diff options
author | Benjamin Smee <strerror@gentoo.org> | 2005-06-01 23:10:17 +0000 |
---|---|---|
committer | Benjamin Smee <strerror@gentoo.org> | 2005-06-01 23:10:17 +0000 |
commit | 504b6a58df610d74aff223f3fbc0702d6f40bf2a (patch) | |
tree | 7c1d93663cb44788ce2f534d1c588421471736a3 /sys-fs/cryptsetup-luks | |
parent | stabilize (diff) | |
download | gentoo-2-504b6a58df610d74aff223f3fbc0702d6f40bf2a.tar.gz gentoo-2-504b6a58df610d74aff223f3fbc0702d6f40bf2a.tar.bz2 gentoo-2-504b6a58df610d74aff223f3fbc0702d6f40bf2a.zip |
Initial import. Based on ebuild by Fruhwirth Clemens
(Portage version: 2.0.51.19)
Diffstat (limited to 'sys-fs/cryptsetup-luks')
-rw-r--r-- | sys-fs/cryptsetup-luks/ChangeLog | 10 | ||||
-rw-r--r-- | sys-fs/cryptsetup-luks/cryptsetup-luks-1.0.ebuild | 73 | ||||
-rw-r--r-- | sys-fs/cryptsetup-luks/files/digest-cryptsetup-luks-1.0 | 1 | ||||
-rw-r--r-- | sys-fs/cryptsetup-luks/files/dm-crypt-start.sh | 146 | ||||
-rw-r--r-- | sys-fs/cryptsetup-luks/files/dm-crypt-stop.sh | 51 | ||||
-rw-r--r-- | sys-fs/cryptsetup-luks/metadata.xml | 8 |
6 files changed, 289 insertions, 0 deletions
diff --git a/sys-fs/cryptsetup-luks/ChangeLog b/sys-fs/cryptsetup-luks/ChangeLog new file mode 100644 index 000000000000..23e1ace8954d --- /dev/null +++ b/sys-fs/cryptsetup-luks/ChangeLog @@ -0,0 +1,10 @@ +# ChangeLog for sys-fs/cryptsetup-luks +# Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup-luks/ChangeLog,v 1.1 2005/06/01 23:10:17 strerror Exp $ + +*cryptsetup-luks-1.0 (02 Jun 2005) + + 02 Jun 2005; Benjamin Smee <strerror@gentoo.org> +files/dm-crypt-start.sh, + +files/dm-crypt-stop.sh, +metadata.xml, +cryptsetup-luks-1.0.ebuild: + Initial import. Based on ebuild by Fruhwirth Clemens + diff --git a/sys-fs/cryptsetup-luks/cryptsetup-luks-1.0.ebuild b/sys-fs/cryptsetup-luks/cryptsetup-luks-1.0.ebuild new file mode 100644 index 000000000000..14bfb125f5a6 --- /dev/null +++ b/sys-fs/cryptsetup-luks/cryptsetup-luks-1.0.ebuild @@ -0,0 +1,73 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: + +inherit linux-info eutils multilib flag-o-matic + +DESCRIPTION="Tool to setup encrypted devices with dm-crypt" +HOMEPAGE="http://clemens.endorphin.org/LUKS/" +SRC_URI="http://luks.endorphin.org/source/${PN}-${PV}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86" + +DEPEND=">=sys-fs/device-mapper-1.00.07-r1 + >=dev-libs/libgcrypt-1.1.42 + >=dev-libs/libgpg-error-1.0-r1 + !sys-fs/cryptsetup" + +IUSE="static" + +dm-crypt_check() { + ebegin "Checking for dm-crypt support" + linux_chkconfig_present DM_CRYPT + eend $? + + if [[ $? -ne 0 ]] ; then + ewarn "cryptsetup requires dm-crypt support!" + ewarn "Please enable dm-crypt support in your kernel config, found at:" + ewarn "(for 2.6 kernels)" + ewarn + ewarn " Device Drivers" + ewarn " Multi-Device Support" + ewarn " Device mapper support" + ewarn " [*] Crypt Target Support" + ewarn + ewarn "and recompile your kernel if you want this package to work with this kernel" + epause 5 + fi +} + +pkg_setup() { + linux-info_pkg_setup + dm-crypt_check; +} + +src_compile() { + cd ${S} + + if use static ; then + append-ldflags -static + econf --sbindir=/bin --enable-static --disable-nls || die + else + ewarn "If you need cryptsetup for an initrd or initramfs then you" + ewarn "should emerge cryptsetup-luks with USE="static"" + epause 5 + econf --sbindir=/bin --disable-static --disable-nls || die + + sed -i \ + -e "s|-lgcrypt|/usr/$(get_libdir)/libgcrypt.a|" \ + -e "s|-lgpg-error|/usr/$(get_libdir)/libgpg-error.a|" \ + Makefile src/Makefile + sed -i -e "s|-lpopt|/usr/$(get_libdir)/libpopt.a|" src/Makefile + fi + + emake || die +} + +src_install() { + make DESTDIR="${D}" install || die "install failed" + insinto /lib/rcscripts/addons + doins "${FILESDIR}"/dm-crypt-{start,stop}.sh +} diff --git a/sys-fs/cryptsetup-luks/files/digest-cryptsetup-luks-1.0 b/sys-fs/cryptsetup-luks/files/digest-cryptsetup-luks-1.0 new file mode 100644 index 000000000000..0f344f4e1954 --- /dev/null +++ b/sys-fs/cryptsetup-luks/files/digest-cryptsetup-luks-1.0 @@ -0,0 +1 @@ +MD5 62c4bff081e470fb2c9a0f2cb890e613 cryptsetup-luks-1.0.tar.bz2 282675 diff --git a/sys-fs/cryptsetup-luks/files/dm-crypt-start.sh b/sys-fs/cryptsetup-luks/files/dm-crypt-start.sh new file mode 100644 index 000000000000..c735fc795bc5 --- /dev/null +++ b/sys-fs/cryptsetup-luks/files/dm-crypt-start.sh @@ -0,0 +1,146 @@ +# /lib/rcscripts/addons/dm-crypt-start.sh +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup-luks/files/dm-crypt-start.sh,v 1.1 2005/06/01 23:10:17 strerror Exp $ + +# Setup mappings for an individual mount/swap +# +# Note: This relies on variables localized in the main body below. +dm-crypt-execute-checkfs() { + local dev target ret + + if [[ -n ${loop_file} ]] ; then + dev="/dev/mapper/${target}" + ebegin " Setting up loop device ${source}" + /sbin/losetup ${source} ${loop_file} + fi + + if [[ -n ${mount} ]] ; then + target=${mount} + : ${options:='-c aes -h sha1'} + [[ -n ${key} ]] && : ${gpg_options:='-q -d'} + elif [[ -n ${swap} ]] ; then + target=${swap} + : ${options:='-c aes -h sha1 -d /dev/urandom'} + : ${pre_mount:='mkswap ${dev}'} + else + return + fi + + if /bin/cryptsetup status ${target} | egrep -q '\<active:' ; then + einfo "dm-crypt mapping ${target} is already configured" + return + fi + + splash svc_input_begin checkfs + ebegin "dm-crypt map ${target}" + if [[ -z ${key} ]] ; then + /bin/cryptsetup ${options} create ${target} ${source} >/dev/console </dev/console + ret=$? + eend ${ret} "failure running cryptsetup" + else + if type -p gpg >/dev/null ; then + ret=1 + while [[ ${ret} -gt 0 ]] ; do + keystring=$(gpg ${gpg_options} ${key} 2>/dev/null </dev/console) + if [[ -z ${keystring} ]] ; then + ret=5 + else + echo ${keystring} | /bin/cryptsetup ${options} create ${target} ${source} + ret=$? + fi + done + eend ${ret} + else + einfo "You have to install app-crypt/gpg first" + fi + fi + splash svc_input_end checkfs + + if [[ ${ret} != 0 ]] ; then + cryptfs_status=1 + else + if [[ -n ${pre_mount} ]] ; then + dev="/dev/mapper/${target}" + ebegin " Running pre_mount commands for ${target}" + eval "${pre_mount}" > /dev/null + ewend $? || cryptfs_status=1 + fi + fi +} + +# Run any post_mount commands for an individual mount +# +# Note: This relies on variables localized in the main body below. +dm-crypt-execute-localmount() { + local mount_point target + + if [[ -n ${mount} && -n ${post_mount} ]] ; then + target=${mount} + else + return + fi + + if ! /bin/cryptsetup status ${target} | egrep -q '\<active:' ; then + ewarn "Skipping unmapped target ${target}" + cryptfs_status=1 + return + fi + + mount_point=$(grep "/dev/mapper/${target}" /proc/mounts | cut -d' ' -f2) + if [[ -z ${mount_point} ]] ; then + ewarn "Failed to find mount point for ${target}, skipping" + cryptfs_status=1 + fi + + if [[ -n ${post_mount} ]] ; then + ebegin "Running post_mount commands for target ${target}" + eval "${post_mount}" >/dev/null + eend $? || cryptfs_status=1 + fi +} + +local cryptfs_status=0 +local gpg_options key loop_file mount mountline options pre_mount post_mount source swap + +if [[ -f /etc/conf.d/cryptfs ]] && [[ -x /bin/cryptsetup ]] ; then + ebegin "Setting up dm-crypt mappings" + + while read mountline ; do + # skip comments and blank lines + [[ ${mountline}\# == \#* ]] && continue + + # check for the start of a new mount/swap + case ${mountline} in + mount=*|swap=*) + # If we have a mount queued up, then execute it + dm-crypt-execute-${myservice} + + # Prepare for the next mount/swap by resetting variables + unset gpg_options key loop_file mount options pre_mount post_mount source swap + ;; + + gpg_options=*|key=*|loop_file=*|options=*|pre_mount=*|post_mount=*|source=*) + if [[ -z ${mount} && -z ${swap} ]] ; then + ewarn "Ignoring setting outside mount/swap section: ${mountline}" + continue + fi + ;; + + *) + ewarn "Skipping invalid line in /etc/conf.d/cryptfs: ${mountline}" + ;; + esac + + # Queue this setting for the next call to dm-crypt-execute-${myservice} + eval "${mountline}" + done < /etc/conf.d/cryptfs + + # If we have a mount queued up, then execute it + dm-crypt-execute-${myservice} + + ewend ${cryptfs_status} "Failed to setup dm-crypt devices" +fi + + +# vim:ts=4 diff --git a/sys-fs/cryptsetup-luks/files/dm-crypt-stop.sh b/sys-fs/cryptsetup-luks/files/dm-crypt-stop.sh new file mode 100644 index 000000000000..8c9f262e0b95 --- /dev/null +++ b/sys-fs/cryptsetup-luks/files/dm-crypt-stop.sh @@ -0,0 +1,51 @@ +# /lib/rcscripts/addons/dm-crypt-stop.sh +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup-luks/files/dm-crypt-stop.sh,v 1.1 2005/06/01 23:10:17 strerror Exp $ + +# Try to remove any dm-crypt mappings +if [ -f /etc/conf.d/cryptfs ] && [ -x /bin/cryptsetup ] +then + einfo "Removing dm-crypt mappings" + + /bin/egrep "^(mount|swap)" /etc/conf.d/cryptfs | \ + while read mountline + do + mount= + swap= + target= + + eval ${mountline} + + if [ -n "${mount}" ] + then + target=${mount} + elif [ -n "${swap}" ] + then + target=${swap} + else + ewarn "Invalid line in /etc/conf.d/cryptfs: ${mountline}" + fi + + ebegin "Removing dm-crypt mapping for: ${target}" + /bin/cryptsetup remove ${target} + eend $? "Failed to remove dm-crypt mapping for: ${target}" + done + + if [[ -n $(/bin/egrep -e "^(source=)./dev/loop*" /etc/conf.d/cryptfs) ]] ; then + einfo "Taking down any dm-crypt loop devices" + /bin/egrep -e "^(source)" /etc/conf.d/cryptfs | while read sourceline + do + source= + eval ${sourceline} + if [[ -n $(echo ${source} | grep /dev/loop) ]] ; then + ebegin " Taking down ${source}" + /sbin/losetup -d ${source} + eend $? " Failed to remove loop" + fi + done + fi +fi + + +# vim:ts=4 diff --git a/sys-fs/cryptsetup-luks/metadata.xml b/sys-fs/cryptsetup-luks/metadata.xml new file mode 100644 index 000000000000..b35f15da41c5 --- /dev/null +++ b/sys-fs/cryptsetup-luks/metadata.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> +<herd>base-system</herd> +<maintainer> + <email>strerror@gentoo.org</email> +</maintainer> +</pkgmetadata> |