diff options
| author |   Martin Schlemmer <azarah@gentoo.org> | 2005-03-01 23:25:14 +0000 |
|---|---|---|
| committer | Martin Schlemmer <azarah@gentoo.org> | 2005-03-01 23:25:14 +0000 |
| commit | ab62db1528079c719d308fce236399bd9752bce6 (patch) | |
| tree | 6859db958acd9d7ad5a6abae336d5f3726101815 | |
| parent | version bump (diff) | |
| download | gentoo-2-ab62db1528079c719d308fce236399bd9752bce6.tar.gz gentoo-2-ab62db1528079c719d308fce236399bd9752bce6.tar.bz2 gentoo-2-ab62db1528079c719d308fce236399bd9752bce6.zip | |
Add cryptfs conf.d file and addon scripts.
(Portage version: 2.0.51.18)
| -rw-r--r-- | sys-fs/cryptsetup/ChangeLog | 9 | ||||
| -rw-r--r-- | sys-fs/cryptsetup/Manifest | 7 | ||||
| -rw-r--r-- | sys-fs/cryptsetup/cryptsetup-0.1-r1.ebuild | 48 | ||||
| -rw-r--r-- | sys-fs/cryptsetup/files/cryptfs.confd | 31 | ||||
| -rw-r--r-- | sys-fs/cryptsetup/files/digest-cryptsetup-0.1-r1 | 1 | ||||
| -rw-r--r-- | sys-fs/cryptsetup/files/dm-crypt-start.sh | 142 | ||||
| -rw-r--r-- | sys-fs/cryptsetup/files/dm-crypt-stop.sh | 49 |
7 files changed, 285 insertions, 2 deletions
diff --git a/sys-fs/cryptsetup/ChangeLog b/sys-fs/cryptsetup/ChangeLog index d855f78cec1c..fffc41090b2b 100644 --- a/sys-fs/cryptsetup/ChangeLog +++ b/sys-fs/cryptsetup/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-fs/cryptsetup # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup/ChangeLog,v 1.6 2005/03/01 14:57:50 pylon Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup/ChangeLog,v 1.7 2005/03/01 23:25:14 azarah Exp $ + +*cryptsetup-0.1-r1 (02 Mar 2005) + + 02 Mar 2005; Martin Schlemmer <azarah@gentoo.org> +files/cryptfs.confd, + +files/dm-crypt-start.sh, +files/dm-crypt-stop.sh, + +cryptsetup-0.1-r1.ebuild: + Add cryptfs conf.d file and addon scripts. 01 Mar 2005; Lars Weiler <pylon@gentoo.org> cryptsetup-0.1.ebuild: Stable on ppc. diff --git a/sys-fs/cryptsetup/Manifest b/sys-fs/cryptsetup/Manifest index 2af80df204d8..81c611ea06c7 100644 --- a/sys-fs/cryptsetup/Manifest +++ b/sys-fs/cryptsetup/Manifest @@ -1,4 +1,9 @@ MD5 4b394b3a2ae28d2ab9d1e08e5fa32ebd ChangeLog 901 -MD5 ce05c82b34956de5608a31a5ef6d3606 cryptsetup-0.1.ebuild 1154 +MD5 5426947e14919ad7ee5bce978d37022e cryptsetup-0.1-r1.ebuild 1287 MD5 5be5a7266a46591bb4db0cacd9ac8af3 metadata.xml 226 +MD5 ce05c82b34956de5608a31a5ef6d3606 cryptsetup-0.1.ebuild 1154 +MD5 d85f2d4d555fe364600e5a1d0e445945 files/cryptfs.confd 1130 MD5 959c303c3bfeab6c12e28ae4e16400b3 files/digest-cryptsetup-0.1 67 +MD5 de754dab521ab7d05275dcc3e5517960 files/dm-crypt-start.sh 3648 +MD5 b0d18980d87be6e873a369012128fc43 files/dm-crypt-stop.sh 1081 +MD5 959c303c3bfeab6c12e28ae4e16400b3 files/digest-cryptsetup-0.1-r1 67 diff --git a/sys-fs/cryptsetup/cryptsetup-0.1-r1.ebuild b/sys-fs/cryptsetup/cryptsetup-0.1-r1.ebuild new file mode 100644 index 000000000000..ddda2aefcb17 --- /dev/null +++ b/sys-fs/cryptsetup/cryptsetup-0.1-r1.ebuild @@ -0,0 +1,48 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup/cryptsetup-0.1-r1.ebuild,v 1.1 2005/03/01 23:25:14 azarah Exp $ + +DESCRIPTION="Tool to setup encrypted devices with dm-crypt" +HOMEPAGE="http://www.saout.de/misc/dm-crypt/" +SRC_URI="http://www.saout.de/misc/dm-crypt/${PN}-${PV}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~ppc ~amd64" + +DEPEND=">=sys-fs/device-mapper-1.00.07-r1 + >=dev-libs/libgcrypt-1.1.42" + +IUSE="" + +S=${WORKDIR}/${PN}-${PV} + +pkg_setup() { + if ! grep CONFIG_DM_CRYPT /usr/src/linux/.config > /dev/null 2>&1 + then + ewarn "dm-crypt is not enabled in /usr/src/linux/.config" + ewarn "please see $HOMEPAGE" + ewarn "for details on how to enable dm-crypt for your kernel" + fi +} + +src_compile() { + cd ${S} + + econf --bindir=/bin --disable-nls|| die + + sed -i -e 's|-lgcrypt|/usr/lib/libgcrypt.a|' Makefile src/Makefile + sed -i -e 's|-lgpg-error|/usr/lib/libgpg-error.a|' Makefile src/Makefile + sed -i -e 's|-lpopt|/usr/lib/libpopt.a|' src/Makefile + + emake || die +} + +src_install() { + make DESTDIR=${D} install + + newconfd ${FILESDIR}/cryptfs.confd cryptfs + insinto /lib/rcscripts/addons + doins "${FILESDIR}"/dm-crypt-start.sh + doins "${FILESDIR}"/dm-crypt-stop.sh +} diff --git a/sys-fs/cryptsetup/files/cryptfs.confd b/sys-fs/cryptsetup/files/cryptfs.confd new file mode 100644 index 000000000000..a11e116f9245 --- /dev/null +++ b/sys-fs/cryptsetup/files/cryptfs.confd @@ -0,0 +1,31 @@ +# /etc/conf.d/cryptfs +# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup/files/cryptfs.confd,v 1.1 2005/03/01 23:25:14 azarah Exp $ + +# Note regarding the syntax of this file. This file is *almost* bash, +# but each line is evaluated separately. Separate swaps/mounts can be +# specified. The init-script which reads this file assumes that a +# swap= or mount= line starts a new section, similar to lilo or grub +# configuration. + +# Swap partitions. These should come first so that no keys make their +# way into unencrypted swap. +# If no options are given, they will default to: -c aes -h sha1 -d /dev/urandom +# If no makefs is given then mkswap will be assumed +#swap=crypt-swap +#source='/dev/main/swap' + +# Mounts +# If no options are given, they will default to: -c aes -h sha1 +# No mkfs is run unless you specify a makefs option +#mount=crypt-tmp +#source='/dev/main/tmp' +#options='-d /dev/urandom' +#pre_mount='/sbin/mkreiserfs -f -f ${dev}' +#post_mount='chown root:root ${mount_point}; chmod 1777 ${mount_point}' + +# Loopback file example + +#mount='home-crypt' +#source='/dev/loop0' +#options='-c serpent -s 256' +#loop_file='/mnt/crypt/home' diff --git a/sys-fs/cryptsetup/files/digest-cryptsetup-0.1-r1 b/sys-fs/cryptsetup/files/digest-cryptsetup-0.1-r1 new file mode 100644 index 000000000000..e129539b0444 --- /dev/null +++ b/sys-fs/cryptsetup/files/digest-cryptsetup-0.1-r1 @@ -0,0 +1 @@ +MD5 c813ca6b5e8ecd9a48ec126c3b8ce857 cryptsetup-0.1.tar.bz2 249013 diff --git a/sys-fs/cryptsetup/files/dm-crypt-start.sh b/sys-fs/cryptsetup/files/dm-crypt-start.sh new file mode 100644 index 000000000000..a6b98fe5981f --- /dev/null +++ b/sys-fs/cryptsetup/files/dm-crypt-start.sh @@ -0,0 +1,142 @@ +# /lib/rcscripts/dm-crypt-start.sh: +# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup/files/dm-crypt-start.sh,v 1.1 2005/03/01 23:25:14 azarah Exp $ + +# Setup mappings for an individual mount/swap +# +# Note: This relies on variables localized in the main body below. +dm-crypt-execute-checkfs() { + local dev target + + if [[ -n ${loop_file} ]] ; then + dev="/dev/mapper/${target}" + ebegin " Setting up loop device ${source}" + /sbin/losetup ${source} ${loop_file} + fi + + if [[ -n ${mount} ]] ; then + target=${mount} + : ${options:='-c aes -h sha1'} + [[ -n ${key} ]] && : ${gpg_options:='-q -d'} + elif [[ -n ${swap} ]] ; then + target=${swap} + : ${options:='-c aes -h sha1 -d /dev/urandom'} + : ${pre_mount:='mkswap ${dev}'} + else + return + fi + + if /bin/cryptsetup status ${target} | egrep -q '\<active:'; then + einfo "dm-crypt mapping ${target} is already configured" + return + fi + + ebegin "dm-crypt map ${target}" + if [[ -z ${key} ]] ; then + /bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console + eend $? "failure running cryptsetup" + else + if [[ -x /usr/bin/gpg ]] ; then + retval=1 + while [[ $retval -gt 0 ]] ; do + keystring=$(gpg ${gpg_options} ${key} 2>/dev/null </dev/console) + if [[ -z ${keystring} ]] ; then + retval=5 + else + /bin/cryptsetup ${options} create ${target} ${source} << EOF +${keystring} +EOF + retval=$? + fi + done + eend $retval + else + einfo "You have to install app-crypt/gpg first" + fi + fi + if [[ $? != 0 ]] ; then + cryptfs_status=1 + else + if [[ -n ${pre_mount} ]] ; then + dev="/dev/mapper/${target}" + ebegin " Running pre_mount commands for ${target}" + eval "${pre_mount}" > /dev/null + ewend $? || cryptfs_status=1 + fi + fi +} + +# Run any post_mount commands for an individual mount +# +# Note: This relies on variables localized in the main body below. +dm-crypt-execute-localmount() { + local mount_point target + + if [[ -n ${mount} && -n ${post_mount} ]] ; then + target=${mount} + else + return + fi + + if ! /bin/cryptsetup status ${target} | egrep -q '\<active:'; then + ewarn "Skipping unmapped target ${target}" + cryptfs_status=1 + return + fi + + mount_point=$(grep "/dev/mapper/${target}" /proc/mounts | cut -d' ' -f2) + if [[ -z ${mount_point} ]] ; then + ewarn "Failed to find mount point for ${target}, skipping" + cryptfs_status=1 + fi + + if [[ -n ${post_mount} ]] ; then + ebegin "Running post_mount commands for target ${target}" + eval "${post_mount}" >/dev/null + eend $? || cryptfs_status=1 + fi +} + +local cryptfs_status=0 +local gpg_options key loop_file mount mountline options pre_mount post_mount source swap + +if [[ -f /etc/conf.d/cryptfs ]] && [[ -x /bin/cryptsetup ]] ; then + ebegin "Setting up dm-crypt mappings" + + while read mountline; do + # skip comments and blank lines + [[ ${mountline}\# == \#* ]] && continue + + # check for the start of a new mount/swap + case ${mountline} in + mount=*|swap=*) + # If we have a mount queued up, then execute it + dm-crypt-execute-${myservice} + + # Prepare for the next mount/swap by resetting variables + unset gpg_options key loop_file mount options pre_mount post_mount source swap + ;; + + gpg_options=*|key=*|loop_file=*|options=*|pre_mount=*|post_mount=*|source=*) + if [[ -z ${mount} && -z ${swap} ]] ; then + ewarn "Ignoring setting outside mount/swap section: ${mountline}" + continue + fi + ;; + + *) + ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}" + ;; + esac + + # Queue this setting for the next call to dm-crypt-execute-${myservice} + eval "${mountline}" + done < /etc/conf.d/cryptfs + + # If we have a mount queued up, then execute it + dm-crypt-execute-${myservice} + + ewend ${cryptfs_status} "Failed to setup dm-crypt devices" +fi + + +# vim:ts=4 diff --git a/sys-fs/cryptsetup/files/dm-crypt-stop.sh b/sys-fs/cryptsetup/files/dm-crypt-stop.sh new file mode 100644 index 000000000000..ce25f830f235 --- /dev/null +++ b/sys-fs/cryptsetup/files/dm-crypt-stop.sh @@ -0,0 +1,49 @@ +# /lib/rcscripts/addons/dm-crypt-stop.sh +# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup/files/dm-crypt-stop.sh,v 1.1 2005/03/01 23:25:14 azarah Exp $ + +# Try to remove any dm-crypt mappings +if [ -f /etc/conf.d/cryptfs ] && [ -x /bin/cryptsetup ] +then + einfo "Removing dm-crypt mappings" + + /bin/egrep "^(mount|swap)" /etc/conf.d/cryptfs | \ + while read mountline + do + mount= + swap= + target= + + eval ${mountline} + + if [ -n "${mount}" ] + then + target=${mount} + elif [ -n "${swap}" ] + then + target=${swap} + else + ewarn "Invalid line in /etc/conf.d/cryptfs: ${mountline}" + fi + + ebegin "Removing dm-crypt mapping for: ${target}" + /bin/cryptsetup remove ${target} + eend $? "Failed to remove dm-crypt mapping for: ${target}" + done + + if [[ -n $(/bin/egrep -e "^(source=)./dev/loop*" /etc/conf.d/cryptfs) ]] ; then + einfo "Taking down any dm-crypt loop devices" + /bin/egrep -e "^(source)" /etc/conf.d/cryptfs | while read sourceline + do + source= + eval ${sourceline} + if [[ -n $(echo ${source} | grep /dev/loop) ]] ; then + ebegin " Taking down ${source}" + /sbin/losetup -d ${source} + eend $? " Failed to remove loop" + fi + done + fi +fi + + +# vim:ts=4 |