Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1

slackit-ml

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1

From:	Conraid
Subject:	Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1
Date:	Thu, 13 Nov 2008 16:11:15 +0100
User-agent:	Mutt/1.5.18 (2008-05-17)

* Diario del capitano. Data astrale 13 November 2008.
rikofert ha scritto:
> Marco Bonetti ha scritto:
> > ti assicuro che funziona. hai seguito alla lettera le istruzioni
> > http://slackware.osuosl.org/slackware-12.1/README_CRYPT.TXT 
> 
> ma tu lo usi? hai filesystem cryptati e ti presenta "Enter passphrase: "
> prompt all'avvio?

io lo uso e funziona. Anche se adesso ho la -current.
E secono me quel fi va bene

Questo è della 12.1

# Open any volumes created by cryptsetup:
if [ -f /etc/crypttab -a -x /sbin/cryptsetup.static ]; then
  # First, check for device-mapper support.
  if ! grep -wq device-mapper /proc/devices ; then
    # If device-mapper exists as a module, try to load it.
    # Try to load a device-mapper kernel module:
    /sbin/modprobe -q dm-mod
  fi
  # NOTE: we only support LUKS formatted volumes (except for swap)!
  cat /etc/crypttab | grep -v "^#" | grep -v "^$" | while read line; do
    LUKS=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f1 -d' ')
    DEV=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f2 -d' ')
    PASS=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f3 -d' ')
    OPTS=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f4 -d' ')
    LUKSOPTS=""
    if echo $OPTS | grep -wq ro ; then LUKSOPTS="${LUKSOPTS} --readonly"
; fi

    # Skip LUKS volumes that were already unlocked (in the initrd):
    /sbin/cryptsetup.static status $LUKS 1>/dev/null 2>/dev/null &&
continue
    if /sbin/cryptsetup.static isLuks $DEV 2>/dev/null ; then
      echo "Unlocking LUKS crypt volume '${LUKS}' on device '$DEV':"
      if [ -n "${PASS}" ]; then
        if [ -f ${PASS} ]; then
          /sbin/cryptsetup.static ${LUKSOPTS} --key-file=${PASS}
luksOpen $DEV $LUKS
        elif [ "${PASS}" != "none" ]; then
          # A password field of 'none' indicates a line for swap:
          echo "${PASS}" | /sbin/cryptsetup.static ${LUKSOPTS} luksOpen
$DEV $LUKS
        fi
      else
        for i in seq 1 3 ; do
          /sbin/cryptsetup.static ${LUKSOPTS} luksOpen $DEV $LUKS
</dev/tty0 >/dev/tty0 2>&1
          [ $? -eq 0 ] && break
        done
      fi
    elif echo $OPTS | grep -wq swap ; then
      # If any of the volumes is to be used as encrypted swap,
      # then encrypt it using a random key and run mkswap:
      echo "Creating encrypted swap on device '$DEV' mapped to
'${LUKS}':"
      /sbin/cryptsetup.static --cipher=aes --key-file=/dev/urandom
--key-size=256 create $LUKS $DEV
      mkswap /dev/mapper/$LUKS
    fi
  done
fi



Questo è della current

# Open any volumes created by cryptsetup:
if [ -f /etc/crypttab -a -x /sbin/cryptsetup.static ]; then
  # First, check for device-mapper support.
  if ! grep -wq device-mapper /proc/devices ; then
    # If device-mapper exists as a module, try to load it.
    # Try to load a device-mapper kernel module:
    /sbin/modprobe -q dm-mod
  fi
  # NOTE: we only support LUKS formatted volumes (except for swap)!
  cat /etc/crypttab | grep -v "^#" | grep -v "^$" | while read line; do
    LUKS=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f1 -d' ')
    DEV=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f2 -d' ')
    PASS=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f3 -d' ')
    OPTS=$(echo $line | tr '\t' ' ' | tr -s ' ' | cut -f4 -d' ')
    LUKSOPTS=""
    if echo $OPTS | grep -wq ro ; then LUKSOPTS="${LUKSOPTS} --readonly"
; fi

    # Skip LUKS volumes that were already unlocked (in the initrd):
    /sbin/cryptsetup.static status $LUKS 1>/dev/null 2>/dev/null &&
continue
    if /sbin/cryptsetup.static isLuks $DEV 2>/dev/null ; then
      echo "Unlocking LUKS crypt volume '${LUKS}' on device '$DEV':"
      if [ -n "${PASS}" ]; then
        if [ -f ${PASS} ]; then
          /sbin/cryptsetup.static ${LUKSOPTS} --key-file=${PASS}
luksOpen $DEV $LUKS
        elif [ "${PASS}" != "none" ]; then
          # A password field of 'none' indicates a line for swap:
          echo "${PASS}" | /sbin/cryptsetup.static ${LUKSOPTS} luksOpen
$DEV $LUKS
        fi
      else
        for i in seq 1 3 ; do
          /sbin/cryptsetup.static ${LUKSOPTS} luksOpen $DEV $LUKS
</dev/tty0 >/dev/tty0 2>&1
          [ $? -eq 0 ] && break
        done
      fi
    elif echo $OPTS | grep -wq swap ; then
      # If any of the volumes is to be used as encrypted swap,
      # then encrypt it using a random key and run mkswap:
      echo "Creating encrypted swap on device '$DEV' mapped to
'${LUKS}':"
      /sbin/cryptsetup.static --cipher=aes --key-file=/dev/urandom
--key-size=256 create $LUKS $DEV
      mkswap /dev/mapper/$LUKS
    fi
  done
fi


E ti assicuro che funzionano.
Mi compare la richiesta password e monta la partizione /home, nonché la
swap automaticamente (cioè senza chiedere password)

-- 
Io sono per la liberta' di parola: basta che stiano zitti.
                - "Il pianeta delle scimmie"

[Prev in Thread]

Current Thread

[Next in Thread]

[Slackware.it] bug in /etc/rc.d/rc.S slack12.1, riko, 2008/11/13
- Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1, Marco Bonetti, 2008/11/13
  - Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1, riko, 2008/11/13
    - Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1, Marco Bonetti, 2008/11/13
    - Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1, Giorgio, 2008/11/13
    - Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1, Conraid <=
    - Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1, riko, 2008/11/13
    - Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1, riko, 2008/11/13

Prev by Date: Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1
Next by Date: Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1
Previous by thread: Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1
Next by thread: Re: [Slackware.it] bug in /etc/rc.d/rc.S slack12.1
Index(es):
- Date
- Thread