Bug#247054: Crypto-root patch updated to initrd-tools 0.1.70
"Wesley W. Terpstra" <terpstra@gkec.tu-darmstadt.de> - Sat, Nov 20, 2004:
> > if [ "`dmsetup table disk | awk ' { print $3 } '`" = "crypt" ]; then
> > + devname=$(grep -m 1 "^$dmname[[:space:]]" /etc/crypttab | sed 's/^[^[:space:]]*[[:space:]]\([^[:space:]]*\).*/\1/')
> Yep, both look like a good improvement.
Yeah, I already posted that fix in #247054 as mkinitrd.patch.patch.
Sorry I couldn't test this last week, but I finally tested latest
mkinitrd patches with latest mkinitrd, ie:
- svn version of mkinitrd
- mkinitrd.patch from Wesley W. Terpstra of Mon, 7 Jun 2004 14:45:51
+0200
- mkinitrd.patch.patch from myself of Wed, 11 Aug 2004 16:36:31 +0200
The patch still applies (as I stated previously, and I did not redo the
change you describe above, since that was the purpose of my patch to
the patch.
Attached is a svn diff against current svn which:
- bumps up version number to 0.1.76, closes this bug, resumes the above
patching
- applies all of the above described patches cleanly
mkinitrd now behaves correctly here, but it asks for a passphrase on
boot, where I did not want this behavior. I'm using /dev/urandom as a
key file, and I'm not interested in using a real key protected by a
password.
The end result is that I can install kernel-images where I couldn't,
and my system will boot. The swap can not be used:
bee# swapon /dev/mapper/swap0
swapon: /dev/mapper/swap0: Invalid argument
except if I restart cryptdisks:
bee# /etc/init.d/cryptdisks restart
Stopping crypto disks: swap0(stopping).
Starting crypto disks: swap0(starting).
bee# swapon /dev/mapper/swap0 && echo success
success
This still needs fixing, but it's a far better situation...
Regards,
--
Loïc Minier <lool@dooz.org>
Index: mkinitrd
===================================================================
--- mkinitrd (revision 1946)
+++ mkinitrd (working copy)
@@ -322,8 +322,90 @@
fi
}
+dmcrypt() {
+ local cipher_mode devname submajor subminor
+
+ if ! command -v cryptsetup > /dev/null 2>&1; then
+ echo Root is on a DM crypt device, but cryptsetup not installed >&2
+ fi
+
+ cipher_mode=$(dmsetup table $dmname | cut -d" " -f4)
+
+ echo dm-crypt
+ echo $cipher_mode | cut -d- -f1
+
+ devname=$(grep -m 1 "^$dmname[[:space:]]" /etc/crypttab | sed 's/^[^[:space:]]*[[:space:]]*\([^[:space:]]*\).*/\1/')
+ if [ ! -b ${devname:-/dev/null} ]; then
+ echo \'$dmname\' does not have a valid block device in /etc/crypttab >&2
+ exit 1
+ fi
+
+ eval "$(stat -c 'submajor=$((0x%t)); subminor=$((0x%T))' $(readlink -f "$devname"))"
+
+ if [ $submajor != $(dmsetup deps $dmname | sed 's/^.*(\([0-9]*\), \([0-9]*\))$/\1/') \
+ -o $subminor != $(dmsetup deps $dmname | sed 's/^.*(\([0-9]*\), \([0-9]*\))$/\2/') ]; then
+ echo /etc/crypttab entry for \'$dmname\' does not agree with dmsetup >&2
+ exit 1
+ fi
+
+ getroot $devname
+
+ cat <<EOF >&5
+mount_tmpfs dev2
+
+save_rootdev="\$rootdev"
+save_ROOT="\$ROOT"
+rootdev=$(($submajor*256+$subminor))
+ROOT="$devname"
+get_device
+rootdev="\$save_rootdev"
+ROOT="\$save_ROOT"
+
+export device
+export dmname="$dmname"
+export cipher_mode="$cipher_mode"
+for i in /keyscripts/*; do
+ [ -f "\$i" ] || continue
+ case "\$i" in
+ *.sh)
+ (. \$i)
+ ;;
+ *)
+ \$i
+ ;;
+ esac
+done
+[ -b /dev/mapper/\$dmname ] || \\
+ /sbin/cryptsetup -c \$cipher_mode create \$dmname \$device
+
+umount -n dev2
+EOF
+ {
+ echo /sbin/cryptsetup
+ echo /lib/libdevmapper.so.1.00
+ echo /lib/libpopt.so.0
+ } >&6
+}
+
dm() {
- if command -v lvmiopversion > /dev/null 2>&1; then
+ local dmname
+
+ if ! command -v dmsetup > /dev/null 2>&1; then
+ echo Root is on a DM device, but dmsetup not installed >&2
+ exit 1
+ fi
+
+ dmdev=$(printf "(%d, %d)" $major $minor)
+
+ if ! dmsetup ls | grep -q "$dmdev\$"; then
+ echo Unknown DM device $major:$minor >&2
+ exit 1
+ fi
+
+ dmname=$(dmsetup ls | grep "$dmdev\$" | sed 's/^\([^[:space:]]*\).*$/\1/')
+ if dmsetup table $dmname | grep -q crypt; then
+ dmcrypt
+ elif command -v lvmiopversion > /dev/null 2>&1; then
lvm
elif [ ! -x /etc/mkinitrd/scripts/evms ]; then
echo Unknown DM device $major:$minor >&2
@@ -1135,7 +1217,7 @@
mv script initrd
cd initrd
- mkdir -p dev2 devfs etc mnt proc scripts sys tmp var
+ mkdir -p dev2 devfs etc keyscripts mnt proc scripts sys tmp var
> etc/mtab
Index: debian/changelog
===================================================================
--- debian/changelog (revision 1946)
+++ debian/changelog (working copy)
@@ -1,3 +1,11 @@
+initrd-tools (0.1.76) UNRELEASED; urgency=low
+
+ * Apply patch from Wesley W. Terpstra <terpstra@gkec.tu-darmstadt.de> for
+ mkinitrd dated Mon, 7 Jun 2004 14:45:51 +0200 fixed with my own patch
+ dated Wed, 11 Aug 2004 16:36:31 +0200 (Closes: #247054)
+
+ -- Loic Minier <lool@dooz.org> Sun, 28 Nov 2004 18:42:49 +0100
+
initrd-tools (0.1.75) UNRELEASED; urgency=low
* Jeff Bailey
Reply to: