aboutsummaryrefslogtreecommitdiffstats
path: root/rc.d/init.d
diff options
context:
space:
mode:
Diffstat (limited to 'rc.d/init.d')
-rw-r--r--rc.d/init.d/functions180
1 files changed, 0 insertions, 180 deletions
diff --git a/rc.d/init.d/functions b/rc.d/init.d/functions
index 24447249..3e8b5ae0 100644
--- a/rc.d/init.d/functions
+++ b/rc.d/init.d/functions
@@ -552,17 +552,6 @@ confirm() {
done
}
-# resolve a device node to its major:minor numbers in decimal or hex
-get_numeric_dev() {
-(
- fmt="%d:%d"
- if [ "$1" = "hex" ]; then
- fmt="%x:%x"
- fi
- ls -lH "$2" | awk '{ sub(/,/, "", $5); printf("'"$fmt"'", $5, $6); }'
-) 2>/dev/null
-}
-
# Check whether file $1 is a backup or rpm-generated file and should be ignored
is_ignored_file() {
case "$1" in
@@ -617,175 +606,6 @@ apply_sysctl() {
fi
}
-key_is_random() {
- [ "$1" = "/dev/urandom" -o "$1" = "/dev/hw_random" \
- -o "$1" = "/dev/random" ]
-}
-
-find_crypto_mount_point() {
- local fs_spec fs_file fs_vfstype remaining_fields
- local fs
- while read fs_spec fs_file remaining_fields; do
- if [ "$fs_spec" = "/dev/mapper/$1" ]; then
- echo $fs_file
- break;
- fi
- done < /etc/fstab
-}
-
-# Because of a chicken/egg problem, init_crypto must be run twice. /var may be
-# encrypted but /var/lib/random-seed is needed to initialize swap.
-init_crypto() {
- local have_random dst src key opt lsl owner params makeswap skip arg opt
- local param value rc ret mke2fs mdir prompt mount_point
-
- ret=0
- have_random=$1
- while read dst src key opt; do
- [ -z "$dst" -o "${dst#\#}" != "$dst" ] && continue
- [ -b "/dev/mapper/$dst" ] && continue;
- if [ "$have_random" = 0 ] && key_is_random "$key"; then
- continue
- fi
- if [ -n "$key" -a "x$key" != "xnone" ]; then
- if test -e "$key" ; then
- owner=$(ls -l $key | (read a b owner rest; echo $owner))
- if ! key_is_random "$key"; then
- lsl=$(ls -l "$key")
- if [ "${lsl:4:6}" != "------" ]; then
- echo $"INSECURE MODE FOR $key"
- fi
- fi
- if [ "$owner" != root ]; then
- echo $"INSECURE OWNER FOR $key"
- fi
- else
- echo $"Key file for $dst not found, skipping"
- ret=1
- continue
- fi
- else
- key=""
- fi
- params=""
- makeswap=""
- mke2fs=""
- skip=""
- # Parse the src field for UUID= and convert to real device names
- if [ "${src%%=*}" == "UUID" ]; then
- src=$(/sbin/blkid -t "$src" -l -o device)
- elif [ "${src/^\/dev\/disk\/by-uuid\/}" != "$src" ]; then
- src=$(__readlink $src)
- fi
- # Is it a block device?
- [ -b "$src" ] || continue
- # Is it already a device mapper slave? (this is gross)
- devesc=${src##/dev/}
- devesc=${devesc//\//!}
- for d in /sys/block/dm-*/slaves ; do
- [ -e $d/$devesc ] && continue 2
- done
- # Parse the options field, convert to cryptsetup parameters and
- # contruct the command line
- while [ -n "$opt" ]; do
- arg=${opt%%,*}
- opt=${opt##$arg}
- opt=${opt##,}
- param=${arg%%=*}
- value=${arg##$param=}
-
- case "$param" in
- cipher)
- params="$params -c $value"
- if [ -z "$value" ]; then
- echo $"$dst: no value for cipher option, skipping"
- skip="yes"
- fi
- ;;
- size)
- params="$params -s $value"
- if [ -z "$value" ]; then
- echo $"$dst: no value for size option, skipping"
- skip="yes"
- fi
- ;;
- hash)
- params="$params -h $value"
- if [ -z "$value" ]; then
- echo $"$dst: no value for hash option, skipping"
- skip="yes"
- fi
- ;;
- noauto)
- skip="yes"
- ;;
- verify)
- params="$params -y"
- ;;
- swap)
- makeswap=yes
- ;;
- tmp)
- mke2fs=yes
- esac
- done
- if [ "$skip" = "yes" ]; then
- ret=1
- continue
- fi
- if [ -z "$makeswap" ] && cryptsetup isLuks "$src" 2>/dev/null ; then
- if key_is_random "$key"; then
- echo $"$dst: LUKS requires non-random key, skipping"
- ret=1
- continue
- fi
- if [ -n "$params" ]; then
- echo "$dst: options are invalid for LUKS partitions," \
- "ignoring them"
- fi
- if [ -n "$key" ]; then
- /sbin/cryptsetup -d $key luksOpen "$src" "$dst" <&1 2>/dev/null && success || failure
- rc=$?
- else
- mount_point="$(find_crypto_mount_point $dst)"
- [ -n "$mount_point" ] || mount_point=${src##*/}
- prompt=$(printf $"%s is password protected" "$mount_point")
- plymouth ask-for-password --prompt "$prompt" --command="/sbin/cryptsetup luksOpen -T1 $src $dst" <&1
- rc=$?
- fi
- else
- if [ -z "$key" ]; then
- mount_point="$(find_crypto_mount_point $dst)"
- [ -n "$mount_point" ] || mount_point=${src##*/}
- prompt=$(printf $"%s is password protected" "$mount_point")
- plymouth ask-for-password --prompt "$prompt" --command="/sbin/cryptsetup $params create $dst $src" <&1
- rc=$?
- else
- /sbin/cryptsetup $params ${key:+-d $key} create "$dst" "$src" <&1 2>/dev/null && success || failure
- rc=$?
- fi
- fi
- if [ $rc -ne 0 ]; then
- ret=1
- continue
- fi
- if [ -b "/dev/mapper/$dst" ]; then
- if [ "$makeswap" = "yes" ]; then
- mkswap "/dev/mapper/$dst" 2>/dev/null >/dev/null
- fi
- if [ "$mke2fs" = "yes" ]; then
- if mke2fs "/dev/mapper/$dst" 2>/dev/null >/dev/null \
- && mdir=$(mktemp -d /tmp/mountXXXXXX); then
- mount "/dev/mapper/$dst" "$mdir" && chmod 1777 "$mdir"
- umount "$mdir"
- rmdir "$mdir"
- fi
- fi
- fi
- done < /etc/crypttab
- return $ret
-}
-
# A sed expression to filter out the files that is_ignored_file recognizes
__sed_discard_ignored_files='/\(~\|\.bak\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d'