From d8a3e16c701778a2774b54eb238a43b0e51719c5 Mon Sep 17 00:00:00 2001 From: Miloslav Trmac Date: Thu, 1 Jun 2006 02:41:11 +0000 Subject: Add encrypted swap and non-root filesystem support (#127378, based on a patch by W. Michael Petullo and Debian's cryptsetup package) --- rc.d/init.d/halt | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) (limited to 'rc.d/init.d/halt') diff --git a/rc.d/init.d/halt b/rc.d/init.d/halt index 60485da7..e0d269f8 100755 --- a/rc.d/init.d/halt +++ b/rc.d/init.d/halt @@ -22,6 +22,21 @@ action() { echo } +halt_crypto() { + fnval=0 + while read dst src key; do + [ -z "$dst" -o "${dst#\#}" != "$dst" ] && continue + if [ -b "/dev/mapper/$dst" ]; then + if /sbin/dmsetup info "$dst" | grep -q '^Open count: *0$'; then + /sbin/cryptsetup remove "$dst" + else + fnval=1 + fi + fi + done < /etc/crypttab + return $fnval +} + # See how we were called. case "$0" in *halt) @@ -120,7 +135,19 @@ tmpfs=$(awk '$2 ~ /^\/($|proc|dev)/ { next; } # Turn off swap, then unmount file systems. [ -f /proc/swaps ] && SWAPS=`awk '! /^Filename/ { print $1 }' /proc/swaps` -[ -n "$SWAPS" ] && action $"Turning off swap: " swapoff $SWAPS +if [ -n "$SWAPS" ]; then + action $"Turning off swap: " swapoff $SWAPS + for dst in $SWAPS; do + if [[ "$dst" =~ "^/dev/mapper" ]] \ + && [ "$(dmsetup status "$dst" | cut -d ' ' -f 3)" = crypt ]; then + backdev=$(/sbin/cryptsetup status "$dst" \ + | awk '$1 == "device:" { print $2 }') + /sbin/cryptsetup remove "$dst" + # Leave partition with a blank plain-text swap + mkswap "$backdev" > /dev/null + fi + done +fi [ -x /sbin/quotaoff ] && action $"Turning off quotas: " /sbin/quotaoff -aug @@ -145,6 +172,9 @@ LANG=C __umount_loop '$2 ~ /^\/$|^\/proc|^\/dev/{next} [ -f /proc/bus/usb/devices ] && umount /proc/bus/usb +[ -f /etc/crypttab ] && \ + LANG=C action $"Stopping disk encryption: " halt_crypto + # remove the crash indicator flag rm -f /.autofsck -- cgit v1.2.1