From 37da8fbf533df42e99210774e8b7b5a3a095ab59 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 23 Sep 2007 14:46:30 +0200 Subject: [PATCH] Adding casper 1.81+debian-2. --- debian/casper.init | 30 ++++++++++++++++++++---------- debian/changelog | 13 +++++++++++++ debian/manpage/casper.7 | 6 ++++++ scripts/casper | 6 ++++-- scripts/casper-helpers | 31 ++++++++++++++++++++++++++++--- 5 files changed, 71 insertions(+), 15 deletions(-) diff --git a/debian/casper.init b/debian/casper.init index 6817efd..80066d0 100644 --- a/debian/casper.init +++ b/debian/casper.init @@ -71,17 +71,27 @@ do_stop () cache_path "$path" done - eject -p -m /live_media >/dev/null 2>&1 - - # XXX - i18n - echo "Please remove the disc and close the tray (if any) then press ENTER: " - if [ -x /sbin/usplash_write ]; then - /sbin/usplash_write "TIMEOUT 86400" - /sbin/usplash_write "TEXT-URGENT Please remove the disc, close the tray (if any)" - /sbin/usplash_write "TEXT-URGENT and press ENTER to continue" - fi + for x in $(cat /proc/cmdline); do + case $x in + quickreboot) + QUICKREBOOT="Yes" + ;; + esac + done + + if [ -z ${QUICKREBOOT} ]; then + eject -p -m /live_media >/dev/null 2>&1 - read x < /dev/console + # XXX - i18n + echo "Please remove the disc and close the tray (if any) then press ENTER: " + if [ -x /sbin/usplash_write ]; then + /sbin/usplash_write "TIMEOUT 86400" + /sbin/usplash_write "TEXT-URGENT Please remove the disc, close the tray (if any)" + /sbin/usplash_write "TEXT-URGENT and press ENTER to continue" + fi + + read x < /dev/console + fi } case "$1" in diff --git a/debian/changelog b/debian/changelog index a635c4f..111ee7d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,16 @@ +casper (1.81+debian-2) unstable; urgency=low + + [ Daniel Baumann ] + * Applied patch from Sebastian Raveau to + add support for filesystem images encrypted with loop-aes. + + [ Marco Amadori ] + * Added a "quickreboot" boot parameter, that prevent casper to eject the + media, useful for remote rebooting of a casper system, thanks to + Jonathan Hall for the patch. + + -- Marco Amadori Fri, 16 Feb 2007 17:26:58 +0100 + casper (1.81+debian-1) unstable; urgency=low * New upstream release. diff --git a/debian/manpage/casper.7 b/debian/manpage/casper.7 index 8c6420a..0b14023 100644 --- a/debian/manpage/casper.7 +++ b/debian/manpage/casper.7 @@ -42,6 +42,9 @@ If this variable is set, dhcp and static configuration are just skipped and the .BI "{live-media|bootfrom}=" DEVICE If you specify one of this two equivalent forms, casper will first try to find this device for the "/casper" directory where the read-only root filesystem should reside. If it did not find something usable, the normal scan for block devices is performed. .TP +.BI "{live-media-encryption|encryption}=" TYPE +Casper will mount the encrypted rootfs TYPE, asking the passphrase, useful to build paranoid live systems :-). TYPE supported so far are "aes" for loop-aes encryption type. +.TP .BI "live-media-offset=" BYTES This way you could tell casper that your image starts at offset BYTES in the above specified or autodiscovered device, this could be useful to hide the debian-live iso or image inside another iso or image, to create "clean" images. .TP @@ -63,6 +66,9 @@ Casper will look for persistent and snapshot partitions or files labeled "casper .B nopersistent disables the above mentioned "persistent" feature, useful if the bootloader (like syslinux) has been installed with persistent enabled. .TP +.B quickreboot +This option causes casper to reboot without attempting to eject the media and without asking the user to remove the boot media. +.TP .B "showmounts" This parameter will make casper to show on "/" the ro filesystems (mostly compressed) on /casper. This is not enabled by default because could lead to problems by applications like "mono" which store binary paths on installation. .TP diff --git a/scripts/casper b/scripts/casper index 4d6c1a5..545942e 100644 --- a/scripts/casper +++ b/scripts/casper @@ -71,6 +71,8 @@ parse_cmdline () export CASPERGETTY=1 ;; bootfrom=*|live-media=*) export LIVEMEDIA=${x#*=} ;; + live-media-encryption=*|encryption=*) + export LIVEMEDIA_ENCRYPTION=${x#*=} ;; live-media-timeout=*) export LIVEMEDIA_TIMEOUT=${x#live-media-timeout=} ;; live-media-offset=*) @@ -132,7 +134,7 @@ is_casper_path() { get_backing_device() { case "$1" in *.squashfs|*.ext2) - echo $(setup_loop "$1" "loop" "/sys/block/loop*") + echo $(setup_loop "$1" "loop" "/sys/block/loop*" '0' "${LIVEMEDIA_ENCRYPTION}") ;; *.dir) echo "directory" @@ -509,7 +511,7 @@ check_dev () fi if [ -n "${LIVEMEDIA_OFFSET}" ]; then - loopdevname=$(setup_loop "${devname}" "loop" "/sys/block/loop*" "${LIVEMEDIA_OFFSET}") + loopdevname=$(setup_loop "${devname}" "loop" "/sys/block/loop*" "${LIVEMEDIA_OFFSET}" '') devname="${loopdevname}" fi diff --git a/scripts/casper-helpers b/scripts/casper-helpers index 8402d93..17f7d62 100644 --- a/scripts/casper-helpers +++ b/scripts/casper-helpers @@ -113,6 +113,7 @@ setup_loop() { local module=$2 local pattern=$3 local offset=$4 + local encryption=$5 modprobe ${MP_QUIET} -b "$module" udevsettle @@ -120,10 +121,34 @@ setup_loop() { for loopdev in $pattern; do if [ "$(cat $loopdev/size)" -eq 0 ]; then dev=$(sys2dev "${loopdev}") - if [ -n "$offset" ]; then - losetup -o "$offset" "$dev" "$fspath" + options='' + if [ 0 -lt "${offset}" ]; then + options="${options} -o ${offset}" + fi + if [ -z "${encryption}" ]; then + losetup ${options} "${dev}" "${fspath}" else - losetup "$dev" "$fspath" + # Loop AES encryption + while true; do + echo -n "Enter passphrase for ${fspath}: " >&6 + read -s passphrase + echo "${passphrase}" > /tmp/passphrase + exec 9&6 + read answer + if [ 'no' = "${answer}" ]; then + unset answer + break + fi + done fi echo "$dev" return 0 -- 2.1.4