymap
-
-			while true
-			do
-				/lib/cryptsetup/askpass "Enter passphrase for ${dev}: " | /sbin/cryptsetup -T 1 luksOpen ${dev} $(basename ${dev}) --key-file=-
-
-				if [ 0 -eq ${?} ]
-				then
-					luks_device="/dev/mapper/$(basename ${dev})"
-					dev="${luks_device}"
-					break
-				fi
-
-				echo >&6
-				echo -n "There was an error decrypting ${dev} ... Retry? [Y/n] " >&6
-				read answer
-
-				if [ "$(echo "${answer}" | cut -b1 | tr A-Z a-z)" = "n" ]
-				then
-					break
-				fi
-			done
+		elif echo ${PERSISTENT_ENCRYPTION} | grep -qve "\<none\>"
+		then
+			# skip $dev since we don't allow unencrypted storage
+			continue
 		fi
 
-		if echo ${PERSISTENT_STORAGE} | grep -qw filesystem
+		if echo ${PERSISTENT_STORAGE} | grep -qe "\<filesystem\>"
 		then
 			for label in ${overlays} ${snapshots}
 			do
@@ -391,7 +410,7 @@ find_persistent_media ()
 			done
 		fi
 
-		if echo ${PERSISTENT_STORAGE} | grep -qw file
+		if echo ${PERSISTENT_STORAGE} | grep -qe "\<file\>"
 		then
 			devfstype="$(get_fstype ${dev})"
 			overlay_on_dev=""