summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBenjamin Smee <strerror@gentoo.org>2005-06-01 23:10:17 +0000
committerBenjamin Smee <strerror@gentoo.org>2005-06-01 23:10:17 +0000
commit504b6a58df610d74aff223f3fbc0702d6f40bf2a (patch)
tree7c1d93663cb44788ce2f534d1c588421471736a3 /sys-fs/cryptsetup-luks
parentstabilize (diff)
downloadgentoo-2-504b6a58df610d74aff223f3fbc0702d6f40bf2a.tar.gz
gentoo-2-504b6a58df610d74aff223f3fbc0702d6f40bf2a.tar.bz2
gentoo-2-504b6a58df610d74aff223f3fbc0702d6f40bf2a.zip
Initial import. Based on ebuild by Fruhwirth Clemens
(Portage version: 2.0.51.19)
Diffstat (limited to 'sys-fs/cryptsetup-luks')
-rw-r--r--sys-fs/cryptsetup-luks/ChangeLog10
-rw-r--r--sys-fs/cryptsetup-luks/cryptsetup-luks-1.0.ebuild73
-rw-r--r--sys-fs/cryptsetup-luks/files/digest-cryptsetup-luks-1.01
-rw-r--r--sys-fs/cryptsetup-luks/files/dm-crypt-start.sh146
-rw-r--r--sys-fs/cryptsetup-luks/files/dm-crypt-stop.sh51
-rw-r--r--sys-fs/cryptsetup-luks/metadata.xml8
6 files changed, 289 insertions, 0 deletions
diff --git a/sys-fs/cryptsetup-luks/ChangeLog b/sys-fs/cryptsetup-luks/ChangeLog
new file mode 100644
index 000000000000..23e1ace8954d
--- /dev/null
+++ b/sys-fs/cryptsetup-luks/ChangeLog
@@ -0,0 +1,10 @@
+# ChangeLog for sys-fs/cryptsetup-luks
+# Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup-luks/ChangeLog,v 1.1 2005/06/01 23:10:17 strerror Exp $
+
+*cryptsetup-luks-1.0 (02 Jun 2005)
+
+ 02 Jun 2005; Benjamin Smee <strerror@gentoo.org> +files/dm-crypt-start.sh,
+ +files/dm-crypt-stop.sh, +metadata.xml, +cryptsetup-luks-1.0.ebuild:
+ Initial import. Based on ebuild by Fruhwirth Clemens
+
diff --git a/sys-fs/cryptsetup-luks/cryptsetup-luks-1.0.ebuild b/sys-fs/cryptsetup-luks/cryptsetup-luks-1.0.ebuild
new file mode 100644
index 000000000000..14bfb125f5a6
--- /dev/null
+++ b/sys-fs/cryptsetup-luks/cryptsetup-luks-1.0.ebuild
@@ -0,0 +1,73 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header:
+
+inherit linux-info eutils multilib flag-o-matic
+
+DESCRIPTION="Tool to setup encrypted devices with dm-crypt"
+HOMEPAGE="http://clemens.endorphin.org/LUKS/"
+SRC_URI="http://luks.endorphin.org/source/${PN}-${PV}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~x86"
+
+DEPEND=">=sys-fs/device-mapper-1.00.07-r1
+ >=dev-libs/libgcrypt-1.1.42
+ >=dev-libs/libgpg-error-1.0-r1
+ !sys-fs/cryptsetup"
+
+IUSE="static"
+
+dm-crypt_check() {
+ ebegin "Checking for dm-crypt support"
+ linux_chkconfig_present DM_CRYPT
+ eend $?
+
+ if [[ $? -ne 0 ]] ; then
+ ewarn "cryptsetup requires dm-crypt support!"
+ ewarn "Please enable dm-crypt support in your kernel config, found at:"
+ ewarn "(for 2.6 kernels)"
+ ewarn
+ ewarn " Device Drivers"
+ ewarn " Multi-Device Support"
+ ewarn " Device mapper support"
+ ewarn " [*] Crypt Target Support"
+ ewarn
+ ewarn "and recompile your kernel if you want this package to work with this kernel"
+ epause 5
+ fi
+}
+
+pkg_setup() {
+ linux-info_pkg_setup
+ dm-crypt_check;
+}
+
+src_compile() {
+ cd ${S}
+
+ if use static ; then
+ append-ldflags -static
+ econf --sbindir=/bin --enable-static --disable-nls || die
+ else
+ ewarn "If you need cryptsetup for an initrd or initramfs then you"
+ ewarn "should emerge cryptsetup-luks with USE="static""
+ epause 5
+ econf --sbindir=/bin --disable-static --disable-nls || die
+
+ sed -i \
+ -e "s|-lgcrypt|/usr/$(get_libdir)/libgcrypt.a|" \
+ -e "s|-lgpg-error|/usr/$(get_libdir)/libgpg-error.a|" \
+ Makefile src/Makefile
+ sed -i -e "s|-lpopt|/usr/$(get_libdir)/libpopt.a|" src/Makefile
+ fi
+
+ emake || die
+}
+
+src_install() {
+ make DESTDIR="${D}" install || die "install failed"
+ insinto /lib/rcscripts/addons
+ doins "${FILESDIR}"/dm-crypt-{start,stop}.sh
+}
diff --git a/sys-fs/cryptsetup-luks/files/digest-cryptsetup-luks-1.0 b/sys-fs/cryptsetup-luks/files/digest-cryptsetup-luks-1.0
new file mode 100644
index 000000000000..0f344f4e1954
--- /dev/null
+++ b/sys-fs/cryptsetup-luks/files/digest-cryptsetup-luks-1.0
@@ -0,0 +1 @@
+MD5 62c4bff081e470fb2c9a0f2cb890e613 cryptsetup-luks-1.0.tar.bz2 282675
diff --git a/sys-fs/cryptsetup-luks/files/dm-crypt-start.sh b/sys-fs/cryptsetup-luks/files/dm-crypt-start.sh
new file mode 100644
index 000000000000..c735fc795bc5
--- /dev/null
+++ b/sys-fs/cryptsetup-luks/files/dm-crypt-start.sh
@@ -0,0 +1,146 @@
+# /lib/rcscripts/addons/dm-crypt-start.sh
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup-luks/files/dm-crypt-start.sh,v 1.1 2005/06/01 23:10:17 strerror Exp $
+
+# Setup mappings for an individual mount/swap
+#
+# Note: This relies on variables localized in the main body below.
+dm-crypt-execute-checkfs() {
+ local dev target ret
+
+ if [[ -n ${loop_file} ]] ; then
+ dev="/dev/mapper/${target}"
+ ebegin " Setting up loop device ${source}"
+ /sbin/losetup ${source} ${loop_file}
+ fi
+
+ if [[ -n ${mount} ]] ; then
+ target=${mount}
+ : ${options:='-c aes -h sha1'}
+ [[ -n ${key} ]] && : ${gpg_options:='-q -d'}
+ elif [[ -n ${swap} ]] ; then
+ target=${swap}
+ : ${options:='-c aes -h sha1 -d /dev/urandom'}
+ : ${pre_mount:='mkswap ${dev}'}
+ else
+ return
+ fi
+
+ if /bin/cryptsetup status ${target} | egrep -q '\<active:' ; then
+ einfo "dm-crypt mapping ${target} is already configured"
+ return
+ fi
+
+ splash svc_input_begin checkfs
+ ebegin "dm-crypt map ${target}"
+ if [[ -z ${key} ]] ; then
+ /bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console
+ ret=$?
+ eend ${ret} "failure running cryptsetup"
+ else
+ if type -p gpg >/dev/null ; then
+ ret=1
+ while [[ ${ret} -gt 0 ]] ; do
+ keystring=$(gpg ${gpg_options} ${key} 2>/dev/null </dev/console)
+ if [[ -z ${keystring} ]] ; then
+ ret=5
+ else
+ echo ${keystring} | /bin/cryptsetup ${options} create ${target} ${source}
+ ret=$?
+ fi
+ done
+ eend ${ret}
+ else
+ einfo "You have to install app-crypt/gpg first"
+ fi
+ fi
+ splash svc_input_end checkfs
+
+ if [[ ${ret} != 0 ]] ; then
+ cryptfs_status=1
+ else
+ if [[ -n ${pre_mount} ]] ; then
+ dev="/dev/mapper/${target}"
+ ebegin " Running pre_mount commands for ${target}"
+ eval "${pre_mount}" > /dev/null
+ ewend $? || cryptfs_status=1
+ fi
+ fi
+}
+
+# Run any post_mount commands for an individual mount
+#
+# Note: This relies on variables localized in the main body below.
+dm-crypt-execute-localmount() {
+ local mount_point target
+
+ if [[ -n ${mount} && -n ${post_mount} ]] ; then
+ target=${mount}
+ else
+ return
+ fi
+
+ if ! /bin/cryptsetup status ${target} | egrep -q '\<active:' ; then
+ ewarn "Skipping unmapped target ${target}"
+ cryptfs_status=1
+ return
+ fi
+
+ mount_point=$(grep "/dev/mapper/${target}" /proc/mounts | cut -d' ' -f2)
+ if [[ -z ${mount_point} ]] ; then
+ ewarn "Failed to find mount point for ${target}, skipping"
+ cryptfs_status=1
+ fi
+
+ if [[ -n ${post_mount} ]] ; then
+ ebegin "Running post_mount commands for target ${target}"
+ eval "${post_mount}" >/dev/null
+ eend $? || cryptfs_status=1
+ fi
+}
+
+local cryptfs_status=0
+local gpg_options key loop_file mount mountline options pre_mount post_mount source swap
+
+if [[ -f /etc/conf.d/cryptfs ]] && [[ -x /bin/cryptsetup ]] ; then
+ ebegin "Setting up dm-crypt mappings"
+
+ while read mountline ; do
+ # skip comments and blank lines
+ [[ ${mountline}\# == \#* ]] && continue
+
+ # check for the start of a new mount/swap
+ case ${mountline} in
+ mount=*|swap=*)
+ # If we have a mount queued up, then execute it
+ dm-crypt-execute-${myservice}
+
+ # Prepare for the next mount/swap by resetting variables
+ unset gpg_options key loop_file mount options pre_mount post_mount source swap
+ ;;
+
+ gpg_options=*|key=*|loop_file=*|options=*|pre_mount=*|post_mount=*|source=*)
+ if [[ -z ${mount} && -z ${swap} ]] ; then
+ ewarn "Ignoring setting outside mount/swap section: ${mountline}"
+ continue
+ fi
+ ;;
+
+ *)
+ ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}"
+ ;;
+ esac
+
+ # Queue this setting for the next call to dm-crypt-execute-${myservice}
+ eval "${mountline}"
+ done < /etc/conf.d/cryptfs
+
+ # If we have a mount queued up, then execute it
+ dm-crypt-execute-${myservice}
+
+ ewend ${cryptfs_status} "Failed to setup dm-crypt devices"
+fi
+
+
+# vim:ts=4
diff --git a/sys-fs/cryptsetup-luks/files/dm-crypt-stop.sh b/sys-fs/cryptsetup-luks/files/dm-crypt-stop.sh
new file mode 100644
index 000000000000..8c9f262e0b95
--- /dev/null
+++ b/sys-fs/cryptsetup-luks/files/dm-crypt-stop.sh
@@ -0,0 +1,51 @@
+# /lib/rcscripts/addons/dm-crypt-stop.sh
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup-luks/files/dm-crypt-stop.sh,v 1.1 2005/06/01 23:10:17 strerror Exp $
+
+# Try to remove any dm-crypt mappings
+if [ -f /etc/conf.d/cryptfs ] && [ -x /bin/cryptsetup ]
+then
+ einfo "Removing dm-crypt mappings"
+
+ /bin/egrep "^(mount|swap)" /etc/conf.d/cryptfs | \
+ while read mountline
+ do
+ mount=
+ swap=
+ target=
+
+ eval ${mountline}
+
+ if [ -n "${mount}" ]
+ then
+ target=${mount}
+ elif [ -n "${swap}" ]
+ then
+ target=${swap}
+ else
+ ewarn "Invalid line in /etc/conf.d/cryptfs: ${mountline}"
+ fi
+
+ ebegin "Removing dm-crypt mapping for: ${target}"
+ /bin/cryptsetup remove ${target}
+ eend $? "Failed to remove dm-crypt mapping for: ${target}"
+ done
+
+ if [[ -n $(/bin/egrep -e "^(source=)./dev/loop*" /etc/conf.d/cryptfs) ]] ; then
+ einfo "Taking down any dm-crypt loop devices"
+ /bin/egrep -e "^(source)" /etc/conf.d/cryptfs | while read sourceline
+ do
+ source=
+ eval ${sourceline}
+ if [[ -n $(echo ${source} | grep /dev/loop) ]] ; then
+ ebegin " Taking down ${source}"
+ /sbin/losetup -d ${source}
+ eend $? " Failed to remove loop"
+ fi
+ done
+ fi
+fi
+
+
+# vim:ts=4
diff --git a/sys-fs/cryptsetup-luks/metadata.xml b/sys-fs/cryptsetup-luks/metadata.xml
new file mode 100644
index 000000000000..b35f15da41c5
--- /dev/null
+++ b/sys-fs/cryptsetup-luks/metadata.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+<herd>base-system</herd>
+<maintainer>
+ <email>strerror@gentoo.org</email>
+</maintainer>
+</pkgmetadata>